SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote malicious users to execute arbitrary SQL commands via the nID parameter.
niclor vibro-school-cms