Multiple SQL injection vulnerabilities in the admin area in couponPHP prior to 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
couponphp couponphp |