The flaws exist in the Joomla version 3.2 to 3.4.4, including a vulnerability that could allow hackers to take admin privileges on most customer websites. The vulnerability, discovered by Trustwave SpiderLabs researcher Asaf Orpani and Netanel Rubin of PerimeterX, could be exploited to attack a website with.SQL injection (SQLi) is an injection attack wherein a bad actor can inject/insert malicious. commands/query (malicious payloads) through the input data from the client to the application.
Source: https://thehackernews.com/2015/10/joomla-security.html