Sign in Get started

← All vendors

Vendor

Joomlaboat

Sign in to watch

Products

1

CVEs

2

Across products

23

Status

Private

Products

1

Com Youtubegallery
23 CVEs

Recent CVEs

2

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2014-4960		0.03	—	0.01		Jul 21, 2014	Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.
CVE-2013-5956		0.00	—	0.00		Apr 25, 2014	Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php in the Youtube Gallery (com_youtubegallery) component 3.4.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the videofile parameter.