We experimentally demonstrate the security vulnerability in the temporal phase coding single-user differential phase-shift keying (DPSK) and code-shift keying (CSK) OCDMA systems with a DPSK demodulator. In the experiment, we build up the 2.5Gbit/s DPSK- and CSK-OCDMA systems. In the systems, we use two 31-chip 640 Gchip/s superstructured fiber Bragg grating encoders for the signal encoding. In the receiving side, we remove the decoders and utilize the DPSK demodulator to detect the encoded signals directly. We successfully achieve the error-free BER performance and obtaine the clear open eye diagrams using the detection without the proper decoding. It indicates the existence of the eavesdropping vulnerability in the both systems. Furthermore, we also discuss the principle of DPSK demodulation attack.