CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript...

7.6CVSS6AI score0.00399EPSS

Exploits1References1

Code423n4•added 2023/06/26 12:0 a.m.•16 views

The broker should not be fully disabled by GnosisTrade.reportViolation

Lines of code Vulnerability details Impact GnosisTrade and DutchTrade are two separate auction systems where the failing of either system should not affect the other one. The current design will have Broker.sol disabled when reportViolation is invoked by GnosisTrade.settle if the auction's cleari...

7AI score

Exploits0

OSV•added 2020/01/11 4:15 a.m.•0 views

CVE-2020-6847

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript...

5.4CVSS6.7AI score0.00399EPSS

Exploits1References3

NVD•added 2020/01/11 4:15 a.m.•10 views

CVE-2020-6847

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript...

7.6CVSS5.8AI score0.00399EPSS

Exploits1References3

Prion•added 2020/01/11 4:15 a.m.•15 views

Cross site scripting

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript...

3.5CVSS5.2AI score0.00399EPSS

Exploits1References3Affected Software1

CVE•added 2020/01/11 3:46 a.m.•139 views

CVE-2020-6847

OpenTrade up to version 0.2.0 contains a DOM-based XSS vulnerability that is triggered when an administrator attempts to delete a message that contains JavaScript. The root cause is related to client-side data handling in the web application, leading to potential injection of script during the de...

7.6CVSS5.2AI score0.00399EPSS

Exploits1References3Affected Software1

Cvelist•added 2020/01/11 3:46 a.m.•6 views

CVE-2020-6847

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript...

7.6CVSS5.3AI score0.00399EPSS

Exploits1References3

CNVD•added 2019/11/26 12:0 a.m.•1 views

OpenTrade SQL Injection Vulnerability

OpenTrade is an open source cryptocurrency trading platform. A SQL injection vulnerability exists in versions of OpenTrade prior to 2019-11-23. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

9.8CVSS8.2AI score0.00307EPSS

Exploits0References1

NVD•added 2019/11/25 5:15 p.m.•12 views

CVE-2019-19250

OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js...

9.8CVSS9.7AI score0.00307EPSS

Exploits0References1

OSV•added 2019/11/25 5:15 p.m.•16 views

CVE-2019-19250

OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js...

9.8CVSS7.5AI score

Exploits0References1

Prion•added 2019/11/25 5:15 p.m.•10 views

Sql injection

OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js...

7.5CVSS9.6AI score0.00307EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/11/25 4:47 p.m.•8 views

CVE-2019-19250

OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js...

9.7AI score0.00307EPSS

Exploits0References1

CVE•added 2019/11/25 4:47 p.m.•37 views

CVE-2019-19250

OpenTrade prior to 2019-11-23 is affected by CVE-2019-19250, a SQL injection vulnerability related to the server/modules/api/v1.js and server/utils.js components. The available documents identify the flaw as a SQL injection in OpenTrade’s codebase, but do not provide concrete exploit details, aff...

9.8CVSS9.6AI score0.00307EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by