Lucene search
+L

287 matches found

Openbugbounty
Openbugbounty
added 2024/01/12 9:5 a.m.5 views

forever-kato.co.jp Cross Site Scripting vulnerability OBB-3832834

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.10 views

Votes delegated to the zero address will be stuck forever and user can no longer delegate votes

Lines of code Vulnerability details Bug Description VotesUpgradeable automatically delegates a user's votes to themselves if a delegatee is not set. VotesUpgradeable.solL165-168 function delegatesaddress account public view virtual returns address VotesStorage storage $ = getVotesStorage; return...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/19 5:50 p.m.12 views

forever-rabatte.de Improper Access Control vulnerability OBB-3818693

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/10 7:13 p.m.11 views

forever-bestpreis.de Improper Access Control vulnerability OBB-3776546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/08/31 10:14 p.m.6 views

forever-fit.hu Cross Site Scripting vulnerability OBB-3629679

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.11 views

LendingLedger Lack of method to rescue accidentally sent Canto

Lines of code Vulnerability details Impact There is no function to rescue Canto accidentally sent to LendingLedger so if governance fat-finger those Canto could be lost forever. Proof of Concept There is no function to transfer native token out of LendingLedger Tools Used Manual inspection...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.12 views

If user has delegated someone when locktime expires his tokens will be stuck forever.

Lines of code Vulnerability details Impact tokens will be stuck forever if user's locktime expired when his delegatee someone differant than him. Because he cannot withdraw his money also he cannot delegate himself too because his lock expired.Also he cannot use increaseamount for lockexpired and...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/01/17 10:8 a.m.8 views

forever-image.com Cross Site Scripting vulnerability OBB-3157064

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2023/01/06 11:15 a.m.18 views

CVE-2022-4879

A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...

7.5CVSS5.7AI score0.00528EPSS
Exploits0References5
Prion
Prion
added 2023/01/06 11:15 a.m.16 views

Authorization

A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...

5CVSS7.6AI score0.00528EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/06 10:36 a.m.5 views

CVE-2022-4879 Forged Alliance Forever Vote improper authorization

A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...

4.6CVSS7AI score0.00528EPSS
Exploits0References5
CVE
CVE
added 2023/01/06 10:36 a.m.63 views

CVE-2022-4879

CVE-2022-4879 affects Forged Alliance Forever up to version 3746, targeting the Vote Handler component. The issue is due to manipulation of an unknown functionality that leads to improper authorization. Upgrading to version 3747 mitigates the vulnerability; the patch is identified by 6880971bd3d7...

7.5CVSS6.1AI score0.00528EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/01/06 10:36 a.m.23 views

CVE-2022-4879 Forged Alliance Forever Vote improper authorization

A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...

4.6CVSS7.8AI score0.00528EPSS
Exploits0References5
OSV
OSV
added 2023/01/06 10:36 a.m.12 views

CVE-2022-4879 Forged Alliance Forever Vote improper authorization

A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...

4.6CVSS5.7AI score0.00528EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/01/06 12:0 a.m.7 views

PT-2023-15893 · Unknown · Forged Alliance Forever

Name of the Vulnerable Software and Affected Versions: Forged Alliance Forever versions up to 3746 Description: A critical issue was found in the Vote Handler component, leading to improper authorization due to manipulation of an unknown functionality. Upgrading to version 3747 addresses this...

7.5CVSS7.2AI score0.00528EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/01/06 12:0 a.m.4 views

Forged Alliance Forever 安全漏洞

Forged Alliance Forever is a community-driven project to promote online play of Supreme Commander: Forged Alliance. Forged Alliance Forever suffers from a security vulnerability that stems from an unknown feature of the component Vote Handler that manipulates to cause incorrect authorization...

7.5CVSS5.5AI score0.00528EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/12/30 12:0 a.m.4 views

AdminServ 跨站脚本漏洞

AdminServ is a WebInterface used by Christopher F., an individual developer, to manage Trackmania Forever and ManiaPlanet dedicated servers. A cross-site scripting vulnerability exists in AdminServ, which stems from incorrect manipulation of the parameter text leading to cross-site scripting...

6.1CVSS4.2AI score0.00544EPSS
Exploits0References5
Veracode
Veracode
added 2022/11/16 4:33 a.m.18 views

Denial Of Service (DoS)

Concrete CMS is vulnerable to denial of service.The vulnerability exists in multiple functions of controller.php due to insufficient validation of user-supplied input within the forever cookie which allows an attacker to crash the application via malicious input...

6.5CVSS6.1AI score0.00989EPSS
Exploits0References11Affected Software2
CNNVD
CNNVD
added 2022/10/27 12:0 a.m.6 views

Octopus Server 代码问题漏洞

Octopus Server is an automated deployment platform. Octopus Server has a security vulnerability that stems from improper validation of its session token parameter resulting in a session token that may be valid indefinitely...

9.1CVSS8.1AI score0.0053EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2022/10/06 12:13 a.m.14 views

forevergreenflorist.co.uk Cross Site Scripting vulnerability OBB-2979118

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Rows per page
Query Builder