hydeinInfoSec Write-upsFrappé Technologies ERPNext Server Side Template InjectionA few months ago I was particularly focused on researching vulnerabilities that occurred in Electronic Medical Record web applications…Jan 23, 2019Jan 23, 2019
hydeYahoo — Two XSSi vulnerabilities chained to steal user information. ($750 Bounty)While intercepting requests using Burp Suite I noticed the following request:Jul 29, 20181Jul 29, 20181
hydeinInfoSec Write-upsBug Bounty: FastmailI would first like to start off by saying that Fastmail has a great bug bounty program and they really care a lot about the security of…Dec 8, 20171Dec 8, 20171
hydePhishing with history.back() open redirectWhile participating in a private bug bounty program I ran into a WAF error page that contained details about the request as well as a…Sep 9, 20172Sep 9, 20172
