Description
Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/03/29/5
Vendor Advisory x_refsource_confirm
http://developer.joomla.org/security/news/397-20120306-core-information-disclosure.html
Scores
EPSS
0.0045
EPSS Percentile
63.9%
Details
CWE
CWE-264
Status
published
Products (26)
joomla/joomla\!
1.5.0
joomla/joomla\!
1.5.1
joomla/joomla\!
1.5.2
joomla/joomla\!
1.5.3
joomla/joomla\!
1.5.4
joomla/joomla\!
1.5.5
joomla/joomla\!
1.5.6
joomla/joomla\!
1.5.7
joomla/joomla\!
1.5.8
joomla/joomla\!
1.5.9
... and 16 more
Published
Dec 03, 2012
Tracked Since
Feb 18, 2026