Joomla! Remote File Upload Vulnerability And Information Disclosure Weakness

Summary
Joomla! is prone to a remote file-upload vulnerability and an information- disclosure weakness. Attackers can exploit these issues to disclosure sensitive information, or upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation other attacks are also possible. Joomla! 1.5.x versions prior to 1.5.13 are vulnerable.
Solution
The vendor has released updates to address the issues. Please see the references for more information.
References