CVE-2008-6181

Mad4media Com Mad4joomla < 1.1.8.1 - SQL Injection

Title source: rule
STIX 2.1

Description

SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by H!tm@N · textwebappsphp
https://www.exploit-db.com/exploits/6724

References (6)

Core 6
Core References
Vendor Advisory x_refsource_confirm
http://www.mad4media.de/mad4joomla-mailforms.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32239
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6724
Vendor Advisory x_refsource_confirm
http://www.mad4media.de/mad4joomla-mailforms-faq.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45815
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31712

Scores

EPSS 0.0093
EPSS Percentile 76.2%

Details

CWE
CWE-89
Status published
Products (10)
mad4media/com_mad4joomla 1.1
mad4media/com_mad4joomla 1.1.1
mad4media/com_mad4joomla 1.1.2
mad4media/com_mad4joomla 1.1.3
mad4media/com_mad4joomla 1.1.4
mad4media/com_mad4joomla 1.1.5
mad4media/com_mad4joomla 1.1.6
mad4media/com_mad4joomla 1.1.7
mad4media/com_mad4joomla 1.1.8
mad4media/com_mad4joomla < 1.1.8.1
Published Feb 19, 2009
Tracked Since Feb 18, 2026