Back to directory

WRITEUP #453

PHP deserialization attacks and a new gadget chain in Laravel

DeserializationInsecure deserializationPHP pop chain

byMathieu Farrell

Program

-

Published

Feb 13, 2024

Added to HackDex

Feb 27, 2024

Read Full Writeuphttps://blog.quarkslab.com/php-deserialization-attacks-and-a-new-gadget-chain-in-laravel.html

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Dynamics 365 Business Central - A Journey With Ups and Downs

DeserializationInsecure deserialization

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

WordPress GiveWP POP to RCE (CVE-2024-5932)

RCEPHP pop chain

$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

RCEPHP pop chain

Built with ❤️ by Shubham Rawat