iCart Pro 'section' Parameter SQL Injection Vulnerability

iCart Pro 'section' Parameter SQL Injection Vulnerability

An attacker can exploit the issue using a browser.

The following example URI is available:

http://www.example.com/forum/icart.php?do=editproduct&productid=19&section='