Understanding Account Creation and Privilege Escalation Vulnerability in Joomla