Please check with the extension publisher in case of any questions over the security of their product. Report Vulnerable extensions either in the jforum:432 security topic clearly marked with the first word in the title being Vulnerable Report where the security moderators or JSST team will respond. For a guide to the codes
|Extension||Details||Date Added||Extension Update Link & Date|
|SQLi||Jan 29||Not Known|
|SQLi||reported Jan 29||fixes in version 1.5.3.b|
SQLi - SQL injection wikipedia
LFI - Local File Inclusion scribd
RFI - Remote file inclusion wikipedia
DT - Directory Traversal wikipedia
Resolved items will be removed after a suitable period and not on resolution
Please solve the issues and:
Attach the new zip file at your actual JED listing.
Change the extension version at JED listing.
Contact the JED by mail with a notice and ask them republish your listing.
Inform us by PM of the link to your resolution notice on your website.
NB We do not fix, we report