Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • 2025 OSS Research
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Book a demo
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • 2025 OSS Research
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Business and Enterprise Solutions

Business and Enterprise Solutions

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Utility
      • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Customer Service
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • CMS
      • Networking
      • Storage
      • Security
    • DevOps
      • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    2 Jun 2026 Business and Enterprise Solutions
    Joomla! Core: Incorrect Cache Key Construction in InputFilter

    In Joomla! Core versions 4.0.0 through 5.4.5 and 6.0.0 through 6.1.0 a high severity vulnerability CVE-2026-48901 was detected. This vulnerability may allow attackers to bypass intended security filters. This occurs because the InputFilter::getInstance() method improperly omits a security-sensitive parameter when constructing the instance cache key. As a result, an incorrectly configured filter object might be retrieved from the cache and reused in a different context, potentially leading to inadequate content filtering and subsequent security issues. To address this issue, users should upgrade Joomla! Core to version 5.4.6 or 6.1.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-48901.

    Read more
    CMS
    2 Jun 2026 Business and Enterprise Solutions
    Ghost: Arbitrary Database Read via SQL Injection in Content API

    In Ghost versions 3.24.0 through 6.19.0 a critical severity vulnerability CVE-2026-26980 was detected. This vulnerability allows an unauthenticated attacker to perform arbitrary reads from the database. This occurs due to a SQL Injection flaw within the Content API. A public exploit for this issue is currently available. To address this issue, users should upgrade Ghost to version 6.19.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-26980.

    Read more
    CMS
    1 Jun 2026 Business and Enterprise Solutions
    PrivateTunnel and OpenVPN Connect: Local Privilege Escalation via Unquoted Search Path

    In PrivateTunnel versions prior to 3.0 and OpenVPN Connect versions prior to 3.1 on Windows a medium severity vulnerability CVE-2014-5455 was detected. This vulnerability allows a local user to gain elevated privileges. This occurs due to an unquoted Windows search path vulnerability in the ptservice service, which enables an attacker to execute arbitrary code by placing a specially crafted program.exe file in the %SYSTEMDRIVE% folder. To address this issue, users should upgrade PrivateTunnel to version 3.0 and OpenVPN Connect to version 3.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2014-5455.

    Read more
    CMS
    29 May 2026 Business and Enterprise Solutions
    Joomla! Framework: Cross-Site Scripting (XSS) via Inadequate Content Filtering in checkAttribute

    In Joomla! Framework versions Versions 1.0.0 through 3.0.5 and versions 4.0.0through 4.0.1 a medium severity vulnerability CVE-2026-48903 was detected. This vulnerability allows an attacker to execute arbitrary malicious scripts (Cross-Site Scripting, XSS) in the context of the victim’s browser. This occurs due to inadequate content filtering within the checkAttribute methods, which affects various components. To address this issue, users should upgrade Joomla! Framework to version 5.4.6. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-48903.

    Read more
    CMS
    26 May 2026 Business and Enterprise Solutions
    Joomla! Core: Incorrect Access Control in com_scheduler

    In Joomla! Core versions 4.1.0 through 5.4.5 a medium severity vulnerability CVE-2026-48900 was detected. This vulnerability allows low-privileged users to edit the task types of existing scheduler tasks due to an improper access control check in the com_scheduler component. To address this issue, users should upgrade Joomla! Core to version 5.4.6 (or later). For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-48900.

    Read more
    CMS
    26 May 2026 Business and Enterprise Solutions
    Adobe Commerce: Security Feature Bypass / Arbitrary File System Write via Improper Input Validation

    In Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier a low severity vulnerability CVE-2026-34685 was detected. This vulnerability allows a high-privileged attacker to bypass security measures and gain unauthorized write access (potentially leading to arbitrary file system writes). This occurs due to improper input validation. Exploitation of this issue requires user interaction, meaning a victim must visit a maliciously crafted URL or interact with a compromised web page. To address this issue, users should upgrade Adobe Commerce to version 2.4.9 or higher. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-34685.

    Read more
    E-commerce
    20 May 2026 Business and Enterprise Solutions
    Joomla!: Two-Factor Authentication (2FA) Bypass

    In Joomla! versions before 3.8.2 a high severity vulnerability CVE-2017-16634 was detected. This vulnerability allows third parties to bypass a user’s two-factor authentication (2FA) method, potentially leading to unauthorized account access. To address this issue, users should upgrade Joomla! to version 3.8.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2017-16634.

    Read more
    CMS
    19 May 2026 Business and Enterprise Solutions
    Dolibarr ERP/CRM: Sensitive Information Disclosure via file Parameter

    In Dolibarr ERP/CRM version 6.0.0 a medium severity vulnerability CVE-2017-14240 was detected. This vulnerability allows attackers to access sensitive information due to a flaw in the document.php file via the file parameter. To address this issue, users should upgrade Dolibarr ERP/CRM to version 6.0.1 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2017-14240.

    Read more
    ERP
    14 May 2026 Business and Enterprise Solutions
    Dolibarr ERP/CRM: SQL Injection via search_supervisor and search_statut Parameters

    In Dolibarr ERP/CRM versions before 5.0.3 a high severity vulnerability CVE-2017-9435 was detected. This vulnerability allows attackers to execute arbitrary SQL commands due to a SQL injection flaw in the search_supervisor and search_statut parameters within the user/index.php file. To address this issue, users should upgrade Dolibarr ERP/CRM to version 5.0.3. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2017-9435.

    Read more
    ERP
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base

    © HOSSTED 2026 All rights reserved

    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy
    Cookie Settings

    We use cookies to measure marketing efforts and improve our services. Please review the cookie settings and confirm your choice.

    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    • Manage options
    • Manage services
    • Manage {vendor_count} vendors
    • Read more about these purposes
    View preferences
    • {title}
    • {title}
    • {title}