SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file."
http://www.nbill.co.uk/newsflash/important-security-announcement.html
http://www.nbill.co.uk/forum-smf/index.php/topic%2C716.0.html