CVE-2026-7002 KLiK SocialMediaWebsite Private Message get_message_ajax.php sql injection

A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/getmessageajax.php of the component Private Message Handler. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the...

KLiK SocialMediaWebsite 注入漏洞

KLiK SocialMediaWebsite is a simple social media website developed by Muhammad Saad using PHP. Versions of KLiK SocialMediaWebsite 1.0.1 and earlier had a vulnerability related to injection attacks. This vulnerability stemmed from the cid parameter operations in the Private Message Handler...

EUVD-2025-35714

Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...

CVE-2025-60859

Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...

EUVD-2008-1758

Malware in sbrugna...

CVE-2020-35597

Victor CMS 1.0 is vulnerable to SQL injection via cid parameter of admineditcomment.php, pid parameter of admineditpost.php, uid parameter of adminedituser.php, and edit parameter of adminupdatecategories.php...

shop7z注入漏洞#5

简要描述： shop7z注入漏洞5 详细说明： 前台sql注入： http://www.shop7z.com/demo/showfoot.asp?cid=%2527 注入参数：cid 支持Union查询的大洞一枚 漏洞证明： http://www.shop7z.com/demo/showfoot.asp?cid=%2527 支持Union查询的大洞一枚...

Sql injection

SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the CID parameter to index.php...