Description
Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."
References (7)
Core 7
Core References
Patch x_refsource_confirm
http://www.joomla.org/announcements/release-news/5411-joomla-175-released.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/02/03/9
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/47847
Various Sources x_refsource_confirm
http://www.joomla.org/announcements/release-news/5410-joomla-251-released.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/02/03/6
Vendor Advisory x_refsource_confirm
http://developer.joomla.org/security/news/389-20120201-core-information-disclosure
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/78826
Scores
EPSS
0.0001
EPSS Percentile
1.6%
Details
CWE
CWE-200
Status
published
Products (6)
joomla/joomla\!
1.7.0
joomla/joomla\!
1.7.1
joomla/joomla\!
1.7.2
joomla/joomla\!
1.7.3
joomla/joomla\!
1.7.4
joomla/joomla\!
2.5.0
Published
Sep 06, 2012
Tracked Since
Feb 18, 2026