A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-suppli

DATABASE

JOOMLA

05-06-2025 14:08

CVE-2025-27753 Vulnerabilidad documentada

Sin puntuación

Tags

#joomla

#sql

#exploit

#data

#database

#vulnerability

#authenticated

#malicious

#inject

#flaw

#discover

#allow

#attack

#access

#unauthorized

Descripción

A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The is due to the use of unescaped user-supplied parameters SQL queries within dashboard component. This allows an authenticated attacker inject malicious code through unsanitized input fields, which are used directly queries. Exploiting this flaw can lead unauthorized database access, data leakage, or modification records.

https://rsjoomla.com/

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-27753

Resultados similares

Coincidentes en almenos en 50% de los tags

07-06-2025 CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database ...
Ver información

06-06-2025 CVE-2025-49011
SpiceDB is an open source database for storing and querying fine-grained authorization data. Pr...
Ver información