Matt Weinberg

I’m a New York-based husband and father, and am Co-Founder and President of Technology & Development at Happy Cog (formerly known as Vector Media Group). Want to get in touch? Email Me.

• Twitter (@mrw)
• GitHub
• LinkedIn

Posts

• How to order for the best experience at Katz’s Deli
• Reading Isaac Asimov’s sci-fi classics
• Chinatown (Manhattan) Food Suggestions

Security Reports

I want to help websites stay secure. I’ve found and reported issues on a number of sites, including:

• An XSS vulnerability on FAA.gov.
• An XSS vulnerability on JetBlue.com.
• An XSS vulnerability on Priceline.com.
• An XSS vulnerability on the site of a major national ISP.
• An XSS vulnerability on a major SSL and security solution provider’s website that could have trivially led to password theft.
• A full account takeover vulnerability on the recruiting platform VenturePact.
• An XSS vulnerability on the much-used car dealer CRM and ERP system Dominion.
• An XSS vulnerability on the popular email marketing platform iContact.
• An XSS vulnerability on the email marketing service Ongage.
• An XSS vulnerability on the development vendor Communardo’s site.
• An XSS vulnerability on the ExpressionEngine CMS documentation website.
• An XSS vulnerability on the main website of a $2 billion, publicly-listed company
• An SQL injection and XSS on a popular SaaS reporting service
• An XSS vulnerability in TeamGantt, a popular online project management service