images css LC_MESSAGES js default.php index.php tmpl lang default Thumbs.db README templates langs editor_plugin.js config GNUmakefile themes en img view.html.php editor_plugin_src.js admin helper.php ...
Null chars also work as XSS vectors but not like above, you need to inject them directly using something like Burp Proxy or use %00 in the URL string or if you want to write your own injection tool ...
一些您可能无法访问的结果已被隐去。
显示无法访问的结果