← volver
CVE-2014-10034

CVE-2014-10034

EPSS 2.0%
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://couponphp.com/changeloghttp://osvdb.org/show/osvdb/103895http://osvdb.org/show/osvdb/103896http://packetstormsecurity.com/files/125480https://exchange.xforce.ibmcloud.com/vulnerabilities/91550http://www.exploit-db.com/exploits/32037http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php