Lucene search
K

21 matches found

Cvelist
Cvelist
added yesterday10 views

CVE-2026-48958 Joomla! Core - [20260712] - Incorrect Access Control in com_fields webservice endpoints

An improper access check allows unauthorized users to create custom fields via webservices endpoints...

6.4CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-48958

CVE-2026-48958 affects Joomla! Core, specifically the com_fields webservice endpoints. The root cause is an improper access check, enabling unauthorized users to create custom fields via webservices endpoints. Documents confirm the vulnerability, its scope, and its impact, but do not specify any ...

6.4CVSS6AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2026/06/12 12:0 a.m.5 views

[20260711] - Core - Incorrect Access Control in com_privacy webservice endpoints

An improper access check allows unauthorized users to access comprivacy datasets...

6.4CVSS6AI score
Exploits0Affected Software1
OSV
OSV
added 2026/05/29 8:44 a.m.6 views

BIT-JOOMLA-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints

An improper access check allows unauthorized access to comconfig webservice endpoints...

9.8CVSS5.8AI score0.00348EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 8:47 a.m.10 views

BIT-JOOMLA-2026-48904 Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints

An improper access check allows privelege escalation through the comusers group editing webservice endpoint...

9.8CVSS5.8AI score0.00292EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 4:43 p.m.11 views

EUVD-2026-31877

An improper access check allows unauthorized access to comconfig webservice endpoints...

8.6CVSS5.8AI score0.00348EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:43 p.m.11 views

CVE-2026-35223

An improper access check allows unauthorized access to comconfig webservice endpoints...

8.6CVSS5.8AI score0.00348EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/26 4:43 p.m.33 views

CVE-2026-35223

CVE-2026-35223 affects Joomla! Core – com_config webservice endpoints. An improper access check enables unauthorized access, with critical/high impact per CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and high impact per CVSS 4.0 (AV:N/AC:L/PR:H/UI:N/VI:H/SC:N/SA:N/VA:H). Root cause: improper au...

9.8CVSS5.8AI score0.00348EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/04/10 8:49 a.m.2 views

BIT-JOOMLA-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints

An improper access check allows unauthorized access to webservice endpoints...

8.8CVSS5.8AI score0.00401EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 10:16 a.m.15 views

CVE-2026-23899

An improper access check allows unauthorized access to webservice endpoints...

8.8CVSS0.00401EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 9:3 a.m.33 views

CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints

An improper access check allows unauthorized access to webservice endpoints...

8.6CVSS0.00401EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/01 9:3 a.m.2 views

CVE-2026-23899

An improper access check allows unauthorized access to webservice endpoints...

8.6CVSS5.9AI score0.00401EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 9:3 a.m.1 views

CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints

An improper access check allows unauthorized access to webservice endpoints...

8.6CVSS5.9AI score0.00401EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 9:3 a.m.26 views

CVE-2026-23899

The CVE-2026-23899 entry concerns Joomla! Core with an improper access check in webservice endpoints that allows unauthorized access. Multiple connected sources confirm: a core vulnerability in Joomla! enables access to webservice endpoints by circumventing access checks (no user interaction requ...

8.8CVSS5.9AI score0.00401EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.12 views

Joomla 4.0.x < 5.4.4 / 6.0.x < 6.0.4 Joomla 6.0.4 & 5.4.4 Security & Bugfix Release (5944-joomla-6-0-4-5-4-4-security-bugfix-release)

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 5.4.4 or 6.0.x prior to 6.0.4. It is, therefore, affected by a vulnerability. - An improper access check allows unauthorized access to webservice endpoints. CVE-2026-23899 Note that...

8.8CVSS5.9AI score0.00401EPSS
Exploits0References8
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2026/03/09 12:0 a.m.16 views

[20260306] - Core - Improper access check in webservice endpoints

An improper access check allows unauthorized access to webservice endpoints...

8.8CVSS5.8AI score0.00401EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/04/03 2:15 p.m.13 views

BIT-JOOMLA-2023-23752 [20230201] - Core - Improper access check in webservice endpoints

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints...

5.3CVSS5.5AI score0.99827EPSS
Exploits43References3
CISA KEV Catalog
CISA KEV Catalog
added 2024/01/08 12:0 a.m.49 views

Joomla! Improper Access Control Vulnerability

Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints...

5.3CVSS7.1AI score0.99827EPSS
In wildExploits43
VulnCheck KEV
VulnCheck KEV
added 2023/03/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-23752

Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints...

5.3CVSS6.5AI score0.99827EPSS
Exploits43References1
NCSC
NCSC
added 2023/02/20 12:0 a.m.7 views

Vulnerability fixed in Joomla!

Joomla has fixed a vulnerability. An unauthenticated remote malicious person could exploit the vulnerability to gain access to vulnerable servers without prior authentication to gain access to vulnerable web endpoints. The consequential damage depends on the endpoint and could potentially lead to...

5.3CVSS7.8AI score0.99827EPSS
Exploits43
Rows per page
Query Builder