Paths to test a web server with

urls.txt

/+CSCOE+/logon.html
/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
/.%2e/.%2e/.%2e/.%2e/windows/win.ini
/.%2e/.%2e/.%2e/.%2e/winnt/win.ini
/..../..../..../..../..../..../..../..../..../..../..../..../etc/passwd
/..../..../..../..../..../..../..../..../..../windows/win.ini
/..../..../..../..../..../..../..../..../..../winnt/win.ini
/.../.../.../.../.../.../.../.../.../windows/win.ini
/.../.../.../.../.../.../.../.../.../winnt/win.ini
/.bak/
/.cobalt/
/.git/HEAD
/.git/info/refs
/.svn/entries
/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./windows/win.ini
/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./winnt/win.ini
/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./windows/win.ini
/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./winnt/win.ini
/1/
/10/
/1485887336/certificate/localhost.com
/1485887336/facts/localhost.com
/2/
/3/
/4/
/4images/
/5/
/6/
/7/
/8/
/9/
/99articles/
/<script>cross_site_scripting.nasl</script>
/<script>cross_site_scripting.nasl</script>.asp
/<script>cross_site_scripting.nasl</script>.aspx
/<script>cross_site_scripting.nasl</script>.cfc
/<script>cross_site_scripting.nasl</script>.cfm
/<script>cross_site_scripting.nasl</script>.cgi
/<script>cross_site_scripting.nasl</script>.dll
/<script>cross_site_scripting.nasl</script>.do
/<script>cross_site_scripting.nasl</script>.exe
/<script>cross_site_scripting.nasl</script>.fts
/<script>cross_site_scripting.nasl</script>.htm
/<script>cross_site_scripting.nasl</script>.html
/<script>cross_site_scripting.nasl</script>.idc
/<script>cross_site_scripting.nasl</script>.jsp
/<script>cross_site_scripting.nasl</script>.jspa
/<script>cross_site_scripting.nasl</script>.kspx
/<script>cross_site_scripting.nasl</script>.mscgi
/<script>cross_site_scripting.nasl</script>.nsf
/<script>cross_site_scripting.nasl</script>.php
/<script>cross_site_scripting.nasl</script>.php3
/<script>cross_site_scripting.nasl</script>.pl
/<script>cross_site_scripting.nasl</script>.x
/<script>document.cookie="testusau=5736;"</script>
/<script>foo</script>
/About/frmAbout.aspx
/Admin/
/Admin/index.jsp
/AdminWeb/
/Admin_files/
/Administration/
/AdvWebAdmin/
/Agent/
/Agents/
/Album/
/AlbumArt_/
/Articles/default.asp
/BizTalkServerDocs/
/BizTalkServerRepository/
/BizTalkTracking/
/Boutiques/
/BrowserWeb/portal/portalbanner.htm
/CFIDE/administrator/index.cfm
/CFIDE/administrator/settings/version.cfm
/CFIDE/probe.cfm
/CS/
/CSCOnm/servlet/AutoLogin.jsp
/CSCOnm/servlet/login/login.jsp
/CVS/
/CVS/Entries
/CVS/Entries/
/CVS/Entries/.git/HEAD
/CVS/Entries/.git/info/refs
/CVS/Entries/.svn/entries
/CVS/Entries/CVS/Entries
/CVS/Entries/HEAD
/CVS/Entries/SnoopServlet/
/CVS/Entries/_vti_inf.html
/CVS/Entries/index.jsp
/CVS/Entries/info/refs
/CVS/Entries/nessus/
/CVS/Entries/portal/diag/index.jsp
/CVS/Entries/r57.php
/CVS/Entries/snoop/
/CVS/Entries/snoopservlet/
/Citrix.Dwm.WorkloadBalance/Service
/Config/diff.php
/ConsoleHelp/admin/login.jsp
/ConsoleHelp/dms2/Login.jsp
/ControlManager/cgi-bin/dm_autologin_cgi.exe
/ControllerWeb/
/Corporate/
/CrystalReportWebFormViewer/crystalimagehandler.aspx
/CrystalReportWebFormViewer2/crystalimagehandler.aspx
/DB4Web/
/DMR/
/DataService.asmx/AuthUser
/Default/
/DesktopModules/BDPDT/uploadfilepopup.aspx
/DigitalScribe/
/DocuColor/
/EZPhotoSales/
/GTcatalog/index.php
/GTcatalog/password.inc
/GWextranet/
/GXApp/
/Gallery/
/HB/
/HBTemplates/
/HNAP1/
/IBMWebAS/
/IDMProv/jsps/help/Help.jsp
/IMManager/rdpageimlogic.aspx
/IMS-AA-IDP/logonPrompt.do
/IlohaMail/
/ImageVue/
/InfoViewApp/logon.jsp
/Install/
/JBookIt/
/JSPWiki/
/Log/
/MM/
/MSWSMTP/Common
/MSWSMTP/Common/
/MSWSMTP/Common/.git/HEAD
/MSWSMTP/Common/.git/info/refs
/MSWSMTP/Common/.svn/entries
/MSWSMTP/Common/Authentication
/MSWSMTP/Common/Authentication/
/MSWSMTP/Common/Authentication/.git/HEAD
/MSWSMTP/Common/Authentication/.git/info/refs
/MSWSMTP/Common/Authentication/.svn/entries
/MSWSMTP/Common/Authentication/CVS/Entries
/MSWSMTP/Common/Authentication/HEAD
/MSWSMTP/Common/Authentication/Logon.aspx
/MSWSMTP/Common/Authentication/Logon.aspx/
/MSWSMTP/Common/Authentication/Logon.aspx/.git/HEAD
/MSWSMTP/Common/Authentication/Logon.aspx/.git/info/refs
/MSWSMTP/Common/Authentication/Logon.aspx/.svn/entries
/MSWSMTP/Common/Authentication/Logon.aspx/CVS/Entries
/MSWSMTP/Common/Authentication/Logon.aspx/HEAD
/MSWSMTP/Common/Authentication/Logon.aspx/SnoopServlet/
/MSWSMTP/Common/Authentication/Logon.aspx/_vti_inf.html
/MSWSMTP/Common/Authentication/Logon.aspx/index.jsp
/MSWSMTP/Common/Authentication/Logon.aspx/info/refs
/MSWSMTP/Common/Authentication/Logon.aspx/nessus/
/MSWSMTP/Common/Authentication/Logon.aspx/portal/diag/index.jsp
/MSWSMTP/Common/Authentication/Logon.aspx/r57.php
/MSWSMTP/Common/Authentication/Logon.aspx/snoop/
/MSWSMTP/Common/Authentication/Logon.aspx/snoopservlet/
/MSWSMTP/Common/Authentication/SnoopServlet/
/MSWSMTP/Common/Authentication/_vti_inf.html
/MSWSMTP/Common/Authentication/index.jsp
/MSWSMTP/Common/Authentication/info/refs
/MSWSMTP/Common/Authentication/nessus/
/MSWSMTP/Common/Authentication/portal/diag/index.jsp
/MSWSMTP/Common/Authentication/r57.php
/MSWSMTP/Common/Authentication/snoop/
/MSWSMTP/Common/Authentication/snoopservlet/
/MSWSMTP/Common/CVS/Entries
/MSWSMTP/Common/HEAD
/MSWSMTP/Common/SnoopServlet/
/MSWSMTP/Common/_vti_inf.html
/MSWSMTP/Common/index.jsp
/MSWSMTP/Common/info/refs
/MSWSMTP/Common/nessus/
/MSWSMTP/Common/portal/diag/index.jsp
/MSWSMTP/Common/r57.php
/MSWSMTP/Common/snoop/
/MSWSMTP/Common/snoopservlet/
/Mail/
/MessagingManager/
/Msword/
/NASApp/nessus/
/NOCC/
/NSearch/
/NetDynamic/
/NetDynamics/
/News/
/NonExistant2102578187/
/OnlineViewing/
/Orion/Login.asp
/Orion/Login.aspx
/OvCgi/
/OvCgi/OpenView5.exe
/OvCgi/freeIPaddrs.ovpl
/OvCgi/ifaceMgr/setMon.ovpl
/OvCgi/ifaceMgr/setNotMon.ovpl
/OvCgi/ovlaunch.exe
/OvCgi/webappmon.exe
/PDG_Cart/
/PSUser/PSCOErrPage.htm
/PUBLIC/ADMIN/INDEX.HTM
/PhpDocumentor/
/Plone/
/Portal/Portal.mwsl
/README/
/ROADS/
/ROADS/cgi-bin/search.pl
/Readme/
/Remote/
/Reporting/login/change_password.php
/SAPHostControl/
/SE/EMC_SE.swf
/SF2.5/docman/new.php
/SF2.5/patch/index.php
/SLwebmail/ShowLogin.dll
/SProtectLinux/showpage.cgi
/Sametime/buildinfo.txt
/Security/login
/ServerView/SnmpView/SnmpListMibValues
/SilverStream/
/SilverStream/Meta/Tables/
/SiteScope/
/SiteScope/cgi/go.exe/SiteScope
/SnoopServlet/
/SpamConsole/
/Stats/
/StoreDB/
/SugarCRM/
/Support/FCKEditor/editor/filemanager/upload/asp/upload.asp
/TXWebService/
/TXWebService/DataService.asmx/AuthUser
/Templates/
/ToDo/
/UI/Login
/WANem/about.html
/WEB-INF./web.xml
/WSsamples/
/WebAdmin/main.dll/dispChangePass
/WebBank/
/WebCalendar/
/WebConsole/login/auth/
/WebDB/
/WebID/IISWebAgentIF.dll
/WebServiceImpl/axis2-web/
/WebServiceImpl/axis2-web/axis2-web/index.jsp
/WebShop/
/WebTrend/
/Web_Store/web_store.cgi
/Web_store/
/Webcam/webcam.html
/Websense/cgi-bin/WsCgiLogin.exe
/WihPhoto/start.php
/Wiki/
/WorkArea/ContentDesigner/ekformsiframe.aspx
/WorkArea/ContentRatingGraph.aspx
/Wsusadmin/Errors/BrowserSettings.aspx
/XSL/
/XeroxCentreWareWeb/
/_ScriptLibrary/
/_admin/
/_backup/
/_bsLib/
/_bslib/
/_derived/
/_errors/
/_fpclass/
/_mem_bin/
/_mem_bin/formslogin.asp
/_mt/mt.cgi
/_notes/
/_objects/
/_old/
/_pages/
/_passwords/
/_private/
/_scripts/
/_sharedtemplates/
/_tests/
/_themes/
/_vti_bin/
/_vti_bin/fpcount.exe
/_vti_bin/shtml.dll/_vti_rpc
/_vti_bot/
/_vti_log/
/_vti_pvt/
/_vti_shm/
/_vti_txt/
/a/
/a1stats/a1disp3.cgi
/aardvarktopsites/
/about/
/acal/
/acceso/
/access/
/accesswatch/
/acciones/
/account/
/account/login.php
/accounting/
/accounts/inc/include.php
/acid/
/acopia/
/acp/index.php
/acp/lib/inserts.sql
/activeauctionsuperstore/ItemInfo.asp
/activex/
/actualanalyzer/
/addons/
/adm/
/admbook/
/admcgi/
/admentor/
/admin-bak/
/admin-old/
/admin.back/
/admin/
/admin/LocalIndex.html
/admin/addentry.php
/admin/admin.php
/admin/adminlogin.asp
/admin/cal_login.php
/admin/check_user.asp
/admin/components/com_fm/fm.install.php
/admin/configset.php
/admin/connect.inc
/admin/define.inc.php
/admin/file_manager.php
/admin/general.php
/admin/index.asp
/admin/index.html
/admin/index.php
/admin/info/system
/admin/ip_manage.php
/admin/lang.php
/admin/login-default.do
/admin/login.JSP
/admin/login.do
/admin/login.do/
/admin/login.do/.git/HEAD
/admin/login.do/.git/info/refs
/admin/login.do/.svn/entries
/admin/login.do/CVS/Entries
/admin/login.do/HEAD
/admin/login.do/SnoopServlet/
/admin/login.do/_vti_inf.html
/admin/login.do/index.jsp
/admin/login.do/info/refs
/admin/login.do/nessus/
/admin/login.do/portal/diag/index.jsp
/admin/login.do/r57.php
/admin/login.do/snoop/
/admin/login.do/snoopservlet/
/admin/login.html
/admin/login.jsp
/admin/login.jsp�
/admin/login.jsp/
/admin/login.jsp/.git/HEAD
/admin/login.jsp/.git/info/refs
/admin/login.jsp/.svn/entries
/admin/login.jsp/CVS/Entries
/admin/login.jsp/HEAD
/admin/login.jsp/SnoopServlet/
/admin/login.jsp/_vti_inf.html
/admin/login.jsp/index.jsp
/admin/login.jsp/info/refs
/admin/login.jsp/nessus/
/admin/login.jsp/portal/diag/index.jsp
/admin/login.jsp/r57.php
/admin/login.jsp/snoop/
/admin/login.jsp/snoopservlet/
/admin/login.php
/admin/login/
/admin/login/index.php
/admin/main.asp
/admin/o12guest.mdb
/admin/objects.inc.php4
/admin/operators.php
/admin/plog-admin-functions.php
/admin/registry.jsp
/admin/remotecontrol/lsrc.server.php
/admin/setup.php
/admin/statistics/ConfigureStatistics
/admin/system
/admin/templates/header.php
/admin/top.php
/admin/users.php
/admin/utilities_ConfigHelp.asp
/admin/wwforum.mdb
/admin_/
/admin_t/include/aff_liste_langue.php
/admincp/login.php
/administration/
/administrator/
/administrator/index.php
/adminuser/
/adminweb/
/admisapi/
/adodb/server.php
/ads/
/adserver/
/agenda/
/agentes/
/agora/
/album/
/albums/
/altercast/AlterCast
/altercast/login.jsp
/amazon/
/amember/
/amserver/
/analog/
/angeline/
/anthill/
/apache/
/apex/f
/apex/listenerConfigure
/api/orders.json
/app/
/app/idxasp.html
/app/ui/login.jsp
/app/webeditor/login.cgi
/applets/
/appliance/
/application/
/applications/
/apps/
/apps/pbcs.dll/misc
/apps/zxtm/login.cgi
/appserv/main.php
/ar/
/archive/
/archives/
/articles/
/artifactory/webapp/home.html
/asp/
/aspnet/
/aspx/
/asteridex/
/atc/
/atomicboard/index.php
/auction/
/auktion/
/auth/
/auth/login
/authadmin/
/authenticate/login
/authenticate/login/
/authenticate/login/.git/HEAD
/authenticate/login/.git/info/refs
/authenticate/login/.svn/entries
/authenticate/login/CVS/Entries
/authenticate/login/HEAD
/authenticate/login/SnoopServlet/
/authenticate/login/_vti_inf.html
/authenticate/login/index.jsp
/authenticate/login/info/refs
/authenticate/login/nessus/
/authenticate/login/portal/diag/index.jsp
/authenticate/login/r57.php
/authenticate/login/snoop/
/authenticate/login/snoopservlet/
/authentication/login/
/autodiscover/autodiscover.xml
/autopass/login_input
/aw/
/awstats-cgi/
/awstats/
/awstats/cgi-bin
/awstats/cgi-bin/
/awstats/cgi-bin/.git/HEAD
/awstats/cgi-bin/.git/info/refs
/awstats/cgi-bin/.svn/entries
/awstats/cgi-bin/CVS/Entries
/awstats/cgi-bin/HEAD
/awstats/cgi-bin/SnoopServlet/
/awstats/cgi-bin/_vti_inf.html
/awstats/cgi-bin/index.jsp
/awstats/cgi-bin/info/refs
/awstats/cgi-bin/nessus/
/awstats/cgi-bin/portal/diag/index.jsp
/awstats/cgi-bin/r57.php
/awstats/cgi-bin/snoop/
/awstats/cgi-bin/snoopservlet/
/awstatstotals/
/awstatstotals/awstatstotals.php
/axis/DirectDownload.jsp
/axis2-web/index.jsp
/axis2/
/axis2/axis2-web/index.jsp
/axis2/services/CUPMService/ping
/ayuda/
/b/
/b2-include/
/b2-tools/gm-2-b2.php
/back/
/backend/
/backend/classes.php
/backofficeLite/comersus_backoffice_index.asp
/backofficePlus/comersus_backoffice_index.asp
/backup/
/backups/
/bak/
/balancer/
/banca/
/banco/
/bandwidth/index.cgi
/bank/
/banner/
/banner01/
/bannerexchange/
/banners/
/base/
/baselining/version
/basilic/Config/diff.php
/basilix/
/batch/
/bb-dnbd/
/bblog/index.php
/bbs/
/bbv/
/bdata/
/bdatos/
/bemarket/shop/index.php
/beta/
/bigipgui/bigconf.cgi
/billing/billingmanager_income.asp
/billpay/
/bin/
/bin/html2text.php
/bitweaver/
/blob/
/blog/
/blogs/
/bmachine/
/boadmin/
/board/
/board/db/users.dat
/boarddata/data/user.idx
/boastmachine/
/boonex/
/boot/
/breakcal/calendar.cgi
/brightmail/login.do
/brightmail/viewLogin.do
/broadWeb/bwRoot.asp
/btauxdir/
/btmui/
/bug/
/bugport/php/index.php
/bugs/
/bugzilla/
/bugzilla3/
/builtin/index.html
/business/
/buy/
/buynow/
/c/
/c32web.exe/GetImage
/cache-stats/
/cacti/
/caja/
/cal/
/calendar/
/calendarexpress/
/calendarix/
/candypress/
/card/
/cards/
/cart/
/cas/login
/cash/
/caspadmin/index.asp
/caspsamp/
/catalog/
/cbi-bin/
/ccard/
/ccards/
/ccm/console.tcl
/cd-cgi/
/cd/
/cdrom/
/ce_html/
/centreon/
/cerberus-gui/
/cerberus/
/cert/
/certificado/
/certificate/
/certsrv/
/cfanywhere/index.html
/cfappman/
/cfdocs/
/cfide/
/cgi-auth/
/cgi-bim/
/cgi-bin-sdb/printenv
/cgi-bin/
/cgi-bin/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./windows/win.ini
/cgi-bin/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./winnt/win.ini
/cgi-bin/20Review.asp
/cgi-bin/500page.jsp
/cgi-bin/About/frmAbout.aspx
/cgi-bin/Articles/default.asp
/cgi-bin/BrowserWeb/portal/portalbanner.htm
/cgi-bin/CFIDE/probe.cfm
/cgi-bin/CHANGELOG.md
/cgi-bin/CMSlogin.aspx
/cgi-bin/CategoryView.aspx
/cgi-bin/ChangeLog
/cgi-bin/Config/diff.php
/cgi-bin/Count.cgi
/cgi-bin/DataService.asmx/AuthUser
/cgi-bin/DesktopModules/BDPDT/uploadfilepopup.aspx
/cgi-bin/Edit.jsp
/cgi-bin/FormHandler.cgi
/cgi-bin/FormMail.cgi
/cgi-bin/GTcatalog/index.php
/cgi-bin/GTcatalog/password.inc
/cgi-bin/Login.aspx
/cgi-bin/MsmMask.exe
/cgi-bin/PJreview_Neo.cgi
/cgi-bin/PLXNpvs782EQ.html
/cgi-bin/README.TXT
/cgi-bin/SLwebmail/ShowLogin.dll
/cgi-bin/SPT--ForumTopics.php
/cgi-bin/Security/login
/cgi-bin/ServerView/SnmpView/SnmpListMibValues
/cgi-bin/Support/FCKEditor/editor/filemanager/upload/asp/upload.asp
/cgi-bin/SystemInfo
/cgi-bin/Test11.asp
/cgi-bin/UI/Login
/cgi-bin/Web_Store/web_store.cgi
/cgi-bin/WihPhoto/start.php
/cgi-bin/WorkArea/ContentDesigner/ekformsiframe.aspx
/cgi-bin/WorkArea/ContentRatingGraph.aspx
/cgi-bin/YaBB.pl
/cgi-bin/_admin/
/cgi-bin/_head.php
/cgi-bin/a1disp3.cgi
/cgi-bin/a1stats/a1disp3.cgi
/cgi-bin/about.php
/cgi-bin/about/default_content.asp
/cgi-bin/account/
/cgi-bin/account/login.php
/cgi-bin/acegilogin.jsp
/cgi-bin/acp/index.php
/cgi-bin/acp/lib/inserts.sql
/cgi-bin/activatemember
/cgi-bin/activeauctionsuperstore/ItemInfo.asp
/cgi-bin/add.cgi
/cgi-bin/add_url.htm
/cgi-bin/add_user.php
/cgi-bin/addentry.php
/cgi-bin/addschup
/cgi-bin/adlayer.php
/cgi-bin/admin.asp
/cgi-bin/admin.cgi
/cgi-bin/admin.php
/cgi-bin/admin.pl
/cgi-bin/admin/
/cgi-bin/admin/addentry.php
/cgi-bin/admin/admin.php
/cgi-bin/admin/adminlogin.asp
/cgi-bin/admin/cal_login.php
/cgi-bin/admin/check_user.asp
/cgi-bin/admin/components/com_fm/fm.install.php
/cgi-bin/admin/configset.php
/cgi-bin/admin/connect.inc
