Post Archive A collection of posts tagged: writing

PHP Object Injection and Insecure Unserialize

Robert Rowley

I wrote about an influx of PHP Object Injection attacks previously, warning about a trend of attacks targeting a known but somewhat under-reported PHP vulnerability. Looking back since that time, I get the odd feeling that object injection (or as they're sometimes called unserialize) vulnerabilities keep cropping up. Wondering if this is just a frequency illusion (once you notice something like a certain make/model of a car, you notice it…

Read the full article.

New posts to your inbox.

Opt-in to receive our newsletter.