2 matches found
CVE-2016-1000117
Consolidated details show CVE-2016-1000117 affects the Huge-IT Slideshow extension (Joomla!) v1.0.4. The vulnerability is described as cross-site scripting (XSS) and SQL injection (SQLi). CNVD-2016-06066 specifies the flaw resides in /views/slideshow/tmpl/default.php and is exploitable via the 'i...
CVE-2016-1000118
CVE-2016-1000118 affects HugeIT Slideshow v1.0.4 ( Joomla! extension). Connected records confirm a SQL injection vulnerability in /models/slideshow.php and NVD also lists XSS in the same product/version. Impact per sources includes possible arbitrary SQL execution and cross‑site scripting; exploi...