The Joomla! Community Portal ™

JoomlaConnect

JoomlaConnect - Security English

(View All Languages)

Recent Posts

Joomla GoogleSearch (CSE), 3.0.2 and below, any Joomla

  • Report this


Joomla GoogleSearch (CSE), 3.0.2 and below, any Joomla,XSS (Cross Site Scripting)

Keep reading about: Joomla GoogleSearch (CSE), 3.0.2 and below, any Joomla...
 

JCE - A Content Editor for Joomla, 2.5.0, 2.5.1, 2.5.2

  • Report this


JCE - A Content Editor for Joomla, vulnerable versions: 2.5.0, 2.5.1, 2.5.2,

Vulnerability type: other

Resolution: update to version 2.5.3

Update Notice URL
https://www.joomlacontenteditor.net/news/item/jce-253-released

Developer says that versions prior to 2.5.0 do not appear to be affected, but all users are advised to upgrade to 2.5.3

Keep reading about: JCE - A Content Editor for Joomla, 2.5.0, 2.5.1, 2.5.2...
 

Music Collection, 2.4.6 and below, SQL Injection

  • Report this


Music Collection [com_muscol], 2.4.6 and below, SQL Injection

Keep reading about: Music Collection, 2.4.6 and below, SQL Injection...
 

Music Collection, 2.4.6 and below, SQL Injection

  • Report this


Music Collection [com_muscol], 2.4.6 and below, SQL Injection

Fixed in 2.4.10

Notice: http://www.joomlathat.com/news/music-collection/music-collection-2-4-9-released-security-release-2 

Keep reading about: Music Collection, 2.4.6 and below, SQL Injection...
 

JACC,3.0.3,XSS (Cross Site Scripting)

  • Report this


JACC (Just Another Component Creator),3.0.3 - r199, XSS (Cross Site Scripting)

Note that the vulnerability affects Joomla components generated using this extension rather than the extension itself.

Keep reading about: JACC,3.0.3,XSS (Cross Site Scripting)...
 

Event Manager, 2.1.4 and below, multiple vulnerabilities

  • Report this


Event Manager, 2.1.4 and below, SQLi and Unrestricted File Upload

Keep reading about: Event Manager, 2.1.4 and below, multiple vulnerabilities...
 

Event Manager, 2.1.4 and below, multiple vulnerabilities

  • Report this


Event Manager, 2.1.4 and below, SQLi and Unrestricted File Upload

Fixed in version 2.1.4.2

Notice: http://www.joomlaeventmanager.net/project/changelog-jem-2

Keep reading about: Event Manager, 2.1.4 and below, multiple vulnerabilities...
 

Memorix component, any version (abandonware), SQL Injection

  • Report this


Memorix extension [com_memorix], abandonware, SQL Injection

Note: since this extension's website doesn't exist we can classify it as abandonware, until further notice.

Keep reading about: Memorix component, any version (abandonware), SQL Injection...
 

Informations component, any version (abandonware), SQL Injection

  • Report this


Informations component (com_informations), any version, SQL Injection

Note: since this extension's website doesn't exist we can classify it as abandonware, until further notice.

Keep reading about: Informations component, any version (abandonware), SQL Injection...
 

WFLab Joomshopping carousel module,1.1.2 beta and below,SQLi

  • Report this


Joomshopping module carousel by WFLab.ru [mod_jshopping_products_wfl], 1.1.2 beta and below, SQL Injection

 

Keep reading about: WFLab Joomshopping carousel module,1.1.2 beta and below,SQLi...
 

Languages

Categories

Recently Updated Feeds

Live VEL Direct XML Feed

Resolved VEL XML Feed

JSST News Feed XML Feed

Vulnerable Extensions List Reports XML Feed



To get your feed included in JoomlaConnect, see our page on getting connected.