Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-4960

Опубликовано: 21 июл. 2014
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.0:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.2:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.3:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.4:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.5:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.6:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.7:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.8:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:3.9.9:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.0.0:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.0.1:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.0.2:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.0.8:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.0.9:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.0:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.1:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.2:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.3:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.4:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.5:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.6:*:*:*:*:joomla\!:*:*
cpe:2.3:a:joomlaboat:com_youtubegallery:4.1.7:*:*:*:*:joomla\!:*:*

EPSS

Процентиль: 76%
0.00943
Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-rv28-v9jm-rp9w

github
больше 3 лет назад

Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.

EPSS

Процентиль: 76%
0.00943
Низкий

7.5 High

CVSS2

Дефекты

CWE-89