bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
vulnerability
0
7/10
Technical guide explaining PHP object deserialization vulnerabilities via unserialize(), the gadget chain exploitation technique using phpggc tool, and a real-world case study of exploiting an ebooks webshop's PRODUCTHISTORY cookie containing serialized data.
php-unserialize
remote-code-execution
gadget-chains
deserialization
php-security
object-injection
vulnerability-exploitation
cookie-manipulation
phpggc
monolog
phpggc
Monolog
Symfony
Laravel
Zend Framework
Doctrine
SyslogUdpHandler
BufferHandler
DateTime
0
0
bug-bounty
cve
deserialization
dos
exploit
microsoft
pentest
privilege-escalation
race-condition
writeup
CVE-2026-27748
CVE-2026-27749
CVE-2026-27750
0
vulnerability
CVE-2025-20393