A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.
| Vendor | Product | Versions |
|---|---|---|
| joomla | icagenda | 3.2.1-4.0.7 |
Updated severity to CRITICAL and marked the vulnerability as actively exploited.
Initial creation