CVE-2025-4794

A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /news.php. The manipulation of the argument newstitle leads to sql injection. The attack can be launched remotely. The...

healpro.com.pk XSS vulnerability

Vulnerable URL: http://healpro.com.pk/news.php?id=1"';alertString.fromCharCode88,83,83...

Sql injection

SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

news7 <= (news.php) Remote File Inclusion Exploit

======================================================================= news7 = news.php Remote File Inclusion Exploit ======================= ======================================================================= ======================== Bug in :news.php Vlu Code :...

ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion

source: https://www.securityfocus.com/bid/13086/info ModernBill is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'news.php' script. ModernBill 4.3 and prior versions are...