User talk:CSteipp (WMF)/Training/VulnTagging easy

Answers
This script is vulnerable to SQL injection, and XSS.

This line is vulnerable to SQL Injection: array( "vt_article_id = $articleId" ), An attacker can pass in an articleid to the parser function call
 * SQL Injection

These line are vulnerable to Cross-site Scripting: foreach ( $res as $tag ) { $tags[] = "vt_tid."'>".$tag->vt_tag_text.""; } return "". implode( "\n", $tags ). "";
 * XSS

If an attacker has stored a vt_tag_text in the database containing " alert(1) ", then the javascript will execute. If vt_tid is a string in the database, it will also be vulnerable to xss, if the attacker adds a string like "' onclick='alert(1);"