Potential for an attacker to escalate privileges and become a database or site administrator.

Configure the database user account used by the Joomla! application with least-privilege access to limit the damage a compromised account can do. Joomla! Component J-BusinessDirectory 4.9.7 - Exploit-DB

Complete extraction of the Joomla! database, including user credentials, configuration data, and business directory listings.