Show filters
16 Total Results
Displaying 11-16 of 16
Sort by:
Attacker Value
Unknown
CVE-2018-13209
Disclosure Date: July 05, 2018 (last updated November 27, 2024)
The sell function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
0
Attacker Value
Unknown
CVE-2018-13087
Disclosure Date: July 03, 2018 (last updated November 26, 2024)
The mintToken function of a smart contract implementation for Coinstar (CSTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
0
Attacker Value
Unknown
CVE-2018-12015
Disclosure Date: June 07, 2018 (last updated November 26, 2024)
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
0
Attacker Value
Unknown
CVE-2015-2087
Disclosure Date: February 26, 2015 (last updated October 05, 2023)
Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via unspecified vectors.
0
Attacker Value
Unknown
CVE-2014-9155
Disclosure Date: December 01, 2014 (last updated October 05, 2023)
Directory traversal vulnerability in the Avatar Uploader module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta6 for Drupal allows remote authenticated users to read arbitrary files via a .. (dot dot) in the path of a cropped picture in the uploader panel.
0
Attacker Value
Unknown
CVE-2007-4829
Disclosure Date: November 02, 2007 (last updated October 04, 2023)
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
0