Back to Live Pulse
Critical
Sp page builder
Unrestricted Upload of File with Dangerous Type

CVE-2026-48908

Description

A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.