Actions

Archived

Vulnerable Extensions List (Archived)

From Joomla! Documentation

Revision as of 12:42, 5 May 2008 by Rliskey (Talk | contribs)

Replacement filing cabinet.png
This page has been archived - Please Do Not Edit or Create Pages placed in this namespace. The pages in the Archived namespace exist only as a historical reference, it will not be improved and its content may be incomplete.
Name Versions Solution References Updated

A6MamboCredits

com_a6mambocredits

All Abandoned. Remove completely or use at your own risk. Secunia Advisory
Forum Topic
2006

A6MamboHelpDesk

com_a6mambohelpdesk

All Abandoned. Remove completely or use at your own risk.

Forum Topic
Secunia Advisory

">Secunia Advisory

2006

Advanced Poll

com_advancedpoll (?)

<= 2.2.0

Abandoned. Remove completely or use at your own risk.

Forum Topic 2006
Adobe Acrobat Reader
(Not a Joomla! extension, but worth noting.)
<= 7.0.8 Upgrade to latest stable version. Adobe Advisory 2006
Akocomment All SQL Injection with PHP magic_quotes OFF. No upgrade path yet.

Fix: Turn PHP magic_quotes ON

">Forum Topic
June 30, 2006
Article <= 1.1
Upgrade to latest stable version. milwOrm Advisory

FrSIRT Advisory
">Forum Topic [http://www.frsirt.com/english/advisories/2007/1394

]
26 June 2007

ArtLinks

com_artlinks

All Abandoned. Remove completely or use at your own risk. Forum Topic 2006
AutoStand <= 1.1
No further information at this time.

milwOrm Advisory
[http://www.frsirt.com/english/advisories/2007/1392 FrSIRT Advisory
] ">Forum Topic

 

26 June 2007

Bayesian Naive Filter

com_bayesiannaivefilter

<= 1.1 No Fix Available. Disable or remove until a fix is available. Forum Topic 2006

BigApe Backup

com_babackup

All A patch is available from the developer. See this post. Secunia Advisory
Forum Topic
2006

BSQ Site Stats

com_bsqsitestats

<= 2.2.1 Upgrade to latest stable version.
Forum Topic
Secunia Advisory
2006
Car Manager
<= 1.1
No further information at this time. ">Forum Topic 26 June 2007

Classifieds

com_classifieds

<= 1.3 Upgrade to latest stable version. Forum Topic 2006

Colophon

com_colophon

<= 1.2 Upgrade to latest stable version. " target="_blank Secunia Advisory
Forum Topic
2006

Community Builder

com_profiler

<= 1.0.0

Upgrade to latest stable version.

See here for a fix for register_globals = off

Jomopolis Topic

Forum Topic

Forum Topic
2006

Events

com_events

<= 1.3 Beta Upgrade to latest stable version. Forum Topic 2006
Expose Flash Gallery RC4 Download patch
Forum Topic 20 July 2007

ExtCalendar

com_extcalendar

<= 0.9.1 Upgrade to version 0.9.2. Seethis post for details. Also check the new forked project, JCal. Secunia Advisory

Forum Topic
Forum Topic

Forum Topic
2006

Facile Forms

com_facileforms

<= 1.4.6 Upgrade to latest stable version. Forum Topic 2006

Galleria

com_galleria

All Abandoned. Remove completely or use at your own risk. NVD Advisory
Forum Topic
2006

Gmaps

com_gmaps

<=1.01 Upgrade to the latest version, which can be downloaded here
Security Focus Advisory
6 August 2007

Hash Cash

com_hashcash

All Abandoned. Remove completely or use at your own risk. Secunia Advisory
2006

Hot Property

com_hotproperties (?)

<= 0.97 Upgrade to latest stable version. No references available at this time. 2006

JCE

com_jce

<= 1.0.4 Apply patch, download it here, or use latest stable version.

Secunia Advisory
Cellardoor
Secunia Advisory

2006

JoomlaPack

com_jpack

1.0.4a2 RE Upgrade to latest stable version.

">MilwOrm Advisory
">FrSIRT Advisory

2006

JoomlaBoard

com_joomlaboard

<= 1.1.1

Upgrade to latest stable version.

