8 matches found
CVE-2023-0911
The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not validate the user meta to be retrieved via the user shortcode, allowing any authenticated users such as subscriber to retrieve arbitrary user meta except the userpass, such as the user email and activati...
CVE-2018-13129
SP8DE Token SPX is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
CVE-2018-13127
SP8DE PreSale Token DSPX is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
CVE-2018-13128
Etherty Token ETY is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
Integer overflow
GVToken Genesis Vision GVT is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
Integer overflow
Bitotal TFUND is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
CVE-2018-13131
SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
Information Disclosure
github.com/gogits/gogs is vulnerable to arbitrary webhook retrieval. GetWebhookByID allows a user to access webhooks from other users' private repositories because it does not check the corresponding repoid when retreiving webhooks...