PatchSiren

joomdonation.com CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Review joomdonation.com CVE published 2026-07-17

CVE-2026-60024

The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets. This CVE record was published on 2026-07-17T16:17:16.113Z and has not been modified since then. The vulnerability affects Joomla Events Booking extension, allowing unauthenticated users to upload media assets by default, potentially leading to malicious asset uploads.

Review joomdonation.com CVE published 2026-07-17

CVE-2026-58149

The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration, allowing attackers to retrieve account usernames and email addresses. This CVE was published on 2026-07-17T16:17:16.017Z. The vulnerability affects users of the Events Booking extension, and they should verify their installations and update to a patched version if available. The NVD entry for this CVE is currently De [truncated]