RG_EMULATION Fix

Secunia Advisory

Forum Topic

Forum Topic

2006

JoomlaLib

com_joomlalib

<= 1.2.1 Upgrade to latest stable version. Forum Topic 2006

JD-WordPress

com_jd-wp

<= 2.0-1.0 RC2 Patch Available.
See this post.
Forum Topic 2006

JD-Wiki

com_jd-wiki

All

Abandoned project.
Upgrade to ">nuWiki

Forum Topic

Forum Topic

6 July 2007

JIM 1.0.1. (PMS)

com_jim

1.0.1
Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number. Secunia Advisory 2006
joomSEF (ARTIO) <=2.2.1 Upgrade to latest stable version. Forum Topic 27 Oct 2007

jPack

com_jpack

< 1.0.4-b1 Upgrade to latest stable version. ">Forum Topic 26 June 2007

Link Directory

com_linkdirectory

All
Remove. Abandoned project.
No references. 2006

Letterman

mod_letterman

<= 1.2.4 Upgrade to latest stable version. [1] ">Forum Topic May 2007

LMO

com_lmo

<= 1.0b2 Upgrade to latest stable version. [2] FrSIRT Advisory
Forum Topic
2006

LoudMouth

com_loudmouth

<= 4.0j Upgrade to version 4.1 then apply Security Patch 1. Download here. Forum Topic
MamboExchange Advisory
2006

MamCom (?)

com_trade

All
Abandoned. Remove completely or use at your own risk.
*Unconfirmed* 2006

MambelFish 1.x

com_mambelfish

<= 1.x Upgrade to 1.5 (or to Joom!Fish) Download Mambelfish
Download Joom!Fish
Secunia Advisory 2006

Mambo Gallery Manager

com_mgm

All Abandoned. Remove completely or use at your own risk. Forum Topic
FrSIRT Advisory
2006

MiniBB

com_minibb

<= 1.5a Abandoned. Remove completely or use at your own risk.

Security Reason Advisory
Forum Topic
Security Reason

2006

Mos Tree

com_mtree

<= 1.5.8 Upgrade to latest stable version. [3] Forum Topic 2006

MosMedia

com_mosmedia

<= 1.0.8 Temporary Fix Available. See this thread for details. Forum Topic 2006

MoSpray

com_mospray

<= 1.8 RC1 Abandoned. Remove completely or use at your own risk. Forum Topic 2006

Multibanners

com_multibanners

* Note: Not the same as the Multibanners Module.

All
Abandoned. Remove completely or use at your own risk. Secunia Advisory

Forum Topic

2006

OpenSEF

com_sef

<= 2.0.0 RC5 Unpatched Download patch Forum Topic 2006

PC Cook Book

com_pccookbook

<= 1.3.1 No Fix Available. Disable or remove. FrSIRT Advisory

Forum Topic

2006

Per Forms

com_performs

<= v1_beta Upgrade to latest stable version. [4] [http://secunia.com/advisories/21044/ Secunia Advisory

] Forum Topic
Forum Topic

2006
Phil-A-Form < 1.2
Upgrade to latest version.
">Forum Topic



May 2007

People Book

com_peoplebook

<= 1.1.5 Upgrade to latest stable version. [5] Joomla Forge
2006

Prince Clan Chess

com_pcchess

<= 0.8 Author suggest manually patching. [6] See this site. 2006

PollXT

com_pollxt

<= 1.22.07 Upgrade to latest stable version. [7] Secunia Advisory

Forum Topic
Secunia Advisory

2006

RS Gallery2

com_rsgallery2

<= 1.11.3 Upgrade to latest stable version. [8] Forum Topic 06
RWCards < 2.4.4
Upgrade to latest stable version. ">Forum Topic 26 June 2007
Security Images

com_securityimages

<= 3.0.5 Upgrade to latest stable version. Secunia Advisory

Forum Topic

June 2007
SEF404x

com_sef

All No Fix Available. Remove completely or use at your own risk. No references.
2006
sh404SEF 1.2.4 t, u, or w Patch or update.
Forum Topic 23 Oct, 2007

Site Map

com_sitemap


All
Abandoned. Remove completely or use at your own risk.
[9]

Secunia Advisory
Forum Topic
Secunia Advisory

2006

SimpleBoard

com_simpleboard

All Upgrade to latest JoomlaBoard. JoomlaBoard is compatible with SimpleBoard. Download here.

Secunia Advisory
Secunia Advisory
Forum Topic
Secunia Advisory

2006

SMF Bridge

com_smf

<= 1.1.4

Versions other than 1.1RC2. Fix Available. [http://www.simplemachines.org/community/index.php?topic=100140.0
See this thread.]

 

Version 1.1RC2 only. Upgrade available.
See this thread.

Secunia Advisory

Simple Machines Advisory
Forum Topic
Forum Topic
Forum Topic
Forum Topic

Secunia Advisory

2006

TaskHopper

com_thopper

<= 1.1
Upgrade to latest version.

Forum Topic

2006

User Home Pages 1 and 2

com_uhp and com_uhp2

<= 1.1.1 (?) Upgrade to latest stable version. [10] Forum Topic
  Secunia Advisory 

Forum Topic

June 2007
VirtueMart <= 1.0.11 Upgrade to version 1.1.11 and apply patch. Available here. Forum Topic June 2007
WordPress
(Not a Joomla! extension, but worth noting.)
2.1.1 Upgrade to latest stable version. ">Forum Topic 26 June 2007
zOOm Media Gallery <= 2.5.1 RC4 Upgrade to latest stable version. FrSIRT Advisory
Forum Topic
2006