Inurl Index.php%3fid= -

: Attackers can bypass authentication mechanisms to read confidential data directly from the database, including plaintext passwords, credit card records, and personally identifiable information (PII).

If the value of the id parameter is reflected back onto the webpage without proper encoding, attackers can inject malicious JavaScript. This allows them to steal session cookies or redirect visitors to phishing sites. How to Protect Your Website inurl index.php%3Fid=