Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CMS 4.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) q or (2) p parameters.Referenceshttp://marc.info/?l=bugtraq&m=111464009913703&w=2http://www.securityfocus.com/bid/13413https://exchange.xforce.ibmcloud.com/vulnerabilities/20293http://www.securityfocus.com/bid/13412http://www.osvdb.org/15997http://secunia.com/advisories/14696
