There's a rather large list of PHP/MySQL application security alerts on Nexen.net today. Included in the list are things like:

• ATutor print.php section Variable Local File Inclusion
• FlatNuke Index.PHP Cross-Site Scripting Vulnerability
• Mantis Remote PHP File Inclusion and SQL Injection Vulnerabilities
• Nuked-Klan SQL Injection and Cross Site Scripting Vulnerabilities
• PHP-Nuke Search Enhanced Module "query" Cross-Site Scripting
• Snoopy "httpsrequest" Function Remote Command Execution Issue
• TikiWiki: XSS vulnerability
• Woltlab Burning Board "info_db.php" Remote SQL Injection Vulnerability

There are tons of others this week, so be sure to head on over and check out the full list. Protecting and securing your scripts/server is key...