Last active
August 19, 2025 17:29
-
Star
(108)
You must be signed in to star a gist -
Fork
(15)
You must be signed in to fork a gist
-
-
Save susam/75c37fd0aff9c5e25112eac75b9ed055 to your computer and use it in GitHub Desktop.
Revisions
-
susam revised this gist
Mar 5, 2019 . 1 changed file with 1 addition and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2021,9 +2021,7 @@ GET /zorum_3_5/index.php?list=\"/%3e%3cscript%3ealert('Nessus%20was%20here')%3c/ GET /zorum_3_5/index.php?method=\"/%3e%3cscript%3ealert('Nessus%20was%20here')%3c/script%3e GET /zorum_3_5/index.php?method=markread&list=zorumuser&fromlist=secmenu&frommethod=\"/%3e%3cscript%3ealert('Nessus%20was%20here')%3c/script%3e POST /53715%22%20data-clickurl=%22%22%20class=%22url%22%20data-dot=%22url%22%3Emathb.in/53715%3C/a%3E%20%3C/div%3E%20%3C/div%3E%20%3C/div%3E%20%3Cscript%3E%20JAK.Fulltext.ResultScreenshotResize(%22 $ grep 'confirm(' unique.txt GET /?keywords=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&utm_campaign=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&code=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&ev=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E&family=%22%3E%3Csvg/onload=confirm(/keqc4/)%3E&g=%22%3E%3Csvg/onload=confirm(/keqc5/)%3E&filter_rating=%22%3E%3Csvg/onload=confirm(/keqc6/)%3E&login=%22%3E%3Csvg/onload=confirm(/keqc7/)%3E&username=%22%3E%3Csvg/onload=confirm(/keqc8/)%3E&t=%22%3E%3Csvg/onload=confirm(/keqc9/)%3E GET /?langchoice=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&noscript=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&pagenum=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&ver=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E&recognize=%22%3E%3Csvg/onload=confirm(/keqc4/)%3E&rsd=%22%3E%3Csvg/onload=confirm(/keqc5/)%3E&sapwd=%22%3E%3Csvg/onload=confirm(/keqc6/)%3E&sausr=%22%3E%3Csvg/onload=confirm(/keqc7/)%3E&sort_language=%22%3E%3Csvg/onload=confirm(/keqc8/)%3E&submit=%22%3E%3Csvg/onload=confirm(/keqc9/)%3E @@ -5652,4 +5650,4 @@ in the last 7 years. ``` $ grep ^COOK unique.txt COOK /blog/?tagsu003dmiscellaneous ``` -
Mar 5, 2019 . 1 changed file with 15 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2023,6 +2023,20 @@ GET /zorum_3_5/index.php?method=markread&list=zorumuser&fromlist=secmenu&frommet POST /53715%22%20data-clickurl=%22%22%20class=%22url%22%20data-dot=%22url%22%3Emathb.in/53715%3C/a%3E%20%3C/div%3E%20%3C/div%3E%20%3C/div%3E%20%3Cscript%3E%20JAK.Fulltext.ResultScreenshotResize(%22 ``` ``` $ grep 'confirm(' unique.txt GET /?keywords=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&utm_campaign=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&code=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&ev=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E&family=%22%3E%3Csvg/onload=confirm(/keqc4/)%3E&g=%22%3E%3Csvg/onload=confirm(/keqc5/)%3E&filter_rating=%22%3E%3Csvg/onload=confirm(/keqc6/)%3E&login=%22%3E%3Csvg/onload=confirm(/keqc7/)%3E&username=%22%3E%3Csvg/onload=confirm(/keqc8/)%3E&t=%22%3E%3Csvg/onload=confirm(/keqc9/)%3E GET /?langchoice=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&noscript=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&pagenum=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&ver=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E&recognize=%22%3E%3Csvg/onload=confirm(/keqc4/)%3E&rsd=%22%3E%3Csvg/onload=confirm(/keqc5/)%3E&sapwd=%22%3E%3Csvg/onload=confirm(/keqc6/)%3E&sausr=%22%3E%3Csvg/onload=confirm(/keqc7/)%3E&sort_language=%22%3E%3Csvg/onload=confirm(/keqc8/)%3E&submit=%22%3E%3Csvg/onload=confirm(/keqc9/)%3E GET /?q=%22%3E%3Csvg/onload=confirm(/OPENBUGBOUNTY/)%3E GET /?query=%22%3E%3Csvg/onload=confirm(/OPENBUGBOUNTY/)%3E GET /?s=%22%3E%3Csvg/onload=confirm(/OPENBUGBOUNTY/)%3E GET /?search=%22%3E%3Csvg/onload=confirm(/OPENBUGBOUNTY/)%3E GET /q?search=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&s=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&query=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&q=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E GET /query?search=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&s=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&query=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&q=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E GET /s?search=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&s=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&query=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&q=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E GET /search?search=%22%3E%3Csvg/onload=confirm(/keqc0/)%3E&s=%22%3E%3Csvg/onload=confirm(/keqc1/)%3E&query=%22%3E%3Csvg/onload=confirm(/keqc2/)%3E&q=%22%3E%3Csvg/onload=confirm(/keqc3/)%3E ``` ## PHP Code Injection @@ -5638,4 +5652,4 @@ in the last 7 years. ``` $ grep ^COOK unique.txt COOK /blog/?tagsu003dmiscellaneous ``` -
Mar 5, 2019 .There are no files selected for viewing