The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
1byte copy9 - |
||
1byte fonetracker - |
||
1byte ispyoo - |
||
1byte guestspy - |
||
1byte thespyapp - |
||
1byte secondclone - |
||
1byte the truth spy - |
||
1byte mxspy - |
||
1byte exactspy - |