En réponse à :
21 janvier 2024 08:16, par Leo
Now we have found two use-after-free vulnerabilities in PHP’s garbage collection algorithm. Those vulnerabilities have been remotely exploitable over PHP’s unserialize operate. We had been additionally awarded with $2,000 by the Internet Bug Bounty committee (c.f. Many thanks go out to cutz for co-authoring this text. Pornhub’s bug bounty program and its relatively high rewards on Hackerone caught our consideration. That’s why we have now taken the attitude of an advanced attacker with the complete intent to get as deep as possible into the system, focusing on one major goal : gaining (...)
