This is a list of 3rd party Joomla components with known vulnerabilities that will allow hackers access to your site. If you are using any of the following compnents please upgrade or remove the component as listed under fix. It is also very important to make sure you are using the latest version of Joomla, currently 1.0.11, as earlier versions have several High Level vulnerabilities. These vulnerabilities dont just effects your website it effects other clients and the entire server as a whole.,79477.0.html

Full Name: A6MamboCredits
Short Name: com_a6mambocredits
Version: All Versions
Fix: Abandoned. Remove completely.

Full Name: A6MamboHelpDesk

Short Name: com_a6mambohelpdesk
Version: All Versions
Fix: Abandoned. Remove completely.

Full Name: Advanced Poll

Short Name: com_advancedpoll (?)
Version: <= 2.2.0.
Fix: Abandoned. Remove completely.

Full Name: ArtLinks

Short Name: com_artlinks
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: Bayesian Naive Filter

Short Name: com_bayesiannaivefilter
Version: <= 1.1
Fix: No Fix Available. Please disable or remove this component until a fix can be made available.

Full Name: BigApe Backup

Short Name: com_babackup
Version: All Versions.
Fix: No Fix Available. Please disable or remove this component until a fix can be made available.

Full Name: BSQ Site Stats

Short Name: com_bsqsitestats
Version: <= 2.1.0
Fix: Upgrade to version 2.1.1. Download it here.

Full Name: Classifieds

Short Name: com_classifieds
Version: <= 1.3
Fix: Upgrade to version 1.4. Download it here.

Full Name: Colophon

Short Name: com_colophon
Version: <= 1.2
Fix: Upgrade to 1.3.1. Download it here.

Full Name: Community Builder (comprofiler)

Short Name: com_profiler
Version: <= 1.0.0
Fix: Upgrade to version 1.0.1. Download it here.
See here for a fix for register_globals = off

Full Name: Events

Short Name: com_events
Version: <= 1.3 Beta
Fix: Upgrade to version 1.3 Beta2. Download it here.

Full Name: ExtCalendar

Short Name: com_extcalendar
Version: <= 0.9.1
Fix: Upgrade to version 0.9.2. See this post for details.

Full Name: SEF404x

Short Name: com_sef
Version: All Versions.
Fix: No Fix Available. Remove completely.

Full Name: Galleria

Short Name: com_galleria
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: Hash Cash

Short Name: com_hashcash
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: Hot Properties

Short Name: com_hotproperties (?)
Version: <= 0.97
Fix: Upgrade to 0.98 Download it here.
References: No references available at this time.

Full Name: JD-Wiki

Short Name: com_jd-wiki
Version: <= 1.0.2
Fix: Upgrade to version 1.0.3. Download it here.

Full Name: JD-WordPress

Short Name: com_jd-wp
Version: <= 2.0-1.0 RC2
Fix: Patch Available. See this post.

Full Name: JIM 1.0.1. (PMS)

Short Name: com_jim
Version: 1.0.1. (possibly lower versions as well)
Fix: Not available Remove completely.

Full Name: JoomlaBoard

Short Name: com_joomlaboard
Version: <= 1.1.1
Fix: Upgrade to version 1.1.2. Download it here.
Fix, compatible with register globals off as set in globals.php

Full Name: JoomlaLib

Short Name: com_joomlalib
Version: <= 1.2.1
Fix: Upgrade to version 1.2.2. Download it here.

Full Name: LoudMouth

Short Name: com_loudmouth
Version: <= 4.0j
Fix: Upgrade to version 4.1 then apply Security Patch 1. Download upgrade and security patch here.

Full Name: LMO

Short Name: com_lmo
Version: <= 1.0b2
Fix: Upgrade to version 1.0b3. Download it here.

Full Name: MambelFish 1.x

Short Name: com_mambelfish
Version: <= 1.x
Fix: Upgrade to 1.5 (or to Joom!Fish) Mambelfish 1.5 Joom!Fish 1.7

Full Name: Mambo Gallery Manager

Short Name: com_mgm
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: MiniBB

Short Name: com_minibb
Version: <= 1.5a
Fix: Abandoned. Remove completely.

Full Name: MamCom (?)

Short Name: com_trade
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: MosMedia

Short Name: com_mosmedia
Version: <= 1.0.8
Fix: Temporary Fix Available. See this thread for details.

Full Name: MoSpray

Short Name: com_mospray
Version: <= 1.8 RC1
Fix: Abandoned. Remove completely.

Full Name: Mos Tree

Short Name: com_mtree
Version: <= 1.5.8
Fix: Upgrade to version 1.5.9. Download it here.

Full Name: Multibanners

Short Name: com_multibanners *Note: Not the same as the Multibanners Module.*
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: OpenSEF

Short Name: com_sef
Version: <= 2.0.0 RC5 Unpatched
Fix: Patch Available. Download it here.

Full Name: PC Cook Book

Short Name: com_pccookbook
Version: <= 1.3.1
Fix: No Fix Available. Please disable or remove this component until a fix can be made available.

Full Name: People Book

Short Name: com_peoplebook
Version: <= 1.1.5
Fix: Upgrade to version 1.1.6. Download it here.

Full Name: Prince Clan Chess

Short Name: com_pcchess
Version: <= 0.8
Fix: Abandoned. Remove completely.

Full Name: Per Forms

Short Name: com_performs
Version: <= v1_beta
Fix: Upgrade to version v2_beta. Download it here.

Full Name: PollXT

Short Name: com_pollxt
Version: <= 1.22.07
Fix: Upgrade to version 1.22.08. Download it here.

Full Name: RS Gallery2

Short Name: com_rsgallery2
Version: <= 1.11.3
Fix: Upgrade to version 1.11.4. Download it here.

Full Name: Security Images

Short Name: com_securityimages
Version: <= 3.0.5
Fix: Upgrade to version 3.0.6. Download it here.

Full Name: SimpleBoard

Short Name: com_simpleboard
Version: All Versions.
Fix: Upgrade to JoomlaBoard 1.1.2. JoomlaBoard is compatible with SimpleBoard. Download it here.

Full Name: Site Map

Short Name: com_sitemap
Version: All Versions.
Fix: Abandoned. Remove completely.

Full Name: SMF Bridge

Short Name: com_smf
Version: <= 1.1.4
Fix: For SMF version 1.1RC2 only. Upgrade available. See this thread.

Full Name: User Home Pages 1 and 2
Short Name: com_uhp and com_uhp2
Version: <= 1.1.1 (?)
Fix: Upgrade to 1.1.2. Download it here.

Facebook Comments

More Stuff

Latest Firefox Release is Faster than Ever With the introduction of the new Firefox Quantum browser in 2017 we changed the look, feel, and performance of our core product. Since then we have la...
Competing without a Marketing Budget: When All You Have is a Produ... This is a story about the power of a good landing page, PR efforts, and marketing strategy. The refreshing twist here is that instead of explaining ho...
The Ongoing Fiasco and Mysterious Afterlife of QuadrigaCX I’d say you were a little late to the cryptocurrency party if you haven’t heard about the ongoing catastrophe that’s been QuadrigaCX these past six ...
We are leaving older adults out of the digital world Jessica Fields Contributor Share on Twitter Jessica Fields is a research analyst and program manager at the UCSF Center for Vulnerable Populat...
Spread the love

Posted by News Monkey