Talk in English - US at PHP Tek 2026
Short URL: https://joind.in/talk/3a3a3
(QR-Code (opens in new window))
All programming languages have their foundations: the engine that interprets your code and makes everything run. In PHP, this is the Zend Engine, a critical piece of software that powers millions of applications worldwide. When everything works, you don?t even think about it. You deploy to production, and the engine does its magic behind the scenes.
But what happens when something goes wrong in that core? What if a subtle bug opens the door to a full security breach? Suddenly, the invisible foundation becomes the most important part of the story.
Let?s shine a light on two such cases: a recent, real vulnerability in the PHP engine (which has since been patched), and a backdoor that, just a few years ago, actually made it into the release candidate and allowed remote code execution. We?ll walk through how each issue could be exploited and, most importantly, what lessons developers can draw from them. And yes, there will be live, local, sandboxed demos of both exploits in action. Ready to dive in?
Comments
Please login to leave a comment
Excellent talk! It was really interesting and informative to not just learn about what the exploits were, but _how_ they actually worked. Good examples and well presented.
Great explanations and examples of how to exploit a real vulnerability and how they can be exploited.