Actions

Archived

Difference between revisions of "Vulnerable Extensions List (Archived)"

From Joomla! Documentation

m (Tom Hutchison moved page Vulnerable Extensions List (Archived) to Archived:Vulnerable Extensions List (Archived): Article is being kept for historical purposes)
 
(26 intermediate revisions by 10 users not shown)
Line 1: Line 1:
 +
 +
For a more recent list please see [[Vulnerable_Extensions_List_oct]]
 +
 
<table border="1" cellpadding="3" cellspacing="3">
 
<table border="1" cellpadding="3" cellspacing="3">
 
<tr style="background-color: #ff9900" valign="bottom">
 
<tr style="background-color: #ff9900" valign="bottom">
Line 9: Line 12:
 
<tr>
 
<tr>
  
<td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit; color: inherit" valign="top">
+
<td>
 
<p>
 
<p>
<b>   A6MamboCredits</b>
+
<b>A6MamboCredits</b>
</p>
+
<p>
+
com_a6mambocredits
+
 
</p>
 
</p>
 +
<p>com_a6mambocredits</p>
 
</td>
 
</td>
  
 
<td>All </td>
 
<td>All </td>
<td>Abandoned. Remove completely or use at your own risk.</td>
+
<td>Abandoned. Remove completely or use at your own risk.</td>
 
<td>[http://secunia.com/advisories/21540/ Secunia Advisory] <br />
 
<td>[http://secunia.com/advisories/21540/ Secunia Advisory] <br />
[http://forum.joomla.org/index.php/topic,86978.0.html Forum Topic<br />] </td>
+
[http://forum.joomla.org/index.php/topic,86978.0.html Forum Topic]</td>
 
<td> 2006</td>
 
<td> 2006</td>
  
Line 36: Line 37:
 
</td>
 
</td>
 
<td> All </td>
 
<td> All </td>
<td> Abandoned. Remove completely or use at your own risk.
+
<td> Abandoned. Remove completely or use at your own risk.
 
</td>
 
</td>
 
<td>  
 
<td>  
Line 42: Line 43:
 
[http://secunia.com/advisories/21540/ Secunia Advisory] <br />
 
[http://secunia.com/advisories/21540/ Secunia Advisory] <br />
  
[http://secunia.com/advisories/21227/">Secunia Advisory]  
+
[http://secunia.com/advisories/21227/ Secunia Advisory]  
 
</td>
 
</td>
 
<td> 2006</td>
 
<td> 2006</td>
Line 58: Line 59:
 
<td> &lt;= 2.2.0</td>
 
<td> &lt;= 2.2.0</td>
 
<td>  
 
<td>  
Abandoned. Remove completely or use at your own risk.  
+
Abandoned. Remove completely or use at your own risk.  
 
</td>
 
</td>
  
<td> [http://forum.joomla.org/index.php/topic,76621.0.html Forum Topic] </td>
+
<td> [http://forum.joomla.org/index.php/topic,76621.0.html Forum Topic]</td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
Line 71: Line 72:
 
<td>Upgrade to latest stable version.
 
<td>Upgrade to latest stable version.
 
</td>
 
</td>
<td> [http://www.adobe.com/support/security/advisories/apsa07-01.html Adobe Advisory]  
+
<td>[http://www.adobe.com/support/security/advisories/apsa07-01.html Adobe Advisory]  
 
</td>
 
</td>
<td> 2006</td>
+
<td>2006</td>
 
</tr>
 
</tr>
  
Line 83: Line 84:
 
</td>
 
</td>
  
<td><b> [http://forum.joomla.org/index.php?topic=185805.msg882326#msg882326">Forum Topic] </b><br />
+
<td>[http://forum.joomla.org/index.php?topic=185805.msg882326#msg882326 Forum Topic]<br />
 
</td>
 
</td>
 
<td>June 30, 2006<br />
 
<td>June 30, 2006<br />
Line 94: Line 95:
 
</td>
 
</td>
 
<td> Upgrade to latest stable version.</td>
 
<td> Upgrade to latest stable version.</td>
<td> [http://www.milw0rm.com/exploits/3736 milwOrm Advisory] <br />
+
<td> [http://www.milw0rm.com/exploits/3736 milwOrm Advisory]<br />
[http://www.frsirt.com/english/advisories/2007/1394 FrSIRT Advisory<br />]  <b> [http://forum.joomla.org/index.php/topic,160876.msg775119.html#msg775119">Forum Topic] </b> [http://www.frsirt.com/english/advisories/2007/1394 <br />
+
[http://www.frsirt.com/english/adisories/2007/1394 FrSIRT Advisory]<br />
</td>
+
[http://forum.joomla.org/index.php/topic,160876.msg775119.html#msg775119 Forum Topic]</td>
 
<td> 26 June 2007<br />
 
<td> 26 June 2007<br />
 
</td>
 
</td>
Line 116: Line 117:
 
</td>
 
</td>
  
<td> [http://forum.joomla.org/index.php/topic,76328.0.html Forum Topic]  
+
<td>[http://forum.joomla.org/index.php/topic,76328.0.html Forum Topic]  
 
</td>
 
</td>
 
<td>2006</td>
 
<td>2006</td>
Line 128: Line 129:
 
</td>
 
</td>
 
<td>
 
<td>
<p>
+
<p>[http://www.milw0rm.com/exploits/3734 milwOrm Advisory] <br />
[http://www.milw0rm.com/exploits/3734 milwOrm Advisory] <br />
+
[http://www.frsirt.com/english/advisories/2007/1392 FrSIRT Advisory]<br />
 
+
[http://forum.joomla.org/index.php/topic,160876.msg775119.html#msg775119 Forum Topic]
[http://www.frsirt.com/english/advisories/2007/1392 FrSIRT Advisory<br />
+
<b></b>] <b> [http://forum.joomla.org/index.php/topic,160876.msg775119.html#msg775119">Forum Topic] </b>
+
 
</p>
 
</p>
 
<p>
 
<p>
Line 156: Line 155:
 
<td> No Fix Available. Disable or remove until a fix is available.
 
<td> No Fix Available. Disable or remove until a fix is available.
 
</td>
 
</td>
<td> [http://forum.joomla.org/index.php/topic,81594.0.html Forum Topic]  
+
<td>[http://forum.joomla.org/index.php/topic,81594.0.html Forum Topic]  
  
 
</td>
 
</td>
 
<td> 2006</td>
 
<td> 2006</td>
 +
</tr>
 +
<tr>
 +
<td>
 +
<p>
 +
<b>Bible Study</b>
 +
</p>
 +
<p>
 +
 +
com_biblestudy
 +
</p>
 +
</td>
 +
<td> &lt;= 6.0.7b and below
 +
</td>
 +
<td> Fix Available. SQL Insertion attack
 +
</td>
 +
<td>http://joomlacode.org/gf/project/biblestudy/
 +
 +
</td>
 +
<td> 2008</td>
 
</tr>
 
</tr>
 
<tr>
 
<tr>
Line 192: Line 210:
 
<td>Upgrade to latest stable version.<br />
 
<td>Upgrade to latest stable version.<br />
 
</td>
 
</td>
<td> [http://forum.joomla.org/index.php/topic,77899.0.html Forum Topic] <br />
+
<td>[http://forum.joomla.org/index.php/topic,77899.0.html Forum Topic]<br />
 
[http://secunia.com/advisories/22142/ Secunia Advisory] </td>
 
[http://secunia.com/advisories/22142/ Secunia Advisory] </td>
 
<td> 2006</td>
 
<td> 2006</td>
Line 204: Line 222:
 
<td>  No further information at this time.</td>
 
<td>  No further information at this time.</td>
  
<td> <b> [http://forum.joomla.org/index.php/topic,154777.msg748946.html#msg748946">Forum Topic ] </b></td>
+
<td>[http://forum.joomla.org/index.php/topic,154777.msg748946.html#msg748946 Forum Topic] </b></td>
 
<td> 26 June 2007<br />
 
<td> 26 June 2007<br />
 
</td>
 
</td>
Line 222: Line 240:
 
<td>Upgrade to latest stable version.</td>
 
<td>Upgrade to latest stable version.</td>
  
<td> [http://forum.joomla.org/index.php/topic,82457.0.html Forum Topic] </td>
+
<td>[http://forum.joomla.org/index.php/topic,82457.0.html Forum Topic]</td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
Line 238: Line 256:
 
<td> &lt;= 1.2</td>
 
<td> &lt;= 1.2</td>
 
<td>Upgrade to latest stable version.</td>
 
<td>Upgrade to latest stable version.</td>
<td> [http://secunia.com/advisories/21288/" target="_blank Secunia Advisory]<br />
+
<td>[http://secunia.com/advisories/21288/ Secunia Advisory]<br />
 
+
 
[http://forum.joomla.org/index.php/topic,81587.0.html Forum Topic]</td>
 
[http://forum.joomla.org/index.php/topic,81587.0.html Forum Topic]</td>
 
<td> 2006</td>
 
<td> 2006</td>
Line 268: Line 285:
 
[http://forum.joomla.org/index.php/topic,86525.msg441456.html#msg441456 Forum Topic]</td>
 
[http://forum.joomla.org/index.php/topic,86525.msg441456.html#msg441456 Forum Topic]</td>
 
<td> 2006</td>
 
<td> 2006</td>
 +
</tr>
 +
<tr>
 +
<td>
 +
<p>
 +
<b>DS-Syndicate</b>
 +
 +
</p>
 +
<p>
 +
com_ds-syndicate
 +
</p>
 +
</td>
 +
<td>All versions?</td>
 +
<td>
 +
<p>SQL injection vulnerability.<br />
 +
Remove completely or use at your own risk.<br />Component has been removed from JED. Abandoned?
 +
</p>
 +
</p>
 +
</td>
 +
<td>
 +
[http://www.frsirt.com/english/advisories/2008/2859 http://www.frsirt.com/english/advisories/2008/2859]
 +
<td>Nov. 27, 2008</td>
 
