Ranljive razširitve

The Joomla! Vulnerable Extensions List. Please check with the extension publisher in case of any questions over the security of their product.
  1. All these extensions create a folder with permissions 0777, which is not subsequently deleted.

    • CMS2CMS: Automated Blogger to J! Migration
    • CMS2CMS: Automated HTML to J! Migration
    • CMS2CMS: Automated Drupal to J! Migration
    • CMS2CMS: Automated WordPress to J! Migration
    • CMS2CMS Automated WiX to J! Migration
    • CMS2CMS Connector


  2. En Masse by Matamko.com, all known versions, SQL Injection

  3. JB Visa by Joombooking.com, 1.0, SQL Injection

  4. Big File Uploader by Prismanet, 1.0.2, Insecure File Upload

  5. Next Gen Editor, 2.1.0, SQL Injection and multiple other vulnerabilities

  6. JEXTN Question And Answer ,3.1.0,SQL Injection

  7. JEXTN Video Gallery 3.0.5 - SQL Injection, 3.0.5 ,SQL Injection

  8. JBuildozer,1.4.1,SQL Injection

  9. HDW Player,4.0.0 and all other versions, remote code execution

    Note that this vulnerabilitiy was supposedly fixed by the developer in version 3.2.2, the fact that this issue has arisen again suggests that the developer is aware of it and has created a deliberate back door. The VEL believe that this extension should be regarded as malicious and should be permanently removed from any site using it.

  10. Google Maps by Reumer, from mapsplugin.com, version 3.5, malicious update

    Version 3.3 of this plugin is listed in the JED and appears to be clean. However once installed, the Joomla update manager prompts you to update this extension to a version 3.5 (which is not officially published). This version contains hidden backlinks and potential backdoor, with tracking information about the website running the plugin and user.

© SiJoomla. Vse pravice pridržane.

Pridobi dodatna znanja!

Izobraževanja in delavnice, pomoč in inštrukcije za Joomlo, seminarji za podjetja.


Že imate spletno stran izdelano z Joomla CMS? Potrebujete več znanja pri administraciji spletnega mesta?

Ponujamo individualna izobraževanja za Joomlo.