Full Disclosure mailing list archives

facebook

From: t0hitsugu <tohitsugu () gmail com>
Date: Mon, 2 Jan 2012 12:45:28 -0800

anyone else notice the apps.facebook.com/<whatever> tend to be prone to sql
vulns? ie,
https://apps.facebook.com/worldwide_dev/ while not logged in, and
https://apps.facebook.com/worldwide_dev/%00

Due to them being apps, facebook I believe is not responsible for any
security issues, but in this case there is no dev listed. odd.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

facebook t0hitsugu (Jan 02)
- <Possible follow-ups>
- Re: facebook t0hitsugu (Jan 02)
  - Re: facebook Gage Bystrom (Jan 02)
    - Re: facebook Jeffrey Walton (Jan 02)
  - Re: facebook Valdis . Kletnieks (Jan 02)
    - Re: facebook James Condron (Jan 02)
    - Re: facebook t0hitsugu (Jan 02)
    - Re: facebook Valdis . Kletnieks (Jan 02)
    - Re: facebook Raj Mathur (राज माथुर) (Jan 02)
    - Re: facebook Valdis . Kletnieks (Jan 02)