a vulnerable website demo with php
developing & exploiting details & patches in
./report.pdf
- Reflected XSS
- Persistent XSS
- File Upload
- SQL Injection
- CSRF
- navbar
- footer
- login
- register
- index
- upload
- search
- guestbook
- trade
index page: list of vulnerabilities
login
search
leave a message in guestbook
XSS:
in search bar
in guestbook
SQL Injection
File Upload
CSRF