CVE-2009-3417 Information

Description

SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php a different vector than CVE-2008-2627.

Reference

http://secunia.com/advisories/36243 http://www.exploit-db.com/exploits/9413