Yestarday I found a “0day” vulnerability into latest version (1.0.2) of “Socialcms” cms (socialcms.com) and created an exploit in order to add an  Administrator account. The vulnerability and related exploit  have been published into Offensive Security Exploit Database. You can find more details here:

http://www.exploit-db.com/author/?a=3557

Other web site have published this “oday” vulnerability:

http://www.allinfosec.com/2012/02/16/webapps-0day-socialcms-csrf-vulnerability
http://www.1337day.com/exploits/17527
http://www.realhacker.net/tag/webapps
http://94hi.com/exploit/html/3244.html