PoC Archive PoC Archive

tag

Access-Control

High
MyBB 1.8.40 Limited Admin CP User-Manager to Full Administrator Privilege Escalation
None assigned as of 2026-07-03 (see Notes — CVE-2026-45115 identifies a separate, already-patched MyBB issue)· MyBB forum software, Admin CP add-user flow unpatched
Critical
Unauthenticated RCE in Joomla Content Editor (JCE) Profile Import (CVE-2026-48907)
CVE-2026-48907· Joomla Content Editor (JCE) extension by Widget Factory unpatched
Critical
SP Page Builder (Joomla) Unauthenticated File Upload RCE (CVE-2026-48908)
CVE-2026-48908· SP Page Builder extension for Joomla (joomshaper.net) patched