CVE-2008-0849
CVE-2008-0849 is a SQL injection in index.php of the Downloads (com_downloads) component for Mambo/Joomla, exploitable via the cat parameter in a selectcat function. This is a different vector than CVE-2008-0652 (which uses filecatid in a selectfolder action). Connected sources confirm the affect...