SQL Injection exists in the Aist up to and including 2.0 component for Joomla! via the id parameter in a view=showvacancy request.
aist project aist