I'll post what I am allowed to here, since I don't get full disclosure a lot of the time.
If you want to contact me, you can add me on discord, at pepsipu#3655.
You might know me from that research report I wrote not too long ago on allowing XSS through SQL Vulnerabilities. That was popular."
I found an XSS vulnerability in the search bar.
Performed a full HTML Injection into a multitude of areas in the site.
Performed SQL Injection, PHP Injection, and XSS in one fell swoop. Quite a big find.