Update CVE-2020-6286.yaml

As per @organiccrap input, I've added word detection that he have helped to create

cves/CVE-2020-6286.yaml

@@ -2,18 +2,39 @@ id: CVE-2020-6286
 
 info:
   name: SAP RECON LFI
-  author: samueladi_
+  author: samueladi_ & organiccrap
   severity: medium
 
 requests:
   - method: GET
-    headers:
-      User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"
     path:
       - "{{BaseURL}}/CTCWebService/CTCWebServiceBean"
       - "{{BaseURL}}/CTCWebService/CTCWebServiceBean?wsdl"
+      - "{{BaseURL}}/CTCWebService/Config1?wsdl"
+    matchers-condition: or
     matchers:
       - type: status
         status:
           - 405
           - 200
+      - type: word
+        name: Check1
+        words:
+          - "Method Not Allowed"
+          - "Expected request method POST. Found GET."
+        condition: and
+        part: body
+      - type: word
+        name: Check2
+        words:
+          - "wsdl:definitions"
+          - "tns:CTCWebServiceSiBinding"
+        condition: and
+        part: body
+      - type: word
+        name: Check3
+        words:
+          - "Generated by WSDLDefinitionsParser"
+          - "bns0:Config1Binding"
+        condition: and
+        part: body