hi, the mintToken function of NexxusToken seems to has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
function mintToken(uint256 _amount) {
if (msg.sender == owner) {
totalSupply += _amount;
balances[owner] += _amount;
Transfer(0, owner, _amount);
}
}
hi, the mintToken function of NexxusToken seems to has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
you can see the test of this vulnerability in https://github.com/n0pn0pn0p/smart_contract_-vulnerability/edit/master/PolyAi.md , plz verify, thx!
(yogurt.yang@dbappsecurity.com.cn)
The text was updated successfully, but these errors were encountered: