Authentication bypass using SQL injection on vulnerable input.
Impact: Unauthorized access
Tools: Burp Suite, Browser
Reflected XSS due to improper input sanitization.
Impact: Session hijacking
Hidden directories discovered using automated tools.
Tools: Dirsearch, FFUF