I gave a talk at the BSides 2019 Vienna about PHP Object Injection. Here is the abstract of this talk:
PHP Object Injection is a well known web vulnerability that could allow an attacker to perform different kinds of attacks by reusing and chaining existing code of the application(gadgets). Sometimes it is easier to find the vulnerability than discovering a proper chain for a remote code execution. This talk illustrates the long road of searching for various “POP chains” by disclosing details of a vulnerability for Okay-CMS. The code of the application will be analyzed and possible payloads will be discussed. A working unauthenticated remote code execution exploit will finally proof the concept.
The slides can be downloaded here: Slides