WebApp
- XSS - session/cookie
- remote code/command excution
- file upload checking
- file permission / php.ini
- Session / Cookie spoofing
- the old CGI
- file / remote file include
- ............../../etc/passwd
- Web BBS
- File Overwrite
- http://a.bad.website/evil_things.html
- XSS