22 matches found
Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald 's was exposed after they guessed the password "123456" for the fast food chain's account at Paradox.ai , a company that makes artificial intelligence based hiring chatbots...
McDonald’s AI Hiring Tool McHire Security Flaw Exposed Candidate Chat Data
Major security flaw in McDonald's McHire platform exposed 64M job applications. Discover how an IDOR vulnerability and weak…...
McDonald’s Ice Cream Machine Hackers Say They Found the ‘Smoking Gun’ That Killed Their Startup
Kytch, the company that tried to fix McDonald’s broken ice cream machines, has unearthed a 3-year-old email it says proves claims of an alleged plot to undermine their business...
mcdonalds.ru Open Redirect vulnerability OBB-3585880
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
42,000 phishing domains discovered masquerading as popular brands
By Deeba Ahmed According to researchers, this scam is highly sophisticated and large-scale, targeting brands like McDonald’s, Unilever, Emirates, Knorr, Coca-Cola, etc. This is a post from HackRead.com Read the original post: 42,000 phishing domains discovered masquerading as popular brands...
mcdonalds.lv Cross Site Scripting vulnerability OBB-2676381
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Ice Cream Machine Hackers Sue McDonald's for $900 Million
Kytch alleges that the Golden Arches crushed its business—and left soft serve customers out in the cold...
McDonald’s Email Blast Includes Password to Monopoly Game Database
McDonald’s UK Monopoly VIP game kicked off at the end of August, and a recent round of emails sent to winners of the game’s various prizes included more than a coupon for free fries. The franchise accidentally inserted passwords for a McDonald’s server that hosted information tied to the UK...
Talos Takes Ep. #57: A ransomware-as-a-service explainer
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. How much is ransomware-as-a-service like a McDonald’s franchise? More similar than you’d think! The RaaS model has... This...
Hacking McDonald's for Free Food
This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. Once you take the survey, you receive a coupon code for a free small beverage, redeemable within a...
Hacking the McDonald's Monopoly Sweepstakes
Long and interesting story -- now two decades old -- of massive fraud perpetrated against the McDonald's Monopoly sweepstakes. The central fraudster was the person in charge of securing the winning tickets...
restaurants.mcdonalds.fr XSS vulnerability
Open Bug Bounty ID: OBB-659442 Description| Value ---|--- Affected Website:| restaurants.mcdonalds.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
www1.development.mcdonalds.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-636873 Description| Value ---|--- Affected Website:| www1.development.mcdonalds.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:|...
mcdonalds.com XSS vulnerability
Open Bug Bounty ID: OBB-555266 Description| Value ---|--- Affected Website:| mcdonalds.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based...
restaurants.mcdonalds.fr XSS vulnerability
Open Bug Bounty ID: OBB-524527 Description| Value ---|--- Affected Website:| restaurants.mcdonalds.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...
mcdonalds.com IFRAME Injection vulnerability
Vulnerable URL: https://www.mcdonalds.com/us/en/errors/404.emailform.html?hidSendEmail=no=vegaÃÂÃÂÃÂätPageTitle=404ÃÂÃÂÃÂätPageUrl=http://www.mcdonalds.com/us/en/errors/404.htmlÃÂÃÂÃÂätPagePath=1=1" src= XANY Details: Description| Value ---|--- Patched:| Yes, at...
mcdonalds.com XSS vulnerability
Vulnerable URL: https://www.mcdonalds.com/us/en/errors/404.emailform.html?hidSendEmail=no=vegaätPageTitle=404ätPageUrl=http://www.mcdonalds.com/us/en/errors/404.htmlätPagePath=1=1" src=--'"to=1name=Joey=1 Details: Description| Value ---|--- Patched:| Yes, at 27.09.2017 Latest check for...
mcdonalds.md XSS vulnerability
Vulnerable URL: http://www.mcdonalds.md/?m=default=getCaptchaImg=algebric=2cf0605e7e6acab1c7a45337c1e9f833?search=xss%3Cimg%20src=x%20onerror=confirm%22OPENBUGBOUNTY%22%3E& Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability...
www1.staging.mcdonalds.com XSS vulnerability
Vulnerable URL: http://www1.staging.mcdonalds.com/googleapps/GoogleArabicSearchAction.do?method=googlesearchLocation=kw=ar=';alert/OPENBUGBOUNTY/;x=' Details: Description| Value ---|--- Patched:| Yes, at 26.09.2017 Latest check for patch:| 26.09.2017 23:03 GMT Vulnerability type:| XSS Vulnerabili...
McDonald's Gutscheine App Bonn - Base64 encoded String, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application McDonald's Gutscheine App Bonn published at the 'play' market has multiple vulnerabilities...