Description

The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.

Remediation

References

CVE-2008-4103

Related Vulnerabilities

WordPress Plugin MailPoet Newsletters (Previous) Arbitrary File Upload (2.6.7)

Moodle Improper Privilege Management Vulnerability (CVE-2017-7532)

WordPress Plugin My Tickets Cross-Site Scripting (1.5.0)

WordPress Plugin Link Log-external link click monitor SQL Injection (2.0)

WordPress Plugin GeoDirectory Location Manager Multiple SQL Injection Vulnerabilities (2.1.0.9)

Severity

Medium

Classification

CVE-2008-4103 CWE-20

Tags

Missing Update Known Vulnerabilities