Vulnerability on site exists with XML-RPC for PHP (ping back hole and other code injection vulnerabilities on older versions) Should be debugged with the only online debugger known: http://gggeek.altervista.org/sw/xmlrpc/debugger/
polonus