Payment Design Vulnerabilities in the Top-Up Function Module of EZZY APP Android Version

EZZY APP is a car intelligent sharing platform APP created by Beijing Daimeng Technology Co. There is a payment design vulnerability in the recharge function module of EZZY APP Android version. After logging into the system, an attacker can modify the amount in the payment packet by catching the...

Cloud Drops Travel App Has Logic Design Flaws

YunDiTrip is a professional intelligent travel platform based on local Yunnan. There is a logical design loophole in the APP of YunDropTrip. After logging into the system, an attacker can arbitrarily register users and perform unauthorized operations by grabbing packets and modifying cell phone...

E-Health Android App suffers from an override access vulnerability

E-Health Android APP is a mobile medical application that aims to improve the patient experience, enhance the service level of medical institutions, and strengthen the communication between doctors and patients. E-Health Android APP has an overstepping access vulnerability, the attacker can view...

Cloud Inspection App for Android suffers from an override access vulnerability

Cloud Inspection is a scanning application authorized by the Entry-Exit Inspection and Quarantine Bureau, which allows you to find out the price, origin, date of entry, inspection and quarantine information of the goods. The Android version of the Cloud Inspection APP has an unauthorized access...

Override Access Vulnerability in Charging Pile Android App

Charging Pile APP is a software that provides electric vehicle owners with information service on the location, number, type and status of charging piles. The Charging Pile Android APP suffers from an overstepping access vulnerability that allows attackers to view arbitrary account information by...

Shenzhen Yuanzheng Technology golo android app has information leakage vulnerability

golo APP is a social networking application that uses instant messaging as a communication platform to connect automotive repair technicians with car owners. Shenzhen Yuanzheng Technology golo Android APP has information leakage vulnerability. The attacker can view the user's sensitive informatio...

Microtransit EV Android App has an override access vulnerability

Microbus EV APP is a car time-share rental service software. Microtransit EV Android APP has an override access vulnerability. After logging into the system, an attacker can view any account information, including user's name, cell phone number, ID number, account amount and other sensitive...

Belkin N600 DB Wireless Dual Band N+ Security Bypass Vulnerability

Belkin N600 DB Wireless Dual Band N+ is a wireless dual band router product from Belkin USA. The Belkin N600 DB Wireless Dual Band N+ has a security vulnerability that allows an attacker to intercept packets containing the 'LockStatus:1' and 'LoginSuccess:0' strings on the embedded server side of...

Cisco FireSIGHT Management Center Cross-Site Scripting Vulnerability

A vulnerability in the Cisco FireSIGHT Management Center could allow an authenticated, remote attacker to perform cross-site scripting XSS attacks. The vulnerability is due to insufficient input validation of some parameters passed via HTTP GET or POST methods. An attacker could exploit this...

[SNS Advisory No.60] Windows XP Disclosure of Registered AP Information

-------------------------------------------------------------------------- SNS Advisory No.60 Windows XP Disclosure of Registered AP Information Problem first discovered: 30 Aug 2002 Published: 4 Dec 2002 http://www.lac.co.jp/security/english/snsadve/60e.html...