Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
basic b2b script project basic b2b script 2.0.8