Joomla JE Portfolio Creator component version 1.2 suffers from a remote SQL injection vulnerability.