SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.Referenceshttp://www.securityfocus.com/bid/27821http://securityreason.com/securityalert/3664http://www.securityfocus.com/archive/1/488272/100/0/threaded
