CVE-2021-23404
This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the…
This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the…
BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. Devamını Oku
phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. Devamını Oku
BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. Devamını Oku
phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. Devamını Oku
An issue in the noReentrance() modifier of the Ethereum-based contract Accounting 1.0 allows attackers to carry out a reentrancy attack. Devamını Oku
The time check operation of PepeAuctionSale 1.0 can be rendered ineffective by assigning a large number to the _duration variable, compromising access control to the…
A lack of target address verification in the destroycontract() function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script.…
A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script.…
A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a…