Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
https://exchange.xforce.ibmcloud.com/vulnerabilities/43648
http://www.securityfocus.com/bid/30125