Vulnerabilities (CVE)

Filtered by vendor Chillcreations Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-5989 1 Chillcreations 1 Ccnewsletter 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099.
CVE-2011-5099 2 Chillcreations, Joomla 2 Mod Ccnewsletter, Joomla\! 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4853 2 Chillcreations, Joomla 2 Com Ccinvoices, Joomla\! 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php.
CVE-2010-0467 2 Chillcreations, Joomla 2 Com Ccnewsletter, Joomla\! 2024-11-21 5.0 MEDIUM 5.8 MEDIUM
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.