RSS   Vulnerabilities for 'Phpcoupon'   RSS

2007-08-03
 
CVE-2007-4143

CWE-Other
 

 
user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.

 


Copyright 2024, cxsecurity.com

 

Back to Top