Public CVE-2017-17601 disclosure

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.