SQL Injection Vulnerability in RSGallery Component for Mambo and Joomla!
CVE-2007-6362

Currently unrated

Key Information:

Vendor: Joomla
Status: Rs Gallery2
Vendor: CVE Published:; 15 December 2007

Summary

An SQL injection vulnerability exists in the index.php file of the RSGallery component (com_rsgallery) for Mambo and Joomla!. This flaw allows remote attackers to manipulate SQL queries via the 'catid' parameter, potentially executing arbitrary SQL commands on the database. Successful exploitation of this vulnerability could lead to unauthorized access and manipulation of data within the affected applications, compromising web application integrity.

References

http://advisories.echo.or.id/adv/adv86-K-159-2007.txt

x_refsource_MISC

https://www.exploit-db.com/exploits/4691

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/26704

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Dec 15, 2007
Vulnerability Reserved
Dec 14, 2007