/cgi-bin/admin/define.inc.php
/cgi-bin/admin/file_manager.php
/cgi-bin/admin/general.php
/cgi-bin/admin/index.asp
/cgi-bin/admin/index.html
/cgi-bin/admin/index.php
/cgi-bin/admin/info/system
/cgi-bin/admin/ip_manage.php
/cgi-bin/admin/lang.php
/cgi-bin/admin/login-default.do
/cgi-bin/admin/login.html
/cgi-bin/admin/login.php
/cgi-bin/admin/login/
/cgi-bin/admin/login/index.php
/cgi-bin/admin/main.asp
/cgi-bin/admin/o12guest.mdb
/cgi-bin/admin/objects.inc.php4
/cgi-bin/admin/operators.php
/cgi-bin/admin/plog-admin-functions.php
/cgi-bin/admin/registry.jsp
/cgi-bin/admin/remotecontrol/lsrc.server.php
/cgi-bin/admin/setup.php
/cgi-bin/admin/system
/cgi-bin/admin/templates/header.php
/cgi-bin/admin/top.php
/cgi-bin/admin/users.php
/cgi-bin/admin/utilities_ConfigHelp.asp
/cgi-bin/admin/wwforum.mdb
/cgi-bin/admincp/login.php
/cgi-bin/administrator/index.php
/cgi-bin/adodb-perf-module.inc.php
/cgi-bin/adodb/server.php
/cgi-bin/advSearch_h.asp
/cgi-bin/adxmlrpc.php
/cgi-bin/af.cgi
/cgi-bin/agenda.php3
/cgi-bin/ajax.php
/cgi-bin/al_initialize.php
/cgi-bin/album.pl
/cgi-bin/alienform.cgi
/cgi-bin/am.pl
/cgi-bin/anacondaclip.pl
/cgi-bin/apa_phpinclude.inc.php
/cgi-bin/apexec.pl
/cgi-bin/api/orders.json
/cgi-bin/apps/pbcs.dll/misc
/cgi-bin/artifactory/webapp/home.html
/cgi-bin/ashnews.php
/cgi-bin/athenareg.php
/cgi-bin/atomicboard/index.php
/cgi-bin/auktion.cgi
/cgi-bin/autohtml.php
/cgi-bin/awstats.pl
/cgi-bin/awstatstotals.php
/cgi-bin/axis2-web/index.jsp
/cgi-bin/b2-tools/gm-2-b2.php
/cgi-bin/backend/classes.php
/cgi-bin/backofficeLite/comersus_backoffice_index.asp
/cgi-bin/backofficePlus/comersus_backoffice_index.asp
/cgi-bin/bandwidth/index.cgi
/cgi-bin/base_local_rules.php
/cgi-bin/base_main.php
/cgi-bin/base_maintenance.php
/cgi-bin/base_qry_common.php
/cgi-bin/basilix.php
/cgi-bin/bb-hist.sh
/cgi-bin/bb-hostsvc.sh
/cgi-bin/bb_func_txt.php
/cgi-bin/bblog/index.php
/cgi-bin/bemarket/shop/index.php
/cgi-bin/bigconf.cgi
/cgi-bin/billing/billingmanager_income.asp
/cgi-bin/bin/html2text.php
/cgi-bin/bizmail.cgi
/cgi-bin/blog.cgi
/cgi-bin/blog.php
/cgi-bin/boarddata/data/user.idx
/cgi-bin/breakcal/calendar.cgi
/cgi-bin/browse.php
/cgi-bin/browse_blogs.php
/cgi-bin/bsml.pl
/cgi-bin/btdownload.php
/cgi-bin/bugreport.cgi
/cgi-bin/c/portal/login
/cgi-bin/c32web.exe/GetImage
/cgi-bin/cal_cat.php
/cgi-bin/cal_event.php
/cgi-bin/cal_make.pl
/cgi-bin/cal_week.php
/cgi-bin/calendar.php
/cgi-bin/calendar_admin.pl
/cgi-bin/callboth.php
/cgi-bin/camctrl.cgi
/cgi-bin/captcha.html
/cgi-bin/carbo.dll
/cgi-bin/cart32.exe
/cgi-bin/catalog.php
/cgi-bin/cc_guestbook.pl
/cgi-bin/cfooter.php3
/cgi-bin/cgi-bin/gm-comments.cgi
/cgi-bin/cgi-bin/library.cgi
/cgi-bin/cgi-bin/login.cgi
/cgi-bin/cgi/tseekdir.cgi
/cgi-bin/cgiforum.pl
/cgi-bin/cgiip.exe/WService=wsbroker1/webtools/oscommand.w
/cgi-bin/cgiip.exe/WService=wsbroker1/webutil/ping.p
/cgi-bin/cgiwrap/cgiwrap_error_page_handling_xss.nasl
/cgi-bin/chat.php
/cgi-bin/chat/login.php
/cgi-bin/check_user_id.php
/cgi-bin/claroline/resourcelinker/resourcelinker.inc.php
/cgi-bin/classes/adodbt/sql.php
/cgi-bin/cleartrust/ct_logon.asp
/cgi-bin/cleartrust/ct_logon.jsp
/cgi-bin/client_execute.cgi
/cgi-bin/clwarn.cgi
/cgi-bin/coin_includes/constants.php
/cgi-bin/com5.pl
/cgi-bin/comersus_customerRegistrationForm.asp
/cgi-bin/comersus_searchItem.asp"><script>alert('Nessus was here');</script>
/cgi-bin/comments.php
/cgi-bin/commerce.cgi
/cgi-bin/common/listrec.pl
/cgi-bin/common/visiteurs/include/menus.inc.php
/cgi-bin/commsrss.php
/cgi-bin/config.php
/cgi-bin/config/oramon.ini
/cgi-bin/configuration/galleryConfig.txt
/cgi-bin/console/login.action
/cgi-bin/contact.php
/cgi-bin/contacts/php
/cgi-bin/contenido/classes/class.inuse.php
/cgi-bin/content.php
/cgi-bin/contrib/forms/evaluation/C_FormEvaluation.class.php
/cgi-bin/core/adodb/server.php
/cgi-bin/core/api.php
/cgi-bin/core/editor.php
/cgi-bin/corporate/webpages/login.jsp
/cgi-bin/corporate/webpages/sessionexpired.jsp
/cgi-bin/count.cgi
/cgi-bin/counter.php
/cgi-bin/crossdomain.xml
/cgi-bin/crystalimagehandler.aspx
/cgi-bin/csSearch.cgi
/cgi-bin/csv_db.cgi
/cgi-bin/ctrldirect.cgi
/cgi-bin/customer.pl
/cgi-bin/cvslog.cgi
/cgi-bin/cvsweb.cgi/
/cgi-bin/cwmail.exe
/cgi-bin/dada
/cgi-bin/dada/
/cgi-bin/dada/.git/HEAD
/cgi-bin/dada/.git/info/refs
/cgi-bin/dada/.svn/entries
/cgi-bin/dada/CVS/Entries
/cgi-bin/dada/HEAD
/cgi-bin/dada/SnoopServlet/
/cgi-bin/dada/_vti_inf.html
/cgi-bin/dada/index.jsp
/cgi-bin/dada/info/refs
/cgi-bin/dada/nessus/
/cgi-bin/dada/portal/diag/index.jsp
/cgi-bin/dada/r57.php
/cgi-bin/dada/snoop/
/cgi-bin/dada/snoopservlet/
/cgi-bin/data/fetch.php
/cgi-bin/data/usr
/cgi-bin/database/mpcsoftware_guestdata.mdb
/cgi-bin/day.php
/cgi-bin/db/users.dat
/cgi-bin/db_input.php
/cgi-bin/dcforum.cgi
/cgi-bin/default.asp
/cgi-bin/demos/demo.browse.php
/cgi-bin/detail.asp
/cgi-bin/direct.php
/cgi-bin/directory.php
/cgi-bin/directorypro.cgi
/cgi-bin/disp_album.php
/cgi-bin/display.cgi
/cgi-bin/doc/index.php
/cgi-bin/docbuilder/top.php
/cgi-bin/docman/new.php
/cgi-bin/docs.php
/cgi-bin/docs/index.php
/cgi-bin/doku.php
/cgi-bin/download.php
/cgi-bin/dsweb/Services/User-1"><BODY ONLOAD=alert('xerox_docushare_dsweb_xss.nasl')>
/cgi-bin/dynamicpages/fast/config_page.php
/cgi-bin/e107_admin/admin.php
/cgi-bin/eclient/IDMLogon2.jsp
/cgi-bin/edit_image.php
/cgi-bin/editor/filemanager/connectors/php/upload.php
/cgi-bin/elmah.axd
/cgi-bin/embed/day.php
/cgi-bin/empower
/cgi-bin/emumail.fcgi
/cgi-bin/encoder.php
/cgi-bin/engine/admin/admin.php
/cgi-bin/ericom.min.js
/cgi-bin/error.php
/cgi-bin/evb/check_url.php
/cgi-bin/event_view.php
/cgi-bin/faq.php
/cgi-bin/faq/index.php
/cgi-bin/faqmanager.cgi
/cgi-bin/faxsurvey
/cgi-bin/fckeditor/editor/filemanager/connectors/connector
/cgi-bin/feedsplitter.php
/cgi-bin/file.cgi
/cgi-bin/file.php
/cgi-bin/filescan
/cgi-bin/flserv.pl
/cgi-bin/fm.php
/cgi-bin/folderview.asp
/cgi-bin/force-download.php
/cgi-bin/form.php
/cgi-bin/forum.php
/cgi-bin/forum.php3
/cgi-bin/forum/Database/EZsiteForum.mdb
/cgi-bin/forum/HCSpecific/EnableForum.asp
/cgi-bin/forum_2.php
/cgi-bin/forumdata/data/user.idx
/cgi-bin/forumdisplay.php
/cgi-bin/forums.asp
/cgi-bin/forums/list.page
/cgi-bin/ftp/ftp.pl
/cgi-bin/fxm.exe
/cgi-bin/gadgets/Blog/BlogModel.php
/cgi-bin/gallery/displayCategory.php
/cgi-bin/gitweb.cgi
/cgi-bin/gitweb.perl
/cgi-bin/gitweb.pl
/cgi-bin/gm-comments.cgi
/cgi-bin/gm.cgi
/cgi-bin/go.cgi|id|
/cgi-bin/googlesearch/GoogleSearch.php
/cgi-bin/goto.asp
/cgi-bin/gotopage.cgi
/cgi-bin/gtcatalog/index.php
/cgi-bin/gtcatalog/password.inc
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.php
/cgi-bin/guestbook/cfooter.php3
/cgi-bin/guestbook/view.php
/cgi-bin/guestimage.html
/cgi-bin/help.cgi
/cgi-bin/help.php
/cgi-bin/help/copyright.html
/cgi-bin/help/en_US/Content/master/webadmin/WebAdmin.html
/cgi-bin/help/index.php
/cgi-bin/hi
/cgi-bin/hints.pl
/cgi-bin/historyFrame.html
/cgi-bin/home
/cgi-bin/home.html
/cgi-bin/home/search.asp
/cgi-bin/hosting/addreseller.asp
/cgi-bin/hosting/addsubsite.asp
/cgi-bin/hsx.cgi
/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd
/cgi-bin/htmlscript
/cgi-bin/htsearch
/cgi-bin/htsearch.cgi
/cgi-bin/hw3.cgi
/cgi-bin/hw3.php
/cgi-bin/i-mall.cgi
/cgi-bin/ideabox/include.php
/cgi-bin/idealbb/default.asp
/cgi-bin/ikonboard.cgi
/cgi-bin/image.php
/cgi-bin/inc/exif.inc.php
/cgi-bin/inc/formmail.inc.php
/cgi-bin/inc/functions.inc.php
/cgi-bin/inc/header.php/step_one.php
/cgi-bin/inc/pipe.php
/cgi-bin/include.php
/cgi-bin/include/error/autherror.cfm
/cgi-bin/include/error/forumerror.cfm
/cgi-bin/include/help.php
/cgi-bin/include/sql.php
/cgi-bin/include/theme.inc.php
/cgi-bin/includer.cgi
/cgi-bin/includes/awol-condensed.inc.php
/cgi-bin/includes/calendar.php
/cgi-bin/includes/config.php
/cgi-bin/includes/converter.inc.php
/cgi-bin/includes/db_adodb.php
/cgi-bin/includes/hnmain.inc.php3
/cgi-bin/includes/main.conf
/cgi-bin/includes/third_party/adodb/server.php
/cgi-bin/index
/cgi-bin/index.action
/cgi-bin/index.asp
/cgi-bin/index.cfm
/cgi-bin/index.cgi
/cgi-bin/index.html
/cgi-bin/index.jsp
/cgi-bin/index.php
/cgi-bin/index.php/admin/
/cgi-bin/index.php/admin/login/
/cgi-bin/index.php/index.html
/cgi-bin/index.php/login
/cgi-bin/index.phtml
/cgi-bin/index.pl
/cgi-bin/index.pl/homels
/cgi-bin/index.sh
/cgi-bin/index2.cgi
/cgi-bin/index2.php
/cgi-bin/info.dat
/cgi-bin/info.php
/cgi-bin/info2www
/cgi-bin/infosrch.cgi
/cgi-bin/insertorder.cfm
/cgi-bin/install.php
/cgi-bin/interface/index.do
/cgi-bin/ion-p.exe
/cgi-bin/item.fts
/cgi-bin/jammail.pl
/cgi-bin/javascript.php
/cgi-bin/jcart-relay.php
/cgi-bin/jgs_portal_statistik.php
/cgi-bin/js/vendors.php
/cgi-bin/k/home
/cgi-bin/kernel/loadkernel.php
/cgi-bin/kvm.cgi
/cgi-bin/landesk/vboot/default.winpemanaged
/cgi-bin/lang/index.php
/cgi-bin/lang/lang.php
/cgi-bin/language.php
/cgi-bin/lg.php
/cgi-bin/lib.inc.php
/cgi-bin/lib/OWL_API.php
/cgi-bin/lib/adodb/server.php
/cgi-bin/lib/adodb_lite/adodb-perf-module.inc.php
/cgi-bin/lib/authform.inc.php
/cgi-bin/lib/dbman_filter.inc.php
/cgi-bin/libraries/adodb/server.php
/cgi-bin/library.cgi
/cgi-bin/library/adodb/server.php
/cgi-bin/library/lib.php
/cgi-bin/links_add_form.asp
/cgi-bin/list.php
/cgi-bin/listinfo/
/cgi-bin/listing.php
/cgi-bin/listrec.pl
/cgi-bin/livre_include.php
/cgi-bin/loader-wizard.php
/cgi-bin/logbook.pl
/cgi-bin/logicworks.ini
/cgi-bin/login
/cgi-bin/login.action
/cgi-bin/login.asp
/cgi-bin/login.aspx
/cgi-bin/login.cgi
/cgi-bin/login.jsp
/cgi-bin/login.mako
/cgi-bin/login.php
/cgi-bin/login.pl
/cgi-bin/login.wdm
/cgi-bin/login/default.aspx
/cgi-bin/login_page.php
/cgi-bin/logs/HCDiskQuotaService.csv
/cgi-bin/lostpass.php
/cgi-bin/loudblog/inc/parse_old.php
/cgi-bin/lp
/cgi-bin/lp/AdminlogonPoint/Logon.do
/cgi-bin/lsg2.cgi
/cgi-bin/mail.cgi
/cgi-bin/mail.php
/cgi-bin/mailbox.php3
/cgi-bin/mailit.pl
/cgi-bin/main.cgi
/cgi-bin/main.php
/cgi-bin/man-cgi
/cgi-bin/man2html
/cgi-bin/man2web
/cgi-bin/manage_overview_page.php
/cgi-bin/manager/
/cgi-bin/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/cgi-bin/mapserv
/cgi-bin/mapserv.exe
/cgi-bin/math_sum.mscgi
/cgi-bin/mathtex.cgi
/cgi-bin/mathtex.pl
/cgi-bin/member.php
/cgi-bin/member/index.php
/cgi-bin/mensajeitor.php
/cgi-bin/menu_dx.php
/cgi-bin/localhost.7z
/cgi-bin/localhost.Z
/cgi-bin/localhost.bz2
/cgi-bin/localhost.com.7z
/cgi-bin/localhost.com.Z
/cgi-bin/localhost.com.bz2
/cgi-bin/localhost.com.gz
/cgi-bin/localhost.com.jar
/cgi-bin/localhost.com.rar
/cgi-bin/localhost.com.tar
/cgi-bin/localhost.com.tar.bz2
/cgi-bin/localhost.com.tar.gz
/cgi-bin/localhost.com.tgz
/cgi-bin/localhost.com.war
/cgi-bin/localhost.com.z
/cgi-bin/localhost.com.zip
/cgi-bin/localhost.gz
/cgi-bin/localhost.jar
/cgi-bin/localhost.rar
/cgi-bin/localhost.tar
/cgi-bin/localhost.tar.bz2
/cgi-bin/localhost.tar.gz
/cgi-bin/localhost.tgz
/cgi-bin/localhost.war
/cgi-bin/localhost.z
/cgi-bin/localhost.zip
/cgi-bin/minis.php
/cgi-bin/misc.php
/cgi-bin/misc/audio.php
/cgi-bin/misc/info.php
/cgi-bin/mj_wwwusr
/cgi-bin/mlog.html
/cgi-bin/mmstdod.cgi
/cgi-bin/module.php
/cgi-bin/modules.php
/cgi-bin/modules/Printing/output.php
/cgi-bin/modules/TinyMCE/content_css.php
/cgi-bin/modules/core/module.inc
/cgi-bin/modules/news/
/cgi-bin/modules/projects/sql/install-0.9.7.php
/cgi-bin/month.php
/cgi-bin/more.php
/cgi-bin/mpweb/html/help/000/user_help/help/output/config.js
/cgi-bin/mrtg.cgi
/cgi-bin/msg.txt
/cgi-bin/mt
/cgi-bin/mt-static/mt-check.cgi
/cgi-bin/mt-static/mt-load.cgi
/cgi-bin/mt.cgi
/cgi-bin/mt/
/cgi-bin/mt/.git/HEAD
/cgi-bin/mt/.git/info/refs
/cgi-bin/mt/.svn/entries
/cgi-bin/mt/CVS/Entries
/cgi-bin/mt/HEAD
/cgi-bin/mt/SnoopServlet/
/cgi-bin/mt/_vti_inf.html
/cgi-bin/mt/index.jsp
/cgi-bin/mt/info/refs
/cgi-bin/mt/mt-check.cgi
/cgi-bin/mt/mt-load.cgi
/cgi-bin/mt/nessus/
/cgi-bin/mt/portal/diag/index.jsp
/cgi-bin/mt/r57.php
/cgi-bin/mt/snoop/
/cgi-bin/mt/snoopservlet/
/cgi-bin/myevent.php
/cgi-bin/mylog.html
/cgi-bin/myphpPageTool/doc/admin/index.php
/cgi-bin/namazu.cgi
/cgi-bin/nbmember.cgi
/cgi-bin/ncbook.cgi
/cgi-bin/ncbook/book.cgi
/cgi-bin/ncbook/ncbook.cgi
/cgi-bin/neomail-prefs.pl
/cgi-bin/neomail.pl
/cgi-bin/nessus"><script>alert('django_admin_xss.nasl')</script>/
/cgi-bin/netauth.cgi
/cgi-bin/new-visitor.inc.php
/cgi-bin/new_images.php
/cgi-bin/news.mdb
/cgi-bin/news.php
/cgi-bin/news/index.dot
/cgi-bin/newsdata/data/user.idx
/cgi-bin/newsdesk.cgi
/cgi-bin/newsscript.pl
/cgi-bin/nmap.php
/cgi-bin/normal_html.cgi
/cgi-bin/notify
/cgi-bin/nph-exploitscanget.cgi
/cgi-bin/nph-mr.cgi
/cgi-bin/nph-proxy.cgi
/cgi-bin/nph-test-cgi
/cgi-bin/nquser.php
/cgi-bin/nslookup.cgi
/cgi-bin/nucleus/libs/PLUGINADMIN.php
/cgi-bin/nx/common/cds/menu.inc.php
/cgi-bin/ohelp/en_US/Content/master/webadmin/WebAdmin.html
/cgi-bin/op/op.Login.php
/cgi-bin/open.php
/cgi-bin/openwebmail
/cgi-bin/openwebmail/
/cgi-bin/openwebmail/.git/HEAD
/cgi-bin/openwebmail/.git/info/refs
/cgi-bin/openwebmail/.svn/entries
/cgi-bin/openwebmail/CVS/Entries
/cgi-bin/openwebmail/HEAD
/cgi-bin/openwebmail/SnoopServlet/
/cgi-bin/openwebmail/_vti_inf.html
/cgi-bin/openwebmail/index.jsp
/cgi-bin/openwebmail/info/refs
/cgi-bin/openwebmail/nessus/
/cgi-bin/openwebmail/portal/diag/index.jsp
/cgi-bin/openwebmail/r57.php
/cgi-bin/openwebmail/snoop/
/cgi-bin/openwebmail/snoopservlet/
/cgi-bin/ovlaunch.exe
/cgi-bin/p-news.php
/cgi-bin/pafiledb.php
/cgi-bin/page
/cgi-bin/pajax/pajax_call_dispatcher.php
/cgi-bin/pals-cgi
/cgi-bin/parse_xml.cgi
/cgi-bin/password.asp
/cgi-bin/password_reminder.php
/cgi-bin/patch/index.php
/cgi-bin/pcadmin/login.asp
/cgi-bin/pdesk.cgi
/cgi-bin/perl
/cgi-bin/perl.exe
/cgi-bin/pfdispaly
/cgi-bin/pfdispaly.cgi
/cgi-bin/phf
/cgi-bin/photo.php
/cgi-bin/php-ping.php
/cgi-bin/php.cgi
/cgi-bin/php/mytutos.php
/cgi-bin/phpinfo.php
/cgi-bin/phpnews/sendtofriend.php
/cgi-bin/phpping/index.php
/cgi-bin/phprint.php
/cgi-bin/phptonuke.php
/cgi-bin/plog-download.php
/cgi-bin/plog-rss.php
/cgi-bin/plugins/preview/preview.html
/cgi-bin/plugins/safehtml/HTMLSax3.php
/cgi-bin/pm/add_ons/mail_this_entry/mail_authocheck.php
/cgi-bin/pmwiki.php
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi
/cgi-bin/popup.php
/cgi-bin/port.php
/cgi-bin/portal/
/cgi-bin/preferences.php
/cgi-bin/print.php
/cgi-bin/printenv
/cgi-bin/printfaq.php
/cgi-bin/processSimple.do
/cgi-bin/productsByCategory.asp
/cgi-bin/profil.php
/cgi-bin/profile.asp
/cgi-bin/projects_site/uploadfile.php
/cgi-bin/protection.php
/cgi-bin/psunami.cgi
/cgi-bin/pub/pki
/cgi-bin/pwcgi/smpwservicescgi.exe
/cgi-bin/query
/cgi-bin/query.cgi
/cgi-bin/quickstore.cgi
/cgi-bin/readfile.tcl
/cgi-bin/recordings/index.php
/cgi-bin/remindpasswd
/cgi-bin/remotehtmlview.php
/cgi-bin/resetpw.php
/cgi-bin/rest/api/2.0.alpha1/serverInfo
/cgi-bin/rest/api/2/serverInfo
/cgi-bin/review.php
/cgi-bin/roschedule.php
/cgi-bin/rot13sj.cgi
/cgi-bin/rpc.php
/cgi-bin/rss.php
/cgi-bin/samba/smb2www.pl
/cgi-bin/samples/sample_posteddata.php
