Nwom topsites v3.0
http://www.nwom.net

Vulnerable files:

Comment input.
index.php

SQL info released on error:
http://www.example.com/index.php?o='

XSS:
http://www.example.com/index.php?o=<IMG%20SRC=javascript:alert(String.fromCharCode(88,83,83))>

- Luny