all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast]

Add to bookmarks
Feb. 27, 2024, noon | DAY[0]

DAY[0] www.youtube.com

This week's episode features a cache deception issue, Joomla inherits a PHP bug, and a DOM clobbering exploit. Also covered is a race condition in Chrome's extension API published by project zero.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/245.html

[00:00:00] Introduction
[00:00:21] Cache Deception Without Path Confusion
[00:07:15] Hello Lucee! Let us hack Apple again?
[00:14:41] Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities
[00:26:37] Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild …

api bounty bug bug bounty cache chrome deception dom exploit extension features hack hello introduction issue joomla path php podcast project project zero race race condition week

Visit resource

More from www.youtube.com / DAY[0]

253 - A Retrospective and Future Look Into DAY[0] 1 week, 4 days ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 1 month, 1 week ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month, 2 weeks ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month, 2 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 3 weeks ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 3 weeks ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 2 months ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 2 months ago | www.youtube.com
api bounty bug bug bounty +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs