CVE-2018-25425

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

CVE-2018-25425

Technical details about CVE-2018-25425 are not publicly available in the provided documents. Monitor for updates.

CVE-2018-25425 Yot CMS 3.3.1 SQL Injection via aid and cid Parameters

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

CVE-2018-25425 Yot CMS 3.3.1 SQL Injection via aid and cid Parameters

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

EUVD-2018-21947

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

CVE-2018-25425

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

Yot CMS SQL注入漏洞

Yot CMS is a content management system developed by Yot Corporation. Version 3.3.1 of Yot CMS has a SQL injection vulnerability. This vulnerability stems from the use of parameters named aid and cid, which can allow unauthorized attackers to execute arbitrary SQL queries by injecting malicious...

PT-2026-45125

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

CVE-2023-50563

Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMSFunction.php...

CVE-2025-14011

CVE-2025-14011 involves JIZHICMS up to version 2.5.5. Affected is the function commentlist in /index.php/admins/Comment/addcomment.html, within the Add Display Name Field component. The issue arises from manipulation of the aid/tid parameter, enabling SQL injection. Public exploitation exists, an...

JIZHICMS SQL注入漏洞

JIZHICMS Jizhi CMS is an open source content management system CMS from China Jizhi JIZHI. A SQL injection vulnerability exists in JIZHICMS 2.5.5 and earlier versions, which stems from incorrect manipulation of the parameter aid/tid in the file /index.php/admins/Comment/addcomment.html, which may...

EUVD-2020-14971

Malware in sbrugna...

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. The Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter...

PT-2025-1328 · Itechscripts · Itechscripts School Management

Name of the Vulnerable Software and Affected Versions: Itechscripts School Management Software version 2.75 Description: A critical issue has been found in the software, affecting an unknown part of the /notice-edit.php file. The manipulation of the aid argument leads to SQL injection. It is...

Itechscripts School Management Software 注入漏洞

Itechscripts School Management Software is a campus management software. An injection vulnerability exists in Itechscripts School Management Software version 2.75, which stems from the parameter aid in the file /notice-edit.php that can lead to SQL injection...

PT-2024-38348 · Simple Machines · Simplemachines Smf

Name of the Vulnerable Software and Affected Versions: SimpleMachines SMF version 2.1.4 Description: A vulnerability has been found in the User Alert Read Status Handler component, specifically in the file /index.php?action=profile;u=2;area=showalerts;do=read. The manipulation of the aid argument...

SMF 安全漏洞

SMF Simple Machines Forum is a free, open source community forum project from Simple Machines Open Source. A security vulnerability exists in SMF version 2.1.4 that stems from manipulation of the parameter aid resulting in improper control of resource identifiers...

PT-2024-38347 · Simple Machines · Simplemachines Smf

Name of the Vulnerable Software and Affected Versions: SimpleMachines SMF version 2.1.4 Description: A critical issue was found in the Delete User Handler component, specifically in the file /index.php?action=profile;u=2;area=showalerts;do=remove. The manipulation of the aid argument leads to...

PT-2024-37502 · Unknown · Lahirudanushka School Management System

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1 Description: A critical issue has been found in the Attendance Report Page component, specifically affecting the /attendancelist.php file. The manipulation of the aid argume...

School-Management-System SQL Injection Vulnerability

School-Management-System is a school management system by the individual developer Lahiru Danushka. A SQL injection vulnerability exists in School-Management-System version 1.0.0, 1.0.1, which stems from an incorrect operation of the parameter aid that can lead to sql injection...