Vevo website hacked by TeslaTeam via SQL Injection vulnerability

Sponsored Links
Tesla Team, one of the hacker group from Serbia has claimed to have breached the Vevo website(Vevo.com).

Vevo is a joint venture music video website owned and operated by Universal Music Group, Google, Sony Music Entertainment, and Abu Dhabi Media.

The team has discovered a SQL Injection vulnerability in one of the sub-domains of Vevo website that allowed hackers to compromise their database.

In a pastebin leak(pastebin.com/TAjce91x), the group leaked a vulnerable link as well as a proof of concept that exploits the vulnerability.  The dump of the database is claimed to have containing emails and password of admins and other users.

It appears some one with username "JoinSeventh" in HackForums has already published the vulnerability details in 2012.
Category: / /

Share this with Your friends:


About Author

, founder of E Hacking News, an Information Security enthusiast who has more interest in PenTesting and Malware analysis. You can find him on Google+ Profile , Twitter and Facebook.