2z project version 0.9.6.1 suffers from cross site scripting and disclosure vulnerabilities.
a0ec19357f22d28af67d23b22d541023cf8a0a2e6b2e1c052b35ec02d9164937
RunCMS version 1.6 suffers from SQL injection, cross site scripting, predictable session id, and other vulnerabilities.
b34064ee0c706c075f901c12c5c8b27b5a55a34e60ddfb7d5e9ef73515abbee1