Archived:Vulnerable Extensions List (Archived)
From Joomla! Documentation
Revision as of 12:31, 15 July 2011 by CirTap (talk | contribs) (moved Vulnerable Extensions List/Archive/2010-11 to Vulnerable Extensions List (Archived) over redirect)
This article or section is in the process of an expansion or major restructuring. You are welcome to assist in its construction by editing it as well. If this article or section has not been edited in several days, please remove this template.
This article was last edited by CirTap (talk| contribs) 13 years ago. (Purge)
For a more recent list please see Vulnerable_Extensions_List_oct
| Name | Versions | Solution | References | Updated |
|---|---|---|---|---|
|
A6MamboCredits com_a6mambocredits |
All | Abandoned. Remove completely or use at your own risk. | Secunia Advisory Forum Topic |
2006 |
|
A6MamboHelpDesk com_a6mambohelpdesk |
All | Abandoned. Remove completely or use at your own risk. | 2006 | |
|
Advanced Poll com_advancedpoll (?) |
<= 2.2.0 |
Abandoned. Remove completely or use at your own risk. |
Forum Topic | 2006 |
| Adobe Acrobat Reader (Not a Joomla! extension, but worth noting.) |
<= 7.0.8 | Upgrade to latest stable version. | Adobe Advisory | 2006 |
| Akocomment | All | SQL Injection with PHP magic_quotes OFF. No upgrade path yet. Fix: Turn PHP magic_quotes ON |
Forum Topic |
June 30, 2006 |
| Article | <= 1.1 |
Upgrade to latest stable version. | milwOrm Advisory Forum Topic |
26 June 2007 |
|
ArtLinks com_artlinks |
All | Abandoned. Remove completely or use at your own risk. | Forum Topic | 2006 |
| AutoStand | <= 1.1 |
No further information at this time. |
milwOrm Advisory
|
26 June 2007 |
|
Bayesian Naive Filter com_bayesiannaivefilter |
<= 1.1 | No Fix Available. Disable or remove until a fix is available. | Forum Topic | 2006 |
|
Bible Study com_biblestudy |
<= 6.0.7b and below | Fix Available. SQL Insertion attack | http://joomlacode.org/gf/project/biblestudy/ | 2008 |
|
BigApe Backup com_babackup |
All | A patch is available from the developer. See this post. | Secunia Advisory Forum Topic |
2006 |
|
BSQ Site Stats com_bsqsitestats |
<= 2.2.1 | Upgrade to latest stable version. |
Forum Topic Secunia Advisory |
2006 |
| Car Manager |
<= 1.1 |
No further information at this time. | Forum Topic | 26 June 2007 |
|
Classifieds com_classifieds |
<= 1.3 | Upgrade to latest stable version. | Forum Topic | 2006 |
|
Colophon com_colophon |
<= 1.2 | Upgrade to latest stable version. | Secunia Advisory Forum Topic |
2006 |
|
Community Builder com_profiler |
<= 1.0.0 |
Upgrade to latest stable version. |
Jomopolis Topic Forum Topic |
2006 |
|
DS-Syndicate com_ds-syndicate |
All versions? |
SQL injection vulnerability. |
Nov. 27, 2008 | |
|
Events com_events |
<= 1.3 Beta | Upgrade to latest stable version. | Forum Topic | 2006 |
| Expose Flash Gallery | RC4 | Download patch |
Forum Topic | 20 July 2007 |
|
ExtCalendar com_extcalendar |
<= 0.9.1 | Upgrade to version 0.9.2. Seethis post for details. Also check the new forked project, JCal. | Secunia Advisory Forum Topic |
2006 |
|
Facile Forms com_facileforms |
<= 1.4.6 | Upgrade to latest stable version. | Forum Topic | 2006 |
|
Galleria com_galleria |
All | Abandoned. Remove completely or use at your own risk. | NVD Advisory Forum Topic |
2006 |
|
Gmaps com_gmaps |
<=1.01 | Upgrade to the latest version, which can be downloaded here |
Security Focus Advisory |
6 August 2007 |
|
Hash Cash com_hashcash |
All | Abandoned. Remove completely or use at your own risk. | Secunia Advisory |
2006 |
|
Hot Property com_hotproperties (?) |
<= 0.97 | Upgrade to latest stable version. | No references available at this time. | 2006 |
|
JCE com_jce |
<= 1.0.4 | Apply patch, download it here, or use latest stable version. | 2006 | |
|
JoomlaPack com_jpack |
1.0.4a2 RE | Upgrade to latest stable version. | 2006 | |
|
JoomlaBoard com_joomlaboard |
<= 1.1.1 |
Upgrade to latest stable version. |
Secunia Advisory |
2006 |
|
JoomlaLib com_joomlalib |
<= 1.2.1 | Upgrade to latest stable version. | Forum Topic | 2006 |
|
JD-WordPress com_jd-wp |
<= 2.0-1.0 RC2 | Patch Available. See this post. |
Forum Topic | 2006 |
|
JD-Wiki com_jd-wiki |
All |
