Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution

The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...

10CVSS6.3AI score0.80425EPSS
Exploits18References3
CISA
CISA
added 2026/06/16 12:0 p.m.6 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-48907link is external Widget Factory Joomla Content Editor Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for...

10CVSS5.5AI score0.80425EPSS
In wildExploits18References7
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/16 12:0 a.m.16 views

Widget Factory Joomla Content Editor Improper Access Control Vulnerability

Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users...

10CVSS5.6AI score0.80425EPSS
In wildExploits18
GithubExploit
GithubExploit
added 2026/06/12 9:22 a.m.118 views

Exploit for CVE-2026-48907

🚨 CVE-2026-48907 - JCE Joomla Content Editor Unauthenticated...

10CVSS6AI score0.80425EPSS
Exploits18
Vulnrichment
Vulnrichment
added 2026/06/05 7:31 a.m.14 views

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.80425EPSS
Exploits18References1
Cvelist
Cvelist
added 2026/06/05 7:31 a.m.53 views

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS0.80425EPSS
Exploits18References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-6403

Malware in sbrugna...

6.8CVSS6.4AI score0.01146EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-6149

Malware in sbrugna...

6.8CVSS6.4AI score0.01191EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2881

Malware in sbrugna...

4.3CVSS6.4AI score0.01161EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2882

Malware in sbrugna...

6CVSS6.4AI score0.0101EPSS
Exploits0References8
CNVD
CNVD
added 2018/12/06 12:0 a.m.2 views

Joomla Content Editor Com_JCE Component Information Disclosure Vulnerability

Joomla is an open source content management system CMS. An information disclosure vulnerability exists in the Joomla Content Editor ComJCE component. An attacker can exploit the vulnerability to obtain database backup information...

6.3AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2013/10/13 12:0 a.m.2 views

Joomla Content Editor Malicious User Agent Code Execution

Joomla Content Editor JCE is an extension for Joomla which provides a set of web content editing tools. An attacker may use a malicious user agent to compromise security on systems with JCE installed...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2012/12/12 9:31 p.m.6 views

Joomla, WordPress Sites Hit by IFrame Injection Attacks

Users of the popular Joomla content management system are being urged by security experts to upgrade to the latest version after reports of exploits being used to compromise websites built on the platform. The SANS Internet Storm Center received numerous reports that Joomla sites, as well as...

0.5AI score
Exploits0References3
NVD
NVD
added 2012/05/21 6:55 p.m.12 views

CVE-2012-2901

Cross-site scripting XSS vulnerability in the Profile List in the Joomla Content Editor JCE component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php...

4.3CVSS5.7AI score0.01161EPSS
Exploits0References5
Prion
Prion
added 2012/05/21 6:55 p.m.14 views

Unrestricted file upload

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor JCE component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as...

6CVSS8.1AI score0.0101EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2012/05/21 6:55 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Profile List in the Joomla Content Editor JCE component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php...

4.3CVSS6.2AI score0.01161EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/05/21 6:0 p.m.20 views

CVE-2012-2902

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor JCE component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as...

7.6AI score0.0101EPSS
Exploits0References6
CVE
CVE
added 2012/05/21 6:0 p.m.50 views

CVE-2012-2902

CVE-2012-2902 : Unrestricted file upload in Joomla! Content Editor (JCE) for Joomla! before 2.1. The flaw is in editor/extensions/browser/file.php where, if chunking is enabled (&gt;0), an attacker can upload a PHP file with a double extension (e.g., .jpg.pht) to execute arbitrary code. Affected:...

6CVSS7.8AI score0.0101EPSS
Exploits0References6Affected Software1
0day.today
0day.today
added 2011/08/28 12:0 a.m.24 views

JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities

Exploit for php platform in category web applications www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension =2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 Image Manager 1.5.7.13, Media Manager 1.5.6.3,...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.91 views

joomlacontenteditor &#40;com_jce&#41; BLIND sql injection vulnerability

=================================================================== joomlacontenteditor comjce BLIND sql injection vulnerability =================================================================== Software: joomlacontenteditor comjce Vendor: www.joomlacontenteditor.net Vuln Type: BLind SQL...

8AI score
Exploits0
Rows per page
Query Builder