Marijuana's contribution.
Refer the topic also.
http://www.xugj.org/modules/QandA/index.php?topic_id=1564
(1) Invalid regex pattern
html/modules/user/forms/AbstractUserEditForm.class.php
"[\000-\040]"
should be
'[\000-\040]'
moreover
'[\000-\040\177]'
looks better.
(2) Some control codes are leaked
html/class/module.textsanitizer.php
html/include/functions.php...
