This patch will solve just some of the vulnerabilities in kDDL.
In this case, it is the admin panel we are securing.

---------------------------------------------------

OPEN EDIT.CLASS.PHP

FIND:
$get = mysql_query("SELECT * FROM $this->mysql_tb_que");
echo "<form name=\"f1\" action=\"admin.php?go=added\" method=\"POST\">".mysql_num_rows($get)." downloads submitted for review<br><br>\n\n";
if (mysql_num_rows($get)) {
	while ($row = mysql_fetch_array($get)) {

ADD AFTER:
	$alert = ($row[surl] != strip_tags($row[surl]) || $row[type] != strip_tags($row[type]) || $row[email] != strip_tags($row[sname]) || $row[sname] != strip_tags($row[sname]) || $row[url] != strip_tags($row[url]) || $row[title] != strip_tags($row[title])) ? '<font color="red">*Possible Exploit Attempt</font>' : '';
	$row[url] = strip_tags($row[url]);
	$row[title] = strip_tags($row[title]);
	$row[sname] = strip_tags($row[sname]);
	$row[email] = strip_tags($row[email]);
	$row[type] = strip_tags($row[type]);
	$row[surl] = strip_tags($row[surl]);

FIND:
<br>\n";

CHANGE TO:
".$alert."<br>\n";