Vulnerabilities > CVE-2007-4185 - Information Disclosure vulnerability in Joomla 1.0.12

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

joomla

NVD

Published: 2007-08-08

Updated: 2018-10-15

Summary

Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages.

Vulnerable Configurations

Part	Description	Count
Application	Joomla Joomla Joomla 1.0.12	1

References

http://osvdb.org/39037
http://osvdb.org/39038
http://osvdb.org/39039
http://osvdb.org/39040
http://osvdb.org/39041
http://osvdb.org/39042
http://osvdb.org/39043
http://www.securityfocus.com/archive/1/475066/100/0/threaded
http://www.securityfocus.com/archive/1/480738/100/0/threaded
http://www.securityfocus.com/archive/1/480757/100/0/threaded
http://www.securityfocus.com/archive/1/480809/100/0/threaded