8 matches found
CVE-2026-45780 Discourse: Private event sample invitees are serialized to non-invited event viewers
Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event invitee list. This...
PT-2026-56994
Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description The EventSerializer could expose invited group names, sample invitees, and attendan...
Anviz CrossChex Standard 安全漏洞
Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability stems from the lack of source verification in the...
Anviz CrossChex Standard 安全漏洞
Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability arises from the ability of attackers to manipulate the...
PayPal,Credit Card and Debit Card Payment 安全漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A security vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can exploit the vulnerability by sending a specially crafted que...
PayPal,Credit Card and Debit Card Payment SQL注入漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...
PayPal,Credit Card and Debit Card Payment SQL注入漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...
Cybozu Office vulnerable in restricting access
Overview Cybozu Office contains a vulnerability in restricting access permissions. Cybozu Office is a groupware.Cybozu Office contains a vulnerability in restricting access permissions. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...