Featured vector

No vectors found in the last 30 days

Fuzz vector cloud

3,420,139 Successful fuzzes

Fuzz Vectors

Searching for "entity"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Entities allowed with no semi colon	htmlStr = '<div title="'+dataentities.replace(/;/,'')+'">test</div>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.title.length===1) { customLog(dataentities); } }catch(e){};	@garethheyes
HTML Entity in between and	<img src=xx:xx onerror="&chr#X61;lert(num);logChr(num)">	@MisterJyu
Entities allowed instead of colon for js protocol	htmlStr = '<a href="javascript'+dataentities+'123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { customLog(dataentities); } }catch(e){};	@peksa
Entities allowed after js protocol	htmlStr = '<a href="javascript'+dataentities+':123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { customLog(dataentities); } }catch(e){};	@garethheyes
Entities allowed before js protocol	htmlStr = '<a href="'+dataentities+'javascript:123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { customLog(dataentities); } }catch(e){};	@garethheyes
Entity character breaking innerHTML copy	<div id="fuzzelementnum"> <div title="&#xhex6;style=color:#FF1133" id="copyTargetnum">num - test</div> </div>	@thewildcat

Top fuzzers
insertScript (778)
garethheyes (256)
i_bo0om (51)
0x6D6172696F (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
jackmasa (35)
Giutro (35)
albinowax (33)
0xAli (33)
avlidienbrunn (30)
mramydnei1 (24)
Lamp_AE (22)
peksa (21)
D_Szameitat (19)
skeptic_fx (19)
irsdl (18)
ahpaleus (18)

New users
dracutdashf
barracud4_
JamiuSunmola
Vipulvy90808568
SalmanTest123
HeckySome
flathmannw
NickGenie1
crowded_geek
kwk70238356
muhamad24058449
Ali46150538
0xffffffffffffe
irash_sec
Pav_Kirill
nlf41188
hacker_
D_K_Dev
JasonW67174798
guillpv

Popular recent vectors
Characters in between protocol in js url (FORK) XXX

Latest vectors
Characters in between protocol in js url (FORK) XXX
Characters between event handlers
testerdd
testfgdfgdf
test23
script tag fuxx
Tags with JS capable Events
Tags with Onerror
Characters that can go on either side of in attribute
Valid HTML Attribute Seperators

© 2020 Copyright Gareth Heyes