No end date check for Dussehra::enterPeopleWhoLikeRam()
Summary
The function Dussehra::enterPeopleWhoLikeRam allows participants to enter an event by paying an entry fee. However, the function lacks a check to ensure the event has not ended, allowing participants to pay the fee even after the event is over. This oversight could lead to participants paying for entry without being able to access the perks of the event.
Vulnerability Details
Function Affected: Dussehra::enterPeopleWhoLikeRam
Issue: Lack of end date check
Exploitation: Participants can call the function and pay the entry fee even after the event has ended.
Severity: High. Participants paying for a concluded event will not receive the event's perks, leading to dissatisfaction and potential loss of trust.
Impact
Financial Loss: Participants may lose funds by paying the entry fee for an event that has already concluded.
Tools Used
Manual Review
Recommendations
Implement an end date check in the enterPeopleWhoLikeRam function to prevent participants from entering after the event has concluded. This can be achieved by introducing a condition that compares the current block timestamp with the event's end date.
Lead Judging Commences
Invalid - enter people after event or after Ram is selected
It is the user's responsibility to check the date of the event.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.