Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-1499 | 1 Joomla | 2 Com Mailto, Joomla\! | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor. | |||||
CVE-2008-4103 | 1 Joomla | 2 Com Mailto, Joomla | 2017-08-07 | 5.0 MEDIUM | N/A |
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. |