8 matches found
CVE-2025-32466
A SQL injection vulnerability in RSMediaGallery! component 1.7.4 - 2.1.7 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text...
CVE-2025-32466 Extension - rsjoomla.com - SQL injection vulnerability in RSMediaGallery! component 1.7.4 - 2.1.7 for Joomla
A SQL injection vulnerability in RSMediaGallery! component 1.7.4 - 2.1.7 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text...
CVE-2025-32466 Extension - rsjoomla.com - SQL injection vulnerability in RSMediaGallery! component 1.7.4 - 2.1.7 for Joomla
A SQL injection vulnerability in RSMediaGallery! component 1.7.4 - 2.1.7 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text...
CVE-2025-32466
The CVE-2025-32466 issue affects RSMediaGallery! for Joomla, specifically versions 1.7.4 through 2.1.7. The dashboard component allows unsanitized user input to be stored and rendered, enabling SQL injection and the execution of injected JavaScript in a user’s browser when they interact with craf...
CVE-2025-27753
A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code through unsanitized...
CVE-2025-27753
CVE-2025-27753 affects RSJoomla! RSMediaGallery component for Joomla, versions 1.7.4 through 2.1.6. Root cause: unescaped user-supplied parameters used directly in SQL queries within the dashboard component, enabling authenticated attackers to inject SQL code. Effects include unauthorized databas...
CVE-2025-27753 Extension - rsjoomla.com - A SQLi vulnerability RSMediaGallery component 1.7.4 - 2.1.6 for Joomla
A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code through unsanitized...
PT-2025-23924 · Unknown · Media Gallery
Name of the Vulnerable Software and Affected Versions: RSMediaGallery component versions 1.7.4 through 2.1.6 Description: A SQL injection issue was discovered due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker ...