Access to user names/passwords, weak passwords encryption, large GET request DoS, directory traversal, SQL injection.
vulners.com/securityvulns/securityvulns:doc:3576
vulners.com/securityvulns/securityvulns:doc:3608