Available Vulnerabilities to Test:
🔍 SQL Injection
Location: Login page and search functionality
Payload Examples:
' OR '1'='1admin' -- ' UNION SELECT 1,2,3 --
Test SQLi
🎯 Cross-Site Scripting (XSS)
Location: Comment section
Payload Examples:
<script>alert('XSS')</script><img src=x onerror=alert(1)><svg onload=alert(document.cookie)>
Test XSS
📁 Insecure File Upload
Location: File upload page
Test: Upload PHP shell or malicious files
shell.phptest.jpg.php.htaccess
Test Upload
⚠️ WARNING
This is a deliberately vulnerable application. Do NOT deploy on production servers or servers exposed to the internet.
Use only in isolated lab environments for educational purposes.