Nwom topsites v3.0 http://www.nwom.net
Vulnerable files:
Comment input. index.php
SQL info released on error: http://www.example.com/index.php?o='
XSS: http://www.example.com/index.php?o=<IMG%20SRC=javascript:alert(String.fromCharCode(88,83,83))>