4 matches found
ERC721 tokens are blocked in rdpxV2Core contract
Lines of code Vulnerability details The admin has the right to recover an ERC721 token in the UniV3LiquidityAMO contract. He needs to call recoverERC721 and provide the tokenAddress and tokenid values, where the token with tokenid will be transferred to the rdpxV2Core contract...
winnerClaimNFT() does not check if recipient can receive ERC721
Lines of code Vulnerability details Impact In src\VRFNFTRandomDraw.sol winnerClaimNFT, you should use safeTransferFrom to protect against the case that the recipient cannot receive the ERC721 tokens, and thus will lose the tokens. This is more-so the case when we expect that normal users will be...
Compromised admin can instantly take all NFTs held in NToken contracts
Lines of code Vulnerability details Description executeAirdrop is a function admin may call in order to collect airdrops for NFTs held in ParaSpace's nToken contract. function executeAirdrop address airdropContract, bytes calldata airdropParams external override onlyPoolAdmin require...
Upgraded Q -> M from 437 [1666362126304]
Judge has assessed an item in Issue 437 as Medium risk. The relevant finding follows: Use safetransferfrom instead of transferfrom for ERC721. According to OpenZeppelin's documentation, transferFrom is discouraged and use safeTransferFrom instead. --- The text was updated successfully, but these...