Description

SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.

Remediation

References

CVE-2009-1499

Related Vulnerabilities

WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-2334)

Apache HTTP Server Missing Authorization Vulnerability (CVE-2020-13938)

Highcharts JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29489)

WordPress Plugin WordPress Landing Pages Multiple Unspecified Vulnerabilities (1.7.8)

Severity

High

Classification

CVE-2009-1499 CWE-138

Tags

Missing Update Known Vulnerabilities