If your website is using VirtueMart and you host with us, we will be upgrading your site with a patch:
VirtueMart "search_category" SQL Injection Vulnerability
Andrea Fabrizi has discovered a vulnerability in VirtueMart, which can be exploited by malicious people to conduct SQL injection attacks.
Input passed via the "search_category" parameter to index.php (when "option" is set to "com_virtuemart" and "page" is set to "shop.browse") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability is confirmed in version 1.1.6. Other versions may also be affected.
Further details available in Customer Area
Provided and/or discovered by
This patch will take 1 Maintenance Block to install and test.