Vulnerabilities > CVE-2007-0375 - Information Disclosure vulnerability in Joomla 1.5.0Beta

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
joomla

Summary

Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive information via a direct request for (1) plugins/user/example.php; (2) gmail.php, (3) example.php, or (4) ldap.php in plugins/authentication/; (5) modules/mod_mainmenu/menu.php; or other unspecified PHP scripts, which reveals the path in various error messages, related to a jimport function call at the beginning of each script.

Vulnerable Configurations

Part Description Count
Application
Joomla
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/54195/joomla150beta-sql.txt
idPACKETSTORM:54195
last seen2016-12-05
published2007-02-06
reporterOmid
sourcehttps://packetstormsecurity.com/files/54195/joomla150beta-sql.txt.html
titlejoomla150beta-sql.txt