</tr>
 
</tr>
 
<tr>
 
<tr>
Line 442: Line 480:
 
<td>
 
<td>
 
<p>
 
<p>
[http://www.milw0rm.com/exploits/3753">MilwOrm Advisory] <br />
+
[http://www.milw0rm.com/exploits/3753 MilwOrm Advisory] <br />
[http://www.frsirt.com/english/advisories/2007/1429">FrSIRT Advisory]   
+
[http://www.frsirt.com/english/advisories/2007/1429 FrSIRT Advisory]   
 
</p>
 
</p>
  
Line 490: Line 528:
 
<td> &lt;= 1.2.1</td>
 
<td> &lt;= 1.2.1</td>
 
<td>Upgrade to latest stable version.</td>
 
<td>Upgrade to latest stable version.</td>
<td> [http://forum.joomla.org/index.php/topic,77899.0.html Forum Topic] </td>
+
<td>[http://forum.joomla.org/index.php/topic,77899.0.html Forum Topic]</td>
  
 
<td> 2006</td>
 
<td> 2006</td>
Line 506: Line 544:
 
<td> &lt;= 2.0-1.0 RC2</td>
 
<td> &lt;= 2.0-1.0 RC2</td>
 
<td> Patch Available.  <br />
 
<td> Patch Available.  <br />
See [http://forum.joomla.org/index.php/topic,81064.msg418374.html#msg418374 this post.] </td>
+
See [http://forum.joomla.org/index.php/topic,81064.msg418374.html#msg418374 this post]. </td>
  
<td> [http://forum.joomla.org/index.php/topic,81064.0.html Forum Topic] </td>
+
<td>[http://forum.joomla.org/index.php/topic,81064.0.html Forum Topic] </td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
Line 528: Line 566:
 
<p>
 
<p>
 
Abandoned project. <br />
 
Abandoned project. <br />
Upgrade to [http://joomlacode.org/gf/project/nuwiki/">nuWiki]  
+
Upgrade to [http://joomlacode.org/gf/project/nuwiki/ nuWiki]  
 
</p>
 
</p>
 
</td>
 
</td>
Line 557: Line 595:
 
</td>
 
</td>
 
<td>Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number.</td>
 
<td>Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number.</td>
<td> [http://secunia.com/advisories/21545/ Secunia Advisory] </td>
+
<td>[http://secunia.com/advisories/21545/ Secunia Advisory] </td>
  
 
<td> 2006</td>
 
<td> 2006</td>
Line 567: Line 605:
  
 
<td> Upgrade to latest stable version.</td>
 
<td> Upgrade to latest stable version.</td>
<td> <b> [http://forum.joomla.org/index.php/topic,226147.0.html  Forum Topic] </b></td>
+
<td>[http://forum.joomla.org/index.php/topic,226147.0.html  Forum Topic]</td>
 
<td>27 Oct 2007<br />
 
<td>27 Oct 2007<br />
 
</td>
 
</td>
Line 584: Line 622:
  
 
<td> Upgrade to latest stable version.</td>
 
<td> Upgrade to latest stable version.</td>
<td><b> [http://forum.joomla.org/index.php/topic,163589.msg847010.html#msg847010">Forum Topic ] </b></td>
+
<td>[http://forum.joomla.org/index.php/topic,163589.msg847010.html#msg847010 Forum Topic]</td>
 
<td> 26 June 2007<br />
 
<td> 26 June 2007<br />
 
</td>
 
</td>
Line 620: Line 658:
  
 
<td> &lt;= 1.2.4</td>
 
<td> &lt;= 1.2.4</td>
<td>Upgrade to latest stable version. [http://www.thejfactory.com ] </td>
+
<td>Upgrade to latest stable version. [http://www.thejfactory.com] </td>
<td> [http://forum.joomla.org/index.php?topic=180367">Forum Topic]   
+
<td>[http://forum.joomla.org/index.php?topic=180367 Forum Topic]   
 
</td>
 
</td>
 
<td> May 2007</td>
 
<td> May 2007</td>
Line 654: Line 692:
 
</td>
 
</td>
 
<td> &lt;= 4.0j</td>
 
<td> &lt;= 4.0j</td>
<td> Upgrade to version 4.1 then apply Security Patch 1.  [http://mamboxchange.com/frs/?group_id=39&amp;release_id=5995 Download here.] </td>
+
<td> Upgrade to version 4.1 then apply Security Patch 1.  [http://mamboxchange.com/frs/?group_id=39&amp;release_id=5995 Download here].</td>
 
<td>  [http://forum.joomla.org/index.php/topic,76337.0.html Forum Topic] <br />
 
<td>  [http://forum.joomla.org/index.php/topic,76337.0.html Forum Topic] <br />
  
[http://mamboxchange.com/forum/forum.php?forum_id=7638 MamboExchange Advisory<br />] </td>
+
[http://mamboxchange.com/forum/forum.php?forum_id=7638 MamboExchange Advisory]</td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
Line 690: Line 728:
 
