287 matches found
forever-kato.co.jp Cross Site Scripting vulnerability OBB-3832834
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Votes delegated to the zero address will be stuck forever and user can no longer delegate votes
Lines of code Vulnerability details Bug Description VotesUpgradeable automatically delegates a user's votes to themselves if a delegatee is not set. VotesUpgradeable.solL165-168 function delegatesaddress account public view virtual returns address VotesStorage storage $ = getVotesStorage; return...
forever-rabatte.de Improper Access Control vulnerability OBB-3818693
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
forever-bestpreis.de Improper Access Control vulnerability OBB-3776546
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
forever-fit.hu Cross Site Scripting vulnerability OBB-3629679
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
LendingLedger Lack of method to rescue accidentally sent Canto
Lines of code Vulnerability details Impact There is no function to rescue Canto accidentally sent to LendingLedger so if governance fat-finger those Canto could be lost forever. Proof of Concept There is no function to transfer native token out of LendingLedger Tools Used Manual inspection...
If user has delegated someone when locktime expires his tokens will be stuck forever.
Lines of code Vulnerability details Impact tokens will be stuck forever if user's locktime expired when his delegatee someone differant than him. Because he cannot withdraw his money also he cannot delegate himself too because his lock expired.Also he cannot use increaseamount for lockexpired and...
forever-image.com Cross Site Scripting vulnerability OBB-3157064
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-4879
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...
Authorization
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...
CVE-2022-4879 Forged Alliance Forever Vote improper authorization
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...
CVE-2022-4879
CVE-2022-4879 affects Forged Alliance Forever up to version 3746, targeting the Vote Handler component. The issue is due to manipulation of an unknown functionality that leads to improper authorization. Upgrading to version 3747 mitigates the vulnerability; the patch is identified by 6880971bd3d7...
CVE-2022-4879 Forged Alliance Forever Vote improper authorization
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...
CVE-2022-4879 Forged Alliance Forever Vote improper authorization
A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. T...
PT-2023-15893 · Unknown · Forged Alliance Forever
Name of the Vulnerable Software and Affected Versions: Forged Alliance Forever versions up to 3746 Description: A critical issue was found in the Vote Handler component, leading to improper authorization due to manipulation of an unknown functionality. Upgrading to version 3747 addresses this...
Forged Alliance Forever 安全漏洞
Forged Alliance Forever is a community-driven project to promote online play of Supreme Commander: Forged Alliance. Forged Alliance Forever suffers from a security vulnerability that stems from an unknown feature of the component Vote Handler that manipulates to cause incorrect authorization...
AdminServ 跨站脚本漏洞
AdminServ is a WebInterface used by Christopher F., an individual developer, to manage Trackmania Forever and ManiaPlanet dedicated servers. A cross-site scripting vulnerability exists in AdminServ, which stems from incorrect manipulation of the parameter text leading to cross-site scripting...
Denial Of Service (DoS)
Concrete CMS is vulnerable to denial of service.The vulnerability exists in multiple functions of controller.php due to insufficient validation of user-supplied input within the forever cookie which allows an attacker to crash the application via malicious input...
Octopus Server 代码问题漏洞
Octopus Server is an automated deployment platform. Octopus Server has a security vulnerability that stems from improper validation of its session token parameter resulting in a session token that may be valid indefinitely...
forevergreenflorist.co.uk Cross Site Scripting vulnerability OBB-2979118
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...