PinnedAhmad TalahmehLeaking internal CMS_OIDs gives access to internal Facebook support pages.The Facebook help or support centre consists from 2 levelsFeb 15, 2023Feb 15, 2023
Ahmad TalahmehDisclose author of anonymous post on GAAP GraphQL objectThe Facebook GraphQL object GroupAnonAuthorProfile has a field which lead to infer identity of author of anonymous post.Jan 31, 2022Jan 31, 2022
Ahmad TalahmehShow Facebook stack trace error messagesSome raw stack trace error messages could be showed to the user when doing specific requests. include debugging info and some filenames…Aug 26, 2021Aug 26, 2021
Ahmad Talahmeh(POC) Update business fyi message as Facebook page analystDescription / ImpactApr 17, 2021Apr 17, 2021
Ahmad TalahmehinInfoSec Write-ups(POC) Remove any Facebook’s live video ($14,000 bounty)Description / ImpactApr 17, 2021Apr 17, 2021
Ahmad Talahmeh(POC) Disclose members in any closed Facebook groupDescription / ImpactOct 22, 20191Oct 22, 20191