SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
boutikone boutikone 1.0