<td> &lt;= 1.x</td>
 
<td> &lt;= 1.x</td>
  
<td> Upgrade to 1.5 (or to Joom!Fish)  [http://mamboxchange.com/frs/download.php/4518/MambelFish_1.5.zip Download Mambelfish<br />]  [http://extensions.joomla.org/component/option,com_mtree/task,viewlink/link_id,460/Itemid,35/ Download Joom!Fish ] </td>
+
<td> Upgrade to 1.5 (or to Joom!Fish)  [http://mamboxchange.com/frs/download.php/4518/MambelFish_1.5.zip Download Mambelfish<br />]  [http://extensions.joomla.org/component/option,com_mtree/task,viewlink/link_id,460/Itemid,35/ Download Joom!Fish] </td>
 
<td>  [http://secunia.com/advisories/21544/ Secunia Advisory] </td>
 
<td>  [http://secunia.com/advisories/21544/ Secunia Advisory] </td>
 
<td> 2006</td>
 
<td> 2006</td>
Line 731: Line 769:
 
<td>
 
<td>
 
<p>
 
<p>
[http://securityreason.com/exploitalert/846 Security Reason Advisory<br />]  [http://forum.joomla.org/index.php/topic,76898.0.html Forum Topic] <br />
+
[http://securityreason.com/exploitalert/846 Security Reason Advisory]  [http://forum.joomla.org/index.php/topic,76898.0.html Forum Topic] <br />
 
[http://securityreason.com/exploitalert/846 Security Reason]  
 
[http://securityreason.com/exploitalert/846 Security Reason]  
 
</p>
 
</p>
Line 749: Line 787:
 
</td>
 
</td>
 
<td> &lt;= 1.5.8</td>
 
<td> &lt;= 1.5.8</td>
<td>Upgrade to latest stable version. [http://www.mosets.com/download/ ] </td>
+
<td>Upgrade to latest stable version. [http://www.mosets.com/download/] </td>
 
<td>  [http://forum.joomla.org/index.php/topic,78298.0.html Forum Topic] </td>
 
<td>  [http://forum.joomla.org/index.php/topic,78298.0.html Forum Topic] </td>
  
Line 765: Line 803:
 
</td>
 
</td>
 
<td> &lt;= 1.0.8</td>
 
<td> &lt;= 1.0.8</td>
<td> Temporary Fix Available.  See  [http://forum.joomla.org/index.php/topic,78533.0.html this thread] for details.</td>
+
<td> Temporary Fix Available.  See  [http://forum.joomla.org/index.php/topic,78533.0.html this thread] for details.</td>
  
 
<td>  [http://forum.joomla.org/index.php/topic,78533.0.html Forum Topic] </td>
 
<td>  [http://forum.joomla.org/index.php/topic,78533.0.html Forum Topic] </td>
Line 820: Line 858:
 
</td>
 
</td>
 
<td> &lt;= 2.0.0 RC5 Unpatched</td>
 
<td> &lt;= 2.0.0 RC5 Unpatched</td>
<td> [http://projects.j-prosolution.com/project-news/opensef-news/security-patch-for-opensef.html Download patch ] </td>
+
<td> [http://projects.j-prosolution.com/project-news/opensef-news/security-patch-for-opensef.html Download patch] </td>
 
<td valign="top"> [http://forum.joomla.org/index.php/topic,77301.0.html Forum Topic] </td>
 
<td valign="top"> [http://forum.joomla.org/index.php/topic,77301.0.html Forum Topic] </td>
 
<td> 2006</td>
 
<td> 2006</td>
Line 855: Line 893:
 
<td>&lt;= v1_beta </td>
 
<td>&lt;= v1_beta </td>
 
<td>Upgrade to latest stable version. [http://forge.joomla.org/sf/frs/do/viewRelease/projects.performs/frs.com_performs.com_performs_v2_beta ] </td>
 
<td>Upgrade to latest stable version. [http://forge.joomla.org/sf/frs/do/viewRelease/projects.performs/frs.com_performs.com_performs_v2_beta ] </td>
<td>  [http://secunia.com/advisories/21044/ Secunia Advisory<br />
+
<td>  [http://secunia.com/advisories/21044/ Secunia Advisory]<br />  [http://forum.joomla.org/index.php/topic,76654.0.html Forum Topic] <br />
]   [http://forum.joomla.org/index.php/topic,76654.0.html Forum Topic] <br />
+
 
[http://forum.joomla.org/index.php/topic,76862.0.html Forum Topic] <br />
 
[http://forum.joomla.org/index.php/topic,76862.0.html Forum Topic] <br />
 
</td>
 
</td>
Line 868: Line 905:
 
<td> Upgrade to latest version.<br />
 
<td> Upgrade to latest version.<br />
 
</td>
 
</td>
<td>  [http://forum.joomla.org/index.php?topic=174770.new#new">Forum Topic]  
+
<td>  [http://forum.joomla.org/index.php?topic=174770.new#new Forum Topic]  
  
 
<br />
 
<br />
Line 886: Line 923:
 
</td>
 
</td>
 
<td> &lt;= 1.1.5</td>
 
<td> &lt;= 1.1.5</td>
<td>Upgrade to latest stable version. [http://forge.joomla.org/sf/frs/do/viewRelease/projects.peoplebook/frs.component.component_1_1_6_0 ] </td>
+
<td>Upgrade to latest stable version. [http://forge.joomla.org/sf/frs/do/viewRelease/projects.peoplebook/frs.component.component_1_1_6_0] </td>
  
<td> [http://forge.joomla.org/sf/go/artf5410?nav=1 Joomla Forge<br />]  </td>
+
<td>[http://forge.joomla.org/sf/go/artf5410?nav=1 Joomla Forge]  </td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
Line 902: Line 939:
 
</td>
 
</td>
 
<td> &lt;= 0.8</td>
 
<td> &lt;= 0.8</td>
<td> Author suggest manually patching. [http://www.princeclan.org/ ] </td>
+
<td> Author suggest manually patching. [http://www.princeclan.org/] </td>
  
<td> See  [http://www.princeclan.org/ this site.] </td>
+
<td> See  [http://www.princeclan.org/ this site]. </td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
Line 918: Line 955:
 
</td>
 
</td>
 
<td> &lt;= 1.22.07</td>
 
<td> &lt;= 1.22.07</td>
<td>Upgrade to latest stable version. [http://www.joomlaxt.com/index.php?option=com_remository&amp;Itemid=77&amp;func=fileinfo&amp;id=9 ] </td>
+
<td>Upgrade to latest stable version. [http://www.joomlaxt.com/index.php?option=com_remository&amp;Itemid=77&amp;func=fileinfo&amp;id=9] </td>
  
 
<td> [http://secunia.com/advisories/21068/ Secunia Advisory] <br />
 
<td> [http://secunia.com/advisories/21068/ Secunia Advisory] <br />
Line 938: Line 975:
  
 
<td> &lt;= 1.11.3</td>
 
<td> &lt;= 1.11.3</td>
<td>Upgrade to latest stable version. [http://forge.joomla.org/sf/go/projects.rsgallery2/frs.rsg2_alpha_builds.rsg2_1_11_4 ] </td>
+
<td>Upgrade to latest stable version. [http://forge.joomla.org/sf/go/projects.rsgallery2/frs.rsg2_alpha_builds.rsg2_1_11_4]</td>
 
<td>  [http://forum.joomla.org/index.php/topic,73453.0.html Forum Topic]  
 
<td>  [http://forum.joomla.org/index.php/topic,73453.0.html Forum Topic]  
 
</td>
 
</td>
Line 950: Line 987:
 
<td> Upgrade to latest stable version.</td>
 
<td> Upgrade to latest stable version.</td>
  
<td><b> [http://forum.joomla.org/index.php/topic,154792.msg749006.html#msg749006">Forum Topic] </b></td>
+
<td><b> [http://forum.joomla.org/index.php/topic,154792.msg749006.html#msg749006 Forum Topic] </b></td>
 
<td> 26 June 2007<br />
 
<td> 26 June 2007<br />
 
</td>
 
</td>
Line 1,005: Line 1,042:
  
 
<td> Abandoned.  Remove completely or use at your own risk.<br />
 
<td> Abandoned.  Remove completely or use at your own risk.<br />
[http://www.simplemachines.org/community/index.php?topic=97649.0 ] </td>
+
[http://www.simplemachines.org/community/index.php?topic=97649.0] </td>
 
<td>  
 
<td>  
 
[http://secunia.com/advisories/21055/ Secunia Advisory] <br />
 
[http://secunia.com/advisories/21055/ Secunia Advisory] <br />
Line 1,025: Line 1,062:
 
</td>
 
</td>
 
<td> All</td>
 
<td> All</td>
<td>Upgrade to latest JoomlaBoard.  JoomlaBoard is compatible with SimpleBoard.  [http://developer.joomla.org/sf/frs/do/viewRelease/projects.simpleboard/frs.joomlaboard_1_1.joomlaboard_1_1_2 Download here.] </td>
+
<td>Upgrade to latest JoomlaBoard.  JoomlaBoard is compatible with SimpleBoard.  [http://developer.joomla.org/sf/frs/do/viewRelease/projects.simpleboard/frs.joomlaboard_1_1.joomlaboard_1_1_2 Download here].</td>
 
<td>
 
<td>
  
Line 1,049: Line 1,086:
 
<td>
 
<td>
 
<p>
 
<p>
Versions other than 1.1RC2.  Fix Available.  [http://www.simplemachines.org/community/index.php?topic=100140.0 <br />
+
Versions other than 1.1RC2.  Fix Available.  [http://www.simplemachines.org/community/index.php?topic=100140.0 See this thread].
See this thread.]  
+
 
</p>
 
</p>
  
Line 1,107: Line 1,143:
 
</td>
 
</td>
 
<td> &lt;= 1.1.1 (?)</td>
 
<td> &lt;= 1.1.1 (?)</td>
<td>Upgrade to latest stable version. [http://www.ravenswoodit.co.uk/index.php?option=com_docman&amp;task=cat_view&amp;gid=78&amp;Itemid=13 ] </td>
+
<td>Upgrade to latest stable version. [http://www.ravenswoodit.co.uk/index.php?option=com_docman&amp;task=cat_view&amp;gid=78&amp;Itemid=13] </td>
 
<td>  [http://forum.joomla.org/index.php/topic,81308.msg416865.html#msg416865 Forum Topic]<br />
 
<td>  [http://forum.joomla.org/index.php/topic,81308.msg416865.html#msg416865 Forum Topic]<br />
 
   [http://secunia.com/advisories/21305/ Secunia Advisory] <br />
 
   [http://secunia.com/advisories/21305/ Secunia Advisory] <br />
Line 1,117: Line 1,153:
 
<td><b>VirtueMart</b></td>
 
<td><b>VirtueMart</b></td>
  
<td> &lt;= 1.0.11</td>
+
<td> &lt;= 1.0.13a</td>
<td>Upgrade to version 1.1.11 and apply patch. Available  [http://virtuemart.net/index.php?option=com_docman&amp;task=cat_view&amp;gid=101&amp;Itemid=66 here.] </td>
+
<td>Upgrade to version >= 1.0.14. Available  [http://virtuemart.net/index.php?option=com_content&task=view&id=54&Itemid=147 here]. </td>
<td> [http://forum.joomla.org/index.php/topic,183215.0.html  Forum Topic] </td>
+
<td> [http://virtuemart.net/index.php?option=com_content&task=view&id=275&Itemid=127 Security Bulletin] </td>
<td>June 2007</td>
+
<td>January 2008</td>
 
</tr>
 
</tr>
 
<tr>
 
<tr>
Line 1,128: Line 1,164:
 
<td> 2.1.1</td>
 
<td> 2.1.1</td>
 
<td> Upgrade to latest stable version.</td>
 
<td> Upgrade to latest stable version.</td>
<td> <b> [http://forum.joomla.org/index.php/topic,146478.msg737784.html#msg737784">Forum Topic ] </b></td>
+
<td>[http://forum.joomla.org/index.php/topic,146478.msg737784.html#msg737784 Forum Topic]</td>
  
 
<td> 26 June 2007<br />
 
<td> 26 June 2007<br />
Line 1,137: Line 1,173:
 
<td>&lt;= 2.5.1 RC4</td>
 
<td>&lt;= 2.5.1 RC4</td>
  
<td> [http://www.zoomfactory.org/index.php?option=com_remository&amp;Itemid=61&amp;func=select&amp;id=1 Upgrade to latest stable version.] </td>
+
<td> [http://www.zoomfactory.org/index.php?option=com_remository&amp;Itemid=61&amp;func=select&amp;id=1 Upgrade to latest stable version].</td>
 
<td> [http://www.frsirt.com/english/advisories/2007/1353 FrSIRT Advisory] <br />
 
<td> [http://www.frsirt.com/english/advisories/2007/1353 FrSIRT Advisory] <br />
 
[http://forum.joomla.org/index.php/topic,160119.0.html Forum Topic] </td>
 
[http://forum.joomla.org/index.php/topic,160119.0.html Forum Topic] </td>
 
<td> 2006</td>
 
<td> 2006</td>
 
</tr>
 
</tr>
 +
                <tr>
 +
                        <td> <b>BF Survey Pro<br />BF Survey Basic<br />BF Quiz</b></td>
 +
                        <td>&lt;=1.2.5<br />&lt;=1.0<br />&lt;=1.1.1</td>
 +
                        <td>[http://www.tamlyncreative.com.au/software/index.php/downloads.html Upgrade to latest versions]</td>
 +
                        <td>[http://forum.joomla.org/viewtopic.php?f=431&t=336055&start=0 Forum Post]<br />[http://www.tamlyncreative.com.au/software/forum/index.php?topic=357.0 Developer's Forum Post]</td>
 +
                        <td>September, 2009</td>
 +
                </tr>
 +
                <tr>
 +
                        <td> <b>Photoblog (com_photoblog)</td>
 +
                        <td>Unknown</td>
 +
                        <td>Unknown</td>
 +
                        <td>[http://www.securityfocus.com/bid/36809/info Security Focus Advisory]</td>
 +
                        <td>October 26, 2009</td>
 +
                </tr>
 +
 
</table>
 
</table>
  
[[Category:Security]]
+
[[Category:Archived pages]]

Latest revision as of 12:52, 15 January 2014

Replacement filing cabinet.png
This page has been archived - Please Do Not Edit or Create Pages placed in this namespace. The pages in the Archived namespace exist only as a historical reference, it will not be improved and its content may be incomplete.

