๐Ÿ” CVE Alert

CVE-2026-57827

UNKNOWN 0.0

Joomla Extension - rsjoomla.com - Unauthenticated file upload in RSFiles component < 1.17.12

CVSS Score
0.0
EPSS Score
0.3%
EPSS Percentile
21th

The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

CWE CWE-434
Vendor rsjoomla.com
Product rsjoomla.com rsfiles extension for joomla
Published Jul 11, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for rsjoomla.com rsjoomla.com rsfiles extension for joomla

Be the first to know when new unknown vulnerabilities affecting rsjoomla.com rsjoomla.com rsfiles extension for joomla are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

rsjoomla.com / rsjoomla.com RSFiles extension for Joomla
1.0-1.17.11

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
rsjoomla.com: https://www.rsjoomla.com/joomla-extensions/joomla-download-manager.html mysites.guru: https://mysites.guru/blog/rsfiles-unauthenticated-file-upload-rce/

Credits

Phil Taylor