| Page Owners Can’t remove or change page roles of deactivated users (or if Attacker blocks the page owner) in Facebook Lite, Facebook for Android and touch.facebook.com |
|
|
|
| De-anonymize the members of a private Facebook Group as a non-member. |
|
|
|
| Facebook Group Members Disclosure. |
|
|
|
| Hiding from custom story privacy list is possible in FBlite making the victim unable to remove you from the list. |
|
|
|
| Disclosing the members of private Facebook Group as a non-member. |
|
|
|
| Hiding from a custom list is possible on who sees our post is possible making victim not remove them from the list. |
|
|
|
| How often do we overlook vulnerabilities? |
|
|
|
| Hiding ourself in close friend’s list and avoiding victim to remove us from his close friend’s list. |
|
|
|
| How I found a Privilege Escalation Bug in a private Ecommerce? |
|
|
|
| Reply To Instagram Stories where privacy of who can reply is set to ‘Nobody’. (Part 2) |
|
|
|
| Bypassing the patch for my previous Instagram bug. |
|
|
|
| Sending Message as page being an analyst/ advertiser? |
|
|
|
| XX to XXX in one day |
|
|
|
| Bypassing Instagram’s stories restriction |
|
|
|
| Reply To Instagram Stories where privacy of who can reply is set to ‘Nobody’. |
|
|
|
writeups.xyz
/
Baibhav Anand (@SpongeBhav)