← back
CVE-2014-10034

CVE-2014-10034

EPSS 2.0%
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://couponphp.com/changeloghttp://osvdb.org/show/osvdb/103895http://osvdb.org/show/osvdb/103896http://packetstormsecurity.com/files/125480https://exchange.xforce.ibmcloud.com/vulnerabilities/91550http://www.exploit-db.com/exploits/32037http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php