Description

SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.

Remediation

References

CVE-2009-1499

Related Vulnerabilities

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (4.2.152)

Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-15081)

Joomla! Core Directory Traversal (2.5.0 - 3.9.20)

Apache version older than 1.3.41

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37391)

Severity

High

Classification

CVE-2009-1499 CWE-138

Tags

Missing Update Known Vulnerabilities