Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/04/10 8:49 a.m.1 views

BIT-JOOMLA-2026-21629 Joomla! Core - [20260301] - ACL hardening in com_ajax

The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...

7.3CVSS5.8AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/01 9:3 a.m.24 views

CVE-2026-21629 Joomla! Core - [20260301] - ACL hardening in com_ajax

The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...

6.3CVSS0.00249EPSS
Exploits0References1
CVE
CVEadded 2026/04/01 9:3 a.m.29 views

CVE-2026-21629

CVE-2026-21629 concerns Joomla! Core: the admin-area ajax component (com_ajax) was excluded from the default logged-in-user access check, creating an access-control vulnerability. Multiple sources describe this as ACL-related hardening in com_ajax, with the issue tracked across CVE listings and O...

7.3CVSS5.8AI score0.00249EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2026/02/20 3:20 p.m.9 views

CVE-2026-21627

The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...

9.5CVSS0.00397EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/02/20 2:22 p.m.28 views

CVE-2026-21627 Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla

The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...

9.5CVSS0.00397EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/02/20 2:22 p.m.9 views

CVE-2026-21627 Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla

The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...

9.5CVSS5.5AI score0.00397EPSS
Exploits1References1
CVE
CVEadded 2026/02/20 2:22 p.m.42 views

CVE-2026-21627

The CVE concerns the Tassos Framework plugin (Joomla) versions 4.10.14 through 6.0.37, where specific AJAX handling via Joomla com_ajax can invoke internal framework functionality without proper restrictions. This leads to a SQL injection and an unauthenticated file read, driven by how the plugin...

9.5CVSS5.5AI score0.00397EPSS
Exploits1References1
0day.today
0day.todayadded 2018/10/28 12:0 a.m.273 views

Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability

Exploit for php platform in category web applications Exploit Title : Joomla ComAjax Component Jsnextfw Plugin JformArticle Incorrect Default Permission Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/10/2018 Vendor Homepage : joomla.org Tested On...

0.1AI score
Exploits0
Rows per page
Query Builder