CVE-2012-4235
RSGallery2 (com_rsgallery2) < 3.2.0 - Unauthenticated Directory Listing via Missing index.html
Title source: llmDescription
The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for a directory URI.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.rsgallery2.nl/announcements/rsgallery2_3.2.0_and_2.3.0_released_16845.0.html
Various Sources x_refsource_confirm
http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/142
Various Sources x_refsource_confirm
http://joomlacode.org/gf/project/rsgallery2/news/
Patch x_refsource_confirm
http://joomlacode.org/gf/download/frsrelease/17326/75428/com_rsgallery2_3.2.0.zip
Scores
EPSS
0.0137
EPSS Percentile
68.6%
Details
CWE
CWE-200
Status
published
Products (37)
rsgallery2/com_rsgallery2
1.9.0-4 alpha
rsgallery2/com_rsgallery2
1.9.4 alpha
rsgallery2/com_rsgallery2
1.9.5 alpha
rsgallery2/com_rsgallery2
1.10.1 alpha
rsgallery2/com_rsgallery2
1.10.2 alpha
rsgallery2/com_rsgallery2
1.10.5 alpha
rsgallery2/com_rsgallery2
1.10.6 alpha
rsgallery2/com_rsgallery2
1.10.7 alpha
rsgallery2/com_rsgallery2
1.10.8 alpha
rsgallery2/com_rsgallery2
1.10.9 alpha
... and 27 more
Published
Aug 10, 2012
Tracked Since
Feb 18, 2026