Lucene search
K

189 matches found

CVE
CVE
added last week9 views

CVE-2026-48952

CVE-2026-48952 affects Joomla core, specifically the com_installer update list view. Root cause is lack of escaping, resulting in an XSS vulnerability. CVSS 4.0 base score 8.4 ( HIGH ) with network attack vector, low attack complexity, high impact to confidentiality and integrity, and low impact ...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added last week37 views

CVE-2026-48952 Joomla! Core - [20260706] - XSS in com_installer

Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...

8.4CVSS0.00147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added last week9 views

CVE-2026-48952 Joomla! Core - [20260706] - XSS in com_installer

Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1
CVE
CVE
added last week19 views

CVE-2026-48947

Technical details (affected products, exact vulnerable component, exploit methods, and fixes) are not disclosed in the provided documents. Monitor for updates.

6.4CVSS6AI score0.00197EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added last week6 views

CVE-2026-48947 Joomla! Core - [20260701] - Incorrect Access Control in com_media webservice endpoints

An improper access check allows privileged users to overwrite media files without editing permissions...

6.4CVSS6AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added last week33 views

CVE-2026-48947 Joomla! Core - [20260701] - Incorrect Access Control in com_media webservice endpoints

An improper access check allows privileged users to overwrite media files without editing permissions...

6.4CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added last week17 views

CVE-2026-48958

In Joomla! Core, the CVE-2026-48958 issue is due to improper access control in the com_fields webservice endpoints, enabling unauthorized users to create custom fields via web services. Affected versions include Joomla! 4.0.x (before 5.4.7) and 6.0.x (before 6.1.2). The underlying impact is eleva...

8.8CVSS6AI score0.00262EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added last week7 views

CVE-2026-48958 Joomla! Core - [20260712] - Incorrect Access Control in com_fields webservice endpoints

An improper access check allows unauthorized users to create custom fields via webservices endpoints...

6.4CVSS6AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added last week35 views

CVE-2026-48958 Joomla! Core - [20260712] - Incorrect Access Control in com_fields webservice endpoints

An improper access check allows unauthorized users to create custom fields via webservices endpoints...

6.4CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added last week10 views

CVE-2026-48950

CVE-2026-48950 affects Joomla! Core via the file management view in com_templates. The root cause is lack of escaping, enabling an XSS vulnerability. Multiple sources (NVD, CVE lists, and Joomla security advisory) confirm an XSS in the core component with the vulnerable entry labeled for core/com...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added last week6 views

CVE-2026-48950 Joomla! Core - [20260704] - XSS in com_templates

Lack of escaping leads to an XSS vulnerability in the file management view of comtemplates...

8.4CVSS5.9AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added last week34 views

CVE-2026-48950 Joomla! Core - [20260704] - XSS in com_templates

Lack of escaping leads to an XSS vulnerability in the file management view of comtemplates...

8.4CVSS0.00147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added last week6 views

CVE-2026-48955 Joomla! Core - [20260709] - Incorrect Access Control in com_workflow

An improper access check allows unauthorized users to access workflow stage and transition information...

6.4CVSS6AI score0.00208EPSS
Exploits0References1
CVE
CVE
added last week9 views

CVE-2026-48955

The CVE concerns Joomla! Core, specifically the com_workflow component. Affected: Joomla core workflows. Root cause: improper access check allows unauthorized users to access workflow stage and transition information. Impact: disclosure of workflow stage/transition details due to weak access cont...

6.5CVSS6AI score0.00208EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added last week35 views

CVE-2026-48955 Joomla! Core - [20260709] - Incorrect Access Control in com_workflow

An improper access check allows unauthorized users to access workflow stage and transition information...

6.4CVSS0.00208EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added last week7 views

CVE-2026-48956 Joomla! Core - [20260710] - Incorrect Access Control in com_modules

An improper access check allows users to display a list of modules in the frontend...

6.4CVSS6AI score0.00168EPSS
Exploits0References1
CVE
CVE
added last week9 views

CVE-2026-48956

CVE-2026-48956 affects Joomla! Core (com_modules). Affected component: com_modules in Joomla! Core with an improper access check that allows authenticated users to display the list of modules in the frontend. Root cause: incorrect access control in the frontend module listing. Impact: potential e...

6.4CVSS6AI score0.00168EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added last week35 views

CVE-2026-48956 Joomla! Core - [20260710] - Incorrect Access Control in com_modules

An improper access check allows users to display a list of modules in the frontend...

6.4CVSS0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added last week7 views

CVE-2026-48957 Joomla! Core - [20260711] - Incorrect Access Control in com_privacy webservice endpoints

An improper access check allows unauthorized users to access comprivacy datasets...

6.4CVSS6AI score0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added last week34 views

CVE-2026-48957 Joomla! Core - [20260711] - Incorrect Access Control in com_privacy webservice endpoints

An improper access check allows unauthorized users to access comprivacy datasets...

6.4CVSS0.0024EPSS
Exploits0References1
Rows per page
Query Builder