53 matches found
CVE-2026-48956
An improper access check allows users to display a list of modules in the frontend...
CVE-2026-48955
An improper access check allows unauthorized users to access workflow stage and transition information...
CVE-2026-48957
An improper access check allows unauthorized users to access comprivacy datasets...
CVE-2026-48948
An improper access check allows user to download vcard exports of comcontact contacts that are inaccessible...
CVE-2026-48947
An improper access check allows privileged users to overwrite media files without editing permissions...
EUVD-2026-42069
An improper access check allows privileged users to overwrite media files without editing permissions...
EUVD-2026-42068
An improper access check allows unauthorized users to create custom fields via webservices endpoints...
CVE-2026-48955
An improper access check allows unauthorized users to access workflow stage and transition information...
CVE-2026-48955 Joomla! Core - [20260709] - Incorrect Access Control in com_workflow
An improper access check allows unauthorized users to access workflow stage and transition information...
CVE-2026-48956
An improper access check allows users to display a list of modules in the frontend...
EUVD-2026-42065
An improper access check allows users to display a list of modules in the frontend...
CVE-2026-48957
An improper access check allows unauthorized users to access comprivacy datasets...
EUVD-2026-42064
An improper access check allows unauthorized users to access comprivacy datasets...
EUVD-2026-42061
An improper access check allows user to download vcard exports of comcontact contacts that are inaccessible...
PT-2026-56220
Name of the Vulnerable Software and Affected Versions Joomla! Core affected versions not specified Description An improper access check in the com media webservice endpoints allows privileged users to overwrite media files even if they lack the necessary editing permissions. Recommendations At th...
PT-2026-56231
Name of the Vulnerable Software and Affected Versions Joomla! Core affected versions not specified Description An improper access check allows unauthorized users to create custom fields through webservices endpoints. This issue occurs within the com fields component. Recommendations At the moment...
PT-2026-56221
Name of the Vulnerable Software and Affected Versions Joomla! Core affected versions not specified Description An improper access check in the com contact component allows a user to download vCard exports of contacts that should be inaccessible. Recommendations At the moment, there is no...
PT-2026-56228
Name of the Vulnerable Software and Affected Versions Joomla! Core affected versions not specified Description An improper access check allows unauthorized users to access workflow stage and transition information within the com workflow component. Recommendations At the moment, there is no...
PT-2026-56229
Name of the Vulnerable Software and Affected Versions Joomla! CMS versions 4.0.0 through 5.4.6 Joomla! CMS versions 6.0.0 through 6.1.1 Description Improper access control in the com modules component allows users to display a list of modules in the frontend that they should not be able to see...
Joomla! Webservice - Password Disclosure
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. id: CVE-2023-23752 info: name: Joomla! Webservice - Password Disclosure author: badboycxcc,Sascha Brendel severity: medium description: | An issue was discovered in...