जमा करें #770513: INDEX Conferences & Exhibitions Organization L.L.C YWF | BPOF | APGCS 1.0.2 Authorization Credential Exposureजानकारी

शीर्षक	INDEX Conferences & Exhibitions Organization L.L.C YWF \| BPOF \| APGCS 1.0.2 Authorization Credential Exposure
विवरण	In the Android application ae.index.apgcs version 1.0.2, hardcoded credentials (ACCESS_KEY and HASH_KEY) were discovered in the source file com/index/event/BuildConfig.java. An attacker can extract these keys through reverse engineering and directly call the authenticate_app API to obtain sensitive backend information, including but not limited to FCM server keys, SMTP passwords, Infobip API keys, Elastic email keys, Google reCAPTCHA secrets, and other internal configuration details.
स्रोत	⚠️ https://www.notion.so/Authorization-Credentials-in-ae-index-apgcs-Lead-to-Exposure-of-Backend-Secrets-3172de3f97fb8040bc30c5519a742251?source=copy_link
उपयोगकर्ता	fxizenta (UID 28116)
सबमिशन	03/03/2026 08:39 AM (3 महीनों पहले)
संयम	15/03/2026 05:25 PM (12 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	351143 [INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App तक 1.0.2 पर Android ae.index.apgcs BuildConfig.java ACCESS_KEY/HASH_KEY कमजोर प्रमाणीकरण]
अंक	17

Interested in the pricing of exploits?

See the underground prices here!