/cgi-bin/save.php
/cgi-bin/scp.dll/sendto
/cgi-bin/script/cat_for_gen.php
/cgi-bin/sdbsearch.cgi
/cgi-bin/search
/cgi-bin/search.aspx
/cgi-bin/search.cfm
/cgi-bin/search.cgi
/cgi-bin/search.exe
/cgi-bin/search.jsp
/cgi-bin/search.php
/cgi-bin/search.pl
/cgi-bin/search/results.stm
/cgi-bin/search/search.cgi
/cgi-bin/search/show.pl
/cgi-bin/search=<script>alert('XSS')</script>
/cgi-bin/secure.php
/cgi-bin/sendcard.php
/cgi-bin/sendtemp.pl
/cgi-bin/server.pt
/cgi-bin/server/s3_download.php
/cgi-bin/services/Walrus
/cgi-bin/session/login.php
/cgi-bin/setcookie.php
/cgi-bin/settemplate.php
/cgi-bin/settings/site.ini
/cgi-bin/setup.php
/cgi-bin/sgdynamo.exe
/cgi-bin/shared/help.php
/cgi-bin/shell/sitecore.version.xml
/cgi-bin/shop.plx
/cgi-bin/shop.plx/page=nessus303996011
/cgi-bin/shopaddtocart.asp
/cgi-bin/shopexd.asp
/cgi-bin/shopper.cgi
/cgi-bin/shops/sub.asp
/cgi-bin/shoutbox.php
/cgi-bin/showcat.php
/cgi-bin/showproduct.php
/cgi-bin/simple/view_page
/cgi-bin/site_info.asp
/cgi-bin/sitefinity/login.aspx
/cgi-bin/siteframe.php
/cgi-bin/sitemap.xml
/cgi-bin/smb2www.pl
/cgi-bin/smpwservicescgi.exe
/cgi-bin/snpfiltered.pl
/cgi-bin/sojourn.cgi
/cgi-bin/source
/cgi-bin/sources/functions.php
/cgi-bin/spaw/dialogs/confirm.php
/cgi-bin/sql.php
/cgi-bin/sql.php3
/cgi-bin/sql/install-0.9.7.php
/cgi-bin/squirrelcart/cart_content.php
/cgi-bin/sqwebmail
/cgi-bin/src/login.php
/cgi-bin/src/redirect.php
/cgi-bin/starnet/addons/slideshow_full.php
/cgi-bin/starnet/modules/sn_allbum/slideshow.php
/cgi-bin/start.action
/cgi-bin/store.cgi
/cgi-bin/store.php
/cgi-bin/story.pl
/cgi-bin/styles.php
/cgi-bin/subsystems/permissions.info.php
/cgi-bin/sugarcrm/modules/Users/Login.php
/cgi-bin/superguestconfig
/cgi-bin/supporter/tupdate.php
/cgi-bin/survey.inc.php
/cgi-bin/swc
/cgi-bin/sysinfo
/cgi-bin/sysinfo.cgi
/cgi-bin/sysinfo/
/cgi-bin/sysinfo/.git/HEAD
/cgi-bin/sysinfo/.git/info/refs
/cgi-bin/sysinfo/.svn/entries
/cgi-bin/sysinfo/CVS/Entries
/cgi-bin/sysinfo/HEAD
/cgi-bin/sysinfo/SnoopServlet/
/cgi-bin/sysinfo/_vti_inf.html
/cgi-bin/sysinfo/index.jsp
/cgi-bin/sysinfo/info/refs
/cgi-bin/sysinfo/nessus/
/cgi-bin/sysinfo/portal/diag/index.jsp
/cgi-bin/sysinfo/r57.php
/cgi-bin/sysinfo/snoop/
/cgi-bin/sysinfo/snoopservlet/
/cgi-bin/test-cgi
/cgi-bin/test.cgi
/cgi-bin/test.sh
/cgi-bin/tests/test_tools/selenium/core/SeleniumLog.html
/cgi-bin/texis.cgi/ENESzAVJ-texis_path_disclosure
/cgi-bin/texis.exe/
/cgi-bin/texis.exe/ENESzAVJ-texis_path_disclosure
/cgi-bin/texis/ENESzAVJ-texis_path_disclosure
/cgi-bin/themes/program/themesettings.inc.php
/cgi-bin/tiki-index.php
/cgi-bin/tinfo.php
/cgi-bin/tinybrowser/upload.php
/cgi-bin/tombstone.cfm
/cgi-bin/tomcat_proxy_directory_traversal.nasl1485887718
/cgi-bin/top.php
/cgi-bin/topic.php
/cgi-bin/tree.php
/cgi-bin/tst.bat|type c:\windows\win.ini
/cgi-bin/tst.bat|type c:\winnt\win.ini
/cgi-bin/tsweb.asp
/cgi-bin/tsweb/
/cgi-bin/ttawebtop.cgi/
/cgi-bin/ttx.cgi
/cgi-bin/twiki
/cgi-bin/twiki/
/cgi-bin/twiki/.git/HEAD
/cgi-bin/twiki/.git/info/refs
/cgi-bin/twiki/.svn/entries
/cgi-bin/twiki/CVS/Entries
/cgi-bin/twiki/HEAD
/cgi-bin/twiki/SnoopServlet/
/cgi-bin/twiki/_vti_inf.html
/cgi-bin/twiki/index.jsp
/cgi-bin/twiki/info/refs
/cgi-bin/twiki/nessus/
/cgi-bin/twiki/portal/diag/index.jsp
/cgi-bin/twiki/r57.php
/cgi-bin/twiki/snoop/
/cgi-bin/twiki/snoopservlet/
/cgi-bin/type.asp
/cgi-bin/typo3/index.php
/cgi-bin/ubbthreads.php
/cgi-bin/update.php
/cgi-bin/upgrade/index.php
/cgi-bin/upgradev1.php
/cgi-bin/upload.cgi
/cgi-bin/upload/upload-submit.do
/cgi-bin/urlcount.cgi
/cgi-bin/user.cgi
/cgi-bin/user.php
/cgi-bin/users/users.php
/cgi-bin/usrdetails.php
/cgi-bin/ustorekeeper.pl
/cgi-bin/utilities/login.asp
/cgi-bin/verify.asp
/cgi-bin/vhost.php
/cgi-bin/viart_shop.xml
/cgi-bin/view.php
/cgi-bin/view/System/WebHome
/cgi-bin/view/TWiki/WebHome
/cgi-bin/viewCart.asp
/cgi-bin/viewCat.asp
/cgi-bin/view_user.php
/cgi-bin/viewcvs.cgi
/cgi-bin/viewcvs.cgi/
/cgi-bin/viewpage.php
/cgi-bin/viewvc.cgi
/cgi-bin/viewvc.cgi/
/cgi-bin/viewvc.cgi/.git/HEAD
/cgi-bin/viewvc.cgi/.git/info/refs
/cgi-bin/viewvc.cgi/.svn/entries
/cgi-bin/viewvc.cgi/CVS/Entries
/cgi-bin/viewvc.cgi/HEAD
/cgi-bin/viewvc.cgi/SnoopServlet/
/cgi-bin/viewvc.cgi/_vti_inf.html
/cgi-bin/viewvc.cgi/index.jsp
/cgi-bin/viewvc.cgi/info/refs
/cgi-bin/viewvc.cgi/nessus/
/cgi-bin/viewvc.cgi/portal/diag/index.jsp
/cgi-bin/viewvc.cgi/r57.php
/cgi-bin/viewvc.cgi/snoop/
/cgi-bin/viewvc.cgi/snoopservlet/
/cgi-bin/wa
/cgi-bin/wa.cgi
/cgi-bin/wa.exe
/cgi-bin/way-board/way-board.cgi
/cgi-bin/wc.dll
/cgi-bin/webadmin.php
/cgi-bin/webapp/home.html
/cgi-bin/webappmon.exe
/cgi-bin/webc.cgi/
/cgi-bin/webcart.cgi
/cgi-bin/webdist.cgi
/cgi-bin/webglimpse.cgi
/cgi-bin/webplus
/cgi-bin/webplus.exe
/cgi-bin/webspirs.cgi
/cgi-bin/welcome.php
/cgi-bin/whois.cgi
/cgi-bin/whois.php
/cgi-bin/whois_raw.cgi
/cgi-bin/wihphoto/start.php
/cgi-bin/wiki.php/<script>foo</script>
/cgi-bin/wiki/edit.php
/cgi-bin/wiki/rankings.php
/cgi-bin/wikka.php
/cgi-bin/wizard/index.php
/cgi-bin/wordtrans.php
/cgi-bin/wps/wps_shop.cgi
/cgi-bin/wps_shop.cgi
/cgi-bin/wsasp.dll/WService=wsbroker1/webtools/oscommand.w
/cgi-bin/wsasp.dll/WService=wsbroker1/webutil/ping.p
/cgi-bin/wsisa.dll/WService=wsbroker1/webtools/oscommand.w
/cgi-bin/wsisa.dll/WService=wsbroker1/webutil/ping.p
/cgi-bin/wsnsa.dll/WService=wsbroker1/webtools/oscommand.w
/cgi-bin/wsnsa.dll/WService=wsbroker1/webutil/ping.p
/cgi-bin/wspd_cgi.sh/WService=wsbroker1/webtools/oscommand.w
/cgi-bin/wspd_cgi.sh/WService=wsbroker1/webutil/ping.p
/cgi-bin/www.localhost.7z
/cgi-bin/www.localhost.Z
/cgi-bin/www.localhost.bz2
/cgi-bin/www.localhost.com.7z
/cgi-bin/www.localhost.com.Z
/cgi-bin/www.localhost.com.bz2
/cgi-bin/www.localhost.com.gz
/cgi-bin/www.localhost.com.jar
/cgi-bin/www.localhost.com.rar
/cgi-bin/www.localhost.com.tar
/cgi-bin/www.localhost.com.tar.bz2
/cgi-bin/www.localhost.com.tar.gz
/cgi-bin/www.localhost.com.tgz
/cgi-bin/www.localhost.com.war
/cgi-bin/www.localhost.com.z
/cgi-bin/www.localhost.com.zip
/cgi-bin/www.localhost.gz
/cgi-bin/www.localhost.jar
/cgi-bin/www.localhost.rar
/cgi-bin/www.localhost.tar
/cgi-bin/www.localhost.tar.bz2
/cgi-bin/www.localhost.tar.gz
/cgi-bin/www.localhost.tgz
/cgi-bin/www.localhost.war
/cgi-bin/www.localhost.z
/cgi-bin/www.localhost.zip
/cgi-bin/www/delivery/ac.php
/cgi-bin/www/delivery/fc.php
/cgi-bin/wwwboard.html
/cgi-bin/x_news.php
/cgi-bin/xaradodb/server.php
/cgi-bin/zenworks/jsp/fw/internal/Login.jsp
/cgi-bin/zml.cgi
/cgi-bin/zpanel.php
/cgi-bin2/
/cgi-binadmin/index.php
/cgi-csc/
/cgi-isapi/
/cgi-lib/
/cgi-local/
/cgi-local/listrec.pl
/cgi-mod/index.cgi
/cgi-public/
/cgi-scripts/
/cgi-shl/
/cgi-shop/
/cgi-sys/
/cgi-sys/defaultwebpage.cgi
/cgi-sys/entropysearch.cgi
/cgi-sys/guestbook.cgi
/cgi-weddico/
/cgi-win/
/cgi/
/cgi/mid.cgi
/cgi/tseekdir.cgi
/cgi_bin/listrec.pl
/cgibin/
/cgiip.exe/WService=wsbroker1/webtools/oscommand.w
/cgiip.exe/WService=wsbroker1/webutil/ping.p
/cgilib/
/cgis/
/cgiscripts/
/cgiwin/
/cgiwrap/cgiwrap_error_page_handling_xss.nasl
/chassis/config/GeneralChassisConfig.html
/chat/
/chat/login.php
/chora/
/citrix/MetaframeXP/default/login.asp
/citrix/nfuse/default/login.asp
/citrusdb/main.php
/clan-nic/
/clan-nic/index.php
/clan/
/clan/index.php
/claroline/
/claroline/resourcelinker/resourcelinker.inc.php
/class/
/classes/
/classes/adodbt/sql.php
/classified/
/classifieds/
/clearspace/admin/login.jsp
/cleartrust/ct_logon.asp
/cleartrust/ct_logon.jsp
/client/
/cliente/
/clientes/
/cm/
/cmp/
/cms/
/cms/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/cms400.net/
/cms400/
/cmsample/
/cmsmadesimple/
/cmsms/
/cobalt-images/
/cobbler/web
/code/
/coin_includes/constants.php
/com/novell/webaccess/WebAccessUninstall.ini
/comersus/
/comersus_searchItem.asp"><script>alert('Nessus was here');</script>
/comments/
/common/
/common/about.php
/common/visiteurs/include/menus.inc.php
/commoncgi/servlet
/commoncgi/servlet/
/commoncgi/servlet/.git/HEAD
/commoncgi/servlet/.git/info/refs
/commoncgi/servlet/.svn/entries
/commoncgi/servlet/CCGIServlet
/commoncgi/servlet/CCGIServlet/
/commoncgi/servlet/CCGIServlet/.git/HEAD
/commoncgi/servlet/CCGIServlet/.git/info/refs
/commoncgi/servlet/CCGIServlet/.svn/entries
/commoncgi/servlet/CCGIServlet/CVS/Entries
/commoncgi/servlet/CCGIServlet/HEAD
/commoncgi/servlet/CCGIServlet/SnoopServlet/
/commoncgi/servlet/CCGIServlet/_vti_inf.html
/commoncgi/servlet/CCGIServlet/index.jsp
/commoncgi/servlet/CCGIServlet/info/refs
/commoncgi/servlet/CCGIServlet/nessus/
/commoncgi/servlet/CCGIServlet/portal/diag/index.jsp
/commoncgi/servlet/CCGIServlet/r57.php
/commoncgi/servlet/CCGIServlet/snoop/
/commoncgi/servlet/CCGIServlet/snoopservlet/
/commoncgi/servlet/CCGIServlet/struts/webconsole.html
/commoncgi/servlet/CVS/Entries
/commoncgi/servlet/HEAD
/commoncgi/servlet/SnoopServlet/
/commoncgi/servlet/_vti_inf.html
/commoncgi/servlet/index.jsp
/commoncgi/servlet/info/refs
/commoncgi/servlet/nessus/
/commoncgi/servlet/portal/diag/index.jsp
/commoncgi/servlet/r57.php
/commoncgi/servlet/snoop/
/commoncgi/servlet/snoopservlet/
/communicator/
/community/
/company/
/compra/
/compras/
/compressed/
/conecta/
/conf/
/config/
/config/oramon.ini
/configuration/galleryConfig.txt
/connect/
/console-selfservice/
/console/
/console/faces/com_sun_web_ui/help/helpwindow.jsp
/console/faces/com_sun_web_ui/help/masthead.jsp
/console/login.action
/console/login.jsp
/console/login/LoginForm.jsp
/console/portal/
/contacts/php
/contenido/
/contenido/classes/class.inuse.php
/content/
/content/dsjkdjfljk.mp3
/content/mpvpkTQFsN.mp3
/contrib/forms/evaluation/C_FormEvaluation.class.php
/controlpanel/
/coppermine/
/core/
/core/adodb/server.php
/core/api.php
/core/editor.php
/core/orionSplashScreen.do
/corp/
/corporate/webpages/login.jsp
/corporate/webpages/sessionexpired.jsp
/correo/
/counter/
/courier/web/1000@/wmLogin.html
/cpg/
/credit/
/crm/
/cron/
/crons/
/crypto/
/crystalreportViewers/crystalimagehandler.aspx
/cs/ContentServer
/cs/idcplg
/csamc52/webadmin
/csr/
/css/
/cuenta/
/cuentas/
/currency/
/currently/
/customers/
/cute/
/cutenews/
/cvstrac/
/cvsweb/
/cwhp/CSMSDesktop/about.jsp
/cybercash/
/d/
/dagent/checkprofile.asp
/dagent/downloadreport.asp
/dagent/proxyreg.asp
/daloradius/
/dana/fb
/dana/fb/smb
/dana/fb/smb/
/darkportal/
/dat/
/data/
/data/fetch.php
/data/usr
/database/
/database/mpcsoftware_guestdata.mdb
/databases/
/datafiles/
/dato/
/datos/
/db/
/db/users.dat
/dbase/
/dcforum/
/dcforum/dcforum.cgi
/ddreport/
/ddrint/
/de/
/demo/
/demoauct/
/demomall/
/demos/
/demos/demo.browse.php
/design/
/dev/
/devel/
/development/
/dfcweb/lib/cupm/nls/applicationproperties.js
/dir/
/directory/
/directorymanager/
/discuz/
/dl/
/dll/
/dm/
/dms/
/dms0/
/dms2/Login.JSP
/dms2/Login.jsp
/dms2/Login.jsp�
/dms2/Login.jsp�x
/dms2/Login.jsp/
/dmsdump/
/dndirector/dashboard/Show.dn
/doc-html/
/doc/
/doc/admin/index.php
/doc/index.php
/doc1/
/docbuilder/top.php
/doceboCms/
/doceboCore/
/doceboKms/
/doceboLms/
/docman/new.php
/docs/
/docs/index.php
/docs/servlets/index.html
/docs1/
/document/
/documentation/
/documents/
/docushare/
/dokeos/
/doku/
/dokuwiki/
/dolibarr/
/dolphin/
/dotProject/
/dotcms/
/dotnetnuke/
/dotproject/
/down/
/download/
/downloads/
/dpnepolicyservice/DPNECentral.asmx
/drupal/
/dsc/
/dsdn/
/dspam/
/dsweb/Services/User-1"><BODY ONLOAD=alert('xerox_docushare_dsweb_xss.nasl')>
/dswsbobje/
/dswsbobje/axis2-web/index.jsp
/dtlt/home.html
/dump/
/durep/
/dwr/index.html
/dynamicpages/fast/config_page.php
/e/
/e107/
/e107_admin/admin.php
/eAccelerator/
/eFiction/
/eManager/
/eaccelerator/
/easy_cms_module/
/easydownload/
/easylog/
/ecard/
/ecartis/
/ecartis/lsg2.cgi
/eclient/IDMLogon2.jsp
/editor/filemanager/connectors/php/upload.php
/ee/
/efiction/
/eforum/
/eggblog/
/egs/
/ejemplo/
/ejemplos/
/elog/
/email/
/emailclass/
/embed/day.php
/employees/
/empoyees/
/empris/
/emsam/index.html
/en-US/
/en/
/en/admin/aggregate.asp
/en/main.js
/en/main.js/
/en/private/conf/basic_main.htm
/engine/admin/admin.php
/envia/
/enviamail/
/error/
/errors/
/es/
/estmt/
/esupport/
/etc/
/etc/passwd
/etomite/
/evb/check_url.php
/event/index.do
/events/
/ews/index.htm
/example/
/examples/
/examples/jsp/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/source.jsp
/examples/servlet/SnoopServlet
/examples/servlets/index.html
/exc/
/excel/
/exchange/
/exchange/logon.asp
/exchweb/
/exchweb/bin/auth/owalogon.asp
/exe/
/exec/
/exhibit/
/exhibitengine/
/exodesk/
/exoops/
/exophpdesk/
/exponent/
/export/
/extension/
/external/
/f/
/f360/login.jsp
/fanfiction/
/faq/
/faq/index.php
/fbsd/
/fcgi-bin/
/fckeditor/
/fckeditor/editor/filemanager/connectors/connector
/feeds/
/feedsplitter/
/file/
/filemanager/
/filemgr/
/filemgr/browse.php
/files/
/firestats/
/flatnuke/
/flexcms/
/flexcube@/
/flexcubeat/
/flyspeck/
/flyspray/
/fogbugz/default.php
/foldoc/
/form-totaller/
/form/
/form/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./windows/win.ini
/form/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./winnt/win.ini
/form/20Review.asp
/form/500page.jsp
/form/About/frmAbout.aspx
/form/Articles/default.asp
/form/BrowserWeb/portal/portalbanner.htm
/form/CFIDE/probe.cfm
/form/CHANGELOG.md
/form/CMSlogin.aspx
/form/CategoryView.aspx
/form/ChangeLog
/form/Config/diff.php
/form/Count.cgi
/form/DataService.asmx/AuthUser
/form/DesktopModules/BDPDT/uploadfilepopup.aspx
/form/Edit.jsp
/form/GTcatalog/index.php
/form/GTcatalog/password.inc
/form/Login.aspx
/form/MsmMask.exe
/form/PJreview_Neo.cgi
/form/README.TXT
/form/SLwebmail/ShowLogin.dll
/form/SPT--ForumTopics.php
/form/Security/login
/form/ServerView/SnmpView/SnmpListMibValues
/form/Support/FCKEditor/editor/filemanager/upload/asp/upload.asp
/form/SystemInfo
/form/Test11.asp
/form/UI/Login
/form/Web_Store/web_store.cgi
/form/WihPhoto/start.php
/form/WorkArea/ContentDesigner/ekformsiframe.aspx
/form/WorkArea/ContentRatingGraph.aspx
/form/YaBB.pl
/form/_admin/
/form/_head.php
/form/a1disp3.cgi
/form/a1stats/a1disp3.cgi
/form/about.php
/form/about/default_content.asp
/form/account/
/form/account/login.php
/form/acegilogin.jsp
/form/acp/index.php
/form/acp/lib/inserts.sql
/form/activatemember
/form/activeauctionsuperstore/ItemInfo.asp
/form/add.cgi
/form/add_url.htm
/form/add_user.php
/form/addentry.php
/form/addschup
/form/adlayer.php
/form/admin.asp
/form/admin.php
/form/admin.pl
/form/admin/
/form/admin/addentry.php
/form/admin/admin.php
/form/admin/adminlogin.asp
/form/admin/cal_login.php
/form/admin/check_user.asp
/form/admin/components/com_fm/fm.install.php
/form/admin/configset.php
/form/admin/connect.inc
/form/admin/define.inc.php
/form/admin/file_manager.php
/form/admin/general.php
/form/admin/index.asp
/form/admin/index.html
/form/admin/index.php
/form/admin/info/system
/form/admin/ip_manage.php
/form/admin/lang.php
/form/admin/login-default.do
/form/admin/login.html
/form/admin/login.php
/form/admin/login/
