It has been discovered that the extension "AWS SDK for PHP" (aws_sdk_php) is susceptible to Environment Variable Injection.

It has been discovered that the extension "Powermail" (powermail) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Amazon AWS S3 FAL driver (CDN)" (aus_driver_amazon_s3) is susceptible to Environment Variable Injection.

It has been discovered that the extension "Register to tt_address" (registeraddress) has a missing access check.

It has been discovered that the extension "Heise Shariff" (rx_shariff) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Caretaker" (caretaker) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "JobControl" (dmmjobcontrol) is susceptible to SQL Injection and Cross Site-Scripting.

It has been discovered that the extension "DRC News Comment" (news_comment) is susceptible to Arbitrary Code Execution and Cross Site-Scripting.

It has been discovered that the extension "Frontend User Registration" (sf_register) is vulnerable to Authentication Bypass.

It has been discovered that the extension "Download Center" (pits_downloadcenter) is susceptible to SQL Injection.