Share
## https://sploitus.com/exploit?id=36B49F4A-C843-5835-AF2F-122A23975CC1
# XSS Vulnerable PHP (Vanilla)

Intentionally vulnerable vanilla PHP app for learning XSS (Cross-Site Scripting).

## Run

```bash
cd xss-vulnerable-php
php -S localhost:8080
```

Open http://localhost:8080

## Vulnerabilities

- **Reflected XSS** (`search.php`): `q` is echoed without `htmlspecialchars()`. Try:
  - `?q=alert('XSS')`
  - `?q=`
- **Stored XSS** (`comments.php`): Comment text is stored and output without encoding. Post a comment containing `alert('XSS')` or similar.

## Fix

- Always output user-controlled data with `htmlspecialchars($str, ENT_QUOTES, 'UTF-8')` when putting it in HTML.