/form/admin/login/index.php
/form/admin/main.asp
/form/admin/o12guest.mdb
/form/admin/objects.inc.php4
/form/admin/operators.php
/form/admin/plog-admin-functions.php
/form/admin/registry.jsp
/form/admin/remotecontrol/lsrc.server.php
/form/admin/setup.php
/form/admin/system
/form/admin/templates/header.php
/form/admin/top.php
/form/admin/users.php
/form/admin/utilities_ConfigHelp.asp
/form/admin/wwforum.mdb
/form/admincp/login.php
/form/administrator/index.php
/form/adodb-perf-module.inc.php
/form/adodb/server.php
/form/advSearch_h.asp
/form/adxmlrpc.php
/form/af.cgi
/form/agenda.php3
/form/ajax.php
/form/al_initialize.php
/form/album.pl
/form/alienform.cgi
/form/am.pl
/form/anacondaclip.pl
/form/apa_phpinclude.inc.php
/form/apexec.pl
/form/api/orders.json
/form/apps/pbcs.dll/misc
/form/artifactory/webapp/home.html
/form/ashnews.php
/form/athenareg.php
/form/atomicboard/index.php
/form/auktion.cgi
/form/autohtml.php
/form/awstats.pl
/form/awstatstotals.php
/form/axis2-web/index.jsp
/form/b2-tools/gm-2-b2.php
/form/backend/classes.php
/form/backofficeLite/comersus_backoffice_index.asp
/form/backofficePlus/comersus_backoffice_index.asp
/form/bandwidth/index.cgi
/form/base_local_rules.php
/form/base_main.php
/form/base_maintenance.php
/form/base_qry_common.php
/form/basilix.php
/form/bb-hist.sh
/form/bb-hostsvc.sh
/form/bb_func_txt.php
/form/bblog/index.php
/form/bemarket/shop/index.php
/form/bigconf.cgi
/form/billing/billingmanager_income.asp
/form/bin/html2text.php
/form/bizmail.cgi
/form/blog.cgi
/form/blog.php
/form/boarddata/data/user.idx
/form/breakcal/calendar.cgi
/form/browse.php
/form/browse_blogs.php
/form/bsml.pl
/form/btdownload.php
/form/c32web.exe/GetImage
/form/cal_cat.php
/form/cal_event.php
/form/cal_make.pl
/form/cal_week.php
/form/calendar.php
/form/calendar_admin.pl
/form/callboth.php
/form/captcha.html
/form/carbo.dll
/form/cart32.exe
/form/catalog.php
/form/cc_guestbook.pl
/form/cfooter.php3
/form/cgi-bin/gm-comments.cgi
/form/cgi-bin/library.cgi
/form/cgi-bin/login.cgi
/form/cgi/tseekdir.cgi
/form/cgiforum.pl
/form/cgiip.exe/WService=wsbroker1/webtools/oscommand.w
/form/cgiip.exe/WService=wsbroker1/webutil/ping.p
/form/cgiwrap/cgiwrap_error_page_handling_xss.nasl
/form/chat.php
/form/chat/login.php
/form/check_user_id.php
/form/claroline/resourcelinker/resourcelinker.inc.php
/form/classes/adodbt/sql.php
/form/cleartrust/ct_logon.asp
/form/cleartrust/ct_logon.jsp
/form/clwarn.cgi
/form/coin_includes/constants.php
/form/comersus_customerRegistrationForm.asp
/form/comersus_searchItem.asp"><script>alert('Nessus was here');</script>
/form/comments.php
/form/commerce.cgi
/form/common/visiteurs/include/menus.inc.php
/form/commsrss.php
/form/config.php
/form/config/oramon.ini
/form/configuration/galleryConfig.txt
/form/console/login.action
/form/contact.php
/form/contacts/php
/form/contenido/classes/class.inuse.php
/form/content.php
/form/contrib/forms/evaluation/C_FormEvaluation.class.php
/form/core/adodb/server.php
/form/core/api.php
/form/core/editor.php
/form/corporate/webpages/login.jsp
/form/corporate/webpages/sessionexpired.jsp
/form/counter.php
/form/crossdomain.xml
/form/crystalimagehandler.aspx
/form/csSearch.cgi
/form/csv_db.cgi
/form/customer.pl
/form/cvslog.cgi
/form/cwmail.exe
/form/data/fetch.php
/form/data/usr
/form/database/mpcsoftware_guestdata.mdb
/form/day.php
/form/db/users.dat
/form/db_input.php
/form/dcforum.cgi
/form/default.asp
/form/demos/demo.browse.php
/form/detail.asp
/form/direct.php
/form/directory.php
/form/directorypro.cgi
/form/disp_album.php
/form/display.cgi
/form/doc/index.php
/form/docbuilder/top.php
/form/docman/new.php
/form/docs.php
/form/docs/index.php
/form/doku.php
/form/download.php
/form/dsweb/Services/User-1"><BODY ONLOAD=alert('xerox_docushare_dsweb_xss.nasl')>
/form/dynamicpages/fast/config_page.php
/form/e107_admin/admin.php
/form/eclient/IDMLogon2.jsp
/form/edit_image.php
/form/editor/filemanager/connectors/php/upload.php
/form/elmah.axd
/form/embed/day.php
/form/empower
/form/emumail.fcgi
/form/encoder.php
/form/engine/admin/admin.php
/form/ericom.min.js
/form/error.php
/form/evb/check_url.php
/form/event_view.php
/form/faq.php
/form/faq/index.php
/form/faxsurvey
/form/fckeditor/editor/filemanager/connectors/connector
/form/feedsplitter.php
/form/file.cgi
/form/file.php
/form/flserv.pl
/form/fm.php
/form/folderview.asp
/form/force-download.php
/form/form.php
/form/forum.php
/form/forum.php3
/form/forum/Database/EZsiteForum.mdb
/form/forum/HCSpecific/EnableForum.asp
/form/forum_2.php
/form/forumdata/data/user.idx
/form/forumdisplay.php
/form/forums.asp
/form/forums/list.page
/form/ftp/ftp.pl
/form/fxm.exe
/form/gadgets/Blog/BlogModel.php
/form/gallery/displayCategory.php
/form/gitweb.cgi
/form/gitweb.perl
/form/gitweb.pl
/form/gm.cgi
/form/go.cgi|id|
/form/googlesearch/GoogleSearch.php
/form/goto.asp
/form/gotopage.cgi
/form/gtcatalog/index.php
/form/gtcatalog/password.inc
/form/guestbook.php
/form/guestbook/cfooter.php3
/form/guestbook/view.php
/form/help.php
/form/help/copyright.html
/form/help/en_US/Content/master/webadmin/WebAdmin.html
/form/help/index.php
/form/hints.pl
/form/historyFrame.html
/form/home
/form/home.html
/form/home/search.asp
/form/hosting/addreseller.asp
/form/hosting/addsubsite.asp
/form/hsx.cgi
/form/htgrep/file=index.html&hdr=/etc/passwd
/form/htmlscript
/form/htsearch
/form/htsearch.cgi
/form/hw3.cgi
/form/hw3.php
/form/i-mall.cgi
/form/ideabox/include.php
/form/idealbb/default.asp
/form/ikonboard.cgi
/form/image.php
/form/inc/exif.inc.php
/form/inc/formmail.inc.php
/form/inc/functions.inc.php
/form/inc/header.php/step_one.php
/form/inc/pipe.php
/form/include.php
/form/include/error/autherror.cfm
/form/include/error/forumerror.cfm
/form/include/help.php
/form/include/sql.php
/form/include/theme.inc.php
/form/includer.cgi
/form/includes/awol-condensed.inc.php
/form/includes/calendar.php
/form/includes/config.php
/form/includes/converter.inc.php
/form/includes/db_adodb.php
/form/includes/hnmain.inc.php3
/form/includes/main.conf
/form/includes/third_party/adodb/server.php
/form/index
/form/index.action
/form/index.asp
/form/index.cfm
/form/index.cgi
/form/index.html
/form/index.jsp
/form/index.php
/form/index.php/admin/
/form/index.php/admin/login/
/form/index.php/index.html
/form/index.php/login
/form/index.phtml
/form/index.pl/homels
/form/index2.cgi
/form/index2.php
/form/info.dat
/form/info.php
/form/info2www
/form/infosrch.cgi
/form/insertorder.cfm
/form/install.php
/form/interface/index.do
/form/ion-p.exe
/form/item.fts
/form/jammail.pl
/form/javascript.php
/form/jcart-relay.php
/form/jgs_portal_statistik.php
/form/js/vendors.php
/form/k/home
/form/kernel/loadkernel.php
/form/landesk/vboot/default.winpemanaged
/form/lang/index.php
/form/lang/lang.php
/form/language.php
/form/lg.php
/form/lib.inc.php
/form/lib/OWL_API.php
/form/lib/adodb/server.php
/form/lib/adodb_lite/adodb-perf-module.inc.php
/form/lib/authform.inc.php
/form/lib/dbman_filter.inc.php
/form/libraries/adodb/server.php
/form/library/adodb/server.php
/form/library/lib.php
/form/links_add_form.asp
/form/list.php
/form/listinfo/
/form/listing.php
/form/listrec.pl
/form/livre_include.php
/form/loader-wizard.php
/form/logbook.pl
/form/logicworks.ini
/form/login
/form/login.action
/form/login.asp
/form/login.aspx
/form/login.cgi
/form/login.jsp
/form/login.mako
/form/login.php
/form/login.pl
/form/login.wdm
/form/login/default.aspx
/form/login_page.php
/form/logs/HCDiskQuotaService.csv
/form/lostpass.php
/form/loudblog/inc/parse_old.php
/form/lp
/form/lp/AdminlogonPoint/Logon.do
/form/lsg2.cgi
/form/mail.cgi
/form/mail.php
/form/mailbox.php3
/form/main.php
/form/man-cgi
/form/man2html
/form/man2web
/form/manage_overview_page.php
/form/manager/
/form/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/form/mapserv
/form/mapserv.exe
/form/math_sum.mscgi
/form/mathtex.cgi
/form/mathtex.pl
/form/member.php
/form/member/index.php
/form/mensajeitor.php
/form/menu_dx.php
/form/localhost.7z
/form/localhost.Z
/form/localhost.bz2
/form/localhost.com.7z
/form/localhost.com.Z
/form/localhost.com.bz2
/form/localhost.com.gz
/form/localhost.com.jar
/form/localhost.com.rar
/form/localhost.com.tar
/form/localhost.com.tar.bz2
/form/localhost.com.tar.gz
/form/localhost.com.tgz
/form/localhost.com.war
/form/localhost.com.z
/form/localhost.com.zip
/form/localhost.gz
/form/localhost.jar
/form/localhost.rar
/form/localhost.tar
/form/localhost.tar.bz2
/form/localhost.tar.gz
/form/localhost.tgz
/form/localhost.war
/form/localhost.z
/form/localhost.zip
/form/minis.php
/form/misc.php
/form/misc/audio.php
/form/misc/info.php
/form/mj_wwwusr
/form/mlog.html
/form/mmstdod.cgi
/form/module.php
/form/modules.php
/form/modules/Printing/output.php
/form/modules/TinyMCE/content_css.php
/form/modules/core/module.inc
/form/modules/news/
/form/modules/projects/sql/install-0.9.7.php
/form/month.php
/form/more.php
/form/mpweb/html/help/000/user_help/help/output/config.js
/form/mrtg.cgi
/form/msg.txt
/form/mt.cgi
/form/myevent.php
/form/mylog.html
/form/myphpPageTool/doc/admin/index.php
/form/nbmember.cgi
/form/ncbook.cgi
/form/ncbook/ncbook.cgi
/form/neomail-prefs.pl
/form/neomail.pl
/form/nessus"><script>alert('django_admin_xss.nasl')</script>/
/form/netauth.cgi
/form/new-visitor.inc.php
/form/new_images.php
/form/news.mdb
/form/news.php
/form/news/index.dot
/form/newsdata/data/user.idx
/form/newsdesk.cgi
/form/newsscript.pl
/form/nmap.php
/form/normal_html.cgi
/form/notify
/form/nph-exploitscanget.cgi
/form/nph-mr.cgi
/form/nph-proxy.cgi
/form/nph-test-cgi
/form/nquser.php
/form/nslookup.cgi
/form/nucleus/libs/PLUGINADMIN.php
/form/nx/common/cds/menu.inc.php
/form/ohelp/en_US/Content/master/webadmin/WebAdmin.html
/form/op/op.Login.php
/form/open.php
/form/ovlaunch.exe
/form/p-news.php
/form/pafiledb.php
/form/page
/form/pajax/pajax_call_dispatcher.php
/form/pals-cgi
/form/parse_xml.cgi
/form/password.asp
/form/password_reminder.php
/form/patch/index.php
/form/pcadmin/login.asp
/form/perl
/form/perl.exe
/form/pfdispaly
/form/pfdispaly.cgi
/form/phf
/form/photo.php
/form/php-ping.php
/form/php.cgi
/form/php/mytutos.php
/form/phpinfo.php
/form/phpnews/sendtofriend.php
/form/phpping/index.php
/form/phprint.php
/form/phptonuke.php
/form/plog-download.php
/form/plog-rss.php
/form/plugins/preview/preview.html
/form/plugins/safehtml/HTMLSax3.php
/form/pm/add_ons/mail_this_entry/mail_authocheck.php
/form/pmwiki.php
/form/pollit/Poll_It_SSI_v2.0.cgi
/form/popup.php
/form/port.php
/form/portal/
/form/preferences.php
/form/print.php
/form/printfaq.php
/form/processSimple.do
/form/productsByCategory.asp
/form/profil.php
/form/profile.asp
/form/projects_site/uploadfile.php
/form/protection.php
/form/psunami.cgi
/form/pwcgi/smpwservicescgi.exe
/form/query
/form/query.cgi
/form/quickstore.cgi
/form/recordings/index.php
/form/remindpasswd
/form/remotehtmlview.php
/form/resetpw.php
/form/rest/api/2.0.alpha1/serverInfo
/form/rest/api/2/serverInfo
/form/review.php
/form/roschedule.php
/form/rot13sj.cgi
/form/rpc.php
/form/rss.php
/form/samba/smb2www.pl
/form/samples/sample_posteddata.php
/form/save.php
/form/scp.dll/sendto
/form/script/cat_for_gen.php
/form/sdbsearch.cgi
/form/search
/form/search.aspx
/form/search.cfm
/form/search.cgi
/form/search.exe
/form/search.jsp
/form/search.php
/form/search.pl
/form/search/results.stm
/form/search/search.cgi
/form/search/show.pl
/form/search=<script>alert('XSS')</script>
/form/secure.php
/form/sendcard.php
/form/sendtemp.pl
/form/server.pt
/form/server/s3_download.php
/form/services/Walrus
/form/session/login.php
/form/setcookie.php
/form/settemplate.php
/form/settings/site.ini
/form/setup.php
/form/sgdynamo.exe
/form/shared/help.php
/form/shell/sitecore.version.xml
/form/shop.plx
/form/shop.plx/page=nessus992307075
/form/shopaddtocart.asp
/form/shopexd.asp
/form/shopper.cgi
/form/shops/sub.asp
/form/shoutbox.php
/form/showcat.php
/form/showproduct.php
/form/simple/view_page
/form/site_info.asp
/form/sitefinity/login.aspx
/form/siteframe.php
/form/sitemap.xml
/form/smb2www.pl
/form/smpwservicescgi.exe
/form/snpfiltered.pl
/form/sojourn.cgi
/form/source
/form/sources/functions.php
/form/spaw/dialogs/confirm.php
/form/sql.php
/form/sql.php3
/form/sql/install-0.9.7.php
/form/squirrelcart/cart_content.php
/form/sqwebmail
/form/src/login.php
/form/src/redirect.php
/form/starnet/addons/slideshow_full.php
/form/starnet/modules/sn_allbum/slideshow.php
/form/start.action
/form/store.cgi
/form/store.php
/form/story.pl
/form/styles.php
/form/subsystems/permissions.info.php
/form/sugarcrm/modules/Users/Login.php
/form/superguestconfig
/form/supporter/tupdate.php
/form/survey.inc.php
/form/swc
/form/sysinfo.cgi
/form/test-cgi
/form/tests/test_tools/selenium/core/SeleniumLog.html
/form/texis.cgi/ENESzAVJ-texis_path_disclosure
/form/texis.exe/
/form/texis.exe/ENESzAVJ-texis_path_disclosure
/form/texis/ENESzAVJ-texis_path_disclosure
/form/themes/program/themesettings.inc.php
/form/tiki-index.php
/form/tinfo.php
/form/tomcat_proxy_directory_traversal.nasl1485887718
/form/top.php
/form/topic.php
/form/tree.php
/form/tst.bat|type c:\windows\win.ini
/form/tst.bat|type c:\winnt\win.ini
/form/tsweb.asp
/form/tsweb/
/form/ttawebtop.cgi/
/form/ttx.cgi
/form/type.asp
/form/typo3/index.php
/form/ubbthreads.php
/form/update.php
/form/upgrade/index.php
/form/upgradev1.php
/form/upload.cgi
/form/upload/upload-submit.do
/form/user.cgi
/form/user.php
/form/users/users.php
/form/usrdetails.php
/form/ustorekeeper.pl
/form/utilities/login.asp
/form/verify.asp
/form/vhost.php
/form/viart_shop.xml
/form/view.php
/form/view/System/WebHome
/form/view/TWiki/WebHome
/form/viewCart.asp
/form/viewCat.asp
/form/view_user.php
/form/viewcvs.cgi/
/form/viewpage.php
/form/wa
/form/wa.cgi
/form/wa.exe
/form/way-board/way-board.cgi
/form/wc.dll
/form/webadmin.php
/form/webapp/home.html
/form/webappmon.exe
/form/webc.cgi/
/form/webcart.cgi
/form/webdist.cgi
/form/webglimpse.cgi
/form/webplus
/form/webplus.exe
/form/webspirs.cgi
/form/welcome.php
/form/whois.cgi
/form/whois.php
/form/whois_raw.cgi
/form/wihphoto/start.php
/form/wiki.php/<script>foo</script>
/form/wiki/edit.php
/form/wiki/rankings.php
/form/wikka.php
/form/wizard/index.php
/form/wordtrans.php
/form/wps_shop.cgi
/form/wsasp.dll/WService=wsbroker1/webtools/oscommand.w
/form/wsasp.dll/WService=wsbroker1/webutil/ping.p
/form/wsisa.dll/WService=wsbroker1/webtools/oscommand.w
/form/wsisa.dll/WService=wsbroker1/webutil/ping.p
/form/wsnsa.dll/WService=wsbroker1/webtools/oscommand.w
/form/wsnsa.dll/WService=wsbroker1/webutil/ping.p
/form/wspd_cgi.sh/WService=wsbroker1/webtools/oscommand.w
/form/wspd_cgi.sh/WService=wsbroker1/webutil/ping.p
/form/www.localhost.7z
/form/www.localhost.Z
/form/www.localhost.bz2
/form/www.localhost.com.7z
/form/www.localhost.com.Z
/form/www.localhost.com.bz2
/form/www.localhost.com.gz
