-
**Deprecated_API** issue exists @ **vulnerable/lfi_test.go** in branch **master**
*Method "io/ioutil" in vulnerable\lfi_test.go, at line 8, calls an obsolete API, "io/ioutil". T…
-
**Describe the bug**
Both ModSecurity 2, ModSecurity 3 as well as Coraza are translating U+062F and U+D8AF to slash leading to a false positive with the CRS path traversal rule 930110.
Link to C…
-
The quantitative testing project at the CRS dev retreat in Nov 2024 (https://github.com/coreruleset/coreruleset/wiki/Discussion-Quantitative-Testing) revealed some false positives on 933160.
Here i…
-
The quantitative testing project at the CRS dev retreat in Nov 2024 (https://github.com/coreruleset/coreruleset/wiki/Discussion-Quantitative-Testing) revealed some false positives on 942151.
Here i…
-
Currently Vault only supports XSS Scanning, we need to extend this support to SQLi, LFI, RFI.
-
**Is your feature request related to a problem? Please describe.**
The request LRI and request LFI feature that was added in for championship worked well (thanks @maths22 for adding it), but doesn't …
jvens updated
7 months ago
-
I have started a project with Åge Brabrand and Svein Saltveit (both are now retired, but still work three days a week at the museum) to prepare at least three datasets for publication in GBIF. It must…
-
da una analisi veloce ed eseguita tramite AI sulla base dei file LOGS evidenziati da @MicheleDolceYB emergono le seguenti criticità in merito ai falsi positivi generati da IDS.
Analisi prodotta nel…
-
I found an LFI that didn't require a parameter in the URL to be exploited. basically, it looked like this:
`http://www.example.com//etc/passwd`
Is it possible to add a feature where this tool take…
-
```
Can you add a module for scanning for Local and Remote File Includes?
```
Original issue reported on code.google.com by `itspa...@gmail.com` on 17 May 2012 at 2:11