Graffiti CMS version 1.x suffers from an arbitrary file upload vulnerability.
6b4900b34f604e733aaea8d21807fccbb643ab1a2bbb8ad7615e3c5c321d6a11
Wordpress MU versions below 1.3.2 active_plugins option code execution exploit.
7a3a21235d51bdc42e6c0752a58a8406a9a623dc11f99413787468d3da4d605c
WordPress version 2.2 arbitrary file upload exploit that makes use of wp-app.php.
e3615ba509c5134cf8c8ab046f0939498ecebfe904efdf37d2c908beacd8ee87