CVE-2018-25351

Name of the Vulnerable Software and Affected Versions Joomla! Component EkRishta version 2.10

Description An error-based SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by submitting POST requests to the login endpoint using malicious code within the username parameter to extract database information, including system details and user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.