Vulnerable Extensions

This category lists vulnerable extensions for which no patch is known to exists. You are recommended to uninstall any listed here from your site. Patched extensions are moved to the Resolved category.

List of articles in category Vulnerable Extensions
Title	Published Date
Informations component, any version (abandonware), SQL Injection	17 August 2015
WFLab Joomshopping carousel module,1.1.2 beta and below,SQLi	09 August 2015
Araticlhess Module [mod_araticlhess] / [mod_araticlhes], all versions, fake/backdoor	02 August 2015
MyBlog by Azrul, abandonware, SQLi & AFU	24 July 2015
SimpleImageUpload by Tuts4You, 1.2 and below, Other	26 June 2015
Contus HD Video Share (aka HDVideoShare) by Apptha [com_contushdvideoshare], 3.5 and below, Directory Traversal	25 June 2015
UMI 3D Tag Cloud [mod_umi3dtagcloud], 1.3.4 and below, XSS (Cross Site Scripting)	20 June 2015
Escope PrettyPhoto [mod_escope_pp], 1.0.3, XSS (Cross Site Scripting) - abandonware!	20 June 2015
XCloner Backup and Restore [com_cloner], 3.5.2	14 June 2015
"EQ Event Calendar" [com_eqfullevent] , 1.0.0 and below	10 June 2015

Page 9 of 24