2 matches found
CVE-2026-57828
The CVE-2026-57828 entry concerns the Joomla extension Phoca Downloads (Phoca.cz) with an authenticated arbitrary file upload vulnerability in the RSFiles component prior to 6.1.3. The issue allows registered users to upload executable files, enabling full remote code execution (RCE). The provide...
EUVD-2026-43167
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...