Joomlack Fr Page Builder Ck Extension For Joomla
Monthly
Unauthenticated arbitrary file upload in the Joomlack Page Builder CK extension for Joomla allows remote attackers to upload executable (PHP) files and achieve full remote code execution on the host. Any Joomla site running this extension is exposed to complete compromise without credentials. No public exploit identified at time of analysis, though the CVSS 4.0 threat metric (E:A) supplied by the scoring source signals observed exploitation activity, and the maximum 10.0 score plus AU:Y (automatable) indicate this is highly attractive for mass scanning.
Unauthenticated arbitrary file upload in the Joomlack Page Builder CK extension for Joomla allows remote attackers to upload executable (PHP) files and achieve full remote code execution on the host. Any Joomla site running this extension is exposed to complete compromise without credentials. No public exploit identified at time of analysis, though the CVSS 4.0 threat metric (E:A) supplied by the scoring source signals observed exploitation activity, and the maximum 10.0 score plus AU:Y (automatable) indicate this is highly attractive for mass scanning.