CVE-2007-4143

CVE-2007-4143 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.

Learn more about our Web Application Penetration Testing UK.