NeoRecruit
neojoomla.com SQL Injection neorecruit vers 4.1 060 710 dev statement of fixes in 1.4.1 and...
ArtForms
http://joomlacode.org/gf/project/jartforms/ ArtForms RC2 Multiple Remote Vulnerabilities 2.1b7.2 090710 Old beta extension
PaymentsPlus
http://paymentsplus.com.au/ 2.1.5 Blind SQL Injection Vulnerability 090710 current version 2.20, 2.1.5 not listed on dev...
Music Manager
LFI http://danieljamesscott.org/software/4-joomla-extensions/4-music-manager.html
IXXO Cart
http://www.php-shop-system.com/ SQLIO XSS LFI Vulnerability
Minify4Joomla
http://waltercedric.com/ LFI and xss 090710 No longer available to download
quickfaq
http://www.schlu.net SQLI 090710
EasyBlog
http://stackideas.com/products/easyblog.html xss (new report) july 10.2010 Reported developer fix available on site
staticxt
http://extensions.joomla.org/extensions/edition/custom-code-in-content/2184 Provided no version number
Health & Fitness Stats
http://joomla-extensions.instantiate.co.uk/jcomponents/healthstats Persistent XSS Vulnerability july 10.2010