Facebook :: SQL Injection Vulnerability Found
Posted: January 8th, 2009 | Author: xanda | Filed under: My Self | Tags: facebook, superpoke | 6 Comments »Yesterday, a friend of mine, YM me and inform me regarding the SQL injection that he found.
After tested, I’ve found that the SQL injection is working and I straight away launch a report to Facebook team… But until now, the vulnerability still haven’t been patched by them.
So , if you are a Facebook user, please change your password 🙂
Another thing about Facebook is.. I hate Superpoke, not bacause of the application, but the Superpokers. Hahaha.. I already block and remove the application from me account..
I rejected all kinds of applications invited by my friends. To me, FB is a mere social network to connect me and and friends. That’s all.
p/s: Dear, what happen to your English? It sounds lack here and there. You used to be very particular about grammar. Hehe.
and what’s the mysql injection code?
@genius: its no longer works 😉
plz give type of injection!!!
Anonymous!!
how do you found this with a scanner ?
by luck 😉