id: CVE-2018-16761

info:
  name: Eventum v3.3.4 - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: |
    Eventum before 3.4.0 has an open redirect vulnerability.
  reference:
    - https://www.invicti.com/web-applications-advisories/ns-18-021-open-redirection-vulnerabilities-in-eventum/
    - https://github.com/eventum/eventum/
    - https://www.cvedetails.com/cve/CVE-2018-16761/
    - https://github.com/eventum/eventum/releases/tag/v3.4.0
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2018-16761
    cwe-id: CWE-601
  tags: cve,cve2018,redirect,eventum,oss

requests:
  - method: GET
    path:
      - '{{BaseURL}}/select_project.php?url=http://interact.sh'
      - '{{BaseURL}}/clock_status.php?current_page=http://interact.sh'

    stop-at-first-match: true
    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1