Datashahr Social network android application login bypass

2018.04.25
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-592

Tested on= Android Version= 2.4.0 and 2.9.1 (Last version) Description: The site of DataShahr with over 100,000 registered locations and smart search is the best way to find local services. The spatial data recorded in the data warehouse is not specific to Tehran and includes all of Iran. An unauthorized person can manipulate and get the verification code that send to any mobile number. Website: https://datashahr.com/

References:

https://vimeo.com/266303592


Vote for this issue:
75%
25%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top