PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mb_send_mail() message headers modification, etc.
vulners.com/securityvulns/securityvulns:doc:10466
vulners.com/securityvulns/securityvulns:doc:10467
vulners.com/securityvulns/securityvulns:doc:10468
vulners.com/securityvulns/securityvulns:doc:10469
vulners.com/securityvulns/securityvulns:doc:10470