SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote malicious users to execute arbitrary SQL commands via the ecPath parameter.
openfreeway freeway 1.4.3.210