[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] facebook
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] facebook
- From: t0hitsugu <tohitsugu@xxxxxxxxx>
- Date: Mon, 2 Jan 2012 12:45:28 -0800
anyone else notice the apps.facebook.com/<whatever> tend to be prone to sql
vulns? ie,
https://apps.facebook.com/worldwide_dev/ while not logged in, and
https://apps.facebook.com/worldwide_dev/%00
Due to them being apps, facebook I believe is not responsible for any
security issues, but in this case there is no dev listed. odd.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/