Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

List of articles in category Vulnerable Extensions
Title	Published Date
Ajax search for K2,2.2,SQL Injection	06 March 2017
je grid folio,probably all versions,SQL Injection	20 February 2017
JE Property Finder,1.6.3,SQL Injection	17 February 2017
RSMonials,2.2 and previous,XSS (Cross Site Scripting)	11 January 2017
JMS Support Online module, 2.0.0, XSS (Cross Site Scripting)	28 December 2016
AVChat Video Chat Integration Kit, File permissions	03 December 2016
HDW Player, 3.2.1 and older	24 October 2016
Huge IT Googlemaps,1.0.9,SQL Injection	26 September 2016
aceftp,unknown version,Other	17 August 2016
Yeeditor, abandonware	06 May 2016

Page 6 of 23