CVE-2007-0375

Name of the Vulnerable Software and Affected Versions: Joomla! version 1.5.0 Beta

Description: The issue allows remote attackers to obtain sensitive information via direct requests for certain PHP scripts. This is related to a jimport function call at the beginning of each script, which reveals the path in various error messages. The affected scripts include "plugins/user/example.php", "gmail.php", "example.php", "ldap.php" in "plugins/authentication/", and "modules/mod mainmenu/menu.php".

Recommendations: For Joomla! version 1.5.0 Beta, consider restricting access to the specified PHP scripts, such as "example.php", "gmail.php", "ldap.php", and "menu.php", until a fix is available. As a temporary workaround, avoid using the jimport function call at the beginning of each script to minimize the risk of exploitation.