20 matches found
CVE-2026-60025
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection...
CVE-2026-60024
The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets...
CVE-2026-58149
The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses...
CVE-2026-60024 Joomla Extension - joomdonation.com - Insecure default configuration Events Booking < 5.8.0
The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets...
CVE-2026-60024
The CVE pertains to the Joomla extension Events Booking, where prior versions up to 5.8.0 allow unauthenticated users to upload media assets by default. The affected component is the Events Booking plugin for Joomla (joomdonation.com). The root cause is an insecure default configuration that perm...
EUVD-2026-45184
The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets...
CVE-2026-58149 Joomla Extension - joomdonation.com - User enumeration in Events Booking < 5.8.0
The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses...
EUVD-2026-45200
The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses...
CVE-2026-58149
Joomla extension Events Booking (joomdonation.com) is affected by CVE-2026-58149: unauthenticated user enumeration that can reveal usernames and email addresses. Affected versions are
CVE-2026-60025 Joomla Extension - joomdonation.com - User enumeration in Events Booking < 5.8.0
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection...
EUVD-2026-45198
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection...
CVE-2026-60025
CVE-2026-60025 affects the Joomla extension Events Booking prior to version 5.8.0. The frontend file upload endpoint is reported to lack CSRF protection, which in the accompanying CVE listing is described as enabling user enumeration in Events Booking
PT-2026-60786
The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets...
PT-2026-60785
The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses...
PT-2026-60787
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection...
Events Booking, versions before 2.1.1
Joomdonation extensions, Information Disclosure Events Booking versions before 2.1.1 Resolution: update to 2.1.1 Update notice URL: http://joomdonation.com/forum/events-booking-general-discussion/50511-events-booking-version-2-1-1-released.html...
Events Booking, 1.6.7 and lower, (module: Search Events)
Events Booking 1.6.7 =Vulnerability: XSS Cross Site Scripting Extension Update Details This issue only affect the search module Search Events which comes with Events Booking. We released version 1.6.8 to address this issue...
Joomseller "Events Booking Pro" and "JSE Event" reflected XSS
---------------------------------------------------------------------------------------------- Joomseller "Events Booking Pro" and "JSE Event" reflected XSS ---------------------------------------------------------------------------------------------- + Software Link:...
Joomla Joomseller Events Booking Pro 'info' Parameter XSS Vulnerability
Joomla Joomseller Event Booking Pro plugin is prone to xss vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Joomseller Events Booking Pro / JSE Event Cross Site Scripting
---------------------------------------------------------------------------------------------- Joomseller "Events Booking Pro" and "JSE Event" reflected XSS ---------------------------------------------------------------------------------------------- + Software Link:...