Back to overview

CVE-2026-60024

Description
The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets.

Metadata

CVE ID
CVE-2026-60024
State
PUBLISHED
Assigner
Joomla
Reserved
2026-07-08 05:31 UTC
Published
2026-07-17 15:47 UTC
Last updated
2026-07-17 15:47 UTC
Primary CWE
CWE-1188
CWE-1188: Initialization of a Resource with an Insecure Defa…
Vendor / Product
joomdonation.com / Events Booking extension for Joomla
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (1)
VendorProductPlatformVersions
joomdonation.com Events Booking extension for Joomla 1.0-5.8.0
Weakness (CWE)
CWESourceDescription
CWE-1188 cna CWE-1188: Initialization of a Resource with an Insecure Default
Back to overview