Public CVE-2008-5492 disclosure

SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter.