 Joomla Vulnerable Extensions List, list with new Joomla exploits |
  |
 Feb 24 2017, 11:18 AM
Post
#1
|
|
 Web Design Seo  Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1  |
Why my Joomla is hacked? Many of these Joomla! extensions have exploits inside, so I wil post here list with all Joomla vulnerable extensions we know. List is not Vulnerable Extensions List from vel.joomla.org, is with more new extensions - I got it from specialized exploits websites. So, the list (ordering by date - from October 2016 until now - 24.02.2017): Цитат Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation Joomla! Component DT Register - 'cat' SQL Injection Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL Injection Joomla! Component JE Classify Ads 1.2 - 'pro_id' Parameter SQL Injection Joomla! Component JE Gallery 1.3 - 'photo_id' Parameter SQL Injection Joomla! Component JE Directory 1.7 - 'ditemid' Parameter SQL Injection Joomla! Component JE QuoteForm - 'Itemid' Parameter SQL Injection Joomla! Component JE Property Finder 1.6.3 - SQL Injection Joomla! Component JE Tour 2.0 - SQL Injection Joomla! Component JE Video Rate 1.0 - SQL Injection Joomla! Component JE auction 1.6 - 'eid' Parameter SQL Injection Joomla! Component JE Auto 1.5 - 'd_itemid' Parameter SQL Injection Joomla! Component JoomBlog 1.3.1 - SQL Injection Joomla! Component JSP Store Locator 2.2 - 'id' Parameter SQL Injection Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection Joomla! Component Spider Facebook 1.6.1 - SQL Injection Joomla! Component Spider FAQ Lite 1.3.1 - SQL Injection Joomla! Component JEmbedAll 1.4 - SQL Injection Joomla! Component Joomloc-CAT 4.1.3 - 'ville' Parameter SQL Injection Joomla! Component Joomloc-Lite 1.3.2 - 'site_id' Parameter SQL Injection Joomla! Component JomWALL 4.0 - 'wuid' Parameter SQL Injection Joomla! Component OS Property 3.0.8 - SQL Injection Joomla! Component EShop 2.5.1 - 'id' Parameter SQL Injection Joomla! Component OS Services Booking 2.5.1 - SQL Injection Joomla! Component Room Management 1.0 - SQL Injection Joomla! Component MaQma Helpdesk 4.2.7 - 'id' Parameter SQL Injection Joomla! Component PayPal IPN for DOCman 3.1 - 'id' Parameter SQL Injection Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection Joomla! Component Eventix Events Calendar 1.0 - SQL Injection Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection Joomla! Component Magic Deals Web 1.2.0 - SQL Injection Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection Joomla! Component ContentMap 1.3.8 - 'contentid' Parameter SQL Injection Joomla! Component VehicleManager 3.9 - SQL Injection Joomla! Component RealEstateManager 3.9 - SQL Injection Joomla! Component BookLibrary 3.6.1 - SQL Injection Joomla! Component MediaLibrary Basic 3.5 - SQL Injection Joomla! Component Store for K2 (K2 Store) 3.8.2 - SQL Injection Joomla! Component UserExtranet 1.3.1 - SQL Injection Joomla! Component MultiTier 3.1 - SQL Injection If you use ANY of these versions, I recommend you to check for a update or to uninstall it immediately because all your Joomla site will be at risk being hacked! Where can I get more info about every exploit? Search for every title in https://www.exploit-db.com/ Please, DO not copy full list - if you copy from our forum text over 120 symbols, text will be damaged. Cheers 
Attached File(s)
-------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
 |
 
|
|
Feb 27 2017, 08:29 AM
Post
#2
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
New exploits from the last weekend (friday to monday):
Код Joomla! Component JooDatabase 3.1.0 - SQL Injection
Joomla! Component JO Facebook Gallery 4.5 - SQL Injection Joomla! Component AJAX Search for K2 2.2 - SQL Injection Joomla! Component Community Surveys 4.3 - SQL Injection Joomla! Component Community Polls 4.5.0 - SQL Injection Joomla! Component GPS Tools 4.0.1 - SQL Injection Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Feb 28 2017, 06:36 AM
Post
#3
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
New from today:
Код Joomla! Component OneVote! 1.0 - SQL Injection
Joomla! Component Gnosis 1.1.2 - 'id' Parameter SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Mar 6 2017, 07:55 AM
Post
#4
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
New from last weekend:
Код Joomla! Component Coupon 3.5 - SQL Injection
Joomla! Component JUX EventOn 1.0.1 - 'id' Parameter SQL Injection Joomla! Component Monthly Archive 3.6.4 - 'author_form' Parameter SQL Injection Joomla! Component AYS Quiz 1.0 - 'id' Parameter SQL Injection Joomla! Component Content ConstructionKit 1.1 - SQL Injection Joomla! Component AltaUserPoints 1.1 - 'userid' Parameter SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Mar 15 2017, 06:42 AM
Post
#5
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
From today:
Код Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection
Joomla! Component Advertisement Board 3.0.4 - 'id' Parameter SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Mar 16 2017, 07:13 AM
Post
#6
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
