admin/0day
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0day/CMS/sugarCRM/sugarCRM_v6.5.23/README.md

3 lines
225 B
Markdown
Raw Normal View History

*
2017-09-25 21:29:27 +08:00
sugarCRM v6.5.23 反序列化漏洞(对象注入漏洞)绕过__wakeup 影响版本 SugarCRM <= 6.5.23 PHP5 < 5.6.25 PHP7 < 7.0.10
修复建议:include/utils.php sugar_unserialize函数正则匹配修正为 /[oc]:[^:]*\d+:/i
Reference in New Issue Copy Permalink