Archived:Vulnerable Extensions List 0210
From Joomla! Documentation
February 2010 Reported Vulnerable Extensions
<startFeed />
Please check with the extension publisher in case of any questions over the security of their product. Report Vulnerable extensions either in the jforum:432 security topic clearly marked with the first word in the title being Vulnerable Report where the security moderators or JSST team will respond. For a guide to the codes
| Extension | Details | Date Added | Extension Update Link & Date |
|---|---|---|---|
Jvideodirect |
SQLi | Jan 29 | Not Known |
JEvent |
SQLi | reported Jan 29 | fixes in version 1.5.3.b |
Item3 |
3a | 3b | 3c |
Item4 |
<endFeed />
This list is change protected, for updates or additions Mandville or lafrance
Codes used
SQLi - SQL injection wikipedia
LFI - Local File Inclusion scribd
RFI - Remote file inclusion wikipedia
DT - Directory Traversal wikipedia
Developers - How to get yourself removed from the from the VEL
Resolved items will be removed after a suitable period and not on resolution
Please solve the issues and:
- If JED listed
Attach the new zip file at your actual JED listing.
Change the extension version at JED listing.
Contact the JED by mail with a notice and ask them republish your listing.
- If not JED listed.
Inform us by PM of the link to your resolution notice on your website.
NB We do not fix, we report
Notes
We try and put the newest item to the top of the list but it is not always possible. List as discussed in jtopic:455746 by PhilD editing by Mandville For instructions on how to receive the feed.