The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enume

joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.

TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.

TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.

joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.

Ogma CMS 0.5 has XSS via creation of a new blog.