GHSA-W3QM-93VF-5HRW Cockpit Cross-site Scripting vulnerability

Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3. For any role that has permission to execute function assets, an attacker can upload a html file and that leads to XSS...

No validation check for whether the msg.value is not less than the value parameter in the execute function

Lines of code Vulnerability details Impact Users can send msg.value lesser than the supplied value parameter leading to incorrect accounting. Proof of Concept There is no check for whether msg.value = value in the execute function of the LSP0ERC725AccountCore contract. LSP0ERC725Account is in sco...

CVE-2023-3607 kodbox WebConsole Plug-In webconsole.php.txt Execute os command injection

A vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be...

PT-2023-25419 · Kodbox · Kodbox

Name of the Vulnerable Software and Affected Versions: kodbox version 1.26 Description: A critical issue affects the function Execute of the file webconsole.php.txt in the WebConsole Plug-In component, leading to os command injection. The exploit has been disclosed publicly and may be used. The...

LlamaExecutor#execute is not payable

Lines of code Vulnerability details Impact Since the execute function in LlamaExecutor.sol is not payable, nor the contract has the ability to receive ether, any action that requires sending ETH will eventually fail. Proof of Concept Tools Used Manual review Recommended Mitigation Steps One of th...

Gas griefing/thief in LlamaAccount execute()

Lines of code Vulnerability details Impact LlamaAccount execute function either delegatecall or call to the provided address. The address may contain malicious contract and should be treated as a malicious. This assumption was confirmed by implementation of this function and its comments...

deployAndExecute() function in Factory should be payable

Lines of code Vulnerability details deployAndExecute function in Factory should be payable The deployAndExecute function fails to consider ETH payments that may need to be forwarded to the wallet's execute function. Impact The deployAndExecute function present in the AmbireAccountFactory can be...

CollectionBatchBuyOperator.sol: tokenIds array is not shortened properly which makes execute function revert when not all NFTs are purchased successfully

Lines of code Vulnerability details Impact The CollectionBatchBuyOperator contract allows parties to buy NFTs through proposals. The proposal specifies an nftContract and token IDs via the nftTokenIdsMerkleRoot parameter that can be bought. Allowed executors can then execute the actual purchase b...

PT-2023-17099 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue affects the function exec of the file admin/operations/currency.php. The manipulation of the argument id leads to sql injection. The attack may ...

User may force fail the action from the DAO:execute

Lines of code Vulnerability details Description The execute function from the DAO.sol contract allow to execution of any call to any address if the caller has appropriate permission. Some calls are expected to be always successfully executed, and some may revert and execute will continue the...

Malicious member can steal funds from the DAO contract.

Lines of code Vulnerability details Impact The malicious member can steal assets from DAO protocol. Proof of Concept The protocol allows the member to have the voting power to create a proposal createProposal. Where the action struct in the parameter refers to be consumed by the DAO's execute...

Gas griefing is possible on unsafe external calls on execute

Lines of code Vulnerability details Impact A malicious or compromised actor that has EXECUTIONPERMISSIONID may cause a gas griefing attack by returning actionsi.data with a really high payload. Griefing attacks have no economic incentive for the attacker but could lead to other issues e.g. not...

In the beginning its relatively easy to gain majority share

Lines of code Vulnerability details Impact As mentioned in the document, Although possible, the permissions to execute arbitrary actions or upgrade the DAO should not be given to EOAs as this poses a security risk to the organization if the account is compromised or acts adversarial. Instead, the...

SUSE CVE-2008-2712

Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using 1 filetype.vim, 3 xpm.vim, 4 gzipvim, and 5 netrw. NOTE: the...

SUSE CVE-2008-3076

The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the 1 mz and 2 mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue...

GHSA-88P8-4VV5-82J7 xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

xaviershay-dm-rails Gem for Ruby contains a flaw in the execute function in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information...

Lack of Input Validation in the Conduit Contract

Lines of code Vulnerability details Bug Description: The Conduit contract is a smart contract that serves as an originator for proxied transfers of ERC20, ERC721, and ERC1155 tokens. The contract's execute function takes an input of type ConduitTransfer calldata transfers which is an array of...

Sql injection

A vulnerability, which was classified as critical, was found in githuis P2Manage. This affects the function Execute of the file PTwoManage/Database.cs. The manipulation of the argument sql leads to sql injection. The identifier of the patch is 717380aba80002414f82d93c770035198b7858cc. It is...

PT-2023-10233 · Unknown · Githuis P2Manage

Name of the Vulnerable Software and Affected Versions: githuis P2Manage affected versions not specified Description: A critical vulnerability was found in githuis P2Manage, affecting the function Execute of the file PTwoManage/Database.cs. The manipulation of the sql argument leads to sql...

GHSA-M5V8-WPW4-RJ3X abacus-ext-cmdline vulnerable to Command Injection

All versions of package abacus-ext-cmdline are vulnerable to Command Injection via the execute function due to improper user-input sanitization...