| Subdomain Takeover on proxies.sifchain.finance pointing to vercel |
Misconfiguration |
hrdfrdh |
High |
2022-04-01 |
| Misconfiguration Certificate Authority Authorization Rule |
Misconfiguration |
d4rk_r0s3 |
None |
2021-12-09 |
| No Valid SPF Records at sifchain.finance |
Violation of Secure Design Principles |
n33dm0n3y |
No rating |
2021-12-09 |
| Dependency Confusion Vulnerability in Sifnode Due to Unclaimed npm Packages. |
Code Injection |
0xcachefl0w |
None |
2021-12-09 |
| Linux Desktop application "sifnoded" executable does not use Pie / no ASLR |
Violation of Secure Design Principles |
n33dm0n3y |
No rating |
2021-12-09 |
| Origin IP Disclosure Vulnerability |
None supplied |
uniquekamboj6738 |
No rating |
2021-12-09 |
| Information Disclosure at one of your subdomain |
Information Disclosure |
omemishra |
None |
2021-12-09 |
| Signature Verification /// golang.org/x/crypto/ssh |
Cryptographic Issues - Generic |
dpredrag |
High |
2021-12-09 |
| Sifchain token leak |
Insecure Storage of Sensitive Information |
abdullah321 |
None |
2021-12-09 |
| Sifchain Privacy Policy Webpage Uses Wordpress Default Template. Does Not Display Correct Privacy Policy. |
Information Disclosure |
masq31 |
None |
2021-12-09 |
| No Rate Limit in email leads to huge Mass mailings |
None supplied |
sudhakarsurya |
No rating |
2021-12-09 |
| Wrong Implementation of Url in https://docs.sifchain.finance/ |
Misconfiguration |
sar00n |
Low |
2021-12-09 |
| information disclosure |
None supplied |
virus26 |
No rating |
2021-12-09 |
| CSRF in newsletter form |
Cross-Site Request Forgery (CSRF) |
ph0b0s |
None |
2021-12-09 |
| ETHEREUM_PRIVATE_KEY leaked via github |
None supplied |
bugkillerak |
None |
2021-12-09 |
| Clickjacking /framing on sensitive Subdomain |
UI Redressing (Clickjacking) |
ilxax1 |
None |
2021-12-09 |
| No valid SPF record found |
Improper Authentication - Generic |
tamilarasi11 |
No rating |
2021-12-09 |
| Session Token in URL |
Improper Authentication - Generic |
little_one |
None |
2021-12-09 |
| Clickjacking at sifchain.finance |
UI Redressing (Clickjacking) |
manjithgowthaman |
Medium |
2021-12-09 |
| clickjacking vulnerability |
UI Redressing (Clickjacking) |
sravani_1234 |
No rating |
2021-12-09 |
| Clickjacking |
UI Redressing (Clickjacking) |
whiteraven0101 |
Low |
2021-12-09 |
| Design Issues at Main Domain |
Violation of Secure Design Principles |
n33dm0n3y |
Low |
2021-12-09 |
| Username disclosure at Main Domain |
Information Disclosure |
n33dm0n3y |
Low |
2021-12-09 |
| Vulnerability : Email Spoofing |
None supplied |
tajammul |
None |
2021-12-09 |
| CORS (Cross-Origin Resource Sharing) origin validation failure |
None supplied |
11holefinder |
None |
2021-12-09 |
| 4 xss vulnerability dom based cwe 79 ; wordpress bootstrap.min.js is vulnerable |
Cross-site Scripting (XSS) - DOM |
rao_ji1hackerone |
Medium |
2021-12-09 |
| Email Spoofing bug |
None supplied |
niloychowdhury3 |
No rating |
2021-12-09 |
| Possible Database Details stored in values.yaml |
Cleartext Storage of Sensitive Information |
sparta5537 |
Medium |
2021-12-09 |
| Wrong Url in Main page of sifchain.finance |
Misconfiguration |
beebeek |
Low |
2021-12-09 |
| Bootstrap library is vulnerable |
Inclusion of Functionality from Untrusted Control Sphere |
sathish87 |
Low |
2021-09-06 |
| SSH server due to Improper Signature Verification |
None supplied |
escanor56 |
High |
2021-08-30 |
| Vulnerable javascript dependency at Main domain |
Using Components with Known Vulnerabilities |
dantt |
Low |
2021-08-02 |
| CORS misconfiguration |
Business Logic Errors |
legacy_defender |
None |
2021-06-29 |
| Cross-site Scripting (XSS) possible at https://sifchain.finance// via CVE-2019-8331 exploitation |
None supplied |
foysalahmed |
Medium |
2021-06-21 |
| Clickjacking misconfiguration bug |
None supplied |
ridoykhan0x1 |
No rating |
2021-06-18 |
| Error Page Content Spoofing or Text Injection |
None supplied |
g4urav_19 |
Low |
2021-06-15 |
| Wrong implementation of Telegram link on the main page for PC users |
