halfluke

It says not vulnerable when other scripts say it is

Error Newlines in headers are not allowed

4

So... This lab has a java deserialization in the cookie, which is base64 + url encoded https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-exploiting-java-deserialization-with-apache-commons When I send the request to Java deserialization scanner and I set the...

echo "<publicKey>" >> /home/ubuntu/.ssh/authorized_keys not working in RCE_WEB_APP

2

Not sure of the root cause, perhaps a nodejs parsing issue, but the = sign that is always present at the end of a public key (1 or 2 =...

Current latest version of jQuery (3.7.1) prototype pollution

1

Hello, I am no good at all with JavaScript, but I noticed that several of your payloads work with jQuery current version - in fact it's mentioned "jQuery all versions"....

# Description **Make sure the PR is against the `develop` branch (see [Contributing](https://github.com/nccgroup/ScoutSuite/blob/master/CONTRIBUTING.md)).** **Make sure to set the corresponding milestone in the PR.** Sorry, I am not sure what this...