Arul Kumar, an Indian security researcher found a vulnerability to Facebook which he could delete any image within a minute. The vulnerability was in Facebook’s support dashboard and they rewarded him with $12.500 for helping the security team to patch it. Basically the security hole was in the photo removal request where the attacker could change the profile id and the image id and so be able to delete any image on Facebook. Imagine if someone that hates you finds this and exploits it or pay someone else and delete all your images. There are people that have uploaded hundreds of photos and they can’t even imagine such a thing happening to them.
Facebook vulnerability allows to delete any picture