Reflective XSS
Info leak
Application/Business Logic
Auth issues
Stored XSS
Open Redirect
Authorisation Issue
SQL Injection
Deserialization