Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4780

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-4780
Last Modified 15 Nov 2008 01:58:31
Published 10 Sep 2007 05:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4780

Summary

Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories.

Vulnerable Systems

Application

  • Joomla 1.5.0 Beta

  • Joomla 1.5.0 Beta2

  • Joomla 1.5.0 Rc1


References

XF - joomla-tmpl-information-disclosure(36426)

BID - 25508

BUGTRAQ - 20070903 Multiple vulnerabilities in Joomla 1.5 RC 1

CONFIRM - http://www.joomla.org/content/view/3831/1/

OSVDB - 45875

SREASON - 3108


Last Updated: 27 May 2016 10:45:58