I just checked out my Apache logs and found this interesting entry:
220.127.116.11 – – [22/Oct/2012:13:21:25 -0400] “GET /?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(0x6730306431),7,8,9,10,11,12– HTTP/1.1” 403 5043 “-” “Mozilla/3.0 (windows)”
It appears to be an exploit attempt against the Facebook Connect plugin.
Here’s a webpagethat shows how it works.
There are quite a few websites potentially vulnerable to this exploit. While it doesn’t appear to make Facebook itself vulnerable, it does compromise any WordPress blogs which use this plugin.