KEV Entry
CVE-2026-48908
Known Exploited Vulnerability Entry ENISA
Entry Details
Confirmed Exploited2026-07-06 00:00 UTC
Timestamps
2026-07-06
2026-07-06
Scope
Affected: JoomShaper / SP Page Builder extension for Joomla | Description: Critical vulnerability that allows unauthenticated users to upload arbitrary files. | CWEs: CWE-434 | Origin source: CERT-PL | Notes: https://www.joomshaper.com/forum/question/45152
References
- {'id': 'CVE-2026-48908', 'url': 'https://www.cve.org/CVERecord?id=CVE-2026-48908'}
- {'id': 'EUVD-2026-38110', 'url': 'https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-38110'}
- {'id': 'source', 'url': 'https://www.joomshaper.com/forum/question/45152'}
e8404667-a44c-44cd-9365-0f905f649868
ENISA
cce329bf-df49-4c6e-a027-80be2e6483bd
2026-07-06 12:00 UTC
2026-07-06 12:00 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| csirt_report | enisa-cnw-kev | successful_exploitation | 0.75 |
View details
|
- |