NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-48908

Summary	A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.
Publication Date	June 20, 2026, 10:16 p.m.
Registration Date	June 27, 2026, 4:07 a.m.
Last Update	June 25, 2026, 4:17 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.joomshaper.com/page-builder	security@joomla.org
2	https://mysites.guru/blog/sp-page-builder-zero-day-uploadcustomicon-rce/	134c704f-9b21-4f2e-91b3-4a467353bcc0
3	https://www.joomshaper.com/forum/question/45152	134c704f-9b21-4f2e-91b3-4a467353bcc0

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-284	不適切なアクセス制御	https://cwe.mitre.org/data/definitions/284.html