VYPR
Unrated severityNVD Advisory· Published Jan 19, 2007· Updated Jun 16, 2026

CVE-2007-0382

CVE-2007-0382

Description

Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2) saveNewsletter, and (3) cancelNewsletter functions.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.