Difference between revisions of "Vulnerable Extensions List (Archived)"
From Joomla! Documentation
m (Tom Hutchison moved page Vulnerable Extensions List (Archived) to Archived:Vulnerable Extensions List (Archived): Article is being kept for historical purposes) |
|||
(21 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
+ | |||
+ | For a more recent list please see [[Vulnerable_Extensions_List_oct]] | ||
+ | |||
<table border="1" cellpadding="3" cellspacing="3"> | <table border="1" cellpadding="3" cellspacing="3"> | ||
<tr style="background-color: #ff9900" valign="bottom"> | <tr style="background-color: #ff9900" valign="bottom"> | ||
Line 156: | Line 159: | ||
</td> | </td> | ||
<td> 2006</td> | <td> 2006</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td> | ||
+ | <p> | ||
+ | <b>Bible Study</b> | ||
+ | </p> | ||
+ | <p> | ||
+ | |||
+ | com_biblestudy | ||
+ | </p> | ||
+ | </td> | ||
+ | <td> <= 6.0.7b and below | ||
+ | </td> | ||
+ | <td> Fix Available. SQL Insertion attack | ||
+ | </td> | ||
+ | <td>http://joomlacode.org/gf/project/biblestudy/ | ||
+ | |||
+ | </td> | ||
+ | <td> 2008</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 263: | Line 285: | ||
[http://forum.joomla.org/index.php/topic,86525.msg441456.html#msg441456 Forum Topic]</td> | [http://forum.joomla.org/index.php/topic,86525.msg441456.html#msg441456 Forum Topic]</td> | ||
<td> 2006</td> | <td> 2006</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td> | ||
+ | <p> | ||
+ | <b>DS-Syndicate</b> | ||
+ | |||
+ | </p> | ||
+ | <p> | ||
+ | com_ds-syndicate | ||
+ | </p> | ||
+ | </td> | ||
+ | <td>All versions?</td> | ||
+ | <td> | ||
+ | <p>SQL injection vulnerability.<br /> | ||
+ | Remove completely or use at your own risk.<br />Component has been removed from JED. Abandoned? | ||
+ | </p> | ||
+ | </p> | ||
+ | </td> | ||
+ | <td> | ||
+ | [http://www.frsirt.com/english/advisories/2008/2859 http://www.frsirt.com/english/advisories/2008/2859] | ||
+ | <td>Nov. 27, 2008</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 437: | Line 480: | ||
<td> | <td> | ||
<p> | <p> | ||
− | [http://www.milw0rm.com/exploits/3753 | + | [http://www.milw0rm.com/exploits/3753 MilwOrm Advisory] <br /> |
[http://www.frsirt.com/english/advisories/2007/1429 FrSIRT Advisory] | [http://www.frsirt.com/english/advisories/2007/1429 FrSIRT Advisory] | ||
</p> | </p> | ||
Line 1,110: | Line 1,153: | ||
<td><b>VirtueMart</b></td> | <td><b>VirtueMart</b></td> | ||
− | <td> <= 1.0. | + | <td> <= 1.0.13a</td> |
− | <td>Upgrade to version 1. | + | <td>Upgrade to version >= 1.0.14. Available [http://virtuemart.net/index.php?option=com_content&task=view&id=54&Itemid=147 here]. </td> |
− | <td> [http:// | + | <td> [http://virtuemart.net/index.php?option=com_content&task=view&id=275&Itemid=127 Security Bulletin] </td> |
− | <td> | + | <td>January 2008</td> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 1,121: | Line 1,164: | ||
<td> 2.1.1</td> | <td> 2.1.1</td> | ||
<td> Upgrade to latest stable version.</td> | <td> Upgrade to latest stable version.</td> | ||
− | <td | + | <td>[http://forum.joomla.org/index.php/topic,146478.msg737784.html#msg737784 Forum Topic]</td> |
<td> 26 June 2007<br /> | <td> 26 June 2007<br /> | ||
Line 1,135: | Line 1,178: | ||
<td> 2006</td> | <td> 2006</td> | ||
</tr> | </tr> | ||
+ | <tr> | ||
+ | <td> <b>BF Survey Pro<br />BF Survey Basic<br />BF Quiz</b></td> | ||
+ | <td><=1.2.5<br /><=1.0<br /><=1.1.1</td> | ||
+ | <td>[http://www.tamlyncreative.com.au/software/index.php/downloads.html Upgrade to latest versions]</td> | ||
+ | <td>[http://forum.joomla.org/viewtopic.php?f=431&t=336055&start=0 Forum Post]<br />[http://www.tamlyncreative.com.au/software/forum/index.php?topic=357.0 Developer's Forum Post]</td> | ||
+ | <td>September, 2009</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td> <b>Photoblog (com_photoblog)</td> | ||
+ | <td>Unknown</td> | ||
+ | <td>Unknown</td> | ||
+ | <td>[http://www.securityfocus.com/bid/36809/info Security Focus Advisory]</td> | ||
+ | <td>October 26, 2009</td> | ||
+ | </tr> | ||
+ | |||
</table> | </table> | ||
− | [[Category: | + | [[Category:Archived pages]] |
Latest revision as of 13:52, 15 January 2014
This page has been archived. This page contains information for an unsupported Joomla! version or is no longer relevant. It exists only as a historical reference, it will not be improved and its content may be incomplete and/or contain broken links.
