mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
805 B
805 B
CVE-2014-10034
Description
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
POC
Reference
- http://packetstormsecurity.com/files/125480
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php
Github
No PoCs found on GitHub currently.