vendor site:http://www.pilotcart.com/ product:Pilot Cart V.7.2 bug:injection sql risk:high injection sql(post) : in the search engine: http://site.com/pilot.asp?pg=search&mode=results variables : srch='[sql]&searchBy=Products laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: saps.audit@xxxxxxxxx