For a more recent list please see Vulnerable_Extensions_List_oct
Name | Versions | Solution | References | Updated |
---|---|---|---|---|
A6MamboCredits com_a6mambocredits |
All | Abandoned. Remove completely or use at your own risk. | Secunia Advisory Forum Topic |
2006 |
A6MamboHelpDesk com_a6mambohelpdesk |
All | Abandoned. Remove completely or use at your own risk. | 2006 | |
Advanced Poll com_advancedpoll (?) |
<= 2.2.0 |
Abandoned. Remove completely or use at your own risk. |
Forum Topic | 2006 |
Adobe Acrobat Reader (Not a Joomla! extension, but worth noting.) |
<= 7.0.8 | Upgrade to latest stable version. | Adobe Advisory | 2006 |
Akocomment | All | SQL Injection with PHP magic_quotes OFF. No upgrade path yet. Fix: Turn PHP magic_quotes ON |
Forum Topic |
June 30, 2006 |
Article | <= 1.1 |
Upgrade to latest stable version. | milwOrm Advisory Forum Topic |
26 June 2007 |
ArtLinks com_artlinks |
All | Abandoned. Remove completely or use at your own risk. | Forum Topic | 2006 |
AutoStand | <= 1.1 |
No further information at this time. |
milwOrm Advisory
|
26 June 2007 |
Bayesian Naive Filter com_bayesiannaivefilter |
<= 1.1 | No Fix Available. Disable or remove until a fix is available. | Forum Topic | 2006 |
Bible Study com_biblestudy |
<= 6.0.7b and below | Fix Available. SQL Insertion attack | http://joomlacode.org/gf/project/biblestudy/ | 2008 |
BigApe Backup com_babackup |
All | A patch is available from the developer. See this post. | Secunia Advisory Forum Topic |
2006 |
BSQ Site Stats com_bsqsitestats |
<= 2.2.1 | Upgrade to latest stable version. |
Forum Topic Secunia Advisory |
2006 |
Car Manager |
<= 1.1 |
No further information at this time. | Forum Topic | 26 June 2007 |
Classifieds com_classifieds |
<= 1.3 | Upgrade to latest stable version. | Forum Topic | 2006 |
Colophon com_colophon |
<= 1.2 | Upgrade to latest stable version. | Secunia Advisory Forum Topic |
2006 |
Community Builder com_profiler |
<= 1.0.0 |
Upgrade to latest stable version. |
Jomopolis Topic Forum Topic |
2006 |
DS-Syndicate com_ds-syndicate |
All versions? |
SQL injection vulnerability. |
Nov. 27, 2008 | |
Events com_events |
<= 1.3 Beta | Upgrade to latest stable version. | Forum Topic | 2006 |
Expose Flash Gallery | RC4 | Download patch |
Forum Topic | 20 July 2007 |
ExtCalendar com_extcalendar |
<= 0.9.1 | Upgrade to version 0.9.2. Seethis post for details. Also check the new forked project, JCal. | Secunia Advisory Forum Topic |
2006 |
Facile Forms com_facileforms |
<= 1.4.6 | Upgrade to latest stable version. | Forum Topic | 2006 |
Galleria com_galleria |
All | Abandoned. Remove completely or use at your own risk. | NVD Advisory Forum Topic |
2006 |
Gmaps com_gmaps |
<=1.01 | Upgrade to the latest version, which can be downloaded here |
Security Focus Advisory |
6 August 2007 |
Hash Cash com_hashcash |
All | Abandoned. Remove completely or use at your own risk. | Secunia Advisory |
2006 |
Hot Property com_hotproperties (?) |
<= 0.97 | Upgrade to latest stable version. | No references available at this time. | 2006 |
JCE com_jce |
<= 1.0.4 | Apply patch, download it here, or use latest stable version. | 2006 | |
JoomlaPack com_jpack |
1.0.4a2 RE | Upgrade to latest stable version. | 2006 | |
JoomlaBoard com_joomlaboard |
<= 1.1.1 |
Upgrade to latest stable version. |
Secunia Advisory |
2006 |
JoomlaLib com_joomlalib |
<= 1.2.1 | Upgrade to latest stable version. | Forum Topic | 2006 |
JD-WordPress com_jd-wp |
<= 2.0-1.0 RC2 | Patch Available. See this post. |
Forum Topic | 2006 |
JD-Wiki com_jd-wiki |
All |
Abandoned project. |
6 July 2007 | |
JIM 1.0.1. (PMS) com_jim |
1.0.1 |
Upgrade to latest stable version. The developer fixed security issues but didn't create a higher version number. | Secunia Advisory | 2006 |
joomSEF (ARTIO) | <=2.2.1 | Upgrade to latest stable version. | Forum Topic | 27 Oct 2007 |
jPack com_jpack |
