CVE-2008-2454
SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php.
Date published : 2008-05-27
http://www.securityfocus.com/bid/29144
http://www.securityfocus.com/archive/1/491943/100/0/threaded