admin/0day
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0day/CMS/sugarCRM/sugarCRM_v6.5.23/README.md
Mr5m1th eb21f3134e
Update README.md
2017-11-24 19:04:20 +08:00

240 B
Raw Blame History

sugarCRM反序列化漏洞(对象注入漏洞)绕过__wakeup

影响版本 SugarCRM <= 6.5.23 PHP5 < 5.6.25 PHP7 < 7.0.10

修复建议:

`include/utils.php sugar_unserialize函数正则匹配修正为 /[oc]:[^:]*\d+:/i··`