Lucene search
K

8 matches found

CVE
CVE
added 9 hours ago6 views

CVE-2026-14751

The vulnerability CVE-2026-14751 targets mjperpinosa stumasy via SQL injection in Notes_controller::search_scratch_data (file application/PHP/objects/notes/search_scratch_data.php). The exploit arises from manipulating the argument field_name, enabling remote execution of SQL. Public exploit is s...

6.5CVSS6.4AI score
Exploits0References6
EUVD
EUVD
added 9 hours ago6 views

EUVD-2026-41757

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...

6.5CVSS6.4AI score
Exploits0References6
EUVD
EUVD
added 9 hours ago7 views

EUVD-2026-41756

A security flaw has been discovered in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The affected element is the function Notescontroller::accessingdictionaryauthorization of the file application/PHP/objects/notes/accessingdictionaryauthorization.php. The manipulation of the...

7.5CVSS6.8AI score
Exploits0References6
CVE
CVE
added 9 hours ago4 views

CVE-2026-14750

The CVE-2026-14750 entry concerns mjperpinosa stumasy with a SQL injection in the function Notes_controller::accessing_dictionary_authorization (file application/PHP/objects/notes/accessing_dictionary_authorization.php). Manipulating the Password argument enables a remote attacker to leverage SQL...

7.5CVSS6.8AI score
Exploits0References6
OSV
OSV
added 2026/03/03 1:29 p.m.2 views

BIT-DISCOURSE-2026-26973 Discourse doesn't scope reviewable notes to user-visible reviewables

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.9AI score0.00152EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/26 7:19 p.m.6 views

EUVD-2026-8878

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 7:19 p.m.2 views

CVE-2026-26973

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.7AI score0.00152EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.7 views

Discourse 安全漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse before 2025.12.2, 2026.1.1, and 2026.2.0 contain security vulnerabilities. These vulnerabilities stem...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
Rows per page
Query Builder