Tools 4 Facebook

 

As I told you yesterday, today am I publishing the list of some of the greatest weaknesses that facebook has encountered this year.

There are classed in three categories:
- Facebook major vulnerabilities,
- Thrid party application vulnerabilities and
- “Privacy” weaknesses.

Color legend: Vulnerability impact level -  HIGH - MEDIUM - LOW

Facebook major vulnerabilities:

- 05/2008: XSS vulnerability (source)

- 08/2008: facebook’s index.php source code revealed to the public (source)

 

Third party application vulnerabilities (just some of them):

- 01/2008: Moods application (SQL Injection) (source)

- 02/2008: BOF in PhotoUploader (source)

- 04/2008: Tetris Blockstar score modification (source)

 

“Privacy” weaknesses:

- 02/2008: See tagged photos of anybody (source)

- 03/2008: Enlarge small private profile pictures (source)

- 04/2008: Get access to profile of non-friends (source)

- 06/2008: See things from friends you shouldn’t (source)

 

If I forgot some big vulnerabilities, please let me know and I will add them to the list!

 

.

 

http://www.steganart.com

.

.

 

Tags: facebook hack, hack facebook, News

Related Post

• Facebook News: Believe it or Not -The Ugliest Facebook Profile has Just Been Revealed
• Facebook Hack: XSS Vulnerability (fixed on the 23/05/2008)
• Facebook hack: A New Vulnerability That Allows Novices to Stage Easy and Powerful Attacks
• Facebook Hack: How to See Tagged Photos from Anyone on Facebook
• Tools 4 Facebook Comes Back!
• Facebook Hack News: Maybe The Biggest Security Threat Facebook Has ever Faced - Its Homepage Source Code Publicly Revealed
• Facebook News: Facebook Nouveau Design Has Arrived
• Facebook Hack: A Photo Looking Back at Your Credentials Exploit - GIFAR part I
• Facebook News: Hackathon
• Facebook News: Protecting User Privacy by Example: Top Friends suspended
• Facebook News: Facebook in Number
• Facebook Hack: How to See Things From Friends You Shouldn’t
• Facebook News: Experience Applications Without the need to install it
• Facebook News: Google’s “Friends Connect” suspended to Maintain User Privacy.
• Facebook News: The Improved Profile - Part IV
• Facebook Developers news: No More Support For the Official Java Client Library.
• Facebook Hacks: How to Hack Applications like Tetris Blockstar
• Facebook News: Adobe Flash Player Updates May Affect Facebook Applications
• Facebook Video: How to Hack the Facebook “Moods” Application
• Facebook Hack: How to Easily Get Access to Limited Profile of Non-Friends
• Facebook News (hack): XML Sitemaps & FBML? New Facebook Vulnerability? - Part 2 1st of April
• Facebook News: Allocations to Email Sent From Applications to Users Feedback-based.
• Facebook News (hack): XML Sitemaps & FBML? New Facebook Vulnerability?
• Facebook News: Apps Development, Tutorials, News, Codes Samples, Hacks, …
• Facebook News: FAcebook JavaScript Library Has Been Updated.
• Facebook News: Platform Now Also Available to Users in Spanish, German and French.
• Facebook News: The Improved Profile - Part III
• Facebook Hack Tutorial: How to View Bigger Size Picture From Small Private Profiles Picture Without Losing in Resolution
• Facebook News: Victim of Their Success? - Part 2
• Facebook News: Victim of Their Success ?

December 17th, 2008
Categories: Hack Facebook, News . Author: admin

3 Comments

Comments RSS TrackBack Identifier URI

Leave a comment

Name (required)

Mail (will not be published) (required)

Website