Damn Small Vulnerable Web (DSVW) < 100 LoC (Lines of Code)

Attacks:

Blind SQL Injection (boolean) - vulnerable|exploit|info
Blind SQL Injection (time) - vulnerable|exploit|info
UNION SQL Injection - vulnerable|exploit|info
Login Bypass - vulnerable|exploit|info
HTTP Parameter Pollution - vulnerable|exploit|info
Cross Site Scripting (reflected) - vulnerable|exploit|info
Cross Site Scripting (stored) - vulnerable|exploit|info
Cross Site Scripting (DOM) - vulnerable|exploit|info
Cross Site Scripting (JSONP) - vulnerable|exploit|info
XML External Entity (local) - vulnerable|exploit|info
XML External Entity (remote) - vulnerable|exploit|info
Server Side Request Forgery - vulnerable|exploit|info
Blind XPath Injection (boolean) - vulnerable|exploit|info
Cross Site Request Forgery - vulnerable|exploit|info
Frame Injection (phishing) - vulnerable|exploit|info
Frame Injection (content spoofing) - vulnerable|exploit|info
Clickjacking - -|exploit|info
Unvalidated Redirect - vulnerable|exploit|info
Arbitrary Code Execution - vulnerable|exploit|info
Full Path Disclosure - vulnerable|exploit|info
Source Code Disclosure - vulnerable|exploit|info
Path Traversal - vulnerable|exploit|info
File Inclusion (remote) - vulnerable|exploit|info
HTTP Header Injection (phishing) - vulnerable|exploit|info
Component with Known Vulnerability (pickle) - vulnerable|exploit|info
Denial of Service (memory) - vulnerable|exploit|info

Powered by DSVW (v0.1m)