2 matches found
CVE-2026-16205 Pluck CMS Albums albums.admin.php htmlspecialchars_decode cross site scripting
A weakness has been identified in Pluck CMS up to 4.7.21. This vulnerability affects the function htmlspecialcharsdecode of the file data/modules/albums/albums.admin.php of the component Albums Module. Executing a manipulation of the argument Info can lead to cross site scripting. It is possible ...
Irola My-Time 3.5 - Remote SQL Injection Vulnerability
No description provided by source. Aria-Security Team http://Aria-Security.Net ----------------------------- Original Advisory @ http://aria-security.net/forum/showthread.php?p=1106 Vendor: http://www.irola.com Username/Password Fields can run SQL Queries. Therefore: We get the Tables:...