Hacker known as Zer0Pwn,from Zer0Lulz, claimed that they discovered Remote File Inclusion(RFI) vulnerability in CNN website, one of famous Online global news provider.
Hacker provided a link to prove RFI vulnerability in CNN.com. He managed to inject his own Image in the CNN website. Hacker claimed there is possibility to inject PHP or any other file. If so, then hacker can inject the PHP shell and deface the site. (Reference: Remote File Inclusion).
 vulnerability in CNN.com){kind=link}