Multiple SQL Injection Vulnerabilities in couponPHP Admin Area
CVE-2014-10034 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.