File Access Bruteforce Attempts for 2021-04-22
Share on:
Apr 22, 2021
Reconnaissance
Last Updated: 21:04 GMT+8
- %2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd
- %2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
- %2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\windows\win.ini
- %2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\winnt\win.ini
- %c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/windows/win.ini
- %c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/winnt/win.ini
- +CSCOE+/logon.html
- +CSCOE+/win.js
- ./WEB-INF/
- .DS_Store
- .cobalt
- .svn/entries
- 17001/
- 1DJBOB_gQagn
- 1fANDB71.aspx
- 5nWyXyoU.asmx
- 9ji5kb0s.asp?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.aspx?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.cfc?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.cfm?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.cgi?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.dll?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.do?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.exe?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.fts?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.htm?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.html?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.idc?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.jsp?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.jspa?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.kspx?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.mscgi?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.nsf?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.php3?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.php?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.pl?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- 9ji5kb0s.x?meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- AdminTools/querybuilder/nn.jsp
- CFIDE/administrator/index.cfm
- CFIDE/administrator/settings/version.cfm
- CSCOnm/servlet/login/login.jsp
- CVS/Entries
- ConsoleHelp/default.jsp
- ControlManager/default.htm
- ControllerWeb/
- DB4Web/WIN-CTDBH0J2ALK:23/foo
- Default.aspx
- DesktopDirector
- Director
- FGp88pHfTrTw.asp
- FGp88pHfTrTw.cfm
- FGp88pHfTrTw.cgi
- FGp88pHfTrTw.html
- FGp88pHfTrTw.inc
- FGp88pHfTrTw.php
- FGp88pHfTrTw.php3
- FGp88pHfTrTw.pl
- FGp88pHfTrTw.sh
- FGp88pHfTrTw.shtml
- Fn02TBsH.rem
- HNAP1/
- Help.action
- Home.do
- IDMProv/jsps/help/Help.jsp
- LoginPage.do
- MM/
- MSWSMTP/Common/Authentication/Logon.aspx
- NASApp/nessus/
- NCMContainer.cc
- NULL.ida
- Orion/Login.asp
- Orion/Login.aspx
- PAN_help/en/wwhelp/wwhimpl/common/private/title.js
- PUBLIC/ADMIN/INDEX.HTM
- PassTrixMain.cc
- RSAarcher/Default.asp
- RSAarcher/Default.aspx
- Reporting/login/change_password.php?enable_auth=0
- SAPHostControl/?wsdl
- SE/EMC_SE.swf
- SE/appInfo.xml
- SUbONgZZ.asmx
- Sametime/buildinfo.txt
- Sametime/domino/html/sametime/buildinfoST75CF1.txt
- SilverStream
- SilverStream/Meta/Tables/?access-mode=text
- SiteScope/
- SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator
- SnoopServlet/
- SyKgqnny.soap
- ViewerFrame?Mode=Motion
