Joomla! Component Auction Factory 4.5.5 – ‘filter_order’ SQL Injection