phux Download Manager - Blind SQL Injection

EDB-ID:

18432




Platform:

PHP

Date:

2012-01-30


# 
# Title     : phux Download Manager Blind SQL Injection Vulnerability
# Author    : Red Security TEAM
# Date      : 30/01/2012
# Risk      : High
# Demo      : http://demos.phux.org/download_manager/
# Tested On : CentOS
# Contact   : Info [ 4t ] RedSecurity [ d0t ] COM
# Home      : http://RedSecurity.COM
#
# Exploit   :
# http://server/download.php?file=[BlindSQLi]
#