Unauthenticated Arbitrary File Upload Vulnerability in Balbooa Forms Extension for Joomla
CVE-2026-56291
10CRITICAL
What is CVE-2026-56291?
The Balbooa Forms extension for Joomla contains a vulnerability that allows unauthenticated users to upload arbitrary files, including executable files. This flaw can be exploited to achieve remote code execution (RCE), posing a significant security threat to sites leveraging this extension. It is essential for administrators to apply the latest security patches to mitigate potential risks associated with this vulnerability.
Affected Version(s)
balbooa.com Balbooa Forms extension for Joomla 1.0-2.4.0
