1Getting any Facebook user's friend list and partial payment card details (opens in new tab)(josipfranjkovic.com)416franjkovic8y ago91Save
2Taking over Facebook accounts using Free Basics partner portal (opens in new tab)(josipfranjkovic.com)1franjkovic8y ago0Save
3Hacking Facebook accounts using CSRF in Oculus-Facebook integration (opens in new tab)(josipfranjkovic.com)5franjkovic8y ago0Save
4Stealing Facebook access_tokens using CSRF in device login flow (opens in new tab)(josipfranjkovic.com)127franjkovic9y ago82Save
5The easiest bug bounties I have won (opens in new tab)(josipfranjkovic.blogspot.com)145franjkovic10y ago27Save
6Race conditions on Facebook, DigitalOcean and others (fixed) (opens in new tab)(josipfranjkovic.blogspot.com)294franjkovic11y ago88Save
7Reading local files from Facebook's server (fixed) (opens in new tab)(josipfranjkovic.blogspot.com)44franjkovic11y ago19Save
8Step-by-step: exploiting SQL injection(s) in Oculus' website (opens in new tab)(josipfranjkovic.blogspot.com)1franjkovic11y ago0Save
9Facebook bug bounty: secondary damage bugs and fairness (opens in new tab)(josipfranjkovic.blogspot.com)60franjkovic12y ago10Save
10Facebook CSRF leading to full account takeover (fixed) (opens in new tab)(pyx.io)222franjkovic12y ago51Save
