Details:
========
A SQL Injection vulnerability is detected on the My Phrase Box facebook application (apps.facebook).
The vulnerability allows an attacker (remote) to inject/execute own sql statements on the affected fb application dbms.
Successful exploitation of the vulnerability can result in compromise of the affected application dbms.
Vulnerable Module(s):
[+] My Phrase Box – Facebook 3rd Party Application
Vulnerable Param(s):
[+] ?show_dialog= & app_id=
Affected Application(s):
[+] http://apps.facebook.com/my_phr_box/
— SQL Logs —
5.1.54-1ubuntu4-log: 11
—
Pictures:
../1.png
0 条评论。