61 matches found
searchapp.cnn.com XSS vulnerability
Vulnerable URL: http://searchapp.cnn.com/weboffers/weboffers.jsp?itype=cnn=cnn=zombie=%3C/script%3E%3Cscript%3Ealert%28/xssposed/%29%3C/script%3E=csi3 Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 09:56 GMT Vulnerability type:| XSS...
ads.cnn.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-53152 Description| Value ---|--- Affected Website:| ads.cnn.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet Vulnerable...
CNN Cross Site Scripting / Open Redirect
CNN Travel.cnn.com XSS and Ads.cnn.com Open Redirect Security Vulnerability Domain: http://cnn.com "CNN is sometimes referred to as CNN/U.S. to distinguish the American channel from its international sister network, CNN International. As of August 2010, CNN is available in over 100 million U.S...
Syrian Electronic Army Hits CNN, Microsoft
Just like it’s done time and time before, the Syrian Electronic Army SEA broke into yet another media outlet late last week, hacking a handful of social media accounts belonging to CNN, including seven Twitter accounts and two Facebook accounts. CNN admitted the accounts were compromised in a pos...
CNN's Twitter, Facebook and website hacked by Syrian Electronic Army
A well-known pro-Syrian hacker group known as Syrian Electronic Army SEA, aligned with President Bashar al-Assad, who successfully attacked The New York Times, Huffington Post, and Twitter, BBC, National Public Radio, Al-Jazeera, Microsoft, Xbox, Skype and responsible for cyber-attacks against...
TIME Magazine Twitter account hacked by Syrian Electronic Army
Just now, The hacktivist group Syrian Electronic Army SEA briefly took over the Twitter account of the TIME Magazine. The Hacker group tweeted from the TIME's official account, "Syrian Electronic Army Was Here via @OfficialSEA16..Next time write a better word about the Syrian president SEA" with...
Email Spam Claims US Attacks Syria and Leads to Malware
A new phishing campaign is disseminating malicious links with emails purporting to come from CNN saying that the United States has initiated military strikes against the embattled regime of Syrian President Bashar al Assad. One such email, obtained by Kaspersky Lab and posted on Securelist, comes...
Syrian Electronic Army Hacks the Outbrain service; Washington Post, CNN suffers
After months of disrupting the Twitter accounts of major U.S. media outlets, The Syrian Electronic Army Leader Says that they won't Stop hacking. Just two days before SocialFlow, a social media optimization platform was hacked by Syrian Electronic Army and readers on certain stories being...
Syrian Electronic Army Hacks the Outbrain service; Washington Post, CNN suffers
After months of disrupting the Twitter accounts of major U.S. media outlets, The Syrian Electronic Army Leader Says that they won’t Stop hacking. Just two days before SocialFlow, a social media optimization platform was hacked by Syrian Electronic Army and readers on certain stories being...
CNN.com Cross Site Scripting
Exploit Title: CNN XSS Date: 14.09.2012 Author: TayfunBasoglu Tested: BackTrack 5 Platform: html-asp ------------------------------------------------------------------...
Dave Aitel Discusses Hacking Groups' Agendas
It has come to this: CNN is now running segments on the attacks attributed to LulzSec, Anonymous and other groups and the FBI raids on suspected members of those crews. The network had Dave Aitel of Immunity Inc. on this morning to discuss the effects of the recent arrests and what the groups’...
Multiple SQL Injection Vulnerabilities on CNN website Exposed
Multiple SQL Injection Vulnerabilities on CNN website Exposed Yes ! CNN is also not Secure site, There are Multiple SQL Injection Vulnerabilities on CNN News site exposed by Hacker named "Sec Indi ". CNN.com is among the world's leaders in online news and information delivery. Staffed 24 hours,...
Multiple SQL Injection Vulnerabilities on CNN website Exposed
Multiple SQL Injection Vulnerabilities on CNN website Exposed Yes ! CNN is also not Secure site, There are Multiple SQL Injection Vulnerabilities on CNN News site exposed by Hacker named "Sec Indi". CNN.com is among the world's leaders in online news and information delivery. Staffed 24 hours,...
QNet confirmed that e-commerce portal was down due to DDoS attack
QNet confirmed that E-commerce portal was down due to DDoS attack QNet has confirmed that its e-commerce portal was recently the target of a Distributed Denial of Service DDoS attack. This caused its main website to be offline for over 36 hours. QI Group IT Director, TG Kintanar said, "As a globa...
Anonymous Press Release for Journalists !
Anonymous Press Release for Journalists ! Today Anonymous Hackers Release a new Press Note for all those Journalists, who writing a story, and have come to their website to do research, or pull a quote. AnonNews uses an open-posting concept. Anyone can post to the site, and moderators will approv...
Is the U.S. Unprepared for a Real Cyber Attack?
During the simulated cyber attack that took place yesterday in Washington and was recorded by the CNN, one thing became clear: the US are still not ready to deflect or mitigate such an attack to an extent that would not affect considerably the everyday life of its citizens. Read the full article...
Cyber Challenge Tests Nation's Top Hackers
CNN reports on the U.S. Cyber Challenge, which is aimed at identifying young people with exceptional computer skills and inspiring them to join the country’s woefully understaffed ranks of cybersecurity specialists...
CNN iReport: ToorCon Hacker Conference
At the ToorCon San Diego conference, a CNN iReporter talks with security professionals about basic security issues and then see Marty Morrow escape from handcuffs without a key!...
Conficker-infected PCs get update, better anti-security defenses
From Network World Jeremy Kirk Millions of PCs infected with the Conficker virus have received a series of updated files over peer-to-peer connections that improve the worm’s defenses against security products and also include a sniffer and some fake anti-virus software. This is just the latest...
cnn-xss.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear CNN, I recently discovered a security vulnerability on the www.cnn.com website. I believe the vulnerability can be used by a remote user to alter content on www.cnn.com. On 10 Nov 2008, I wrote to...