Description

SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.

Remediation

References

CVE-2009-1499

Related Vulnerabilities

WordPress Plugin Print-O-Matic Cross-Site Scripting (2.0.2)

Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.5)

Joomla! Core Security Bypass (1.6.0 - 3.6.0)

MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566)

WordPress Plugin Photo Gallery by Supsystic Multiple Vulnerabilities (1.8.5)

Severity

High

Classification

CVE-2009-1499 CWE-138

Tags

Missing Update Known Vulnerabilities