43 matches found
CVE-2026-48947
An improper access check allows privileged users to overwrite media files without editing permissions...
EUVD-2026-42069
An improper access check allows privileged users to overwrite media files without editing permissions...
EUVD-2026-42068
An improper access check allows unauthorized users to create custom fields via webservices endpoints...
CVE-2026-48955
An improper access check allows unauthorized users to access workflow stage and transition information...
CVE-2026-48955 Joomla! Core - [20260709] - Incorrect Access Control in com_workflow
An improper access check allows unauthorized users to access workflow stage and transition information...
EUVD-2026-42065
An improper access check allows users to display a list of modules in the frontend...
CVE-2026-48956
An improper access check allows users to display a list of modules in the frontend...
CVE-2026-48957
An improper access check allows unauthorized users to access comprivacy datasets...
EUVD-2026-42064
An improper access check allows unauthorized users to access comprivacy datasets...
EUVD-2026-42061
An improper access check allows user to download vcard exports of comcontact contacts that are inaccessible...
Joomla! Webservice - Password Disclosure
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. id: CVE-2023-23752 info: name: Joomla! Webservice - Password Disclosure author: badboycxcc,Sascha Brendel severity: medium description: | An issue was discovered in...
CVE-2026-41649
Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...
CVE-2026-48898
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-35223
An improper access check allows unauthorized access to comconfig webservice endpoints...
CVE-2026-48899
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-35223
An improper access check allows unauthorized access to comconfig webservice endpoints...
CVE-2026-48899
An improper access check allows privilege escalation through the comusers batch task...
EUVD-2026-31880
An improper access check allows privilege escalation through the comusers batch task...
EUVD-2026-31879
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...
CVE-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
An improper access check allows unauthorized access to comconfig webservice endpoints...