SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/65485
http://www.securityfocus.com/bid/46445