CVE-2008-5494

Name of the Vulnerable Software and Affected Versions Joomla! component com contactinfo version 1.0

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the catid parameter in the /index.php API endpoint.

Recommendations For version 1.0 of the com contactinfo component, avoid using the catid parameter in the /index.php endpoint until the issue is resolved. Consider temporarily restricting access to the Contact Information Module to minimize the risk of exploitation.