Injectrix

An internal employee portal shipped to production without a security review. Three unpatched vulnerabilities sit in the same PHP codebase — SQL injection, command injection, and an unrestricted file upload. Chain them to own the box.