bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
7/10
Technical guide explaining PHP object deserialization vulnerabilities via unserialize(), the gadget chain exploitation technique using phpggc tool, and a real-world case study of exploiting an ebooks webshop's PRODUCTHISTORY cookie containing serialized data.
php-unserialize
remote-code-execution
gadget-chains
deserialization
php-security
object-injection
vulnerability-exploitation
cookie-manipulation
phpggc
monolog
phpggc
Monolog
Symfony
Laravel
Zend Framework
Doctrine
SyslogUdpHandler
BufferHandler
DateTime
0
A researcher discovered a critical RCE vulnerability in Sucuri's server-side scanner caused by explicitly disabled SSL certificate verification (CURLOPT_SSL_VERIFYPEER=false), allowing MiTM attackers to inject arbitrary PHP code. The disclosure reveals how Sucuri mishandled the bug bounty report, downplaying the severity despite the researcher proposing multiple remediation options.
rce
remote-code-execution
ssl-certificate-validation
mitm
man-in-the-middle
curl-vulnerability
php-security
server-side-scanner
bug-bounty
vulnerability-disclosure
hackerone
cryptographic-validation
base64-encoding
eval-injection
Sucuri
HackerOne
Julien Ahrens
CURLOPT_SSL_VERIFYPEER
NSA
Google
PCI DSS