VYPR

Com Mailto

by Joomla

CVEs (3)

  • CVE-2009-1499May 1, 2009
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.

  • CVE-2011-4912Feb 4, 2020
    risk 0.00cvss epss 0.01

    Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.

  • CVE-2008-4103Sep 18, 2008
    risk 0.00cvss epss 0.01

    The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.