Yes ! CNN is also not Secure site, There are Multiple SQL Injection Vulnerabilities on CNN News site exposed by Hacker named “Sec Indi“.
CNN.com is among the world’s leaders in online news and information delivery. Staffed 24 hours, seven days a week by a dedicated staff in CNN’s world headquarters in Atlanta, Georgia, and in bureaus worldwide, CNN.com relies heavily on CNN’s global team of almost 4,000 news professionals. CNN.com features the latest multimedia technologies, from live video streaming to audio packages to searchable archives of news features and background information. The site is updated continuously throughout the day.
SQL Injection Vulnerable Links :
1.) http://cgi.money.cnn.com/tools/collegecost/collegecost.jsp?college_id=’7966
2.) http://cgi.money.cnn.com/tools/fortune/compare_2009.jsp?id=11439′
Screenshots Submitted By Hacker :
SQL Injection Vulnerability was the Reason for biggest data breaches of 2011 ,like various SONY hacks. Hacker said that he inform the CNN admin 2-3 times, but site is still Vulnerable. I think now CNN should take this small bugs Seriously.
the following channels:
Facebook Page : http://www.facebook.com/thehackernews
Our Twitter : http://www.twitter.com/TheHackersNews
Source: Multiple SQL Injection Vulnerabilities on CNN website Exposed