The BodgeIt Store

  We bodge it, so you dont have to! Guest user
Home About Us Contact Us Login Your Basket Search
Doodahs
Gizmos
Thingamajigs
Thingies
Whatchamacallits
Whatsits
Widgets

Your Score

Here are at least some of the vulnerabilities that you can try and exploit:

ChallengeDone?
Login as test@thebodgeitstore.com Not completed
Login as user1@thebodgeitstore.com Not completed
Login as admin@thebodgeitstore.com Not completed
Find hidden content as a non admin user Not completed
Find diagnostic data Not completed
Level 1: Display a popup using: <script>alert("XSS")</script> Not completed
Level 2: Display a popup using: <script>alert("XSS")</script> Not completed
Level 3: Display a popup using: <script>alert("XSS")</script> Not completed
Access someone elses basket Not implemented/tested yet :(
Force someone to add an item to their basket when they visit your webpage. Not completed
Get the store to owe you money Not completed
Change your password via a GET request Not completed
Conquer AES encryption, and display a popup using: <script>alert("H@cked A3S")</script> Not completed
Conquer AES encryption and append a list of table names to the normal results. Not completed