SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a newspost do action, a different vulnerability than CVE-2006-1108.