For a more recent list please see Vulnerable_Extensions_List_oct

Name Versions Solution References Updated

A6MamboCredits

com_a6mambocredits

All Abandoned. Remove completely or use at your own risk. Secunia Advisory
Forum Topic
2006

A6MamboHelpDesk

com_a6mambohelpdesk

All Abandoned. Remove completely or use at your own risk.

Forum Topic
Secunia Advisory

Secunia Advisory

2006

Advanced Poll

com_advancedpoll (?)

<= 2.2.0

Abandoned. Remove completely or use at your own risk.

Forum Topic 2006
Adobe Acrobat Reader
(Not a Joomla! extension, but worth noting.)
<= 7.0.8 Upgrade to latest stable version. Adobe Advisory 2006
Akocomment All SQL Injection with PHP magic_quotes OFF. No upgrade path yet.

Fix: Turn PHP magic_quotes ON

Forum Topic
June 30, 2006
Article <= 1.1
Upgrade to latest stable version. milwOrm Advisory

FrSIRT Advisory

Forum Topic
26 June 2007

ArtLinks

com_artlinks

All Abandoned. Remove completely or use at your own risk. Forum Topic 2006
AutoStand <= 1.1
No further information at this time.

milwOrm Advisory
FrSIRT Advisory
Forum Topic

 

26 June 2007

Bayesian Naive Filter

com_bayesiannaivefilter

<= 1.1 No Fix Available. Disable or remove until a fix is available. Forum Topic 2006

Bible Study

com_biblestudy

<= 6.0.7b and below Fix Available. SQL Insertion attack http://joomlacode.org/gf/project/biblestudy/ 2008

BigApe Backup

com_babackup

All A patch is available from the developer. See this post. Secunia Advisory
Forum Topic
2006

BSQ Site Stats

com_bsqsitestats

<= 2.2.1 Upgrade to latest stable version.
Forum Topic
Secunia Advisory
2006
Car Manager
<= 1.1
No further information at this time. Forum Topic 26 June 2007

Classifieds

com_classifieds

<= 1.3 Upgrade to latest stable version. Forum Topic 2006

Colophon

com_colophon

<= 1.2 Upgrade to latest stable version. Secunia Advisory
Forum Topic
2006

Community Builder

com_profiler

<= 1.0.0

Upgrade to latest stable version.

See here for a fix for register_globals = off

Jomopolis Topic

Forum Topic

Forum Topic
2006

DS-Syndicate

com_ds-syndicate

All versions?

SQL injection vulnerability.
Remove completely or use at your own risk.
Component has been removed from JED. Abandoned?

http://www.frsirt.com/english/advisories/2008/2859

Nov. 27, 2008

Events

com_events

<= 1.3 Beta Upgrade to latest stable version. Forum Topic 2006
Expose Flash Gallery RC4 Download patch
Forum Topic 20 July 2007

ExtCalendar

com_extcalendar

<= 0.9.1 Upgrade to version 0.9.2. Seethis post for details. Also check the new forked project, JCal. Secunia Advisory

Forum Topic
Forum Topic

Forum Topic
2006

Facile Forms

com_facileforms

<= 1.4.6 Upgrade to latest stable version. Forum Topic 2006

Galleria

com_galleria

All Abandoned. Remove completely or use at your own risk. NVD Advisory
Forum Topic
2006

Gmaps

com_gmaps

<=1.01 Upgrade to the latest version, which can be downloaded here
Security Focus Advisory
6 August 2007

Hash Cash

com_hashcash

All Abandoned. Remove completely or use at your own risk. Secunia Advisory
2006

Hot Property

com_hotproperties (?)

<= 0.97 Upgrade to latest stable version. No references available at this time. 2006

JCE

com_jce

<= 1.0.4 Apply patch, download it here, or use latest stable version.

Secunia Advisory
Cellardoor
Secunia Advisory

2006

JoomlaPack

com_jpack

1.0.4a2 RE Upgrade to latest stable version.

MilwOrm Advisory
FrSIRT Advisory

2006

JoomlaBoard

com_joomlaboard

<= 1.1.1

Upgrade to latest stable version.

RG_EMULATION Fix

Secunia Advisory

Forum Topic

Forum Topic

2006

JoomlaLib

com_joomlalib

<= 1.2.1 Upgrade to latest stable version. Forum Topic 2006

JD-WordPress

com_jd-wp

<= 2.0-1.0 RC2 Patch Available.
See this post.
Forum Topic 2006

JD-Wiki

com_jd-wiki

All

Abandoned project.
Upgrade to nuWiki

Forum Topic

Forum Topic

6 July 2007

JIM 1.0.1. (PMS)

com_jim

1.0.1
Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number. Secunia Advisory 2006
joomSEF (ARTIO) <=2.2.1 Upgrade to latest stable version. Forum Topic 27 Oct 2007

jPack

com_jpack

< 1.0.4-b1 Upgrade to latest stable version. Forum Topic 26 June 2007

Link Directory

com_linkdirectory

All
Remove. Abandoned project.
No references. 2006

Letterman

mod_letterman

<= 1.2.4 Upgrade to latest stable version. [1] Forum Topic May 2007

LMO

com_lmo

<= 1.0b2 Upgrade to latest stable version. [2] FrSIRT Advisory
Forum Topic
2006

LoudMouth

com_loudmouth

<= 4.0j Upgrade to version 4.1 then apply Security Patch 1. Download here. Forum Topic
MamboExchange Advisory
2006

