Myspace lets anyone view private profiles

Submitted by thegeek on Fri, 08/18/2006 - 12:24pm

On August 18 2006 a post was made at our website explaining how easy it was to access (private) comments and photos on Myspace profiles set to "private". This vulnerability in Myspace profiles had apparently been known by the "Myspace underground" for some time, but had not been addressed by the Myspace security people. On August 26, this vulnerability was made public on Digg.com and suddenly the whole world knew about it. Once in the spotlight, Myspace band-aided this "view private profile" hole in less than 24 hours.

Note: The information contained on this page is for educational purposes only. It is hoped that by making such breaches in Myspace privacy/security public, Myspace administrators/programmers can correct the issue and prevent further lapses in security in the future. Myspace.com has been notified of this security vulnerability. Originally posted: 8/18/06; 12:05PM

Posted by: xxrachelnic0lexx;

Subject: comments on a private profile

 

ok..here's the Myspace code to view private comments:
http://editprofile.myspace.com/index.cfm?fuseaction=profile.safeDeleteComments&FriendID= *insert their Myspace friendID at the end For pictures: http://collect.myspace.com/user/viewPicture.cfm?friendID= ** **Put the friendID there

 


Ask questions or discuss other Myspace issues in the Myspace forum

 

 

   

Comments

Anonymous

Sun, 08/27/2006 - 9:20am

Oh, the pervs will love this.. the only people that will love this more is the lawyers :-)

Anonymous

Sun, 08/27/2006 - 9:59am

It seems that even if a profile has been deleted, MySpace still retain all private images associated with the account. Hence if you look up a userid of a deleted user, it is simply identified as "Friend", and if you follow that link you will get the message that the account has been deleted.

Anonymous

Sun, 08/27/2006 - 10:26am

Is it just comments you can view?

Anonymous

Sun, 08/27/2006 - 2:10pm

yah, this has been out for a few months. i tried it before but i could not get it to work.. hehe.. but now it does work :-)

my guess is that myspace will have this fixed soon.. like.. in another 6 months or so.

chsw80

Sun, 08/27/2006 - 7:20pm

I doubt anything was actually fixed. You can still view pictures if you happen to know the exact URL. Can't do a safe mode edit on your own comments either. The code is just absent from the .cfm files now. If anyone has cached copies of http://editprofile.myspace.com/index.cfm and http://collect.myspace.com/user/viewPicture.cfm, I bet they will still work.

alizee

Thu, 08/31/2006 - 12:13am

i really want to find out what the new vulnerability code is :|

anything duping myspace is A-OK with me :D

thirdrail

Sat, 09/02/2006 - 11:52am

Honestly i can understand why concerned parents would benifit by getting into private profiles and maybe some:still in love or i can't believe he/she left me person, but we as adults must realize that YES their are alot of pedophilles out here luring in young boy's and girl's through this my space craze. The biggest security breach is one of the oldest tricks in the book, the good ol TROJAN HORSE. You see yes the stark reality is that there are holes in my space, if i may say for myself and everytime TOM & CO. fixes one it's like ten more pop up which makes the followers of this site including myself well.... good followers. Myspace is a good networking outlet/damn you got a page too/the last time i saw you was in kindergarden, medium, but we as "responsibly" (the funny thing is that as i was writing responsible i chuckled in my mind thinking to myself now who you fooling with this B.S!@#, this dude is up hear preaching to the choir, he on the wrong page wit this s!#@, and their is alway's that one geek that is going to protest to the head honcho of this site to just delete this clowns account, let me get back...) yes responsible adults must just get a lil more involved into who our kids, family and friends are contacting out their. I even got caught up on this profile view code for a while until it dawned on me that i made my own daughter set her profile to private... damn.

BOB_the_Fly

Tue, 09/05/2006 - 5:44am

Has anyone found or came up with a new hack code to view private profiles on myspace. I think my husband may be cheating. I want to view the suspected 'other womans' profile. I was told she has pictures of him and her posted.

carebear10

Wed, 09/06/2006 - 3:20am

If there is a new hack for this? I'm only concerned about my family, not trying to snoop into everyone else. Thank you.

cassandra

Fri, 09/08/2006 - 10:43am

If there is a new code can someone please send it to me. I need to check on someone who has been bugging my little sister. Thanks!

Pages

Add new comment