Loading....
- Hacker Uses XSS and Google Street View Data to Determine Physical Location
- CAnCAn te iubim, CA CA tine nu gasim. Superfete.cancan.ro e de rahat
- Deface (?!?) pe Cotidianul.ro
- Virusi in clipuri video [how to]
- Cyber-Bullying – palma parinteasca a noului mileniu
- Christopher “moot” Poole: The case for anonymity online
- Wtf Avira?
- Some old story about tagged.com
- Pwning cam girls for fun
- Tabloshit
Loading....
- Yahoo! again - XSS in Uncategorized (357 Visits)
- Yahoo! again - bad settings? in Uncategorized (252 Visits)
- Fanii nostri in Uncategorized (183 Visits)
- Frustrant in Uncategorized (146 Visits)
- La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
- Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
- Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
- ... in Uncategorized (38 Visits)
- XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
- Hackersblog.org is now blog.rstcenter.com in (1770 Visits)
- O mica dar importanta precizare in (1371 Visits)
- Twitter in (805 Visits)
- This is the end in (776 Visits)
- Ce servicii de mail folositi? in (773 Visits)
- Un nou membru in (730 Visits)
- La multi ani România, la multi ani românilor in (718 Visits)
- Inca o pierdere de timp in (674 Visits)
- De reţinut in (634 Visits)
- Azi este ziua userilor hackersblog.org in (610 Visits)
- SMS scam (1) in (564 Visits)
- Dezinformare sau proasta informare? in (563 Visits)
- Hi5.com coders read this in (553 Visits)
- Phishing Raiffeisen cu atasament html in (516 Visits)
- Phishing Bancpost in (486 Visits)
- Si tentativele de phishing pot fi amuzante in (422 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2707 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2601 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1143 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (1107 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (950 Visits)
- Virusi in clipuri video [how to] in (838 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (725 Visits)
- Yahoo! redirects - a big issue (with video) in (570 Visits)
- Internet vs. privacy (1) in (469 Visits)
- Ca musca in... in (435 Visits)
- RedTube.com ... The Free Sex Video Community in (12973 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (4921 Visits)
- libertatea.ro vulnerabil la (blind) sql injection in (2950 Visits)
- Pwning cam girls for fun in (2586 Visits)
- Telegraph.co.uk hacked, sql injection in (2547 Visits)
- Facebook hacked - sql injection in (2425 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2406 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (1775 Visits)
- [Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1744 Visits)
- Wtf Avira? in (1723 Visits)
- Christopher "moot" Poole: The case for anonymity online in (1495 Visits)
- Digital Photocopiers Loaded With Secrets in (1458 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (592 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (590 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (463 Visits)
- PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (396 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (379 Visits)
- [Video] The History Of Hacking in (373 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (368 Visits)
- The Story of DEFCON in (343 Visits)
- Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3493 Visits)
- RNS vs. RAI - citizenreport.rai.it hacked. in (3300 Visits)
- Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (2996 Visits)
- Se poate sparge parola de Yahoo? in (2572 Visits)
- Free SMS time, TrimiteSMS.ro in (2492 Visits)
- Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2464 Visits)
- Gmail uber hacking in (2256 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2255 Visits)
- Cancan.ro spart pentru a doua oara intr-o zi in (2252 Visits)
- Stiri cu antena3 in (2208 Visits)
Posted on May 25th, 2009
…when they share members info’s with anyone.
So let’s see what orange.fr offers to attackers:
245000 accounts containing:
1. E-mail address
2. First and last name
Next screenshot:

Ok, so a large company (Orange in this case) jeopardizes personal data of its users. This is old news already.
Submitted by unu – orange.fr staff was announced by him but still no response from them.


May 25th, 2009 at 2:44 am
[...] showstopper however is the vulnerability on the orange.fr website which was posted today. According to 2fingers over at HackersBlog a SQL injection vulnerability was discovered by fellow [...]
May 25th, 2009 at 8:11 am
gr8 job, people!
May 25th, 2009 at 8:39 pm
Huge leak, how is it possible for a big company like orange to have this vulnerable…
May 26th, 2009 at 12:01 pm
Se lucreaza.
Nous effectuons actuellement des travaux de maintenance sur ce site.
May 26th, 2009 at 1:35 pm
They also seems to have some xss leaks….
http://www.tinyurl.com/qgey92
May 26th, 2009 at 2:12 pm
[...] blog roumain HackersBlog publie ce jour un billet ironiquement intitulé “Orange is so cool ” et remerciant le [...]
May 26th, 2009 at 9:39 pm
[...] http://www.hackersblog.org/2009/05/25/orange-is-so-cool/ Bookmark « WTA.ro – XSS periculos [...]
May 28th, 2009 at 9:10 am
[...] a été divulguée par un site roumain, http://www.hackersblog.org, sur un billet du blog intitulé “Orange is so cool”. Ce genre de faille est très [...]
May 28th, 2009 at 1:00 pm
[...] publicité pour Orange. Le site roumain Hackersblog.org affirme qu’il a pu mettre la main sur 245.000 comptes du site Orange.fr, en exploitant une [...]
May 29th, 2009 at 11:56 am
[...] gente de HackersBlog ha publicado una breve entrada en la que comentan que el sitio web de la operadora móvil francesa, [...]
May 29th, 2009 at 4:54 pm
[...] publicité pour Orange. Le site roumain Hackersblog.org affirme qu’il a pu mettre la main sur 245.000 comptes du site Orange.fr, en exploitant une faille [...]
May 30th, 2009 at 11:41 am
hai mah sa exploatam
June 3rd, 2009 at 2:45 pm
[...] Orange se fait voler 245.000 mots de passe sur son site web. C’est moche ! [...]