Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

List of articles in category Vulnerable Extensions
Title	Published Date
En Masse, all versions, SQL Injection	15 January 2018
JB Visa,1.0,SQL Injection	06 January 2018
Big File Uploader by Prismanet,1.0.2, Insecure File Upload	06 January 2018
JEXTN Question And Answer ,3.1.0,SQL Injection	20 December 2017
JEXTN Video Gallery 3.0.5 - SQL Injection, 3.0.5 ,SQL Injection	20 December 2017
JBuildozer,1.4.1,SQL Injection	20 December 2017
HDW Player,4.0.0, RCE	24 October 2017
Google Maps by Reumer, 3.5, Malicious update	20 October 2017
Bargain Product VM3, 1.0, SQL Injection	04 October 2017
Price Alert for Virtuemart,3.0.4,SQL Injection	04 October 2017
Keen IT Photo Contest, 1.0.2, SQL Injection	02 October 2017
Joomanager, other	14 September 2017
Realtyna RPL, All versions, SQL Injection and Abandonware	06 September 2017
KissGallery 1.0.0, SQL Injection	29 August 2017
Twitch Tv 1.1, SQL Injection	28 August 2017
Appointment, v1.1 ,SQL Injection	28 August 2017
Bye Bye Password,1.0.4,Information Disclosure	21 August 2017
AYS Quiz,1.0,SQL Injection	01 June 2017
Extra Search by Joomlaboat,2.2.8 and previous,SQL Injection	11 May 2017
Directorix Directory Manager,1.1.1,SQL Injection	20 March 2017
J-Hotel Portal,6.0.2,SQL Injection	16 March 2017
Smart related articles ,1.1,SQL Injection and XSS	14 March 2017
Most Wanted Real Estate,1.1.0,SQL Injection	13 March 2017
Google Map Store Locator by Matamko,4.0,SQL Injection	13 March 2017
PayPal IPN for DOCman by shopfiles.com,3.1,SQL Injection	13 March 2017

Page 2 of 10