Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors.
Software | From | Fixed in |
---|---|---|
Joomla / joomla | 1.5rc4 | 1.5rc4.x |