SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter.Referenceshttps://exploit-db.com/exploits/44165
