Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors.

References

• https://nvd.nist.gov/vuln/detail/CVE-2006-1049
• http://secunia.com/advisories/19105
• http://www.osvdb.org/23819
• http://www.vupen.com/english/advisories/2006/0818
• http://www.joomla.org/content/view/938/78