Reported several issues including:

• admin pages available for public (possibility to add incidents)
• several sql injection vulnerabilities at product pages

No response yet from webmaster.