Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

List of articles in category Vulnerable Extensions
Title	Published Date
YooRecipe, All, SQL Injection	30 March 2021
publisher, 3.0.19, XSS (Cross Site Scripting)	07 November 2020
paGO Commerce, 2.5.9.0, SQL Injection	27 October 2020
Social Chat, 1.5 and Below, SQL Injection Iacopo Guarneri	20 September 2020
hwdplayer,4.2,SQL Injection	09 April 2020
Rapicode, Multiple Extensions, Back Door	30 March 2018
Google Map Landkarten,4.2.3,SQL Injection	15 March 2018
Fastball, SQL Injection	08 March 2018
File Download Tracker,3.0,SQL Injection	07 March 2018
SquadManagement,1.0.3,SQL Injection	07 March 2018
JMS Music,1.1.1,SQL Injection	05 March 2018
JS Autoz ,1.0.9,SQL Injection	03 March 2018
Realpin,1.5.04,SQL Injection	01 March 2018
Joomla! Pinterest Clone Social Pinboard,2.0,SQL Injection	28 February 2018
Saxum Picker, 3.2.10, SQL Injection	26 February 2018
Saxum Numerology, 3.0.4, SQL Injection	26 February 2018
Saxum Astro, 4.0.14, SQL Injection	26 February 2018
En Masse, all versions, SQL Injection	15 January 2018
JB Visa,1.0,SQL Injection	06 January 2018
Big File Uploader by Prismanet,1.0.2, Insecure File Upload	06 January 2018
JEXTN Question And Answer ,3.1.0,SQL Injection	20 December 2017
JEXTN Video Gallery 3.0.5 - SQL Injection, 3.0.5 ,SQL Injection	20 December 2017
JBuildozer,1.4.1,SQL Injection	20 December 2017
HDW Player,4.0.0, RCE	24 October 2017
Google Maps by Reumer, 3.5, Malicious update	20 October 2017

Page 1 of 9