Abandoned project. |
6 July 2007 | |
|
JIM 1.0.1. (PMS) com_jim |
1.0.1 |
Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number. | Secunia Advisory | 2006 |
| joomSEF (ARTIO) | <=2.2.1 | Upgrade to latest stable version. | Forum Topic | 27 Oct 2007 |
|
jPack com_jpack |
< 1.0.4-b1 | Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
|
Link Directory com_linkdirectory |
All |
Remove. Abandoned project. |
No references. | 2006 |
|
Letterman mod_letterman |
<= 1.2.4 | Upgrade to latest stable version. [1] | Forum Topic | May 2007 |
|
LMO com_lmo |
<= 1.0b2 | Upgrade to latest stable version. [2] | FrSIRT Advisory Forum Topic |
2006 |
|
LoudMouth com_loudmouth |
<= 4.0j | Upgrade to version 4.1 then apply Security Patch 1. Download here. | Forum Topic MamboExchange Advisory |
2006 |
|
MamCom (?) com_trade |
All |
Abandoned. Remove completely or use at your own risk. |
*Unconfirmed* | 2006 |
|
MambelFish 1.x com_mambelfish |
<= 1.x | Upgrade to 1.5 (or to Joom!Fish) Download Mambelfish Download Joom!Fish |
Secunia Advisory | 2006 |
|
Mambo Gallery Manager com_mgm |
All | Abandoned. Remove completely or use at your own risk. | Forum Topic FrSIRT Advisory |
2006 |
|
MiniBB com_minibb |
<= 1.5a | Abandoned. Remove completely or use at your own risk. | 2006 | |
|
Mos Tree com_mtree |
<= 1.5.8 | Upgrade to latest stable version. [3] | Forum Topic | 2006 |
|
MosMedia com_mosmedia |
<= 1.0.8 | Temporary Fix Available. See this thread for details. | Forum Topic | 2006 |
|
MoSpray com_mospray |
<= 1.8 RC1 | Abandoned. Remove completely or use at your own risk. | Forum Topic | 2006 |
|
Multibanners com_multibanners * Note: Not the same as the Multibanners Module. |
All |
Abandoned. Remove completely or use at your own risk. | Secunia Advisory |
2006 |
|
OpenSEF com_sef |
<= 2.0.0 RC5 Unpatched | Download patch | Forum Topic | 2006 |
|
PC Cook Book com_pccookbook |
<= 1.3.1 | No Fix Available. Disable or remove. | FrSIRT Advisory |
2006 |
|
Per Forms com_performs |
<= v1_beta | Upgrade to latest stable version. [4] | Secunia Advisory Forum Topic |
2006 |
| Phil-A-Form | < 1.2 |
Upgrade to latest version. |
Forum Topic
|
May 2007 |
|
People Book com_peoplebook |
<= 1.1.5 | Upgrade to latest stable version. [5] | Joomla Forge | 2006 |
|
Prince Clan Chess com_pcchess |
<= 0.8 | Author suggest manually patching. [6] | See this site. | 2006 |
|
PollXT com_pollxt |
<= 1.22.07 | Upgrade to latest stable version. [7] | Secunia Advisory |
2006 |
|
RS Gallery2 com_rsgallery2 |
<= 1.11.3 | Upgrade to latest stable version. [8] | Forum Topic | 06 |
| RWCards | < 2.4.4 |
Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
| Security Images com_securityimages |
<= 3.0.5 | Upgrade to latest stable version. | Secunia Advisory |
June 2007 |
| SEF404x com_sef |
All | No Fix Available. Remove completely or use at your own risk. | No references. |
2006 |
| sh404SEF | 1.2.4 t, u, or w | Patch or update. |
Forum Topic | 23 Oct, 2007 |
|
Site Map com_sitemap |
All |
Abandoned. Remove completely or use at your own risk. [9] |
2006 | |
|
SimpleBoard com_simpleboard |
All | Upgrade to latest JoomlaBoard. JoomlaBoard is compatible with SimpleBoard. Download here. |
Secunia Advisory |
2006 |
|
SMF Bridge com_smf |
<= 1.1.4 |
Versions other than 1.1RC2. Fix Available. See this thread.
Version 1.1RC2 only. Upgrade available. |
Secunia Advisory Simple Machines Advisory |
2006 |
|
TaskHopper com_thopper |
<= 1.1 |
Upgrade to latest version. |
2006 | |
|
User Home Pages 1 and 2 com_uhp and com_uhp2 |
<= 1.1.1 (?) | Upgrade to latest stable version. [10] | Forum TopicSecunia Advisory |
June 2007 |
| VirtueMart | <= 1.0.13a | Upgrade to version >= 1.0.14. Available here. | Security Bulletin | January 2008 |
| WordPress (Not a Joomla! extension, but worth noting.) |
2.1.1 | Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
| zOOm Media Gallery | <= 2.5.1 RC4 | Upgrade to latest stable version. | FrSIRT Advisory Forum Topic |
2006 |
| BF Survey Pro BF Survey Basic BF Quiz |
<=1.2.5 <=1.0 <=1.1.1 |
Upgrade to latest versions | Forum Post Developer's Forum Post |
September, 2009 |
| Photoblog (com_photoblog) | Unknown | Unknown | Security Focus Advisory | October 26, 2009 |