SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/55443
http://www.vupen.com/english/advisories/2010/0047