apps.facebook.com still vulnerable to SQL and html Injection
so let's see some screenshots :)
Iframe injection poc: http://apps.facebook.com/lol_pets/?added_app=
many others applications seems to be vulnerable so be carefull !
see also my old post about sql injection on http://apps.facebook.com
another apps. vulnerable to sql injection
and here we have another html injection poc: http://apps.facebook.com/app-tap