# Les URL à éviter :

## Les URL d'admin

/admin/
/WebAdmin/
/administrator/
/system/
/manager/
/power/
/adminaccess/
/admin.php

## Les éditeurs

/editor/
/editor/editor/
/editorold/editor/
/editor1/editor/

### FCKEditor

/fckeditor/
/fck/editor/

### TinyMCE

/tinymce/plugins/filemanager/
/apqvtinymce/plugins/filemanager/
/jscripts/tiny_mce/plugins/filemanager/
/tiny_mce/plugins/filemanager/
/hznttiny_mce/plugins/filemanager/
/tinymce/plugins/imagemanager/
/sabrtiny_mce/plugins/imagemanager/
/tiny_mce/plugins/imagemanager/
/edeutinymce/plugins/imagemanager/
/tiny_mce/plugins/tinybrowser/
/tinymce/plugins/tinybrowser/
/tiny_mce/plugins/ajaxfilemanager/
/tinymce/plugins/ajaxfilemanager/

## Les plugins d'upload

/com_simplephotogallery/lib/uploadFile.php
/php-ofc-library/ofc_upload_image.php
/plugins/editors/idoeditor/themes/advanced/php/image.php
/mod_artuploader/upload.php
/com_joomsport/includes/imgres.php
/com_pinboard/popup/popup.php
/open-flash-chart/ofc_upload_image.php
/com_extplorer/uploadhandler.php
/uploadify/uploadify.php
/pm_advancedsearch4/js/uploadify/uploadify.php
/com_agileplmform/
/com_creativecontactform/fileupload/
/elfinder/connector/php/connector.php
/lpxielfinder/connector/php/connector.php
/spaw2/dialogs/dialog.php (https://www.exploit-db.com/exploits/12672)

## Wordpress

/wp-admin/
/wp-content/plugins/revolution-slider/
/wp-content/plugins/revslider/
/wp-content/plugins/wp-symposium-pro/
/wp-login.php
/wp-content/plugins/akismet/akismet.js
/xmlrpc.php (?)

## Divers

/webmaster/
/sys/
/include/
/cgi-sys/suspendedpage.cgi
/FileZilla.xml
/user (?)