issues
search
Githubuser60
/
famed-demo
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Add HTTP Secure Headers
#29
Githubuser60
closed
1 year ago
2
Famed Retroactive Rewards: Add HTTP Secure Headers
#28
Githubuser60
closed
1 year ago
2
Famed Retroactive Rewards: Add HTTP Secure Headers
#27
Githubuser60
closed
1 year ago
2
Famed Retroactive Rewards: Add HTTP Secure Headers
#26
Githubuser60
closed
1 year ago
2
Famed Retroactive Rewards
#25
Githubuser60
closed
1 year ago
2
Detected string concatenation with a non-literal variable in a "database/sql" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, used parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.
#24
get-famed[bot]
opened
1 year ago
1
String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data.
#23
get-famed[bot]
opened
1 year ago
1
Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.
#22
get-famed[bot]
opened
1 year ago
1
Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.
#21
get-famed[bot]
opened
1 year ago
1
Semgrep found a bash reverse shell
#20
get-famed[bot]
opened
1 year ago
1
Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.
#19
get-famed[bot]
opened
1 year ago
1
FTP allows for unencrypted file transfers. Consider using an encrypted alternative.
#18
get-famed[bot]
opened
1 year ago
1
Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile("cert.pem", "cert.key")'.
#17
get-famed[bot]
opened
1 year ago
1
Missing mutex unlock before returning from a function. This could result in panics resulting from double lock operations
#16
get-famed[bot]
opened
1 year ago
1
[slither] totalSupply() should be declared external: - ERC20Buggy.totalSupply() (../../tmp/ERC20.sol#37-39)
#15
get-famed[bot]
opened
1 year ago
1
[slither] transfer(address,uint256) should be declared external: - ERC20Buggy.transfer(address,uint256) (../../tmp/ERC20.sol#8-12)
#14
get-famed[bot]
opened
1 year ago
1
[slither] transferFrom(address,address,uint256) should be declared external: - ERC20Buggy.transferFrom(address,address,uint256) (../../tmp/ERC20.sol#14-22)
#13
get-famed[bot]
opened
1 year ago
1
[slither] approve(address,uint256) should be declared external: - ERC20Buggy.approve(address,uint256) (../../tmp/ERC20.sol#24-27)
#12
get-famed[bot]
opened
1 year ago
1
[slither] allowance(address,address) should be declared external: - ERC20Buggy.allowance(address,address) (../../tmp/ERC20.sol#33-35)
#11
get-famed[bot]
opened
1 year ago
1
[slither] balanceOf(address) should be declared external: - ERC20Buggy.balanceOf(address) (../../tmp/ERC20.sol#29-31)
#10
get-famed[bot]
opened
1 year ago
1
[slither] ERC20Buggy._totalSupply (../../tmp/ERC20.sol#4) should be constant
#9
get-famed[bot]
opened
1 year ago
1
[slither] Variable ERC20Buggy._totalSupply (../../tmp/ERC20.sol#4) is not in mixedCase
#8
get-famed[bot]
opened
1 year ago
1
[slither] Parameter ERC20Buggy.approve(address,uint256)._spender (../../tmp/ERC20.sol#24) is not in mixedCase
#7
get-famed[bot]
opened
1 year ago
1
[slither] Variable ERC20Buggy._allowance (../../tmp/ERC20.sol#6) is not in mixedCase
#6
get-famed[bot]
opened
1 year ago
1
[slither] Variable ERC20Buggy._balanceOf (../../tmp/ERC20.sol#5) is not in mixedCase
#5
get-famed[bot]
opened
1 year ago
1
[slither] solc-0.8.9 is not recommended for deployment
#4
get-famed[bot]
opened
1 year ago
1
[slither] ERC20Buggy._totalSupply (../../tmp/ERC20.sol#4) is never initialized. It is used in: - ERC20Buggy.totalSupply() (../../tmp/ERC20.sol#37-39)
#3
get-famed[bot]
opened
1 year ago
1
How to Famed
#2
get-famed[bot]
opened
1 year ago
0
[Famed] Merge scanners and get famed! ✨
#1
get-famed[bot]
closed
1 year ago
0