Joomla!
®
About us
Joomla Home
What is Joomla?
Benefits & Features
Project & Leadership
Trademark & Licensing
The Joomla Foundation
Support us
Contribute
Sponsor
Partner
Shop
Download & Extend
Downloads
Extensions
Languages
Get a free site
Get a domain
Discover & Learn
Documentation
Training
Certification
Site Showcase
Announcements
Blogs
Magazine
Community & Support
Community Portal
Events
User Groups
Forum
Service Providers Directory
Volunteers Portal
Vulnerable Extensions List
Developer Resources
Developer Network
Security Centre
Issue Tracker
GitHub
API Documentation
Joomla!
Framework
Joomla! Extensions Directory™
Download
Launch
Home
Browse Extensions
Top Rated
Most Reviewed
New
Recently Updated
Compatible with J4
Compatible with J5
Compatible with J5 (with b/c plugin)
Search
Community
Meet the JED Team
Blog
JED Newsletter
Terms of Service
Help Joomla!
Support
Knowledgebase
Sponsor Joomla!
Vulnerable Extensions
About
Vulnerable Extensions
Resolved Extensions
Abandoned Extensions
Submit a Report
Submit an Update
Submit AbandonWare
JSON Feed
Log in
Register
Home
Vulnerable Extensions
Vulnerable Extensions
JFaq 1.2
JFaq 1.2
Details
Category:
Vulnerable Extensions
Published: 20 February 2013
JFaq 1.2 Multiple Vulnerabilities 180610
Authors:
Read more
http://docs.joomla.org/Vulnerable_Extensions_List#JFaq_1.2
VEL Search
Search
Search
Vulnerable Extensions
osTicky2, , Other
EasyShop, 1.4.1, XSS (Cross Site Scripting)
LivingWord, , XSS (Cross Site Scripting)
Plugin Creative Gallery , , SQL Injection
Proforms Basic via sort_order parameter, , SQL Injection
EXTPLORER, 2.1.15, XSS (Cross Site Scripting)
LM-CUSTOM-ADMIN, , Other
admirror gallery, , XSS (Cross Site Scripting)
Proforms Basic Joomla Module, , Other
acymailing, pre 8.7.0 , Other
Resolved Extensions
HikaShop, 5.1.1, XSS (Cross Site Scripting)
Advanced custom fields, 2.7.7, SQL Injection
Phoca Gallery, 5.0.0, XSS (Cross Site Scripting)
HikaShop Starter 4.7.5 [2308101603], HikaShop Starter 4.7.5 [2308101603], XSS (Cross Site Scripting)
LazyDbBackup, 3.9.0, Other
Virtual Classroom, , SQL Injection
bagallery , , Other
Solidres, 2.13.3, XSS (Cross Site Scripting)
Edocman 1.24.7 - XSS issue fixed
quickform, , Other