From 0c08a12deb7bb5867d10c5dc37e1418b18144b81 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Tue, 7 Mar 2023 16:18:20 -0500
Subject: [PATCH] Enhancement: cves/2018/CVE-2018-6184.yaml by md

---
 cves/2018/CVE-2018-6184.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/cves/2018/CVE-2018-6184.yaml b/cves/2018/CVE-2018-6184.yaml
index 50fbdd0d99..b2c1f48ba7 100644
--- a/cves/2018/CVE-2018-6184.yaml
+++ b/cves/2018/CVE-2018-6184.yaml
@@ -1,15 +1,15 @@
 id: CVE-2018-6184
 
 info:
-  name: ZEIT Next.js Framework Path Traversal
+  name: Zeit Next.js <4.2.3 -  Local File Inclusion
   author: DhiyaneshDK
   severity: high
   description: |
-    ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.
+    Zeit Next.js before 4.2.3 is susceptible to local file inclusion under the /_next request namespace. An attacker can obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. 
   reference:
     - https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/NextFrameworkPathTraversal.java
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-6184
     - https://github.com/zeit/next.js/releases/tag/4.2.3
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-6184
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -34,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2023/03/07