Vendor
Unauthenticated attackers can exploit an SQL injection vulnerability (CVE-2017-20258) in Joomla! Component RPC Responsive Portfolio 1.6.1 by injecting malicious code through the 'id' parameter in GET requests, allowing the execution of arbitrary SQL queries and extraction of sensitive database information.