XssBadWebApp is a project mainly written in PHP, based on the BSD-2-Clause license.
A Intentionally Vulnerable Bad Web Application With XSS Vulnerabilities - *DO NOT USE!!!*
DO NOT USE THIS APPLICATION!
This is a "Bad Web Application" that's designed to be vulnerable.
WARNING: FOR RESEARCH USE ONLY!
DISCLAIMER: This application is for education use only. Installing it on a public facing server will expose the server to several security vulnerabilities. The author takes absolutely no responsibility for any damage that may occur from the use or misuse of any of this code.
You have been warned.
PHP >= 5.3
A Pear install of Smarty
A Pear install of Twig
TODO: Create a list of known vulnerabilities here