SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter.
thephpfactory social factory 3.8.3