WebApp

• XSS - session/cookie
• remote code/command excution
• file upload checking
• file permission / php.ini
• Session / Cookie spoofing