CVE-2026-47696

WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess =...

PT-2026-3339

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'change wallet fund request status callback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers,...

EUVD-2025-203239

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

CVE-2025-12362

CVE-2025-12362 affects the WordPress plugin myCred – Points Management System (

EUVD-2018-5018

Malware in sbrugna...

EUVD-2018-4481

Malware in sbrugna...

MultiRewardEscrow.claimRewards() can break for rebasing tokens

Lines of code Vulnerability details Rebasing tokens make balanceOf modifications arbitrarily e.g: Aave share tokens. If such token is used in an escrow, the balance could become insufficient at the time of claiming rewards, making it impossible to claim rewards for that escrow. Impact Medium Proo...

Logic in SpigotLib will not work with rebasing tokens

Lines of code Vulnerability details Proof of Concept Some tokens may make arbitrary balance modifications outside of transfers e.g. Ampleforth style rebasing tokens, Compound style airdrops of governance tokens, mintable / burnable tokens. The code in the claimEscrow function uses a previously...

Logic flaw vulnerability in LJCMSshop of Beijing Liangjing Zhicheng Technology Co., Ltd (CNVD-2020-33100)

Liangjing Mall online shopping system is a set of multi-functional online store system that can fit different types of goods and is super flexible. A logic flaw vulnerability exists in LJCMSshop of Beijing Liangjing Zhicheng Technology Co., Ltd, which can be exploited by attackers to modify accou...

Substratum Logic Flaw Vulnerability

Substratum SUB is an ethereum-based virtual currency.An integer overflow vulnerability exists in the 'mintToken' function in SUB's smart contract implementation. An attacker can exploit this vulnerability to control mintedAmount and arbitrarily modify the balance of a user's account...

CVE-2018-12511

The CVE-2018-12511 entry concerns Substratum (SUB) ERC-20 smart contracts. The vulnerability is in the mintToken function, where an administrator can control mintedAmount, exploit an integer overflow, and arbitrarily modify a user’s balance. This implies a privileged deniation of minting and pote...

CVE-2018-14002

An integer overflow vulnerability exists in the function distribute of MP3 Coin MP3, an Ethereum token smart contract. An attacker could use it to set any user's balance...

CVE-2018-14001

An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH SKT, an Ethereum token smart contract. An attacker could use it to set any user's balance...

CVE-2018-13607

The mintToken function of a smart contract implementation for ResidualShare, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

Integer overflow

The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

Integer overflow

The mintToken function of a smart contract implementation for CrimsonShilling, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

Integer overflow

The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

Integer overflow

The mintToken function of a smart contract implementation for TESTAhihi, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

CVE-2018-13689

The mintToken function of a smart contract implementation for CJXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

CVE-2018-13568

The mintToken function of a smart contract implementation for MktCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...