Welcome Guest ( Log In | Register )

 Forum Rules Extensions Support
 
Reply to this topicStart new topic
> Joomla Vulnerable Extensions List, list with new Joomla exploits
Web Design Seo
post Feb 24 2017, 11:18 AM
Post #1


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Joomla! is great CMS but with really many addons - external extensions developed from many different developers. But this abundance can hurt your Joomla website.

Why my Joomla is hacked?

Many of these Joomla! extensions have exploits inside, so I wil post here list with all Joomla vulnerable extensions we know. List is not Vulnerable Extensions List from vel.joomla.org, is with more new extensions - I got it from specialized exploits websites.

So, the list (ordering by date - from October 2016 until now - 24.02.2017):
Цитат
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
Joomla! Component DT Register - 'cat' SQL Injection
Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL Injection
Joomla! Component JE Classify Ads 1.2 - 'pro_id' Parameter SQL Injection
Joomla! Component JE Gallery 1.3 - 'photo_id' Parameter SQL Injection
Joomla! Component JE Directory 1.7 - 'ditemid' Parameter SQL Injection
Joomla! Component JE QuoteForm - 'Itemid' Parameter SQL Injection
Joomla! Component JE Property Finder 1.6.3 - SQL Injection
Joomla! Component JE Tour 2.0 - SQL Injection
Joomla! Component JE Video Rate 1.0 - SQL Injection
Joomla! Component JE auction 1.6 - 'eid' Parameter SQL Injection
Joomla! Component JE Auto 1.5 - 'd_itemid' Parameter SQL Injection
Joomla! Component JoomBlog 1.3.1 - SQL Injection
Joomla! Component JSP Store Locator 2.2 - 'id' Parameter SQL Injection
Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection
Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection
Joomla! Component Spider Facebook 1.6.1 - SQL Injection
Joomla! Component Spider FAQ Lite 1.3.1 - SQL Injection
Joomla! Component JEmbedAll 1.4 - SQL Injection
Joomla! Component Joomloc-CAT 4.1.3 - 'ville' Parameter SQL Injection
Joomla! Component Joomloc-Lite 1.3.2 - 'site_id' Parameter SQL Injection
Joomla! Component JomWALL 4.0 - 'wuid' Parameter SQL Injection
Joomla! Component OS Property 3.0.8 - SQL Injection
Joomla! Component EShop 2.5.1 - 'id' Parameter SQL Injection
Joomla! Component OS Services Booking 2.5.1 - SQL Injection
Joomla! Component Room Management 1.0 - SQL Injection
Joomla! Component MaQma Helpdesk 4.2.7 - 'id' Parameter SQL Injection
Joomla! Component PayPal IPN for DOCman 3.1 - 'id' Parameter SQL Injection
Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection
Joomla! Component Eventix Events Calendar 1.0 - SQL Injection
Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection
Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection
Joomla! Component ContentMap 1.3.8 - 'contentid' Parameter SQL Injection
Joomla! Component VehicleManager 3.9 - SQL Injection
Joomla! Component RealEstateManager 3.9 - SQL Injection
Joomla! Component BookLibrary 3.6.1 - SQL Injection
Joomla! Component MediaLibrary Basic 3.5 - SQL Injection
Joomla! Component Store for K2 (K2 Store) 3.8.2 - SQL Injection
Joomla! Component UserExtranet 1.3.1 - SQL Injection
Joomla! Component MultiTier 3.1 - SQL Injection



If you use ANY of these versions, I recommend you to check for a update or to uninstall it immediately because all your Joomla site will be at risk being hacked!

Where can I get more info about every exploit? Search for every title in https://www.exploit-db.com/

Please, DO not copy full list - if you copy from our forum text over 120 symbols, text will be damaged.

Cheers smile.gif

Attached File(s)
Attached File  joomla_exploits.png ( 157.43K ) Number of downloads: 3
 


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Feb 27 2017, 08:29 AM
Post #2


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



New exploits from the last weekend (friday to monday):

Код
Joomla! Component JooDatabase 3.1.0 - SQL Injection
Joomla! Component JO Facebook Gallery 4.5 - SQL Injection
Joomla! Component AJAX Search for K2 2.2 - SQL Injection
Joomla! Component Community Surveys 4.3 - SQL Injection
Joomla! Component Community Polls 4.5.0 - SQL Injection
Joomla! Component GPS Tools 4.0.1 - SQL Injection
Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Feb 28 2017, 06:36 AM
Post #3


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



New from today:
Код
Joomla! Component OneVote! 1.0 - SQL Injection
Joomla! Component Gnosis 1.1.2 - 'id' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 6 2017, 07:55 AM
Post #4


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



New from last weekend:
Код
Joomla! Component Coupon 3.5 - SQL Injection
Joomla! Component JUX EventOn 1.0.1 - 'id' Parameter SQL Injection
Joomla! Component Monthly Archive 3.6.4 - 'author_form' Parameter SQL Injection
Joomla! Component AYS Quiz 1.0 - 'id' Parameter SQL Injection
Joomla! Component Content ConstructionKit 1.1 - SQL Injection
Joomla! Component AltaUserPoints 1.1 - 'userid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 15 2017, 06:42 AM
Post #5


