Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

List of articles in category Vulnerable Extensions
Title	Published Date
guesser,1.0.4,SQL Injection	06 March 2017
recipe manager,2.2,SQL Injection	06 March 2017
Abstract manager,2.1,SQL Injection	06 March 2017
Ajax search for K2,2.2,SQL Injection	06 March 2017
je grid folio,probably all versions,SQL Injection	20 February 2017
JE Property Finder,1.6.3,SQL Injection	17 February 2017
RSMonials,2.2 and previous,XSS (Cross Site Scripting)	11 January 2017
JMS Support Online module, 2.0.0, XSS (Cross Site Scripting)	28 December 2016
AVChat Video Chat Integration Kit, File permissions	03 December 2016
HDW Player, 3.2.1 and older	24 October 2016

Page 7 of 24