9 matches found
CVE-2026-48957
An improper access check allows unauthorized users to access comprivacy datasets...
CVE-2026-48957
CVE-2026-48957 affects Joomla! Core; the issue is an improper access control in the com_privacy webservice endpoints, enabling unauthorized users to access com_privacy datasets. Multiple sources (NVD entry and CVE records from CIRCL, CVE List, and Joomla security centre) describe the root cause a...
CVE-2026-48957 Joomla! Core - [20260711] - Incorrect Access Control in com_privacy webservice endpoints
An improper access check allows unauthorized users to access comprivacy datasets...
EUVD-2026-42064
An improper access check allows unauthorized users to access comprivacy datasets...
[20260711] - Core - Incorrect Access Control in com_privacy webservice endpoints
An improper access check allows unauthorized users to access comprivacy datasets...
Joomla! 跨站请求伪造漏洞
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site request forgery vulnerability exists in Joomla! 2.5.0 - 3.9.22. The...
PT-2020-17367 · Open Source Matters · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.22 Description: A missing token check in the emailexport feature of com privacy causes a CSRF issue. Recommendations: For Joomla! versions 2.5.0 through 3.9.22, update to a version that includes the fix for...
Joomla 2.5.x < 3.9.20 Multiple Vulnerabilities (5814-joomla-3-9-20)
According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.20. It is, therefore, affected by multiple vulnerabilities. - A missing token check in the ajaxinstall endpoint cominstaller causes a CSRF vulnerability. 20200701 - Missing...
PT-2020-14590 · Open Source Matters · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.9.19 and earlier Description: A missing token check in the remove request section of com privacy causes a CSRF issue. Recommendations: For versions 3.9.19 and earlier, update to a version that includes the fix for the missi...