SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.
https://www.exploit-db.com/exploits/7587
http://www.securityfocus.com/bid/33035