2 matches found
SpeedBumpPriceGate does not refund excess ETH payment
Lines of code Vulnerability details The FixedPricePassThruGate accepts ETH amounts greater than or equal to the calculated price, and forwards the full amount to the gate's configured beneficiary address. However, there is no mechanism to refund these excess payments, and no guarantee that the...
Missing zero-address check for the beneficiary address
Handle 0xRajeev Vulnerability details Impact The beneficiary address specified in constructor receives all the proceeds from NFT sales which could be of significant value. However, there is no zero-address validation of this beneficiary address parameter during initialization in the constructor...