SQL injection vulnerability in products.php in Virtue Shopping Mall allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
virtuenetz virtue shopping mall