|
248451
|
7.5 |
HIGH
Network
|
spadepresale_project
|
spadepresale
|
SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13131
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248452
|
7.5 |
HIGH
Network
|
bitotal
|
bitotal
|
Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13130
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248453
|
7.5 |
HIGH
Network
|
sp8de
|
sp8de
|
SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13129
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248454
|
7.5 |
HIGH
Network
|
etherty
|
etherty_token
|
Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13128
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248455
|
7.5 |
HIGH
Network
|
sp8de
|
sp8de_presale_token
|
SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13127
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248456
|
7.5 |
HIGH
Network
|
moxy
|
moxyonepresale
|
MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13126
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248457
|
9.8 |
CRITICAL
Network
|
onefilecms
|
onefilecms
|
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file.
|
CWE-200
Information Exposure
|
CVE-2018-13123
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248458
|
6.5 |
MEDIUM
Network
|
onefilecms
|
onefilecms
|
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-13122
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248459
|
5.5 |
MEDIUM
Local
|
realnetworks
|
realone_player
|
RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13121
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248460
|
9.8 |
CRITICAL
Network
|
zzcms
|
zzcms
|
/user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table.
|
CWE-89
SQL Injection
|
CVE-2018-13116
|
2024-11-21 12:46 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