/form/www.localhost.com.jar
/form/www.localhost.com.rar
/form/www.localhost.com.tar
/form/www.localhost.com.tar.bz2
/form/www.localhost.com.tar.gz
/form/www.localhost.com.tgz
/form/www.localhost.com.war
/form/www.localhost.com.z
/form/www.localhost.com.zip
/form/www.localhost.gz
/form/www.localhost.jar
/form/www.localhost.rar
/form/www.localhost.tar
/form/www.localhost.tar.bz2
/form/www.localhost.tar.gz
/form/www.localhost.tgz
/form/www.localhost.war
/form/www.localhost.z
/form/www.localhost.zip
/form/www/delivery/ac.php
/form/www/delivery/fc.php
/form/wwwboard.html
/form/x_news.php
/form/xaradodb/server.php
/form/zenworks/jsp/fw/internal/Login.jsp
/form/zml.cgi
/form/zpanel.php
/formadmin/index.php
/forms/
/formsmgr/
/forum/
/forum/Database/EZsiteForum.mdb
/forum/HCSpecific/EnableForum.asp
/forum/database/philboard.mdb
/forum/forum
/forum/forum/
/forum/index.php
/forum/register.asp
/forum/search.asp
/forumdata/data/user.idx
/forums/
/forums/forum
/forums/forum/
/forums/list.page
/foto/
/fotos/
/fp/servlet/Login
/fpadmin/
/fpdb/
/fpsample/
/fr/
/frameset/
/framesets/
/fsms/fsmsh.dll
/ftp/
/ftp/ftp.pl
/ftproot/
/fusetalk/blog/
/fusetalk/forum/
/fusion/
/fuzzylime/
/g/
/gadgets/Blog/BlogModel.php
/galleries/
/gallery/
/gallery/displayCategory.php
/ganglia/
/gb/
/gbook/
/gbs/
/gcards/
/geeklog/
/getid3/
/gf/
/gforge/
/gfx/
/global/
/googlesearch/GoogleSearch.php
/gregarius/
/greymatter/
/grocery/
/groups/
/gtcatalog/index.php
/gtcatalog/password.inc
/guest/
/guestbook/
/guestbook/admin/o12guest.mdb
/guestbook/cfooter.php3
/guestbook/guestbook.php
/guestbook/view.php
/guests/
/guppy/
/gust/
/gw/webacc
/gwadmin-console/login.jsp
/handler/blah;id|
/hazelcast/rest/cluster
/hc/
/hc/admin/login/
/hcl/
/help/
/help/contents.htm
/help/copyright.html
/help/en_US/Content/master/webadmin/WebAdmin.html
/help/index.php
/help/introduction/release-notes.html
/help/topic/com.ibm.rational.clearquest.help.web.doc/helpindex_clearquest.htm
/helpDesk/
/helpcenter/
/helpcenterlive/
/helpdesk/
/hidden/
/hide/
/hit_tracker/
/hitmatic/
/hlstats/
/home/
/home/search.asp
/horde/
/horde/imp/mailbox.php3
/horde/imp/status.php3
/host-manager/html/
/hosting/addreseller.asp
/hosting/addsubsite.asp
/hosting_controller/
/hostingcontroller/
/howto/
/hr/
/hss/hss
/ht/
/htbin/
/htdocs/
/htgrep/file=index.html&hdr=/etc/passwd
/html/
/html/en/index.htm
/html/iscscada.htm
/hyperstat/
/ibank/
/ibill/
/ical/
/icalendar/
/icons/
/idc/idcplg
/idea/
/ideabox/include.php
/idealbb/
/idealbb/default.asp
/ideas/
/idm/
/idm/login.jsp
/ifx/
/iisadmin/
/iisadmpwd/aexp.htr
/iisadmpwd/aexp2.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp4b.htr
/iisprotect/
/iisprotect/admin/GlobalAdmin.asp
/iisprotect/admin/SiteAdmin.ASP
/iissamples/
/iissamples/exair/howitworks/codebrws.asp
/iissamples/exair/search/query.idq
/iissamples/exair/search/search.idq
/iissamples/issamples/fastq.idq
/iissamples/issamples/oop/qfullhit.htw
/iissamples/issamples/oop/qsumrhit.htw
/iissamples/issamples/query.asp
/iissamples/issamples/query.idq
/iissamples/sdk/asp/docs/codebrws.asp
/ilohamail/
/image/
/imageVue/
/imagenes/
/imagery/
/images/
/images/login_top.gif
/images/logon_merge.gif
/imagevue/
/imap/
/imcws/
/imcws/axis2-web/index.jsp
/img/
/imp/
/imp/mailbox.php3
/imp/status.php3
/import/
/impreso/
/inc/
/inc/exif.inc.php
/inc/formmail.inc.php
/inc/function.php
/inc/functions.inc.php
/inc/header.php/step_one.php
/inc/pipe.php
/include/
/include/error/autherror.cfm
/include/error/forumerror.cfm
/include/help.php
/include/sql.php
/include/theme.inc.php
/includer/
/includes/
/includes/awol-condensed.inc.php
/includes/calendar.php
/includes/config.php
/includes/converter.inc.php
/includes/db_adodb.php
/includes/hnmain.inc.php3
/includes/main.conf
/includes/third_party/adodb/server.php
/incoming/
/index.php/
/index.php/123
/index.php/admin/
/index.php/admin/login/
/index.php/index.html
/index.php/login
/index.pl/homels
/info/
/info/refs
/information/
/ingo/
/ingresa/
/ingreso/
/instaboard/index.cfm
/install/
/interchange/
/interface/index.do
/internal/
/interscan/cgi-bin/FtpSave.dll
/intl/
/intranet/
/intranet/browse.php
/introbuilder/
/intruvert/jsp/admin/Login.jsp
/inventory/
/invision/
/invitado/
/invoker/EJBInvokerServlet
/invoker/JMXInvokerServlet
/ipam/
/ipb/
/isapi/
/ivc2/Backup/IVC1/html/index.htm
/ixmail/
/ixmail/README.TXT
/jackrabbit/
/jackrabbit/search.jsp
/japidoc/
/java/
/javascript/
/javascripts/enrollment.js
/javasdk/
/javatest/
/jave/
/jcart/
/jdbc/
/jffnms/
/jinzora/
/jira/
/job/
/joomla/
/journal/
/jrun/
/js/
/js/Device.js
/js/hpsum/hpsum-version.js
/js/vendors.php
/js/zimbraMail/share/model/ZmSettings.js
/jserv/
/jslib/
/jsp-examples/
/jsp/
/jsp/index.html
/jts/
/jukebox/
/junk/
/k/home
/kayako/
/kernel/loadkernel.php
/keyserver/
/kiva/
/klan/
/klan/index.php
/labs/
/lampp/
/landesk/vboot/default.winpemanaged
/lang/index.php
/lang/lang.php
/lcgi/
/lcgi/sewse.nlm
/ldap/cgi-bin/ldacgi.exe
/ledger-smb/
/ledger/
/ledgersmb/
/legal/
/lem/index.html
/lib/
/lib/OWL_API.php
/lib/adodb/server.php
/lib/adodb_lite/adodb-perf-module.inc.php
/lib/authform.inc.php
/lib/dbman_filter.inc.php
/libraries/
/libraries/adodb/server.php
/library/
/library/adodb/server.php
/library/lib.php
/libro/
/lifetype/
/limbo/
/limesurvey/
/links/
/linpha/
/linux/
/listinfo/
/lists/
/lists/admin/
/live/
/livehelp/
/loader/
/local/
/log/
/logfile/
/logfiles/
/logg/
/logger/
/logging/
/login/
/login/default.aspx
/login/login.html
/logon/
/logrover/
/logs/
/logs/HCDiskQuotaService.csv
/lost+found/
/loudblog/
/loudblog/inc/parse_old.php
/lp/AdminlogonPoint/Logon.do
/lua/pages/message/About.jsp
/maia/
/mail/
/mail/accounts/inc/include.php
/mail/admin/
/mail/inc/function.php
/mail/src/redirect.php
/mail_log_files/
/mailguard/
/mailgust/
/maillist/
/mailman/
/mailroot/
/mailscanner/
/mailserver/
/mailwatch/
/main/inc/lib/
/main/web/status/
/mainui/
/makefile/
/mall_log_files/
/mambo/
/manage/
/manage/login.vtl
/manager/
/manager/html/
/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/mantis/
/manual/
/manual/ag/contents.htm
/manual/help/help
/map/sitemap.xml
/mapviewer/omserver
/marketing/
/mdpro/
/mediawiki/
/member/
/member/index.php
/members/
/mercuryboard/
/message/
/messaging/
/metacart/
/mgmt/login
/mini/
/minibb/
/misc/
/misc/audio.php
/misc/info.php
/mkstats/
/mnemo/
/moadmin/moadmin.php
/modules/Printing/output.php
/modules/TinyMCE/content_css.php
/modules/core/module.inc
/modules/forum/
/modules/jinzora/backend/classes.php
/modules/jinzora/index.php
/modules/jinzora/popup.php
/modules/news/
/modules/projects/sql/install-0.9.7.php
/modx/
/modx/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/moinmoin/
/moodle/
/movimientos/
/mp3/
/mp3s/
/mpweb/html/help/000/user_help/help/output/config.js
/mqseries/
/mrbs/
/msql/
/mt/
/mve/help/en/inventory/am_about.html
/mvnforum/
/mxhelp/cgi-bin/namazucgi
/myaccount/
/mybb/
/myguestbk/admin/index.asp
/myphpPageTool/doc/admin/index.php
/myreview/
/mysql/
/mysql_admin/
/nag/
/nagiosfusion/login.php
/nagiosxi/login.php
/ncadmin/
/ncbook/ncbook.cgi
/nchelp/
/ncsample/
/nessus"><script>alert('django_admin_xss.nasl')</script>/
/netbasic/
/netbasic/websinfo.bas
/netcat/
/netflow/html/aboutus.jsp
/netmagstats/
/netmri/config/userAdmin/login.tdf
/netoffice/
/netofficedwins/
/netscape/
/netshare/
/nettracker/
/new/
/news/
/news/index.dot
/news/p-news.php
/newsdata/data/user.idx
/newsfeeds/
/nextgeneration/
/nexus/index.html
/nl/
/nnm/main
/noahsclassifieds/
/nocc/
/noticias/
/novelllogmanager/views/logon.html
/nps/servlet/portal
/nps/servlet/portalservice
/nsn/..\util/chkvol.bas
/nsn/..\util/dir.bas
/nsn/..\util/glist.bas
/nsn/..\util/lancard.bas
/nsn/..\util/set.bas
/nsn/..\util/userlist.bas
/nsn/..\web/env.bas
/nsn/..\webdemo/fdir.bas
/nsn/env.bas
/nsn/fdir.bas
/nucleus/
/nucleus/libs/PLUGINADMIN.php
/nuked-clan/
/nuked-clan/index.php
/nukedit/
/nx/common/cds/menu.inc.php
/obj/
/objects/
/observer/
/ocs/
/odbc/
/oempro/
/ofbizsetup/control/checkLogin
/offers/
/officescan/
/officescan/console/remoteinstallcgi/cgiRemoteInstall.exe
/ohelp/en_US/Content/master/webadmin/WebAdmin.html
/old/
/old_files/
/oldfiles/
/oneorzero/
/onlineviewing/
/oo/
/ooz/
/op/op.Login.php
/openadmin/index.php
/openads/
/openbb/
/openbb/index.php
/openbiblio/
/opencart/
/openemr/
/opennms/
/opennms/acegilogin.jsp
/opensso/
/opensso/UI/Login
/openwebmail-cgi/
/openwebmail/openwebmail.pl
/openx/
/operations-console/
/oprocmgr-service/
/oprocmgr-status/
/oracle/
/oradata/
/oramon/
/orangehrm/
/orangehrm2/
/order/
/ordermgr/control/checkLogin
/orders/
/ords/
/oreon/
/original/
/oscommerce/
/ossim/
/ossim/session/login.php
/otrs/
/outgoing/
/owa/auth/logon.aspx
/owl/
/ownCloud/index.php
/owncloud/index.php
/owners/
/pafiledb/
/page/portal/Design_Time_PG/Welcome
/pages/
/pages/login.php
/pajax/
/pajax/pajax_call_dispatcher.php
/panews/
/passport/
/password/
/passwords/
/patch/index.php
/payment/
/payments/
/pblang/
/pcadmin/login.asp
/pccsmysqladm/
/pda/
/perl-status/
/perl/
/perl/samples/env.pl
/perl/samples/lancgi.pl
/perl/samples/ndslogin.pl
/perl/samples/volscgi.pl
/perl5/
/personal/
/personal_pages/
/pforum/
/philboard/
/philboard/philboard_admin.asp
/phorum/
/photo/
/photoalbum/
/photos/
/php-blogger/
/php-files/
/php/
/php/mlog.html
/php/mylog.html
/php/mytutos.php
/php/php.exe
/phpATM/
/phpAlbum/
/phpBB/
/phpBB2/
/phpGedView/
/phpMyAdmin/
/phpMyConferences/
/phpPhotoAlbum/
/phpSecurePages/
/phpSysInfo/
/php_classes/
/phpalbum/
/phpatm/
/phpauction/
/phpay/
/phpay/admin/phpinfo.php
/phpbb/
/phpblogger/
/phpclassifieds/
/phpcoin/
/phpdoc/
/phpdocumentor/
/phpeasydownload/
/phpfm/
/phpform/
/phpformgenerator/
/phpgedview/
/phpicalendar/
/phpimageview/
/phpix/index.phtml
/phpkit/
/phpldapadmin/
/phplist/
/phplistpro/
/phplive/
/phplive/index.php
/phplivehelper/
/phpmyadmin/
/phpmyagenda/
/phpmyconferences/
/phpmyfaq/
/phpnews/
/phpnews/sendtofriend.php
/phpnuke/
/phppgadmin/
/phpping/index.php
/phpprojekt/
/phprocketaddin/
/phprojekt/
/phprojekt/setup.php
/phproxy/
/phpsane/
/phpslash/
/phpsupporttickets/
/phpsurveyor/
/phpsysinfo/
/phpu/
/phpupdate/
/phpwcms/
/phpwebadmin/
/phpwebgallery/
/phpwebsite/
/phpwebthings/
/phpwt/
/phpx/
/pipermail/
/piranha/
/piranha/secure/control.php3
/piwigo/
/pixelpost/
/pla/
  Feb 01 11:13:54 /placer/prod/home/android-recommendations-data-access/serving/prod/
/platform-ui/
/plc/webvisu.htm
/pligg/
/plog/
/plogger/
/plone/
/pls/
/pls/apex/f
/pls/portal/DEV1_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV2_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV3_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV4_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV5_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV6_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV7_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV8_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV9_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/DEV_PORTAL_DEMO.ORG_CHART.SHOW
/pls/portal/PORTAL_DEMO.ORG_CHART.SHOW
/pluck/
/plugins/preview/preview.html
/plugins/safehtml/HTMLSax3.php
/plume/
/pm/add_ons/mail_this_entry/mail_authocheck.php
/pma/
/pmos/
/pmwiki/
/podcast/
/podcasts/
/poll/
/poll/misc/info.php
/pollit/Poll_It_SSI_v2.0.cgi
/pollphp/
/polls/
/portal/
/portal/page/portal/Design_Time_PG/Welcome
/portal/pls/portal/DEV1_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV2_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV3_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV4_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV5_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV6_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV7_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV8_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV9_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/DEV_PORTAL_DEMO.ORG_CHART.SHOW
/portal/pls/portal/PORTAL_DEMO.ORG_CHART.SHOW
/portal/server.pt
/portal_dojo/layerLoader.jsp
/portalapp/
/poster/
/poster/index.php
/postgres/
/poxy/
/ppwb/
/prestashop/
/printers/
/priv/
/privado/
/private/
/prod/
/project/
/projectpier/
/projects/
/projects_site/uploadfile.php
/properties/configuration.php
/properties/description.dhtml
/protected/
/prueba/
/pruebas/
/prv/
/psynch/
/ptnews/
/ptnews/index.php
/pub/
/pubcookie/
/public/
/public/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./windows/win.ini
/public/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./winnt/win.ini
/public/20Review.asp
/public/500page.jsp
/public/About/frmAbout.aspx
/public/Articles/default.asp
/public/BrowserWeb/portal/portalbanner.htm
/public/CFIDE/probe.cfm
/public/CHANGELOG.md
/public/CMSlogin.aspx
/public/CategoryView.aspx
/public/ChangeLog
/public/Config/diff.php
/public/Count.cgi
/public/DataService.asmx/AuthUser
/public/DesktopModules/BDPDT/uploadfilepopup.aspx
/public/Edit.jsp
/public/GTcatalog/index.php
/public/GTcatalog/password.inc
/public/Login.aspx
/public/MsmMask.exe
/public/PJreview_Neo.cgi
/public/README.TXT
/public/SLwebmail/ShowLogin.dll
/public/SPT--ForumTopics.php
/public/Security/login
/public/ServerView/SnmpView/SnmpListMibValues
/public/Support/FCKEditor/editor/filemanager/upload/asp/upload.asp
/public/SystemInfo
/public/Test11.asp
/public/UI/Login
/public/Web_Store/web_store.cgi
/public/WihPhoto/start.php
/public/WorkArea/ContentDesigner/ekformsiframe.aspx
/public/WorkArea/ContentRatingGraph.aspx
/public/YaBB.pl
/public/_admin/
/public/_head.php
/public/a1disp3.cgi
/public/a1stats/a1disp3.cgi
/public/about.php
/public/about/default_content.asp
/public/account/
/public/account/login.php
/public/acegilogin.jsp
/public/acp/index.php
/public/acp/lib/inserts.sql
/public/activatemember
/public/activeauctionsuperstore/ItemInfo.asp
/public/add.cgi
/public/add_url.htm
/public/add_user.php
/public/addentry.php
/public/addschup
/public/adlayer.php
/public/admin.asp
/public/admin.php
/public/admin.pl
/public/admin/
/public/admin/addentry.php
/public/admin/admin.php
/public/admin/adminlogin.asp
/public/admin/cal_login.php
/public/admin/check_user.asp
/public/admin/components/com_fm/fm.install.php
/public/admin/configset.php
/public/admin/connect.inc
/public/admin/define.inc.php
/public/admin/file_manager.php
/public/admin/general.php
/public/admin/index.asp
/public/admin/index.html
/public/admin/index.php
/public/admin/info/system
/public/admin/ip_manage.php
/public/admin/lang.php
/public/admin/login-default.do
/public/admin/login.html
/public/admin/login.php
/public/admin/login/
/public/admin/login/index.php
/public/admin/main.asp
/public/admin/o12guest.mdb
/public/admin/objects.inc.php4
/public/admin/operators.php
/public/admin/plog-admin-functions.php
/public/admin/registry.jsp
/public/admin/remotecontrol/lsrc.server.php
/public/admin/setup.php
/public/admin/system
/public/admin/templates/header.php
/public/admin/top.php
/public/admin/users.php
