Vulnerabilities
Vulnerable Software
Balbooa:  Security Vulnerabilities
CVE-2026-56291
Known exploited
The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
CVSS Score
10.0
EPSS Score
0.008
Published
2026-07-09
The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Score
6.1
EPSS Score
0.335
Published
2018-06-14


Contact Us

Shodan ® - All rights reserved