Post  Honorable Mention: FCKeditor
FCKeditor is bundled with seems-like everything (ColdFusion, Drupal plugins, WordPress plugins, other random CMSs) and has probably been responsible for countless hacks via file upload issues.
Big O'l list on Exploit-DB
CVEdetails on FCKeditor.
Actually most FCKeditors checks in Nessus I found were either Medium or High (hence honorable mention and not in the talk).
There is a good write-up of a classic case of FCKEditor abuse here: