Joomla! Documentation - Vulnerable Extensions List http://docs.joomla.org/Vulnerable_Extensions_List Extension Details Date Added Extension Update Link &amp; Date en MediaWiki 1.16.4 via WikiArticleFeeds 0.6.6 Wed, 16 May 2012 10:01:35 GMT Ninjaxplorer &lt;=1.0.6 http://docs.joomla.org/Vulnerable_Extensions_List#Ninjaxplorer_.3C.3D1.0.6 http://docs.joomla.org/Vulnerable_Extensions_List#Ninjaxplorer_.3C.3D1.0.6 </td><td>developer notification </td><td>250412 </td><td>devloper statement <a href="http://ninjaforge.com/blog/318-security-vulnerability-discovered-in-ninjaxplorer-upgrade-immediately" class="external text" rel="nofollow">upgrade to 1.0.7</a> </td></tr> <tr> <td style="background:#cef2e0; color:black"> Phoca Fav Icon http://docs.joomla.org/Vulnerable_Extensions_List#Phoca_Fav_Icon http://docs.joomla.org/Vulnerable_Extensions_List#Phoca_Fav_Icon </td><td>Permissions Rewrite </td><td>150412 </td><td> <a href="http://www.phoca.cz/news/30-phoca-news/633-phoca-favicon-203-released" class="external text" rel="nofollow">developer update 2.0.3 statement</a> </td></tr> <tr> <td style="background:#cef2e0; color:black"> estateagent improved http://docs.joomla.org/Vulnerable_Extensions_List#estateagent_improved http://docs.joomla.org/Vulnerable_Extensions_List#estateagent_improved </td><td>sqli (eaimproved.eu) </td><td>110412 </td><td>developer states previous version, not current version </td></tr> <tr> <td> bearleague http://docs.joomla.org/Vulnerable_Extensions_List#bearleague http://docs.joomla.org/Vulnerable_Extensions_List#bearleague </td><td>110412 </td><td>sql </td><td>(no longer maintained) </td></tr> <tr> <td> JLive! Chat v4.3.1 http://docs.joomla.org/Vulnerable_Extensions_List#JLive.21_Chat_v4.3.1 http://docs.joomla.org/Vulnerable_Extensions_List#JLive.21_Chat_v4.3.1 </td><td>DT </td><td>060412 </td><td>Developer reports <a href="http://www.cmsfruit.com/security-measures.html" class="external text" rel="nofollow">as unproven</a> </td></tr> <tr> <td style="background:#cef2e0; color:black"> virtuemart 2.0.2 http://docs.joomla.org/Vulnerable_Extensions_List#virtuemart_2.0.2 http://docs.joomla.org/Vulnerable_Extensions_List#virtuemart_2.0.2 </td><td>SQLi </td><td>050412 </td><td>developers <a href="http://virtuemart.net/news/list-all-news/417-happy-easter-new-virtuemart-204-released-security-update-sqli" class="external text" rel="nofollow">release statement</a>Current version 2.0.6 released </td></tr> <tr> <td> JE testimonial http://docs.joomla.org/Vulnerable_Extensions_List#JE_testimonial http://docs.joomla.org/Vulnerable_Extensions_List#JE_testimonial </td><td>SQLi </td><td>230312 </td><td>Developer states <b>malicious report.</b> </td></tr> <tr> <td style="background:#cef2e0; color:black"> JaggyBlog http://docs.joomla.org/Vulnerable_Extensions_List#JaggyBlog http://docs.joomla.org/Vulnerable_Extensions_List#JaggyBlog </td><td>excessive file permission </td><td>090212 </td><td>version 1.3.1 <a href="http://www.jaggysnake.co.uk/products/jaggyblog" class="external text" rel="nofollow">released</a> </td></tr> <tr> <td style="background:red; color:white"> Quickl Form http://docs.joomla.org/Vulnerable_Extensions_List#Quickl_Form http://docs.joomla.org/Vulnerable_Extensions_List#Quickl_Form </td><td>xss </td><td>260112 </td><td> </td></tr> <tr> <td style="background:red; color:white"> com_advert http://docs.joomla.org/Vulnerable_Extensions_List#com_advert http://docs.joomla.org/Vulnerable_Extensions_List#com_advert </td><td>sqli - unknown developer </td><td>240112 </td><td> </td></tr> <tr> <td style="background:#cef2e0; color:black"> Joomla Discussions Component http://docs.joomla.org/Vulnerable_Extensions_List#Joomla_Discussions_Component http://docs.joomla.org/Vulnerable_Extensions_List#Joomla_Discussions_Component </td><td>sqli </td><td>180112 </td><td>Discussions 1.4.1 released <a href="http://www.codingfish.com/news/38-joomla/101-discussions-141-released" class="external text" rel="nofollow">developer statement</a> </td></tr> <tr> <td style="background:#cef2e0; color:black"> HD Video Share (contushdvideoshare) http://docs.joomla.org/Vulnerable_Extensions_List#HD_Video_Share_.28contushdvideoshare.29 http://docs.joomla.org/Vulnerable_Extensions_List#HD_Video_Share_.28contushdvideoshare.29 </td><td>sqli </td><td>180112 </td><td>updated <a href="http://www.hdvideoshare.net" class="external text" rel="nofollow">version 2.2</a> </td></tr> <tr> <td style="background:#cef2e0; color:black"> Simple File Upload 1.3 http://docs.joomla.org/Vulnerable_Extensions_List#Simple_File_Upload_1.3 http://docs.joomla.org/Vulnerable_Extensions_List#Simple_File_Upload_1.3 </td><td>RFI </td><td>010112 </td><td> Developer update <a href="http://wasen.net/index.php?option=com_content&amp;view=article&amp;id=64:simple-file-upload-download&amp;catid=40:project-simple-file-upload&amp;Itemid=59" class="external text" rel="nofollow">statement</a> to 1.3.5 </td></tr> <tr> <td> http://docs.joomla.org/Vulnerable_Extensions_List# http://docs.joomla.org/Vulnerable_Extensions_List# </td><td> </td><td> </td><td> </td></tr></table>