Vulnerabilities reported by skyknow :
漏洞列表
用戶所提交的漏洞列表。
-
某單位 Bitmarkd 使用 float64 比對 difficulty,允許同值但較寬鬆的 compact target 通過 PoW 驗證
- HZD Code:ZD-2026-00813
- Risk:高
- Status:審核中
- Date:2026/06/10
-
某單位 tickets event routes authorize query eventId but read/update path id
- HZD Code:ZD-2026-00811
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 tickets reorder authorizes query.eventId but reorders another event tickets
- HZD Code:ZD-2026-00810
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 tickets invitation-code update can rebind a code to another event ticket
- HZD Code:ZD-2026-00809
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 tickets webhook management routes authorize one event ID but operate on path eventId
- HZD Code:ZD-2026-00808
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 tickets ticket analytics route lacks event-scoped access check
- HZD Code:ZD-2026-00807
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 tickets event form-field handlers continue after failed event access
- HZD Code:ZD-2026-00806
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 tickets eventAdmin registration export lacks event scoping
- HZD Code:ZD-2026-00805
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 SCAICT-uwu /buyProduct race can return two successful purchases while persisting one point/stock decrement
- HZD Code:ZD-2026-00804
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 Bitmarkd registration request and response paths accept short timestamp frames and panic
- HZD Code:ZD-2026-00803
- Risk:高
- Status:審核中
- Date:2026/06/10