CVE-2018-25067

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-25067
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-25067.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-25067
Published
2023-01-06T21:15:09.167Z
Modified
2026-04-02T01:23:40.504354Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability, which was classified as critical, was found in JoomGallery up to 3.3.3. This affects an unknown part of the file administrator/components/com_joomgallery/views/config/tmpl/default.php of the component Image Sort Handler. The manipulation leads to sql injection. Upgrading to version 3.3.4 is able to address this issue. The identifier of the patch is dc414ee954e849082260f8613e15a1c1e1d354a1. It is recommended to upgrade the affected component. The identifier VDB-217569 was assigned to this vulnerability.

References

Affected packages

Git / github.com/joomgallery/joomgallery

Affected ranges

Type
GIT
Repo
https://github.com/joomgallery/joomgallery
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5a45966deeea6ea27cb519f4e13868648e92b566
Fixed
dc414ee954e849082260f8613e15a1c1e1d354a1
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.3.4"
        }
    ]
}

Affected versions

v3.*
v3.2.0
v3.2.1
v3.2.2
v3.3.0
v3.3.1
v3.3.2
v3.3.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-25067.json"