Lucene search
+L

4 matches found

Openbugbounty
Openbugbounty
added 2025/03/07 4:47 a.m.6 views

stanfordauctioneers.com Cross Site Scripting vulnerability OBB-4033621

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/03 11:34 a.m.3 views

auctioneers.com.au Cross Site Scripting vulnerability OBB-3864203

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Code423n4
Code423n4
added 2022/07/17 12:0 a.m.13 views

Vault owners can grief auctioneers by cancelling auctions

Lines of code Vulnerability details Since auctioneers are only paid keeper incentives on successful bids, a malicious vault owner can grief auctioneers by creating a risky vault, luring an auctioneer to start an auction, and then immediately canceling it. This is a somewhat elaborate and risky...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/07/17 12:0 a.m.12 views

Auctions can be started for same undercollateralized vault using different Witch contracts, which causes vault collateral loss

Lines of code Vulnerability details Impact Given that there are two deployed Witch contracts, two auctioneers are calling Witch 1 and Witch 2's auction functions for the same vault at similar times. Both transactions are included in the same block for which the governances of these Witch contract...

6.9AI score
Exploits0
Rows per page
Query Builder