Joomlaboat Com Youtubegallery vulnerabilities
2 known vulnerabilities affecting joomlaboat/com_youtubegallery.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-4960P3HIGHCVSS 7.5PoCv3.9.0v3.9.2+20 more2014-07-21
CVE-2014-4960 [HIGH] CWE-89 CVE-2014-4960: Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery)
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.
nvd
CVE-2013-5956P4MEDIUMCVSS 4.3v3.4.02014-04-25
CVE-2013-5956 [MEDIUM] CWE-79 CVE-2013-5956: Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php in the Youtube Gallery (com_yo
Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php in the Youtube Gallery (com_youtubegallery) component 3.4.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the videofile parameter.
nvd