phpBB 3.2.3: Phar Deserialization to RCE

20 Nov 2018 by Simon Scannell
phpBB3 Phar Deserialization

A new PHP exploit technique affects the most famous forum software phpBB3. The vulnerability allows attackers who gain access to an administrator account to execute arbitrary PHP code and to take over the entire board.

Read More ...

New PHP Exploitation Technique Added

14 Aug 2018 by Dr. Johannes Dahse

PHP Exploitation Technique

Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.

Read More ...