chronoforms and other chronoengine extensions
developer's site was infected with malware, but is now reviewed as "safe" according to Google transparency report.
see https://www.google.com/transparencyreport/safebrowsing/diagnostic/?hl=en#url=chronoengine.com
The VEL do not know of any recent reports of vulnerabilities in the extensions themselves....
Stored XSS and SQL Injection in SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9 (possibly below)
resolution: update to version 2.8.10
update notice: https://securitycheck.protegetuordenador.com/index.php/downloads/securitycheck-j3x
...
kunena,4.0.10,Information Disclosure
Developers update link
JoomDOC,4.0.3 ,Information Disclosure...
Using a quick start package may be the quickest way to get a fully set up , add your content site. but are you aware of the dangers.
we tested several quick starts from major providers ranging from Template developers and extension developers who include a ready to go version of Joomla.
We found that there were varying degrees of insecurities. None of these packages are plug/play/forget.
after35 minutes on friday in the musical roundabout, I Spoke to SIA after 28 minutes on hold, who despite saying they couldn't speak to me as I personally didn't do the online application, admitted that the letter they should have sent me on the 17th May wasn't actually sent.
We just released Komento 2.0.7 to address a security issue where a remote attacker may be able to launch an xss attack in prior versions of Komento.
download http://stackideas.com/dashboard
...
mod fancy tag cloud (com_offlajn_installer),1.017,Other...
Yeeditor from Yeedeen
development apparently abandoned, developer's site is infected with malware...
gmapfp,3.39f,XSS (Cross Site Scripting) Info disclosure, arbitrary fileupload...
Template monster including komentoCom_ and MOD_Komento may not be uptodate to ix previous exploits and may be supplier modified....
Easy Youtube Gallery , 1.0.2,Information Disclosure...
While travelling on the buses i notice a few slight issues with the bus stops in the area
In the university, sussex house should build out to level with road as impossible to safely get a bus in without running people over or pushing them into the bush.
Following on from the Fringe Festival in Brighton and Hove comments that have seen calls for his resignation
it has now been added to by the continaul parking abuse by his team. Previously they parked for hours on a loding bay outisde their offices. Now they are parking on a cyle path, by removing a post or two