Authentication bypasses, SQL injection, command injection, and more in this web-exploit heavy episode. [00:09:11] Facebook v. NSO Group [00:18:14] Netsweeper PreAuth RCE [00:25:49] SaltStack authorization bypass https://github.com/saltstack/salt/blob/0b2a5613b345f17339cb90e60b407199b3d26980/salt/master.py#L1139 [00:42:02] E-Learning Platforms Getting Schooled https://github.com/LearnPress/learnpress/commit/d6f818b5f65b007acbdf62236d4aa549fb33d24a?diff=split [01:03:54] Roblox - Subdomain Takeover [01:08:09] Fix XSS issue in handling of CDATA in HTML messages · roundcube/roundcubemail@87e4cd0 · GitHub [01:10:13] Stealing the Trello token by abusing a cross-iframe XSS on the Butler Plugin [01:17:11] Gitlab - Arbitrary file read via the UploadsRewriter when moving and issue [01:20:15] Researching Polymorphic Images for XSS on Google Scholar [01:27:41] TP-LINK Cloud Cameras Multiple Vulnerabilities https://seclists.org/fulldisclosure/2020/May/3https://seclists.org/fulldisclosure/2020/May/4 [01:34:46] Remote Code Execution on Microsoft SharePoint Using TypeConverters [CVE-2020-0932] [01:43:03] Firefox js::ReadableStreamCloseInternal Out-Of-Bounds Access [01:51:56] Siguza - iOS <13.5 sandbox escape/entitlement 0day [02:03:16] Honeysploit: Exploiting the Exploiters [02:15:13] Guy's 30 Reverse Engineering Tips & Tricks [02:16:45] Remote Code Execution on Nintendo 64 through Morita Shogi 64 Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0]) Rss Apple Podcaster →