JNews, 8.5.1 and all previous,
SQL Injection
Resolution: update to 8.7.1
Update notice url: http://www.joobi.co/blog/jnews-8-7-released.html
Note that due to discrepancy in developer's code between package and repository, some versions of previous security release 8.6.1 are still vulnerable. Therefore users should make sure they update to 8.7.1 to...
k2, , Open folder permissions
developer release statement 2.6.7...
Joomdonation extensions, Information Disclosure
Events Booking versions before 2.1.1
Resolution: update to 2.1.1
Update notice URL: http://joomdonation.com/forum/events-booking-general-discussion/50511-events-booking-version-2-1-1-released.htmlEshop versions before 1.4.4
Resolution: update to 1.4.4
Update notice URL:...
joomunited SEO Glossary , pre 2.2.4,OtherDeveloper statement in mass email to registered usersWe just fixed an SEO Glossary vulnerability, an update to version 2.2.4 is required as soon as possible.https://www.joomunited.com/changelog/seo-glossary-changelogFix informed by user...
Jetext
Presumed abandonware (no information about the developer) ...
Vnmshop extension, unknown author (probably abandonware)
All versions suspected to be vulnerable...