- VncViewer.jar
- WebID/IISWebAgentIF.dll?postdata=”scriptfoo/script
- Webcam/webcam.html
- Wsusadmin/Errors/BrowserSettings.aspx
- XKtHD9La.soap
- _Zf7wwOI.aspx
- _mt/mt.cgi
- _vti_bin/fpcount.exe
- _vti_bin/shtml.dll/_vti_rpc
- a1zcxbhf.asp?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.aspx?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.cfc?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.cfm?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.cgi?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.dll?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.do?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.exe?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.fts?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.htm?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.html?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.idc?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.jsp?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.jspa?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.kspx?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.mscgi?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.nsf?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.php3?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.php?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.pl?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- a1zcxbhf.x?meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- about
- about.jsp
- aboutprinter.html
- acopia/
- active.log
- admin.back
- admin.cgi
- admin/
- admin/LocalIndex.html
- admin/api.php?version
- admin/index.php?route=common/login
- admin/login.do
- admin/login.jsp
- admin/statistics/ConfigureStatistics
- admin_ui/mas/ent/login.html
- administrator.cgi
- altercast/AlterCast?op=%3cscript%3ealert(%22adobe_document_server_61.nasl%22)%3c%2fscript%3e
- ap//
- apex/f?p=nessuscheck
- api/v1/?format=api
- app-ads.txt
- app/idxasp.html
- app/ui/login.jsp
- apple-touch-icon-152x152-precomposed.png
- apple-touch-icon-152x152.png
- apple-touch-icon-precomposed.png
- apple-touch-icon.png
- appliance/
- apps/zxtm/login.cgi
- assets/js/conf/global_config.js
- auth/login
- authenticate/login
- autopass/login_input
- av/api/1.0/system/local/tasks
- axis/DirectDownload.jsp
- axis2/services/CUPMService/ping
- backup/wp-admin/
- baselining/version
- bitrix/admin/index.php?lang=en
- brightmail/viewLogin.do
- btmui/
- builtin/index.html
- cas/login
- caucho-status
- cfg/shortcuts
- cgi-bin-sdb/printenv
- cgi-bin/Count.cgi
- cgi-bin/FGp88pHfTrTw.asp
- cgi-bin/FGp88pHfTrTw.cfm
- cgi-bin/FGp88pHfTrTw.cgi
- cgi-bin/FGp88pHfTrTw.html
- cgi-bin/FGp88pHfTrTw.inc
- cgi-bin/FGp88pHfTrTw.php
- cgi-bin/FGp88pHfTrTw.php3
- cgi-bin/FGp88pHfTrTw.pl
- cgi-bin/FGp88pHfTrTw.sh
- cgi-bin/FGp88pHfTrTw.shtml
- cgi-bin/FormHandler.cgi
- cgi-bin/FormMail.cgi
- cgi-bin/admin
- cgi-bin/admin.cgi
- cgi-bin/admin.pl
- cgi-bin/administrator
- cgi-bin/administrator.cgi
- cgi-bin/agorn.cgi
- cgi-bin/bugreport.cgi
- cgi-bin/camctrl.cgi
- cgi-bin/cart.cgi
- cgi-bin/client_execute.cgi?tUD=0
- cgi-bin/clwarn.cgi
- cgi-bin/com5.pl
- cgi-bin/count.cgi
- cgi-bin/ctrldirect.cgi
