1. Client-Side: XXS, CSRF

2.SQL-Injection

3. PHP-injection

4. LFI, Path Traversal

5. RCE

6. OWASP TOP-10