Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to (1) include/sub.php, (2) include/confirm.php, or (3) include/unconfirm.php.

SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.

admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.

PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter.