Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/05/22 12:0 a.m.9 views

Delegate doesn't verify payed ETH value matches amount in parameter

Lines of code Vulnerability details Delegate doesn't verify payed ETH value matches amount in parameter The JBXBuybackDelegate delegate fails to check that the sent ETH amount matches the value passed in the amount parameter. Impact The payable didPay function present in the delegate is called by...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/05 12:0 a.m.10 views

Missing msg.value when executing the cross-chain request

Lines of code Vulnerability details Impact the cross-chain request will not support smart contract that requires ETH payment in destination chain on execution side. Proof of Concept When a user relayers call and performs a cross-chain request, the executor needs to execute the request in the...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2022/11/13 12:0 a.m.10 views

calling execute() may lead to stealing funds if some ETH is stuck on the contract

Lines of code Vulnerability details Impact if some Ether is sent erroneously or not to the contract, anyone that calls correctly LooksRareAggregator.execute will be able to steal those coins. to execute the function using ethers as payment, these conditions must be true: there is at least a trade...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.11 views

SpeedBumpPriceGate does not refund excess ETH payment

Lines of code Vulnerability details The FixedPricePassThruGate accepts ETH amounts greater than or equal to the calculated price, and forwards the full amount to the gate's configured beneficiary address. However, there is no mechanism to refund these excess payments, and no guarantee that the...

6.7AI score
Exploits0
Rows per page
Query Builder