Description
SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Red Security TEAM · textwebappsphp
https://www.exploit-db.com/exploits/18432
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/51725
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18432
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72826
Scores
EPSS
0.0028
EPSS Percentile
51.7%
Details
CWE
CWE-89
Status
published
Products (1)
phux/download_manager
Published
Feb 02, 2012
Tracked Since
Feb 18, 2026