Joomla!
®
About us
Joomla Home
What is Joomla?
Benefits & Features
Project & Leadership
Trademark & Licensing
The Joomla Foundation
Support us
Contribute
Sponsor
Partner
Shop
Download & Extend
Downloads
Extensions
Languages
Get a free site
Get a domain
Discover & Learn
Documentation
Training
Certification
Site Showcase
Announcements
Blogs
Magazine
Community & Support
Community Portal
Events
User Groups
Forum
Service Providers Directory
Volunteers Portal
Vulnerable Extensions List
Developer Resources
Developer Network
Security Centre
Issue Tracker
GitHub
API Documentation
Joomla!
Framework
Joomla! Extensions Directory™
Download
Launch
Home
Browse Extensions
Top Rated
Most Reviewed
New
Recently Updated
Compatible with J4
Compatible with J5
Compatible with J5 (with b/c plugin)
Search
Community
Meet the JED Team
Blog
JED Newsletter
Terms of Service
Help Joomla!
Support
Knowledgebase
Sponsor Joomla!
Vulnerable Extensions
About
Vulnerable Extensions
Resolved Extensions
Abandoned Extensions
Submit a Report
Submit an Update
Submit AbandonWare
JSON Feed
Log in
Register
Home
Vulnerable Extensions
Vulnerable Extensions
Vulnerable Extensions
This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site.
Patched extensions are moved to the Resolved category
.
Filters
Title Filter
Display #
5
10
15
20
25
30
50
100
All
Filter
List of articles in category Vulnerable Extensions
Title
Published Date
Master Password,
01 June 2013
Memory Book
20 February 2013
JprojectMan
20 February 2013
econtentsite
20 February 2013
gigcalender
20 February 2013
heza content
20 February 2013
SqlReport
20 February 2013
Yelp
20 February 2013
ag google analytic
20 February 2013
JTag [joomlatag]
20 February 2013
Page 11 of 24
6
7
8
...
10
11
12
13
14
...
VEL Search
Search
Search
Vulnerable Extensions
osTicky2, , Other
EasyShop, 1.4.1, XSS (Cross Site Scripting)
LivingWord, , XSS (Cross Site Scripting)
Plugin Creative Gallery , , SQL Injection
Proforms Basic via sort_order parameter, , SQL Injection
EXTPLORER, 2.1.15, XSS (Cross Site Scripting)
LM-CUSTOM-ADMIN, , Other
admirror gallery, , XSS (Cross Site Scripting)
Proforms Basic Joomla Module, , Other
acymailing, pre 8.7.0 , Other
Resolved Extensions
HikaShop, 5.1.1, XSS (Cross Site Scripting)
Advanced custom fields, 2.7.7, SQL Injection
Phoca Gallery, 5.0.0, XSS (Cross Site Scripting)
HikaShop Starter 4.7.5 [2308101603], HikaShop Starter 4.7.5 [2308101603], XSS (Cross Site Scripting)
LazyDbBackup, 3.9.0, Other
Virtual Classroom, , SQL Injection
bagallery , , Other
Solidres, 2.13.3, XSS (Cross Site Scripting)
Edocman 1.24.7 - XSS issue fixed
quickform, , Other