Vulnerabilities (CVE)

Filtered by vendor Joomla Subscribe
Filtered by product Com Mailto
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1499 1 Joomla 2 Com Mailto, Joomla\! 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
CVE-2008-4103 1 Joomla 2 Com Mailto, Joomla 2024-11-21 5.0 MEDIUM N/A
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.