SQL Injection Vulnerability in RSMediaGallery! for Joomla
CVE-2025-32466

6.7MEDIUM

Key Information:

Vendor: Rsjoomla.com
Status: Rsmediagallery Component For Joomla
Vendor: CVE Published:; 11 June 2025

🔔 Create Rsjoomla.com Vulnerability Alert

What is CVE-2025-32466?

A vulnerability has been identified in the RSMediaGallery! component for Joomla, where user input in the dashboard is not properly sanitized. This oversight permits an attacker to insert malicious SQL queries through user-supplied input fields. Consequently, when other users access the affected sections of the dashboard, crafted scripts are executed in their browsers, posing significant security risks. It is crucial for users and administrators of RSMediaGallery! to ensure timely updates and proper input validation measures are implemented.

Affected Version(s)

RSMediaGallery component for Joomla 1.7.4-2.1.7

References

https://rsjoomla.com/

product

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
Apr 9, 2025

Credit

Kamil Szczurowski

Robert Kruczek