Kkr

**Name of the Vulnerable Software and Affected Versions** Joomla! component com idoblog version 1.1 build 30 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `userid` parameter in a profile action to "index.php". **Recommendations** For version 1.1 build 30, consider restricting access to the "index.php" endpoint or avoiding the use of the `userid` parameter until a fix is available.