CVE-2018-5971by Jeremyin Security Bulletinson Posted on February 17, 2018 SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.