Virtue marts been blacklisted by joomla JED - http://extensions.joomla.org/extensions/e-commerce/shopping-cart/129
Whats going on - whats the fix, are our websites in danger?
please dont just move this to developers where we cant see it - i have several clients with Virtue mart 2 installed on it and i need and urgent answer.
The JED team unpublishes extensions for which somebody has submitted a vulnerability report immediately, even if it is a very low risk vulnerabilty. Unfortunately they recently didn't notify the developers when they unpublish an extension (maybe a technical problem at the JED, not sending notification emails). The fix is to update to VirtueMart 2.0.4. See the announcement in the News:
http://virtuemart.net/news/list-all-news/417-happy-easter-new-virtuemart-204-released-security-update-sqli (http://virtuemart.net/news/list-all-news/417-happy-easter-new-virtuemart-204-released-security-update-sqli)
...getting VM2 back into JED will take a few days due to organisational reasons.