|
A vulnerable extension is one that has been found to contain, or contribute to, a security vulnerability.
Vulnerable extensions are not necessarily poorly-coded extensions. As the Web evolves, technical requirements and commonly accepted coding practices also change. Active projects release new versions of their extensions as requirements change. For this reason, it is important to:
- Know the version numbers of all installed extensions.
- Use only the latest stable version of all extensions.
- Completely remove all files of insecure or unused extensions.
To view our Joomla demo site with a custom template installed, please click on the thumbnail to the right. The site also includes other customizations made by our development team including Simple Image Gallery, which is a great way to show off images and create photo galleries withing page content.
This is a list of 3rd party Joomla extensions (components, modules, mambots and plugins) with known vulnerabilities that will allow hackers access to your site. If you are using any of the following compnents please upgrade or remove the component as listed under fix. It is also very important to make sure you are using the latest version of Joomla, currently 1.0.13, as earlier versions have several High Level vulnerabilities. These vulnerabilities dont just effects your website it effects other clients and the entire server as a whole. The current list can be viewed in the Joomla FAQ Section
Joomla! is the perfect Content Management System for managing and developing your website with one of AUSWEB's cPanel Hosting plans.
Check and Report.
Please check with the extension publisher in case of any questions over the security of their product. Report Vulnerable extensions in the security forum clearly marked with the first word in the title being Vulnerable where the security moderators or JSST team will respond. This list is change protected, for additions or updates email vel @ joomla.org Mandville or lafrance are the main editors
- If you are seeing this page on any site other than the Offical Joomla Documentation you may be seeing an out of date version or experiencing plagiary and the links may not work properly
How to use this list
Items will be removed after a suitable period and not on resolution All known vulnerable extensions are the listed in the first column. Any in a red box are where we have not been given a fix for. Alert Advisory details in the centre column . Finally a link to the notice about any update with link or Not Known where none is known.
This list is compiled from found information and may not be an up to date accurate list We do NOT promise to test or validate these reports. We do NOT guarantee the quality or effectiveness of any updates reported to us or listed here. To sign up for the feed please follow this link
- We do not list BETA products, or extensions for J1.0.x
February 2010 and onwards Reported Vulnerable Extensions
Please check with the extension publisher in case of any questions over the security of their product. Report Vulnerable extensions either in the jforum:432 security topic clearly marked with the first word in the title being Vulnerable Report where the security moderators or JSST team will respond or via email to the VEL team. For a guide to the codes
- If you are seeing this page on any site other than the Offical Joomla Documentation you may be seeing an out of date version or experiencing plagiary and the links may not work properly
Please see all current vulnerability reports here http://docs.joomla.org/Vulnerable_Extensions_List
- Articles In This Category
- More from this CategoryTutorials > Joomla FAQIn addition to understanding the threats, and implementing general defensive strategies, it is important to know more specific details about security...Tutorials > Joomla FAQIt is very important to completely remove vulnerable extensions, simply removing the menu links to an extension, or unpublishing a module is NOT enoug...Tutorials > Joomla FAQThe most important thing anyone can do is make good decisions regarding the extensions they choose to use on a site. Once an insecure or malicious ext...Tutorials > Joomla FAQChanging the default admin user name will greatly increase security. All new Joomla installations start with a Super Administrator account called, 'ad...Tutorials > Joomla FAQThis can be a very effective way to protect your Joomla! administrator directory. Any other directory in public_html can be protected in the same way....
- Related Articles
- Related ArticlesTutorials > Joomla FAQUpgrading 1.5 from an existing 1.5x version From Joomla! Documentatio: It is risky to upgrade a live site without testing the upgrade process first....Tutorials > DotNetNuke Video TutorialsThis video tutorial will give you a basic guide on how to manage security roles in DotNetNuke...Shopping Carts > PayPal - eCommerceThis video tutorial will guide you through how to change your PayPal password and security questions....Tutorials > Joomla FAQJOOMLA Security - Core - Password Remind Functionality ( Date Published : 16/08/2008 09:51 ) Project: Joomla! SubProject: com_user Severity: Cri...Tutorials > Joomla FAQJoomla! is one of the most powerful Open Source Content Management Systems on the planet. It is used all over the world for everything from simple web...
- Latest Articles
- Latest ArticlesTutorials > Email Tutorial : FAQ for Email setupThis guide will help you configure your AUSWEB hosted email address with Outlook 2010....Tutorials > Email Tutorial : FAQ for Email setupThis guide will help you setup and configure your AUSWEB hosted email address with Windows Live Mail (Outlook 2011)....Tutorials > Partner (Affiliate) Guide1. Visit http://partner.ausweb.com.au and click “Join Now” from the top navigation bar (or click the shiny green “Sign Up Now” button....Tutorials > Website Security/Upgrade IssuesAfter installing an SSL, a commmon subsequent issue (in most modern browsers) is the the dreaded "Connection Partially Encrypted" warning. The er...Tutorials > Customer TestimonialsNow that you know about us, from us - this page is dedicated to what our customers think...
- Most Read Articles
- Most Read ArticlesTutorials > phpBB Forum HostingFinally, after a long wait, phpBB3 has been released, and its relatively easy to upgrade your existing phpBB installation. phpBB3 introduces hundreds...Tutorials > phpBB Forum HostingThis video tutorial will show you how to create a new topic in phpBB3....Tutorials > phpBB Forum HostingThis video tutorial will show you how to set up a poll when starting a new topic in phpBB3...Tutorials > phpBB Forum HostingphpBB3 is the latest update to the phpBB series, incorporating a plethora of new features, speed, stability and security improvements, and is much eas...Tutorials > phpBB Forum HostingThis video will show you how to install phpBB with Fantastico De Luxe....
| < Prev | Next > |
|---|
