Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

How to understand the recurrence of Thinkphp5.1.37-5.1.41 (latest version) deserialization vulnerability

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)05/31 Report--

In this issue, Xiaobian will bring you about how to understand Thinkphp 5.1.37 -5.1.41(the latest version) deserialization vulnerability recurrence. The article is rich in content and analyzed and described from a professional perspective. After reading this article, I hope you can gain something.

0x01 Introduction

Record the process of learning and understanding the anti-sequence vulnerability of thinkphp

0x02 Impact Version

5.1.37-5.1.41(Latest version)

0x03 Environment construction

1. composer create-project topthink/think=5.1.37 v5.1.37 (5.1.37-5.1.41 are available)

2、github:

https://github.com/top-think/think/releases

https://github.com/top-think/framework/releases

0x04 Bug recurrence

First add a deserialized entry

deserialize the input parameter in application\index\controller\index.php

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Methods sequences functions code objects properties versions vulnerabilities variables characters strings parameters data procedures analysis controls common forms filters primitive vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple MySQL OPPO Reno Docker Linux vpn Apple Shulou Information macOS Redmi MariaDB Xiaomi Shulou Technology Microsoft Huawei NVidia Shulou Tech Info MySQL OPPO Reno Docker Linux vpn Apple Shulou Information macOS Redmi MariaDB Xiaomi Shulou Technology Microsoft Huawei NVidia Shulou Tech Info

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report