From b533258c88604554009d909aafd684a2edc81045 Mon Sep 17 00:00:00 2001
From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com>
Date: Mon, 18 Apr 2022 17:33:41 +0900
Subject: [PATCH 1/2] Create CVE-2018-14931.yaml

---
 CVE-2018-14931.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 CVE-2018-14931.yaml

diff --git a/CVE-2018-14931.yaml b/CVE-2018-14931.yaml
new file mode 100644
index 0000000000..6a6686af1c
--- /dev/null
+++ b/CVE-2018-14931.yaml
@@ -0,0 +1,28 @@
+id: CVE-2018-14931
+
+info:
+  name: Polarisft Intellect Core Banking Software Version 9.7.1- Open Redirect
+  author: 0x_Akoko
+  severity: low
+  description: An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI.
+  reference:
+    - https://neetech18.blogspot.com/2019/03/polaris-intellect-core-banking-software_31.html
+    - https://www.cvedetails.com/cve/CVE-2018-14931
+  tags: cve,cve2018,redirect,polarisft
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.10
+    cve-id: CVE-2018-14931
+    cwe-id: CWE-601
+
+requests:
+  - method: GET
+
+    path:
+      - '{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.example.com'
+
+    matchers:
+      - type: regex
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
+        part: header

From 6f30f445adf4c5efb2fabdfdcbc1850143743168 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 18 Apr 2022 13:34:00 +0400
Subject: [PATCH 2/2] Update and rename CVE-2018-14931.yaml to
 cves/2018/CVE-2018-14931.yaml

---
 CVE-2018-14931.yaml => cves/2018/CVE-2018-14931.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 rename CVE-2018-14931.yaml => cves/2018/CVE-2018-14931.yaml (72%)

diff --git a/CVE-2018-14931.yaml b/cves/2018/CVE-2018-14931.yaml
similarity index 72%
rename from CVE-2018-14931.yaml
rename to cves/2018/CVE-2018-14931.yaml
index 6a6686af1c..357eff1aeb 100644
--- a/CVE-2018-14931.yaml
+++ b/cves/2018/CVE-2018-14931.yaml
@@ -1,19 +1,19 @@
 id: CVE-2018-14931
 
 info:
-  name: Polarisft Intellect Core Banking Software Version 9.7.1- Open Redirect
+  name: Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect
   author: 0x_Akoko
   severity: low
   description: An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI.
   reference:
     - https://neetech18.blogspot.com/2019/03/polaris-intellect-core-banking-software_31.html
     - https://www.cvedetails.com/cve/CVE-2018-14931
-  tags: cve,cve2018,redirect,polarisft
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.10
     cve-id: CVE-2018-14931
     cwe-id: CWE-601
+  tags: cve,cve2018,redirect,polarisft,intellect
 
 requests:
   - method: GET
@@ -23,6 +23,6 @@ requests:
 
     matchers:
       - type: regex
-        regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
         part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1