Update doc

documentation/modules/exploit/windows/nuuo/nuuo_cms_fu.md

@@ -1,13 +1,18 @@
-# Nuuo CMS Authenticated Arbitrary File Upload
+## Description
+
+Nuuo CMS Authenticated Arbitrary File Upload
 
 The COMMITCONFIG verb is used by a CMS client to upload and modify the configuration of the CMS Server. An example is below:
 
+```
 COMMITCONFIG NUCM/1.0
 User-Session-No: <session-number>
 Filename: <filename>
 FileType: <number>
 Content-Lenght: <file-length>
+
 <FILE_DATA>
+```
 
 The vulnerability is in the "FileName" parameter, which accepts directory traversal (..\\..\\) characters. Therefore, this function can be abused to overwrite any files in the installation drive of CMS Server.
 
@@ -16,7 +21,10 @@ This vulnerability is exploitable in CMS versions up to and including v2.4.
 This module will either use a provided session number (which can be guessed with an auxiliary module) or attempt to login using a provided username and password - it will also try the default credentials if nothing is provided.
 
 
-## The following versions were tested:
+## Vulnerable Application
+
+[NUUO Central Management Server (CMS): all versions below 2.5](http://d1.nuuo.com/NUUO/CMS/)
+
  - 1.5.2 OK
  - 2.1.0 OK
  - 2.3.2 OK
@@ -25,6 +33,15 @@ This module will either use a provided session number (which can be guessed with
  - 2.9.0 FAIL
  - 2.10.0 FAIL
 
+## Scenarios
+
+### Testing on Windows 10 Pro x64 running NCS Server 2.4.0
+
+```
+```
+
 ## References
+
 https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02
+
 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-cms-ownage.txt