There is a logic design flaw in the Kaiyen Gold app

Kaiyan Gold Service app is a financial management software. There is a logical design vulnerability in the Kaiyan Gold Service app. The vulnerability is due to the registration of not doing any verification restrictions, the attacker through the packet bursting and intercept the return of the...

Here’s How Hackers Can Hijack Your Online Bitcoin Wallets

Researchers have been warning for years about critical issues with the Signaling System 7 SS7 that could allow hackers to listen in private phone calls and read text messages on a potentially vast scale, despite the most advanced encryption used by cellular networks. Despite fixes being available...

Arbitrary Account Password Reset Vulnerability in Hongyi Environmental Protection Android APP

Hongyi Environmental Android APP is an air purifier management tool. There is an arbitrary account password reset vulnerability in Hongyi Environmental Protection Android APP. After logging into the system, an attacker can reset any password by grabbing packets and modifying them through the forg...

Hongyi Environmental Protection Android App Has Logic Design Flaws

Hongyi Environmental Android APP is an air purifier management tool. There is a logical design vulnerability in the Android APP of Hongyi Environmental Protection. Because the program fails to verify the verification code when performing registration, an attacker can bypass the verification code ...

Password Bypass Vulnerability in Haiwell Cloud SCADA Android App

Haiwell Cloud SCADA is an industrial automation monitoring and management platform software based on .NET Framework developed by Xiamen Haiwell Technology Co. A password bypass vulnerability exists in the Haiwell Cloud SCADA Android APP. An attacker can bind any other cell phone by intercepting t...

Sharing Premium App Has Logic Design Flaws

Shared Premium APP is a mobile software that focuses on saving money on online shopping. Sharing Premium APP has a logical design loophole, the attacker can arbitrarily register users and arbitrarily reset passwords by grabbing packets and bursting verification codes...

The Little Companion App has a logic design flaw

Little Companion APP is a mobile internet information platform specialized in picking up and dropping off children. There is a logical design vulnerability in Little Companion APP, after the attacker registers, the attacker can arbitrarily register users and arbitrarily reset passwords through th...

Aier Eye Group's Eye Neighborhood Doctor's Edition App for Android Has Logic Design Flaws

Eye Neighborhood Doctor Edition App is an application designed and developed for ophthalmologists and ophthalmology practitioners. The Android version of Eye Neighborhood Doctor Edition APP of Aier Ophthalmology Group has a logical design vulnerability, which allows an attacker to reset any accou...

Rent 8 Rings APP suffers from Arbitrary Explosion and Arbitrary Login Vulnerability

Rent 8 Rings APP is a cell phone software for online electric car sharing and renting by Jiangsu Rent 8 Rings Intelligent Technology Cable Company. Rent 8 Rings APP exists arbitrary blasting arbitrary login vulnerability. Attackers can log in to the task account by grabbing packets and blasting t...

Logic design flaws in the Android version of Eye Neighborhood App of Aier Eye Group

Eye Neighborhood APP is an all-round eye health management application, which monitors your eye health anytime and anywhere, consults with professional ophthalmologists online, and connects with offline eye health medical products to provide users with professional checkups and treatment services...

Apache Tomcat CloudBees Jenkins Security Bypass Vulnerability

Apache Tomcat is the United States Apache Apache Software Foundation under the Jakarta project of a lightweight Web application server , it is mainly used for the development and debugging of JSP programs for small and medium-sized systems. CloudBees Jenkins is one of the set of U.S. CloudBees,...

EZZY APP Android version of the deposit function module has a payment design loophole

EZZY APP is a car intelligent sharing platform APP created by Beijing Daimeng Technology Co. The Android version of EZZY APP has a vulnerability in the amount payment design. After logging into the system, an attacker can arbitrarily modify the size of the payment amount by clicking on the paymen...

Payment Design Vulnerabilities in the Top-Up Function Module of EZZY APP Android Version

EZZY APP is a car intelligent sharing platform APP created by Beijing Daimeng Technology Co. There is a payment design vulnerability in the recharge function module of EZZY APP Android version. After logging into the system, an attacker can modify the amount in the payment packet by catching the...

Code injection

Soreco Xpert.Line 3.0 allows local users to spoof users and consequently gain privileges by intercepting a Windows API call...

CVE-2015-3442

Soreco Xpert.Line 3.0 allows local users to spoof users and consequently gain privileges by intercepting a Windows API call...

Cloud Drops Travel App Has Logic Design Flaws

YunDiTrip is a professional intelligent travel platform based on local Yunnan. There is a logical design loophole in the APP of YunDropTrip. After logging into the system, an attacker can arbitrarily register users and perform unauthorized operations by grabbing packets and modifying cell phone...

E-Health Android App suffers from an override access vulnerability

E-Health Android APP is a mobile medical application that aims to improve the patient experience, enhance the service level of medical institutions, and strengthen the communication between doctors and patients. E-Health Android APP has an overstepping access vulnerability, the attacker can view...

Cloud Inspection App for Android suffers from an override access vulnerability

Cloud Inspection is a scanning application authorized by the Entry-Exit Inspection and Quarantine Bureau, which allows you to find out the price, origin, date of entry, inspection and quarantine information of the goods. The Android version of the Cloud Inspection APP has an unauthorized access...

Microtransit EV Android App has an override access vulnerability

Microbus EV APP is a car time-share rental service software. Microtransit EV Android APP has an override access vulnerability. After logging into the system, an attacker can view any account information, including user's name, cell phone number, ID number, account amount and other sensitive...

Override Access Vulnerability in Charging Pile Android App

Charging Pile APP is a software that provides electric vehicle owners with information service on the location, number, type and status of charging piles. The Charging Pile Android APP suffers from an overstepping access vulnerability that allows attackers to view arbitrary account information by...