Back to directory

WRITEUP #6344

Type Juggling and PHP Object Injection, and SQLi, Oh My!

DeserializationType jugglingPHP object injectionInsecure deserializationSQL injection

by@jstnkndy(Justin Kennedy)

Program

-

Published

Feb 7, 2017

Added to HackDex

Nov 11, 2022

Read Full Writeuphttps://foxglovesecurity.com/2017/02/07/type-juggling-and-php-object-injection-and-sqli-oh-my/

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Dynamics 365 Business Central - A Journey With Ups and Downs

DeserializationInsecure deserialization

Directory Traversal, SQL Injection and Server-Side Request Forgery

SQL InjectionPath traversal

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670

SQL InjectionReverse engineering

Built with ❤️ by Shubham Rawat