cpe:/a:digitalgreys:com_contactinfo:1.0 CVE-2008-5494 2008-12-12T11:30:00.860-05:00 2017-09-28T21:32:37.993-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-12-12T15:41:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32260 SREASON 4712 EXPLOIT-DB 7093 VUPEN ADV-2008-3122 XF cim-catid-sql-injection(46563) SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.