PT-2026-22833

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.9.9 Description OpenSTAManager is a management software for technical assistance and invoicing. The application does not properly sanitize user-supplied input from the righe GET parameter before reflecting it...

Incorrect Handling of Return Value in onlyWhenNotPaused Modifier

Lines of code Vulnerability details Description: contract named "L1ChugSplashProxy" which is a proxy contract with additional functionality for code and storage modification. However, there is a bug in the code that needs to be addressed. Bug: The bug is in the modifier onlyWhenNotPaused function...

Project.raiseDispute() might work with the already completed task.

Lines of code Vulnerability details Impact Project.raiseDispute might work with the already completed task. Already completed tasks can't be changed in any cases and it might bring some unexpected outcome when the dispute is approved by fault. Proof of Concept It's impossible to change anything...

Upgraded Q -> M from 264 [1659038303960]

Judge has assessed an item in Issue 264 as Medium risk. The relevant finding follows: L-05 Unbounded loop on array can lead to DoS As these arrays can grow quite large only push operations, no pop, the transaction's gas cost could exceed the block gas limit and make it impossible to call the...