CVE-2025-7890 | Dunamu StockPlus App up to 7.62.10 on Android com.dunamu.stockplus AndroidManifest.xml improper export of android application components

Inserito da Angelo Barbosa | Lug 19, 2025 | CVE

A vulnerability was found in Dunamu StockPlus App up to 7.62.10 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.dunamu.stockplus. The manipulation leads to improper export of android application components.

This vulnerability is known as CVE-2025-7890. The attack needs to be approached locally. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-7890 | Dunamu StockPlus App up to 7.62.10 on Android com.dunamu.stockplus AndroidManifest.xml improper export of android application components

Post correlati

CVE-2024-3629 | HL Twitter Plugin up to 2014.1.18 on WordPress Setting cross-site request forgery

CVE-2023-7152 | MicroPython 1.21.0/1.22.0-preview extmod/modselect.c poll_set_add_fd use after free

CVE-2025-0751 | Axiomatic Bento4 up to 1.6.0 mp42aac AP4_BitReader::ReadBits heap-based overflow

CVE-2023-6989 | Shield Security Plugin up to 18.5.9 on WordPress file inclusion