- cgi-bin/faqmanager.cgi
- cgi-bin/faqmanager.cgi?toc=/etc/passwd%00
- cgi-bin/filescan
- cgi-bin/guestbook.cgi
- cgi-bin/guestimage.html
- cgi-bin/help.cgi
- cgi-bin/hi
- cgi-bin/index.cgi
- cgi-bin/index.pl
- cgi-bin/index.sh
- cgi-bin/kvm.cgi?&file=login
- cgi-bin/login
- cgi-bin/login.cgi
- cgi-bin/luci
- cgi-bin/mailit.pl
- cgi-bin/mt-static/mt-check.cgi
- cgi-bin/mt-static/mt-load.cgi
- cgi-bin/mt/mt-check.cgi
- cgi-bin/mt/mt-load.cgi
- cgi-bin/ncbook/book.cgi
- cgi-bin/printenv
- cgi-bin/printenv.cgi
- cgi-bin/pub/pki?cmd=serverInfo
- cgi-bin/quickstore.cgi
- cgi-bin/search
- cgi-bin/search.cgi
- cgi-bin/search/search.cgi
- cgi-bin/status
- cgi-bin/status.cgi
- cgi-bin/test-cgi
- cgi-bin/test.cgi
- cgi-bin/test.sh
- cgi-bin/upload.cgi
- cgi-bin/urlcount.cgi
- cgi-bin/viewcvs.cgi
- cgi-bin/wa
- cgi-bin/wa.cgi
- cgi-bin/wa.exe
- cgi-bin/welcome
- cgi-bin/whois.cgi
- cgi-mod/index.cgi
- cgi-sys/defaultwebpage.cgi
- cgi-sys/entropysearch.cgi
- cgi/mid.cgi
- chassis/config/GeneralChassisConfig.html
- client/
- clientaccesspolicy.xml
- com/novell/webaccess/WebAccessUninstall.ini
- common/about.php
- commoncgi/servlet/CCGIServlet?ApHost=PDT_InterScan_NT&CGIAlias=PDT_InterScan_NT&File=logout.htm
- conf/ssl/apache/integrity-smartcenter.key
- conf/ssl/apache/integrity.key
- configurations.do
- console/login/LoginForm.jsp
- content/a8khS4_CiI.mp3
- core/orionSplashScreen.do
- courier/web/1000@/wmLogin.html
- crossdomain.xml
- cs/idcplg?IdcService=GET_ENVIRONMENT&IsJson=1
- csamc52/webadmin?page=invalid&type=browser
- cwhp/CSMSDesktop/about.jsp
- dana-na/nc/nc_gina_ver.txt
- ddem/
- default.php
- deploymentmanager/index.jsp
- dev/
- devinfo.xml
- dfcweb/lib/cupm/nls/applicationproperties.js
- dms2/Login.jsp
- dndirector
- dndirector/dashboard/Show.dn
- dp/login.xml
- dtlt/home.html
- dwr/index.html
- emsam/index.html
- en/main.js
- enter.php?goto=%2F
- error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cautoexec.bat
- error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
- error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
- error_page.htm
- etc/passwd
- event/index.do
- ews/index.htm
- exchweb/bin/auth/owalogon.asp?url=http://12345678910
- eyespyfx_large.jsp
- f360/login.jsp
- faq/
- favicon.iso
- favicon2.iso
- features
- file
- fogbugz/default.php
- forum.php
- gateway/login
- getxml
- gjJD04k1.aspx
- global.asa
- gwadmin-console/login.jsp
- hRHprCHv.aspx
- hazelcast/rest/cluster
- hc/admin/login/
- hc/error/
- header.php
- header.php?tab=status
- help/contents.htm
- help/introduction/release-notes.html
- home.htm
- home.seam
- horde/imp/status.php3
- html/en/index.htm
- i18n/adminconsole_en_us.json
- ibmmq/console/login.html
- ibmmq/console/nls/en/strings.json
- idc/idcplg?IdcService=GET_ENVIRONMENT&IsJson=1
- idcplg?IdcService=GET_ENVIRONMENT&IsJson=1
- idm/login.jsp?lang=en&cntry=
- igsponsor
- iisadmpwd/aexp.htr
- iisadmpwd/aexp2.htr
- iisadmpwd/aexp2b.htr
- iisadmpwd/aexp3.htr
- iisadmpwd/aexp4.htr
- iisadmpwd/aexp4b.htr
- iisprotect/admin/SiteAdmin.ASP?V_SiteName=&V_FirstTab=Groups&V_SecondTab=All&GroupName=nessus
- iisprotect/admin/SiteAdmin.ASP?V_SiteName=&V_FirstTab=Groups&V_SecondTab=All&GroupName=nessus’
