Lucene search
+L

7 matches found

nvd
nvd
added 2026/06/25 4:16 p.m.11 views

CVE-2026-48945

The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...

5.3CVSS0.00197EPSS
Exploits0References1
nvd
nvd
added 2026/06/25 4:16 p.m.9 views

CVE-2026-48941

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

6.5CVSS0.00159EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/25 3:26 p.m.7 views

CVE-2026-48945 Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26

The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...

5.8AI score0.00197EPSS
Exploits0References1
cve
cve
added 2026/06/25 3:26 p.m.15 views

CVE-2026-48945

The CVE describes a vulnerability in the K2 Joomla extension (getk2.com) where the article gallery upload path accepts a zip/tar archive and extracts it to /media/k2/galleries//. The extractor renames image files (gif/jpg/jpeg/png/webp) to safe names, but non-image files (including .php) are extr...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2026/06/25 3:25 p.m.5 views

CVE-2026-48941 Joomla Extension - getk2.org - Unauthenticated folder delete in K2 extension for Joomla < 2.26

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

5.8AI score0.00159EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/25 3:25 p.m.7 views

CVE-2026-48941

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

6.5CVSS5.8AI score0.00159EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/25 3:25 p.m.35 views

CVE-2026-48941 Joomla Extension - getk2.org - Unauthenticated folder delete in K2 extension for Joomla < 2.26

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

0.00159EPSS
Exploits0References1
Rows per page
Query Builder