Some vulnerabilities have been discovered in VirtueMart, which can be exploited by malicious people and users to conduct SQL injection attacks.

Successful exploitation of several of the vulnerabilities requires VirtueMart administrative access.

These vulnerabilities are confirmed in version 1.1.2. Other versions may also be affected.

Solution:
Update to version 1.1.3