CVE-2014-10034

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Configurations

Configuration 1 (hide)

cpe:2.3:a:couponphp:couponphp:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-01-13 15:59

Updated : 2024-02-04 18:35


NVD link : CVE-2014-10034

Mitre link : CVE-2014-10034

CVE.ORG link : CVE-2014-10034


JSON object : View

Products Affected

couponphp

  • couponphp
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')