Githubuser60 famed-demo issues

Githubuser60 / famed-demo

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Add HTTP Secure Headers

#29 Githubuser60 closed 1 year ago
2
Famed Retroactive Rewards: Add HTTP Secure Headers

#28 Githubuser60 closed 1 year ago
2
Famed Retroactive Rewards: Add HTTP Secure Headers

#27 Githubuser60 closed 1 year ago
2
Famed Retroactive Rewards: Add HTTP Secure Headers

#26 Githubuser60 closed 1 year ago
2
Famed Retroactive Rewards

#25 Githubuser60 closed 1 year ago
2
Detected string concatenation with a non-literal variable in a "database/sql" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, used parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.

#24 get-famed[bot] opened 1 year ago
1
String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data.

#23 get-famed[bot] opened 1 year ago
1
Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.

#22 get-famed[bot] opened 1 year ago
1
Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.

#21 get-famed[bot] opened 1 year ago
1
Semgrep found a bash reverse shell

#20 get-famed[bot] opened 1 year ago
1
Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.

#19 get-famed[bot] opened 1 year ago
1
FTP allows for unencrypted file transfers. Consider using an encrypted alternative.

#18 get-famed[bot] opened 1 year ago
1
Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile("cert.pem", "cert.key")'.

#17 get-famed[bot] opened 1 year ago
1
Missing mutex unlock before returning from a function. This could result in panics resulting from double lock operations

#16 get-famed[bot] opened 1 year ago
1
[slither] totalSupply() should be declared external: - ERC20Buggy.totalSupply() (../../tmp/ERC20.sol#37-39)

#15 get-famed[bot] opened 1 year ago
1
[slither] transfer(address,uint256) should be declared external: - ERC20Buggy.transfer(address,uint256) (../../tmp/ERC20.sol#8-12)

#14 get-famed[bot] opened 1 year ago
1
[slither] transferFrom(address,address,uint256) should be declared external: - ERC20Buggy.transferFrom(address,address,uint256) (../../tmp/ERC20.sol#14-22)

#13 get-famed[bot] opened 1 year ago
1
[slither] approve(address,uint256) should be declared external: - ERC20Buggy.approve(address,uint256) (../../tmp/ERC20.sol#24-27)

#12 get-famed[bot] opened 1 year ago
1
[slither] allowance(address,address) should be declared external: - ERC20Buggy.allowance(address,address) (../../tmp/ERC20.sol#33-35)

#11 get-famed[bot] opened 1 year ago
1
[slither] balanceOf(address) should be declared external: - ERC20Buggy.balanceOf(address) (../../tmp/ERC20.sol#29-31)

#10 get-famed[bot] opened 1 year ago
1
[slither] ERC20Buggy._totalSupply (../../tmp/ERC20.sol#4) should be constant

#9 get-famed[bot] opened 1 year ago
1
[slither] Variable ERC20Buggy._totalSupply (../../tmp/ERC20.sol#4) is not in mixedCase

#8 get-famed[bot] opened 1 year ago
1
[slither] Parameter ERC20Buggy.approve(address,uint256)._spender (../../tmp/ERC20.sol#24) is not in mixedCase

#7 get-famed[bot] opened 1 year ago
1
[slither] Variable ERC20Buggy._allowance (../../tmp/ERC20.sol#6) is not in mixedCase

#6 get-famed[bot] opened 1 year ago
1
[slither] Variable ERC20Buggy._balanceOf (../../tmp/ERC20.sol#5) is not in mixedCase

#5 get-famed[bot] opened 1 year ago
1
[slither] solc-0.8.9 is not recommended for deployment

#4 get-famed[bot] opened 1 year ago
1
[slither] ERC20Buggy._totalSupply (../../tmp/ERC20.sol#4) is never initialized. It is used in: - ERC20Buggy.totalSupply() (../../tmp/ERC20.sol#37-39)

#3 get-famed[bot] opened 1 year ago
1
How to Famed

#2 get-famed[bot] opened 1 year ago
0
[Famed] Merge scanners and get famed! ✨

#1 get-famed[bot] closed 1 year ago
0