CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Joomla! Vulnerable Extensions List•added 2025/10/19 4:42 p.m.•7 views

Phoca commander

Name: Phoca Company: - Email: [email protected] Extension: Phoca Commander Version: Old 4.0.0, 5.0.1 / New 4.0.2, 5.0.3 Update details: No access for unzip feature as default Update URL: https://github.com/PhocaCz/PhocaCommander/releases/tag/5.0.2 Changelog URL: Download URL:...

7AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2025-25021

Malicious code in bioql PyPI...

9.2CVSS6.6AI score0.00743EPSS

Exploits0References1

RedhatCVE•added 2025/08/17 12:27 p.m.•7 views

CVE-2025-54473

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature...

9.2CVSS7.7AI score0.00743EPSS

Exploits0References1

Joomla! Vulnerable Extensions List•added 2025/08/16 10:35 p.m.•6 views

phoc commander, varios,

Update to latest secure version https://www.phoca.cz/news/1384-phoca-commander-version-5-0-2-and-4-0-1-released...

7.2AI score

Exploits0References1Affected Software1

NVD•added 2025/08/15 12:15 p.m.•3 views

CVE-2025-54473

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature...

9.2CVSS0.00743EPSS

Exploits0References1

Vulnrichment•added 2025/08/15 11:54 a.m.•5 views

CVE-2025-54473 Extension - phoca.cz - Authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature...

9.2CVSS7.6AI score0.00743EPSS

Exploits0References1

CVE•added 2025/08/15 11:54 a.m.•17 views

CVE-2025-54473

CVE-2025-54473 is an authenticated remote code execution flaw in Phoca Commander for Joomla, affecting versions 1.0.0–4.0.0 and 5.0.0–5.0.1. The issue arises from the unzip feature, enabling code execution after authentication. The CVSSv4 base score is 9.2 (CRITICAL) with high impact to confident...

9.2CVSS7.6AI score0.00743EPSS

Exploits0References1

Cvelist•added 2025/08/15 11:54 a.m.•7 views

CVE-2025-54473 Extension - phoca.cz - Authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature...

9.2CVSS0.00743EPSS

Exploits0References1

Positive Technologies•added 2025/08/15 12:0 a.m.•4 views

PT-2025-33480 · Unknown · Phoca Commander

Name of the Vulnerable Software and Affected Versions: Phoca Commander versions 1.0.0 through 4.0.0 Phoca Commander versions 5.0.0 through 5.0.1 Description: An authenticated remote code execution issue exists in Phoca Commander for Joomla. The issue allows code execution via the unzip feature...

9.2CVSS7.2AI score0.00743EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by