17 matches found
CVE-2026-48906
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...
CVE-2026-48906
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...
CVE-2026-48906 Extension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework < 6.1.0 for Joomla
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...
EUVD-2026-32162
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...
CVE-2026-48906 Extension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework < 6.1.0 for Joomla
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...
CVE-2026-48906
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...
CVE-2026-48906
CVE-2026-48906 affects the Tassos Framework Plugin (Novarain/Tassos Framework) used with Joomla. The CVE records describe an arbitrary file deletion vulnerability in the plugin prior to version 6.1.0, enabling deletion of arbitrary files on affected sites. The CVSS analysis indicates remote acces...
PT-2026-43681
Name of the Vulnerable Software and Affected Versions Tassos Framework versions prior to 6.1.0 Description A flaw in the Tassos Framework Plugin enables users to perform arbitrary file deletion on affected sites. Arbitrary file deletion is a condition where an attacker can delete any file on the...
Tassos Framework Plugin 访问控制错误漏洞
The Tassos Framework Plugin is a Joomla extension and functionality enhancement framework developed by Tassos Marinos. The Tassos Framework Plugin has a security vulnerability related to access control, which allows users to delete any file on the affected site...
Novarain/Tassos Framework, , SQL Injection
allow SQL injection and unauthenticated file reads. Attackers can chain these issues for administrator takeover and remote code execution on unpatched systems. Affected extensions include Convert Forms, EngageBox, Google Structured Data, Advanced Custom Fields, and Smile Pack, all relying on the...
CVE-2026-21627
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...
CVE-2026-21627
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...
CVE-2026-21627 Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...
CVE-2026-21627
The CVE concerns the Tassos Framework plugin (Joomla) versions 4.10.14 through 6.0.37, where specific AJAX handling via Joomla com_ajax can invoke internal framework functionality without proper restrictions. This leads to a SQL injection and an unauthenticated file read, driven by how the plugin...
CVE-2026-21627 Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...
Tassos Framework 访问控制错误漏洞
Tassos Framework is a development framework created by Tassos Marinos. The Tassos Framework has a security vulnerability related to access control. This vulnerability arises from insufficient restrictions during the processing of certain AJAX requests, which may lead to improper invocation of...
PT-2026-21017
Name of the Vulnerable Software and Affected Versions Joomla affected versions not specified Description The issue stemmed from how the Tassos Framework plugin processed certain AJAX requests via Joomla’s com ajax entry point. In specific scenarios, internal framework functionality was accessible...