Ripe Website Manager (<= 0.8.4) - Cross-Site Scripting and SQL Injection Exploit
discovered by
John Martinelli
Google d0rk: