Description
The vCard functions in Joomla! 1.0.5 use predictable sequential IDs for vcards and do not restrict access to them, which allows remote attackers to obtain valid e-mail addresses to conduct spam attacks by modifying the contact_id parameter to index2.php.
Remediation
References
Related Vulnerabilities
Squid Out-of-bounds Read Vulnerability (CVE-2021-28116)
Oracle Database Server CVE-2015-4863 Vulnerability (CVE-2015-4863)
Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11415)
Oracle Application Server CVE-2007-3854 Vulnerability (CVE-2007-3854)
WordPress Plugin WP Super Cache Multiple Vulnerabilities (1.4.4)