nuclei-templates

Commit Graph

Author	SHA1	Message	Date
Prince Chaddha	33d009da24	Update xerox-efi-lfi.yaml	2022-01-10 12:07:06 +05:30
GwanYeong Kim	9befbf0654	Create xerox-efi-lfi.yaml Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>	2022-01-09 15:39:39 +09:00

Author

SHA1

Message

Date

Prince Chaddha

33d009da24

Update xerox-efi-lfi.yaml

2022-01-10 12:07:06 +05:30

GwanYeong Kim

9befbf0654

Create xerox-efi-lfi.yaml

Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

2022-01-09 15:39:39 +09:00

2 Commits (2fb5401ddbc2a7c575c9c6970a110a70d69ae66d)