CVE-2007-4780

high

Description

Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/36426

http://www.securityfocus.com/archive/1/478451/100/0/threaded

http://www.joomla.org/content/view/3831/1/

http://securityreason.com/securityalert/3108

http://osvdb.org/45875

Details

Source: Mitre, NVD

Published: 2007-09-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00025