myspace ?

ok, i have found a hole in myspace where i can input my own html, however all javascript and css is filtered, all GET var's are filtered for js… so i am guessing i can do something with cold fusion assuming that myspace runs off cold fusion, am i right?

If you're talking about your profiule then you're meant to be avble to put in HTML, but not JS LOL

i knew someone was going to say this after i posted the thread, no if you would like to see what i am talking about, find it on myspace classifieds. im not sure whether other people have found it but i found it on my own in only a matter of a few minutes…

Why not record while you pure pwn the site?

(:

EDIT: Sorry guess I'm not answering your question, but when it comes to that complicated hacking my skill is not reaching that far.

chislam wrote: i knew someone was going to say this after i posted the thread, no if you would like to see what i am talking about, find it on myspace classifieds. im not sure whether other people have found it but i found it on my own in only a matter of a few minutes…

Yeah I wasn't trying to be an asshole or anything

they can filter anything you enter

mind, -can- filter.

Though if it does work this thread should probably be deleted, if they see this we're all technically breaking the law by not reporting this

ya i realized they can filter all get variables, because obviously that is what goes on here. but what they didn't filter is something which i am not gonna say because i dont just give out exploits… however i will probably contact myspace soon about it

thats nice of you :)

:ninja:

They strip out all <meta> tags, and add "allowscriptaccess=never" to everything, though. So for hacking purposes, its really limited.

ya i know, its just funny that they forgot to filter this one page