XSNS token have some vulnerabilities

https://etherscan.io/address/0xc011a73ee8576fb46f5e1c5751ca3b9fe0af2a6f#code
Here is the source code of smart contract.

oot@subway:/home/advance/ETH/MintCoin/contracts/Multi# slither SNS.sol 



ProxyERC20.transfer(address,uint256) (SNS.sol#455-464) ignores return value by IERC20(target).transfer(to,value) (SNS.sol#460)

ProxyERC20.transferFrom(address,address,uint256) (SNS.sol#492-508) ignores return value by IERC20(target).transferFrom(from,to,value) (SNS.sol#504)

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer



Contract locking ether found:

	Contract ProxyERC20 (SNS.sol#388-509) has payable functions:

	 - Proxy.fallback() (SNS.sol#187-221)

	But does not have a function to withdraw the ether

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether



ProxyERC20.approve(address,uint256) (SNS.sol#475-484) ignores return value by IERC20(target).approve(spender,value) (SNS.sol#480)

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return



ProxyERC20.balanceOf(address).owner (SNS.sol#427) shadows:

	- Owned.owner (SNS.sol#49) (state variable)

ProxyERC20.allowance(address,address).owner (SNS.sol#439) shadows:

	- Owned.owner (SNS.sol#49) (state variable)

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing



Owned.nominateNewOwner(address)._owner (SNS.sol#67) lacks a zero-check on :

		- nominatedOwner = _owner (SNS.sol#71)

Proxyable.setMessageSender(address).sender (SNS.sol#292) lacks a zero-check on :

		- messageSender = sender (SNS.sol#296)

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation



Proxy._emit(bytes,uint256,bytes32,bytes32,bytes32,bytes32) (SNS.sol#155-185) uses assembly

	- INLINE ASM (SNS.sol#162-185)

Proxy.fallback() (SNS.sol#187-221) uses assembly

	- INLINE ASM (SNS.sol#192-205)

	- INLINE ASM (SNS.sol#209-220)

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage



Pragma version0.4.25 (SNS.sol#41) allows old versions

solc-0.4.25 is not recommended for deployment

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity



Parameter Owned.nominateNewOwner(address)._owner (SNS.sol#67) is not in mixedCase

Parameter Proxy.setTarget(Proxyable)._target (SNS.sol#140) is not in mixedCase

Function Proxy._emit(bytes,uint256,bytes32,bytes32,bytes32,bytes32) (SNS.sol#155-185) is not in mixedCase

Parameter Proxyable.setProxy(address)._proxy (SNS.sol#277) is not in mixedCase

Parameter Proxyable.setIntegrationProxy(address)._integrationProxy (SNS.sol#285) is not in mixedCase

Modifier Proxyable.optionalProxy_onlyOwner() (SNS.sol#312-319) is not in mixedCase

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions



totalSupply() should be declared external:

	- IERC20.totalSupply() (SNS.sol#330)

	- ProxyERC20.totalSupply() (SNS.sol#417-420)

balanceOf(address) should be declared external:

	- IERC20.balanceOf(address) (SNS.sol#332)

	- ProxyERC20.balanceOf(address) (SNS.sol#427-430)

allowance(address,address) should be declared external:

	- IERC20.allowance(address,address) (SNS.sol#334)

	- ProxyERC20.allowance(address,address) (SNS.sol#438-448)

transfer(address,uint256) should be declared external:

	- IERC20.transfer(address,uint256) (SNS.sol#336)

	- ProxyERC20.transfer(address,uint256) (SNS.sol#455-464)

approve(address,uint256) should be declared external:

	- IERC20.approve(address,uint256) (SNS.sol#338)

	- ProxyERC20.approve(address,uint256) (SNS.sol#475-484)

transferFrom(address,address,uint256) should be declared external:

	- IERC20.transferFrom(address,address,uint256) (SNS.sol#340)

	- ProxyERC20.transferFrom(address,address,uint256) (SNS.sol#492-508)

name() should be declared external:

	- IERC20.name() (SNS.sol#343)

	- ProxyERC20.name() (SNS.sol#397-400)

symbol() should be declared external:

	- IERC20.symbol() (SNS.sol#344)

	- ProxyERC20.symbol() (SNS.sol#402-405)

decimals() should be declared external:

	- IERC20.decimals() (SNS.sol#345)

	- ProxyERC20.decimals() (SNS.sol#407-410)

Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-external

SNS.sol analyzed (5 contracts with 75 detectors), 27 result(s) found