Vulnerabilities Severity 1) Cross Site Scripting HIGH 2) File Upload Vulnerability HIGH 3) Directory Listing Vulnerability HIGH 4) Unencrypted Login Pages HIGH 5) Session Hijacking HIGH 6) Cross Site Request Forgery(csrf) HIGH 7) Weak Captcha Implementation MEDIUM 8) Cross Frame Scripting(css) MEDIUM 9)Internal Error Handling MEDIUM 10)Cookies are not marked as HTTPOnly LOW Recommendations…