Arbitrary Download of Images

This is a bug I found in flickr.

For example think I want to download this image.
https://www.flickr.com/photos/yuliatangled/5502737663/sizes/l

www.flickr.com/photos/yuliatangled/5502737663/sizes/l

The owner had disabled the download option to users.

But we can download by copying the image url and adding a “_d” at the end.

farm6.staticflickr.com/5220/5502737663_a621e3ac95_b_d.jpg

We can simply write an automated application such as flickr image downloader to download any image regardless of owner’s denial of download.

I reported it to Yahoo, but they said it’s a duplicate.

One thought on “Arbitrary Download of Images

Leave a Reply