- ikfDj8aU.aspx
- images
- images/login_top.gif
- images/logon_merge.gif
- imc
- imp/status.php3
- index.JSP
- index.aspx
- index.cgi
- index.do
- index.exp
- index.jsp
- index.jsp%00x
- index.php
- index.php/123
- index.pl
- index.sh
- internalServerReporting.php
- interscan/cgi-bin/FtpSave.dll?I’m%20Here
- intruvert/jsp/admin/Login.jsp
- invoker/EJBInvokerServlet
- invoker/JMXInvokerServlet
- ivc2/Backup/IVC1/html/index.htm
- jQsQpekT.aspx
- js/Device.js
- js/hpsum/hpsum-version.js
- js/zimbraMail/share/model/ZmSettings.js
- jts/
- jwTZX5LK.ashx
- kNigqM12e3rc
- kh9CMlC7.ashx
- lang_pack/EN.js
- lem/index.html
- libs/granite/core/content/login.html
- links_en.html
- login
- login.do
- login.htm
- login.html
- login.html?1600
- login.jsp
- login.php
- login/
- login1.htm
- login?redirects=10
- login?user=**%3Cscript%3EJavaScript:alert(‘cpanel_login_user_xss.nasl’)%3B%3C%2Fscript%3E
- loginMsg.js
- logon.jsp
- logon?onok=%22%3e%3cscript%3ealert(‘axon_logon_xss.nasl’)%3c%2fscript%3e
- logout
- mail/
- main/login.php?action=login
- main_internet.php
- mainui/
- manual/ag/contents.htm
- mapviewer/omserver?getv=t
- menu.htm
- meta%20http-equiv=Set-Cookie%20content=%22testsrrh=6240%22
- meta%20http-equiv=Set-Cookie%20content=%22testtlhe=9086%22
- mgmt/login?dest=%2Fmgmt%2Fgui%3Fp%3Dhome&reason=&username=
- mod_gzip_status
- mve/help/en/inventory/am_about.html
- names.nsf/view?ReadDesign
- nessus345678.html
- netbasic/websinfo.bas
- netflow/html/aboutus.jsp
- netmri/config/userAdmin/login.tdf
- ngp/version
- niet1084322167
- niet1092691045.php3
- niet109533633.aspx
- niet1320266074.php6
- niet1363857097.html
- niet1367455089.cfm
- niet1547836935.php5
- niet1619361572.php3
- niet1763963752.
- niet1917018741.htm
- niet199418667
- niet309249635.php
- niet346948015.jspx
- niet40794636.jspx
- niet424975388.cfm
- niet433780970.php4
- niet478057205.shtm
- niet544061734.php4
- niet550346998.
- niet553052621.asp
- niet584573019.asp
- niet639546654.jsp
- niet646412308.php5
- niet696858527.aspx
- niet72581346.shtml
- niet733214154.htm
- niet76430567.shtml
- niet879471349.shtm
- niet89656373.php6
- niet900652826.html
- niet975307759.php
- niet989707527.jsp
- nifi/
- nitro/v1/config/mps
- nls/ApplicationProperties-en.json
- nnm/main
- nosuchfile-171372072-1662222835.jsp
- nosuchfile-1873079602-1343752449.jsp
- nph-mr.cgi
- nps/servlet/portal
- nps/servlet/portalservice
- nsn/env.bas
- nsn/fdir.bas
- nul.dbm
- oc/lib-prod/tsm/TSM-login.js
- ofbizsetup/control/checkLogin
- oo/
- ordermgr/control/checkLogin
- ords/
- ossim/session/login.php
- otrs/index.pl
- pAHybdba.ashx
- page/portal/Design_Time_PG/Welcome
- pages/login.php
- perl/samples/env.pl
- perl/samples/lancgi.pl
- perl/samples/ndslogin.pl
- perl/samples/volscgi.pl
- photo/lang/ENG.js
- platform-ui/
- pls/apex/f?p=nessuscheck
- pluto/portal/
- port59404/
- portal
- portal/diag/index.jsp
- portal/page/portal/Design_Time_PG/Welcome
- properties/configuration.php?tab=Status
- properties/description.dhtml
- ptz.htm
- public/
- qMMbHEQu.ashx
- qip
- qsoap.qap
- query.cgi
- qwe/qwe/index.html
- rails_info/properties
- rcladmin/js/art_i18n/nls/art_i18n.js
