In today's digital landscape, where online activities like banking, shopping, and social networking dominate, the security of sensitive data and assets is paramount. This responsibility primarily lies with software and web developers, tasked with safeguarding against prevalent vulnerabilities such as SQL injection, XSS (Cross-Site Scripting), Broken Access Control, Command Execution, CSRF (Cross- Site Request Forgery), among others. This research project delves into the world of web application security, aiming to provide a comprehensive understanding of secure development and deployment practices. By simulating and analyzing these vulnerabilities across different modules, the study sheds light on how attackers can exploit these weaknesses to breach data confidentiality, integrity, and availability, thus violating the CIA triad. Keywords: web, vulnerability, XSS, CSFR, SQL injection, Access Control.