Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 10:53 a.m.8 views

CVE-2026-49738 TYPO3 CMS - Broken Access Control in File Abstraction Layer

The path allowance check in GeneralUtility::isAllowedAbsPath performed a plain string prefix comparison without requiring a directory separator boundary, causing a path like /var/www/html-other/secret.yaml to be incorrectly accepted as valid when the project root was /var/www/html. Administrator...

2.1CVSS5.4AI score0.00356EPSS
Exploits0References3
Code423n4
Code423n4
added 2023/07/31 12:0 a.m.5 views

User can bypass their approved redeem allowance

Lines of code Vulnerability details Impact The caller can bypass the allowance check by exploiting the exchange rate calculation and drain funds from the contract up to the full balance owned by msg.sender, not just the amount approved in the allowance. Proof of Concept The issue is that...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.7 views

Call to safeApprove without checking previous allowance in burnFees could result in locked funds

Lines of code Vulnerability details Impact Using this deprecated function can lead to unintended reverts and potentially the locking of funds. A deeper discussion on the deprecation of this function is in OZ issue 2219 OpenZeppelin/openzeppelin-contracts2219. Proof Of Concept Refer to the burnFee...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/07/31 12:0 a.m.6 views

redeemToken can fail for certain tokens

Handle cmichel Vulnerability details The SwappableYieldSource.redeemToken function transfers tokens from the contract back to the sender, however, it uses the ERC20.transferFromaddressthis, msg.sender, redeemableBalance function for this. Some deposit token implementations might fail as...

6.9AI score
Exploits0
Rows per page
Query Builder