19 February 2007 | 10,290 views

Another 0-day MySpace XSS Exploit

Cybertroopers storming your ship?

This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought).

Once again an XSS flaw shows up in MySpace.

digi7al64 found yet another hole in myspace using non-alpha-non-digit exploit. Again, this time, like last time, MySpace is doing a bad job of stripping out tags. This is the fifth time they’ve been hit by this exact same issue. MySpace should really consider hiring someone who knows how to write while loops. Until then they are vulnerable yet again. The trick is again simple:

becomes: because they strip out the

Advertisements



Subscribe to Darknet RSS Feed Subscribe to Darknet RSS Feed Subscribe to Darknet RSS Feed

Recent in Exploits/Vulnerabilities:
- PayPal Remote Code Execution Vulnerability Patched
- Fortinet SSH Backdoor Found In Firewalls
- Facebook Disabled Flash For Video Finally

Related Posts:
- MySpace Hackers in Police Custody
- Teen Data Exposed on Myspace
- Data Mining MySpace Bulletins

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 233,081 views
- AJAX: Is your application secure enough? - 119,809 views
- eEye Launches 0-Day Exploit Tracker - 85,360 views

Low-cost VPS Hosting

Comments are closed.