Lucene search
K

7 matches found

CVE
CVE
added 4 days ago8 views

CVE-2026-48952

CVE-2026-48952 affects Joomla core, specifically the com_installer update list view. Root cause is lack of escaping, resulting in an XSS vulnerability. CVSS 4.0 base score 8.4 ( HIGH ) with network attack vector, low attack complexity, high impact to confidentiality and integrity, and low impact ...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 4 days ago7 views

CVE-2026-48952 Joomla! Core - [20260706] - XSS in com_installer

Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42070

Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2026/05/21 12:0 a.m.5 views

[20260706] - Core - XSS in com_installer

Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...

8.4CVSS5.9AI score0.00147EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.22 views

Joomla! 代码问题漏洞

Joomla! is a set of forum components used in the Joomla! content management system. A code issue vulnerability exists in Joomla! 2.5.0 - 3.9.27. The vulnerability stems from a hard-coded ACL check for superuser missing from the install operation in cominstaller, which can be exploited to execute...

7.5CVSS5.8AI score0.01209EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/07/07 12:0 a.m.6 views

PT-2021-16931 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.27 Description: An issue was discovered in the install action of com installer, where it lacks the required hardcoded ACL checks for superusers. However, a default system is not affected because the default...

7.5CVSS7.2AI score0.01209EPSS
Exploits0References6
CNVD
CNVD
added 2018/10/11 12:0 a.m.5 views

Cross-Site Request Forgery Vulnerability in Joomla!

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A cross-site request forgery vulnerability exists in cominstaller in Joomla! versions 2.5.0 through 3.8.12. A remote attacker can exploit this...

8.8CVSS8.6AI score0.0098EPSS
Exploits0References1
Rows per page
Query Builder