The Neumann Student Activities (aka com.appmakr.app153856) application 216607 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| neumann | neumann_student_activities | 216607 |
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| neumann | musasi | 3 |
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be directed to a malicious website.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| neumann | n-line | * |