aceftp,unknown version,Other

Published: Thursday, 18 August 2016

aceftp [abandonware],unknown, Download Permssion Extension not currently under development...

Read more: aceftp,unknown version,Other

Huge IT Catalog,1.0.6,SQL Injection

Published: Saturday, 13 August 2016

Huge IT Catalog,1.0.6 and previous versions ,SQL Injection and XSS vulnerability...

Read more: Huge IT Catalog,1.0.6,SQL Injection

K2,2.7.0,XSS (Cross Site Scripting)

Published: Wednesday, 03 August 2016

K2,2.7.0,XSS (Cross Site Scripting)

resolution: update to 2.7.1

update notice url: https://getk2.org/blog/2571-k2-v271-released

Note that the VEL do not agree with the developer's assessment that XSS vulnerability is low priority...

Read more: K2,2.7.0,XSS (Cross Site Scripting)

nitroslider,1.0.0

Published: Saturday, 13 August 2016

nitroslider,1.0.0 open folder permissions

update to 1.0.1

update notice: https://www.themechoice.com/joomla-extensions/nitro-layer-slider...

Read more: nitroslider,1.0.0

Payplans SQLi

Published: Tuesday, 26 July 2016

SQL Injection In PayPlans. (readybytes)developer update notice.http://www.readybytes.net/blog/item/payplans-sql-injection-blog.htmlCommunity notified report...

Read more: Payplans SQLi