phpShop (http://www.phpshop.org/) is "a PHP-powered shopping cart application". A vulnerability in the way phpShop attempts to prevent SQL injections can be bypassed allowing remote attackers to cause the product to execute arbitrary SQL statements.

http://www.securiteam.com/unixfocus/5RP010UNFO.html