|
246771
|
9.8 |
CRITICAL
Network
|
encryptedtoken_project
|
encryptedtoken
|
An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPric…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-14087
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246772
|
9.8 |
CRITICAL
Network
|
mytoken_project
|
mytoken
|
An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-14086
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246773
|
9.8 |
CRITICAL
Network
|
myadvancedtoken_project
|
myadvancedtoken
|
An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will ca…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-14084
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246774
|
8.8 |
HIGH
Network
|
srcms_project
|
srcms
|
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.
|
CWE-352
Origin Validation Error
|
CVE-2018-14069
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246775
|
8.8 |
HIGH
Network
|
srcms_project
|
srcms
|
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.
|
CWE-352
Origin Validation Error
|
CVE-2018-14068
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246776
|
9.8 |
CRITICAL
Network
|
google
|
android
|
The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the REA…
|
CWE-89
SQL Injection
|
CVE-2018-14066
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246777
|
9.8 |
CRITICAL
Network
|
phpoffice_project
|
common
|
XMLReader.php in PHPOffice Common before 0.2.9 allows XXE.
|
CWE-611
XXE
|
CVE-2018-14065
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246778
|
9.8 |
CRITICAL
Network
|
velotismart_project
|
velotismart_wifi_firmware
|
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80.
|
CWE-22
Path Traversal
|
CVE-2018-14064
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246779
|
9.8 |
CRITICAL
Network
|
tracto
|
tracto
|
The increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-14063
|
2024-11-21 12:48 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246780
|
9.8 |
CRITICAL
Network
|
mi
|
xiaomi_r3d_firmware
|
OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON da…
|
CWE-78
OS Command
|
CVE-2018-14060
|
2024-11-21 12:48 |
2018-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
