PT-2025-34579 · Unknown · Huangdou Utcms Version 9

Name of the Vulnerable Software and Affected Versions: HuangDou UTCMS version 9 Description: A flaw exists in the Login component's code within the app/modules/ut-frame/admin/login.php file. Manipulation of the code related to an argument results in an incorrect comparison. This issue can be...

Upgraded Q -> M from #307 [1669043813221]

Judge has assessed an item in Issue 307 as M risk. The relevant finding follows: L-1. Wrong comparison sign Description The function swapAVAXForExactTokens will revert when msg.value amountsIn0 because amountsIn0 - msg.value will always cause underflow. Solidity version ^0.8.0 is used, so it will...

Upgraded Q -> M from 238 [1664280434191]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the length is longer than 32 File: contracts\dnssec-oracle\BytesUtils.sol 44: function comparebytes memory self, uint offset, uint len, bytes memory other, uint otheroffset, uint...

Upgraded Q -> M from 238 [1664280666405]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the self is longer than other File: contracts\dnssec-oracle\BytesUtils.sol 115: function equalsbytes memory self, uint offset, bytes memory other internal pure returns bool 116:...