Hardcoded credentials

Juiker app hard-coded its AES key in the source code. A physical attacker, after getting the Android root privilege, can use the AES key to decrypt users’ ciphertext and tamper with it...

Logic flaws exist in the YiYu enterprise building system vulnerability

Eyou content management system EyouCms belongs to Hainan Zanzan Network Technology Co., Ltd. is the newest PHP open source website management system. EyouCms has a logic flaw vulnerability that can be exploited by attackers to tamper with other users' information...