Threat Encyclopedia

Joomla!.Component.Social.Factory.SQL.Injection

description-logoDescription

This indicates an attack attempt to exploit a SQL Injection vulnerability in Joomla! Component Social Factory.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a craft HTTP request. A remote attacker may be able exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

Joomla! Component Social Factory 3.8.3
ThePHPFactory Social Factory 3.8.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply latest patch or upgrade to the latest version from the vendor.
https://extensions.joomla.org/extensions/extension/clients-a-communities/communities/social-factory/

CVE References

CVE-2018-17385

Other References

45470