4 matches found
Jumpserver Information Disclosure Vulnerability
Jumpserver is an open source bastion machine from Hangzhou Feizhiyun Information Technology Co. in China. JumpServer suffers from an information disclosure vulnerability caused by exposing random number seeds to the API, which could allow replay of randomly generated CAPTCHAs, leading to password...
Youxin Used Car App Has Logic Design Flaws
Youxin Used Car APP is a cell phone used car information buying service software. There is a logical design vulnerability in Ushin Used Car APP. Attackers can bombard the client with SMS messages by replaying packets that send CAPTCHA without restriction...
Happy Kangaroo App has SMS Bombing Vulnerability
Happy Kangaroo App is a financial app. There is an SMS bombing vulnerability in Happy Kangaroo APP. An attacker can exploit this vulnerability to replay packets sending CAPTCHA without restriction and bombard the client with SMS messages...
Microticket Mobile App Has Logic Design Flaws
Microticket Mobile App is an e-ticketing App developed by the R&D team of Beijing Microticket E-commerce Co. There is a logic design vulnerability in Microticket Mobile App. Attackers can utilize this vulnerability to replay the packets of sending CAPTCHA without restriction and bombard the clien...