Vulnerabilities (CVE)

Filtered by vendor Ollyo Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-48908 1 Ollyo 1 Sp Page Builder 2026-06-30 N/A 9.8 CRITICAL
A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.
CVE-2026-49049 1 Ollyo 1 Helix3 2026-06-30 N/A 7.5 HIGH
The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters.