SQL injection vulnerability in product.php in PHPBasket allows remote malicious users to execute arbitrary SQL commands via the pro_id parameter.
phpbasket phpbasket