Welcome Guest ( Log In | Register )

 Forum Rules Extensions Support
 
 Reply to this topicStart new topic
> Joomla Vulnerable Extensions List, list with new Joomla exploits
Web Design Seo
post Feb 24 2017, 11:18 AM
Post #1


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Joomla! is great CMS but with really many addons - external extensions developed from many different developers. But this abundance can hurt your Joomla website.

Why my Joomla is hacked?

Many of these Joomla! extensions have exploits inside, so I wil post here list with all Joomla vulnerable extensions we know. List is not Vulnerable Extensions List from vel.joomla.org, is with more new extensions - I got it from specialized exploits websites.

So, the list (ordering by date - from October 2016 until now - 24.02.2017):
Цитат
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
Joomla! Component DT Register - 'cat' SQL Injection
Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL Injection
Joomla! Component JE Classify Ads 1.2 - 'pro_id' Parameter SQL Injection
Joomla! Component JE Gallery 1.3 - 'photo_id' Parameter SQL Injection
Joomla! Component JE Directory 1.7 - 'ditemid' Parameter SQL Injection
Joomla! Component JE QuoteForm - 'Itemid' Parameter SQL Injection
Joomla! Component JE Property Finder 1.6.3 - SQL Injection
Joomla! Component JE Tour 2.0 - SQL Injection
Joomla! Component JE Video Rate 1.0 - SQL Injection
Joomla! Component JE auction 1.6 - 'eid' Parameter SQL Injection
Joomla! Component JE Auto 1.5 - 'd_itemid' Parameter SQL Injection
Joomla! Component JoomBlog 1.3.1 - SQL Injection
Joomla! Component JSP Store Locator 2.2 - 'id' Parameter SQL Injection
Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection
Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection
Joomla! Component Spider Facebook 1.6.1 - SQL Injection
Joomla! Component Spider FAQ Lite 1.3.1 - SQL Injection
Joomla! Component JEmbedAll 1.4 - SQL Injection
Joomla! Component Joomloc-CAT 4.1.3 - 'ville' Parameter SQL Injection
Joomla! Component Joomloc-Lite 1.3.2 - 'site_id' Parameter SQL Injection
Joomla! Component JomWALL 4.0 - 'wuid' Parameter SQL Injection
Joomla! Component OS Property 3.0.8 - SQL Injection
Joomla! Component EShop 2.5.1 - 'id' Parameter SQL Injection
Joomla! Component OS Services Booking 2.5.1 - SQL Injection
Joomla! Component Room Management 1.0 - SQL Injection
Joomla! Component MaQma Helpdesk 4.2.7 - 'id' Parameter SQL Injection
Joomla! Component PayPal IPN for DOCman 3.1 - 'id' Parameter SQL Injection
Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection
Joomla! Component Eventix Events Calendar 1.0 - SQL Injection
Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection
Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection
Joomla! Component ContentMap 1.3.8 - 'contentid' Parameter SQL Injection
Joomla! Component VehicleManager 3.9 - SQL Injection
Joomla! Component RealEstateManager 3.9 - SQL Injection
Joomla! Component BookLibrary 3.6.1 - SQL Injection
Joomla! Component MediaLibrary Basic 3.5 - SQL Injection
Joomla! Component Store for K2 (K2 Store) 3.8.2 - SQL Injection
Joomla! Component UserExtranet 1.3.1 - SQL Injection
Joomla! Component MultiTier 3.1 - SQL Injection



If you use ANY of these versions, I recommend you to check for a update or to uninstall it immediately because all your Joomla site will be at risk being hacked!

Where can I get more info about every exploit? Search for every title in https://www.exploit-db.com/

Please, DO not copy full list - if you copy from our forum text over 120 symbols, text will be damaged.

Cheers smile.gif

Attached File(s)
Attached File  joomla_exploits.png ( 157.43K ) Number of downloads: 3
 


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Feb 27 2017, 08:29 AM
Post #2


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
New exploits from the last weekend (friday to monday):

Код
Joomla! Component JooDatabase 3.1.0 - SQL Injection
Joomla! Component JO Facebook Gallery 4.5 - SQL Injection
Joomla! Component AJAX Search for K2 2.2 - SQL Injection
Joomla! Component Community Surveys 4.3 - SQL Injection
Joomla! Component Community Polls 4.5.0 - SQL Injection
Joomla! Component GPS Tools 4.0.1 - SQL Injection
Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Feb 28 2017, 06:36 AM
Post #3


