From 733b75b6a8ae779c9b0bfa28e540e91833666662 Mon Sep 17 00:00:00 2001
From: RRudder <96507400+RRudder@users.noreply.github.com>
Date: Thu, 26 Sep 2024 10:30:35 +1000
Subject: [PATCH] Minor update to revert cURL to curl

---
 .../weak_login_function/guidance.md                             | 2 +-
 .../server_side_injection/remote_code_execution_rce/template.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/submissions/description/broken_authentication_and_session_management/weak_login_function/guidance.md b/submissions/description/broken_authentication_and_session_management/weak_login_function/guidance.md
index 217fc707..be1a750e 100644
--- a/submissions/description/broken_authentication_and_session_management/weak_login_function/guidance.md
+++ b/submissions/description/broken_authentication_and_session_management/weak_login_function/guidance.md
@@ -1,5 +1,5 @@
 # Guidance
 
-Your submission must include evidence of the vulnerability and not be theoretical in nature. For a broken authentication or session management vulnerability, please include a simple URL or HTTP payload that can be executed to easily demonstrate and reproduce the issue. This can also include a cURL response from the website. For example, showing that HTTP is default or HTTPS is not available.
+Your submission must include evidence of the vulnerability and not be theoretical in nature. For a broken authentication or session management vulnerability, please include a simple URL or HTTP payload that can be executed to easily demonstrate and reproduce the issue. This can also include a curl response from the website. For example, showing that HTTP is default or HTTPS is not available.
 
 Attempt to escalate the broken authentication or session management to perform additional actions (such as an account takeover or CSRF bypass to perform a sensitive action). If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/server_side_injection/remote_code_execution_rce/template.md b/submissions/description/server_side_injection/remote_code_execution_rce/template.md
index 2d02b33e..9471fd7d 100644
--- a/submissions/description/server_side_injection/remote_code_execution_rce/template.md
+++ b/submissions/description/server_side_injection/remote_code_execution_rce/template.md
@@ -10,7 +10,7 @@ RCE could lead to data theft through the attacker's ability to manipulate data t
 
 Example:
 
-1. Using a Machine with access to cURL, run the command `cURL {{url}}/cmd?=ping%20192.168.1.1;cat%20/etc/hostname`
+1. Using a Machine with access to `curl`, run the command `curl {{url}}/cmd?=ping%20192.168.1.1;cat%20/etc/hostname`
 1. In the terminal, you will see the output of the ping command, then the hostname of the server hosting this website.
 
 #### Proof of Concept