CVE-2025-61739

Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets...

EUVD-2025-204703

Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets...

CVE-2021-38179

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials...

SAP Business One 安全漏洞

SAP Business One is a suite of enterprise management software from SAP, a German company. The software includes financial management, operations management, and human resources management functions.SAP Business One in version 10.0 contains an information disclosure vulnerability that stems from t...

Re2Pcap - Create PCAP file from raw HTTP request or response in seconds

Re2Pcap is abbreviation for Request2Pcap and Response2Pcap. Community users can quickly create PCAP file using Re2Pcap and test them against Snort rules. Re2Pcap allow you to quickly create PCAP file for raw HTTP request shown below POST /admin/tools/iplogging.cgi HTTP/1.1 Host: 192.168.13.31:80...

Lovefilm APP suffers from arbitrary user login vulnerability

Love Shadow APP is a video editing software for cell phones. There is an arbitrary user login vulnerability in Love Shadow APP. An attacker can log into any user account by capturing packets and obtaining authentication codes...

Comments Off on Arbitrary User Registration and Arbitrary Password Reset Vulnerability in Fruit Tree App

Evaluate Fruit Tree App is a learning and education app. There are arbitrary user registration and arbitrary password reset vulnerabilities in Fruit Tree App, which allow attackers to register any user and reset any user's password by grabbing packets and modifying cell phone numbers...