CVE-2008-6923 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6923): SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php.
Security, the current com_content is 1.5.0 in Joomla! 1.5.15. So this exploit might not effect us.
Issued fixed in joomla-1.5.15 added 25 Dec 2009