SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.Referenceshttps://www.exploit-db.com/exploits/5721https://exchange.xforce.ibmcloud.com/vulnerabilities/42794
