CVE Details
Basic Information
| Title | Dunamu StockPlus App com.dunamu.stockplus AndroidManifest.xml improper export of android application components |
|---|---|
| Type | cve |
| Published | 2025-07-20T12:44:05.893Z |
| Modified | 2025-07-20T12:44:05.893Z |
Product Information
| Vendor | Dunamu |
|---|---|
| Product | StockPlus App |
| Version | 7.62.0 |
CVSS Information
| Base Score | 4.8 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
Affected Products
- Dunamu StockPlus App 7.62.0
- Dunamu StockPlus App 7.62.1
- Dunamu StockPlus App 7.62.2
- Dunamu StockPlus App 7.62.3
- Dunamu StockPlus App 7.62.4
- Dunamu StockPlus App 7.62.5
- Dunamu StockPlus App 7.62.6
- Dunamu StockPlus App 7.62.7
- Dunamu StockPlus App 7.62.8
- Dunamu StockPlus App 7.62.9
- Dunamu StockPlus App 7.62.10
Additional Information
| CWE List | CWE-926 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in Dunamu StockPlus App up to 7.62.10 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.dunamu.stockplus. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.