Full Disclosure mailing list archives
From: t0hitsugu <tohitsugu () gmail com>
Date: Mon, 2 Jan 2012 12:45:28 -0800
anyone else notice the apps.facebook.com/<whatever> tend to be prone to sql vulns? ie, https://apps.facebook.com/worldwide_dev/ while not logged in, and https://apps.facebook.com/worldwide_dev/%00 Due to them being apps, facebook I believe is not responsible for any security issues, but in this case there is no dev listed. odd.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- facebook t0hitsugu (Jan 02)
- <Possible follow-ups>
- Re: facebook t0hitsugu (Jan 02)
- Re: facebook Gage Bystrom (Jan 02)
- Re: facebook Jeffrey Walton (Jan 02)
- Re: facebook Valdis . Kletnieks (Jan 02)
- Re: facebook James Condron (Jan 02)
- Re: facebook t0hitsugu (Jan 02)
- Re: facebook Valdis . Kletnieks (Jan 02)
- Re: facebook Raj Mathur (राज माथुर) (Jan 02)
- Re: facebook Valdis . Kletnieks (Jan 02)
- Re: facebook Gage Bystrom (Jan 02)