SQL injection vulnerability in product.php in MihanTools 1.33 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
mihantools mihantools 1.33