Researcher Laxman Muthiya discovered that Facebook had extraordinarily simple bug that essentially gave anyone the ability to delete any photo on Facebook. Literally, any photo – this could have given someone the ability to delete every single photo on Facebook.
The bug used Facebook’s Graph API, which basically allows anyone to delete an entire photo album with one command. That of course only applies to the photos that belong to you and are in your account – not photos from other accounts. However, using the mobile version of that API, the following command was all it took to instantly wipe pretty much anyone’s Facebook photos.
Request :-
DELETE /518171421550249 HTTP/1.1
Host : graph.facebook.com
Content-Length: 245
access_token= facebook_for_android_access_token
Now there’s quite a few people who would have taken this as quite an opportunity to cause some mayhem. It could have developed into a massive problem for Facebook all over the world, except Muthiya decided against that and did the right thing – he reported it to Facebook. The company kindly gave him $12,500 for his discovery.
Source: The Verge
In July last year, Netflix officially confirmed that it had ended the option for new…
The free-to-play MMO Albion Online is one of the best games to come out of…
Set the curve with the CORSAIR XENEON FLEX 45WQHD240 OLED Bendable UltraWide Gaming Display, built…
Say hello to the future of graphics, with the MSI GeForce RTX 4090 GAMING X…
This Scan Gamer RTX features the 8GB NVIDIA GeForce RTX 3050 graphics card featuring new…
The MAG series fights alongside gamers in pursuit of honor. With added military-inspired elements in…