CISA adds exploited iCagenda and Balbooa Forms flaws to KEV after reported zero-day attacks enabled PHP uploads and remote code execution on sites.

CISA adds exploited iCagenda and Balbooa Forms flaws to KEV after reported zero-day attacks enabled PHP uploads and remote code execution on sites.

Hackers have been exploiting critical vulnerabilities in the Balbooa Forms and iCagenda Joomla extensions for code execution.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda and Balbooa Forms extensions for Joomla…

Flaws in iCagenda, Balbooa Forms extensions can impact open source CMS that powers a million sites worldwide