Student Result Management System /notice-details.php File SQL Injection Vulnerability

Student Result Management System is a student result management system. Student Result Management System suffers from a SQL injection vulnerability that stems from an error in the parameter nid in the file /notice-details.php that lacks validation of externally entered SQL statements. An attacker...

CVE-2025-7534

A vulnerability was found in PHPGurukul Student Result Management System 2.0. It has been classified as critical. Affected is an unknown function of the file /notice-details.php of the component GET Parameter Handler. The manipulation of the argument nid leads to sql injection. It is possible to...

CVE-2021-39500

Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories...

CVE-2024-5064

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has...

PHPGurukul Online Course Registration System SQL注入漏洞

Online Course Registration System is an online course registration system by the individual developer ANUJ KUMAR. A SQL injection vulnerability exists in PHPGurukul Online Course Registration System version 3.1, which stems from the parameter nid in the file news-details.php that can lead to SQL...

Eyoucms 路径遍历漏洞

EyouCms is a free and open source enterprise content management system based on the TP5.0 framework that focuses on the needs of enterprise website users. The vulnerability stems from a lack of input data validation for the tpldir, filename, type, and nid parameters. An attacker could use this...

PHP CityPortal SQL Injection Vulnerability

PHP CityPortal is a corporate website building system developed by PhpCityPortal team in India. A SQL injection vulnerability exists in PHP CityPortal version 2.0. A remote attacker can exploit this vulnerability to inject SQL commands with the help of 'nid' or 'cat' parameter...

Sql injection

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

CVE-2017-15970

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

CVE-2017-15970

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

S-CMS newsview.asp page has a SQL injection vulnerability in the n_id parameter.

S-CMS is a corporate website building system developed by Zibo Shining Network Technology Co. A SQL injection vulnerability exists in the S-CMS newsview.asp page. The lack of filtering of the 'nid' parameter allows an attacker to exploit the vulnerability to obtain sensitive database information...

Tugux CMS (nid) BLIND SQL Injection Vulnerability

No description provided by source. =================================================================== Tugux CMS nid BLIND sql injection vulnerability =================================================================== Software: Tugux CMS Vendor: www.tugux.com Vuln Type: BLind SQL Injection...

CVE-2012-2923

SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter...

CVE-2009-2019

SQL injection vulnerability in newsdetail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter...

Sql injection

SQL injection vulnerability in newsdetail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in newsdetail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid parameter...

Sql injection

SQL injection vulnerability in viewnews.php in nicLOR Vibro-School-CMS allows remote attackers to execute arbitrary SQL commands via the nID parameter...

Sql injection

Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via 1 the nid parameter to index.php in a View action to the News module; 2 the vid parameter to index.php in a Result action to the Voting module; 3 the fid parameter t...

CVE-2008-2394

CVE-2008-2394 affects TAGWORX.CMS 3.00.02. The vulnerability is described as multiple SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via the following parameters: (1) cid in contact.php and (2) nid in news.php. This is documented across multiple sources (NVD, CV...

CVE-2006-6778

CVE-2006-6778 is an XSS vulnerability in TimberWolf 1.2.2, exposed via shownews.php and the nid parameter. The affected component is the shownews.php endpoint of TimberWolf 1.2.2, allowing remote attackers to inject arbitrary web script or HTML. The CVSS data from NVD indicates AV:N/AC:M/Au:N/C:P...