Next Gen Editor, 2.1.0, SQL Injection and multiple other vulnerabilities
resolution: update to version 2.2.0
update notice: http://nextgeneditor.com/index.php/en/support/forum/installation-issues/3957-new-security-release
.
-
Home
-
Vulnerable Extensions
-
Resolved Extensions
- Next Gen Editor,2.1.0,SQL Injection
Vulnerable Extensions
- JEVents, 3.6.87, SQL Injection
- osTicky2, , Other
- EasyShop, 1.4.1, XSS (Cross Site Scripting)
- LivingWord, , XSS (Cross Site Scripting)
- Plugin Creative Gallery , , SQL Injection
- Proforms Basic via sort_order parameter, , SQL Injection
- EXTPLORER, 2.1.15, XSS (Cross Site Scripting)
- LM-CUSTOM-ADMIN, , Other
- admirror gallery, , XSS (Cross Site Scripting)
- Proforms Basic Joomla Module, , Other
Resolved Extensions
- Convert Forms, 4.4.10, XSS (Cross Site Scripting)
- JS Jobs, 1.4.2, SQL Injection
- Regularlabs Sourcer, pre version 12.00, Other/RFI
- HikaShop, 5.1.1, XSS (Cross Site Scripting)
- Advanced custom fields, 2.7.7, SQL Injection
- Phoca Gallery, 5.0.0, XSS (Cross Site Scripting)
- HikaShop Starter 4.7.5 [2308101603], HikaShop Starter 4.7.5 [2308101603], XSS (Cross Site Scripting)
- LazyDbBackup, 3.9.0, Other
- Virtual Classroom, , SQL Injection
- bagallery , , Other