2 matches found
Unauthorized Ownership Transfer and Asset Withdrawal Vulnerability in quitSystem Function
Lines of code Vulnerability details Impact The quitSystem function in the contract is vulnerable to unauthorized asset control. This vulnerability arises when an allowed user, rather than the owner, exploits their permissions to perform unauthorized actions. Specifically, the allowed user can...
Misunderstanding operator with from
Lines of code Vulnerability details Author: rotcivegaf Impact The owner of the ERC721 token could approve an operator to manage his tokens With the misunderstanding of operator with from in the onERC721Received function the benefits of this function goes to the operator instead of the fromowner:...