MamCom (?)

com_trade

All
Abandoned. Remove completely or use at your own risk.
*Unconfirmed* 2006

MambelFish 1.x

com_mambelfish

<= 1.x Upgrade to 1.5 (or to Joom!Fish) Download Mambelfish
Download Joom!Fish
Secunia Advisory 2006

Mambo Gallery Manager

com_mgm

All Abandoned. Remove completely or use at your own risk. Forum Topic
FrSIRT Advisory
2006

MiniBB

com_minibb

<= 1.5a Abandoned. Remove completely or use at your own risk.

Security Reason Advisory Forum Topic
Security Reason

2006

Mos Tree

com_mtree

<= 1.5.8 Upgrade to latest stable version. [3] Forum Topic 2006

MosMedia

com_mosmedia

<= 1.0.8 Temporary Fix Available. See this thread for details. Forum Topic 2006

MoSpray

com_mospray

<= 1.8 RC1 Abandoned. Remove completely or use at your own risk. Forum Topic 2006

Multibanners

com_multibanners

* Note: Not the same as the Multibanners Module.

All
Abandoned. Remove completely or use at your own risk. Secunia Advisory

Forum Topic

2006

OpenSEF

com_sef

<= 2.0.0 RC5 Unpatched Download patch Forum Topic 2006

PC Cook Book

com_pccookbook

<= 1.3.1 No Fix Available. Disable or remove. FrSIRT Advisory

Forum Topic

2006

Per Forms

com_performs

<= v1_beta Upgrade to latest stable version. [4] Secunia Advisory
Forum Topic

Forum Topic

2006
Phil-A-Form < 1.2
Upgrade to latest version.
Forum Topic



May 2007

People Book

com_peoplebook

<= 1.1.5 Upgrade to latest stable version. [5] Joomla Forge 2006

Prince Clan Chess

com_pcchess

<= 0.8 Author suggest manually patching. [6] See this site. 2006

PollXT

com_pollxt

<= 1.22.07 Upgrade to latest stable version. [7] Secunia Advisory

Forum Topic
Secunia Advisory

2006

RS Gallery2

com_rsgallery2

<= 1.11.3 Upgrade to latest stable version. [8] Forum Topic 06
RWCards < 2.4.4
Upgrade to latest stable version. Forum Topic 26 June 2007
Security Images

com_securityimages

<= 3.0.5 Upgrade to latest stable version. Secunia Advisory

Forum Topic

June 2007
SEF404x

com_sef

All No Fix Available. Remove completely or use at your own risk. No references.
2006
sh404SEF 1.2.4 t, u, or w Patch or update.
Forum Topic 23 Oct, 2007

Site Map

com_sitemap


All
Abandoned. Remove completely or use at your own risk.
[9]

Secunia Advisory
Forum Topic
Secunia Advisory

2006

SimpleBoard

com_simpleboard

All Upgrade to latest JoomlaBoard. JoomlaBoard is compatible with SimpleBoard. Download here.

Secunia Advisory
Secunia Advisory
Forum Topic
Secunia Advisory

2006

SMF Bridge

com_smf

<= 1.1.4

Versions other than 1.1RC2. Fix Available. See this thread.

 

Version 1.1RC2 only. Upgrade available.
See this thread.

Secunia Advisory

Simple Machines Advisory
Forum Topic
Forum Topic
Forum Topic
Forum Topic

Secunia Advisory

2006

TaskHopper

com_thopper

<= 1.1
Upgrade to latest version.

Forum Topic

2006

User Home Pages 1 and 2

com_uhp and com_uhp2

<= 1.1.1 (?) Upgrade to latest stable version. [10] Forum Topic
  Secunia Advisory 

Forum Topic

June 2007
VirtueMart <= 1.0.13a Upgrade to version >= 1.0.14. Available here. Security Bulletin January 2008
WordPress
(Not a Joomla! extension, but worth noting.)
2.1.1 Upgrade to latest stable version. Forum Topic 26 June 2007
zOOm Media Gallery <= 2.5.1 RC4 Upgrade to latest stable version. FrSIRT Advisory
Forum Topic
2006
BF Survey Pro
BF Survey Basic
BF Quiz
<=1.2.5
<=1.0
<=1.1.1
Upgrade to latest versions Forum Post
Developer's Forum Post
September, 2009
Photoblog (com_photoblog) Unknown Unknown Security Focus Advisory October 26, 2009