3 matches found
Baby Mart - Free Shopping Game - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Baby Mart - Free Shopping Game published at the 'play' market has multiple vulnerabilities...
Command injection
The Covet Fashion - Shopping Game aka com.crowdstar.covetfashion application 2.14.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6830
The CVE-2014-6830 entry concerns the Covet Fashion - Shopping Game (Android, com.crowdstar.covetfashion) version 2.14.40, which does not verify X.509 certificates from SSL servers. This weakness enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ce...