honestcorrupt

2 exploits Active since May 2025

CVE-2025-5154 NOMISEC LOW WRITEUP

PhonePe App 25.03.21.0 - Info Disclosure

A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on Android. Affected is an unknown function of the file /data/data/com.phonepe.app/databases/ of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

1 stars

CVSS 2.3

View Code

CVE-2026-5682 NOMISEC LOW WRITEUP

Meesho Online Shopping App com.meesho.supply endpoint risky encryption

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

CVSS 3.7

View Code