Advisory for: Akeeba for Joomla!
Security Risk: Low
Exploitation level: Difficult/Remote
Vulnerability: Access control bypass
If you’re a user of the very popular “Akeeba Backup for Joomla!” extension (with over 8m downloads), you need to update it right away! During a routine audit for our WAF, we found a vulnerability that could allow an attacker to list and download backups created with the Akeeba extension. With a copy of the backups, an attacker can find your database passwords (stored at configuration.php) and the user list along with their hashed passwords and hashed password-reset tokens.
We consider the risk of this vulnerability as “low”, due to the exploit complexity.