SQL injection in Joomla extension DT Register allows remote unauthenticated attacker to execute malicous SQL commands. Step-by-Step Proof-of-Concept and interesting communication with vendor.

more ...