Design/Logic Flaw

2012-09-0619:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

JSON

Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to “administrator.”

CPENameOperatorVersion
joomla\\!eq1.7.1
joomla\\!eq1.7.4
joomla\\!eq1.7.0
joomla\\!eq1.7.3
joomla\\!eq2.5.0
joomla\\!eq1.7.2

Name	Operator	Version
joomla\\!	eq	1.7.1
joomla\\!	eq	1.7.4
joomla\\!	eq	1.7.0
joomla\\!	eq	1.7.3
joomla\\!	eq	2.5.0
joomla\\!	eq	1.7.2

References

developer.joomla.org/security/news/389-20120201-core-information-disclosure

secunia.com/advisories/47847

www.joomla.org/announcements/release-news/5410-joomla-251-released.html

www.joomla.org/announcements/release-news/5411-joomla-175-released.html

www.openwall.com/lists/oss-security/2012/02/03/6

www.openwall.com/lists/oss-security/2012/02/03/9

www.osvdb.org/78826