SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote malicious users to execute arbitrary SQL commands via the nid parameter.
virtuenetz virtue news manager