Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages.
osvdb.org/39037
osvdb.org/39038
osvdb.org/39039
osvdb.org/39040
osvdb.org/39041
osvdb.org/39042
osvdb.org/39043
www.securityfocus.com/archive/1/475066/100/0/threaded
www.securityfocus.com/archive/1/480738/100/0/threaded
www.securityfocus.com/archive/1/480757/100/0/threaded
www.securityfocus.com/archive/1/480809/100/0/threaded