Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
* Enhancement: cves/2010/CVE-2010-1353.yaml by mp
* Enhancement: cves/2010/CVE-2010-1352.yaml by mp
* Enhancement: cves/2010/CVE-2010-1345.yaml by mp
* Enhancement: cves/2010/CVE-2010-1340.yaml by mp
* Enhancement: cves/2010/CVE-2010-1345.yaml by mp
* Enhancement: cves/2010/CVE-2010-1315.yaml by mp
* Enhancement: cves/2010/CVE-2010-1314.yaml by mp
* Enhancement: cves/2010/CVE-2010-1313.yaml by mp
* Enhancement: cves/2010/CVE-2010-1312.yaml by mp
* Enhancement: cves/2010/CVE-2010-1308.yaml by mp
* Enhancement: cves/2010/CVE-2010-1307.yaml by mp
* Enhancement: cves/2010/CVE-2010-1306.yaml by mp
* Enhancement: cves/2010/CVE-2010-1305.yaml by mp
* Enhancement: cves/2010/CVE-2010-1304.yaml by mp
* Enhancement: cves/2010/CVE-2010-1302.yaml by mp
* Enhancement: cves/2010/CVE-2010-1219.yaml by mp
* Enhancement: cves/2010/CVE-2010-1352.yaml by mp
* Enhancement: cves/2010/CVE-2010-1354.yaml by mp
* Enhancement: cves/2010/CVE-2010-1461.yaml by mp
* Enhancement: cves/2010/CVE-2010-1469.yaml by mp
* Enhancement: cves/2010/CVE-2010-1470.yaml by mp
* Enhancement: cves/2010/CVE-2010-1471.yaml by mp
* Enhancement: cves/2010/CVE-2010-1472.yaml by mp
* Enhancement: cves/2010/CVE-2010-1473.yaml by mp
* Enhancement: cves/2010/CVE-2010-1474.yaml by mp
* Enhancement: cves/2010/CVE-2010-1475.yaml by mp
* Enhancement: cves/2010/CVE-2010-1476.yaml by mp
* Enhancement: cves/2010/CVE-2010-1478.yaml by mp
* Enhancement: cves/2010/CVE-2010-1491.yaml by mp
* Enhancement: cves/2010/CVE-2010-1494.yaml by mp
* Enhancement: cves/2010/CVE-2010-1495.yaml by mp
* Enhancement: cves/2010/CVE-2010-1531.yaml by mp
* Enhancement: cves/2010/CVE-2010-1473.yaml by mp
* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs
* Enhancement: cves/2016/CVE-2016-4975.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-google.yaml by cs
* Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs
* Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs
* Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs
* Enhancement: cves/2021/CVE-2021-1497.yaml by cs
* Spacing fixes and enhancement to CNVD-2019-01348.yaml
* Spacing fixes, and enhancement to CNVD-2019-01348.yaml
* Merge artifact
* Spacing
* Minor tags cleanup
* Enhancement: cves/2010/CVE-2010-1532.yaml by mp
* Enhancement: cves/2010/CVE-2010-1533.yaml by mp
* Enhancement: cves/2010/CVE-2010-1534.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: cves/2010/CVE-2010-1540.yaml by mp
* Enhancement: cves/2010/CVE-2010-1601.yaml by mp
* Enhancement: cves/2010/CVE-2010-1602.yaml by mp
* Enhancement: cves/2010/CVE-2010-1603.yaml by mp
* Enhancement: cves/2010/CVE-2010-1607.yaml by mp
* Enhancement: cves/2010/CVE-2010-1653.yaml by mp
* Enhancement: cves/2010/CVE-2010-1657.yaml by mp
* Enhancement: cves/2010/CVE-2010-1657.yaml by mp
* Enhancement: cves/2010/CVE-2010-1658.yaml by mp
* Enhancement: cves/2010/CVE-2010-1659.yaml by mp
* Enhancement: cves/2010/CVE-2010-1714.yaml by mp
* Enhancement: cves/2010/CVE-2010-1715.yaml by mp
* Enhancement: cves/2010/CVE-2010-1532.yaml by mp
* Enhancement: cves/2010/CVE-2010-1533.yaml by mp
* Enhancement: cves/2010/CVE-2010-1534.yaml by mp
* Enhancement: cves/2010/CVE-2010-1534.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: cves/2010/CVE-2010-1540.yaml by mp
* Enhancement: cves/2010/CVE-2010-1540.yaml by mp
* Enhancement: cves/2010/CVE-2010-1717.yaml by mp
* Enhancement: cves/2010/CVE-2010-1718.yaml by mp
* Enhancement: cves/2010/CVE-2010-1719.yaml by mp
* Enhancement: cves/2010/CVE-2010-1722.yaml by mp
* Enhancement: cves/2010/CVE-2010-1723.yaml by mp
* Enhancement: cves/2010/CVE-2010-1858.yaml by mp
* Enhancement: cves/2010/CVE-2010-1873.yaml by mp
* Enhancement: cves/2010/CVE-2010-1870.yaml by mp
* Enhancement: cves/2010/CVE-2010-1875.yaml by mp
* Enhancement: cves/2010/CVE-2010-1878.yaml by mp
* Enhancement: cves/2010/CVE-2010-1952.yaml by mp
* Enhancement: cves/2010/CVE-2010-1953.yaml by mp
* Enhancement: cves/2010/CVE-2010-1954.yaml by mp
* Enhancement: cves/2010/CVE-2010-1955.yaml by mp
* Enhancement: cves/2010/CVE-2010-1956.yaml by mp
* Information Enhancements
Co-authored-by: sullo <sullo@cirt.net>
sandeep
Evan Rubinstein
GwanYeong Kim
GitHub Action
Miroslav Sotak
PikPikcU
Prince Chaddha
Geeknik Labs
MostInterestingBotInTheWorld
Philippe Delteil
idealphase