CVE-2012-4235

RSGallery2 (com_rsgallery2) < 3.2.0 - Unauthenticated Directory Listing via Missing index.html

Title source: llm
STIX 2.1

Description

The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for a directory URI.

Scores

EPSS 0.0137
EPSS Percentile 68.6%

Details

CWE
CWE-200
Status published
Products (37)
rsgallery2/com_rsgallery2 1.9.0-4 alpha
rsgallery2/com_rsgallery2 1.9.4 alpha
rsgallery2/com_rsgallery2 1.9.5 alpha
rsgallery2/com_rsgallery2 1.10.1 alpha
rsgallery2/com_rsgallery2 1.10.2 alpha
rsgallery2/com_rsgallery2 1.10.5 alpha
rsgallery2/com_rsgallery2 1.10.6 alpha
rsgallery2/com_rsgallery2 1.10.7 alpha
rsgallery2/com_rsgallery2 1.10.8 alpha
rsgallery2/com_rsgallery2 1.10.9 alpha
... and 27 more
Published Aug 10, 2012
Tracked Since Feb 18, 2026