SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.Referenceshttp://www.securityfocus.com/bid/27679https://www.exploit-db.com/exploits/5080
