Jreservation
http://jforjoomla.com/ SQLi Vulnerability 190610
recruitmentmanager
http://recruitment.focusdev.co.uk Upload Vulnerability 130610
ActiveHelper LiveHelp
XSS in LiveHelp 200510
ABC
ABC SQL Injection Vulnerability reported as updated to JED 290410
Deluxe Blog Factory
SQLi 200410 update to 1.1.2
smestorage
SMEStorage LFI Updated 29 March 10 developer fix to 1.1
QContacts
http://extensions.joomla.org/extensions/contacts-and-feedback/contact-details/4811 Version: 1.0.4 reported, current version 1.0.6 220710 Devleoper states unproven report and no POC
JPodium
http://www.jpodium.de/ SQL Injection 060710 Devs statement as to not proven
Super Messenger
axxis.gr xss 190610
Info Line (MT_ILine)
http://extensions.joomla.org/extensions/news-display/news-tickers-a-scrollers/8425 reports of shell scripts in download file 120610