Josip Franjković - archived security blog
Sunday, 24 July 2016
This is an archived blog. The new one is at josipfranjkovic.com
›
This is an archived blog. The new one is at josipfranjkovic.com
Monday, 13 July 2015
The easiest bug bounties I have ever won
›
The bugs I will write about are the simplest ones I have ever found on Facebook. The point of this blog is to show that some bugs can be fo...
Monday, 27 April 2015
Race conditions on Facebook, DigitalOcean and others (fixed)
›
Hello, Lately I have been looking into race condition bugs affecting websites/web-applications. Here is a good resource to learn about th...
10 comments:
Saturday, 6 December 2014
Reading local files from Facebook's server (fixed)
›
Hello, Recently I found a vulnerability in Facebook which allowed me to read local files from Facebook's servers. The vulnerable part...
3 comments:
Friday, 5 September 2014
Step-by-step: exploiting SQL injection(s) in Oculus' website.
›
Hello, Some time ago Jon of Bitquark tweeted that he found a SQL injection and RCE in one of Facebook's acquisitions. You can find ...
Thursday, 21 November 2013
Facebook bug bounty: secondary damage (one report that leads to more bugs), fairness, and why I really like reporting to Facebook
›
Hello, Usually, the process for bug bounty is as follows: Person finds a bug, reports it to company Company fixes the bug $$ sent t...
3 comments:
Tuesday, 30 July 2013
SQL injections in Nokia sites.
›
Hello, I have found out about Nokia security reward program somewhere mid-April. Reports of people getting one or more mobile phones mad...
›
Home
View web version
