Blog Universitas Komputer Indonesia

Multiple SQL Injection Vulnerabilities on CNN website Exposed

Multiple SQL Injection Vulnerabilities on CNN website Exposed
Yes ! CNN is also not Secure site, There are Multiple SQL Injection Vulnerabilities on CNN News site exposed by Hacker named "Sec Indi".


CNN.com is among the world's leaders in online news and information delivery. Staffed 24 hours, seven days a week by a dedicated staff in CNN's world headquarters in Atlanta, Georgia, and in bureaus worldwide, CNN.com relies heavily on CNN's global team of almost 4,000 news professionals. CNN.com features the latest multimedia technologies, from live video streaming to audio packages to searchable archives of news features and background information. The site is updated continuously throughout the day.


SQL Injection Vulnerable Links :
1.) http://cgi.money.cnn.com/tools/collegecost/collegecost.jsp?college_id='7966


2.) http://cgi.money.cnn.com/tools/fortune/compare_2009.jsp?id=11439'


Screenshots Submitted By Hacker :
1
 
1
 
SQL Injection Vulnerability was the Reason for biggest data breaches of 2011 ,like various SONY hacks. Hacker said that he inform the CNN admin 2-3 times, but site is still Vulnerable. I think now CNN should take this small bugs Seriously.
 
 
sumber : internet
silahkan translate sorangan ... ^_^
Format Lainnya : PDF | Google Docs | English Version
Diposting pada : Senin, 20 Juni 11 - 00:05 WIB
Dalam Kategori : CNN, HACKED, SQL INJECTION
Dibaca sebanyak : 1022 Kali
Tidak ada komentar pada blog ini...
Anda harus Login terlebih dahulu untuk mengirim komentar
Facebook Feedback