Recurrence and analysis of yii2 deserialization vulnerability

Environment construction The vulnerability is in the version before yii2.0.38. Download version 2.0.37basic https://github.com/yiisoft/yii2/releases/tag/2.0.37 Modify the value of the / config/web file Enter php yii serve in the current directory to start Reappearance Construct the deserialization entry first Create a new contro ...

Posted by claypots on Mon, 29 Nov 2021 07:48:07 -0800