Cross-site scripting (XSS) vulnerability in mod_lettermansubscribe.php in the Letterman Subscriber (mod_letterman) before 1.2.5 module for Joomla! allows remote attackers to inject arbitrary web script or HTML via the Itemid...
5.8AI Score
0.011EPSS
PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog...
7.5AI Score
0.054EPSS
Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2) saveNewsletter, and (3) cancelNewsletter...
8.6AI Score
0.006EPSS