← voltar
CVE-2014-10034

CVE-2014-10034

EPSS 2.0%
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://couponphp.com/changeloghttp://osvdb.org/show/osvdb/103895http://osvdb.org/show/osvdb/103896http://packetstormsecurity.com/files/125480https://exchange.xforce.ibmcloud.com/vulnerabilities/91550http://www.exploit-db.com/exploits/32037http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php