CVE-2020-19768

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19768

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

Code injection

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

Design/Logic Flaw

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

CVE-2020-19769

CVE-2020-19769 : A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. Affected software: Rob The Bank 1.0 (BurnMe() function). Root cause: missing target address verification. Impact: token thef...

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

0xRACER 输入验证错误漏洞

0xRACER is a new team-based pool lottery game. 0xRACER is vulnerable to an input validation error stemming from a lack of target address validation in the destroycontract function of 0xRACER version 1.0, which could be exploited by an attacker to steal a token from a victim user via a carefully...

ICOVO 数据伪造问题漏洞

ICOVO is a cross-platform solution that allows the use of tokens such as NFT on the OVO chain on Ether.ICOVO suffers from an input validation error vulnerability that stems from a lack of target address validation in the selfdestructs function, which can be exploited by attackers to steal tokens...

CVE-2020-18194

Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...

Cross site scripting

Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...

CVE-2020-18194

Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...

Emlog 跨站脚本漏洞

emlog is a PHP and MySQL based blog and CMS builder. A cross-site scripting vulnerability exists in emlog version 6.0.0. The vulnerability can be exploited to execute arbitrary code by adding a specially crafted script as a link to a new blog post...

CVE-2021-20717

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

Cross site scripting

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

postgresql: Uncontrolled search path element in CREATE EXTENSION

A flaw was found in PostgreSQL, where some PostgreSQL extensions did not use the searchpath safely in their installation script. This flaw allows an attacker with sufficient privileges to trick an administrator into executing a specially crafted script during the extension's installation or updat...