Multiple SQL Injection Vulnerabilities in couponPHP Admin Area

Multiple SQL Injection Vulnerabilities in couponPHP Admin Area

CVE-2014-10034 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.