One of the most intriguing vulnerabilities in PHP 7.2.34 is a vulnerability that allows bypassing the disable_functions directive. No official CVE was assigned , yet working exploit code exists on GitHub.
If you found this article because you are trying to hack a server: Use your skills for defense. If you found this article because you are running PHP 7.2.34 in production: Take it offline tonight. Every minute you wait, a bot on the internet is scanning you with a script pulled directly from GitHub. php 7.2.34 exploit github