242 matches found
CVE-2021-32752
Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may...
CVE-2021-32752 Files or Directories Accessible to External Parties in ether/logs
Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may...
CVE-2021-32752
Ether Logs (Craft 3) prior to version 3.0.4 is affected. An authenticated admin can access any file on the server due to a vulnerability in the plugin’s handling of file access. The issue has been fixed in version 3.0.4. As a workaround, disable the plugin if admin access by untrusted sources is ...
Ether Logs 信息泄露漏洞
Ether Logs is a software package. A security vulnerability in versions of Ether Logs prior to 3.0.4 allows an authenticated administrator user to access any file on the server...
.transfer is not safe to use with custom smart contracts
Handle paulius.eth Vulnerability details Impact .transfer is used for transferring ether. It is no longer recommended as recipients with custom fallback functions smart contracts will not be able to handle that. You can read more here: Recommended Mitigation Steps Solution don't forget re-entranc...
Virgo_ZodiacToken Logic Flaw Vulnerability
VirgoZodiacToken is an Ether-based digital currency. A security vulnerability exists in VirgoZodiacToken's smart contract implementation that stems from the program's use of '='. An attacker could use the vulnerability to transfer funds from an arbitrary address to a user's address...
Ether Cartel Security Vulnerability
Ether Cartel is a blockchain-based pharmaceutical simulation game. A security vulnerability exists in the 'DrugDealer' function of the smart contract implementation in Ether Cartel. An attacker could use the vulnerability to take control of the contract's ownership and potentially manipulate...
ROC Security Vulnerabilities
ROC aka Rasputin Online Coin is a virtual currency. There is a security vulnerability in the 'requestdivend' function in ROC's smart contract implementation. An attacker could use this vulnerability to steal the entire contract's Ether...
Other vulnerabilities in Ethernet smart contract FALCON 0x5AEf06eC39e98c05201ee1e54b653c372ECb9Cf3
FALCON is an ERC20 token on ethereum. The smart contract address is 0x5AEf06eC39e98c05201ee1e54b653c372ECb9Cf3, and its function Mining24 on line 102 can modify Owner and has no permission check, leading to an attacker being able to call the withdraw function line 274 to transfer all the ether in...
Other vulnerabilities exist in the ethereum smart contract Tubigo 0x43EFc486d1c7c5Cb0193E409a73Aa33786F5197c
TubigoToken is an ERC20 token on a table. The smart contract address is 0x43EFc486d1c7c5Cb0193E409a73Aa33786F5197c, and its function Mining24 at line 102 can modify the Owner without any permission check. The attacker can call the withdraw function line 274 to transfer all the ether in the contra...
Rocket Coin Digital Error Vulnerability
Rocket Coin XRC is an Ether-based digital currency.An integer overflow vulnerability exists in the 'multiTransfer' function in XRC. An attacker can use this vulnerability to set the balance of any user...
RiptideCoin has a logic flaw vulnerability
RiptideCoin RIPT is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of RIPT's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...
DestiNeed has a flawed logic vulnerability
DestiNeed DSN is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in DSN's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...
Crowdnext has a flawed logic vulnerability
Crowdnext CNX is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of CNX's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...
Welfare Token Fund has a flawed logic vulnerability
Welfare Token Fund WTF is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in the smart contract implementation of WTF. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...
DateMe has a flawed logic vulnerability
DateMe DMX is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of DMX's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...
Logic Flaw Vulnerability in ETHERCASH
ETHERCASH ETC is an ethereum-based digital currency. An integer overflow vulnerability exists in the 'sell' function of ETC's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...
TiTok - Ticket Token Flawed Logic Vulnerability
TiTok - Ticket Token is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in the implementation of TiTok - Ticket Token's smart contract contract name: MyAdvancedToken7. An attacker could exploit this vulnerability to prevent the seller from accessin...
UPbit cryptocurrency exchange hacked; Ether worth $50 million stolen
By Waqas South Korean cryptocurrency exchange UPbit has been hacked where hackers have stolen 342,000 Ether ETH - $51 million. This is a post from HackRead.com Read the original post: UPbit cryptocurrency exchange hacked; Ether worth $50 million stolen...
Slither v0.6.7 - Static Analyzer For Solidity
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code...