PT-2026-43296 · Unknown · Com Media Files

Claude

·

Published

2026-05-26

·

Updated

2026-05-29

·

CVE-2026-40384

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description Improper validation of the search parameter in the "com media files" API endpoint allows for path traversal, a condition where an attacker can access files and directories outside the intended folder on the server.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BIT-JOOMLA-2026-40384
CVE-2026-40384

Affected Products

Com Media Files