2 matches found
EUVD-2022-29099
Malicious code in bioql PyPI...
CVE-2022-24188
The CVE-2022-24188 entry concerns Ourphoto App 1.4.1, where the /device/signin endpoint returns clear-text credentials (deviceVideoCallPassword and mqttPassword). The issue is compounded by lack of session management and insecure direct object references, enabling disclosure of passwords for othe...