Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution

The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-48907link is external Widget Factory Joomla Content Editor Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for...

Exploit for CVE-2026-48907

🚨 CVE-2026-48907 - JCE Joomla Content Editor Unauthenticated...

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

Joomla! CMS 授权问题漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has authorization-related vulnerabilities, which stem from insufficient state checks, allowing bypasses of 2FA authentication...

Joomla! CMS SQL注入漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a SQL injection vulnerability, which stems from improper validation of sorting clauses. This vulnerability may lead to SQL injections within com tags...

Joomla! CMS 安全漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has security vulnerabilities, which stem from the lack of input validation. This vulnerability may lead to the deletion of any file in the automatic update server mechanism...

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. There is an access control vulnerability in the Joomla! CMS. This vulnerability arises from the fact that the ajax component in the administration area is excluded from the default login user checks, whi...

Joomla! CMS 跨站脚本漏洞

Joomla! CMS is an open source content management system for Joomla! A cross-site scripting vulnerability exists in Joomla! CMS that stems from insufficient output escaping, which could lead to cross-site scripting attack vectors in the pagebreak plugin...

EUVD-2012-2881

Malware in sbrugna...

EUVD-2006-6403

Malware in sbrugna...

EUVD-2006-6149

Malware in sbrugna...

EUVD-2012-2882

Malware in sbrugna...

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...

Auction Factory SQL Injection Vulnerability

Joomla! is a U.S. Open Source Matters team using PHP and MySQL development of a set of open source , cross-platform content management system CMS. Auction Factory is used in one of the auction component . An SQL injection vulnerability exists in Joomla! The vulnerability stems from a lack of...

Joomla Content Editor Com_JCE Component Information Disclosure Vulnerability

Joomla is an open source content management system CMS. An information disclosure vulnerability exists in the Joomla Content Editor ComJCE component. An attacker can exploit the vulnerability to obtain database backup information...

My Projects SQL Injection Vulnerability

Joomla! is an open source Content Management System CMS developed by the OpenSourceMatters team in the U.S. The system offers RSS feeds, site search, and more.My Projects is one of those simple components that allows you to display your work on your website. A SQL injection vulnerability exists i...

Joomla YouBumpit 2.0 SQL Injection

Title: Joomla YouBumpit Extension 2.0 SQL Injection Credit: Bilal KARDADOU Vendor: http://www.youjoomla.com URL: http://extensions.youjoomla.info/youbumpit-extension.html Product: 'Joomla YouBumpit Extension 2.0' Extension type: Plugin Compatibility: J1.5 J1.7 J2.5 J3.X Google Dork:...

Joomla 3.7.5 LDAP Injection Vulnerability

Exploit for php platform in category web applications With over 84 million downloads, Joomla! is one of the most popular content management systems in the World Wide Web. It powers about 3.3% of all websites’ content and articles. Our code analysis solution RIPS detected a previously unknown LDAP...