PHCDownload Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

info
discussion
exploit
solution
references

PHCDownload Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

An attacker can exploit these issues through a browser. Attackers can exploit the cross-site scripting issue by enticing an unsuspecting user to follow a malicious URI.

The following proof-of-concept URIs are available:

/data/vulnerabilities/exploits/28922.html