SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/62961
http://packetstormsecurity.org/1011-exploits/mysourcematrix-sql.txt