2014-07-21 16:55:06 2015-10-06 04:37:30

Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Joomlaboat Com youtubegallery 3.9.5 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.4 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.7 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.6 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.0 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.3 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.2 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.6 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.5 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.4 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.3 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.9 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.2 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 3.9.8 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.0.2 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.1 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.0.1 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.0 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.0.0 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.0.9 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.0.8 ~~~joomla!~~ (not an official CPE) Joomlaboat Com youtubegallery 4.1.7 ~~~joomla!~~ (not an official CPE)