Vulnerabilities > Theethereumlottery > THE Ethereum Lottery > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-07 CVE-2018-15552 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Theethereumlottery the Ethereum Lottery
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum Lottery, an Ethereum gambling game, generates a random value with publicly readable variable "maxTickets" (which is private, yet predictable and readable by the eth.getStorageAt function).
network
low complexity
theethereumlottery CWE-338
5.0