ECTouch v2 exists to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.
ectouch ectouch 2.0