/public/admin/utilities_ConfigHelp.asp
/public/admin/wwforum.mdb
/public/admincp/login.php
/public/administrator/index.php
/public/adodb-perf-module.inc.php
/public/adodb/server.php
/public/advSearch_h.asp
/public/adxmlrpc.php
/public/af.cgi
/public/agenda.php3
/public/ajax.php
/public/al_initialize.php
/public/album.pl
/public/alienform.cgi
/public/am.pl
/public/anacondaclip.pl
/public/apa_phpinclude.inc.php
/public/apexec.pl
/public/api/orders.json
/public/apps/pbcs.dll/misc
/public/artifactory/webapp/home.html
/public/ashnews.php
/public/athenareg.php
/public/atomicboard/index.php
/public/auktion.cgi
/public/autohtml.php
/public/awstats.pl
/public/awstatstotals.php
/public/axis2-web/index.jsp
/public/b2-tools/gm-2-b2.php
/public/backend/classes.php
/public/backofficeLite/comersus_backoffice_index.asp
/public/backofficePlus/comersus_backoffice_index.asp
/public/bandwidth/index.cgi
/public/base_local_rules.php
/public/base_main.php
/public/base_maintenance.php
/public/base_qry_common.php
/public/basilix.php
/public/bb-hist.sh
/public/bb-hostsvc.sh
/public/bb_func_txt.php
/public/bblog/index.php
/public/bemarket/shop/index.php
/public/bigconf.cgi
/public/billing/billingmanager_income.asp
/public/bin/html2text.php
/public/bizmail.cgi
/public/blog.cgi
/public/blog.php
/public/boarddata/data/user.idx
/public/breakcal/calendar.cgi
/public/browse.php
/public/browse_blogs.php
/public/bsml.pl
/public/btdownload.php
/public/c32web.exe/GetImage
/public/cal_cat.php
/public/cal_event.php
/public/cal_make.pl
/public/cal_week.php
/public/calendar.php
/public/calendar_admin.pl
/public/callboth.php
/public/captcha.html
/public/carbo.dll
/public/cart32.exe
/public/catalog.php
/public/cc_guestbook.pl
/public/cfooter.php3
/public/cgi-bin/gm-comments.cgi
/public/cgi-bin/library.cgi
/public/cgi-bin/login.cgi
/public/cgi/tseekdir.cgi
/public/cgiforum.pl
/public/cgiip.exe/WService=wsbroker1/webtools/oscommand.w
/public/cgiip.exe/WService=wsbroker1/webutil/ping.p
/public/cgiwrap/cgiwrap_error_page_handling_xss.nasl
/public/chat.php
/public/chat/login.php
/public/check_user_id.php
/public/claroline/resourcelinker/resourcelinker.inc.php
/public/classes/adodbt/sql.php
/public/cleartrust/ct_logon.asp
/public/cleartrust/ct_logon.jsp
/public/clwarn.cgi
/public/coin_includes/constants.php
/public/comersus_customerRegistrationForm.asp
/public/comersus_searchItem.asp"><script>alert('Nessus was here');</script>
/public/comments.php
/public/commerce.cgi
/public/common/visiteurs/include/menus.inc.php
/public/commsrss.php
/public/config.php
/public/config/oramon.ini
/public/configuration/galleryConfig.txt
/public/console/login.action
/public/contact.php
/public/contacts/php
/public/contenido/classes/class.inuse.php
/public/content.php
/public/contrib/forms/evaluation/C_FormEvaluation.class.php
/public/core/adodb/server.php
/public/core/api.php
/public/core/editor.php
/public/corporate/webpages/login.jsp
/public/corporate/webpages/sessionexpired.jsp
/public/counter.php
/public/crossdomain.xml
/public/crystalimagehandler.aspx
/public/csSearch.cgi
/public/csv_db.cgi
/public/customer.pl
/public/cvslog.cgi
/public/cwmail.exe
/public/data/fetch.php
/public/data/usr
/public/database/mpcsoftware_guestdata.mdb
/public/day.php
/public/db/users.dat
/public/db_input.php
/public/dcforum.cgi
/public/default.asp
/public/demos/demo.browse.php
/public/detail.asp
/public/direct.php
/public/directory.php
/public/directorypro.cgi
/public/disp_album.php
/public/display.cgi
/public/doc/index.php
/public/docbuilder/top.php
/public/docman/new.php
/public/docs.php
/public/docs/index.php
/public/doku.php
/public/download.php
/public/dsweb/Services/User-1"><BODY ONLOAD=alert('xerox_docushare_dsweb_xss.nasl')>
/public/dynamicpages/fast/config_page.php
/public/e107_admin/admin.php
/public/eclient/IDMLogon2.jsp
/public/edit_image.php
/public/editor/filemanager/connectors/php/upload.php
/public/elmah.axd
/public/embed/day.php
/public/empower
/public/emumail.fcgi
/public/encoder.php
/public/engine/admin/admin.php
/public/ericom.min.js
/public/error.php
/public/evb/check_url.php
/public/event_view.php
/public/faq.php
/public/faq/index.php
/public/faxsurvey
/public/fckeditor/editor/filemanager/connectors/connector
/public/feedsplitter.php
/public/file.cgi
/public/file.php
/public/flserv.pl
/public/fm.php
/public/folderview.asp
/public/force-download.php
/public/form.php
/public/forum.php
/public/forum.php3
/public/forum/Database/EZsiteForum.mdb
/public/forum/HCSpecific/EnableForum.asp
/public/forum_2.php
/public/forumdata/data/user.idx
/public/forumdisplay.php
/public/forums.asp
/public/forums/list.page
/public/ftp/ftp.pl
/public/fxm.exe
/public/gadgets/Blog/BlogModel.php
/public/gallery/displayCategory.php
/public/gitweb.cgi
/public/gitweb.perl
/public/gitweb.pl
/public/gm.cgi
/public/go.cgi|id|
/public/googlesearch/GoogleSearch.php
/public/goto.asp
/public/gotopage.cgi
/public/gtcatalog/index.php
/public/gtcatalog/password.inc
/public/guestbook.php
/public/guestbook/cfooter.php3
/public/guestbook/view.php
/public/help.php
/public/help/copyright.html
/public/help/en_US/Content/master/webadmin/WebAdmin.html
/public/help/index.php
/public/hints.pl
/public/historyFrame.html
/public/home
/public/home.html
/public/home/search.asp
/public/hosting/addreseller.asp
/public/hosting/addsubsite.asp
/public/hsx.cgi
/public/htgrep/file=index.html&hdr=/etc/passwd
/public/htmlscript
/public/htsearch
/public/htsearch.cgi
/public/hw3.cgi
/public/hw3.php
/public/i-mall.cgi
/public/ideabox/include.php
/public/idealbb/default.asp
/public/ikonboard.cgi
/public/image.php
/public/inc/exif.inc.php
/public/inc/formmail.inc.php
/public/inc/functions.inc.php
/public/inc/header.php/step_one.php
/public/inc/pipe.php
/public/include.php
/public/include/error/autherror.cfm
/public/include/error/forumerror.cfm
/public/include/help.php
/public/include/sql.php
/public/include/theme.inc.php
/public/includer.cgi
/public/includes/awol-condensed.inc.php
/public/includes/calendar.php
/public/includes/config.php
/public/includes/converter.inc.php
/public/includes/db_adodb.php
/public/includes/hnmain.inc.php3
/public/includes/main.conf
/public/includes/third_party/adodb/server.php
/public/index
/public/index.action
/public/index.asp
/public/index.cfm
/public/index.cgi
/public/index.html
/public/index.jsp
/public/index.php
/public/index.php/admin/
/public/index.php/admin/login/
/public/index.php/index.html
/public/index.php/login
/public/index.phtml
/public/index.pl/homels
/public/index2.cgi
/public/index2.php
/public/info.dat
/public/info.php
/public/info2www
/public/infosrch.cgi
/public/insertorder.cfm
/public/install.php
/public/interface/index.do
/public/ion-p.exe
/public/item.fts
/public/jammail.pl
/public/javascript.php
/public/jcart-relay.php
/public/jgs_portal_statistik.php
/public/js/vendors.php
/public/k/home
/public/kernel/loadkernel.php
/public/landesk/vboot/default.winpemanaged
/public/lang/index.php
/public/lang/lang.php
/public/language.php
/public/lg.php
/public/lib.inc.php
/public/lib/OWL_API.php
/public/lib/adodb/server.php
/public/lib/adodb_lite/adodb-perf-module.inc.php
/public/lib/authform.inc.php
/public/lib/dbman_filter.inc.php
/public/libraries/adodb/server.php
/public/library/adodb/server.php
/public/library/lib.php
/public/links_add_form.asp
/public/list.php
/public/listinfo/
/public/listing.php
/public/listrec.pl
/public/livre_include.php
/public/loader-wizard.php
/public/logbook.pl
/public/logicworks.ini
/public/login
/public/login.action
/public/login.asp
/public/login.aspx
/public/login.cgi
/public/login.jsp
/public/login.mako
/public/login.php
/public/login.pl
/public/login.wdm
/public/login/default.aspx
/public/login_page.php
/public/logs/HCDiskQuotaService.csv
/public/lostpass.php
/public/loudblog/inc/parse_old.php
/public/lp
/public/lp/AdminlogonPoint/Logon.do
/public/lsg2.cgi
/public/mail.cgi
/public/mail.php
/public/mailbox.php3
/public/main.php
/public/man-cgi
/public/man2html
/public/man2web
/public/manage_overview_page.php
/public/manager/
/public/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/public/mapserv
/public/mapserv.exe
/public/math_sum.mscgi
/public/mathtex.cgi
/public/mathtex.pl
/public/member.php
/public/member/index.php
/public/mensajeitor.php
/public/menu_dx.php
/public/localhost.7z
/public/localhost.Z
/public/localhost.bz2
/public/localhost.com.7z
/public/localhost.com.Z
/public/localhost.com.bz2
/public/localhost.com.gz
/public/localhost.com.jar
/public/localhost.com.rar
/public/localhost.com.tar
/public/localhost.com.tar.bz2
/public/localhost.com.tar.gz
/public/localhost.com.tgz
/public/localhost.com.war
/public/localhost.com.z
/public/localhost.com.zip
/public/localhost.gz
/public/localhost.jar
/public/localhost.rar
/public/localhost.tar
/public/localhost.tar.bz2
/public/localhost.tar.gz
/public/localhost.tgz
/public/localhost.war
/public/localhost.z
/public/localhost.zip
/public/minis.php
/public/misc.php
/public/misc/audio.php
/public/misc/info.php
/public/mj_wwwusr
/public/mlog.html
/public/mmstdod.cgi
/public/module.php
/public/modules.php
/public/modules/Printing/output.php
/public/modules/TinyMCE/content_css.php
/public/modules/core/module.inc
/public/modules/news/
/public/modules/projects/sql/install-0.9.7.php
/public/month.php
/public/more.php
/public/mpweb/html/help/000/user_help/help/output/config.js
/public/mrtg.cgi
/public/msg.txt
/public/mt.cgi
/public/myevent.php
/public/mylog.html
/public/myphpPageTool/doc/admin/index.php
/public/nbmember.cgi
/public/ncbook.cgi
/public/ncbook/ncbook.cgi
/public/neomail-prefs.pl
/public/neomail.pl
/public/nessus"><script>alert('django_admin_xss.nasl')</script>/
/public/netauth.cgi
/public/new-visitor.inc.php
/public/new_images.php
/public/news.mdb
/public/news.php
/public/news/index.dot
/public/newsdata/data/user.idx
/public/newsdesk.cgi
/public/newsscript.pl
/public/nmap.php
/public/normal_html.cgi
/public/notify
/public/nph-exploitscanget.cgi
/public/nph-mr.cgi
/public/nph-proxy.cgi
/public/nph-test-cgi
/public/nquser.php
/public/nslookup.cgi
/public/nucleus/libs/PLUGINADMIN.php
/public/nx/common/cds/menu.inc.php
/public/ohelp/en_US/Content/master/webadmin/WebAdmin.html
/public/op/op.Login.php
/public/open.php
/public/ovlaunch.exe
/public/p-news.php
/public/pafiledb.php
/public/page
/public/pajax/pajax_call_dispatcher.php
/public/pals-cgi
/public/parse_xml.cgi
/public/password.asp
/public/password_reminder.php
/public/patch/index.php
/public/pcadmin/login.asp
/public/perl
/public/perl.exe
/public/pfdispaly
/public/pfdispaly.cgi
/public/phf
/public/photo.php
/public/php-ping.php
/public/php.cgi
/public/php/mytutos.php
/public/phpinfo.php
/public/phpnews/sendtofriend.php
/public/phpping/index.php
/public/phprint.php
/public/phptonuke.php
/public/plog-download.php
/public/plog-rss.php
/public/plugins/preview/preview.html
/public/plugins/safehtml/HTMLSax3.php
/public/pm/add_ons/mail_this_entry/mail_authocheck.php
/public/pmwiki.php
/public/pollit/Poll_It_SSI_v2.0.cgi
/public/popup.php
/public/port.php
/public/portal/
/public/preferences.php
/public/print.php
/public/printfaq.php
/public/processSimple.do
/public/productsByCategory.asp
/public/profil.php
/public/profile.asp
/public/projects_site/uploadfile.php
/public/protection.php
/public/proxy.php
/public/psunami.cgi
/public/pwcgi/smpwservicescgi.exe
/public/query
/public/query.cgi
/public/quickstore.cgi
/public/recordings/index.php
/public/remindpasswd
/public/remotehtmlview.php
/public/resetpw.php
/public/rest/api/2.0.alpha1/serverInfo
/public/rest/api/2/serverInfo
/public/review.php
/public/roschedule.php
/public/rot13sj.cgi
/public/rpc.php
/public/rss.php
/public/samba/smb2www.pl
/public/samples/sample_posteddata.php
/public/save.php
/public/scp.dll/sendto
/public/script/cat_for_gen.php
/public/sdbsearch.cgi
/public/search
/public/search.aspx
/public/search.cfm
/public/search.cgi
/public/search.exe
/public/search.jsp
/public/search.php
/public/search.pl
/public/search/results.stm
/public/search/search.cgi
/public/search/show.pl
/public/search=<script>alert('XSS')</script>
/public/secure.php
/public/sendcard.php
/public/sendtemp.pl
/public/server.pt
/public/server/s3_download.php
/public/services/Walrus
/public/session/login.php
/public/setcookie.php
/public/settemplate.php
/public/settings/site.ini
/public/setup.php
/public/sgdynamo.exe
/public/shared/help.php
/public/shell/sitecore.version.xml
/public/shop.plx
/public/shop.plx/page=nessus782294445
/public/shopaddtocart.asp
/public/shopexd.asp
/public/shopper.cgi
/public/shops/sub.asp
/public/shoutbox.php
/public/showcat.php
/public/showproduct.php
/public/simple/view_page
/public/site_info.asp
/public/sitefinity/login.aspx
/public/siteframe.php
/public/sitemap.xml
/public/smb2www.pl
/public/smpwservicescgi.exe
/public/snpfiltered.pl
/public/sojourn.cgi
/public/source
/public/sources/functions.php
/public/spaw/dialogs/confirm.php
/public/sql.php
/public/sql.php3
/public/sql/install-0.9.7.php
/public/squirrelcart/cart_content.php
/public/sqwebmail
/public/src/login.php
/public/src/redirect.php
/public/starnet/addons/slideshow_full.php
/public/starnet/modules/sn_allbum/slideshow.php
/public/start.action
/public/store.cgi
/public/store.php
/public/story.pl
/public/styles.php
/public/subsystems/permissions.info.php
/public/sugarcrm/modules/Users/Login.php
/public/superguestconfig
/public/supporter/tupdate.php
/public/survey.inc.php
/public/swc
/public/sysinfo.cgi
/public/test-cgi
/public/tests/test_tools/selenium/core/SeleniumLog.html
/public/texis.cgi/ENESzAVJ-texis_path_disclosure
/public/texis.exe/
/public/texis.exe/ENESzAVJ-texis_path_disclosure
/public/texis/ENESzAVJ-texis_path_disclosure
/public/themes/program/themesettings.inc.php
/public/tiki-index.php
/public/tinfo.php
/public/tomcat_proxy_directory_traversal.nasl1485887718
/public/top.php
/public/topic.php
/public/tree.php
/public/tst.bat|type c:\windows\win.ini
/public/tst.bat|type c:\winnt\win.ini
/public/tsweb.asp
/public/tsweb/
/public/ttawebtop.cgi/
/public/ttx.cgi
/public/type.asp
/public/typo3/index.php
/public/ubbthreads.php
/public/update.php
/public/upgrade/index.php
/public/upgradev1.php
/public/upload.cgi
/public/upload/upload-submit.do
/public/user.cgi
/public/user.php
/public/users/users.php
/public/usrdetails.php
/public/ustorekeeper.pl
/public/utilities/login.asp
/public/verify.asp
/public/vhost.php
/public/viart_shop.xml
/public/view.php
/public/view/System/WebHome
/public/view/TWiki/WebHome
/public/viewCart.asp
/public/viewCat.asp
/public/view_user.php
/public/viewcvs.cgi/
/public/viewpage.php
/public/wa
/public/wa.cgi
/public/wa.exe
/public/way-board/way-board.cgi
/public/wc.dll
/public/webadmin.php
/public/webapp/home.html
/public/webappmon.exe
/public/webc.cgi/
/public/webcart.cgi
/public/webdist.cgi
/public/webglimpse.cgi
/public/webplus
/public/webplus.exe
/public/webspirs.cgi
