SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote malicious users to execute arbitrary SQL commands via the toid parameter.
source: wwwsecurityfocuscom/bid/18970/info
Koobi Pro prone to a cross-site scripting issue and an SQL-injection issue because the application fails to properly sanitize user-supplied input
A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based aut ...