Create CVE-2004-1965.yaml

Added a New Nuclei Template as CVE-2004-1965
patch-1
ctflearner 2023-06-14 22:19:48 +05:30 committed by GitHub
parent f82fa792a1
commit 51855711eb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 0 deletions

View File

@ -0,0 +1,31 @@
id: CVE-2004-1965
info:
name: Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS
author: ctflearner
severity: medium
description: |
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/24055
- https://nvd.nist.gov/vuln/detail/CVE-2004-1965
classification:
cvss-metrics: AV:N/AC:M/Au:N/C:N/I:P/A:N
cvss-score: 4.3
cve-id: CVE-2004-1965
cwe-id: NVD-CWE-Other
cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*
metadata:
max-request: 1
tags: cve,cve2004,redirect, xss,OpenBB
http:
- method: GET
path:
- "{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.evil.com"
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$'