Some thoughts on PHP Object injection

I was reading PHP Object injection coming from Security Cafe . While I do think it works but I don't think anyone would be writing code like that - codes that allows users to pass what object to serialized

Take for me is, understand how the underlying system work and lock down features that is insecure accessible to users..


Popular posts from this blog

ionic2 cordova build android - Unable resolve gradle 2.2.3

A quick tutorial for OWASP ZAP tool for beginners