How We Audited a High-Traffic PHP Enterprise Stack on OVH and Mitigated Insecure Deserialization in legacy session handling
Auditing the OVH Enterprise Stack: Initial Reconnaissance and Scope Our engagement began with a deep dive into a high-traffic PHP enterprise application hosted on OVH’s infrastructure. The primary objective was to identify and mitigate security vulnerabilities, with a specific focus on legacy session handling mechanisms that were suspected of being a weak point. The stack […]