CYBERHAWK / CVE / CVE-2018-25433

CVE-2018-25433

Joomla JE Photo Gallery

HIGH CVSS 8.2 vibe

The flaw

SQL injection vulnerability allows unauthenticated attackers to extract database information through the categoryid parameter.

What to do

Update to version newer than 1.1 or sanitize categoryid parameter

▸ Scan my repo for CVE-2018-25433

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits