CVE-2023-23758 Extension - creative-solutions.net - SQLi in Creative Gallery component for Joomla <= 2.2.0

2023-08-0716:51:06

CWE-89

Joomla

www.cve.org

cve-2023-23758

extension

creative-solutions.net

sql injection

joomla

creative gallery

AI Score

Confidence

High

EPSS

0.001

Percentile

47.1%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection.

CNA Affected

[
  {
    "collectionURL": "https://extensions.joomla.org/extension/creative-gallery/",
    "defaultStatus": "unaffected",
    "packageName": "com_creativegallery",
    "product": "Creative Gallery component for Joomla",
    "vendor": "creative-solutions.net",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0-2.2.0"
      }
    ]
  }
]

References

extensions.joomla.org/extension/creative-gallery/