3 matches found
CVE-2016-1000122
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension...
CVE-2016-1000122
The CVE-2016-1000122 entry describes XSS and SQL injection in the Huge IT Joomla Slider v1.0.9 extension. Connected sources corroborate affected functionality in the admin area: XSS via id parameter in ./admin/views/slider/tmpl/default.php and SQL injection in ./admin/models/slider.php. The root ...
Huge IT Joomla Slider 1.0.9 XSS / SQL Injection
Title: Reflected XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension Author: Larry W. Cashdollar, @larry0 Date: 2016-07-22 Download Site: http://extensions.joomla.org/extensions/extension/photos-a-images/slider Vendor: huge-it.com Vendor Notified: 2016-07-22 Vendor Contact: Description: Huge-I...