2 matches found
MakeMyTrip 7.2.4 - Information Disclosure
Exploit Title: Android Application MakeMyTrip 7.2.4 - Unencrypted Database Files Date: 2018-05-21 Software Link: MakeMyTrip v7.2.4 Android Application Exploit Author: Divya Jain Version: 7.2.4 Android App CVE: CVE-2018-11242 Category: Mobileapps Tested on: Android v5.1 1. Description Android...
CVE-2018-11242
CVE-2018-11242 affects the MakeMyTrip Android app (v7.2.4). Local SQLite databases (data/com.makemytrip/databases and data/com.makemytrip/cache) are stored in cleartext and not encrypted, enabling potential sensitive data disclosure. Public PoCs describe access after rooting and unauthorized retr...