/public/welcome.php
/public/whois.cgi
/public/whois.php
/public/whois_raw.cgi
/public/wihphoto/start.php
/public/wiki.php/<script>foo</script>
/public/wiki/edit.php
/public/wiki/rankings.php
/public/wikka.php
/public/wizard/index.php
/public/wordtrans.php
/public/wps_shop.cgi
/public/wsasp.dll/WService=wsbroker1/webtools/oscommand.w
/public/wsasp.dll/WService=wsbroker1/webutil/ping.p
/public/wsisa.dll/WService=wsbroker1/webtools/oscommand.w
/public/wsisa.dll/WService=wsbroker1/webutil/ping.p
/public/wsnsa.dll/WService=wsbroker1/webtools/oscommand.w
/public/wsnsa.dll/WService=wsbroker1/webutil/ping.p
/public/wspd_cgi.sh/WService=wsbroker1/webtools/oscommand.w
/public/wspd_cgi.sh/WService=wsbroker1/webutil/ping.p
/public/www.localhost.7z
/public/www.localhost.Z
/public/www.localhost.bz2
/public/www.localhost.com.7z
/public/www.localhost.com.Z
/public/www.localhost.com.bz2
/public/www.localhost.com.gz
/public/www.localhost.com.jar
/public/www.localhost.com.rar
/public/www.localhost.com.tar
/public/www.localhost.com.tar.bz2
/public/www.localhost.com.tar.gz
/public/www.localhost.com.tgz
/public/www.localhost.com.war
/public/www.localhost.com.z
/public/www.localhost.com.zip
/public/www.localhost.gz
/public/www.localhost.jar
/public/www.localhost.rar
/public/www.localhost.tar
/public/www.localhost.tar.bz2
/public/www.localhost.tar.gz
/public/www.localhost.tgz
/public/www.localhost.war
/public/www.localhost.z
/public/www.localhost.zip
/public/www/delivery/ac.php
/public/www/delivery/fc.php
/public/wwwboard.html
/public/x_news.php
/public/xaradodb/server.php
/public/zenworks/jsp/fw/internal/Login.jsp
/public/zml.cgi
/public/zpanel.php
/public_html/
/publica/
/publicadmin/index.php
/publicar/
/publico/
/publish/
/publisher/
/punbb/
/puppet-ca/v1/certificate/localhost.com
/puppet/v3/facts/localhost.com
/purchase/
/purchases/
/pw/
/pwa/
/pwcgi/smpwservicescgi.exe
/qwe/qwe/index.html
/rails_info/properties
/random_banner/
/rbacx/welcome.action
/rbacx_staging/welcome.action
/rc/
/rcblog/
/rcladmin/js/art_i18n/nls/art_i18n.js
/rdp/
/rdweb/login/login.html
/recordings/
/recordings/index.php
/ref/
/register/
/registered/
/rem/
/report/
/reporter/client.jsp
/reports/
/reports/rwservlet
/reseller/
/rest-service/reviews-v1/versionInfo
/rest/api/2.0.alpha1/serverInfo
/rest/api/2/serverInfo
/restricted/
/retail/
/reviews/
/robohelp/server
/roller/
/root/
/roundcube/
/roundcubemail/
/rsrc/
/rth/
/rtrlet/rtr
/runcms/
/sabin/SiteAdmin.htm
/sales/
/samba/smb2www.pl
/sample/
/samples/
/samples/sample_posteddata.php
/sane/
/sapmc/sapmc.html
/save/
/sbbs/
/sblog/
/sc3/console.php
/scan/
/scgi-bin/platform.cgi
/schedule/
/scmadmin/
/scmadmin/LocalIndex.html
/scp.dll/sendto
/scribe/
/script/
/script/cat_for_gen.php
/scripts/
/scripts/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./windows/win.ini
/scripts/.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./.|./winnt/win.ini
/scripts/20Review.asp
/scripts/500page.jsp
/scripts/About/frmAbout.aspx
/scripts/Articles/default.asp
/scripts/BrowserWeb/portal/portalbanner.htm
/scripts/CFIDE/probe.cfm
/scripts/CHANGELOG.md
/scripts/CMSlogin.aspx
/scripts/CategoryView.aspx
/scripts/ChangeLog
/scripts/Config/diff.php
/scripts/Count.cgi
/scripts/DataService.asmx/AuthUser
/scripts/DesktopModules/BDPDT/uploadfilepopup.aspx
/scripts/Edit.jsp
/scripts/GTcatalog/index.php
/scripts/GTcatalog/password.inc
/scripts/Login.aspx
/scripts/MsmMask.exe
/scripts/PJreview_Neo.cgi
/scripts/README.TXT
/scripts/SLwebmail/ShowLogin.dll
/scripts/SPT--ForumTopics.php
/scripts/Security/login
/scripts/ServerView/SnmpView/SnmpListMibValues
/scripts/Support/FCKEditor/editor/filemanager/upload/asp/upload.asp
/scripts/SystemInfo
/scripts/Test11.asp
/scripts/UI/Login
/scripts/Web_Store/web_store.cgi
/scripts/WihPhoto/start.php
/scripts/WorkArea/ContentDesigner/ekformsiframe.aspx
/scripts/WorkArea/ContentRatingGraph.aspx
/scripts/YaBB.pl
/scripts/_admin/
/scripts/_head.php
/scripts/a1disp3.cgi
/scripts/a1stats/a1disp3.cgi
/scripts/about.php
/scripts/about/default_content.asp
/scripts/account/
/scripts/account/login.php
/scripts/acegilogin.jsp
/scripts/acp/index.php
/scripts/acp/lib/inserts.sql
/scripts/activatemember
/scripts/activeauctionsuperstore/ItemInfo.asp
/scripts/add.cgi
/scripts/add_url.htm
/scripts/add_user.php
/scripts/addentry.php
/scripts/addschup
/scripts/adlayer.php
/scripts/admin.asp
/scripts/admin.php
/scripts/admin.pl
/scripts/admin/
/scripts/admin/addentry.php
/scripts/admin/admin.php
/scripts/admin/adminlogin.asp
/scripts/admin/cal_login.php
/scripts/admin/check_user.asp
/scripts/admin/components/com_fm/fm.install.php
/scripts/admin/configset.php
/scripts/admin/connect.inc
/scripts/admin/define.inc.php
/scripts/admin/file_manager.php
/scripts/admin/general.php
/scripts/admin/index.asp
/scripts/admin/index.html
/scripts/admin/index.php
/scripts/admin/info/system
/scripts/admin/ip_manage.php
/scripts/admin/lang.php
/scripts/admin/login-default.do
/scripts/admin/login.html
/scripts/admin/login.php
/scripts/admin/login/
/scripts/admin/login/index.php
/scripts/admin/main.asp
/scripts/admin/o12guest.mdb
/scripts/admin/objects.inc.php4
/scripts/admin/operators.php
/scripts/admin/plog-admin-functions.php
/scripts/admin/registry.jsp
/scripts/admin/remotecontrol/lsrc.server.php
/scripts/admin/setup.php
/scripts/admin/system
/scripts/admin/templates/header.php
/scripts/admin/top.php
/scripts/admin/users.php
/scripts/admin/utilities_ConfigHelp.asp
/scripts/admin/wwforum.mdb
/scripts/admincp/login.php
/scripts/administrator/index.php
/scripts/adodb-perf-module.inc.php
/scripts/adodb/server.php
/scripts/advSearch_h.asp
/scripts/adxmlrpc.php
/scripts/af.cgi
/scripts/agenda.php3
/scripts/ajax.php
/scripts/al_initialize.php
/scripts/album.pl
/scripts/alienform.cgi
/scripts/am.pl
/scripts/anacondaclip.pl
/scripts/apa_phpinclude.inc.php
/scripts/apexec.pl
/scripts/api/orders.json
/scripts/apps/pbcs.dll/misc
/scripts/artifactory/webapp/home.html
/scripts/ashnews.php
/scripts/athenareg.php
/scripts/atomicboard/index.php
/scripts/auktion.cgi
/scripts/autohtml.php
/scripts/awstats.pl
/scripts/awstatstotals.php
/scripts/axis2-web/index.jsp
/scripts/b2-tools/gm-2-b2.php
/scripts/backend/classes.php
/scripts/backofficeLite/comersus_backoffice_index.asp
/scripts/backofficePlus/comersus_backoffice_index.asp
/scripts/bandwidth/index.cgi
/scripts/base_local_rules.php
/scripts/base_main.php
/scripts/base_maintenance.php
/scripts/base_qry_common.php
/scripts/basilix.php
/scripts/bb-hist.sh
/scripts/bb-hostsvc.sh
/scripts/bb_func_txt.php
/scripts/bblog/index.php
/scripts/bemarket/shop/index.php
/scripts/bigconf.cgi
/scripts/billing/billingmanager_income.asp
/scripts/bin/html2text.php
/scripts/bizmail.cgi
/scripts/blog.cgi
/scripts/blog.php
/scripts/boarddata/data/user.idx
/scripts/breakcal/calendar.cgi
/scripts/browse.php
/scripts/browse_blogs.php
/scripts/bsml.pl
/scripts/btdownload.php
/scripts/c32web.exe/GetImage
/scripts/cal_cat.php
/scripts/cal_event.php
/scripts/cal_make.pl
/scripts/cal_week.php
/scripts/calendar.php
/scripts/calendar_admin.pl
/scripts/callboth.php
/scripts/captcha.html
/scripts/carbo.dll
/scripts/cart32.exe
/scripts/catalog.php
/scripts/cc_guestbook.pl
/scripts/cfooter.php3
/scripts/cgi-bin/gm-comments.cgi
/scripts/cgi-bin/library.cgi
/scripts/cgi-bin/login.cgi
/scripts/cgi/tseekdir.cgi
/scripts/cgiforum.pl
/scripts/cgiip.exe/WService=wsbroker1/webtools/oscommand.w
/scripts/cgiip.exe/WService=wsbroker1/webutil/ping.p
/scripts/cgiwrap/cgiwrap_error_page_handling_xss.nasl
/scripts/chat.php
/scripts/chat/login.php
/scripts/check_user_id.php
/scripts/claroline/resourcelinker/resourcelinker.inc.php
/scripts/classes/adodbt/sql.php
/scripts/cleartrust/ct_logon.asp
/scripts/cleartrust/ct_logon.jsp
/scripts/clwarn.cgi
/scripts/coin_includes/constants.php
/scripts/comersus_customerRegistrationForm.asp
/scripts/comersus_searchItem.asp"><script>alert('Nessus was here');</script>
/scripts/comments.php
/scripts/commerce.cgi
/scripts/common/visiteurs/include/menus.inc.php
/scripts/commsrss.php
/scripts/config.php
/scripts/config/oramon.ini
/scripts/configuration/galleryConfig.txt
/scripts/console/login.action
/scripts/contact.php
/scripts/contacts/php
/scripts/contenido/classes/class.inuse.php
/scripts/content.php
/scripts/contrib/forms/evaluation/C_FormEvaluation.class.php
/scripts/core/adodb/server.php
/scripts/core/api.php
/scripts/core/editor.php
/scripts/corporate/webpages/login.jsp
/scripts/corporate/webpages/sessionexpired.jsp
/scripts/counter.php
/scripts/crossdomain.xml
/scripts/crystalimagehandler.aspx
/scripts/csSearch.cgi
/scripts/csv_db.cgi
/scripts/customer.pl
/scripts/cvslog.cgi
/scripts/cwmail.exe
/scripts/data/fetch.php
/scripts/data/usr
/scripts/database/mpcsoftware_guestdata.mdb
/scripts/day.php
/scripts/db/users.dat
/scripts/db_input.php
/scripts/dcforum.cgi
/scripts/default.asp
/scripts/demos/demo.browse.php
/scripts/detail.asp
/scripts/direct.php
/scripts/directory.php
/scripts/directorypro.cgi
/scripts/disp_album.php
/scripts/display.cgi
/scripts/doc/index.php
/scripts/docbuilder/top.php
/scripts/docman/new.php
/scripts/docs.php
/scripts/docs/index.php
/scripts/doku.php
/scripts/download.php
/scripts/dsweb/Services/User-1"><BODY ONLOAD=alert('xerox_docushare_dsweb_xss.nasl')>
/scripts/dynamicpages/fast/config_page.php
/scripts/e107_admin/admin.php
/scripts/eclient/IDMLogon2.jsp
/scripts/edit_image.php
/scripts/editor/filemanager/connectors/php/upload.php
/scripts/elmah.axd
/scripts/embed/day.php
/scripts/empower
/scripts/emumail.fcgi
/scripts/encoder.php
/scripts/engine/admin/admin.php
/scripts/ericom.min.js
/scripts/error.php
/scripts/evb/check_url.php
/scripts/event_view.php
/scripts/fake.cgi
/scripts/faq.php
/scripts/faq/index.php
/scripts/faxsurvey
/scripts/fckeditor/editor/filemanager/connectors/connector
/scripts/feedsplitter.php
/scripts/file.cgi
/scripts/file.php
/scripts/flserv.pl
/scripts/fm.php
/scripts/folderview.asp
/scripts/force-download.php
/scripts/form.php
/scripts/forum.php
/scripts/forum.php3
/scripts/forum/Database/EZsiteForum.mdb
/scripts/forum/HCSpecific/EnableForum.asp
/scripts/forum_2.php
/scripts/forumdata/data/user.idx
/scripts/forumdisplay.php
/scripts/forums.asp
/scripts/forums/list.page
/scripts/ftp/ftp.pl
/scripts/fxm.exe
/scripts/gadgets/Blog/BlogModel.php
/scripts/gallery/displayCategory.php
/scripts/gitweb.cgi
/scripts/gitweb.perl
/scripts/gitweb.pl
/scripts/gm.cgi
/scripts/go.cgi|id|
/scripts/googlesearch/GoogleSearch.php
/scripts/goto.asp
/scripts/gotopage.cgi
/scripts/gtcatalog/index.php
/scripts/gtcatalog/password.inc
/scripts/guestbook.php
/scripts/guestbook/cfooter.php3
/scripts/guestbook/view.php
/scripts/help.php
/scripts/help/copyright.html
/scripts/help/en_US/Content/master/webadmin/WebAdmin.html
/scripts/help/index.php
/scripts/hints.pl
/scripts/historyFrame.html
/scripts/home
/scripts/home.html
/scripts/home/search.asp
/scripts/hosting/addreseller.asp
/scripts/hosting/addsubsite.asp
/scripts/hsx.cgi
/scripts/htgrep/file=index.html&hdr=/etc/passwd
/scripts/htmlscript
/scripts/htsearch
/scripts/htsearch.cgi
/scripts/hw3.cgi
/scripts/hw3.php
/scripts/i-mall.cgi
/scripts/ideabox/include.php
/scripts/idealbb/default.asp
/scripts/ikonboard.cgi
/scripts/image.php
/scripts/inc/exif.inc.php
/scripts/inc/formmail.inc.php
/scripts/inc/functions.inc.php
/scripts/inc/header.php/step_one.php
/scripts/inc/pipe.php
/scripts/include.php
/scripts/include/error/autherror.cfm
/scripts/include/error/forumerror.cfm
/scripts/include/help.php
/scripts/include/sql.php
/scripts/include/theme.inc.php
/scripts/includer.cgi
/scripts/includes/awol-condensed.inc.php
/scripts/includes/calendar.php
/scripts/includes/config.php
/scripts/includes/converter.inc.php
/scripts/includes/db_adodb.php
/scripts/includes/hnmain.inc.php3
/scripts/includes/main.conf
/scripts/includes/third_party/adodb/server.php
/scripts/index
/scripts/index.action
/scripts/index.asp
/scripts/index.cfm
/scripts/index.cgi
/scripts/index.html
/scripts/index.jsp
/scripts/index.php
/scripts/index.php/admin/
/scripts/index.php/admin/login/
/scripts/index.php/index.html
/scripts/index.php/login
/scripts/index.phtml
/scripts/index.pl/homels
/scripts/index2.cgi
/scripts/index2.php
/scripts/info.dat
/scripts/info.php
/scripts/info2www
/scripts/infosrch.cgi
/scripts/insertorder.cfm
/scripts/install.php
/scripts/interface/index.do
/scripts/ion-p.exe
/scripts/item.fts
/scripts/jammail.pl
/scripts/javascript.php
/scripts/jcart-relay.php
/scripts/jgs_portal_statistik.php
/scripts/js/vendors.php
/scripts/k/home
/scripts/kernel/loadkernel.php
/scripts/landesk/vboot/default.winpemanaged
/scripts/lang/index.php
/scripts/lang/lang.php
/scripts/language.php
/scripts/lg.php
/scripts/lib.inc.php
/scripts/lib/OWL_API.php
/scripts/lib/adodb/server.php
/scripts/lib/adodb_lite/adodb-perf-module.inc.php
/scripts/lib/authform.inc.php
/scripts/lib/dbman_filter.inc.php
/scripts/libraries/adodb/server.php
/scripts/library/adodb/server.php
/scripts/library/lib.php
/scripts/links_add_form.asp
/scripts/list.php
/scripts/listinfo/
/scripts/listing.php
/scripts/listrec.pl
/scripts/livre_include.php
/scripts/loader-wizard.php
/scripts/logbook.pl
/scripts/logicworks.ini
/scripts/login
/scripts/login.action
/scripts/login.asp
/scripts/login.aspx
/scripts/login.cgi
/scripts/login.jsp
/scripts/login.mako
/scripts/login.php
/scripts/login.pl
/scripts/login.wdm
/scripts/login/default.aspx
/scripts/login_page.php
/scripts/logs/HCDiskQuotaService.csv
/scripts/lostpass.php
/scripts/loudblog/inc/parse_old.php
/scripts/lp
/scripts/lp/AdminlogonPoint/Logon.do
/scripts/lsg2.cgi
/scripts/mail.cgi
/scripts/mail.php
/scripts/mailbox.php3
/scripts/main.php
/scripts/man-cgi
/scripts/man2html
/scripts/man2web
/scripts/manage_overview_page.php
/scripts/manager/
/scripts/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php
/scripts/mapserv
/scripts/mapserv.exe
/scripts/math_sum.mscgi
/scripts/mathtex.cgi
/scripts/mathtex.pl
/scripts/member.php
/scripts/member/index.php
/scripts/mensajeitor.php
/scripts/menu_dx.php
/scripts/localhost.7z
/scripts/localhost.Z
/scripts/localhost.bz2
/scripts/localhost.com.7z
/scripts/localhost.com.Z
/scripts/localhost.com.bz2
/scripts/localhost.com.gz
/scripts/localhost.com.jar
/scripts/localhost.com.rar
/scripts/localhost.com.tar
/scripts/localhost.com.tar.bz2
/scripts/localhost.com.tar.gz
/scripts/localhost.com.tgz
/scripts/localhost.com.war
/scripts/localhost.com.z
/scripts/localhost.com.zip
/scripts/localhost.gz
/scripts/localhost.jar
/scripts/localhost.rar
/scripts/localhost.tar
/scripts/localhost.tar.bz2
/scripts/localhost.tar.gz
/scripts/localhost.tgz
/scripts/localhost.war
/scripts/localhost.z
/scripts/localhost.zip
/scripts/minis.php
/scripts/misc.php
/scripts/misc/audio.php
/scripts/misc/info.php
/scripts/mj_wwwusr
/scripts/mlog.html
/scripts/mmstdod.cgi
/scripts/module.php
/scripts/modules.php
