Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities

Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities

No exploit is required to leverage this issue. The following proof of concept has been provided:

http://www.example.com/directory/shop.php?cat=[query]
http://www.example.com/directory/lite/shop_by_brand.php?cat_manufacturer=[query]
http://www.example.com/directory/listing.php?id=[query]