[
{
"source_name": [
"$base64_decode_return"
],
"source_line": [
5747
],
"source_column": [
229765
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 5747,
"sink_column": 229765,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "7498e518ff56d7b0c10078541bb4bb0b53de56d1ec04dd425942b96763f069c6",
"vuln_type": "taint-style"
},
{
"source_name": [
"$data"
],
"source_line": [
5722
],
"source_column": [
229022
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 5749,
"sink_column": 229812,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "64b91349a8736a94ccdd22dafa247033f81eb6df3b44ef0aad568617adafe2c2",
"vuln_type": "taint-style"
},
{
"vuln_rule": "MUST_VERIFY_DEFINITION",
"vuln_name": "security misconfiguration",
"vuln_line": 4295,
"vuln_column": 176464,
"vuln_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_description": "cookie set without secure flag",
"vuln_cwe": "CWE_1004",
"vuln_id": "22d3f07a6125a98b8d586748b340bc74cb61e77194a44995af5f5b0af8cce007",
"vuln_type": "custom"
},
{
"vuln_rule": "MUST_VERIFY_DEFINITION",
"vuln_name": "security misconfiguration",
"vuln_line": 4296,
"vuln_column": 176559,
"vuln_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_description": "cookie set without secure flag",
"vuln_cwe": "CWE_1004",
"vuln_id": "8fccce1e0bb2c7e45e4510c8e441b6b4f281a1aacd6ba8a45fc1ea0318e1516b",
"vuln_type": "custom"
},
{
"source_name": [
"$dbpath"
],
"source_line": [
831
],
"source_column": [
33605
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "unlink",
"sink_line": 836,
"sink_column": 33766,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "path_traversal",
"vuln_cwe": "CWE_22",
"vuln_id": "d3fe6264c6482ea0415a0c08816b06a427b400d80cfcc60786bd12850ffd63d4",
"vuln_type": "taint-style"
},
{
"source_name": [
"$oldpath"
],
"source_line": [
845
],
"source_column": [
34011
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "rename",
"sink_line": 870,
"sink_column": 34945,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "path_traversal",
"vuln_cwe": "CWE_22",
"vuln_id": "e67256bdfc1673032fb00f172d5209aa56b80bf5a1a73c3673ebfe3894db5a8c",
"vuln_type": "taint-style"
},
{
"source_name": [
"$newpath",
"$newpath"
],
"source_line": [
860,
850
],
"source_column": [
34730,
34176
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "rename",
"sink_line": 870,
"sink_column": 34945,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "path_traversal",
"vuln_cwe": "CWE_22",
"vuln_id": "508dedd9dc1d0d3c4f83c3f7c4b45d05521c4ce674c71f2938446142eaa59809",
"vuln_type": "taint-style"
},
{
"source_name": [
"$export_filename",
"$_POST[\"export_type\"]"
],
"source_line": [
889,
893
],
"source_column": [
35459,
35742
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "header",
"sink_line": 893,
"sink_column": 35668,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "header_injection",
"vuln_cwe": "CWE_601",
"vuln_id": "108be8a360cb5144c2de5ab9399638fe28287013125509959ba50c37b08b1951",
"vuln_type": "taint-style"
},
{
"source_name": [
"$export_sql_return"
],
"source_line": [
907
],
"source_column": [
36198
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 907,
"sink_column": 36198,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "292862a16b6d8d137631ded2495e6014c51b2514b950510bdd180c2181b68244",
"vuln_type": "taint-style"
},
{
"source_name": [
"$export_filename",
"$_POST[\"export_type\"]"
],
"source_line": [
889,
912
],
"source_column": [
35459,
36449
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "header",
"sink_line": 912,
"sink_column": 36375,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "header_injection",
"vuln_cwe": "CWE_601",
"vuln_id": "108be8a360cb5144c2de5ab9399638fe28287013125509959ba50c37b08b1951",
"vuln_type": "taint-style"
},
{
"source_name": [
"$export_csv_return"
],
"source_line": [
929
],
"source_column": [
37093
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 929,
"sink_column": 37093,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "b24d885771784dccb3d48c02f4e369010fc03f805910d1fecf78b3ceffcdf0f0",
"vuln_type": "taint-style"
},
{
"source_name": [
"$basename_return"
],
"source_line": [
958
],
"source_column": [
38307
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "header",
"sink_line": 958,
"sink_column": 38254,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "header_injection",
"vuln_cwe": "CWE_601",
"vuln_id": "37599eb108d92afc9aec4b9aee8f7740d4f3afed25f907fda7b658c75f9f42af",
"vuln_type": "taint-style"
},
{
"source_name": [
"$_GET[\"download\"]"
],
"source_line": [
961
],
"source_column": [
38410
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "readfile",
"sink_line": 961,
"sink_column": 38401,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "path_traversal",
"vuln_cwe": "CWE_22",
"vuln_id": "b90715d7880ca45cb53d68beb075659f81b11860c39616fcb941574d1cd49311",
"vuln_type": "taint-style"
},
{
"source_name": [
"$theme",
"$theme"
],
"source_line": [
982,
979
],
"source_column": [
39161,
39040
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 986,
"sink_column": 39270,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "a375b51e904f4ae7c6c3879ed9177b473d405b79766f141259ab5d553aa3b671",
"vuln_type": "taint-style"
},
{
"source_name": [
"$htmlencode_return"
],
"source_line": [
633
],
"source_column": [
27747
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 4669,
"sink_column": 188117,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "2625a3c97ba26270df953aef2529ddd1e872f56e23eb51e58e4e080f22a93987",
"vuln_type": "taint-style"
},
{
"source_name": [
"$htmlencode_return"
],
"source_line": [
633
],
"source_column": [
27747
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 4674,
"sink_column": 188399,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "b13873a7cf8464b1117e0212c17122a0b3056edea31a29bcc52910ce67b50456",
"vuln_type": "taint-style"
},
{
"source_name": [
"$htmlencode_return"
],
"source_line": [
633
],
"source_column": [
27747
],
"source_file": [
"\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php"
],
"sink_name": "echo",
"sink_line": 4680,
"sink_column": 188677,
"sink_file": "\/logs\/firmware\/unblob_extracted\/firmware_extract\/1568982-13971496.squashfs_v4_le_extract\/www\/public\/sdcard\/phpliteadmin.php",
"vuln_name": "xss",
"vuln_cwe": "CWE_79",
"vuln_id": "1e30bf8fb15253cced315e19f26c0825322e11e5faf7de88dd5d0988306b55cb",
"vuln_type": "taint-style"
}
]