- rdweb/login/login.html
- recoveryconsole/
- redfish/v1/
- reporter/client.jsp
- rest-service/reviews-v1/versionInfo
- rlufJEUA.asmx
- ruei/index.php
- sabin/SiteAdmin.htm
- sapmc/sapmc.html
- sawmill6cl.exe?ho+COMPLETE_VERSION}
- sawmillcl.exe?ho+COMPLETE_VERSION}
- sc3/console.php?psid=101
- scgi-bin/platform.cgi
- scmadmin/
- scmadmin/LocalIndex.html
- scriptdocument.cookie=%22testsrrh=6240;%22/script
- scriptdocument.cookie=%22testtlhe=9086;%22/script
- scriptfoo/script
- scripts/FGp88pHfTrTw.asp
- scripts/FGp88pHfTrTw.cfm
- scripts/FGp88pHfTrTw.cgi
- scripts/FGp88pHfTrTw.html
- scripts/FGp88pHfTrTw.inc
- scripts/FGp88pHfTrTw.php
- scripts/FGp88pHfTrTw.php3
- scripts/FGp88pHfTrTw.pl
- scripts/FGp88pHfTrTw.sh
- scripts/FGp88pHfTrTw.shtml
- scripts/fake.cgi?arg=/dir/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
- scripts/w3who.dll
- sdn/ui/app/index
- search/results.stm
- securecgi-bin/CSUserCGI.exe?Init+0
- securecgi-bin/CSUserCGI.exe?ver
- self_upgrade.html
- sellers.json
- server-info
- servlet/SnoopServlet/
- servlet/snoop/
- servlet/snoopservlet/
- servlet/webacc?User.lang=scriptfoo/script
- servlet/webacc?error=webacc
- session_login.cgi
- setup
- sgdadmin/faces/jsp/Version.jsp
- shared/userlogin.php
- show_bug.cgi
- smadmr5.nsf
- smconf.nsf
- smency.nsf
- smftypes.nsf
- smhelp.nsf
- smmsg.nsf
- smquar.nsf
- smsmvlog.nsf
- smtime.nsf
- snmx-cgi/fxm.exe
- snoop/
- snoopservlet/
- someunexistantantsutff.exe
- someunexistantantsutff11655483621667956552.html
- someunexistantantsutff949809611011357247.html
- spotfire/about.jsp
- spywall/login.php
- ssp//
- start.js
- startPage
- status
- status.php3
- status/format/json
- status?full&json
- stcenter.nsf
- stix/stix-2021-03-04.json
- stix/stix-2021-03-05.json
- stream/0
- stronghold-info
- stronghold-status
- struts/webconsole.html
- stub_status
- sws/data/sws_data.js
- swvm/ConsoleContainer.jsp
- syslog.htm
- system.xml
- system/console?version=1.5
- system/login
- tarantella/cgi-bin/secure/ttawlogin.cgi/?action=bootstrap
- test.cgi
- this_page_should_not_exist.htm
- this_server/all_settings.shtml
- tightvnc-jviewer.jar
- tmui/
- trace.axd
- trc
- triton-help/en/first.htm
- tsp//
- ucsm/isSamInstalled.cgi
- uddi/default.aspx
- uddipublic/default.aspx
- ui/
- ui/faces/Login.xhtml
- ui/login.action
- ui/login/
- unified-console.html
- upnp/BasicDevice.xml
- us
- usage/
- user_settings.cfg
- userportal/webpages/myaccount/login.jsp
- vSP6xVYq.rem
- vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
- version
- view.html
- view/hsrindex.shtml
- view/view.shtml
- vncviewer.jar
- vsmc.html
- wYrccF7o.asmx
- wavemaster.internal
- wcd/system.xml
- web-console/ServerInfo.jsp
- web-console/ServerInfo.jsp%00
- web-determinations/?CookieSet=true
- web.config
- webalizer/
- webapps/login/index.html
- webconsole/webpages/login.jsp
- webct/about.jsp
- webhost
- webman/info.cgi?host=
- whois.cgi
- wls-wsat/CoordinatorPortType
- wls_utc/
- wp-login.php
- wrcontrollite.ssi
- ws_utc/login.do
- wwwadmin.cgi
- wwwboard.cgi
- xampp/cgi.cgi
- xampp/index.php
- xmldata?item=All
- xmldata?item=all
- xmlrpc.php
- xsql/demo/airport/airport.xsql?xml-stylesheet=none
- ~nobody/etc/passwd