Facebook :: SQL Injection Vulnerability Found

Posted: January 8th, 2009 | Author: | Filed under: My Self | Tags: , | 6 Comments »

Yesterday, a friend of mine, YM me and inform me regarding the SQL injection that he found.

After tested, I’ve found that the SQL injection is working and I straight away launch a report to Facebook team… But until now, the vulnerability still haven’t been patched by them.

So , if you are a Facebook user, please change your password 🙂

Another thing about Facebook is.. I hate Superpoke, not bacause of the application, but the Superpokers. Hahaha.. I already block and remove the application from me account..

6 Comments on “Facebook :: SQL Injection Vulnerability Found”

  1. 1 Ngah said at 6:44 PM on January 8th, 2009:

    I rejected all kinds of applications invited by my friends. To me, FB is a mere social network to connect me and and friends. That’s all.

    p/s: Dear, what happen to your English? It sounds lack here and there. You used to be very particular about grammar. Hehe.

  2. 2 genius said at 11:15 PM on July 28th, 2009:

    and what’s the mysql injection code?

  3. 3 xanda said at 9:21 AM on July 29th, 2009:

    @genius: its no longer works 😉

  4. 4 abus-hack said at 7:48 AM on April 26th, 2011:

    plz give type of injection!!!


  5. 5 ORION said at 11:34 PM on August 21st, 2011:

    how do you found this with a scanner ?

  6. 6 xanda said at 11:39 AM on August 22nd, 2011:

    by luck 😉

Leave a Reply