VYPR

Mod Ccnewsletter

by Chillcreations

CVEs (2)

  • CVE-2010-0467MedFeb 2, 2010
    risk 0.44cvss 5.8epss 0.43

    Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.

  • CVE-2011-5099Aug 14, 2012
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.