From 31f721bff6e37db977b9f4f22818d3dd467cda55 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sat, 10 Sep 2022 14:17:55 +0530
Subject: [PATCH] Update CVE-2018-16139.yaml

---
 cves/2018/CVE-2018-16139.yaml | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/cves/2018/CVE-2018-16139.yaml b/cves/2018/CVE-2018-16139.yaml
index 0bf7c1ac64..71aa2543f8 100644
--- a/cves/2018/CVE-2018-16139.yaml
+++ b/cves/2018/CVE-2018-16139.yaml
@@ -8,11 +8,16 @@ info:
     Cross-site scripting (XSS) vulnerability in the library management/inventory software, Bibliopac from Bibliosoft.
   reference:
     - https://www.0x90.zone/web/xss/2019/02/01/XSS-Bibliosoft.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16139
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16139
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-2035
     cwe-id: CWE-79
+  metadata:
+    verified: true
+    shodan-query: title:"Bibliopac"
   tags: cve,cve2018,xss
 
 requests:
@@ -25,7 +30,13 @@ requests:
       - type: word
         part: body
         words:
-          - "|fatal error|unavoidable"
+          - ""><script>prompt(document.domain)</script>.xrf"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+          
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200