CVE-2018-17386

SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/.
Source: NIST
CVE-2018-17386