Vulnerabilities > Huge IT > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-08 | CVE-2015-2062 | SQL Injection vulnerability in Huge-It Slider Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to wp-admin/admin.php. | 6.5 |
| 2016-10-27 | CVE-2016-1000122 | SQL Injection vulnerability in Huge-It Slider 1.0.9 XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension | 6.5 |
| 2016-10-27 | CVE-2016-1000120 | SQL Injection vulnerability in Huge-It Catalog 1.0.4 SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | 6.5 |
| 2016-10-21 | CVE-2016-1000119 | Cross-site Scripting vulnerability in Huge-It Catalog 1.0.4 SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | 6.5 |
| 2016-10-21 | CVE-2016-1000118 | Cross-site Scripting vulnerability in Huge-It Slideshow 1.0.4 XSS & SQLi in HugeIT slideshow v1.0.4 | 6.5 |
| 2016-10-21 | CVE-2016-1000117 | Cross-site Scripting vulnerability in Huge-It Slideshow 1.0.4 XSS & SQLi in HugeIT slideshow v1.0.4 | 6.5 |
| 2016-10-06 | CVE-2016-1000114 | Cross-site Scripting vulnerability in Huge-It Gallery 1.1.5 XSS in huge IT gallery v1.1.5 for Joomla | 4.3 |
| 2014-09-22 | CVE-2014-7153 | SQL Injection vulnerability in Huge-It Image Gallery 1.0.1 SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php. | 6.5 |