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



From today:
Код
Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection
Joomla! Component Advertisement Board 3.0.4 - 'id' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 16 2017, 07:13 AM
Post #6


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



And again new exploits:
Код
Joomla! Component Vik Appointments 1.5 - SQL Injection
Joomla! Component Vik Rent Items 1.3 - SQL Injection
Joomla! Component Vik Rent Car 1.11 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 21 2017, 06:50 AM
Post #7


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection
Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 24 2017, 07:23 AM
Post #8


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



And one more:
Код
Joomla! Component Modern Booking 1.0 - 'coupon' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post May 9 2017, 02:39 PM
Post #9


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post May 22 2017, 08:27 AM
Post #10


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! 3.7.0 - 'com_fields' SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Jun 6 2017, 07:05 AM
Post #11


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component Payage 2.05 - 'aid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 1 2017, 06:49 AM
Post #12


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component CCNewsLetter 2.1.9 - 'sbid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 3 2017, 06:18 AM
Post #13


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection
Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection
Joomla! Component PHP-Bridge 1.2.3 - SQL Injection
Joomla! Component SIMGenealogy 2.1.5 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 19 2017, 08:48 AM
Post #14


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component StreetGuessr Game 1.1.8 - SQL Injection
Joomla! Component SP Movie Database 1.3 - SQL Injection
Joomla! Component Calendar Planner 1.0.1 - SQL Injection
Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection
Joomla! Component KissGallery 1.0.0 - SQL Injection
Joomla! Component Twitch Tv 1.1 - SQL Injection
Joomla! Component Appointment 1.1 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 22 2017, 01:06 PM
Post #15


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component Ajax Quiz 1.8 - SQL Injection
Joomla! Component FocalPoint 1.2.3 - SQL Injection
Joomla! Component Sponsor Wall 8.0 - SQL Injection
Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 30 2017, 01:23 PM
Post #16


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component OSDownloads 1.7.4 - SQL Injection
Joomla! Component Photo Contest 1.0.2 - SQL Injection
Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection
Joomla! Component Bargain Product VM3 1.0 - 'product_id' Parameter SQL Injection
Joomla! Component Price Alert 3.0.2 - 'product_id' Parameter SQL Injection
Joomla! Component MasterForms 1.0.3 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Sep 1 2017, 11:46 AM
Post #17


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component Joomanager 2.0.0 - Arbitrary File Download
Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Sep 5 2017, 05:56 AM
Post #18


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' Parameter SQL Injection
Joomla! Component CheckList 1.1.0 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Oct 31 2017, 06:04 AM
Post #19


Web Design Seo
****

Group: Root Admin
Posts: 3,924
Joined: 29-April 09
From: Sofia
Member No.: 1



Код
Joomla! Component Zh YandexMap 6.1.1.0 - 'placemarklistid' SQL Injection
Joomla! Component NS Download Shop 2.2.6 - 'id' SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

Collapse

> Similar Topics

  Topic Replies Topic Starter Views Last Action
No new Pinned: Joomla Pagination Seo Plugin
SEO plugin for Joomla Pagination that work in all Joomla
56 Web Design Seo 39,609 14th April 2017 - 10:15 AM
Last post by: shrutis
No New Posts Pinned: Joomla Scraper Going Open Source
No licenses, use scraper on unlimited number of web sites
0 Web Design Seo 826 8th March 2017 - 07:40 AM
Last post by: Web Design Seo
No New Posts Pinned: Joomla Ден 2016
Joomla Day 2016
1 Web Design Seo 5,611 31st October 2016 - 10:11 AM
Last post by: Web Design Seo
No New Posts Joomla Post By Email To K2 Extra Fields
1 uglykidjoe 4,955 11th February 2016 - 07:45 AM
Last post by: Web Design Seo
No new Pinned: Topic has attachmentsJoomla Scraper, Grabber For Joomla
Joomla Scraper Can Grab Any Content From Any Website
79 Web Design Seo 64,898 12th January 2016 - 03:12 PM
Last post by: Web Design Seo
No new Pinned: Joomla Scraper Integration With K2
better integration of Joomla Scraper and K2
8 Web Design Seo 19,133 2nd January 2016 - 09:07 AM
Last post by: b_goranov
No New Posts Joomla Scraper Not Working
2 Jan Hädicke 2,686 11th November 2015 - 02:05 PM
Last post by: Web Design Seo
No New Posts Joomla Scrapper Subscription And Licensing Model
3 omoj 4,925 15th October 2014 - 06:06 AM
Last post by: Web Design Seo
No New Posts Joomla Developer For Hire
Hire Joomla! developers
0 Web Design Seo 5,742 25th July 2014 - 08:00 AM
Last post by: Web Design Seo
No New Posts Pinned: Joomla Web Development From Joomla Developer
web development of joomla extensions from experienced developers
0 Web Design Seo 5,869 14th May 2014 - 01:07 PM
Last post by: Web Design Seo


 



RSS Lo-Fi Version Time is now: 23rd November 2017 - 06:12 PM
Clicky Web Analytics