Lucene search
Hackapp.orgHACKAPP:COM.ENCYCLOPEDIA_OF_SALAT_WODOA.APP.APKHistoryApr 01, 2016 - 9:05 a.m.
موسوعة الوضوء و الصلاة - ContentProvider mode not defined, Dynamic Code Loading, External URLs vulnerabilities
2016-04-0109:05:49
Hackapp.org
hackapp.com
9
HackApp vulnerability scanner discovered that application موسوعة الوضوء و الصلاة published at the ‘play’ market has multiple vulnerabilities.
Name
موسوعة الوضوء و الصلاةVendor
fa3elkhirLink
COM.ENCYCLOPEDIA_OF_SALAT_WODOA.APP.APKStore
playVersion
3.2- MEDIUM
- WebView JavaScript enabled
WebView 'setJavaScriptEnabled(true)' could be exploited during cross-site scripting attacks.
- ContentProvider mode not defined
It should be defined either exported:'true' or exported:'false' according your needs.
- WebView files access
Control of WebView context allows to access local files.
- SQLite database found
Check VACUUM cleaning.
- Dynamic Code Loading
Code for 'DexClassLoader' could be tampered.
- NOTICE
- Unsafe deleting
All items deleted with 'file.delete()' could be recovered.
- External URLs
Were do they point?