2 matches found
CVE-2023-46919
CVE-2023-46919 affects Phlox com.phlox.simpleserver (Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (Simple HTTP Server PLUS) 1.8.1-plus. The root cause is a hardcoded AES encryption key, aKySWb2jjrr4dzkYXczKRt7K , that can be extracted from the application or its binary, enabling an att...
CVE-2023-46918
CVE-2023-46918 affects com.phlox.simpleserver.plus (Simple HTTP Server PLUS) 1.8.1-plus. The root cause is an Android manifest entry where android:allowBackup is set to true, which could expose plaintext data if an attacker has physical access to the device. No exploitation details are provided i...