🔓 Vulnerable Test Site

WARNING: This site contains intentional vulnerabilities for security testing only!

Reflected XSS Vulnerabilities

VULN #1: Reflected XSS (GET Parameter 'q') GET parameter
VULN #2: Reflected XSS (GET Parameter 'name') GET parameter in HTML attribute
VULN #3: Reflected XSS (GET Parameter 'comment') GET parameter in JavaScript context
VULN #4: Reflected XSS (POST urlencoded - parameter 'message') POST urlencoded
VULN #5: Reflected XSS (POST multipart - parameter 'description') POST multipart

Open Redirect Vulnerabilities

VULN #11: Open Redirect (parameter 'redirect') GET parameter
VULN #12: Open Redirect (parameter 'url') GET parameter
VULN #13: Open Redirect (parameter 'next') GET parameter

Open Redirect to XSS (Escalation)

VULN #14: Open Redirect to XSS (parameter 'return_url') GET parameter with XSS escalation
VULN #15: Open Redirect to XSS (parameter 'goto') GET parameter with XSS escalation