CVE-2026-57828
Joomla Extension - phoca.cz - Authenticated file upload in RSFiles component < 6.1.3
CVSS Score
0.0
EPSS Score
0.3%
EPSS Percentile
17th
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE.
| CWE | CWE-434 |
| Vendor | phoca.cz |
| Product | phoca.cz phoca download extension for joomla |
| Published | Jul 11, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for phoca.cz phoca.cz phoca download extension for joomla
Be the first to know when new unknown vulnerabilities affecting phoca.cz phoca.cz phoca download extension for joomla are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
phoca.cz / phoca.cz Phoca Download extension for Joomla
1.0-6.1.2
References
Credits
Phil Taylor