We’ve got found two use-after-free vulnerabilities in PHP’s rubbish collection algorithm. Those vulnerabilities were remotely exploitable over PHP’s unserialize function. We had been additionally awarded with $2,000 by the Internet Bug Bounty committee (c.f. Many thanks go out to cutz for co-authoring this text. Pornhub’s bug bounty program and its comparatively excessive rewards on Hackerone caught our attention. That’s why now we have taken the perspective of an advanced attacker with the total intent to get as deep as doable into the system, specializing in one predominant goal : (...)