NULL CATHEDRAL - Php
https://nullcathedral.com/tags/php/
Generated: 2026-04-10
================================================================================

2026-03-16 | Perfex CRM <=3.4.0 allows unauthenticated RCE via insecure deserialization
https://nullcathedral.com/posts/2026-03-16-perfex-crm-unauthenticated-rce-insecure-deserialization/
Perfex CRM passed the autologin cookie into unserialize() without validation, giving unauthenticated attackers remote code execution.