phpcodz

Php Codz Hacking (http://www.80vul.com/pch/)

What is PHP?

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. After that, check out the online manual, and the example archive sites and some of the other resources available in the links section.

About PCH[Php Codz Hacking]

本项目主要是在php源代码的基础上去分析容易导致php应用程序的一些安全问题的根本所在,指导我们发现更加多的关于php的一些'特性'或漏洞.

Research

Item	Title
PCH-034	Yet Another Use After Free Vulnerability in unserialize() with SplDoublyLinkedList
PCH-033	Yet Another Use After Free Vulnerability in unserialize() with SplObjectStorage
PCH-032	Use After Free Vulnerability in unserialize() with GMP
PCH-031	Use After Free Vulnerabilities in Session Deserializer
PCH-030	Use After Free Vulnerabilities in unserialize()
PCH-029	Use After Free Vulnerability in unserialize() with SplDoublyLinkedList
PCH-028	Use After Free Vulnerability in unserialize() with SplObjectStorage
PCH-027	Use After Free Vulnerability in unserialize() with SPL ArrayObject
PCH-026	Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception {CVE-2015-4603}
PCH-025	Type Confusion Infoleak Vulnerability in unserialize() with SoapFault {CVE-2015-4599}
PCH-024	Type Confusion Infoleak Vulnerabilities in SoapClient {CVE-2015-4600}
PCH-023	Type Confusion Vulnerability in SoapClient {CVE-2015-4600}
PCH-022	Use After Free Vulnerability in unserialize() with DateInterval
PCH-021	Use After Free Vulnerability in unserialize() {CVE-2015-2787}
PCH-020	Use After Free Vulnerability in unserialize() with DateTime* {CVE-2015-0273}
PCH-019	Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone
PCH-018	PHP 脚本多字节字符解析模式带来的安全隐患
PCH-017	About PHP's unserialize() Function Use-After-Free Vulnerability
PCH-016	XSS via Error Reporting Notices in HHVM's unserialize() Function
PCH-015	Code Injection Vul via unserialize() & var_export() Function...
PCH-014	PHP WDDX Serializier Data Injection Vulnerability
PCH-013	PHP Session 序列化及反序列化处理器设置使用不当带来的安全隐患
PCH-012	New feature of double-quoted string's complex-curly syntax
PCH-011	Destructor in PHP
PCH-010	PHP string序列化与反序列化语法解析不一致带来的安全隐患
PCH-009	Security risk of php string offset
PCH-008	parse_str的变量初始化问题
PCH-007	New Includes Function -- spl_autoload()
PCH-006	安全模式下exec等函数安全隐患[updata:2009-6-19]
PCH-005	当magic_quotes_gpc=off
PCH-004	关于magic_quotes_sybase
PCH-003	mb_ereg(i)_replace()代码注射漏洞及其延伸出的正则应用安全问题
PCH-002	preg_match(_all)的变量初始化问题
PCH-001	intval()使用不当导致安全漏洞