Weblog Oggi v1.0
Homepage: http://www.hotwebscripts.com/index.php
User input isn't sanatized before being dynamically generated. For proof of concept just put <IMG SRC="javascript:alert('XSS');"> in as a comment