Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/11/13 12:0 a.m.15 views

Missing gas fee limit

Lines of code Vulnerability details The use of .callvalue: balance"" does not limit the gas sent along with the Ether, potentially allowing all gas in the transaction to be used by the receiver. // Set a specific gas limit for the call if applicable uint256 gasLimit = someGasLimit; // Define...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.9 views

Upgraded Q -> M from #215 [1668468272191]

Judge has assessed an item in Issue 215 as M risk. The relevant finding follows: 7. No max fee is set on setFlashLoanFee function There is no max fee set. This allows a malicious owner to set a very high amount of flashloan fee , which allows the malicious admin to grief other users. He can also...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/19 12:0 a.m.12 views

Admin can set arbitrarily high exchange fees

Lines of code Vulnerability details Impact Admins can attack users by frontrunning them Poc In the function setProtocolFeeInfinityExchange.sol function setProtocolFeeuint16 protocolFeeBps external onlyOwner PROTOCOLFEEBPS = protocolFeeBps;@audit medium emit NewProtocolFeeprotocolFeeBps; Admins ca...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/19 12:0 a.m.11 views

NO TIMELOCK ON setProtocolFee() CAN LEAD TO SELLERS LOSING THEIR NFTs

Lines of code Vulnerability details NO TIMELOCK ON setProtocolFee CAN LEAD TO SELLERS LOSING THEIR NFTs In InfinityExchange.sol, there is no timelock on setProtocolFee. This is the fee that is applied in orders, and determines how much the Exchange receives in fee VS how much the seller receives...

6.6AI score
Exploits0
Rows per page
Query Builder