ASP Product catalog SQL injection vulnerability

ASP Product catalog SQL injection vulnerability. A nice little SQL injection vulnerability exists within ASP Product Catalog. The application fails to check for bad input from GET'd variables used in SQL query operations. In this case, the variable cid can be used for SQL injection queries...