Vulnerabilities (CVE)

Filtered by vendor Phoca Subscribe
Filtered by product Download
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-57828 1 Phoca 1 Download 2026-07-14 N/A 8.8 HIGH
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE.