Every CVE whose affected-product data names Joomla Com Mailto, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2009-1499 — CVSS 7.5 (high): SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands…
CVE-2008-4103 — CVSS 5.0 (medium): The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote…