JoomBri freelance extension pre 1.6.5. suffers major sqli exploit.

No contact from developer, Notified by Ruth Cheesley