Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection attacks, potentially leading to remote code execution and full administrator takeover on unpatched systems. The issues affect multiple popular Tassos extensions and require urgent patching through the vendor’s updated releases. A source‑code review of […] The post Joomla Novarain/Tassos Framework Vulnerabilities Enables SQL injection and Unauthenticated File Read appeared first on Cyber Security News.