Huge It
Products
11- 7 CVEs
- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
22| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1000125 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla | ||
| CVE-2016-1000124 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 | ||
| CVE-2016-1000123 | Cri | 0.67 | 9.8 | 0.04 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla | ||
| CVE-2016-1000113 | Cri | 0.64 | 9.8 | 0.03 | Oct 6, 2016 | XSS and SQLi in huge IT gallery v1.1.5 for Joomla | ||
| CVE-2026-22345 | Hig | 0.57 | 8.8 | 0.00 | Feb 20, 2026 | Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery:… | ||
| CVE-2025-49486 | Hig | 0.56 | — | 0.00 | Jul 18, 2025 | A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items. | ||
| CVE-2016-1000122 | Hig | 0.47 | 7.2 | 0.02 | Oct 27, 2016 | XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension | ||
| CVE-2016-1000120 | Hig | 0.47 | 7.2 | 0.02 | Oct 27, 2016 | SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | ||
| CVE-2016-1000119 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | ||
| CVE-2016-1000118 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | XSS & SQLi in HugeIT slideshow v1.0.4 | ||
| CVE-2016-1000117 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | XSS & SQLi in HugeIT slideshow v1.0.4 | ||
| CVE-2016-1000116 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS | ||
| CVE-2016-1000115 | Hig | 0.47 | 7.2 | 0.03 | Oct 21, 2016 | Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS | ||
| CVE-2016-1000114 | Med | 0.40 | 6.1 | 0.01 | Oct 6, 2016 | XSS in huge IT gallery v1.1.5 for Joomla | ||
| CVE-2025-26778 | Med | 0.38 | 5.9 | 0.00 | Feb 17, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through <= 2.2.1. | ||
| CVE-2016-1000121 | Med | 0.31 | 4.8 | 0.01 | Oct 27, 2016 | XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension | ||
| CVE-2014-7153 | 0.03 | — | 0.02 | Sep 22, 2014 | SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php. | |||
| CVE-2025-20969 | 0.00 | — | 0.00 | May 7, 2025 | Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery. | |||
| CVE-2025-20968 | 0.00 | — | 0.00 | May 7, 2025 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery. | |||
| CVE-2025-20967 | 0.00 | — | 0.00 | May 7, 2025 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery. |
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
- risk 0.67cvss 9.8epss 0.04
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
- risk 0.64cvss 9.8epss 0.03
XSS and SQLi in huge IT gallery v1.1.5 for Joomla
- risk 0.57cvss 8.8epss 0.00
Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery:…
- risk 0.56cvss —epss 0.00
A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.
- risk 0.47cvss 7.2epss 0.02
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
- risk 0.47cvss 7.2epss 0.02
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
- risk 0.47cvss 7.2epss 0.02
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
- risk 0.47cvss 7.2epss 0.02
XSS & SQLi in HugeIT slideshow v1.0.4
- risk 0.47cvss 7.2epss 0.02
XSS & SQLi in HugeIT slideshow v1.0.4
- risk 0.47cvss 7.2epss 0.02
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
- risk 0.47cvss 7.2epss 0.03
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
- risk 0.40cvss 6.1epss 0.01
XSS in huge IT gallery v1.1.5 for Joomla
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through <= 2.2.1.
- risk 0.31cvss 4.8epss 0.01
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
- CVE-2014-7153Sep 22, 2014risk 0.03cvss —epss 0.02
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.
- CVE-2025-20969May 7, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.
- CVE-2025-20968May 7, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.
- CVE-2025-20967May 7, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.