PHP remote file inclusion vulnerability in index.php in Request It 1.0b allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.
PHP remote file inclusion vulnerability in include/blocks/week_events.php in MyNews 4.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter, a different vector than CVE-2007-0633.
Cross-site scripting (XSS) vulnerability in index.php in JEx-Treme Einfacher Passworschutz allows remote attackers to inject arbitrary web script or HTML via the msg parameter.