SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/61993
http://www.exploit-db.com/exploits/15090
http://securityreason.com/securityalert/8462
http://packetstormsecurity.org/1009-exploits/wanewsletter-sql.txt