Description
In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Admin Security Bypass (2.6.3)
WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (4.9.33)
Oracle Application Server Other Vulnerability (CVE-2002-0565)
WordPress Plugin WP Super Cache PHP Code Injection (1.2)
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2094)