🛒 sekumartdeals so good it should be illegal
USD EUR GBP 🏴 0/6 🛒 cart (0) login
security level: low medium high impossible

Help & about

sekumart is a deliberately vulnerable practice shop. Point your tools at it — it will not fight back (much).

Try the security level switch (top-right) to flip each page between vulnerable and fixed, then hit view source to see the exact code.

Injection playground includes: SQLi (product, category, search, login, cart coupon), XSS (search, reviews, JSONP api, DOM via #lang=), path traversal, open redirect, and CSRF (account/reviews).

Demo account: admin / password. Try language banner: #lang=friend.