diff --git a/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java b/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java
index 4d84a8a..4400900 100644
--- a/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java
+++ b/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java
@@ -124,7 +124,7 @@ protected boolean setup(String i) throws IOException
                             {
                                 //User Table creation
                                 stmt.executeUpdate("Create table users(ID int NOT NULL AUTO_INCREMENT, username varchar(30),email varchar(60), password varchar(60), about varchar(50),privilege varchar(20),avatar TEXT,secretquestion int,secret varchar(30),primary key (id))");
-                                  stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('"+adminuser+"','"+adminpass+"','admin@localhost','I am the admin of this application','default.jpg','admin',1,'rocky')");
+                                  stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ("+stmt.enquoteLiteral(String.valueOf(adminuser))+",'"+adminpass+"','admin@localhost','I am the admin of this application','default.jpg','admin',1,'rocky')");
                                   stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('victim','victim','victim@localhost','I am the victim of this application','default.jpg','user',1,'max')");
                                   stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('attacker','attacker','attacker@localhost','I am the attacker of this application','default.jpg','user',1,'bella')");
                                 stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('NEO','trinity','neo@matrix','I am the NEO','default.jpg','user',1,'sentinel')");
diff --git a/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java b/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java
index afa2f83..d04bbbd 100644
--- a/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java
+++ b/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java
@@ -55,7 +55,7 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
                                {
                                   
                                    Statement stmt = con.createStatement();  
-                                  stmt.executeUpdate("INSERT into users(username, password, email, About,avatar,privilege,secretquestion,secret) values ('"+user+"','"+pass+"','"+email+"','"+about+"','default.jpg','user',1,'"+secret+"')");
+                                  stmt.executeUpdate("INSERT into users(username, password, email, About,avatar,privilege,secretquestion,secret) values ('"+user+"','"+pass+"',"+stmt.enquoteLiteral(String.valueOf(email))+",'"+about+"','default.jpg','user',1,'"+secret+"')");
                                        stmt.executeUpdate("INSERT into UserMessages(recipient, sender, subject, msg) values ('"+user+"','admin','Hi','Hi<br/> This is admin of this page. <br/> Welcome to Our Forum')");
              
                                     response.sendRedirect("index.jsp");
diff --git a/src/main/webapp/ForgotPassword.jsp b/src/main/webapp/ForgotPassword.jsp
index b56f6cb..0a76e71 100644
--- a/src/main/webapp/ForgotPassword.jsp
+++ b/src/main/webapp/ForgotPassword.jsp
@@ -1,6 +1,6 @@
 
  <%@page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
-<%@page import="java.sql.Statement"%>
+<%@page import="java.sql.PreparedStatement"%>
 <%@page import="java.sql.ResultSet"%>
 <%@page import="java.sql.Connection"%>
 <%@ include file="header.jsp" %>
@@ -38,8 +38,10 @@ if(request.getParameter("secret")!=null)
              {
                  Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
                   ResultSet rs=null;
-                  Statement stmt = con.createStatement();  
-                  rs=stmt.executeQuery("select * from users where username='"+request.getParameter("username").trim()+"' and secret='"+request.getParameter("secret")+"'");
+                  PreparedStatement pstmt = con.prepareStatement("select * from users where username=? and secret=?");
+                  pstmt.setString(1, request.getParameter("username").trim());
+                  pstmt.setString(2, request.getParameter("secret"));
+                  rs=pstmt.executeQuery();
                   if(rs != null && rs.next()){
                       out.print("Hello "+rs.getString("username")+", <b class='success'> Your Password is: "+rs.getString("password"));
                   }
diff --git a/src/main/webapp/vulnerability/csrf/changepassword.jsp b/src/main/webapp/vulnerability/csrf/changepassword.jsp
index ca1646f..f83aaed 100644
--- a/src/main/webapp/vulnerability/csrf/changepassword.jsp
+++ b/src/main/webapp/vulnerability/csrf/changepassword.jsp
@@ -1,62 +1,48 @@
  <%@ include file="/header.jsp" %>
- <%@page import="java.sql.Connection"%>
-<%@page import="java.sql.Statement"%>
-<%@page import="java.sql.SQLException"%>
-
-<%@page import="java.sql.ResultSetMetaData"%>
-<%@page import="java.sql.ResultSet"%>
-<%@ page import="java.util.*,java.io.*"%>
+<%@ page import="java.sql.Connection, java.sql.PreparedStatement, java.sql.SQLException"%>
 <%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
 
 
 <%
-if(session.getAttribute("isLoggedIn")!=null)
-{
-    String id=session.getAttribute("userid").toString();
-    %>
+if(session.getAttribute("isLoggedIn") != null) {
+    String id = session.getAttribute("userid").toString();
+%>
     Enter the New Password: <br/><br/>
     <table>
-		<form action="changepassword.jsp" method="POST">
-                    <tr><td>New Password:</td><td><input type="text" name="password" value=""/></td></tr>
-                <tr><td>Confirm Password: </td><td><input type="text" name="confirmpassword" value=""/></td></tr>
-                    <tr><td></td><td><input type="submit" name="change" value="Change"/></td></tr>
-		
-		</form>
+        <form action="changepassword.jsp" method="POST">
+            <tr><td>New Password:</td><td><input type="text" name="password" value=""/></td></tr>
+            <tr><td>Confirm Password: </td><td><input type="text" name="confirmpassword" value=""/></td></tr>
+            <tr><td></td><td><input type="submit" name="change" value="Change"/></td></tr>
+        </form>
     </table>
-		<br/>
-    <%
- Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
-         
-   String action=request.getParameter("change");
-    if(action!=null)
-    {
-        String pass=request.getParameter("password");
-        String confirmPass=request.getParameter("confirmpassword");
-        if(pass!=null && confirmPass!=null && !pass.equals("") )
-        {
-            if(pass.equals(confirmPass) )
-            {
-          Statement stmt = con.createStatement();
-              stmt.executeUpdate("Update users set password='"+pass+"' where id="+id);
-            out.print("<b class='success'>Password Changed</b>");
-            out.print("<br/><br/><b><a href='changepassword.jsp'>Return to the Previous page </a></b>");
+    <br/>
+<%
+    Connection con = new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
+    String action = request.getParameter("change");
+    if(action != null) {
+        String pass = request.getParameter("password");
+        String confirmPass = request.getParameter("confirmpassword");
+        if(pass != null && confirmPass != null && !pass.equals("")) {
+            if(pass.equals(confirmPass)) {
+                PreparedStatement pstmt = con.prepareStatement("Update users set password=? where id=?");
+                pstmt.setString(1, pass);
+                pstmt.setString(2, id);
+                pstmt.executeUpdate();
+                out.print("<b class='success'>Password Changed</b>");
+                out.print("<br/><br/><b><a href='changepassword.jsp'>Return to the Previous page </a></b>");
             }
-            else
-            {
-                 out.print("Passwords didn't match");
+            else {
+                out.print("Passwords didn't match");
             }
 
         }
-        else
-        {
+        else {
             out.print("Password can't be empty");
         }
     }
-  }
-   
-  %>
-  
-  <!-- CSRF  -->
+}
+%>
+
+<!-- CSRF  -->
 <!-- Insecure Direct Object Reference 2 -->
-  
- <%@ include file="/footer.jsp" %>
\ No newline at end of file
+<%@ include file="/footer.jsp" %>
\ No newline at end of file

New Password:
Confirm Password:

New Password:
Confirm Password: