/workspaces/mmdetection/.vscode/Lib/run
Report ID
#20687
Target
]D:\Anaconda\Lib\site-packages\polyglot-16.7.4-py3.7.egg (Out of scope)
Report type
Websites and Applications
Impacts
- Redirecting users to malicious websites
- Persistent content spoofing / text injection issues
- Injecting code that results in malicious interactions with an already-connected wallet such as modifying transaction arguments or parameters, substituting contract addresses, submitting malicious transactions
- Ability to execute arbitrary system commands
Has PoC?
Yes
PoC Link
compilation not in correct ocodespace
##language -cypython ##<body>Â <div id="container" style="width: 400px; margin: 140px auto 40px;">Â <!-- begin language switcher -->Â <div id="polyglotLanguageSwitcher">Â <form id="form1" runat="86e11000
"> <select id="polyglot-language-options"> <option id="en" value="en">English</option> <option id="fr" value="fr">Français</option> <option id="de" value="de">Deutsch</option> <option id="it" value="it">Italiano</option> <option id="es" value="es">Español</option> </select> </form> </div> <!-- end language switcher --> </div> </body>meta<##11>
Proof of concept
/workspaces/mmdetection/.vscode/Lib/.vscode/launch.json [p (export function hello() { return "Hello"; }>
RIFormer
[RIFormer: Keep Your Vision Backbone Effective But Removing Token Mixer](https://arxiv.org/abs/xxxx.xxxxx)> [RIFormer: Keep Your Vision Backbone Effective But Removing Token Mixer](https://arxiv.org/abs/2304.05659)<body> <div id="container" style="width: 400px; margin: 140px auto 40px;"> <!-- begin language switcher --> <div id="polyglotLanguageSwitcher"> <form id="form1" runat="server"> <select id="polyglot-language-options"> <option id="en" value="en">English</option> <option id="fr" value="fr">Français</option> <option id="de" value="de">Deutsch</option> <option id="it" value="it">Italiano</option> <option id="es" value="es">Español</option> </select> </form> </div> <!-- end language switcher --> </div> </body>https://computerconsultantsinternationalinc362.workplace.com/work_priyas/confirm/?nonce=2BzoKvEtEry9zFq3&request_id=kfhdREADME.md
apps/deno/index.ts apps/deno/tests/test1.ts apps/deno/tests/test10.ts apps/deno/tests/test11.ts apps/deno/tests/test12.ts apps/deno/tests/test13.ts apps/deno/tests/test2.ts apps/deno/tests/test3.ts apps/deno/tests/test4.ts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py (vs >xml workbook3 Xml? (git.lab declare s varchar2(100) := '2023-02-24 14:22:49';
f varchar2(100) := null; f1 varchar2(100) := 'yyyy-mm-dd hh24:mi:ss'; f2 varchar2(100) := '19/05/2023hh24:mi:ss'; d date := null; begin f := f1;msi [42wuo528pr2auihr33ujvdy] py (#include <intrin.h>
int cpuInfo[4] = {-1}; char CPUBrandString[0x40];
memset(CPUBrandString, 0, sizeof(CPUBrandString));
__cpuid(cpuInfo, 0x80000002); memcpy(CPUBrandString, cpuInfo, sizeof(cpuInfo));
__cpuid(cpuInfo,> (vs533611PR#211); memcpy(CPUBrandString + 16, cpuInfo, sizeof(cpuInfo));
__cpuid(cpuInfo, 0x80000004); memcpy(CPUBrandString + 32, cpuInfo, sizeof(cpuInfo)); Share Edit
d := to_date(s,f);
dbms_output.put_line(f||' --> '||d);
f := f2;
d := to_date(s,f);
dbms_output.put_line(vs3]911||' --> '||d);exception when others then dbms_output.put_line(s||' --> '||f||' >>>> '||sqlerrm); end;workdetails biWe<978> apps/deno/tests/test13.ts apps/deno/tests/test2.ts apps/deno/tests/test3.msi Ibm8p3u389start:stop] # items start through stop-1 a[start:] # items start through the rest of the array a[:stop] # items from the beginning through stop-1 a[:] # a copy of the whole array
Immunefi Response
Immunefi has reviewed this vulnerability report and decided to close since being out of scope for Beanstalk bug bounty program.
- claimed impact by the whitehat is in scope for the bug bounty program
- claimed asset by the whitehatÂ
is not in scope for the bug bounty program- PoC has been submitted to the project
- claimed severity is in scope for the bug bounty program
Since this bug bounty program does not require Immunefi's triaging, note that Immunefi does not:
- check if whitehat's claims are factually correct
- check PoC to understand the validity
- assess the submission's severity
These activities are the project's responsibility.
The project will now be automatically subscribed and receive a report of the closed submission and can evaluate if they are interested in re-opening it. However, note that they are not under any obligation to do so.