< 1.0.4-b1 | Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
Link Directory com_linkdirectory |
All |
Remove. Abandoned project. |
No references. | 2006 |
Letterman mod_letterman |
<= 1.2.4 | Upgrade to latest stable version. [1] | Forum Topic | May 2007 |
LMO com_lmo |
<= 1.0b2 | Upgrade to latest stable version. [2] | FrSIRT Advisory Forum Topic |
2006 |
LoudMouth com_loudmouth |
<= 4.0j | Upgrade to version 4.1 then apply Security Patch 1. Download here. | Forum Topic MamboExchange Advisory |
2006 |
MamCom (?) com_trade |
All |
Abandoned. Remove completely or use at your own risk. |
*Unconfirmed* | 2006 |
MambelFish 1.x com_mambelfish |
<= 1.x | Upgrade to 1.5 (or to Joom!Fish) Download Mambelfish Download Joom!Fish |
Secunia Advisory | 2006 |
Mambo Gallery Manager com_mgm |
All | Abandoned. Remove completely or use at your own risk. | Forum Topic FrSIRT Advisory |
2006 |
MiniBB com_minibb |
<= 1.5a | Abandoned. Remove completely or use at your own risk. | 2006 | |
Mos Tree com_mtree |
<= 1.5.8 | Upgrade to latest stable version. [3] | Forum Topic | 2006 |
MosMedia com_mosmedia |
<= 1.0.8 | Temporary Fix Available. See this thread for details. | Forum Topic | 2006 |
MoSpray com_mospray |
<= 1.8 RC1 | Abandoned. Remove completely or use at your own risk. | Forum Topic | 2006 |
Multibanners com_multibanners * Note: Not the same as the Multibanners Module. |
All |
Abandoned. Remove completely or use at your own risk. | Secunia Advisory |
2006 |
OpenSEF com_sef |
<= 2.0.0 RC5 Unpatched | Download patch | Forum Topic | 2006 |
PC Cook Book com_pccookbook |
<= 1.3.1 | No Fix Available. Disable or remove. | FrSIRT Advisory |
2006 |
Per Forms com_performs |
<= v1_beta | Upgrade to latest stable version. [4] | Secunia Advisory Forum Topic |
2006 |
Phil-A-Form | < 1.2 |
Upgrade to latest version. |
Forum Topic
|
May 2007 |
People Book com_peoplebook |
<= 1.1.5 | Upgrade to latest stable version. [5] | Joomla Forge | 2006 |
Prince Clan Chess com_pcchess |
<= 0.8 | Author suggest manually patching. [6] | See this site. | 2006 |
PollXT com_pollxt |
<= 1.22.07 | Upgrade to latest stable version. [7] | Secunia Advisory |
2006 |
RS Gallery2 com_rsgallery2 |
<= 1.11.3 | Upgrade to latest stable version. [8] | Forum Topic | 06 |
RWCards | < 2.4.4 |
Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
Security Images com_securityimages |
<= 3.0.5 | Upgrade to latest stable version. | Secunia Advisory |
June 2007 |
SEF404x com_sef |
All | No Fix Available. Remove completely or use at your own risk. | No references. |
2006 |
sh404SEF | 1.2.4 t, u, or w | Patch or update. |
Forum Topic | 23 Oct, 2007 |
Site Map com_sitemap |
All |
Abandoned. Remove completely or use at your own risk. [9] |
2006 | |
SimpleBoard com_simpleboard |
All | Upgrade to latest JoomlaBoard. JoomlaBoard is compatible with SimpleBoard. Download here. |
Secunia Advisory |
2006 |
SMF Bridge com_smf |
<= 1.1.4 |
Versions other than 1.1RC2. Fix Available. See this thread.
Version 1.1RC2 only. Upgrade available. |
Secunia Advisory Simple Machines Advisory |
2006 |
TaskHopper com_thopper |
<= 1.1 |
Upgrade to latest version. |
2006 | |
User Home Pages 1 and 2 com_uhp and com_uhp2 |
<= 1.1.1 (?) | Upgrade to latest stable version. [10] | Forum TopicSecunia Advisory |
June 2007 |
VirtueMart | <= 1.0.13a | Upgrade to version >= 1.0.14. Available here. | Security Bulletin | January 2008 |
WordPress (Not a Joomla! extension, but worth noting.) |
2.1.1 | Upgrade to latest stable version. | Forum Topic | 26 June 2007 |
zOOm Media Gallery | <= 2.5.1 RC4 | Upgrade to latest stable version. | FrSIRT Advisory Forum Topic |
2006 |
BF Survey Pro BF Survey Basic BF Quiz |
<=1.2.5 <=1.0 <=1.1.1 |
Upgrade to latest versions | Forum Post Developer's Forum Post |
September, 2009 |
Photoblog (com_photoblog) | Unknown | Unknown | Security Focus Advisory | October 26, 2009 |