SQL injection vulnerability in files.php in PHP Download Manager 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php_download_manager | Php_download_manager | 1.1 (including) | 1.1 (including) |
| Php_download_manager | Php_download_manager | 1.1.2 (including) | 1.1.2 (including) |
| Php_download_manager | Php_download_manager | 1.1.3 (including) | 1.1.3 (including) |