Lucene search
+L

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.12 views

Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution

The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...

10CVSS6.3AI score0.80425EPSS
Exploits19References3
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/16 12:0 a.m.17 views

Widget Factory Joomla Content Editor Improper Access Control Vulnerability

Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users...

10CVSS5.6AI score0.80425EPSS
In wildExploits19
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 p.m.21 views

CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.5AI score0.80425EPSS
Exploits19References1
CVE
CVE
added 2026/06/05 7:31 a.m.432 views

CVE-2026-48907

CVE-2026-48907 — Joomla JCE extension unauthenticated RCE is a vulnerability in the Joomla Content Editor (JCE) that allows unauthenticated users to create editor profiles and upload PHP payloads, enabling remote code execution. Technical details across documents show an unrestricted file upload ...

10CVSS5.6AI score0.80425EPSS
In wildExploits19References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:31 a.m.18 views

CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.80425EPSS
Exploits19References2Affected Software1
Cvelist
Cvelist
added 2026/06/05 7:31 a.m.82 views

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS0.80425EPSS
Exploits19References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.16 views

joomlacontenteditor.net Joomla Content Editor (JCE) extension for Joomla 权限许可和访问控制问题漏洞

JCE Joomla Component is an editor component used within the Joomla content management system. The JCE Joomla Component has a security vulnerability related to access control. This vulnerability stems from allowing unauthenticated users to create new editor profiles, ultimately leading to the uplo...

10CVSS7.7AI score0.80425EPSS
Exploits19References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.33 views

PT-2026-46908

Name of the Vulnerable Software and Affected Versions Widget Factory Joomla Content Editor JCE versions 1.0.0 through 2.9.99.4 Description An improper access control issue in the JCE editor extension for Joomla allows unauthenticated users to create new editor profiles. This flaw enables the uplo...

10CVSS7.2AI score0.80425EPSS
Exploits19References109
Rows per page
Query Builder