com_media
by Joomla
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-40384 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. | ||
| CVE-2009-1280 | 0.00 | — | 0.00 | Apr 9, 2009 | Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
- risk 0.49cvss 7.5epss 0.00
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
- CVE-2009-1280Apr 9, 2009risk 0.00cvss —epss 0.00
Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.