CVE-2008-3225 : Joomla! before 1.5.4 allows attackers to access administration functionality, wh

Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."

Published 2008-07-18 16:41:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2008-3225

Joomla » Joomla
Versions up to, including, (<=) 1.5.3
cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.2
cpe:2.3:a:joomla:joomla:1.0.2:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.3
cpe:2.3:a:joomla:joomla:1.0.3:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0
cpe:2.3:a:joomla:joomla:1.0:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.1
cpe:2.3:a:joomla:joomla:1.0.1:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.03
cpe:2.3:a:joomla:joomla:1.03:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.5
cpe:2.3:a:joomla:joomla:1.0.5:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.4
cpe:2.3:a:joomla:joomla:1.0.4:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.7
cpe:2.3:a:joomla:joomla:1.0.7:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.6
cpe:2.3:a:joomla:joomla:1.0.6:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.0
cpe:2.3:a:joomla:joomla:1.0.0:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.8
cpe:2.3:a:joomla:joomla:1.0.8:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.9
cpe:2.3:a:joomla:joomla:1.0.9:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.10
cpe:2.3:a:joomla:joomla:1.0.10:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.11
cpe:2.3:a:joomla:joomla:1.0.11:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5.0 Beta
cpe:2.3:a:joomla:joomla:1.5.0_beta:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.12
cpe:2.3:a:joomla:joomla:1.0.12:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5.0 Beta2
cpe:2.3:a:joomla:joomla:1.5.0_beta2:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5.0 Rc1
cpe:2.3:a:joomla:joomla:1.5.0_rc1:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5.0 Beta1
cpe:2.3:a:joomla:joomla:1.5.0_beta1:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5.1
cpe:2.3:a:joomla:joomla:1.5.1:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5.2
cpe:2.3:a:joomla:joomla:1.5.2:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.5
cpe:2.3:a:joomla:joomla:1.5:*:*:*:*:*:*:*
Matching versions
Joomla » Joomla » Version: 1.0.13
cpe:2.3:a:joomla:joomla:1.0.13:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2008-3225

EPSS FAQ

0.03%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 5 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-3225

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-3225

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-3225

http://www.securityfocus.com/bid/30125

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2008/07/12/2

oss-security - CVE requests: joomla <1.5.4

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/43648
http://www.joomla.org/content/view/5180/1/

Patch

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2008-3225

Products affected by CVE-2008-3225

Exploit prediction scoring system (EPSS) score for CVE-2008-3225

CVSS scores for CVE-2008-3225

CWE ids for CVE-2008-3225

References for CVE-2008-3225