MyBlogLog Bug
I received a request from BlogMeme to become co-author of the community. I was thinking that it’s a clean invitation ( I mean an invitation with no negative intention like spamming, etc). But, ShoeMoney revealed that it’s a MyBlogLog exploit.
If you look at my profile on MyBlogLog You will see 2 sites that I did not add.
I wonder if Yahoo could be possibly liable here because basically Yahoo is saying that I said I own these sites… yet I did not…
Check out Jason Calacanis community. Evidently in addition to calacanis.com he also owns and authors seoadwords.com …. right….
So what else can people do with cross site xploits on mybloglog? Oh I think we are just seeing the tip.
The exploiter on this explains:
Choose ad a Co-Author, type in the MyBlogLog member name. (for example: Shoemoney). This sends out a e-mail to the user account with a link add yourself as a co-author. Now most people won’t open them, or they get picked up as spam.
Now exam the link:
http://www.mybloglog.com/buzz/add_author_conf.php?sid=&mid=
SID = Site ID, which is the community you author
MID = Member ID, which is the member the e-mail went toNow, if you open that url, it will automatically add the author, no clicking, no form etc.
If you send author requests to a bunch of people. For example, yourself. Then find their memberID, your own SiteID, and insert them into the url, open in a browser. Bam, you have new authors on the community.
I am thinking if I will use this exploit…
-
Sign up for PayPal and start accepting credit card payments instantly.
As the world's number one online payment service, PayPal is the fastest way to open your doors to over 150 million member accounts worldwide. -
Promote your product to high quality, targeted websites and blogs.
Find effective, influential blogs and highly targeted audiences to advertise.Choose to display your ad across entire blog networks to maximize your exposure to a wide audience.
Related Post
- Pinay Scandal
- Eric Reaction On MyBlogLog Bug
- MyBlogLog Let’s You Own Someone’s Blog
- Follow What MyBlogLog Users Surf
- Microsoft AdCenter Bug Fixed
- MyBlogLog Banning Members
- Let’s Forgive Each Other
- Yahoo! Tracks Google Adsense Clicks
- MyBlogLog, Needs Community Manager
- MyBlogLog Exploit
- The Advantage of Using MyBlogLog
- Does Yahoo! Studied Adsense Through MyBlogLog?
- Upgrade Now to Wordpress 2.2.2 and Wordpress 2.0.11
- Feed Subscribers Now 700+
- Lost 2 Programmed Posts
- Tech Big Men Hitting Each Other Big Names
- www.sss.gov.ph static information
- sss gov.ph SSS Online Inquiry
Recently Commented
- Angel Locsin
- October 2009 New Teachers Oath Taking, Other Issues
- SSS Disability Benefits
- SSS Sickness Benefits
- AdMob To Join Google
- How to Avail SSS Maternity Benefits?
- Podcasting: What's this?
- Manny Pacquiao Wins, Washed Out Cotto From His Head
- Link Baiting - Fishing: Newbie SEO Attacks Experts
- Jollibee Scandal: Spread the Word?
- Naruto Series Blog, Making Live Again
- How Important is the PageRank?
- Make Money Online By Surfing Using Viewbar
- Google PR, Halloween 2009 Update
- Broadcast Yourself: Video Blogging Plugins
Comments
2 Responses to “MyBlogLog Bug”
Trackbacks/Pingbacks
-
[...] MyBlogLog Bug [...]


































Dude, don’t even joke about using exploits. No good karma will come of it. In the meantime, we have not only turned off the exploit, we’ve also blogged about the entire experience and what we’re doing in the future. I hope you’ll have a look. http://mybloglogb.typepad.com/my_weblog/2007/02/weekend_spamtac.html