Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2007-4143

Publish Date: 28 Jul 2007

                							

                source: http://www.securityfocus.com/bid/25116/info

phpCoupon is prone to a remote payment-bypass vulnerability because the application fails to properly secure PayPal payment transactions.

Successfully exploiting this issue allows remote attackers to perform payment transactions in the application without actually paying money. This allows them to obtain services for free. 

The following URI demonstrates this issue:

http://www.example.com/path/user.php?REQ=auth&amp;billing=141&amp;status=success&amp;custom=upgrade5

The '141' and the 'upgrade5' values may vary from installation to installation.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

phpCoupon - Remote Payment Bypass

Vulmon Search

About

Products

Connect