/scripts/modules/Printing/output.php
/scripts/modules/TinyMCE/content_css.php
/scripts/modules/core/module.inc
/scripts/modules/news/
/scripts/modules/projects/sql/install-0.9.7.php
/scripts/month.php
/scripts/more.php
/scripts/mpweb/html/help/000/user_help/help/output/config.js
/scripts/mrtg.cgi
/scripts/msg.txt
/scripts/mt.cgi
/scripts/myevent.php
/scripts/mylog.html
/scripts/myphpPageTool/doc/admin/index.php
/scripts/nbmember.cgi
/scripts/ncbook.cgi
/scripts/ncbook/ncbook.cgi
/scripts/neomail-prefs.pl
/scripts/neomail.pl
/scripts/nessus"><script>alert('django_admin_xss.nasl')</script>/
/scripts/netauth.cgi
/scripts/new-visitor.inc.php
/scripts/new_images.php
/scripts/news.mdb
/scripts/news.php
/scripts/news/index.dot
/scripts/newsdata/data/user.idx
/scripts/newsdesk.cgi
/scripts/newsscript.pl
/scripts/nmap.php
/scripts/normal_html.cgi
/scripts/notify
/scripts/nph-exploitscanget.cgi
/scripts/nph-mr.cgi
/scripts/nph-proxy.cgi
/scripts/nph-test-cgi
/scripts/nquser.php
/scripts/nslookup.cgi
/scripts/nucleus/libs/PLUGINADMIN.php
/scripts/nx/common/cds/menu.inc.php
/scripts/ohelp/en_US/Content/master/webadmin/WebAdmin.html
/scripts/op/op.Login.php
/scripts/open.php
/scripts/ovlaunch.exe
/scripts/p-news.php
/scripts/pafiledb.php
/scripts/page
/scripts/pajax/pajax_call_dispatcher.php
/scripts/pals-cgi
/scripts/parse_xml.cgi
/scripts/password.asp
/scripts/password_reminder.php
/scripts/patch/index.php
/scripts/pcadmin/login.asp
/scripts/perl
/scripts/perl.exe
/scripts/pfdispaly
/scripts/pfdispaly.cgi
/scripts/phf
/scripts/photo.php
/scripts/php-ping.php
/scripts/php.cgi
/scripts/php/mytutos.php
/scripts/phpinfo.php
/scripts/phpnews/sendtofriend.php
/scripts/phpping/index.php
/scripts/phprint.php
/scripts/phptonuke.php
/scripts/plog-download.php
/scripts/plog-rss.php
/scripts/plugins/preview/preview.html
/scripts/plugins/safehtml/HTMLSax3.php
/scripts/pm/add_ons/mail_this_entry/mail_authocheck.php
/scripts/pmwiki.php
/scripts/pollit/Poll_It_SSI_v2.0.cgi
/scripts/popup.php
/scripts/port.php
/scripts/portal/
/scripts/preferences.php
/scripts/print.php
/scripts/printfaq.php
/scripts/processSimple.do
/scripts/productsByCategory.asp
/scripts/profil.php
/scripts/profile.asp
/scripts/projects_site/uploadfile.php
/scripts/protection.php
/scripts/psunami.cgi
/scripts/pwcgi/smpwservicescgi.exe
/scripts/query
/scripts/query.cgi
/scripts/quickstore.cgi
/scripts/recordings/index.php
/scripts/remindpasswd
/scripts/remotehtmlview.php
/scripts/resetpw.php
/scripts/rest/api/2.0.alpha1/serverInfo
/scripts/rest/api/2/serverInfo
/scripts/review.php
/scripts/roschedule.php
/scripts/rot13sj.cgi
/scripts/rpc.php
/scripts/rss.php
/scripts/samba/smb2www.pl
/scripts/samples/sample_posteddata.php
/scripts/samples/search/author.idq
/scripts/samples/search/filesize.idq
/scripts/samples/search/filetime.idq
/scripts/samples/search/queryhit.idq
/scripts/samples/search/simple.idq
/scripts/save.php
/scripts/scp.dll/sendto
/scripts/script/cat_for_gen.php
/scripts/sdbsearch.cgi
/scripts/search
/scripts/search.aspx
/scripts/search.cfm
/scripts/search.cgi
/scripts/search.exe
/scripts/search.jsp
/scripts/search.php
/scripts/search.pl
/scripts/search/results.stm
/scripts/search/search.cgi
/scripts/search/show.pl
/scripts/search=<script>alert('XSS')</script>
/scripts/secure.php
/scripts/sendcard.php
/scripts/sendtemp.pl
/scripts/server.pt
/scripts/server/s3_download.php
/scripts/services/Walrus
/scripts/session/login.php
/scripts/setcookie.php
/scripts/settemplate.php
/scripts/settings/site.ini
/scripts/setup.php
/scripts/sgdynamo.exe
/scripts/shared/help.php
/scripts/shell/sitecore.version.xml
/scripts/shop.plx
/scripts/shop.plx/page=nessus1060029232
/scripts/shopaddtocart.asp
/scripts/shopexd.asp
/scripts/shopper.cgi
/scripts/shops/sub.asp
/scripts/shoutbox.php
/scripts/showcat.php
/scripts/showproduct.php
/scripts/simple/view_page
/scripts/site_info.asp
/scripts/sitefinity/login.aspx
/scripts/siteframe.php
/scripts/sitemap.xml
/scripts/smb2www.pl
/scripts/smpwservicescgi.exe
/scripts/snpfiltered.pl
/scripts/sojourn.cgi
/scripts/source
/scripts/sources/functions.php
/scripts/spaw/dialogs/confirm.php
/scripts/sql.php
/scripts/sql.php3
/scripts/sql/install-0.9.7.php
/scripts/squirrelcart/cart_content.php
/scripts/sqwebmail
/scripts/src/login.php
/scripts/src/redirect.php
/scripts/starnet/addons/slideshow_full.php
/scripts/starnet/modules/sn_allbum/slideshow.php
/scripts/start.action
/scripts/store.cgi
/scripts/store.php
/scripts/story.pl
/scripts/styles.php
/scripts/subsystems/permissions.info.php
/scripts/sugarcrm/modules/Users/Login.php
/scripts/superguestconfig
/scripts/supporter/tupdate.php
/scripts/survey.inc.php
/scripts/swc
/scripts/sysinfo.cgi
/scripts/test-cgi
/scripts/tests/test_tools/selenium/core/SeleniumLog.html
/scripts/texis.cgi/ENESzAVJ-texis_path_disclosure
/scripts/texis.exe/
/scripts/texis.exe/ENESzAVJ-texis_path_disclosure
/scripts/texis/ENESzAVJ-texis_path_disclosure
/scripts/themes/program/themesettings.inc.php
/scripts/tiki-index.php
/scripts/tinfo.php
/scripts/tomcat_proxy_directory_traversal.nasl1485887718
/scripts/top.php
/scripts/topic.php
/scripts/tree.php
/scripts/tst.bat|type c:\windows\win.ini
/scripts/tst.bat|type c:\winnt\win.ini
/scripts/tsweb.asp
/scripts/tsweb/
/scripts/ttawebtop.cgi/
/scripts/ttx.cgi
/scripts/type.asp
/scripts/typo3/index.php
/scripts/ubbthreads.php
/scripts/update.php
/scripts/upgrade/index.php
/scripts/upgradev1.php
/scripts/upload.cgi
/scripts/upload/upload-submit.do
/scripts/user.cgi
/scripts/user.php
/scripts/users/users.php
/scripts/usrdetails.php
/scripts/ustorekeeper.pl
/scripts/utilities/login.asp
/scripts/verify.asp
/scripts/vhost.php
/scripts/viart_shop.xml
/scripts/view.php
/scripts/view/System/WebHome
/scripts/view/TWiki/WebHome
/scripts/viewCart.asp
/scripts/viewCat.asp
/scripts/view_user.php
/scripts/viewcvs.cgi/
/scripts/viewpage.php
/scripts/w3who.dll
/scripts/wa
/scripts/wa.cgi
/scripts/wa.exe
/scripts/way-board/way-board.cgi
/scripts/wc.dll
/scripts/webadmin.php
/scripts/webapp/home.html
/scripts/webappmon.exe
/scripts/webc.cgi/
/scripts/webcart.cgi
/scripts/webdist.cgi
/scripts/webglimpse.cgi
/scripts/webplus
/scripts/webplus.exe
/scripts/webspirs.cgi
/scripts/welcome.php
/scripts/wgate/!
/scripts/whois.cgi
/scripts/whois.php
/scripts/whois_raw.cgi
/scripts/wihphoto/start.php
/scripts/wiki.php/<script>foo</script>
/scripts/wiki/edit.php
/scripts/wiki/rankings.php
/scripts/wikka.php
/scripts/wizard/index.php
/scripts/wordtrans.php
/scripts/wps_shop.cgi
/scripts/wsasp.dll/WService=wsbroker1/webtools/oscommand.w
/scripts/wsasp.dll/WService=wsbroker1/webutil/ping.p
/scripts/wsisa.dll/WService=wsbroker1/webtools/oscommand.w
/scripts/wsisa.dll/WService=wsbroker1/webutil/ping.p
/scripts/wsnsa.dll/WService=wsbroker1/webtools/oscommand.w
/scripts/wsnsa.dll/WService=wsbroker1/webutil/ping.p
/scripts/wspd_cgi.sh/WService=wsbroker1/webtools/oscommand.w
/scripts/wspd_cgi.sh/WService=wsbroker1/webutil/ping.p
/scripts/www.localhost.7z
/scripts/www.localhost.Z
/scripts/www.localhost.bz2
/scripts/www.localhost.com.7z
/scripts/www.localhost.com.Z
/scripts/www.localhost.com.bz2
/scripts/www.localhost.com.gz
/scripts/www.localhost.com.jar
/scripts/www.localhost.com.rar
/scripts/www.localhost.com.tar
/scripts/www.localhost.com.tar.bz2
/scripts/www.localhost.com.tar.gz
/scripts/www.localhost.com.tgz
/scripts/www.localhost.com.war
/scripts/www.localhost.com.z
/scripts/www.localhost.com.zip
/scripts/www.localhost.gz
/scripts/www.localhost.jar
/scripts/www.localhost.rar
/scripts/www.localhost.tar
/scripts/www.localhost.tar.bz2
/scripts/www.localhost.tar.gz
/scripts/www.localhost.tgz
/scripts/www.localhost.war
/scripts/www.localhost.z
/scripts/www.localhost.zip
/scripts/www/delivery/ac.php
/scripts/www/delivery/fc.php
/scripts/wwwboard.html
/scripts/x_news.php
/scripts/xaradodb/server.php
/scripts/zenworks/jsp/fw/internal/Login.jsp
/scripts/zml.cgi
/scripts/zpanel.php
/scriptsadmin/index.php
/search-ui/
/search/
/search/results.stm
/search/search.cgi
/search/show.pl
/search97/
/search=<script>alert('XSS')</script>
/secret/
/secure/
/securecgi-bin/CSUserCGI.exe
/secured/
/seditio/
/segue/
/seguecms/
/sell/
/serve/
/server-info/
/server-status/
/server/s3_download.php
/server_stats/
/servers/
/serverstats/
/service/
/services/
/services/Walrus
/servicio/
/servicios/
/servlet/
/servlet/ContentServer
/servlet/ServletManager
/servlet/SnoopServlet/
/servlet/UDataArea
/servlet/admin
/servlet/com.newatlanta.servletexec.JSP10Servlet
/servlet/com.newatlanta.servletexec.JSP10Servlet/..\..\global.asa
/servlet/org.apache.catalina.servlets.DefaultServlet/dms2/Login.jsp
/servlet/snoop/
/servlet/snoopservlet/
/servlet/webacc
/servlets-examples/
/servlets/
/seserver/about.aspx
/session/
/session/login.php
/sessionmanager/
/sessionmanager/login.jsp
/settings/site.ini
/setup/
/sf/docman/new.php
/sf/patch/index.php
/sfm/fm.php
/sgb/superguestconfig
/sgdadmin/faces/jsp/Version.jsp
/sgms/login
/share/
/shared/
/shared/help.php
/shared/userlogin.php
/shell-cgi/
/shell/sitecore.version.xml
/shipping/
/shop.plx/page=nessus1319471171
/shop.plx/page=nessus84128042
/shop/
/shop/normal_html.cgi
/shop/psunami.cgi
/shopper/
/shopping/
/shops/sub.asp
/shopscript/
/shr-cgi-bin/
/silverstripe/
/simpgb/
/simple/view_page
/simplebbs/
/simplog/
/site/
/site_sift/
/siteadmin/
/sitebuilder/
/sitebuildercontent/
/sitebuilderfiles/
/sitebuilderpictures/
/sitecore/login/Default.aspx
/sitecore/login/default.aspx
/sitecore/shell/sitecore.version.xml
/sitefinity/login.aspx
/sitemap/sitemap.xml
/sitemgr/
/siteminder/
/siteminderagent/
/sites/
/siteserver/
/sitesift/
/sitestats/
/siteupdate/
/slide/
/sm/
/smartermail/
/smf/
/smreports/
/smreportsviewer/
/snitz/
/snmx-cgi/
/snmx-cgi/fxm.exe
/snoop/
/snoopservlet/
/soap/
/soapdocs/
/socialengine/
/socialnetwork/
/software/
/solaris/
/solutions/
/source/
/sources/functions.php
/spaw/dialogs/confirm.php
/sphider/
/sphpblog/
/spip/
/spotfire/about.jsp
/spt/
/spywall/login.php
/sql-ledger/
/sql/
/sql/install-0.9.7.php
/sqlite/
/sqlitemanager/
/squid/
/squirrelcart/
/squirrelcart/cart_content.php
/squirrelmail/
/src/
/src/login.php
/src/redirect.php
/srchadm/
/ssi/
/ssi/envout.bat
/ssl/
/sslkeys/
/staff/
/staging/welcome.action
/starnet/addons/slideshow_full.php
/starnet/modules/sn_allbum/slideshow.php
/stat/
/stat/awstatstotals.php
/statistic/
/statistics/
/stats-bin-p/
/stats/
/stats_old/
/status/
/storage/
/store/
/storemgr/
/stream/0
/stronghold-info/
/stronghold-status/
/struts-cookbook/processSimple.do
/struts-examples/upload/upload-submit.do
/stuff/
/style/
/styles/
/stylesheet/
/stylesheets/
/subir/
/subsystems/permissions.info.php
/sugar/
/sugarcrm/
/sugarcrm/modules/Users/Login.php
/sugarsuite/
/sun/
/super_stats/
/support-center/
/support/
/support/helpdesk/
/supporter/
/supporter/tupdate.php
/supportsuite/
/survey/
/surveys/
/sws/data/sws_data.js
/swsbobje/
/swvm/ConsoleContainer.jsp
/sympa/
/symphony/
/sys/
/sysadmin/
/sysbackup/
/sysinfo/
/system/
/system/console
/system/login
/tar/
/tarantella/
/tarantella/cgi-bin/secure/ttawlogin.cgi/
/tarjetas/
/tdbin/
/te_html/
/teaming/
/tech/
/technote/
/temp/
/template/
/templates/
/temporal/
/test-cgi/
/test/
/testing/
/testlink/
/tests/
/tests/test_tools/selenium/core/SeleniumLog.html
/testsite/typo3/
/testweb/
/texis.cgi/ENESzAVJ-texis_path_disclosure
/texis.exe/
/texis.exe/ENESzAVJ-texis_path_disclosure
/texis/ENESzAVJ-texis_path_disclosure
/themes/
/themes/program/themesettings.inc.php
/things/
/this_server/all_settings.shtml
/thyme/
/ticket/
/tickets/
/tigercrm/
/tiki/
/tinywebgallery/
/tmp/
/tmui/
/tomcat-docs/index.html
/tools/
/toplist/
/topsite/
/topsites/
/tor/
/tpv/
/trabajo/
/trac/
/track/
/tracking/
/transito/
/transpolar/
/tree/
/trees/
/triton-help/en/first.htm
/tsweb/
/ttawebtop.cgi/
/ttforum/
/turba/
/twg/
/twiki/bin/
/typo3/
/typo3/index.php
/typolight/
/ubbthreads/
/ucsm/isSamInstalled.cgi
/uddi/default.aspx
/uddipublic/default.aspx
/uebimiau/
/ui/faces/Login.xhtml
/ui/login.action
/ui/login/
/unauthenticated/..
/..
/..
/..
/var/user_def/ad.conf
/upb/
/upb/db/users.dat
/updates/
/upgrade/index.php
/upload/
/upload/upload-submit.do
/uploads/
/urchin/
/urchin3/
/urchin5/
/us/
/usage/
/user/
/userdb/
/userportal/webpages/myaccount/login.jsp
/users/
/users/users.php
/usr/
/ustats/
/usuario/
/usuarios/
/util/
/utilities/login.asp
/utils/
/v2.0/environments/localhost.com
/v4/
/vcard/
/vcards/
/vfs/
/vhcs2/
/vicidial/
/vicidial/admin.php
/view/System/WebHome
/view/TWiki/WebHome
/view/hsrindex.shtml
/view/index.shtml
/view/view.shtml
/viewcvs.cgi/
/viewvc.cgi/
/viewvc/
/vpopmail/README
/vtiger/
/w-agora/
/w3perl/
/wavemaker/
/wavemaster.internal/
/way-board/
/way-board/way-board.cgi
/wb/
/wbboard/
/wcd/system.xml
/wconnect/wc.dll
/web-determinations/
/web/
/web800fo/
/webMathematica/
/web_usage/
/webaccess/
/webacs/help/ncshelp/config.js
/webadmin/
/webalizer/
/webapp/home.html
/webapps/
/webapps/login/index.html
/webboard/
/webc.cgi/
/webcart-lite/
/webcart/
/webct/about.jsp
/webdata/
/webdb/
/webftp/
/webgallery/
/webimages/
/webimages2/
/webinsta/
/webl/index.html
/weblog/
/weblogs/
/webmail/
/webmaster/
/webmaster_logs/
/webpub-ui/
/webpub/
/webreports/
/webreps/
/webshare/
/website/
/webstat/
/webstats/
/webthings/
/webtrace/
/webtrends/
/wihphoto/start.php
/wiki.php/<script>foo</script>
/wiki/
/wiki/RELEASE-NOTES
/wiki/bin/
/wiki/edit.php
/wiki/index.php
/wiki/mw-config
/wiki/rankings.php
/wikka/
/windows/
/wizard/index.php
/word/
/wordpress/
/wordtrans/
/work/
/wps/portal_dojo/layerLoader.jsp
/wps/wcm/webinterface/login/login.jsp
/wsasp.dll/WService=wsbroker1/webtools/oscommand.w
/wsasp.dll/WService=wsbroker1/webutil/ping.p
/wsdocs/
/wsisa.dll/WService=wsbroker1/webtools/oscommand.w
/wsisa.dll/WService=wsbroker1/webutil/ping.p
/wsnsa.dll/WService=wsbroker1/webtools/oscommand.w
/wsnsa.dll/WService=wsbroker1/webutil/ping.p
/wspd_cgi.sh/WService=wsbroker1/webtools/oscommand.w
/wspd_cgi.sh/WService=wsbroker1/webutil/ping.p
/wstats/
/wusage/
/wws/
/wwsympa/
/www-sql/
/www/
/www/delivery/ac.php
/www/delivery/fc.php
/wwwjoin/
/wwwlog/
/wwwstat/
/wwwstats/
/x-news/
/x7chat/
/xGB/
/x_news/
/xampp/
/xampp/adodb.php
/xampp/cgi.cgi
/xampp/index.php
/xampp/phpldapadmin/
/xampp/pla/
/xampp/start.php
/xaradodb/server.php
/xaraya/
/xmb/
/xml/
/xmlpserver/
/xnews/
/xoops/
/xsql/demo/airport/airport.xsql
/xtemp/
/yabb/
/yabb2/
/yabbse/
/yapig/
/yappa-ng/
/yappa/
/zabbix/
/zb41/
/zboard/
/zen-cart/
/zen/
/zencart/
/zenphoto/
/zenworks/jsp/fw/internal/Login.jsp
/zipfiles/
/zixforum/
/zpanel/
/~1/
/~admin/
/~log/
/~nobody/etc/passwd
/~root/
/~stats/
/~webstats/
/~wsdocs/
/�../�../�../�../�../�../windows/win.ini
/�../�../�../�../�../�../winnt/win.ini
/�.�./�.�./�.�./�.�./windows/win.ini
/�.�./�.�./�.�./�.�./winnt/win.ini
/�.�./�.�./�.�./�.�./�.�./windows/win.ini
/�.�./�.�./�.�./�.�./�.�./winnt/win.ini