Com Eventing Security Vulnerabilities - February

CVE-2009-0421

SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.