all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

243 - GhostCMS, ClamAV, and the Top Web Hacking Techniques of 2023 [Bug Bounty Podcast]

Add to bookmarks
Feb. 20, 2024, noon | DAY[0]

DAY[0] www.youtube.com

In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswigger publishes their top 10 list of web hacking techniques from 2023.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/243.html

[00:00:00] Introduction
[00:02:15] Ghost CMS Stored XSS Leading to Owner Takeover [CVE-2024-23724]
[00:16:07] ClamAV Not So Calm [CVE-2024-20328]
[00:21:00] Top 10 web hacking techniques of 2023
[00:44:46] Hacking a Smart Home Device
[00:48:15] Cloud cryptography demystified: Amazon Web Services

The DAY[0] Podcast episodes …

bounty bug bug bounty bugs clamav cms cve ghost hacking introduction list podcast portswigger stored xss takeover techniques top 10 web web hacking xss

Visit resource

More from www.youtube.com / DAY[0]

253 - A Retrospective and Future Look Into DAY[0] 1 week ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 1 month ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month, 1 week ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month, 2 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 2 weeks ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 3 weeks ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 1 month, 4 weeks ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 1 month, 4 weeks ago | www.youtube.com
api bounty bug bug bounty +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Data & Security Engineer Lead

@ LiquidX | Singapore, Central Singapore, Singapore
View on infosec-jobs.com

IT and Cyber Risk Control Lead

@ GXS Bank | Singapore - OneNorth
View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Cyber Security Analyst (Weekend 1st Shift)

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com

Senior Manager, Cybersecurity

@ BlueTriton Brands | Stamford, CT, US
View on infosec-jobs.com
View more jobs