{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T15:58:44.905","vulnerabilities":[{"cve":{"id":"CVE-2025-27753","sourceIdentifier":"security@joomla.org","published":"2025-06-05T14:15:31.550","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code through unsanitized input fields, which are used directly in SQL queries. Exploiting this flaw can lead to unauthorized database access, data leakage, or modification of records."},{"lang":"es","value":"Se descubrió una vulnerabilidad SQLi en el componente RSMediaGallery 1.7.4 - 2.1.6 para Joomla. Esta vulnerabilidad se debe al uso de parámetros proporcionados por el usuario sin escape en las consultas SQL dentro del componente del panel de control. Esto permite a un atacante autenticado inyectar código SQL malicioso a través de campos de entrada no depurados, que se utilizan directamente en las consultas SQL. Explotar esta vulnerabilidad puede provocar acceso no autorizado a la base de datos, fuga de datos o modificación de registros."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"security@joomla.org","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://rsjoomla.com/","source":"security@joomla.org"}]}}]}