Lucene search
+L

6 matches found

Code423n4
Code423n4
added 2023/06/02 12:0 a.m.9 views

_execSellNftToMarket() re-enter steal funds

Lines of code Vulnerability details Impact re-enter steal funds Proof of Concept execSellNftToMarket The number of changes in the balance to represent whether the corresponding amount has been received function execSellNftToMarket address collection, uint256 tokenId, uint256 amount, bool pushBase...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.13 views

ParticleExchange.auctionBuyNft and ParticleExchange.withdrawEthWithInterest function calls can be DOS'ed

Lines of code Vulnerability details Impact When lien.borrower is a contract, its receive function can be coded to conditionally revert based on a state boolean variable controlled by lien.borrower's owner. As long as payback 0 is true, lien.borrower's receive function would be called when calling...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.8 views

newLien.lender can steal NFT that should belong to oldLien.lender after refinancing

Lines of code Vulnerability details Impact After calling the following ParticleExchange.refinanceLoan function, collection are the same and tokenId become newLien.tokenId for both the old and new liens. function refinanceLoan Lien calldata oldLien, uint256 oldLienId, Lien calldata newLien, uint25...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.6 views

Calling ParticleExchange.withdrawEthWithInterest function causes _treasury to lose portion of payableInterest that it is entitled to

Lines of code Vulnerability details Impact When lien.lender calls the following ParticleExchange.withdrawEthWithInterest function, uint256 payableInterest = calculateCurrentPayableInterestlien is executed. Calling the ParticleExchange.calculateCurrentPayableInterest function below does not accrue...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.9 views

Calling ParticleExchange.sellNftToMarket, ParticleExchange.swapWithEth, and ParticleExchange.refinanceLoan functions can allow insolvent positions to be opened

Lines of code Vulnerability details Impact When calling the following ParticleExchange.sellNftToMarket function, it is possible to input amount and msg.value, which can sum up to lien.price and make credit equal 0. Although credit of lienslienId is 0 in this case, calling the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.9 views

DoS of auctionBuyNft()

Lines of code Vulnerability details Impact An auction can be forced to conclude, which is typically to the benefit of the lender. Proof of Concept auctionBuyNftlien, lienId, tokenId, amount validates the lien in question by validateLienlien, lienId which checks that the lien is hashed to the same...

6.7AI score
Exploits0
Rows per page
Query Builder