Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories.
https://exchange.xforce.ibmcloud.com/vulnerabilities/36426
http://www.securityfocus.com/archive/1/478451/100/0/threaded
http://www.joomla.org/content/view/3831/1/