SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote malicious users to execute arbitrary SQL commands via the prodid parameter.
virtuenetz virtue shopping mall