And again new exploits:
Код Joomla! Component Vik Appointments 1.5 - SQL Injection
Joomla! Component Vik Rent Items 1.3 - SQL Injection Joomla! Component Vik Rent Car 1.11 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Mar 21 2017, 06:50 AM
Post
#7
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection
Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Mar 24 2017, 07:23 AM
Post
#8
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
And one more:
Код Joomla! Component Modern Booking 1.0 - 'coupon' Parameter SQL Injection
-------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
May 9 2017, 02:39 PM
Post
#9
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection
-------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
May 22 2017, 08:27 AM
Post
#10
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! 3.7.0 - 'com_fields' SQL Injection
-------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Jun 6 2017, 07:05 AM
Post
#11
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component Payage 2.05 - 'aid' Parameter SQL Injection
-------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Aug 1 2017, 06:49 AM
Post
#12
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component CCNewsLetter 2.1.9 - 'sbid' Parameter SQL Injection
-------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Aug 3 2017, 06:18 AM
Post
#13
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection Joomla! Component PHP-Bridge 1.2.3 - SQL Injection Joomla! Component SIMGenealogy 2.1.5 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Aug 19 2017, 08:48 AM
Post
#14
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component StreetGuessr Game 1.1.8 - SQL Injection
Joomla! Component SP Movie Database 1.3 - SQL Injection Joomla! Component Calendar Planner 1.0.1 - SQL Injection Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection Joomla! Component KissGallery 1.0.0 - SQL Injection Joomla! Component Twitch Tv 1.1 - SQL Injection Joomla! Component Appointment 1.1 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Aug 22 2017, 01:06 PM
Post
#15
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component Ajax Quiz 1.8 - SQL Injection
Joomla! Component FocalPoint 1.2.3 - SQL Injection Joomla! Component Sponsor Wall 8.0 - SQL Injection Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Aug 30 2017, 01:23 PM
Post
#16
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component OSDownloads 1.7.4 - SQL Injection
Joomla! Component Photo Contest 1.0.2 - SQL Injection Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection Joomla! Component Bargain Product VM3 1.0 - 'product_id' Parameter SQL Injection Joomla! Component Price Alert 3.0.2 - 'product_id' Parameter SQL Injection Joomla! Component MasterForms 1.0.3 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Sep 1 2017, 11:46 AM
Post
#17
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component Joomanager 2.0.0 - Arbitrary File Download
Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
Sep 5 2017, 05:56 AM
Post
#18
|
|
|
Web Design Seo Group: Root Admin Posts: 3,907 Joined: 29-April 09 From: Sofia Member No.: 1 |
Код Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' Parameter SQL Injection
Joomla! Component CheckList 1.1.0 - SQL Injection -------------------- Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic | Replies | Topic Starter | Views | Last Action | |
|---|---|---|---|---|---|
 |
Pinned: Joomla Pagination Seo Plugin SEO plugin for Joomla Pagination that work in all Joomla |
56 | Web Design Seo | 37,937 | 14th April 2017 - 10:15 AM Last post by: shrutis |
 |
Pinned: Joomla Scraper Going Open Source No licenses, use scraper on unlimited number of web sites |
0 | Web Design Seo | 694 | 8th March 2017 - 07:40 AM Last post by: Web Design Seo |
|
Pinned: Joomla Ден 2016 Joomla Day 2016 |
1 | Web Design Seo | 4,258 | 31st October 2016 - 10:11 AM Last post by: Web Design Seo |
|
Joomla Post By Email To K2 Extra Fields | 1 | uglykidjoe | 4,021 | 11th February 2016 - 07:45 AM Last post by: Web Design Seo |
|
Pinned:  Joomla Scraper, Grabber For JoomlaJoomla Scraper Can Grab Any Content From Any Website |
79 | Web Design Seo | 64,013 | 12th January 2016 - 03:12 PM Last post by: Web Design Seo |
|
Pinned: Joomla Scraper Integration With K2 better integration of Joomla Scraper and K2 |
8 | Web Design Seo | 18,860 | 2nd January 2016 - 09:07 AM Last post by: b_goranov |
|
Joomla Scraper Not Working | 2 | Jan Hädicke | 2,542 | 11th November 2015 - 02:05 PM Last post by: Web Design Seo |
|
Joomla Scrapper Subscription And Licensing Model | 3 | omoj | 4,834 | 15th October 2014 - 06:06 AM Last post by: Web Design Seo |
|
Joomla Developer For Hire Hire Joomla! developers |
0 | Web Design Seo | 5,604 | 25th July 2014 - 08:00 AM Last post by: Web Design Seo |
|
Pinned: Joomla Web Development From Joomla Developer web development of joomla extensions from experienced developers |
0 | Web Design Seo | 5,718 | 14th May 2014 - 01:07 PM Last post by: Web Design Seo |
|
Lo-Fi Version | Time is now: 23rd September 2017 - 11:05 AM |
