I found a link about some web applications vulnerability. 1. Chicomos CMS Configuration File Disclosoure 2. Zomplog 3.8.2 Blog Engine Arbitrary Files Download/Disclosoure 3. Wheatlog Blog Engine Auto Create User See below http://kandangjamur.net/tutorial/multiple-application.txt