BIT-JOOMLA-2026-40384 Joomla! Core - [20260510] - Path traversal in com_media webservice endpoint

An improper validation of the search parameter of the commedia files API endpoint leads to a path traversal vulnerability...

CVE-2026-48904

An improper access check allows privelege escalation through the comusers group editing webservice endpoint...

CVE-2026-48904

An improper access check allows privelege escalation through the comusers group editing webservice endpoint...

EUVD-2026-31875

An improper access check allows privelege escalation through the comusers group editing webservice endpoint...

PT-2026-43322

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the 'com users group editing webservice' endpoint. Recommendations At the moment, there is no...

[20260514] - Core - Privilege escalation through com_users webservice endpoints

An improper access check allows privelege escalation through the comusers group editing webservice endpoint...

CVE-2026-21630 Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint

Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint...

PT-2026-29502

Name of the Vulnerable Software and Affected Versions versions not specified Description Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. The vulnerability exists due to a flaw in how order clauses are constructed, potentially allowing an...

The vulnerability of the Webservice API Endpoint component of the SAP Commerce Cloud platform allows a hacker to disclose protected information.

The vulnerability of the Webservice API Endpoint component of the SAP Commerce Cloud platform is related to the transmission of data in an open manner. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

CVE-2018-2666

Vulnerability in the Oracle Hospitality Labor Management component of Oracle Hospitality Applications subcomponent: Webservice Endpoint. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2018-2666

Vulnerability in the Oracle Hospitality Labor Management component of Oracle Hospitality Applications subcomponent: Webservice Endpoint. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2018-2666

CVE-2018-2666 affects the Oracle Hospitality Labor Management component of Oracle Hospitality Applications, specifically the Webservice Endpoint. Affected versions are 8.5.1 and 9.0.0. The vulnerability is exploitable over HTTP by a low-privileged attacker with network access, potentially leading...

CVE-2018-2666

Vulnerability in the Oracle Hospitality Labor Management component of Oracle Hospitality Applications subcomponent: Webservice Endpoint. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...