Vulnerabilities > Joomla > COM Facileforms > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-02 | CVE-2008-2990 | Code Injection vulnerability in multiple products PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter. | 7.5 |
2008-02-21 | CVE-2008-0855 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |