How To Secure the System?

I've changed a lot from a standard OpenBSD
install in order for these exploits to work.
no chroot
php: register globals, allow url as file

Other standard practices i didn't bother to do
firewall
more restrictive mount points