What are common security vulnerabilities in PHP scripts like pastebin tools?

One common security vulnerability in PHP scripts like pastebin tools is injection attacks, such as SQL injection or cross-site scripting. To prevent these vulnerabilities, it is important to sanitize user input and use prepared statements when interacting with databases. Additionally, always validate and escape user input before displaying it on the webpage to prevent cross-site scripting attacks.

// Example of sanitizing user input to prevent SQL injection
$user_input = $_POST['user_input'];
$clean_input = mysqli_real_escape_string($connection, $user_input);

// Example of escaping user input to prevent cross-site scripting
$user_input = $_POST['user_input'];
$clean_input = htmlspecialchars($user_input);