SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to the top-level URI.
https://www.exploit-db.com/exploits/3911
https://exchange.xforce.ibmcloud.com/vulnerabilities/34272
http://www.securityfocus.com/bid/23960