Found a very useful tool today which checks php files for some of the most common vulnerabilities such as mail injection exploits etc.
http://developer.spikesource.com/projects/phpsecaudit
Very simple to use from the command line. Thought I'd share.

p.s If anyone could modify the script to search sub directories it would be very useful!
http://developer.spikesource.com/projects/phpsecaudit
Very simple to use from the command line. Thought I'd share.
p.s If anyone could modify the script to search sub directories it would be very useful!