Description
Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.
Remediation
References
Related Vulnerabilities
WordPress Plugin Adminer Security Bypass (1.4.5)
WordPress Plugin Download Plugin Security Bypass (1.6.0)
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10673)
WordPress 4.7.x Possible SQL Injection Vulnerability (4.7 - 4.7.6)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5540)