Featured vector

No vectors found in the last 30 days

Fuzz vector cloud

3,336,911 Successful fuzzes

Fuzz Vectors

Searching for "event"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Crazy MSIE v3	<input value=""dataevents =customLog('dataevents') " type="text">	@Giutro
o replacement in event handlers	<img src=xx:xx chrnerror=logChr(num)>	@blubbfiction
Characters allowed between event handlers and equal sign	<img src="about:blank" onerrorchr=logChr(num)>	@peksa
HTML input image tag attributes that run JavaScript	<input datahtmlattributes="customLog('datahtmlattributes')" type="image" src="about:blank">	@peksa
HTML input tag attributes that run JavaScript	<input datahtmlattributes="customLog('datahtmlattributes')" type="text">	@peksa
Characters that dont inhibit eventhandlers	<img src=xx:xx ochrnerror=logChr(num)>	@tifkin_
Characters that break out of quoted attributes2	<img src="1chr onerror="logChr(num)">	@tifkin_
Characters allowed between 2 consecutive functions	<script> function a() {} </script> <img src=1 onerror="a()chrlogChr(num)">	@tifkin_
Characters allowed before single functions in event handlers	<img src=1 onerror="chrlogChr(num)">	@tifkin_
Characters that can set event handlers3	<img src=1 onerrorchr"logChr(num)">	@tifkin_
Tags that have the onload event	<datahtmlelements onload="customLog('datahtmlelements')">test</datahtmlelements>	@garethheyes
char for fireing onload event	<img src=chr onload=logChr(num)>	@heyheyheyhey10
html dataentities before event handler	<img src="x" asdf/="_=" alt=" dataentitiesonerror=logChr(num) //">	@testacc40590139
Characters that trigger a new attr after new line	<img src=1 title= x:xxchr/onerror=logChr(num)>	@garethheyes
Characters ignored in html event handler name	<img src=x onchrError="javascript:log(num)"/>	@mhswende
Tags and events that execute javascript 2	<datahtmlelements dataevents="javascript:parent.customLog('datahtmlelements dataevents')"></datahtmlelements>	@garethheyes
Tags and events that execute javascript	<datahtmlelements datahtmlattributes="javascript:parent.customLog('datahtmlelements datahtmlattributes')"></datahtmlelements>	@garethheyes
Tags that execute onerror	<datahtmlelements src=1 href=1 onerror="customLog('datahtmlelements')"></datahtmlelements>	@garethheyes

Top fuzzers
insertScript (465)
garethheyes (256)
i_bo0om (51)
0x6D6172696F (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
Giutro (35)
jackmasa (35)
albinowax (33)
0xAli (33)
avlidienbrunn (30)
mramydnei1 (24)
peksa (21)
skeptic_fx (19)
D_Szameitat (19)
shafigullin (17)
irsdl (16)
goergr1 (15)

New users
deepsk79
agasfasgasdasds
the_yellow_fall
dovanson91
June_Dion
daige13
fall17691353
summer_poc
ketchupandbeer
jogibharat
palindrom
fubbp
sanjayrk143
bmantra
cnet62
sharath_unni
juliokurt
L0TExp
d0znpp
pnig0s

No records found.

Popular recent vectors

Latest vectors
script param separator
data uri img src
img src starts with pound follow by fuzz char then data uri
Comma analog in script src data
slash bla htest
random test
Characters that eat JavaScript regex escapes
Characters that modify JavaScript regex character classes
test all
XSS Without Space Test 1

© 2018 Copyright Gareth Heyes