Skip to main content

Your Wordpress site could be at risk

Using Wordpress for your website? Your site could be at risk.


The risk of unserializing attacker-controlled data in PHP has been well known since Stefan Essar first presented the issue in detail in 2009[1]. This topic is closely associated with similar vulnerabilities in other languages (see CWE-502[2] and CWE-915[3]). Recent years have also seen several vulnerabilities in the native code implementing unserialization (CVE-2017-12934, CVE-2017-12933, CVE-2017- 12932 et al.) further demonstrating the risk of exposing unserialization to attacker-controlled data. 

This paper will present a novel attack technique specific to PHP which can cause unserialization to occur in a variety of exploitation scenarios. The technique can be used when an XXE vulnerability occurs, as well as such circumstance that would typically be considered an SSRF vulnerability and in a number of other scenarios where the vulnerability would previously have been considered an information disclosure issue.



Popular posts from this blog

Download our FREE Satellite List for Nov 15, 2023

Free Worldwide Satellite / Transponder List New list comes out at least once per month Thank you to all who have supported this project with your  donations . Please  donate  to keep this project alive. November 15, 2023 Sat / TP List Details Satellites: 244 Transponders: 6373 DVB-S2: 4800 DVB-S: 1573 Vertical Polarity: 2776 Horizontal Polarity: 2788 RH Polarity: 372 LH Polarity: 437 PDF Pages: 124 PDF Size: 1.8 MB EPUB Size: 51.4 kB Download List here If you find this list of use please  donate  if possible. Feel free to download our Satellite / Transponder list,  now in EPUB as well as PDF. EPUB greatly reduces the size of the file. This is a reference list ( not to be loaded into any meter ), download to your PC, laptop, smartphone, etc and carry this reference list with you. This list contains: C-band Ku-band Ka-band -  as a reminder, most meters, receivers, and LNBs in use will not do Ka band. Active and inactive transponders Want to know when new Satellite lists are released? Sig
Read more

November 1st, 2023 Satellite List Released

Free Worldwide Satellite / Transponder List New list comes out at least once per month Thank you to all who have supported this project with your  donations . Please  donate  to keep this project alive. November 1, 2023 Sat / TP List Details Satellites: 244 Transponders: 6365 DVB-S2: 4786 DVB-S: 1579 Vertical Polarity: 2789 Horizontal Polarity: 2769 RH Polarity: 371 LH Polarity: 436 PDF Pages: 124 PDF Size: 1.8 MB EPUB Size: 48.2 kB Download List here If you find this list of use please  donate  if possible. Feel free to download our Satellite / Transponder list,  now in EPUB as well as PDF. EPUB greatly reduces the size of the file. This is a reference list ( not to be loaded into any meter ), download to your PC, laptop, smartphone, etc and carry this reference list with you. This list contains: C-band Ku-band Ka-band -  as a reminder, most meters, receivers, and LNBs in use will not do Ka band. Active and inactive transponders Want to know when new Satellite lists are released? Sign
Read more

Android SECRET CODES updated

Secret codes, also known as USSD codes, are hidden codes that can be used to access hidden features and information on your Android phone. To use a secret code, simply enter it into the phone dialer and press the call button. Here are some of the most useful secret codes for Android phones: # #4636# #*: Displays information about your phone, battery, and various network statistics. #06#: Displays your phone's IMEI number. # #7780# #*: Runs a factory reset, erasing all data from your phone. # #7594# #*: Changes the power button behavior. #31#: Disables caller ID. *43#: Enables call waiting. # #34971539# #*: Displays information about the camera. # #4986 2650468# # : Checks firmware information. # #225# #*: Displays calendar information. # #426# #*: Performs a Google Play Services diagnostic. # #1472365# #*: Performs a GPS test. Please be careful when using secret codes, as some of them can make changes to your phone's settings or erase data. It is always a good idea to back up y
Read more