SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote malicious users to execute arbitrary SQL commands via the pmodule parameter.
alstrasoft epay 2.0