Description

Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors. NOTE: this might be a duplicate of CVE-2012-1599.

Remediation

References

CVE-2012-1611

Related Vulnerabilities

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.4.37.727)

WordPress Plugin SB Uploader Arbitrary File Upload (3.2)

WordPress Plugin Slideshow Gallery 2 'border' Parameter Cross-Site Scripting (1.1.4)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0754)

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21664)

Severity

Medium

Classification

CVE-2012-1611 CWE-264

Tags

Missing Update Known Vulnerabilities