SECUNIA ADVISORY ID:
Customer Area (Credentials Required)
A vulnerability has been discovered in Joomla Captcha plugin for
Joomla!, which can be exploited by malicious people to disclose
potentially sensitive information.
Input passed via the "lng" parameter to
plugins/system/captcha/playcode.php is not properly verified before
being used. This can be exploited to read the contents of arbitrary
files from local resources via directory traversal sequences and
URL-encoded NULL bytes.
Successful exploitation requires that "magic_quotes_gpc" is
The vulnerability is confirmed in version 4.5.1. Other versions may
also be affected.
Edit the source code to ensure that input is properly verified.
PROVIDED AND/OR DISCOVERED BY: