Vulnerable Extensions List (Archived)
From Joomla! Documentation
This page has been archived. This page contains information for an unsupported Joomla! version or is no longer relevant. It exists only as a historical reference, it will not be improved and its content may be incomplete and/or contain broken links.
For a more recent list please see Vulnerable_Extensions_List_oct
Name | Versions | Solution | References | Updated |
---|---|---|---|---|
A6MamboCredits com_a6mambocredits |
All | Abandoned. Remove completely or use at your own risk. | Secunia Advisory Forum Topic |
2006 |
A6MamboHelpDesk com_a6mambohelpdesk |
All | Abandoned. Remove completely or use at your own risk. | 2006 | |
Advanced Poll com_advancedpoll (?) |
<= 2.2.0 |
Abandoned. Remove completely or use at your own risk. |
Forum Topic | 2006 |
Adobe Acrobat Reader (Not a Joomla! extension, but worth noting.) |
<= 7.0.8 | Upgrade to latest stable version. | Adobe Advisory | 2006 |
Akocomment | All | SQL Injection with PHP magic_quotes OFF. No upgrade path yet. Fix: Turn PHP magic_quotes ON |
Forum Topic |
June 30, 2006 |
Article | <= 1.1 |
Upgrade to latest stable version. | milwOrm Advisory Forum Topic |
26 June 2007 |
ArtLinks com_artlinks |
All | Abandoned. Remove completely or use at your own risk. | Forum Topic | 2006 |
AutoStand | <= 1.1 |
No further information at this time. |
milwOrm Advisory
|
26 June 2007 |
Bayesian Naive Filter com_bayesiannaivefilter |
<= 1.1 | No Fix Available. Disable or remove until a fix is available. | Forum Topic | 2006 |
Bible Study com_biblestudy |
<= 6.0.7b and below | Fix Available. SQL Insertion attack | http://joomlacode.org/gf/project/biblestudy/ | 2008 |
BigApe Backup com_babackup |
All | A patch is available from the developer. See this post. | Secunia Advisory Forum Topic |
2006 |
BSQ Site Stats com_bsqsitestats |
<= 2.2.1 | Upgrade to latest stable version. |
Forum Topic Secunia Advisory |
2006 |
Car Manager |
<= 1.1 |
No further information at this time. | Forum Topic | 26 June 2007 |
Classifieds com_classifieds |
<= 1.3 | Upgrade to latest stable version. | Forum Topic | 2006 |
Colophon com_colophon |
<= 1.2 | Upgrade to latest stable version. | Secunia Advisory Forum Topic |
2006 |
Community Builder com_profiler |
<= 1.0.0 |
Upgrade to latest stable version. |
Jomopolis Topic Forum Topic |
2006 |
DS-Syndicate com_ds-syndicate |
All versions? |
SQL injection vulnerability. |
Nov. 27, 2008 | |
Events com_events |
<= 1.3 Beta | Upgrade to latest stable version. | Forum Topic | 2006 |
Expose Flash Gallery | RC4 | Download patch |
Forum Topic | 20 July 2007 |
ExtCalendar com_extcalendar |
<= 0.9.1 | Upgrade to version 0.9.2. Seethis post for details. Also check the new forked project, JCal. | Secunia Advisory Forum Topic |
2006 |
Facile Forms com_facileforms |
<= 1.4.6 | Upgrade to latest stable version. | Forum Topic | 2006 |
Galleria com_galleria |
All | Abandoned. Remove completely or use at your own risk. | NVD Advisory Forum Topic |
2006 |
Gmaps com_gmaps |
<=1.01 | Upgrade to the latest version, which can be downloaded here |
Security Focus Advisory |
6 August 2007 |
Hash Cash com_hashcash |
All | Abandoned. Remove completely or use at your own risk. | Secunia Advisory |
2006 |
Hot Property com_hotproperties (?) |
<= 0.97 | Upgrade to latest stable version. | No references available at this time. | 2006 |
JCE com_jce |
<= 1.0.4 | Apply patch, download it here, or use latest stable version. | 2006 | |
JoomlaPack com_jpack |
1.0.4a2 RE | Upgrade to latest stable version. | 2006 | |
JoomlaBoard com_joomlaboard |
<= 1.1.1 |
Upgrade to latest stable version. |
Secunia Advisory |
2006 |
JoomlaLib com_joomlalib |
<= 1.2.1 | Upgrade to latest stable version. | Forum Topic | 2006 |
JD-WordPress com_jd-wp |
<= 2.0-1.0 RC2 | Patch Available. See this post. |
Forum Topic | 2006 |
JD-Wiki com_jd-wiki |
All |
Abandoned project. |
6 July 2007 | |
JIM 1.0.1. (PMS) com_jim |
1.0.1 |
Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number. | Secunia Advisory | 2006 |
