VYPR

ccNewsletter

by Joomla

CVEs (2)

  • CVE-2018-5989CriFeb 17, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099.

  • CVE-2010-0467MedFeb 2, 2010
    risk 0.44cvss 5.8epss 0.43

    Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.