Vulnerability in Icagenda.com Icagenda Extension For Joomla
CVE-2026-48939
A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.
Affected products
- Icagenda.com Icagenda Extension For Joomla — versions 1.0.0-3.9.14, 4.0.0-4.0.7
Weakness classification (CWE)
References
- security@joomla.org (product)