joomSEF (ARTIO) | <=2.2.1 | Upgrade to latest stable version. | Forum Topic | 27 Oct 2007 |
jPack com_jpack |
< 1.0.4-b1 | Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
Link Directory com_linkdirectory |
All |
Remove. Abandoned project. |
No references. | 2006 |
Letterman mod_letterman |
<= 1.2.4 | Upgrade to latest stable version. [1] | Forum Topic | May 2007 |
LMO com_lmo |
<= 1.0b2 | Upgrade to latest stable version. [2] | FrSIRT Advisory Forum Topic |
2006 |
LoudMouth com_loudmouth |
<= 4.0j | Upgrade to version 4.1 then apply Security Patch 1. Download here. | Forum Topic MamboExchange Advisory |
2006 |
MamCom (?) com_trade |
All |
Abandoned. Remove completely or use at your own risk. |
*Unconfirmed* | 2006 |
MambelFish 1.x com_mambelfish |
<= 1.x | Upgrade to 1.5 (or to Joom!Fish) Download Mambelfish Download Joom!Fish |
Secunia Advisory | 2006 |
Mambo Gallery Manager com_mgm |
All | Abandoned. Remove completely or use at your own risk. | Forum Topic FrSIRT Advisory |
2006 |
MiniBB com_minibb |
<= 1.5a | Abandoned. Remove completely or use at your own risk. | 2006 | |
Mos Tree com_mtree |
<= 1.5.8 | Upgrade to latest stable version. [3] | Forum Topic | 2006 |
MosMedia com_mosmedia |
<= 1.0.8 | Temporary Fix Available. See this thread for details. | Forum Topic | 2006 |
MoSpray com_mospray |
<= 1.8 RC1 | Abandoned. Remove completely or use at your own risk. | Forum Topic | 2006 |
Multibanners com_multibanners * Note: Not the same as the Multibanners Module. |
All |
Abandoned. Remove completely or use at your own risk. | Secunia Advisory |
2006 |
OpenSEF com_sef |
<= 2.0.0 RC5 Unpatched | Download patch | Forum Topic | 2006 |
PC Cook Book com_pccookbook |
<= 1.3.1 | No Fix Available. Disable or remove. | FrSIRT Advisory |
2006 |
Per Forms com_performs |
<= v1_beta | Upgrade to latest stable version. [4] | Secunia Advisory Forum Topic |
2006 |
Phil-A-Form | < 1.2 |
Upgrade to latest version. |
Forum Topic
|
May 2007 |
People Book com_peoplebook |
<= 1.1.5 | Upgrade to latest stable version. [5] | Joomla Forge | 2006 |
Prince Clan Chess com_pcchess |
<= 0.8 | Author suggest manually patching. [6] | See this site. | 2006 |
PollXT com_pollxt |
<= 1.22.07 | Upgrade to latest stable version. [7] | Secunia Advisory |
2006 |
RS Gallery2 com_rsgallery2 |
<= 1.11.3 | Upgrade to latest stable version. [8] | Forum Topic | 06 |
RWCards | < 2.4.4 |
Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
Security Images com_securityimages |
<= 3.0.5 | Upgrade to latest stable version. | Secunia Advisory |
June 2007 |
SEF404x com_sef |
All | No Fix Available. Remove completely or use at your own risk. | No references. |
2006 |
sh404SEF | 1.2.4 t, u, or w | Patch or update. |
Forum Topic | 23 Oct, 2007 |
Site Map com_sitemap |
All |
Abandoned. Remove completely or use at your own risk. [9] |
2006 | |
SimpleBoard com_simpleboard |
All | Upgrade to latest JoomlaBoard. JoomlaBoard is compatible with SimpleBoard. Download here. |
Secunia Advisory |
2006 |
SMF Bridge com_smf |
<= 1.1.4 |
Versions other than 1.1RC2. Fix Available. See this thread.
Version 1.1RC2 only. Upgrade available. |
Secunia Advisory Simple Machines Advisory |
2006 |
TaskHopper com_thopper |
<= 1.1 |
Upgrade to latest version. |
2006 | |
User Home Pages 1 and 2 com_uhp and com_uhp2 |
<= 1.1.1 (?) | Upgrade to latest stable version. [10] | Forum TopicSecunia Advisory |
June 2007 |
VirtueMart | <= 1.0.13a | Upgrade to version >= 1.0.14. Available here. | Security Bulletin | January 2008 |
WordPress (Not a Joomla! extension, but worth noting.) |
2.1.1 | Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
zOOm Media Gallery | <= 2.5.1 RC4 | Upgrade to latest stable version. | FrSIRT Advisory Forum Topic |
2006 |
BF Survey Pro BF Survey Basic BF Quiz |
<=1.2.5 <=1.0 <=1.1.1 |
Upgrade to latest versions | Forum Post Developer's Forum Post |
September, 2009 |
Photoblog (com_photoblog) | Unknown | Unknown | Security Focus Advisory | October 26, 2009 |