phux Download Manager - Blind SQL Injection

Author: Red Security TEAM
type: webapps
platform: php
port: 
date_added: 2012-01-30 
date_updated: 2012-05-06 
verified: 1 
codes: OSVDB-78957;CVE-2012-0980 
tags: 
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt18500/screen-shot-2012-05-06-at-71222-am.png 
application_url: http://www.exploit-db.comphux-download_manager_v0.1.zip

#
# Title     : phux Download Manager Blind SQL Injection Vulnerability
# Author    : Red Security TEAM
# Date      : 30/01/2012
# Risk      : High
# Demo      : http://demos.phux.org/download_manager/
# Tested On : CentOS
# Contact   : Info [ 4t ] RedSecurity [ d0t ] COM
# Home      : http://RedSecurity.COM
#
# Exploit   :
# http://server/download.php?file=[BlindSQLi]
#