3 matches found
CVE-2016-1000119
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla...
CVE-2016-1000119
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla...
CVE-2016-1000119
The CVE-2016-1000119 entry concerns the Huge IT Joomla Catalog Extension 1.0.4 for Joomla. Public details describe two vulnerabilities: a SQL Injection and a Reflected Cross-Site Scripting (XSS). The SQLi occurs in the submissions model (id parameter) and the XSS in the submissions view (message_...