Security Risk Category
joomla Security Risks
Published vulnerability pages connected to joomla. One risk can appear in multiple categories while keeping one canonical page.
joomla risks
Showing 2 of 2 published risks.
critical
Balbooa Forms Joomla Extension Arbitrary File Upload RCE Vulnerability
The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
CVE-2026-56291joomlabalbooa-formsfile-uploadrce
Updated Jul 10, 2026
critical
AcyMailing Joomla Component SQL Injection Vulnerability
A SQLi vulnerability in AcyMailing component < 10.11.1 for Joomla was discovered. Exploiting this flaw can lead to unauthorized database access and data leakage.
CVE-2026-56292joomlaphpacymailingsql-injection
Updated Jul 10, 2026
