3 matches found
Avoid payable.transfer
Originally submitted by warden horsefacts in 199, duplicate of 52. Avoid payable.transfer EthPool and EthVault both use payableaddress.transfer to transfer ETH. It's considered a best practice to avoid this pattern for ETH transfers, since it forwards a fixed amount of gas and may revert if futur...
EthPool use payable.transfer with an arbitrary receiver
Lines of code Vulnerability details Impact EthPool sends out native tokens via payable.transfer call. This is unsafe as transfer has hard coded gas budget and can fail when the to is a smart contract. Such transactions will fail for smart contract users which don't fit to 2300 gas stipend transfe...
us2.ethpool.org XSS vulnerability
Vulnerable URL: http://us2.ethpool.org/miners/'-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| Yes, at 09.06.2017 Latest check for patch:| 09.06.2017 19:05 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...