Vulnerabilities > Joomla > COM Mailto

DATE CVE VULNERABILITY TITLE RISK
2009-05-01 CVE-2009-1499 SQL Injection vulnerability in Joomla COM Mailto and Joomla!
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php.
network
low complexity
joomla CWE-89
7.5
7.5
2008-09-18 CVE-2008-4103 Improper Input Validation vulnerability in Joomla COM Mailto
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
network
low complexity
joomla CWE-20
5.0
5.0