CVE-2025-27753 – Joomla RSMediaGallery SQL Injection

June 5, 2025

CVE ID : CVE-2025-27753

Published : June 5, 2025, 2:15 p.m. | 53 minutes ago

Description : A SQLi vulnerability in RSMediaGallery component 1.7.4 – 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code through unsanitized input fields, which are used directly in SQL queries. Exploiting this flaw can lead to unauthorized database access, data leakage, or modification of records.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27754 – Joomla RSBlog! Stored Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-27445 – RSFirewall Joomla Path Traversal Vulnerability

Highlights

CVE-2025-47672 – miniOrange Discord Integration PHP Remote File Inclusion Vulnerability

May 27, 2025

CVE ID : CVE-2025-47672

Published : May 23, 2025, 1:15 p.m. | 4 days, 3 hours ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in miniOrange miniOrange Discord Integration allows PHP Local File Inclusion. This issue affects miniOrange Discord Integration: from n/a through 2.2.2.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-27753 – Joomla RSMediaGallery SQL Injection

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

Takedown Services: A CFOâ€™s New Line of Defense

New FDA-cleared blood pressure monitor delivers medical grade results at home

Surface Pro 12-inch vs. iPad Air M3: Which should you choose?

JavaScript Insights #18: This Week in Web Development

CVE-2025-47672 – miniOrange Discord Integration PHP Remote File Inclusion Vulnerability

CVE-2025-48792 – Oracle WebLogic Server Unvalidated Redirect

Build your multilingual personal calendar assistant with Amazon Bedrock and AWS Step Functions

DRY – a common source of bad abstractions

CVE-2025-27753 – Joomla RSMediaGallery SQL Injection

Related Posts