All Vectors

Smuggling...

	Vector name	User	Created	Type
39 39 39 39	Characters allowed between an object and bracket notation	cold-try	4/15/2024	JS
⚠ Browser differences 16 17 16 17	Tags that remove the span or are self closing	hackvertor	7/16/2024	XSS
7 7 7 7	Characters between element name and >	ThomasOrlita	4/15/2024	HTML
⚠ Browser differences 300 300 300 32	Scheme slash alternatives in URL() when a base is used	N25sec	5/22/2025	JS
1 1 1	Characters allowed instead of equal sign	c3l3si4n	4/28/2024	XSS
35 35 35 35	Entities still parsed in uppercase	hackvertor	7/2/2024	JS
2 2 2 2	Characters not urlencoded when using the shema part of the URL	d0ge	9/24/2024	JS
1 1 1	CSS inline property definition	hipotermia	3/12/2025	HTML
7 7 7 7	Characters ignored in an attribute name	hackvertor	5/28/2024	XSS
4 4 4 4	Entities allowed between slashes on a protocol relative URL	hackvertor	7/6/2024	JS
3 3 3 3	Characters that act as array literals	hackvertor	6/24/2024	JS
25 25 25 25	Characters allowed after throw statement	hackvertor	7/14/2025	JS
1 1 1 1	Characters cause self closing tag	hackvertor	7/23/2025	XSS
25 25 25 25	Characters allowed after a bigint	hackvertor	7/18/2025	JS
⚠ Browser differences 105 106 105	Tags that support HTML comments	hackvertor	1/26/2025	XSS
2 2 2 2	Characters allowed after colon which result in an external URL	hackvertor	1/16/2025	XSS
⚠ Browser differences 298 46 46	Characters prepended to URL, which yield in the same host property	InsertScript	1/10/2025	JS
1 1 1	Bypasses for __proto__ string match	vitorfhc	8/29/2024	JS
1 1 1 1	XSS vectors that execute automatically inside math	hackvertor	4/17/2024	XSS
18 18 18 18	Entities allowed between function call and number	hackvertor	7/2/2024	XSS

Found 272 records

Page 8 of 14

3 4 5 6 7 8 9 10 11 12

All Vectors

Distributed Fuzzing

All Vectors