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
New from today:
Код
Joomla! Component OneVote! 1.0 - SQL Injection
Joomla! Component Gnosis 1.1.2 - 'id' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 6 2017, 07:55 AM
Post #4


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
New from last weekend:
Код
Joomla! Component Coupon 3.5 - SQL Injection
Joomla! Component JUX EventOn 1.0.1 - 'id' Parameter SQL Injection
Joomla! Component Monthly Archive 3.6.4 - 'author_form' Parameter SQL Injection
Joomla! Component AYS Quiz 1.0 - 'id' Parameter SQL Injection
Joomla! Component Content ConstructionKit 1.1 - SQL Injection
Joomla! Component AltaUserPoints 1.1 - 'userid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 15 2017, 06:42 AM
Post #5


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
From today:
Код
Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection
Joomla! Component Advertisement Board 3.0.4 - 'id' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 16 2017, 07:13 AM
Post #6


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
And again new exploits:
Код
Joomla! Component Vik Appointments 1.5 - SQL Injection
Joomla! Component Vik Rent Items 1.3 - SQL Injection
Joomla! Component Vik Rent Car 1.11 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 21 2017, 06:50 AM
Post #7


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Код
Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection
Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Mar 24 2017, 07:23 AM
Post #8


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
And one more:
Код
Joomla! Component Modern Booking 1.0 - 'coupon' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post May 9 2017, 02:39 PM
Post #9


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Код
Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post May 22 2017, 08:27 AM
Post #10


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Код
Joomla! 3.7.0 - 'com_fields' SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Jun 6 2017, 07:05 AM
Post #11


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Код
Joomla! Component Payage 2.05 - 'aid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 1 2017, 06:49 AM
Post #12


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Код
Joomla! Component CCNewsLetter 2.1.9 - 'sbid' Parameter SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Aug 3 2017, 06:18 AM
Post #13


Web Design Seo
****

Group: Root Admin
Posts: 3,896
Joined: 29-April 09
From: Sofia
Member No.: 1
Код
Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection
Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection
Joomla! Component PHP-Bridge 1.2.3 - SQL Injection
Joomla! Component SIMGenealogy 2.1.5 - SQL Injection


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
« Next Oldest · Joomla Extensions · Next Newest »
 

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

Collapse

> Similar Topics

  Topic Replies Topic Starter Views Last Action
No new Pinned: Joomla Pagination Seo Plugin
SEO plugin for Joomla Pagination that work in all Joomla
 56 Web Design Seo 36,932 14th April 2017 - 10:15 AM
Last post by: shrutis
No New Posts Pinned: Joomla Scraper Going Open Source
No licenses, use scraper on unlimited number of web sites
 0 Web Design Seo 636 8th March 2017 - 07:40 AM
Last post by: Web Design Seo
No New Posts Pinned: Joomla Ден 2016
Joomla Day 2016
 1 Web Design Seo 3,492 31st October 2016 - 10:11 AM
Last post by: Web Design Seo
No New Posts Joomla Post By Email To K2 Extra Fields
 1 uglykidjoe 3,450 11th February 2016 - 07:45 AM
Last post by: Web Design Seo
No new Pinned: Topic has attachmentsJoomla Scraper, Grabber For Joomla
Joomla Scraper Can Grab Any Content From Any Website
 79 Web Design Seo 63,443 12th January 2016 - 03:12 PM
Last post by: Web Design Seo
No new Pinned: Joomla Scraper Integration With K2
better integration of Joomla Scraper and K2
 8 Web Design Seo 18,621 2nd January 2016 - 09:07 AM
Last post by: b_goranov
No New Posts Joomla Scraper Not Working
 2 Jan Hädicke 2,464 11th November 2015 - 02:05 PM
Last post by: Web Design Seo
No New Posts Joomla Scrapper Subscription And Licensing Model
 3 omoj 4,746 15th October 2014 - 06:06 AM
Last post by: Web Design Seo
No New Posts Joomla Developer For Hire
Hire Joomla! developers
 0 Web Design Seo 5,531 25th July 2014 - 08:00 AM
Last post by: Web Design Seo
No New Posts Pinned: Joomla Web Development From Joomla Developer
web development of joomla extensions from experienced developers
 0 Web Design Seo 5,657 14th May 2014 - 01:07 PM
Last post by: Web Design Seo


 

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

RSS Lo-Fi Version Time is now: 18th August 2017 - 10:48 AM
Clicky Web Analytics