potential remote code execution with phar archive
Unknown
Vulnerability Details
https://bugs.php.net/bug.php?id=71860
I can manipulate EIP register.
https://drive.google.com/file/d/0B7gu5bbuZn2ITk54ZGl5SzVWNlk/view
more PoC and full crash list (around 300) will send later.
tnx
Actions
View on HackerOneReport Stats
- Report ID: 126652
- State: Closed
- Substate: resolved
- Upvotes: 1