CVE-2026-48941
Analyzed Analyzed - Analysis Complete

Unauthenticated Path Traversal in K2 Media Gallery

Vulnerability report for CVE-2026-48941, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-25

Last updated on: 2026-06-28

Assigner: Joomla! Project

Description

The K2 frontend `item.checkin` task accepts an unauthenticated `sigProFolder` query parameter and uses it directly to address a `JFolder::delete()` call under `/media/k2/galleries/`

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-25
Last Modified
2026-06-28
Generated
2026-07-15
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-14
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
joomlaworks k2 to 2.26 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The vulnerability exists in the K2 frontend's `item.checkin` task, which accepts an unauthenticated `sigProFolder` query parameter. This parameter is used directly in a call to `JFolder::delete()` targeting directories under `/media/k2/galleries/`. Because the parameter is unauthenticated and used directly, it may allow unauthorized deletion of folders.

Impact Analysis

This vulnerability can lead to unauthorized deletion of folders within the `/media/k2/galleries/` directory. Such deletion could result in loss of important media files or data, potentially disrupting website functionality or causing data loss.

Compliance Impact

The vulnerability allows unauthenticated users to delete folders under the /media/k2/galleries/ directory via the sigProFolder query parameter. This can lead to unauthorized modification or deletion of content managed by the K2 extension.

Such unauthorized access and potential data loss or tampering could impact compliance with standards like GDPR and HIPAA, which require protection of data integrity and availability, as well as controls against unauthorized access.

However, the provided information does not explicitly detail the nature of the data affected or whether personal or sensitive data is involved, so the exact compliance impact cannot be fully determined from the given context.

Detection Guidance

This vulnerability involves the K2 frontend `item.checkin` task accepting an unauthenticated `sigProFolder` query parameter that is used directly in a `JFolder::delete()` call under `/media/k2/galleries/`. To detect exploitation attempts on your system or network, you can monitor HTTP requests targeting the K2 frontend for suspicious usage of the `sigProFolder` parameter.

  • Use web server access logs to search for requests containing the `sigProFolder` parameter, for example using grep: `grep "sigProFolder" /path/to/access.log`
  • Monitor for unusual DELETE operations or file deletions under the `/media/k2/galleries/` directory on the server.
  • If using intrusion detection systems (IDS), create rules to alert on HTTP requests with the `sigProFolder` parameter targeting the K2 frontend.
Mitigation Strategies

Immediate mitigation steps should focus on preventing unauthenticated access to the vulnerable `item.checkin` task that accepts the `sigProFolder` parameter. Since the vulnerability allows unauthenticated deletion of folders under `/media/k2/galleries/`, consider the following actions:

  • Restrict access to the K2 frontend `item.checkin` task by implementing authentication or access controls.
  • Apply any available patches or updates from the K2 extension developers or JoomlaWorks that address this vulnerability.
  • Temporarily disable or restrict the use of the `sigProFolder` query parameter if possible.
  • Monitor and audit the `/media/k2/galleries/` directory for unauthorized deletions.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48941. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart