About two months ago, i found several vulnerabilities in Joomla! v<= 1.5.19 and these are my advisories. This one was published on Joomla! Security Center: here
- Project: Joomla!
- Severity: Medium
- Versions: 1.5.19 and all previous 1.5 releases
- Exploit type: XSS Injection
- Reported Date: 2010-June-8
Back-end was vulnerable to XSS/HTML Code Injection. Get var "menutype" used in "com_menus" (core component) allowed the injection.
Be safe ;)