J2Store by Weblogicx India, 3.1.6 and below, SQL Injections

Update: vulnerabilites fixed in version 3.1.7

Announcement: http://j2store.org/j2store-v3.html

Please contact the developer for more information