List of vulnerable extensions for Joomla

Posted by admin on Aug 2, 2006 in Reviews | Comments Off

The list of third-party extensions for Mambo / Joomla, which are subject to vulnerabilities due to insufficient input data processing in the parameters.

IMPORTANT: all vulnerabilities occur only when register_globals = On. Consequently, the easiest way to avoid them – turn off this directive. Or visit the sites of the authors of components to download patches and updated versions.

  • BSQ siteStats 2.1.0
  • com_bayesiannaivefilter <= 1.1
  • com_hashcash 1.2.1
  • com_securityimages 3.x
  • com_videodb <= 0.3
  • ExtCalendar <= 0.9.1
  • HTMLArea3 addon – ImageManager 1.5
  • Joomla Colophon 1.2
  • Joomla LMO Component <= 1.0b2
  • Joomla-SMF Forum Bridge <= 1.1.3.x
  • LoudMouth 4.x
  • MiniBB Forum Mambo Component <= 1.5a
  • mospray <= 1.8 RC1
  • OpenSEF 2.0.0. RC5
  • perForms 1.x
  • pc_cookbook <= v0.3
  • PollXT <= 1.22.07
  • SimpleBoard <= 1.1.0
  • Sitemap 2.0.0 for Mambo 4.5.1 CMS
  • UHP (User Home Pages) 0.x

Comments are closed.