Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.
interspire email marketer