this isnt really xss, or code injection, so i wasnt sure where to put it. my question is i have an open redirect header("Location: $_GET[url]"); other than using it for phishing, what can i use it for? are there ways to set other header info? xss? (there is no xss on the site, i would know i use to code for them) [www.xssed.com]