$12,500 for Reporting Facebook Bug That Allowed You To Delete Anyone’s Photos

Ryan Simmons / 9 years ago

Researcher Laxman Muthiya discovered that Facebook had extraordinarily simple bug that essentially gave anyone the ability to delete any photo on Facebook. Literally, any photo – this could have given someone the ability to delete every single photo on Facebook.

The bug used Facebook’s Graph API, which basically allows anyone to delete an entire photo album with one command. That of course only applies to the photos that belong to you and are in your account – not photos from other accounts. However, using the mobile version of that API, the following command was all it took to instantly wipe pretty much anyone’s Facebook photos.

Request :-
DELETE /518171421550249 HTTP/1.1
Host : graph.facebook.com
Content-Length: 245
access_token= facebook_for_android_access_token

Now there’s quite a few people who would have taken this as quite an opportunity to cause some mayhem. It could have developed into a massive problem for Facebook all over the world, except Muthiya decided against that and did the right thing – he reported it to Facebook. The company kindly gave him $12,500 for his discovery.

Source: The Verge

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest news, reviews, and competitions. Follow us on Facebook, Twitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.

$12,500 for Reporting Facebook Bug That Allowed You To Delete Anyone’s Photos

Support eTeknix.com

Be Social With eTeknix

Features