Added several recent vulnerability reports, including:
VirtueMart
ZOOM Gallery
TaskHopper
http://help.joomla.org/component/option ... temid,268/
Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Moderator: General Support Moderators
Forum rules
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Added RWCards < 2.4.4
From author:
From author:
Yesterday (27.0.3.2007) I released an updated version of RwCards (2.4.4) with a fixed "category id" parameter Remote SQL Query Injection Vulnerability
Anyone who uses an earlier version should immediately upgrade!
Ralf Weber
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Added entries for the modules Article, AutoStand (and for WordPress, a separate but often used application).
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Added Car Manager <= 1.1
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Added Akocomment. SQL injection. All versions
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Updated JD-Wiki entry with link to nuWiki. JD-Wiki is abandoned. nuWiki is the replacement project.
http://help.joomla.org/component/option ... temid,268/
http://help.joomla.org/component/option ... temid,268/
Last edited by rliskey on Fri Jul 06, 2007 5:05 pm, edited 1 time in total.
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Added Expose Flash Gallery RC4
http://forum.joomla.org/index.php/topic ... #msg909187
http://forum.joomla.org/index.php/topic ... #msg909187
-
Tonie
- Joomla! Master
- Posts: 16553
- Joined: Thu Aug 18, 2005 7:13 am
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
Gmaps 1.00 added. Fix can be downloaded here.
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
Re: Attention: Official List of Vulnerable 3rd Party Add-ons!!!
J! Reactions Vulnerability
Status: Critical
Versions: <= 1.8.x
Recovery Process:
Option 1: Immediately uninstall the current version, and check that all related files are deleted, and wait for the stable version.
Option 2: Copy the corrected code (listed in the forum discussion) into the vulnerable file.
More information:
http://forum.joomla.org/index.php/topic,202462.0.html
Status: Critical
Versions: <= 1.8.x
Recovery Process:
Option 1: Immediately uninstall the current version, and check that all related files are deleted, and wait for the stable version.
Option 2: Copy the corrected code (listed in the forum discussion) into the vulnerable file.
More information:
http://forum.joomla.org/index.php/topic,202462.0.html
-
rliskey
- Joomla! Guru
- Posts: 828
- Joined: Tue Jun 06, 2006 7:41 am
- Location: California, Germany, Norway
- Contact:
