Description
Joomla! before 1.5.15 allows remote attackers to read an extension's XML file, and thereby obtain the extension's version number, via a direct request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Error Log Monitor Security Bypass (1.6.4)
WordPress Plugin Codestyling Localization 'name' Parameter Cross-Site Scripting (1.99.19)
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.2)
WordPress Plugin Relocate Upload 'abspath' Parameter Remote File Include (0.14)
WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)