Misconfiguration |
ibrahimatix0x01 |
None |
2021-06-12 |
| Flaws In Social media Icon on error page which can lead to financial loss to a company. |
Business Logic Errors |
beebeek |
None |
2021-06-12 |
| CORS Misconfiguration Leads to Sensitive Exposure on Sifchain main domain |
None supplied |
emptymahbob |
None |
2021-06-10 |
| CORS (Cross-Origin Resource Sharing) origin validation failure -Any website can issue requests made with user credentials and read the responses to th |
Cross-site Scripting (XSS) - Stored |
bader2 |
None |
2021-06-10 |
| Private eth key found |
None supplied |
mstwtd73 |
No rating |
2021-06-10 |
| HTTPS not enforced at dex.sifchain.finance |
Violation of Secure Design Principles |
zelzal |
Low |
2021-06-10 |
| Open S3 Bucket | information leakage |
None supplied |
b29z |
No rating |
2021-05-15 |
| Information Disclosure on https://rpc.sifchain.finance/ |
Information Disclosure |
bringing2021 |
None |
2021-05-15 |
| No Valid SPF Records/don't have DMARC record |
Improper Authentication - Generic |
himan253 |
None |
2021-05-14 |
| No Rate Limit protection in user subscription form |
None supplied |
aliyugombe |
Low |
2021-05-14 |
| Found a url on source code which was disclosing different juicy informations like ip addresses and available endponts |
Information Exposure Through Directory Listing |
paranoid07 |
None |
2021-05-14 |
| Path Transversal inside saveContracts.js |
Relative Path Traversal |
caon |
None |
2021-05-14 |
| Email spoofing |
Improper Authentication - Generic |
tmsm |
None |
2021-05-13 |
| Cross Origin Resource Sharing Misconfiguration | Lead to sensitive information. |
None supplied |
sudhakarsurya |
None |
2021-05-13 |
| Wordpress Users Disclosure (/wp-json/wp/v2/users/) on sifchain.finance |
None supplied |
ibrahimatix0x01 |
Low |
2021-05-13 |
| CORS Misconfiguration |
Misconfiguration |
itsme_ani |
None |
2021-05-12 |
| Social media links not working |
Business Logic Errors |
tefa_ |
None |
2021-05-12 |
| Wrong Url in Main Page |
Misconfiguration |
dantt |
Low |
2021-05-12 |
| Email Spoofing on sifchain.finance |
None supplied |
ibrahimatix0x01 |
Low |
2021-05-11 |
| Clickjacking Vulnerability in sifchain.finance |
UI Redressing (Clickjacking) |
lemon_in-the_spoon |
No rating |
2021-05-11 |
| Found key_adress and key_password in GitHub history |
Password in Configuration File |
mhohlfeld |
None |
2021-05-08 |
| Information disclosure on Sifchain |
Information Disclosure |
rohitburke |
None |
2021-05-08 |
| Vulnerable for clickjacking attack |
UI Redressing (Clickjacking) |
akay0783 |
None |
2021-05-08 |
| A password in plain text in conf file |
Password in Configuration File |
nouradeen |
No rating |
2021-05-07 |
| ETHEREUM_PRIVATE_KEY leaked via Open Github Repository |
Cleartext Storage of Sensitive Information |
fozisimi |
None |
2021-05-07 |
| wrong url in hackerone > goes to wix.com > unconnected |
Misconfiguration |
mhohlfeld |
Low |
2021-05-07 |
| Private RSA key for Vagrant exposed in GitHub repository |
Insecure Storage of Sensitive Information |
sdushantha |
None |
2021-05-07 |
| RSA PRIVATE KEY discloser |
Information Disclosure |
rootspectra |
None |
2021-05-07 |
| mongodb credentials leaked in github |
Information Disclosure |
makuzo |
No rating |
2021-05-07 |
| Private KEY of crypto wallet |
Use of Hard-coded Password |
krynos |
None |
2021-05-07 |
| ETHEREUM_PRIVATE_KEY leaked |
Cleartext Storage of Sensitive Information |
dexter34 |
No rating |
2021-05-07 |
| Exposed Openapi Token |
Cleartext Storage of Sensitive Information |
johnjhacking |
None |
2021-05-07 |
| Possibility of DoS attack at https://sifchain.finance// via CVE-2018-6389 exploitation |
None supplied |
spyata |
None |
2021-05-07 |
| Subdomain Takeover At the Main Domain Of Your Site |
Improper Access Control - Generic |
ahmedelmalky |
Low |
2021-05-07 |
| xmlrpc.php And /wp-json/wp/v2/users FILE IS enable it will used for bruteforce attack and denial of service |
Uncontrolled Resource Consumption |
malagham |
None |
2021-05-06 |