Description
Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35668
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/55591
Various Sources x_refsource_confirm
http://developer.joomla.org/security/news/300-20090606-core-missing-jexec-check.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/12/25/8
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35544
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/12/25/3
Scores
EPSS
0.0041
EPSS Percentile
61.5%
Details
CWE
CWE-20
Status
published
Products (12)
joomla/joomla\!
1.5.0
joomla/joomla\!
1.5.1
joomla/joomla\!
1.5.2
joomla/joomla\!
1.5.3
joomla/joomla\!
1.5.4
joomla/joomla\!
1.5.5
joomla/joomla\!
1.5.6
joomla/joomla\!
1.5.7
joomla/joomla\!
1.5.8
joomla/joomla\!
1.5.9
... and 2 more
Published
Oct 07, 2012
Tracked Since
Feb 18, 2026