GHSA-58rj-4cxx-rrhwHighCVSS 8.8

Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows...

Published
June 19, 2026
Last Modified
June 19, 2026

🔗 CVE IDs covered (1)

📋 Description

Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profile_pic parameter. Attackers can upload PHP files via POST requests to the employee view endpoint and execute them from the uploads directory to achieve remote code execution.

🔗 References (6)