• Joomla!®
    • About us
    • Joomla Home
    • What is Joomla?
    • Benefits & Features
    • Project & Leadership
    • Trademark & Licensing
    • The Joomla Foundation
    • Support us
    • Contribute
    • Sponsor
    • Partner
    • Shop
  • Download & Extend
    • Downloads
    • Extensions
    • Languages
    • Get a free site
    • Get a domain
  • Discover & Learn
    • Documentation
    • Training
    • Certification
    • Site Showcase
    • Announcements
    • Blogs
    • Magazine
  • Community & Support
    • Community Portal
    • Events
    • User Groups
    • Forum
    • Service Providers Directory
    • Volunteers Portal
    • Vulnerable Extensions List
  • Developer Resources
    • Developer Network
    • Security Centre
    • Issue Tracker
    • GitHub
    • API Documentation
    • Joomla! Framework

Joomla! Extensions Directory™

Download
Launch
  • Home
  • Browse Extensions
    • Top Rated
    • Most Reviewed
    • New
    • Recently Updated
    • Compatible with J4
  • Search
  • Community
    • Meet the JED Team
    • Blog
    • JED Newsletter
    • Terms of Service
    • Help Joomla!
  • Support
    • Knowledgebase
    • Sponsor Joomla!
  • Vulnerable Extensions
    • About
    • Vulnerable Extensions
    • Resolved Extensions
    • Abandoned Extensions
    • Submit a Report
    • Submit an Update
    • Submit AbandonWare
    • JSON Feed
  • Log in
  • Register
  • Home
  • Vulnerable Extensions
  • Vulnerable Extensions

Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to  exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

Filters
List of articles in category Vulnerable Extensions
Title Published Date
Easy Youtube Gallery , 1.0.2,Information Disclosure 20 April 2016
Template Monster various themes 20 April 2016
User Group FTW For Hikashop,1.1.5,Other 07 April 2016
Jetext (abandonware), all version 09 October 2015
Vnmshop (abandonware), all versions 27 September 2015
JACC,3.0.3,XSS (Cross Site Scripting) 19 August 2015
Memorix component, any version (abandonware), SQL Injection 17 August 2015
Informations component, any version (abandonware), SQL Injection 17 August 2015
WFLab Joomshopping carousel module,1.1.2 beta and below,SQLi 09 August 2015
Araticlhess Module [mod_araticlhess] / [mod_araticlhes], all versions, fake/backdoor 02 August 2015

Page 7 of 23

  • 2
  • 3
  • ...
  • 5
  • 6
  • 7
  • 8
  • 9
  • ...
  • 11
VEL Search

Vulnerable Extensions
  • JKassa, 2.0.0, SQL Injection
  • YooRecipe, All, SQL Injection
  • publisher, 3.0.19, XSS (Cross Site Scripting)
  • paGO Commerce, 2.5.9.0, SQL Injection
  • Social Chat, 1.5 and Below, SQL Injection Iacopo Guarneri
  • hwdplayer,4.2,SQL Injection
  • Rapicode, Multiple Extensions, Back Door
  • Google Map Landkarten,4.2.3,SQL Injection
  • Fastball, SQL Injection
  • File Download Tracker,3.0,SQL Injection
Resolved Extensions
  • J-BusinessDirectory, 5.7.7 and prior, Other
  • LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login , 5.0.2, Other
  • jCart for OpenCart, jCart for OpenCart 3.0.3.19, XSS (Cross Site Scripting)
  • JoomRecipe, 4.2.2, XSS (Cross Site Scripting)
  • EDocman, 1.23.3, XSS (Cross Site Scripting)
  • EShop Joomla Shopping-Cart, 3.6.0, XSS (Cross Site Scripting)
  • easyblog, , Other
  • ZH Googlemap, 11.22.3.1, XSS (Cross Site Scripting)
  • ijoomla guru, , various
  • JUX Timetable, 1.0.4, SQL Injection

  • Joomla! on Twitter
  • Joomla! on Facebook
  • Joomla! on YouTube
  • Joomla! on LinkedIn
  • Joomla! on Pinterest
  • Joomla! on Instagram
  • Joomla! on GitHub
  • Home
  • About
  • Community
  • Forum
  • Extensions
  • Services
  • Docs
  • Developer
  • Shop
  • Accessibility Statement
  • Privacy Policy
  • Cookie Policy
  • Sponsor Joomla! with $5
  • Help Translate
  • Report an Issue
  • Log in

© 2005 - 2023 Open Source Matters, Inc. All Rights Reserved.

Rochen
Joomla! Hosting by Rochen
× We have detected that you are using an ad blocker. The Joomla! Project relies on revenue from these advertisements so please consider disabling the ad blocker for this domain.