This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the…

BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. Devamını Oku

phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. Devamını Oku

BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. Devamını Oku

phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. Devamını Oku

An issue in the noReentrance() modifier of the Ethereum-based contract Accounting 1.0 allows attackers to carry out a reentrancy attack. Devamını Oku

The time check operation of PepeAuctionSale 1.0 can be rendered ineffective by assigning a large number to the _duration variable, compromising access control to the…

A lack of target address verification in the destroycontract() function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script.…

A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script.…

A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a…