Chest Workout - LumoWell - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Chest Workout - LumoWell published at the 'play' market has multiple vulnerabilities...

Ladies' Chest Workout FREE - Customized SSL, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Ladies' Chest Workout FREE published at the 'play' market has multiple vulnerabilities...

Chest Workout - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Chest Workout published at the 'play' market has multiple vulnerabilities...

CVE-2014-5796

The Chest Workout aka net.p4p.chest application 2.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Design/Logic Flaw

The Chest Workout aka net.p4p.chest application 2.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5796

The Chest Workout aka net.p4p.chest application 2.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5796

CVE-2014-5796 affects the Android app “The Chest Workout” (net.p4p.chest) version 2.0.8. The vulnerability is that the app does not verify X.509 certificates for SSL/TLS servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Acco...