Dear moderators:
I recently purchased a subscription and almost pulled out my hair successfully getting the component and the modules to work properly. Then my site gets hacked; the index file is completely rewritten. Then I come across this little tidbit:
jVideoDirect Component for Joomla! "v" Parameter SQL Injection
08 February 2010
jVideoDirect is a component for the Joomla! content manager. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "v" parameter before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Ref: www.securityfocus.com/bid/37990
10.6.51 - CVE: Not Available
Platform: Web Application - SQL Injection
I'm not saying that jvideodirect had anything to do with my current issue. However, do you plan on patching up your latest release?
