CVE-2012-3554

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2012-3554
SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/142
http://joomlacode.org/gf/project/rsgallery2/news/
http://www.rsgallery2.nl/announcements/rsgallery2_3.2.0_and_2.3.0_released_16845.0.html Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.0:beta:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:*:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.9:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.13:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.0-4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.3:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.14:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.8:alpha:*:*:*:*:*:*
OR cpe:2.3:a:joomla:joomla\!:1.5.13:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.10:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.12:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.24:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.5:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.14:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.23:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.22:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.26:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.11:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.25:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.9:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.18:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.16:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.15:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.17:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.19:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.21:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.20:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.15:rc:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:rsgallery2:com_rsgallery2:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.13:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.0:beta:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.3:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:*:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.9:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.0-4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.14:alpha:*:*:*:*:*:*
OR cpe:2.3:a:joomla:joomla\!:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.4:*:*:*:*:*:*:*
Information

Published : 2012-08-10 03:34

Updated : 2012-08-10 06:59

NVD link : CVE-2012-3554

Mitre link : CVE-2012-3554

JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa
Products Affected

joomla

  • joomla\!

rsgallery2

  • com_rsgallery2