27 matches found
Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution
The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-48907link is external Widget Factory Joomla Content Editor Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for...
Widget Factory Joomla Content Editor Improper Access Control Vulnerability
Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users...
Exploit for CVE-2026-48907
🚨 CVE-2026-48907 - JCE Joomla Content Editor Unauthenticated...
CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...
CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...
EUVD-2006-6403
Malware in sbrugna...
EUVD-2006-6149
Malware in sbrugna...
EUVD-2012-2881
Malware in sbrugna...
EUVD-2012-2882
Malware in sbrugna...
Joomla Content Editor Com_JCE Component Information Disclosure Vulnerability
Joomla is an open source content management system CMS. An information disclosure vulnerability exists in the Joomla Content Editor ComJCE component. An attacker can exploit the vulnerability to obtain database backup information...
Joomla Content Editor Malicious User Agent Code Execution
Joomla Content Editor JCE is an extension for Joomla which provides a set of web content editing tools. An attacker may use a malicious user agent to compromise security on systems with JCE installed...
Joomla, WordPress Sites Hit by IFrame Injection Attacks
Users of the popular Joomla content management system are being urged by security experts to upgrade to the latest version after reports of exploits being used to compromise websites built on the platform. The SANS Internet Storm Center received numerous reports that Joomla sites, as well as...
CVE-2012-2901
Cross-site scripting XSS vulnerability in the Profile List in the Joomla Content Editor JCE component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php...
Unrestricted file upload
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor JCE component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as...
Cross site scripting
Cross-site scripting XSS vulnerability in the Profile List in the Joomla Content Editor JCE component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php...
CVE-2012-2902
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor JCE component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as...
CVE-2012-2902
CVE-2012-2902 : Unrestricted file upload in Joomla! Content Editor (JCE) for Joomla! before 2.1. The flaw is in editor/extensions/browser/file.php where, if chunking is enabled (>0), an attacker can upload a PHP file with a double extension (e.g., .jpg.pht) to execute arbitrary code. Affected:...
JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities
Exploit for php platform in category web applications www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension =2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 Image Manager 1.5.7.13, Media Manager 1.5.6.3,...
joomlacontenteditor (com_jce) BLIND sql injection vulnerability
=================================================================== joomlacontenteditor comjce BLIND sql injection vulnerability =================================================================== Software: joomlacontenteditor comjce Vendor: www.joomlacontenteditor.net Vuln Type: BLind SQL...