# Why is Orkut so vulnerable to SQL Injection Scripts and Session hacking ?



## Maverick340 (May 21, 2008)

Okay,I think my topic title said it all, but yeah I d really like to know why is this so rampant on Orkut and not other sonets (social networking) like Facebook or even MySpace for that matter ..


----------



## anand1 (May 21, 2008)

It has some bugs in its script but the main cause is something which is hard to guess....!


----------



## Maverick340 (May 22, 2008)

You mean Orkut is coded poorly ?


----------



## anand1 (May 22, 2008)

Ye exactly it seems to me that it has some of the bugs in its latest theme.


----------



## Maverick340 (May 22, 2008)

Dude, which theme?? If you are mentioned those various scripts floating around on orkut about skin changing .. then um thats not what i meant. In fact the very opposite.. how is orkut allowing such scripts to execute that allows rampant hacking ?


----------



## dheeraj_kumar (May 22, 2008)

I have always assumed that Orkut is badly coded, leading to javascript exploits such as so many these days... Anyway I dont really know the answer, perhaps Rohan can share his knowledge?


----------



## kumarmohit (May 22, 2008)

Security wise Orku sux big time. proves that google is not perfect


----------



## gary4gar (May 22, 2008)

There are lot of flaws in Orkut, that even a normal user like me can notice


There was a flaw in which one could See(even locked ones),Edit or Delete Albums of Any user.
*www.devilsworkshop.org/2008/04/18/orkut-album-bug-is-fixed-details-are-here/

the Comments on photos can't be deleted, so if someone type something. it would stay  forever

 there is method which steals your cookies just by clicking on a link
so now anyone could login in your account


----------



## Maverick340 (Jun 10, 2008)

It will turn out to be a la myspace. its a good thing more than half the us/uk population
 dont know about it. otherwise "orkut sucks" would be making digg's frontpage


----------

