The Joomla Kunena component suffers from a remote blind SQL injection vulnerability. The researcher believes that this affects 1.5.9 but the author of the software has claimed that this only affects versions 1.5.4 and below.
e7a689b1c56bed9c9660f71ec06c232ea5ce0c6442d9306effe95e877117ba45