From 2aec0c7b92552a89402b22501f22715c07af82f8 Mon Sep 17 00:00:00 2001
From: Clement Desmidt <clement@desmidt.fr>
Date: Wed, 6 May 2020 11:26:07 +0200
Subject: [PATCH] =?UTF-8?q?=20=E2=9C=A8=20Add=20list?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 list.md | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 list.md

diff --git a/list.md b/list.md
new file mode 100644
index 0000000..105d4f7
--- /dev/null
+++ b/list.md
@@ -0,0 +1,78 @@
+# Les URL à éviter :
+
+## Les URL d'admin
+
+/admin/
+/WebAdmin/
+/administrator/
+/system/
+/manager/
+/power/
+/adminaccess/
+/admin.php
+
+## Les éditeurs
+
+/editor/
+/editor/editor/
+/editorold/editor/
+/editor1/editor/
+
+### FCKEditor
+
+/fckeditor/
+/fck/editor/
+
+### TinyMCE
+
+/tinymce/plugins/filemanager/
+/apqvtinymce/plugins/filemanager/
+/jscripts/tiny_mce/plugins/filemanager/
+/tiny_mce/plugins/filemanager/
+/hznttiny_mce/plugins/filemanager/
+/tinymce/plugins/imagemanager/
+/sabrtiny_mce/plugins/imagemanager/
+/tiny_mce/plugins/imagemanager/
+/edeutinymce/plugins/imagemanager/
+/tiny_mce/plugins/tinybrowser/
+/tinymce/plugins/tinybrowser/
+/tiny_mce/plugins/ajaxfilemanager/
+/tinymce/plugins/ajaxfilemanager/
+
+## Les plugins d'upload
+
+/com_simplephotogallery/lib/uploadFile.php
+/php-ofc-library/ofc_upload_image.php
+/plugins/editors/idoeditor/themes/advanced/php/image.php
+/mod_artuploader/upload.php
+/com_joomsport/includes/imgres.php
+/com_pinboard/popup/popup.php
+/open-flash-chart/ofc_upload_image.php
+/com_extplorer/uploadhandler.php
+/uploadify/uploadify.php
+/pm_advancedsearch4/js/uploadify/uploadify.php
+/com_agileplmform/
+/com_creativecontactform/fileupload/
+/elfinder/connector/php/connector.php
+/lpxielfinder/connector/php/connector.php
+/spaw2/dialogs/dialog.php (https://www.exploit-db.com/exploits/12672)
+
+## Wordpress
+
+/wp-admin/
+/wp-content/plugins/revolution-slider/
+/wp-content/plugins/revslider/
+/wp-content/plugins/wp-symposium-pro/
+/wp-login.php
+/wp-content/plugins/akismet/akismet.js
+/xmlrpc.php (?)
+
+## Divers
+
+/webmaster/
+/sys/
+/include/
+/cgi-sys/suspendedpage.cgi
+/FileZilla.xml
+/user (?)
+