Joomla » Com Mailto : Security Vulnerabilities, CVEs,
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
Max CVSS
7.5
EPSS Score
0.07%
Published
2009-05-01
Updated
2017-09-29
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
Max CVSS
5.0
EPSS Score
0.50%
Published
2008-09-18
Updated
2017-08-08
2 vulnerabilities found