CVE-2018-17378
The CVE-2018-17378 entry describes a SQL injection vulnerability in Joomla! Penny Auction Factory 2.0.4, exploitable via the filter_order_Dir or filter_order parameters. Affected component: Penny Auction Factory 2.0.4 for Joomla!. Root cause: unsanitized user input in query construction leading t...