All of the applications of third parties are to be updated and maintained safe with the possible fix given by the respective manufacturers.
Here below we indicate a list of the types of applications known to be vulnerable which are
progressively discovered and used by ill-intentioned people to deface or however provoke damages on the websites which are based on such applications.

Portal and cms systems
(All the *nuke and derivates - phpnuke, postnuke, sfm, invision, aspnuke, wordpress, mambo,
joomla, etc-)

(web wiz, matt, etc)

(phpbb, invision, vbulletin, snitz etc)

(web wiz, modules for cms, etc)

Various modules for cms
(gallery, chat, avatars, upload etc)

ATTENTION- The list is not to be considered complete, as effectively all the applications can be  considered vulnerable.