ECTouch is an application. An open source mobile mall system to create an enterprise exclusive mobile mall. ECTouch suffers from a SQL injection vulnerability, which originates from the SQL injection vulnerability in ECTouch v2 generated through the integral_min parameter in index.php. An attacker can use this vulnerability to execute illegal SQL commands.