exploit-db-mirror/exploits/php/webapps/26977.txt

source: http://www.securityfocus.com/bid/16063/info
  
Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks.
  
Dev Web Management System versions 1.5 and earlier are prone to these issues. 

http://example.com/[path]/download_now.php?target=9999999999999[SQL]