CVE-2026-40384

An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...

CVE-2026-40384 Joomla! Core - [20260510] - Path traversal in com_media webservice endpoint

An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...

EUVD-2026-31885

An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...

CVE-2026-40384 Joomla! Core - [20260510] - Path traversal in com_media webservice endpoint

An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...

Joomla! CMS 路径遍历漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a path traversal vulnerability, which stems from improper validation of search parameters in the commedia file API endpoints, potentially leading to path traversal attacks...

PT-2022-16273 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla, allowing a possible XSS attack vector through SVG embedding in com media. Recommendations: For Joomla! versions 4.0.0 through 4.1.0, consider disabling the S...

PT-2021-16932 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.9.27 Description: An issue was discovered in the imagelist view of com media, where inadequate escaping leads to a XSS vulnerability. Recommendations: For versions 3.0.0 through 3.9.27, update to a version tha...

Joomla com_media component upload vulnerability

Joomla is an open source content management system CMS. An upload vulnerability exists in the Joomla commedia component, which can be exploited by an attacker to upload malicious files to the server and gain server privileges...