HackApp vulnerability scanner discovered that application دیکشنری سخن شنو و سخنگو published at the ‘play’ market has multiple vulnerabilities.
Function 'Runtime.getRuntime().exec()' is used, please check where variables are come from.
Control of WebView context allows to access local files.
WebView 'setJavaScriptEnabled(true)' could be exploited during cross-site scripting attacks.
SD-cards and other external storages have 'worldwide read' policy.
Check VACUUM cleaning.
This app is looking for root tools.
Can't parse these files. Corrupted? Check manually.
All items deleted with 'file.delete()' could be recovered.
Are you sure these files should be here?
Were do they point?
Check certificate validation. Do not create or redefine X509Certificate class methods by yourself, if you don't understand risks. Use the existing API.
CPE | Name | Operator | Version |
---|---|---|---|
دیکشنری سخن شنو و سخنگو | le | 1 |