Skip to main content

Rsjoomla Com Rsfiles Extension For Joomla

1 CVEs product

Monthly

CVE-2026-57827 CRITICAL Act Now

Unauthenticated arbitrary file upload in the RSFiles download-manager extension for Joomla (by RSJoomla) lets remote attackers upload executable files (e.g. PHP web shells) and achieve full remote code execution on the hosting server. The CVSS 4.0 threat metrics flag exploitation as active (E:A) and automatable (AU:Y), and NVD/ADP assigns maximum urgency, but no CISA KEV listing was provided in this data. A vendor product page and a third-party technical writeup are referenced; standalone public exploit code was not confirmed in the supplied sources.

File Upload Rsjoomla Com Rsfiles Extension For Joomla
NVD VulDB
CVSS 4.0
10.0
EPSS
0.3%
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unauthenticated arbitrary file upload in the RSFiles download-manager extension for Joomla (by RSJoomla) lets remote attackers upload executable files (e.g. PHP web shells) and achieve full remote code execution on the hosting server. The CVSS 4.0 threat metrics flag exploitation as active (E:A) and automatable (AU:Y), and NVD/ADP assigns maximum urgency, but no CISA KEV listing was provided in this data. A vendor product page and a third-party technical writeup are referenced; standalone public exploit code was not confirmed in the supplied sources.

File Upload Rsjoomla Com Rsfiles Extension For Joomla
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy