Search Google

Friday, 10 July 2020

Facebook ads campaign vulnerability

Facebook is well known social site but they are directly printing table name and query which might be big security breach and vulnerability which might cause lots of loss to Facebook 

Recently I was creating my ad campaign and found bugs on Facebook 

QueryLockTimeoutException: Lock wait timeout exceeded; try restarting transaction: Timeout on record in index: db64744/campaign_groups.PRIMARY; 'SELECT id, account_id, name, objective, promoted_object_id, run_status, time_created, time_updated, topline_id, buying_type, legacy_buying_type, source_campaign_group_id, kpi_type, kpi_custom_conversion_id, is_autobid, is_average_price_pacing, bid_strategy, regulated_category, issues_info, smart_promotion_type, run_status_user_set, post_processing_version, value_spec_event_funnel_id, collaborative_ads_partner_info, regulated_category_set_by_user, regulated_categories, last_meaningful_touched_by_app_id, selected_authorized_country, advertiser_intent FROM `campaign_groups` WHERE id IN (23845393178580744) FOR UPDATE' TAAL[BLAME_dirs,www/flib/core/db/:BLAME_files,www/flib/core/smc/db.php


You can see table name is campaign_groups and fields are  

id, account_id, name, objective, promoted_object_id, run_status, time_created, time_updated, topline_id, buying_type, legacy_buying_type, source_campaign_group_id, kpi_type, kpi_custom_conversion_id, is_autobid, is_average_price_pacing, bid_strategy, regulated_category, issues_info, smart_promotion_type, run_status_user_set, post_processing_version, value_spec_event_funnel_id, collaborative_ads_partner_info, regulated_category_set_by_user, regulated_categories, last_meaningful_touched_by_app_id, selected_authorized_country, advertiser_intent


And query which failed due to time out issue is  

SELECT id, account_id, name, objective, promoted_object_id, run_status, time_created, time_updated, topline_id, buying_type, legacy_buying_type, source_campaign_group_id, kpi_type, kpi_custom_conversion_id, is_autobid, is_average_price_pacing, bid_strategy, regulated_category, issues_info, smart_promotion_type, run_status_user_set, post_processing_version, value_spec_event_funnel_id, collaborative_ads_partner_info, regulated_category_set_by_user, regulated_categories, last_meaningful_touched_by_app_id, selected_authorized_country, advertiser_intent FROM `campaign_groups` WHERE id IN (2384539317858067)








Posted by at No comments:
Subscribe to: Posts (Atom)