Code Monkey home page Code Monkey logo

phpcodz's Introduction

phpcodz

Php Codz Hacking (http://www.80vul.com/pch/)

What is PHP?

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. After that, check out the online manual, and the example archive sites and some of the other resources available in the links section.

About PCH[Php Codz Hacking]

本项目主要是在php源代码的基础上去分析容易导致php应用程序的一些安全问题的根本所在,指导我们发现更加多的关于php的一些'特性'或漏洞.

Research

Item Title
PCH-024 Type Confusion Infoleak Vulnerabilities in SoapClient
PCH-023 Type Confusion Vulnerability in SoapClient
PCH-022 Use After Free Vulnerability in unserialize() with DateInterval
PCH-021 Use After Free Vulnerability in unserialize() {CVE-2015-2787}
PCH-020 Use After Free Vulnerability in unserialize() with DateTime* {CVE-2015-0273}
PCH-019 Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone
PCH-018 PHP 脚本多字节字符解析模式带来的安全隐患
PCH-017 About PHP's unserialize() Function Use-After-Free Vulnerability
PCH-016 XSS via Error Reporting Notices in HHVM's unserialize() Function
PCH-015 Code Injection Vul via unserialize() & var_export() Function...
PCH-014 PHP WDDX Serializier Data Injection Vulnerability
PCH-013 PHP Session 序列化及反序列化处理器设置使用不当带来的安全隐患
PCH-012 New feature of double-quoted string's complex-curly syntax
PCH-011 Destructor in PHP
PCH-010 PHP string序列化与反序列化语法解析不一致带来的安全隐患
PCH-009 Security risk of php string offset
PCH-008 parse_str的变量初始化问题
PCH-007 New Includes Function -- spl_autoload()
PCH-006 安全模式下exec等函数安全隐患[updata:2009-6-19]
PCH-005 当magic_quotes_gpc=off
PCH-004 关于magic_quotes_sybase
PCH-003 mb_ereg(i)_replace()代码注射漏洞及其延伸出的正则应用安全问题
PCH-002 preg_match(_all)的变量初始化问题
PCH-001 intval()使用不当导致安全漏洞

phpcodz's People

Contributors

80vul avatar chtg avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.