1.6 KiB

Raw Permalink Blame History

Les URL à éviter :

Les URL d'admin

/admin/ /WebAdmin/ /administrator/ /system/ /manager/ /power/ /adminaccess/ /admin.php

Les éditeurs

/editor/ /editor/editor/ /editorold/editor/ /editor1/editor/

FCKEditor

/fckeditor/ /fck/editor/

TinyMCE

/tinymce/plugins/filemanager/ /apqvtinymce/plugins/filemanager/ /jscripts/tiny_mce/plugins/filemanager/ /tiny_mce/plugins/filemanager/ /hznttiny_mce/plugins/filemanager/ /tinymce/plugins/imagemanager/ /sabrtiny_mce/plugins/imagemanager/ /tiny_mce/plugins/imagemanager/ /edeutinymce/plugins/imagemanager/ /tiny_mce/plugins/tinybrowser/ /tinymce/plugins/tinybrowser/ /tiny_mce/plugins/ajaxfilemanager/ /tinymce/plugins/ajaxfilemanager/

Les plugins d'upload

/com_simplephotogallery/lib/uploadFile.php /php-ofc-library/ofc_upload_image.php /plugins/editors/idoeditor/themes/advanced/php/image.php /mod_artuploader/upload.php /com_joomsport/includes/imgres.php /com_pinboard/popup/popup.php /open-flash-chart/ofc_upload_image.php /com_extplorer/uploadhandler.php /uploadify/uploadify.php /pm_advancedsearch4/js/uploadify/uploadify.php /com_agileplmform/ /com_creativecontactform/fileupload/ /elfinder/connector/php/connector.php /lpxielfinder/connector/php/connector.php /spaw2/dialogs/dialog.php (https://www.exploit-db.com/exploits/12672)

Wordpress

/wp-admin/ /wp-content/plugins/revolution-slider/ /wp-content/plugins/revslider/ /wp-content/plugins/wp-symposium-pro/ /wp-login.php /wp-content/plugins/akismet/akismet.js /xmlrpc.php (?)

Divers

/webmaster/ /sys/ /include/ /cgi-sys/suspendedpage.cgi /FileZilla.xml /user (?)

1.6 KiB Raw Permalink Blame History