anyone else notice the apps.facebook.com/<whatever> tend to be prone to sql vulns? ie, https://apps.facebook.com/worldwide_dev/ while not logged in, and https://apps.facebook.com/worldwide_dev/%00
Due to them being apps, facebook I believe is not responsible for any security issues, but in this case there is no dev listed. odd.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
