Recurrence and analysis of yii2 deserialization vulnerability
Environment construction
The vulnerability is in the version before yii2.0.38. Download version 2.0.37basic
https://github.com/yiisoft/yii2/releases/tag/2.0.37
Modify the value of the / config/web file
Enter php yii serve in the current directory to start
Reappearance
Construct the deserialization entry first
Create a new contro ...
Posted by claypots on Mon, 29 Nov 2021 07:48:07 -0800