SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote malicious users to execute arbitrary SQL commands via the store parameter.
jce-tech overstock script 1.0