hydeinInfoSec Write-upsFrappé Technologies ERPNext Server Side Template InjectionA few months ago I was particularly focused on researching vulnerabilities that occurred in Electronic Medical Record web applications…4 min read·Jan 23, 2019----
hydeYahoo — Two XSSi vulnerabilities chained to steal user information. ($750 Bounty)While intercepting requests using Burp Suite I noticed the following request:3 min read·Jul 29, 2018--1--1
hydeinInfoSec Write-upsBug Bounty: FastmailI would first like to start off by saying that Fastmail has a great bug bounty program and they really care a lot about the security of…3 min read·Dec 8, 2017--1--1
hydePhishing with history.back() open redirectWhile participating in a private bug bounty program I ran into a WAF error page that contained details about the request as well as a…2 min read·Sep 9, 2017--2--2