16 matches found
EUVD-2015-2175
Malware in sbrugna...
CVE-2015-2062
Multiple SQL injection vulnerabilities in the Huge-IT Slider slider-image plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popupposts or editcat action in the slidershugeitslider page to wp-admin/admin.php...
Sql injection
Multiple SQL injection vulnerabilities in the Huge-IT Slider slider-image plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popupposts or editcat action in the slidershugeitslider page to wp-admin/admin.php...
CVE-2015-2062
Multiple SQL injection vulnerabilities in the Huge-IT Slider slider-image plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popupposts or editcat action in the slidershugeitslider page to wp-admin/admin.php...
CVE-2015-2062
The CVE-2015-2062 entry documents SQL injection vulnerabilities in the Huge IT Slider WordPress Plugin (slider-image) up to version 2.7.0. The underlying flaw is insufficient input filtering of the removeslide parameter used by task=popup_posts or task=edit_cat on the sliders_huge_it_slider page,...
CVE-2016-1000121
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension...
Huge IT Slider,1.0.9,SQL Injection
Huge IT Slider,1.0.9,SQL Injection Resolution: update to 1.1.0 update notice: https://huge-it.com/joomla-extensions-security-notice/...
Multiple Vulnerabilities in the Joomla! Huge-IT Slider Extension
Joomla! is an open source content management system CMS developed by the Open Source Matters team in the United States. The system provides RSS feeds , site search , etc. Huge-IT Slider is one of the extensions to attract visitors by improving the style and features of the site . A SQL injection...
Multiple vulnerabilities in the Joomla! Huge-IT Slider extension (CNVD-2016-05829)
Joomla! is an open source content management system CMS developed by the Open Source Matters team in the United States. The system provides RSS feeds , site search , etc. Huge-IT Slider is one of the extensions to attract visitors by improving the style and features of the site . A SQL injection...
WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities
Exploit Title: WordPress: wordpress huge-it-slider 2.7.5 & Persistent JS-HTML Code injection, Arbitrary slider deletion Date: 2015-06-23 Google Dork: intitle:"index of" intext:"/wp-content/plugins/slider-image/" Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Software Link:...
WordPress Huge IT Slider Plugin 2.7.5 - Multiple Vulnerabilities
There are multiple vulnerabilities in this plugin, such as cross-site request forgery and Persistent JS/HTML Injection. These vulnerabilities allow an attacker to make a user with access privileges to a page and inject JavaScript into the database. Solution Upgrade the plugin...
WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities
WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities Exploit Title: WordPress: wordpress huge-it-slider 2.7.5 & Persistent JS-HTML Code injection, Arbitrary slider deletion Date: 2015-06-23 Google Dork: intitle:"index of" intext:"/wp-content/plugins/slider-image/" Exploit Author:...
SQL Injection in Huge IT Slider WordPress Plugin
Advisory ID: HTB23250 Product: Huge IT Slider WordPress Plugin Vendor: Huge-IT Vulnerable Versions: 2.6.8 and probably prior Tested Version: 2.6.8 Advisory Publication: February 19, 2015 without technical details Vendor Notification: February 19, 2015 Vendor Patch: March 11, 2015 Public Disclosur...
WordPress Huge IT Slider 2.6.8 SQL Injection Vulnerability
WordPress Huge IT Slider plugin version 2.6.8 suffers from multiple remote SQL injection vulnerabilities. Product: Huge IT Slider WordPress Plugin Vendor: Huge-IT Vulnerable Versions: 2.6.8 and probably prior Tested Version: 2.6.8 Advisory Publication: February 19, 2015 without technical details...
WordPress Huge IT Slider 2.6.8 SQL Injection
Advisory ID: HTB23250 Product: Huge IT Slider WordPress Plugin Vendor: Huge-IT Vulnerable Versions: 2.6.8 and probably prior Tested Version: 2.6.8 Advisory Publication: February 19, 2015 without technical details Vendor Notification: February 19, 2015 Vendor Patch: March 11, 2015 Public Disclosur...
WordPress Plugin Huge IT Slider SQL Injection Vulnerability
WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. A SQL injection vulnerability exists in the WordPress plugin Huge IT Slider. The vulnerability is caused due to the failure to filter input passed to the...