There are multiple vulnerabilities in File Lite and File Pro, two file management applications created by Perception Systems for iOS, currently available on Apple’s App Store.
The bugs are on the latest builds of File Lite and File Pro – released on May 17 and May 14 respectively, said researchers at Vulnerability Laboratory.
Both apps afford attackers the ability to upload files to another user’s account without their permission, while two others allow code injection in the user’s browser while they view a file listing, according to AOL’s Apple blog TUAW.
Both of the vulnerabilities rely on the user browsing files on the device via its WiFi setting, so anyone who uses the apps may want avoid doing that until the company issues another fix.
Perception Systems was not immediately available for comment, but the version update history for the applications in question end up patched every several months.