CVE-2008-2990

CVE-2008-2990 affects FacileForms (com_facileforms) 1.4.4 for Mambo/Joomla!, exposing a PHP remote file inclusion vulnerability in the ff_compath parameter of facileforms.frame.php. The underlying issue allows an attacker to supply a URL and potentially execute arbitrary PHP code on the vulnerabl...

CVE-2008-0855

CVE-2008-0855 describes an SQL injection in the Facile Forms (com_facileforms) component for Joomla! and Mambo, exploitable via the catid parameter to index.php. The vulnerability, as documented by NVD, has a base score of 7.5 (HIGH) with network attack vector, no authentication, and partial impa...