Bulb Security Smartphone Pentest Framework (SPF) prior to 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote malicious users to obtain the plaintext database password via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bulbsecurity smartphone pentest framework |