Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-6376 - Vulnerability Database
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-6376
Critical
Reference:
CVE-2018-6376
Title:
Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:
In Joomla before 3.8.4 the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.