Vulnerable Extensions List Team dealing with all 3rd party developer components, modules, plugins and templates. 

Joomler Position Role Date Started
C Mandville Team Leader Nov 2014
phil-degruy.jpg Phil DeGruy Assistant Team Leader Assistant Lead Nov 2014
f5e9_bernard-toplak.jpg Bernard Toplak Croatia Member Helpdesk Coordinator Apr 2015
df4f_fiona-coulter.jpg Fiona Coulter United Kingdom Member Developer Coordinator Apr 2015
Joomler Position Role Date Started Date Ended
a860_sander-2016-500px.jpg Sander Potjer Netherlands CLT Liaison Nov 2014 Dec 2015

Assistant Lead

Developer Coordinator

Exploit Researcher

Locates latest exploits via news feeds and website links

Apply for this role

Extension Tester

Tests Updates against POC

Apply for this role

Helpdesk Coordinator

January 2017

By C Mandville on 2017-01-13 20:31 in Vulnerable Extensions List Team

Here are the points covered by the VEL team in their recent meeting.Discussion on responsible disclosure and time between fixing, release and notification of patch.  Discusion on recent and active VEL items.Discussion on vulnerable abandon ware listings.Discussion on SOP manual. Discussion on...

Read more: January 2017

Transition Changes and policy

By C Mandville on 2016-11-19 00:20 in Vulnerable Extensions List Team

The VEL team in their recent meeting discussed the transition documents and process.  "Mandville" was elected by voting member majority to be the new lead and new roles defined for the current members. New roles for contributors were created.  The API team will be archived and effort...

Read more: Transition Changes and policy

October 2016

By C Mandville on 2016-10-23 20:01 in Vulnerable Extensions List Team

Discussion on unreportable items. Discussion on reporting issues with hosting.  Issues with missing reports and contacts from volunteers portal.  Response to recruitment drive  

Read more: October 2016

August meeting notes

By C Mandville on 2015-08-13 00:00 in Vulnerable Extensions List Team

August Meeting discussion points. Adding ssl certificate to vel site, showing our reporters that we take security seriously DNS SPF and DKIM records for uplifting security and reliability of our emails VEL internal extension development Update on JIRA integration VEL API - data format...

Read more: August meeting notes

VEL roundtable discussion march 15

By C Mandville on 2015-04-01 00:00 in Vulnerable Extensions List Team

In a 2 hour round table discussion, the VEL team discussed the following. 1. meetup at JAB/JWC - For most of the team, our attendance at the JWC/JAB is impractical due to working schedules. Other meetings can be arranged as timings permit.2.  Due to the nature of the workflow, it was decided...

Read more: VEL roundtable discussion march 15

RSS Feed

The core team is by invite only, we will advertise any positions available. You can submit Vulnerable Extension List reports by visiting

Please login to contact this Team