Novarain/Tassos Framework (Plg System Nrframework)
Approved changes feed: RSS · Atom
cpe:2.3:a:tassos.gr:novarain/tassos_framework_(plg_system_nrframework):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Tassos.Gr (b34a7d10-fc50-5955-a70e-358795edb5f1) |
|---|---|
| Product | Novarain/Tassos Framework (Plg System Nrframework) (d5e57a7f-00be-5a51-8486-7eb9149c3591) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-48906 |
vulnerable | 2026-06-08 08:05:12.351320 |
Extension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework < 6.1.0 for Joomla
The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites.
Published: 2026-05-27T09:11:40.231Z
Updated: 2026-06-05T07:27:40.844Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-21627 |
vulnerable | 2026-06-08 07:49:16.624874 |
Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
Published: 2026-02-20T14:22:14.744Z
Updated: 2026-02-23T05:07:12.296Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.