One of the biggest blogging platforms, which can easily be extended with vulnerable addons, to support a variety of functions - From CMS's to pretty much anything. Within some web applications, themes may contain variables that refer to dynamic elements, while in others like WordPress - Insecure PHP files used for caching and resizing images, are surprisingly quite common.
The popular vBulletin software is generally a quite secure forum application if you exclude the minimal amount of vulnerable addons. However, when new features are occasionally included, such as Profile Customization, a new vulnerability might be born. (more…)