Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
* Enhancement: cves/2010/CVE-2010-1353.yaml by mp
* Enhancement: cves/2010/CVE-2010-1352.yaml by mp
* Enhancement: cves/2010/CVE-2010-1345.yaml by mp
* Enhancement: cves/2010/CVE-2010-1340.yaml by mp
* Enhancement: cves/2010/CVE-2010-1345.yaml by mp
* Enhancement: cves/2010/CVE-2010-1315.yaml by mp
* Enhancement: cves/2010/CVE-2010-1314.yaml by mp
* Enhancement: cves/2010/CVE-2010-1313.yaml by mp
* Enhancement: cves/2010/CVE-2010-1312.yaml by mp
* Enhancement: cves/2010/CVE-2010-1308.yaml by mp
* Enhancement: cves/2010/CVE-2010-1307.yaml by mp
* Enhancement: cves/2010/CVE-2010-1306.yaml by mp
* Enhancement: cves/2010/CVE-2010-1305.yaml by mp
* Enhancement: cves/2010/CVE-2010-1304.yaml by mp
* Enhancement: cves/2010/CVE-2010-1302.yaml by mp
* Enhancement: cves/2010/CVE-2010-1219.yaml by mp
* Enhancement: cves/2010/CVE-2010-1352.yaml by mp
* Enhancement: cves/2010/CVE-2010-1354.yaml by mp
* Enhancement: cves/2010/CVE-2010-1461.yaml by mp
* Enhancement: cves/2010/CVE-2010-1469.yaml by mp
* Enhancement: cves/2010/CVE-2010-1470.yaml by mp
* Enhancement: cves/2010/CVE-2010-1471.yaml by mp
* Enhancement: cves/2010/CVE-2010-1472.yaml by mp
* Enhancement: cves/2010/CVE-2010-1473.yaml by mp
* Enhancement: cves/2010/CVE-2010-1474.yaml by mp
* Enhancement: cves/2010/CVE-2010-1475.yaml by mp
* Enhancement: cves/2010/CVE-2010-1476.yaml by mp
* Enhancement: cves/2010/CVE-2010-1478.yaml by mp
* Enhancement: cves/2010/CVE-2010-1491.yaml by mp
* Enhancement: cves/2010/CVE-2010-1494.yaml by mp
* Enhancement: cves/2010/CVE-2010-1495.yaml by mp
* Enhancement: cves/2010/CVE-2010-1531.yaml by mp
* Enhancement: cves/2010/CVE-2010-1473.yaml by mp
* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs
* Enhancement: cves/2016/CVE-2016-4975.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-google.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs
* Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs
* Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs
* Enhancement: cves/2021/CVE-2021-1497.yaml by cs
* Spacing fixes and enhancement to CNVD-2019-01348.yaml
* Spacing fixes, and enhancement to CNVD-2019-01348.yaml
* Merge artifact
* Spacing
* Minor tags cleanup
* Enhancement: cves/2010/CVE-2010-1532.yaml by mp
* Enhancement: cves/2010/CVE-2010-1533.yaml by mp
* Enhancement: cves/2010/CVE-2010-1534.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: cves/2010/CVE-2010-1540.yaml by mp
* Enhancement: cves/2010/CVE-2010-1601.yaml by mp
* Enhancement: cves/2010/CVE-2010-1602.yaml by mp
* Enhancement: cves/2010/CVE-2010-1603.yaml by mp
* Enhancement: cves/2010/CVE-2010-1607.yaml by mp
* Enhancement: cves/2010/CVE-2010-1653.yaml by mp
* Enhancement: cves/2010/CVE-2010-1657.yaml by mp
* Enhancement: cves/2010/CVE-2010-1657.yaml by mp
* Enhancement: cves/2010/CVE-2010-1658.yaml by mp
* Enhancement: cves/2010/CVE-2010-1659.yaml by mp
* Enhancement: cves/2010/CVE-2010-1714.yaml by mp
* Enhancement: cves/2010/CVE-2010-1715.yaml by mp
* Enhancement: cves/2010/CVE-2010-1532.yaml by mp
* Enhancement: cves/2010/CVE-2010-1533.yaml by mp
* Enhancement: cves/2010/CVE-2010-1534.yaml by mp
* Enhancement: cves/2010/CVE-2010-1534.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: cves/2010/CVE-2010-1540.yaml by mp
* Enhancement: cves/2010/CVE-2010-1540.yaml by mp
* Enhancement: cves/2010/CVE-2010-1717.yaml by mp
* Enhancement: cves/2010/CVE-2010-1718.yaml by mp
* Enhancement: cves/2010/CVE-2010-1719.yaml by mp
* Enhancement: cves/2010/CVE-2010-1722.yaml by mp
* Enhancement: cves/2010/CVE-2010-1723.yaml by mp
* Enhancement: cves/2010/CVE-2010-1858.yaml by mp
* Enhancement: cves/2010/CVE-2010-1873.yaml by mp
* Enhancement: cves/2010/CVE-2010-1870.yaml by mp
* Enhancement: cves/2010/CVE-2010-1875.yaml by mp
* Enhancement: cves/2010/CVE-2010-1878.yaml by mp
* Enhancement: cves/2010/CVE-2010-1952.yaml by mp
* Enhancement: cves/2010/CVE-2010-1953.yaml by mp
* Enhancement: cves/2010/CVE-2010-1954.yaml by mp
* Enhancement: cves/2010/CVE-2010-1955.yaml by mp
* Enhancement: cves/2010/CVE-2010-1956.yaml by mp
* Information Enhancements
Co-authored-by: sullo <sullo@cirt.net>
Sandeep Singh
MostInterestingBotInTheWorld
Prince Chaddha
pussycat0x
sullo
GwanYeong Kim
Dhiyaneshwaran
Evan Rubinstein