Back to Live Pulse
CriticalSp page builderUnrestricted Upload of File with Dangerous Type
CVE-2026-48908
Description
A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.
Proof of Concept (POC) Links
Explore how this vulnerability can be reproduced or exploited.