Top25漏洞常见参数

XSS跨站脚本攻击SSRF服务端请求伪造LFI本地文件包含SQL注入RCE远程代码执行URL重定向

?q={payload}?s={payload}?search={payload}?id={payload}?lang={payload}?keyword={payload}?query={payload}?page={payload}?keywords={payload}?year={payload}?view={payload}?email={payload}?type={payload}?name={payload}?p={payload}?month={payload}?image={payload}?list_type={payload}?url={payload}?terms={payload}?categoryid={payload}?key={payload}?login={payload}?begindate={payload}?enddate={payload}

?dest={target}?redirect={target}?uri={target}?path={target}?continue={target}?url={target}?window={target}?next={target}?data={target}?reference={target}?site={target}?html={target}?val={target}?validate={target}?domain={target}?callback={target}?return={target}?page={target}?feed={target}?host={target}?port={target}?to={target}?out={target}?view={target}?dir={target}

?cat={payload}?dir={payload}?action={payload}?board={payload}?date={payload}?detail={payload}?file={payload}?download={payload}?path={payload}?folder={payload}?prefix={payload}?include={payload}?page={payload}?inc={payload}?locate={payload}?show={payload}?doc={payload}?site={payload}?type={payload}?view={payload}?content={payload}?document={payload}?layout={payload}?mod={payload}?conf={payload}

?id=?page=?dir=?search=?category=?file=?class=?url=?news=?item=?menu=?lang=?name=?ref=?title=?view=?topic=?thread=?type=?date=?form=?join=?main=?nav=?region=

?cmd=?exec=?command=?execute=?ping=?query=?jump=?code=?reg=?do=?func=?arg=?option=?load=?process=?step=?read=?function=?req=?feature=?exe=?module=?payload=?run=?print=

?next={payload}?url={payload}?target={payload}?rurl={payload}?dest={payload}?destination={payload}?redir={payload}?redirect_uri={payload}?redirect_url={payload}?redirect={payload}/redirect/{payload}/cgi-bin/redirect.cgi?{payload}/out/{payload}/out?{payload}?view={payload}/login?to={payload}?image_url={payload}?go={payload}?return={payload}?returnTo={payload}?return_to={payload}?checkout_url={payload}?continue={payload}?return_path={payload}