CVE-2005-3769

Php Download Manager - SQL Injection

Title source: rule

Description

SQL injection vulnerability in files.php in PHP Download Manager 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by ksa_ksa82 · textwebappsphp

https://www.exploit-db.com/exploits/26544

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15517

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/22827

Scores

EPSS 0.0029

EPSS Percentile 52.5%

Details

Status published

Products (3)

php_download_manager/php_download_manager 1.1

php_download_manager/php_download_manager 1.1.2

php_download_manager/php_download_manager 1.1.3

Published Nov 23, 2005

Tracked Since Feb 18, 2026