CVE-2025-22205

Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-gallery	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:admiror-design-studio:admiror_gallery:*:*:*:*:*:joomla\!:*:*

History

04 Jun 2025, 20:52

Type	Values Removed	Values Added
CPE		cpe:2.3:a:admiror-design-studio:admiror_gallery::::::joomla\!::*
References	~~() http://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-gallery -~~	() http://www.admiror-design-studio.com/admiror-joomla-extensions/admiror-gallery - Product
CWE		CWE-22
First Time		Admiror-design-studio Admiror-design-studio admiror Gallery

05 Feb 2025, 18:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
Summary		(es) La gestión inadecuada de las variables de entrada conduce a múltiples vulnerabilidades Path Traversal en la extensión Admiror Gallery para Joomla en la rama de versión 4.x.

04 Feb 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-04 08:15

Updated : 2025-06-04 20:52

NVD link : CVE-2025-22205

Mitre link : CVE-2025-22205

CVE.ORG link : CVE-2025-22205

JSON object : View

Products Affected

admiror-design-studio

admiror_gallery

CWE

CWE-35

Path Traversal: '.../...//'

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.5 /10