EIP-2026-108589
PRE-CVEJoomla! Component com_vxdate - Multiple Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-108589. PoCs published by MustLive.
AI-analyzed exploit summary This is a vulnerability advisory detailing Full Path Disclosure, SQL Injection, and XSS vulnerabilities in the VXDate component for Joomla. It provides URLs to exploit these vulnerabilities but does not include executable exploit code.
Description
Joomla! Component com_vxdate - Multiple Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by MustLive · textwebappsphp
https://www.exploit-db.com/exploits/11790
This is a vulnerability advisory detailing Full Path Disclosure, SQL Injection, and XSS vulnerabilities in the VXDate component for Joomla. It provides URLs to exploit these vulnerabilities but does not include executable exploit code.
Classification
Writeup 90%
Attack Type
Sqli | Xss | Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
VXDate for Joomla (all versions)
No auth needed
Prerequisites:
Access to the target Joomla instance with VXDate component installed
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026