United
Loading....
- Yahoo! again - XSS in Uncategorized (357 Visits)
- Yahoo! again - bad settings? in Uncategorized (252 Visits)
- Fanii nostri in Uncategorized (183 Visits)
- Frustrant in Uncategorized (146 Visits)
- La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
- Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
- Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
- ... in Uncategorized (38 Visits)
- XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
- Ce servicii de mail folositi? in (121 Visits)
- Azi este ziua userilor hackersblog.org in (120 Visits)
- De reţinut in (117 Visits)
- Inca o pierdere de timp in (107 Visits)
- De tinut minte in (106 Visits)
- Twitter in (78 Visits)
- Un nou membru in (74 Visits)
- Interviu la Radio Lynx in (70 Visits)
- 2009 in (51 Visits)
- Editori noi. in (35 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (199 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (139 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (104 Visits)
Loading....
- ioana (2)
- Lucian Constantin (2)
- Andrei Rinea (2)
- pax (1)
- TotEu23 (1)
- viorel (1)
- Cristi - Jurnalul National (1)
- alex (1)
- Bogdan (1)
- ghici (1)
Posted on May 29th, 2009
Finally the last reported vuln is patched, and we can post new infos about the third SQL Injection vulnerability in Orange websites.
Now we are talking about 190 000+ exposed accounts with passwords stored in plain text.
schema_name + version_user_database
User, email and pass (in plain text)
Submitted by unu.
Patched by Orange.fr staff.
May 29th, 2009 at 8:33 pm
I hope unu gets a good reward for doing this for orange
May 30th, 2009 at 12:16 pm
I wonder what a online gsm shop from France would do with 190000 email addresses
Maybe send a newsletter?
June 4th, 2009 at 12:53 am
Newsletter + SPAM