13 matches found
moon.market Cross Site Scripting vulnerability OBB-3316743
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GroupBuy can be drained of all ETH.
Lines of code Vulnerability details Description purchase in GroupBuy faciilitates the purchasing of an NFT after enough contributions were gathered. Another report titled "Attacker can steal the amount collected so far in the GroupBuy for NFT purchase" describes a high impact bug in purchase. It ...
Creators can steal sale revenue from owners' sales
Lines of code Vulnerability details According to the README.md All sales in the Foundation market will pay the creator 10% royalties on secondary sales. This is not specific to NFTs minted on Foundation, it should work for any NFT. If royalty information was not defined when the NFT was originall...
Monster Hair Salon - Dynamic Code Loading, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Monster Hair Salon published at the 'play' market has multiple vulnerabilities...
Pool Billiards: 8 Balls - Base64 encoded String, Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Pool Billiards: 8 Balls published at the 'play' market has multiple vulnerabilities...
Antakshri - Dangerous filesystem permissions, Insecure KeyStore, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Antakshri published at the 'play' market has multiple vulnerabilities...
Happy Teeth, Healthy Kids - WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Happy Teeth, Healthy Kids published at the 'play' market has multiple vulnerabilities...
Busradar: Bus Trip App - Corrupted files, Dangerous filesystem permissions, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Busradar: Bus Trip App published at the 'play' market has multiple vulnerabilities...
Winter Cat Live Wallpaper - Base64 encoded String, Corrupted files, Dynamic Code Loading vulnerabilities
HackApp vulnerability scanner discovered that application Winter Cat Live Wallpaper published at the 'play' market has multiple vulnerabilities...
ANT Tester - External URLs, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application ANT Tester published at the 'play' market has multiple vulnerabilities...
Coach by Cigna - Base64 encoded String, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Coach by Cigna published at the 'play' market has multiple vulnerabilities...
Jobbörse 2016 - Corrupted files, Dynamic Code Loading, Exported components vulnerabilities
HackApp vulnerability scanner discovered that application Jobbörse 2016 published at the 'play' market has multiple vulnerabilities...
Exodus Updater - Exported components, External URLs, Possible privilege escalation vulnerabilities
HackApp vulnerability scanner discovered that application Exodus Updater published at the 'play' market has multiple vulnerabilities...