SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote malicious users to execute arbitrary SQL commands via the qType parameter in a webboard prog action.
se-ed ezpack 4.2