683 matches found
FeehiCMS 代码问题漏洞
FeehiCMS is a Php-based CMS builder. feehiCMS v2.0.8 and previous versions have a security vulnerability that can be exploited by attackers to execute arbitrary code via a crafted PHP file...
CVE-2020-19767
A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19769
A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19768
A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19768
A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19767
A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19769
A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...
Design/Logic Flaw
A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...
Code injection
A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19767
A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19769
A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...
CVE-2020-19769
CVE-2020-19769 : A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. Affected software: Rob The Bank 1.0 (BurnMe() function). Root cause: missing target address verification. Impact: token thef...
ICOVO 数据伪造问题漏洞
ICOVO is a cross-platform solution that allows the use of tokens such as NFT on the OVO chain on Ether.ICOVO suffers from an input validation error vulnerability that stems from a lack of target address validation in the selfdestructs function, which can be exploited by attackers to steal tokens...
0xRACER 输入验证错误漏洞
0xRACER is a new team-based pool lottery game. 0xRACER is vulnerable to an input validation error stemming from a lack of target address validation in the destroycontract function of 0xRACER version 1.0, which could be exploited by an attacker to steal a token from a victim user via a carefully...
CVE-2020-18194
Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...
Cross site scripting
Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...
CVE-2020-18194
Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...
Emlog 跨站脚本漏洞
emlog is a PHP and MySQL based blog and CMS builder. A cross-site scripting vulnerability exists in emlog version 6.0.0. The vulnerability can be exploited to execute arbitrary code by adding a specially crafted script as a link to a new blog post...
CVE-2021-20717
Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...
Cross site scripting
Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...